Relevant bibliographies by topics / Improving Defence and Security / Dissertations / Theses

Dissertations / Theses on the topic 'Improving Defence and Security'

To see the other types of publications on this topic, follow the link: Improving Defence and Security.
Author: Grafiati
Published: 10 December 2022
Last updated: 29 January 2023

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 dissertations / theses for your research on the topic 'Improving Defence and Security.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.

1

Opasinov, Aleksandar, and Sina Eftekhari. "Improving the Cyber defence of an organisation based on IP Geolocation and security appliances." Thesis, Högskolan Väst, Avdelningen för Matematik, Data- och Lantmäteriteknik, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:hv:diva-16149.

Full text
Abstract:
As advancement and usage of data communication has increased exponentially on a global scale, with a devastating exposure to attacks and varying security threats to home offices as well as to large enterprises, there is always a need for enhanced network protection. The IT department of the company OneDefence, located in western Sweden, was chosen for the thesis and based on the stated information from the organisation, aims were set on how to improve their network defence capabilities. The aim of this thesis is to list ten countries posing the most serious IT threats, and to limit the attack surface of OneDefence’s IT network as much as possible while still providing the necessary services to users abroad. After researching the countries, a prototype was set up to mimic OneDefence’s topology of interest and test attacks were conducted as detailed in the Methodology chapter. The results of the investigations showed the countries posing most serious cyber threats included China, Russia and North Korea among others which were statistically calculated based on the total number of recognised cyberwarfare attacks. The results obtained from the different DoS attacks in the prototype showed that an IPS should be at the heart of an organisation's network defence for combating these intrusions, as well as potentially other types. With the help of a prototype built based on the organisation's topology, several attacks were somewhat successfully mitigated with the equipment used on hand, with only a low percentage of packets allowed to pass through the security unit. Lastly, to explore further enhancements of defence capabilities of OneDefence, a comparison between different products and devices were performed. This resulted in products from the Fortinet brand such as FortiGate NGFW and UTM capabilities as they are offering several advantages compared to competitors.
Då stora framsteg och användning av datakommunikation har ökat exponentiellt på en global skala, med en förödande exponering av attacker och säkerhetshot mot hemanvändare såväl som stora företag, finns detalltid ett behov av förbättrad nätverksskydd. IT-avdelningen hos företaget OneDefence, valdes för att utföra examensprojektet och baserade sig på organisationens angivna information för att förbättra deras nätverksförsvar. Syftet med denna rapport är att sammanställa en lista på tio länder som utgör de allvarligaste IT-hoten i världen, samt begränsa attackytan för organisationens nätverk så mycket som möjligt medan man behåller alla nödvändiga tjänster till användare utomlands. Efter att ha undersökt länderna, anordnades en prototyp för att efterlikna delar av OneDefences topologi av intresse och testattacker utfördes enligt metodologikapitlet. Resultaten av utredningarna visade att från de länder som utfört de allra allvarliga cyberhoten inkluderade bland annat Kina, Ryssland och Nordkorea, som har beräknats statistiskt baserat på antalet igenkända cyberwarfare attacker. Resultaten från de olika DoS-attackerna visade att en IPS bör vara kärnan i en organisations nätverksförsvar för att kunna bekämpa dessa intrång, samt potentiellt andra typer. Med hjälp av den prototyp som byggdes baserad på organisationens topologi, blockerades flera attacker rätt framgångsrikt, med en låg procentandel av paketen som gick genom säkerhetsenheten. Slutligen utforskades ytterligare förbättringar av försvarsförmågan hos organisationen genom att jämföra olika produkter och enheter. Detta resulterade i produkter från Fortinet-varumärket såsom FortiGate NGFW med UTM förmåga, då de erbjuder flera fördelar jämfört med konkurrenter.
APA, Harvard, Vancouver, ISO, and other styles
2

Wu, Xuan. "Improving Electric Grid Security: Defense Planning and Security Constrained ACOPF via Robust Optimization." The Ohio State University, 2018. http://rave.ohiolink.edu/etdc/view?acc_num=osu1543563463428344.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Caudle, Sharon L. "Homeland security and capabilities-based planning : improving national preparedness." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2005. http://library.nps.navy.mil/uhtbin/hyperion/05Sep%5FCaudle.pdf.

Full text
Abstract:
Thesis (M.A. in Security Studies (Homeland Security and Defense))--Naval Postgraduate School, September 2005.
Thesis Advisor(s): C.J. LaCivita, Kathryn E. Newcomer. Includes bibliographical references (p. 87-94). Also available online.
APA, Harvard, Vancouver, ISO, and other styles
4

Morrell, Christopher Frank. "Improving the Security, Privacy, and Anonymity of a Client-Server Network through the Application of a Moving Target Defense." Diss., Virginia Tech, 2016. http://hdl.handle.net/10919/79791.

Full text
Abstract:
The amount of data that is shared on the Internet is growing at an alarming rate. Current estimates state that approximately 2.5 exabytes of data were generated every day in 2012. This rate is only growing as people continue to increase their on-line presence. As the amount of data grows, so too do the number of people who are attempting to gain access to the data. Attackers try many methods to gain access to information, including a number of attacks that occur at the network layer. A network-based moving target defense is a technique that obfuscates the location of a machine on the Internet by arbitrarily changing its IP address periodically. MT6D is one of these techniques that leverages the size of the IPv6 address space to make it statistically impossible for an attacker to find a specific target machine. MT6D was designed with a number of limitations that include manually generated static configurations and support for only peer to peer networks. This work presents extensions to MT6D that provide dynamically generated configurations, a secure and dynamic means of exchanging configurations, and with these new features, an ability to function as a server supporting a large number of clients. This work makes three primary contributions to the field of network-based moving target defense systems. First, it provides a means to exchange arbitrary information in a way that provides network anonymity, authentication, and security. Second, it demonstrates a technique that gives MT6D the capability to exchange configuration information by only sharing public keys. Finally, it introduces a session establishment protocol that clients can use to establish concurrent connections with an MT6D server.
Ph. D.
APA, Harvard, Vancouver, ISO, and other styles
5

Navas, Renzo Efraín. "Improving the resilience of the constrained Internet of Things : a moving target defense approach." Thesis, Ecole nationale supérieure Mines-Télécom Atlantique Bretagne Pays de la Loire, 2020. http://www.theses.fr/2020IMTA0217.

