Dissertations / Theses on the topic 'Information security fields'

In this thesis, we explain linear secret sharing schemes, in particular multiplicative threshold linear secret sharing schemes, over fields and rings in a compact and concise way. We explain two characterisations of linear secret sharing schemes, and in particular, we characterise threshold linear secret sharing schemes. We develop an algorithm to generate all multiplicative $(t+1)$-out-of-$n$ threshold linear secret sharing schemes over a field $mathbb{Z}sb{p}$. For the ring $mathbb{Z}sb{2sp{32}}$, we explain the generation of secret sharing schemes for threshold access structures and prove the non-existence of $(t+1)$-out-of-$n$ threshold linear secret sharing schemes with $n > t+1$.

A cryptographic security architecture constitutes the collection of hardware and software which protects and controls the use of encryption keys and similar cryptovariables. This thesis presents a design for a portable, flexible high-security architecture based on a traditional computer security model. Behind the API it consists of a kernel implementing a reference monitor which controls access to security-relevant objects and attributes based on a configurable security policy. Layered over the kernel are various objects which abstract core functionality such as encryption and digital signature capabilities, certificate management and secure sessions and data enveloping (email encryption). The kernel itself uses a novel design which bases its security policy on a collection of filter rules enforcing a cryptographic module-specific security policy. Since the enforcement mechanism (&e kernel) is completely independent of the policy database (the filter rules), it is possible to change the behaviour of the architecture by updating the policy database without having to make any changes to the kernel itself. This clear separation of policy and mechanism contrasts with current cryptographic security architecture approaches which, if they enforce controls at all, hardcode them into the implementation, making it difficult to either change the controls to meet application-specific requirements or to assess and verify them. To provide assurance of the correctness of the implementation, this thesis presents a design and implementation process which has been selected to allow the implementation to be verified in a manner which can reassure an outsider that it does indeed function as required. In addition to producing verification evidence which is understandable to the average user, the verification process for an implementation needs to be fully automated and capable of being taken down to the level of running code, an approach which is currently impossible with traditional methods. The approach presented here makes it possible to perform verification at this level, something which had previously been classed as "beyond Al" (that is, not achievable using any known technology). The versatility of the architecture presented here has been proven through its use in implementations ranging from l6-bit microcontrollers through to supercomputers, as well as a number of unusual areas such as security modules in ATMs and cryptographic coprocessors for general-purpose computers.
Note: Updated version of the thesis now published as Gutmann, P (2004). Cryptographic security architecture: design and verification. New York: Springer. ISBN 9780387953876.

Online banking systems have become more common and widely used in daily life, bringing huge changes in modern banking transaction activities and giving us a greater opportunity to access the banking system anytime and anywhere. At the same time, however, one of the key challenges that still remain is to fully resolve the security concerns associated with the online banking system. Many clients feel that online banking is not secure enough, and to increase its security levels, many banks simply add more identity-checking steps or put on more security measures to some extent to give users the impression of a secure online banking system. However, this is easier to be said than done, because we believe that more identity-checking steps could compromise the usability of the online banking system, which is an inevitable feature in design of usable and useful online banking systems. Banks can