Full text
Abstract:
Les systèmes de l’Internet des Objets (IoT) sont de plus en plus déployés dans le monde réel, mais leur sécurité est en retard par rapport à l’état de l’art des systèmes non IoT. La Défense par Cible Mouvante (MTD) est un paradigme de cyberdéfense qui propose de randomiser les composants des systèmes, dans l’intention de faire échec aux cyberattaquants qui s’appuyaient auparavant sur la nature statique des systèmes. Les attaquants sont désormais limités par le temps. Le MTD a été mis en œuvre avec succès dans les systèmes conventionnels, mais son utilisation pour améliorer la sécurité des IoT fait encore défaut dans la littérature. Au cours de cette thèse, nous avons validé le MTD comme paradigme de cybersécurité adapté aux systèmes IoT. Nous avons identifié et synthétisé les techniques MTD existantes pour l’IoT en utilisant une méthode d’examen systématique de la littérature, et nous avons défini et utilisé quatre nouvelles mesures liées à l’entropie pour mesurer les propriétés qualitatives des techniques MTD. Ensuite, nous avons proposé un framework générique de MTD distribué qui permet l’instanciation de stratégies MTD concrètes adaptées aux contraintes de l’IoT. Enfin, nous avons avons conçu un protocole de synchronisation du temps authentifié, et instancié trois techniques MTD particulières : deux dans les couches supérieures du réseau (portant sur le saut de port et sur des interfaces RESTful d’applications) -et validé l’une d’entre elles dans du matériel réel-, et la troisième dans la couche physique pour obtenir des systèmes IoT résistants aux brouillages par des nœuds internes en utilisant des techniques d’étalement du spectre par séquence directe avec des séquences pseudo aléatoires cryptographiquement fortes
Internet of Things (IoT) systems are increasingly being deployed in the real world, but their security lags behind the state of the art of non-IoT systems. Moving Target Defense (MTD) is a cyberdefense paradigm that proposes to randomize components of systems, with the intention of thwarting cyberattacks that previously relied in the static nature of systems. Attackers are now constrained by time. MTD has been successfully implemented in conventional systems, but its use to improve IoT security is still lacking in the literature. Over the course of this thesis, we validated MTD as a cybersecurity paradigm suitable for IoT systems. We identified and synthesized existing MTD techniques for IoT using a systematic literature review method,and defined and used four novel entropy related metrics to measure MTD techniques qualitative properties. Secondly, we proposed a generic distributed MTD framework that allows the instantiation of concrete MTD strategies suitable for the constraints of the IoT. Finally, we designed an secure time synchronization protocol, and instantiated three particular MTD techniques: two at the upper network layers (e.g. port-hopping, and application RESTful interfaces) -and validated one of them in real hardware-, and the third one at the physical layer to achieve IoT systems resilient to insider attacks/jamming by using Direct Sequence Spread-Spectrum techniques with cryptographically-strong pseudo-random sequences
APA, Harvard, Vancouver, ISO, and other styles
6

Pohrebniak. "IMPROVING COMPUTER SECURITY." Thesis, Київ 2018, 2018. http://er.nau.edu.ua/handle/NAU/33885.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Young, Christopher J. "The European security and defence identity debate." Thesis, National Library of Canada = Bibliothèque nationale du Canada, 2001. http://www.collectionscanada.ca/obj/s4/f2/dsk3/ftp04/MQ56151.pdf.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Frey, Stefanie. "Swiss defence and security policy 1945-73." Thesis, King's College London (University of London), 2002. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.268809.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Bellavista, Daniele. "Ict security: Defence strategies against targeted attacks." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2014. http://amslaurea.unibo.it/6960/.

Full text
Abstract:
L’avanzare delle tecnologie ICT e l’abbattimento dei costi di produzione hanno portato ad un aumento notevole della criminalità informatica. Tuttavia il cambiamento non è stato solamente quantitativo, infatti si può assistere ad un paradigm-shift degli attacchi informatici da completamente opportunistici, ovvero senza un target specifico, ad attacchi mirati aventi come obiettivo una particolare persona, impresa o nazione. Lo scopo della mia tesi è quello di analizzare modelli e tassonomie sia di attacco che di difesa, per poi valutare una effettiva strategia di difesa contro gli attacchi mirati. Il lavoro è stato svolto in un contesto aziendale come parte di un tirocinio. Come incipit, ho effettuato un attacco mirato contro l’azienda in questione per valutare la validità dei sistemi di difesa. L’attacco ha avuto successo, dimostrando l’inefficacia di moderni sistemi di difesa. Analizzando i motivi del fallimento nel rilevare l’attacco, sono giunto a formulare una strategia di difesa contro attacchi mirati sotto forma di servizio piuttosto che di prodotto. La mia proposta è un framework concettuale, chiamato WASTE (Warning Automatic System for Targeted Events) il cui scopo è fornire warnings ad un team di analisti a partire da eventi non sospetti, ed un business process che ho nominato HAZARD (Hacking Approach for Zealot Attack Response and Detection), che modella il servizio completo di difesa contro i targeted attack. Infine ho applicato il processo all’interno dell’azienda per mitigare minacce ed attacchi informatici.
APA, Harvard, Vancouver, ISO, and other styles
10

Wing, Ian Politics Australian Defence Force Academy UNSW. "Australian Defence in transition: responding to new security challenges." Awarded by:University of New South Wales - Australian Defence Force Academy. School of Politics, 2002. http://handle.unsw.edu.au/1959.4/38662.

Full text
Abstract:
The conceptual understanding of security and the practicalities of national defence are interdependent. In many countries both are undergoing significant change. This work provides an international context but focuses on Australian defence, arguing that a transition is underway from old security thinking to new, and that this is evidenced by changes in policies and practical activities. The aim of this work is to demonstrate the interdependence between the current reconceptualisation of security and the practicalities of national defence. Old security thinking concerns military power relationships between states, in contrast with new security thinking, which uses a broader conceptual framework. These are described, providing benchmarks for the subsequent analysis. While it is acknowledged that change has occurred in security thinking throughout history, those developments observed since the end of the Cold War and the rise of globalisation signify a fundamental shift. To explore this shift, recent developments in the defence policies and military activities of four relevant nations are examined, providing an international context for the consideration of the primary case study of Australian defence. This case study draws on historical descriptions and empirical data to analyse developments in four spheres - Australian defence policy, current Australian Defence Force activities, recent military developments and contemporary Australian public debate. The weight of evidence supports the thesis of a transition in both security thinking, described as transitional security thinking, and ADF activities. Tensions are observed between the requirements of defending a nation against attack, and contributing to the expanding requirements of the broadened security agenda. Despite these tensions, the expansion in both security thinking and the associated activities of armed forces, is likely to continue. This expansion has important implications for Australia???s defence capabilities which are increasingly required to meet the demands of refocused national security. These demands contribute to the pressing challenges of convergence and overstretch. A strategy of integration is recommended to address these challenges and it follows the principles of whole-of-government security and sustainable partnerships. The application of these principles will require the ADF to emphasise capabilities with versatility and adaptability.
APA, Harvard, Vancouver, ISO, and other styles
11

Ghorbanian, Sara, and Glenn Fryklund. "Improving DLP system security." Thesis, Blekinge Tekniska Högskola, Institutionen för datalogi och datorsystemteknik, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-5453.

Full text
Abstract:
Context. Data leakage prevention (DLP), a system designed to prevent leakage and loss of secret sensitive data and at the same time not affect employees workflow. The aim is to have a system covering every possible leakage point that exist. Even if these are covered, there are ways of hiding information such as obfuscating a zip archive within an image file, detecting this hidden information and preventing it from leaking is a difficult task. Companies pay a great deal for these solutions and yet, as we uncover, the information is not safe. Objectives. In this thesis we evaluate four different existing types of DLP systems out on the market today, disclosing their weaknesses and found ways of improving their security. Methods. The four DLP systems tested in this study cover agentless, agent based, hybrids and regular expression DLP tools. The test cases simulate potential leakage points via every day used file transfer applications and media such as USB, Skype, email, etc. Results. We present a hypothetical solution in order to amend these weaknesses and to improve the efficiency of DLP systems today. In addition to these evaluations and experiments, a complementing proof of concept solution has been developed that can be integrated with other DLP solutions. Conclusions. We conclude that the exisiting DLP systems are still in need of improvement, none of the tested DLP solutions fully covered the possible leakage points that could exist in the corporate world. There is a need for continued evaluation of DLP systems, aspects and leakage points not covered in this thesis as well as a follow up on our suggested solution.
APA, Harvard, Vancouver, ISO, and other styles
12

Müller-Wille, Björn Wilhelm. "Thinking security in europe? is there a European security and defence identity? /." [S.l. : s.n.], 2003. http://deposit.ddb.de/cgi-bin/dokserv?idn=970705735.

Full text
APA, Harvard, Vancouver, ISO, and other styles
13

Keogh, Darrin M. "European security and defence policy reform : a theoretical challenge." Thesis, London Metropolitan University, 2008. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.507077.

Full text
APA, Harvard, Vancouver, ISO, and other styles
14

Hussain, S. Y. "Application of quantum magnetometers to security and defence screening." Thesis, University College London (University of London), 2018. http://discovery.ucl.ac.uk/10047132/.

Full text
Abstract:
Over recent years the sensitivity of alkali-metal vapour magnetometers has been demonstrated to surpass that of even Superconducting Quantum Interference Devices (SQUIDs), the current commercial gold standard in laboratory weak- field magnetometry sensing. Here we present a proof-of-principle approach to building an RF atomic magnetometer which is robust, portable, tunable, non-invasive and operable at room temperature in an unshielded environment. In view of these characteristics, we discuss the potential application of alkali-metal magnetometry in imaging concealed objects, non-destructive evaluation of the structural integrity of metallic objects (e.g. pipelines and aircraft), and detection of rotating motors. We present a cost-effective approach to operating an atomic magnetometer in a Magnetic Induction Tomography (MIT) modality, to non-invasively map the conductivity of conductive objects concealed by conductive materials remotely and in real time. This is achieved by measuring the secondary eld in the subject due to eddy currents circulating as a result of application of a tunable radio-frequency oscillating eld, which overcomes the bandwidth and sensitivity limitations of using coils for sensing as in conventional MIT. In addition, we demonstrate the use of the atomic magnetometer for the remote detection of DC and AC electric motors with an improved response compared with a commercial fluxgate magnetometer in the sub 50 Hz regime (particularly detection down to 15 Hz). Its capability for non-invasive measurement through concrete walls is established, with potential for use in industrial monitoring and detection of illicit activity. Finally, the possibility of detection of submerged targets or for the atomic magnetometer to be mounted on submarine vehicles was explored. Promising results were obtained, but further investigation is required in this environment to establish this as a viable marine detector.
APA, Harvard, Vancouver, ISO, and other styles
15

Muniz, Manuel. "Explaining security and defence integration : the case of Europe." Thesis, University of Oxford, 2016. https://ora.ox.ac.uk/objects/uuid:ae151580-c6d1-43ae-857d-9a3c2ab1b597.

Full text
Abstract:
What is driving the European Union (EU) to integrate in matters of security and defence? Why has the EU since the 1990s, and in fits and starts, built up defence institutions, published strategic documents, or launched security missions around the world? This dissertation suggests an answer to these questions that hinges on there being a security community in Europe within which states do not feel threatened by one another. Understanding the level of trust EU states have in one other as well as its bearing on the way they engage in negotiations about the management of their security is of fundamental importance when attempting to make sense of the emergence of the EU as a security actor. States within Europe's security community and during the period covered by this thesis (1990-2016) suffered numerous external security shocks. These ranged from shifts in the geopolitical landscape surrounding them, to terrorist attacks to immigration crises. Shocks of this nature exposed the externalities of non-cooperation to policymaking elites in EU Member States, ultimately pushing them to seek the elevation of crisis management to the EU level. The outcome of the intergovernmental negotiations that followed each external shock depended on the degree of strategic interest overlap across EU states. This thesis makes evident that as EU integration in other fields progressed a form of spillover occurred where strategic interests converged and a common security and defence policy became an ever more attractive proposition. The narrative suggested in the following pages also explains why EU Member States have sometimes been forced to attend to their security and defence affairs alone. This occurred when they were faced with a crisis with little impact on the strategic interests of other members of the security community. The complicated interactions between the EU and the North Atlantic Treaty Organization (NATO), in turn, can also be seen through this theoretical lens and with the Alliance shielding Europeans from shocks or from the management of their consequences, therefore disincentivizing further EU integration in the field of security. By taking the perspective of EU member states and looking at specific shocks and the reactions they produced the following pages provide an innovative take on a much-studied but poorly-understood subject. They also seek to bring together two relevant but almost entirely disconnected sets of literatures: broader international relations theory and empirical works on European security.
APA, Harvard, Vancouver, ISO, and other styles
16

Mella, Luca. "Ict security: Testing methodology for targeted attack defence tools." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2014. http://amslaurea.unibo.it/6963/.

Full text
Abstract:
La tesi di laurea presentata si inserisce nell’ampio contesto della Sicurezza Informatica, in particolare tratta il problema del testing dei sistemi di sicurezza concepiti per contrapporsi alle odierne minacce: gli attacchi mirati (Targeted Attacks) ed in generale le minacce avanzate persistenti (Advanced Persistent Threats). Il principale obiettivo del lavoro svolto è lo sviluppo e la discussione di una metodologia di test per sistemi di sicurezza focalizzati su questo genere di problemi. Le linee guida proposte hanno lo scopo di aiutare a colmare il divario tra quello che viene testato e quello che in realt`a deve essere affrontato realmente. Le attività svolte durante la preparazione della tesi sono state sia di tipo teorico, per quanto concerne lo sviluppo di una metodologia per affrontare al meglio il testing di sistemi di sicurezza a fronte di attacchi mirati, che ne di tipo sperimentale in quanto si sono utilizzati tali concetti per lo svolgimento di test su più strumenti di difesa in uno scenario d’interesse reale.
APA, Harvard, Vancouver, ISO, and other styles
17

Ivanovski, Hristijan. "A common defence for Europe." Israel Defence, 2015. http://hdl.handle.net/1993/31255.

Full text
Abstract:
One of the major analytical shortcomings regularly made by EU and NATO experts today lies with exclusively seeing the European defence project as a post-World War II (WWII) phenomenon and the EU’s Common Security and Defence Policy (CSDP) as mainly a post-Cold War product. No analyst has so far seriously explored the idea of European defence predating WWII and the 20th century. Instead, since 1999 one frequently reads and hears about the ‘anomalous,’ ‘elusive’ CSDP suddenly complicating transatlantic relations. But the CSDP is hardly an oddity or aberration, and it is certainly not as mysterious as some might suggest. Drawing extensively from primary sources and predicated on an overarching evolutionist approach, this thesis shows that the present CSDP is an ephemeral security and defence concept, only the latest of its kind and full of potential. Drawing its deepest ideational roots from the (pre-)Enlightenment era, the CSDP leads to a pan-European defence almost irreversibly. A common defence for Europe is quite possible and, due to the growing impact of the exogenous (multipolar) momentum, can be realized sooner rather than later even without a full-fledged European federation.
May 2016
APA, Harvard, Vancouver, ISO, and other styles
18

Dyson, Philip Thomas Adrian. "The politics of German defence policy : policy leadership, Bundeswehr reform and European defence and security policy." Thesis, London School of Economics and Political Science (University of London), 2005. http://etheses.lse.ac.uk/1778/.

Full text
Abstract:
This thesis is a study of the role of policy leadership in German defence and security policy between 1990 and 2002, with particular reference to reform of the Bundeswehr. It situates this case study in the framework of a set of analytical perspectives about policy change derived from public policy theory, arguing that public policy theory has either underestimated policy leadership or failed to discriminate different leadership roles, styles and strategies. The author rejects the dominant contextualist and culturalist approach to leadership in studies of German defence and security policy in favour of an interactionist approach that stresses the dialectical interaction between policy skills and strategic context. The case study also shifts the focus in studies of policy leadership in Germany away from a preoccupation with the Chancellor to the role of ministerial and administrative leadership within the core executive. The thesis illustrates the strongly self-referential nature of Bundeswehr reform, despite adaptational pressures from Europeanisation and 'NATO-isation', and the domestic politics of base closures. It also shows how domestic macro-political arrangements predispose leadership roles in German defence and security policy towards brokerage and veto playing rather than towards entrepreneurship.
APA, Harvard, Vancouver, ISO, and other styles
19

Penttila, Risto E. J. "Finland's search for security through defence : defence policy in the stabilisation of Finland's international position 1944-1967." Thesis, University of Oxford, 1988. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.293486.

Full text
APA, Harvard, Vancouver, ISO, and other styles
20

Stamate, Gheorghe. "European Security and Defence Policy, or Back to Political Realism?" Thesis, Linköping University, Department of Management and Economics, 2004. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-2514.

Full text
Abstract:

In the course of this master thesis I will argue the following:

a) ESDP project is an interesting initiative and concern issues that stand at the core of the EU integration processes. It relates to the most significant and updated development of the EU institutional, conceptual and strategic design, but is yet relatively unexplored and underdeveloped.

b) The aim of this study is to evaluate the efforts to enhance cooperation among European countries in the provision and use of military force. To set the scene and illustrate constrains and complications that bear upon activities in this field. Indeed, the author intends to recommend a theoretical framework, as a fundamental prerequisite for the proper study of EU Defense and Security Policy.

c) Constructivism and neo- Realism and their theoretical tenets offer an unexplored avenue to investigate and account for the development of the European Security and Defense Policy.

d) The efficiency of such an account depends on a meticulous evaluation of proposed theoretical approaches versus the emerging security complex. This theoretical choice allows for a construction beyond that of the unit or system levels of analysis and may therefore grant a causal role to perceived interests in terms of non- traditional approach to research in social science. Also it may thereby provoke an interest in terms of security and threat.

e) The originality and validity of a combination between Realism and Constructivism as a starting point for inquiries in IR may not only be relevant to an understanding of how such a development can unfold, but mostly how a real social phenomena can be unfolded by such a non-traditional theoretical approach.

APA, Harvard, Vancouver, ISO, and other styles
21

Shetler-Jones, Philip. "The Globalisation of Japan's Defence and Security Policies 1989-2009." Thesis, University of Sheffield, 2010. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.527056.

Full text
APA, Harvard, Vancouver, ISO, and other styles
22

Kendric, Hood A. "Improving Cryptocurrency Blockchain Security and Availability Adaptive Security and Partitioning." Kent State University / OhioLINK, 2020. http://rave.ohiolink.edu/etdc/view?acc_num=kent1595038779436782.

Full text
APA, Harvard, Vancouver, ISO, and other styles
23

Persson, Jesper. "Improving smartphone security with remote attestation." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-138429.

Full text
Abstract:
Smartphones are becoming increasingly powerful and useful in a work environment. This has led to their adoption at the workplace. Many companies hand out smartphones to their employees and allow employees to bring their own devices to work. There are multiple potential vulnerabilities with such a situation. What happens if the device an employee uses to access secret company data with becomes infected by malware? Existing techniques such as remote attestation is widely used on desktop computers using a Trusted Platform Module (TPM) to allow remote parties to determine the integrity of a computer. However, no smartphones come equipped with a TPM, resulting in the need of alternate solutions. This report proposes a remote attestation system for the Android platform that allows employers to detect compromised devices. Any modification to an application is detected and reliably reported to a remote party.
APA, Harvard, Vancouver, ISO, and other styles
24

Kauer, Bernhard. "Improving System Security Through TCB Reduction." Doctoral thesis, Saechsische Landesbibliothek- Staats- und Universitaetsbibliothek Dresden, 2015. http://nbn-resolving.de/urn:nbn:de:bsz:14-qucosa-162177.

Full text
Abstract:
The OS (operating system) is the primary target of todays attacks. A single exploitable defect can be sufficient to break the security of the system and give fully control over all the software on the machine. Because current operating systems are too large to be defect free, the best approach to improve the system security is to reduce their code to more manageable levels. This work shows how the security-critical part of the OS, the so called TCB (Trusted Computing Base), can be reduced from millions to less than hundred thousand lines of code to achieve these security goals. Shrinking the software stack by more than an order of magnitude is an open challenge since no single technique can currently achieve this. We therefore followed a holistic approach and improved the design as well as implementation of several system layers starting with a new OS called NOVA. NOVA provides a small TCB for both newly written applications but also for legacy code running inside virtual machines. Virtualization is thereby the key technique to ensure that compatibility requirements will not increase the minimal TCB of our system. The main contribution of this work is to show how the virtual machine monitor for NOVA was implemented with significantly less lines of code without affecting the performance of its guest OS. To reduce the overall TCB of our system, other parts had to be improved as well. Additional contributions are the simplification of the OS debugging interface, the reduction of the boot stack and a new programming language called B1 that can be more easily compiled.
APA, Harvard, Vancouver, ISO, and other styles
25

Hwang, JeeHyun. "Improving the Quality of Security Policies." Thesis, North Carolina State University, 2014. http://pqdtopen.proquest.com/#viewpdf?dispub=3584006.

Full text
Abstract:

Systems such as web applications, database systems, and cloud services regulate users’ access control to sensitive resources based on security policies. Organizations often manage security policies in an ad-hoc and inconsistent manner due to a lack of budget, resources, and staff. This management could cause crucial security problems such as unauthorized access to sensitive resources.

A security policy is a set of restrictions and properties that specify how a computing system prevents information and computing resources from being used in violation of an organization’s security laws, rules, and practices. In computer systems, security policies are enforced to ensure correct functioning of access control such as “who” (e.g., authorized users or processes) can perform actions under “what” conditions.

Policy authors may follow common patterns in specifying and maintaining security policies. Researchers applied data mining techniques for deriving (implicit) patterns such as a group of users (i.e., roles in RBAC policies) who have the same access permissions. Policy authors reuse common patterns to reduce mistakes. Anomalies of those patterns are candidates for inspection to determine whether these anomalies expose faults.

Faults (i.e., misconfigurations) in security policies could result in tragic consequences, such as disallowing an authorized user to access her/his resources and allowing malicious users to access critical resources. Therefore, to improve the quality of security policies in terms of policy correctness, policy authors must conduct rigorous testing and verification during testing and maintenance phases of software development process. However, manual test-input generation and verification is an error-prone, time-consuming, and tedious task.

In this dissertation, we propose approaches that help improve the quality of security policies automatically. Our research goal is to help policy authors through automated pattern mining and testing techniques in the efficient detection and removal of faults. This dissertation is comprised of three research projects where each project focuses on a specific software engineering task. The three research projects are as follows:

Pattern Mining. We present an approach to mine patterns from security policies used in open source software products. Our approach applies data mining techniques on policy evolution and specification data of those security policies to identify common patterns, which represent usage of security policies. Our approach uses mined patterns as policy specification rules and detect faults in security policies under analysis as deviations from the mined patterns.

Automated Test Generation. We present a systematic structural testing approach for security policies. Our approach is based on the concept of policy coverage, which helps test a policy’s structural entities (i.e., rules, predicates, and clauses) to check whether each entity is specified correctly. Our approach analyzes security policies under test and generates test cases automatically to achieve high structural coverage. These test cases can achieve high fault-detection capability (i.e., detecting faults).

Automated Test Selection for Regression Testing. We present a safe-test-selection approach for regression testing of security policies. Among given initial test cases in access control systems under test, our approach selects and executes only test cases that could expose different policy behaviors across multiple versions of security policies. Our approach helps detect unexpected policy behaviors (i.e., regression faults) caused by policy changes efficiently.

These three research project have resulted in the following contributions:

• Patterns characterizing correlations of attributes in security policies help detect faults.

• Structural coverage for security policies is closely related to fault-detection capability. An original set of test cases with higher structural coverage often achieves higher fault-detection capability. Furthermore, its reduced set of test cases while maintaining the same structural coverage achieves similar fault-detection capability with the original set.

• Substantial number of test cases for regression testing can be reduced to help improve performance.

APA, Harvard, Vancouver, ISO, and other styles
26

Kong, Jingfei. "ARCHITECTURAL SUPPORT FOR IMPROVING COMPUTER SECURITY." Doctoral diss., University of Central Florida, 2010. http://digital.library.ucf.edu/cdm/ref/collection/ETD/id/2610.

Full text
Abstract:
Computer security and privacy are becoming extremely important nowadays. The task of protecting computer systems from malicious attacks and potential subsequent catastrophic losses is, however, challenged by the ever increasing complexity and size of modern hardware and software design. We propose several methods to improve computer security and privacy from architectural point of view. They provide strong protection as well as performance efficiency. In our first approach, we propose a new dynamic information flow method to protect systems from popular software attacks such as buffer overflow and format string attacks. In our second approach, we propose to deploy encryption schemes to protect the privacy of an emerging non-volatile main memory technology  phase change memory (PCM). The negative impact of the encryption schemes on PCM lifetime is evaluated and new methods including a new encryption counter scheme and an efficient error correct code (ECC) management are proposed to improve PCM lifetime. In our third approach, we deconstruct two previously proposed secure cache designs against software data-cache-based side channel attacks and demonstrate their weaknesses. We propose three hardware-software integrated approaches as secure protections against those data cache attacks. Also we propose to apply them to protect instruction caches from similar threats. Furthermore, we propose a simple change to the update policy of Branch Target Buffer (BTB) to defend against BTB attacks. Our experiments show that our proposed schemes are both security effective and performance efficient.
Ph.D.
School of Electrical Engineering and Computer Science
Engineering and Computer Science
Computer Science PhD
APA, Harvard, Vancouver, ISO, and other styles
27

Jones, Benjamin Edward. "Improving security in the FDDI protocol." Thesis, Monterey, California. Naval Postgraduate School, 1992. http://hdl.handle.net/10945/23700.

Full text
APA, Harvard, Vancouver, ISO, and other styles
28

Kulkarni, Rucha. "Mitigating Security Issues While Improving Usability." University of Cincinnati / OhioLINK, 2018. http://rave.ohiolink.edu/etdc/view?acc_num=ucin153907988305034.

Full text
APA, Harvard, Vancouver, ISO, and other styles
29

Scannell, David Luke. "Legal aspects of the European Union's European Security and Defence Policy." Thesis, University of Cambridge, 2005. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.614899.

Full text
APA, Harvard, Vancouver, ISO, and other styles
30

Borysenkov, Dmytro, and Serhii Rozhok. "Features of national cyber defence." Thesis, National Aviation University, 2021. https://er.nau.edu.ua/handle/NAU/50755.

Full text
Abstract:
1. AP NEWS. Ukraine pushes ahead with plans to secure NATO membership. Retrieved on 25/02/2021 from https://www.apnews.com/dff40992fcc446f6808d02d03b35e4bc 2. Cyberdominance. Ukraine as a NATO Centre of Excellence: Information Warfare. Retrieved on 24/02/2021 from https://www.cyberdominance.com/cyberdominance/ukraine-as-anato-centre-of-excellence-information-warfare/?history=0&pfid=1&sample=2&ref=0 3. Nekrasov V, Polyakova A (2017) This is war: Ukraine was shaken by the largest cyberattack in history. Ekonomichna Pravda (Text in Ukrainian). Retrieved on 24/02/2021 from http://www.epravda.com.ua/publications/2017/06/27/626518/ 4. NATO. Centres of Excellence. Retrieved on 25/02/2021 from https://www.act.nato.int/centres-of-excellence???history=4&pfid=1&sample=11&ref=0 5. KMU. National Security and Defense. Retrieved 03.03.2021 from https://www.kmu.gov.ua/en/reformi/bezpeka-ta-oborona
Because of Russia’s actions in April 2014, the Ukraine decided to make a step from historic alignment with Russia to find itself in NATO membership. On September 20, 2018 Ukraine’s president Petro Poroshenko said “We need to amend our constitution to make NATO membership a long-term goal” [1]. These words played an irreversible role of transformation our country toward European and Euro-Atlantic course integration. And one of the main goals was to transform consciousness of Ukrainian people to convince them that Ukraine is not a part of Russian Federation. The importance of this message made by Ukrainian law was directly counter to Putin’s influence operations attempting to convince the entire world that Ukrainians were ethnically Russians.
Через дії Росії у квітні 2014 року Україна вирішила зробити крок від історичного приєднання до Росії, щоб опинитися в членстві в НАТО. 20 вересня 2018 р. Президент України Петро Порошенко заявив: "Нам потрібно внести зміни в нашу Конституцію, щоб зробити членство в НАТО довгостроковою метою" [1]. Ці слова зіграли незворотну роль в трансформації нашої країни в бік європейської та євроатлантичної інтеграції курсів. І однією з головних цілей було перетворення свідомості українського народу, щоб переконати його в тому, що Україна не є частиною Російської Федерації. Важливість цього повідомлення, поданого українським законодавством, прямо суперечила операціям впливу Путіна, які намагалися переконати весь світ у тому, що українці є етнічно росіянами.
APA, Harvard, Vancouver, ISO, and other styles
31

Wei, Jinpeng. "Improving operating systems security two case studies /." Diss., Atlanta, Ga. : Georgia Institute of Technology, 2009. http://hdl.handle.net/1853/31849.

Full text
Abstract:
Thesis (Ph.D)--Computing, Georgia Institute of Technology, 2010.
Committee Chair: Pu, Calton; Committee Member: Ahamad, Mustaque; Committee Member: Blough, Douglas; Committee Member: Giffin, Jonathon; Committee Member: Li, Kang. Part of the SMARTech Electronic Thesis and Dissertation Collection.
APA, Harvard, Vancouver, ISO, and other styles
32

Aliti, Admirim, and Deniz Akkaya. "Employees' Role in Improving Information Systems Security." Thesis, Linnéuniversitetet, Institutionen för datavetenskap, fysik och matematik, DFM, 2011. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-13769.

Full text
Abstract:
Information security is one of the most essential concerns in today’s organizations. IT departments in larger organizations are tasked to implement security, by both ensuring to have pertinent hardware and software, and likewise enlighten, teach and educate organization’s employees about security issues. The aim of this research is to focus on the human factor of the organization, which impacts the security of the information, since technological solutions of technical problems become incomprehensible without human recognition about security. If the security is not addressed in firms, this might lead to essential data of the organization to be compromised. This study explores ways to enhance information security and improve the human factor by integrating the crucial information security elements in organizations. Social constructivist worldview is adopted throughout the study, and an inductive based - qualitative approach, a single case study design and hermeneutical analysis for analyzing the observations and interviews are utilized. The research setting for this study is Växjö Municipality in Sweden. The empirical investigation suggests that human factor plays an essential role in maintaining information security, and organizations can improve employees’ role by keeping their security policies up to date and find the best ways to disseminate that information. As a result, this research comes up with “information security human management model” for organizations.
APA, Harvard, Vancouver, ISO, and other styles
33

Karger, Paul Ashley. "Improving security and performance for capability systems." Thesis, University of Cambridge, 1988. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.293032.

Full text
APA, Harvard, Vancouver, ISO, and other styles
34

Kylmänen, J. (Juha). "Information security improving blocklist driven firewall implementation." Master's thesis, University of Oulu, 2013. http://urn.fi/URN:NBN:fi:oulu-201312021940.

Full text
Abstract:
The Internet has become a commodity and with it information security and privacy issues have appeared. Common threats against the end users include malware and phishing. Phishing is a social engineering technique used to mimic legit banking or social networking websites in an attempt to gain sensitive information from the user and malware is software with malicious intent. An Internet firewall is an essential component of a modern computer network and it is used to implement policy to prevent access to web hosts. A personal firewall solution, called Defensia, is described and implemented in this work to perform basic firewall tasks, but also to improve information security by using IP blocklists and by supporting access control based on organization, country and application information. The packet processing performance level was measured and determined to be adequate for personal use. The measured overhead was 0,490 milliseconds which applies to the first packet in connection because connection state tracking is used. The organization block feature was successfully demonstrated in a case study against Facebook, Inc. and the IP address blocking was demonstrated by blocking a web tracker from the Nordea online web bank. Third party blocklists from Abuse.ch and Wizcrafts Computer Services were used to demonstrate how Defensia can benefit from third party resources. In a case study, Abuse.ch’s blocklist was used to block access to a known Zeus botnet command and control server. In another case study Wizcrafts Computer Services’ exploited servers blocklist was used to prevent access to a phishing website. Additionally, the application whitelist feature was used to demonstrate how Defensia can proactively prevent an unknown application from accessing the network. Defensia demonstrated successfully that it is a contribution to security and privacy
Internetistä on tullut yleishyödyke ja sitä myötä on ilmaantunut tietoturvaan ja yksityisyyteen liittyviä ongelmia. Eräitä uhkia käyttäjiä kohtaan ovat haittaohjelmat ja khalastelu. Khalastelu on urkintaa, jossa matkitaan toista palvelua, kuten pankkia, ja jonka tavoitteena on saada käyttäjä luovuttamaan henkilökohtaista tietoa. Haittaohjelmat ovat puolestaan ohjelmistoja, joilla on haitallinen tarkoitus. Internet-palomuuri on olennainen osa modernia tietoverkkoa ja se toteuttaa politiikan, jolla voidaan estää yhteys tietoverkon tietokoneisiin. Tämä työ kuvaa ja toteuttaa Defensia-nimisen henkilökohtaisen palomuurin. Se toteuttaa perinteiset palomuuriominaisuudet, mutta parantaa myös tietoturvaa käyttämällä IP-estolistauksia ja tukemalla organisaatioihin, maan nimeen ja ohjelmiin pohjautuvaa kulunvalvontaa. Paketin käsittelyn havaittiin olevan riittävän nopea henkilökohtaiseen käyttöön. Mitattu viive paketin käsittelyssä oli 0,490 millisekuntia ja se koskee yhteyden ensimmäistä pakettia, koska yhteyden tilan seurantaa hyödynnetään. Organisaation estoa havainnollistettiin tutkimuksessa, jossa Facebook, Inc. laitettiin estolistalle ja IP-pohjaista estolistausta havainnollistettiin estämällä Nordean verkkopankista löytyvän seurantakoodin toiminta. Kolmannen osapuolen estolistauksia Abuse.ch:lta ja Wizcrafts Computer Serviceltä käytettiin havainnollistamaan, kuinka Defensia hyötyy ulkopuolisista resursseista. Abuse.ch:n Zeus-estolistausta käytettiin estämään verkkoyhteys Zeus-troijalaisen komentopalvelimeen ja toisessa tutkimuksessa Wizcrafts Computer Servicen estolistausta hyödynnettiin havainnollistamaan, kuinka pääsy kalastelusivustolle voidaan estää Defensialla. Lisäksi ohjelmiin pohjautuvalla kulunvalvonnalla havainnollistettiin, kuinka Defensia voi ennakoivasti estää tuntemattomien ohjelmien pääsyn verkkoon. Defensia havainnollisti onnistuneesti osuutensa tietoturvan ja yksityisyyden parantamiseen
APA, Harvard, Vancouver, ISO, and other styles
35

Carey-Smith, Mark T. "Improving information security management in nonprofit organisations." Thesis, Queensland University of Technology, 2011. https://eprints.qut.edu.au/45717/1/Mark_Carey-Smith_Thesis.pdf.

Full text
Abstract:
All organisations, irrespective of size and type, need effective information security management (ISM) practices to protect vital organisational in- formation assets. However, little is known about the information security management practices of nonprofit organisations. Australian nonprofit organisations (NPOs) employed 889,900 people, managed 4.6 million volunteers and contributed $40,959 million to the economy during 2006-2007 (Australian Bureau of Statistics, 2009). This thesis describes the perceptions of information security management in two Australian NPOs and examines the appropriateness of the ISO 27002 information security management standard in an NPO context. The overall approach to the research is interpretive. A collective case study has been performed, consisting of two instrumental case studies with the researcher being embedded within two NPOs for extended periods of time. Data gathering and analysis was informed by grounded theory and action research, and the Technology Acceptance Model was utilised as a lens to explore the findings and provide limited generalisability to other contexts. The major findings include a distinct lack of information security management best practice in both organisations. ISM Governance and risk management was lacking and ISM policy was either outdated or non- existent. While some user focused ISM practices were evident, reference to standards, such as ISO 27002, were absent. The main factor that negatively impacted on ISM practices was the lack of resources available for ISM in the NPOs studied. Two novel aspects of information security dis- covered in this research were the importance of accuracy and consistency of information. The contribution of this research is a preliminary understanding of ISM practices and perceptions in NPOs. Recommendations for a new approach to managing information security management in nonprofit organisations have been proposed.
APA, Harvard, Vancouver, ISO, and other styles
36

Doherty, Roisin. "Passivity v engagement? : the impact of an emerging European security architecture on Irish neutrality." Thesis, University of Ulster, 2000. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.314032.

Full text
APA, Harvard, Vancouver, ISO, and other styles
37

Huff, Ariella Rachel. "Parliamentary discourses on the European security and defence policy in Britain, Ireland and Poland, 1998-2008." Thesis, University of Cambridge, 2012. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.610552.

Full text
APA, Harvard, Vancouver, ISO, and other styles
38

Gray, Gavan Patrick. "Japanese defence production, national security and alliance relations in the 21st century." Thesis, University of Leicester, 2014. http://hdl.handle.net/2381/29244.

Full text
Abstract:
As a result of constitutional restrictions on its use of military force, Japan has long held a reputation as a pacifist state. Yet, for more than twenty years, it has been undergoing a steady process of normalization that has seen these restrictions gradually removed or bypassed. At a time when Japan is moving toward a more proactive security policy this thesis examines the important effect procurement choices have upon both its strategic options and its regional relations. This study examines the development and structure of Japan's defence industry, assesses the threats it is required to address, and gauges the impact of domestic and foreign influence upon security policy. In addition, it raises important questions regarding the nature of Japan's strategic direction and the lack of open discussion of areas of significance. In particular, it looks at the failure of weapon choices to become more than an economic issue, despite the far broader impact of the choices made. It also considers the extent to which the threats faced by Japan have been accurately assessed, and the possible implications of narrow adherence to the US-Japan security alliance. Finally the thesis helps to address a long-standing gulf in Japan's academic community which has seen liberal academics largely standing removed from discussion of security policy on ideologically pacifist grounds. By showing that the possible choices in security policy are far broader than commonly perceived, this thesis allows and encourages a more open and active debate on Japan's future role, both in East Asia and internationally.
APA, Harvard, Vancouver, ISO, and other styles
39

Reyzin, Leonid (Leonid Natanovich) 1975. "Improving the exact security of digital signature schemes." Thesis, Massachusetts Institute of Technology, 1999. http://hdl.handle.net/1721.1/80564.

Full text
APA, Harvard, Vancouver, ISO, and other styles
40

Hemberger, Paul Wang. "Improving information flow control design with security contexts." Thesis, Massachusetts Institute of Technology, 2015. http://hdl.handle.net/1721.1/100598.

Full text
Abstract:
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2015.
This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.
Cataloged from student-submitted PDF version of thesis.
Includes bibliographical references (pages 83-85).
This thesis outlines a new language feature for Ruby: the security context, which enables complex information flow control schemes to be written in Ruby without modification to the virtual machine. Security contexts are Ruby objects that act as transparent proxies and can be attached to other objects, allowing them to seamlessly modify parameters and return values into and out of those objects' methods. Security contexts are demonstrated to be simple and effective in creating two flow control applications that would otherwise pose significant challenge to build: taint tracking as a Ruby library, and data flow assertions for Ruby on Rails applications. The performance of these systems was benchmarked while running as a part of a Rails application, and reached acceptable performance: taint tracking had no impact on performance, and data flow assertions saw a 50% throughput decrease, while providing considerable protection against privacy leaks and security vulnerabilities.
by Paul Wang Hemberger.
M. Eng.
APA, Harvard, Vancouver, ISO, and other styles
41

Yip, Alexander Siumann 1979. "Improving web site security with data flow management." Thesis, Massachusetts Institute of Technology, 2009. http://hdl.handle.net/1721.1/54647.

Full text
Abstract:
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2009.
Cataloged from PDF version of thesis.
Includes bibliographical references (p. 91-98).
This dissertation describes two systems, RESIN and BFLow, whose goal is to help Web developers build more secure Web sites. RESIN and BFLOW use data flow management to help reduce the security risks of using buggy or malicious code. RESIN provides programmers with language-level mechanisms to track and manage the flow of data within the server. These mechanisms make it easy for programmers to catch server-side data flow bugs that result in security vulnerabilities, and prevent these bugs from being exploited. BFLow is a system that adds information flow control, a restrictive form of data flow management, both to the Web browser and to the interface between a browser and a server. BFLOW makes it possible for a Web site to combine confidential data with untrusted JavaScript in its Web pages, without risking leaks of that data. This work makes a number of contributions. RESIN introduces the idea of a data flow assertion and demonstrates how to build them using three language-level mechanisms, policy objects, data tracking, and filter objects. We built prototype implementations of RESIN in both the PHP and Python runtimes. We adapt seven real off-the-shelf applications and implement 11 different security policies in RESIN which thwart at least 27 real security vulnerabilities. BFLow introduces an information flow control model that fits the JavaScript communication mechanisms, and a system that maps that model to JavaScript's existing isolation system.
(cont.) Together, these techniques allow untrusted JavaScript to read, compute with, and display confidential data without the risk of leaking that data, yet requires only minor changes to existing software. We built a prototype of the BFLow system and three different applications including a social networking application, a novel shared-data Web platform, and BFlogger, a third-party JavaScript platform similar to that of Blogger.com. We ported several untrusted JavaScript extensions from Blogger.com to BFlogger, and show that the extensions cannot leak data as they can in Blogger.com.
by Alexander Siumann Yip.
Ph.D.
APA, Harvard, Vancouver, ISO, and other styles
42

Ashenden, D. M. "Information security awareness : improving current research and practice." Thesis, University College London (University of London), 2015. http://discovery.ucl.ac.uk/1469598/.

Full text
Abstract:
Large-scale data losses experienced across both public and private sector organisations have led to expectations that organisations will develop a culture that supports information security aims and objectives. Despite the fact that many organisations now run awareness, education and training programmes for their employees, however, information security incidents due to employee misuse of information still keep occurring. This suggests that these programmes are not working. The research presented in this thesis examines ways to better understand employees’ attitudes towards information security with a view to improving current organisational practice. The research explores whether Chief Information Security Officers are delivering organisational change for information security, before moving on to better understand employee’s attitudes and how these are translated into behaviours. The research takes a mixed-methods approach that is not often used in information security research and combines both qualitative and quantitative analytical methods, grounded in the theory of social psychology. Case studies are carried out with Chief Information Security Officers as well as at the Office of Fair Trading and Prudential plc. The research delivers a survey tool that can be used in organisations to better understand how to frame information security messages so that they achieve their aims. An expert panel of users evaluated the survey. The research concluded that end users fall into two groups – the ‘I Can Handle It Group’ and the ‘It’s Out of My Control Group’ and these substantive findings have been validated by a field experiment. By mirroring the attributions of the dominant group the field experiment demonstrates that it is possible to influence employees’ behaviour.
APA, Harvard, Vancouver, ISO, and other styles
43

Karlsson, Marcus, and Oscar Zaja. "Improving Security In Embedded Systems With IEEE 802.1X." Thesis, Mälardalens högskola, Akademin för innovation, design och teknik, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:mdh:diva-53322.

Full text
APA, Harvard, Vancouver, ISO, and other styles
44

Giannini, Martina. "Improving Cyber-Security of Power System State Estimators." Thesis, KTH, Reglerteknik, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-142843.

Full text
Abstract:
During the last century, technological advances have deeply renewed many critical infrastructures, such as transportation networks and power systems. In fact, the strong interconnection between physical process, communication channels, and control systems have led to the new concept of cyber-physical systems. Next to countless new advantages, these systems unfortunately have also new weaknesses. An example is cyber-attacks: malicious intrusions into the communication channel turned to manipulate data. In this thesis the considered cyber-physical system is a power network where hundreds of eld devices are connected to a control center, which collects data and controls the whole system. A cyber-attack where the adversary model is based on the attacker's knowledge of the network topology and line parameters is considered. This work is focused on one of the features of the control center: the state estimator. After a preliminary analysis of the conventional state estimators with respect to cyber attacks constructed according to this adversary model, new ideas for improving the security of the system are presented. The aim of this thesis is to propose novel state estimators that are both accurate under no cyber-attack, and at the same time able to detect attacks that are undetectable by the conventional state estimator. This mainly involves introducing additional information about the system as constraints in the state estimator, under the assumption that the new information is not available to the adversary. At the end of the analysis of the new mathematical model of the state estimators, a new denition of undetectable attack is proposed. The functionality of the novel state estimators is demonstrated in numerical experiments, which have been performed on dierent benchmark power networks.
APA, Harvard, Vancouver, ISO, and other styles
45

Wei, Wei. "Improving Security and Privacy in Online Social Networks." W&M ScholarWorks, 2013. https://scholarworks.wm.edu/etd/1539623628.

Full text
Abstract:
Online social networks (OSNs) have gained soaring popularity and are among the most popular sites on the Web. With OSNs, users around the world establish and strengthen connections by sharing thoughts, activities, photos, locations, and other personal information. However, the immense popularity of OSNs also raises significant security and privacy concerns. Storing millions of users' private information and their social connections, OSNs are susceptible to becoming the target of various attacks. In addition, user privacy will be compromised if the private data collected by OSNs are abused, inadvertently leaked, or under the control of adversaries. as a result, the tension between the value of joining OSNs and the security and privacy risks is rising.;To make OSNs more secure and privacy-preserving, our work follow a bottom-up approach. OSNs are composed of three components, the infrastructure layer, the function layer, and the user data stored on OSNs. For each component of OSNs, in this dissertation, we analyze and address a representative security/privacy issue. Starting from the infrastructure layer of OSNs, we first consider how to improve the reliability of OSN infrastructures, and we propose Fast Mencius, a crash-fault tolerant state machine replication protocol that has low latency and high throughput in wide-area networks. For the function layer of OSNs, we investigate how to prevent the functioning of OSNs from being disturbed by adversaries, and we propose SybilDefender, a centralized sybil defense scheme that can effectively detect sybil nodes by analyzing social network topologies. Finally, we study how to protect user privacy on OSNs, and we propose two schemes. MobiShare is a privacy-preserving location-sharing scheme designed for location-based OSNs (LBSNs), which supports sharing locations between both friends and strangers. LBSNSim is a trace-driven LBSN model that can generate synthetic LBSN datasets used in place of real datasets. Combining our work contributes to improving security and privacy in OSNs.
APA, Harvard, Vancouver, ISO, and other styles
46

Emerson, Kaye M. "Defence procurement in the United Kingdom which way will it go? /." Monterey, California : Naval Postgraduate School, 1990. http://handle.dtic.mil/100.2/ADA243126.

Full text
Abstract:
Thesis (M.A. in National Security Affairs)--Naval Postgraduate School, December 1990.
Thesis Advisor(s): Laurance, E. J. Second Reader: Breemer, J. S. "December 1990." Description based on title screen as viewed on March 30, 2010. DTIC Identifier(s): Westland Case Study, NATO Frigate Replacement-90 Case Study, European Fighter Aircraft Case Study. Author(s) subject terms: Defense Procurement, Westland Helicopter, NATO Frigate, European Fighter Aircraft. Includes bibliographical references. Also available in print.
APA, Harvard, Vancouver, ISO, and other styles
47

Moholt, van Reeuwijk Yvonne. "Enhancing the European security and defence policy : European integration and the changing of the Norwegian and the Swedish security identities." Thesis, Uppsala universitet, Teologiska institutionen, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-359694.

Full text
Abstract:
This paper examines the relationship between Europeanisation and the recent changes of the Norwegian and Swedish security identities. Since the mid-1990s, these two countries have gone different ways, the former as an active non-member with no decision-making powers and the latter as an active participant in the development of the European Security and Defence Policy (ESDP). Concerning Norway and Sweden’s security identity, both have changed exceedingly over the years. Norway, which has valued the US and the transatlantic partnership through NATO, namely being an ‘Atlanticist’, seeks a deeper connection to the EU as a security actor over the last fifteen years, despite the authorities emphasizing that NATO remains the cornerstone for Norwegian security policy. Sweden, which maintained strongly neutral and non-aligned throughout the 20th century, was initially sceptic to partaking in the security and defence dimension of the Union. Nonetheless, Sweden, as a member, managed to change its perception of EU’s security policy through highlighting crisis management and turned out to become one of EU’s most active contributors in shaping the ESDP. This paper concludes that Norway and Sweden have seen similar outcomes concerning Europeanisation, despite holding different positions in relation to the EU. Norway has not been able to hold an influential role respecting its European integration process, even though the authorities seek to gain as much input as possible into the ESDP through associate membership. Sweden, in contrast, entered the Union with an initial negative attitude concerning the security and defence policy but has changed its perception and chosen to play an active part in the policy making process through influencing and deepening its cooperation.
APA, Harvard, Vancouver, ISO, and other styles
48

Noetzel, Timo. "Making strategy : German defence and security policy in the post-Cold War period." Thesis, University of Oxford, 2006. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.433281.

Full text
APA, Harvard, Vancouver, ISO, and other styles
49

Torun, Zerrin. "Constructivist approach to Europeanization under the European foreign, security and defence policy framework." Thesis, University of Sussex, 2009. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.499564.

Full text
Abstract:
This thesis aims at analysing the Europeanization of British and French foreign, security and defence policies through a moderate constmctivist approach, with a view to question its utility. It uses case studies, process-tracing, and interviews, covering the period from the estabhshment of Common Foreign and Security Policy until 2007. However, in order to provide provide the background to the cases under investigation, analysis of the period before has been included where necessary.
APA, Harvard, Vancouver, ISO, and other styles
50

Ladzik, Jeannette. "Britain, Germany and the European Security and Defence Policy : constructivist socialisation at work?" Thesis, London Metropolitan University, 2012. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.590147.

Full text
Abstract:
This thesis investigates the European Security and Defence Policy (ESOP) which has evolved rapidly since its establishment at the Cologne European Council in June 1999. Its development has been driven by the three biggest EU member states - Germany, France and the UK. While this is to some extent not surprising as these three states are also the most militarily powerful ones in Europe, they had for many years opposing views on the creation of a separate European defence initiative. During the 1990s due to a number of reasons German and British policymakers' views on this topic converged with that of French policy-makers, who had always argued for the establishment of a common European defence policy. The British Prime Minister and the French President were therefore able to launch the European defence project at their historic meeting in Saint Malo. A few months later, Germany presided over the important Cologne European Council. Following the creation of ESOP, German and British policy-makers went beyond mere support and actively drove it forward. This thesis will explore why they changed their behaviour from opposing a common European defence policy towards pressing ahead with it. It proposes the answer that these policy-makers became socialised in ESOP by the EU. Successful socialisation led to the complete internalisation of ESOP norms and the adoption of the EU's interests and identity by German and British policy-makers. This hypothesis will be tested by applying Jeffrey T. Checkers constructivist socialisation approach to the case studies of German and British policy-makers, who shaped ESOP from the Saint Malo meeting (3 and 4 December 1998) to the Lisbon European Council summit (18-19 October 2007).
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the bibliographies on the topic 'Improving Defence and Security' for other source types:
Journal articles Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography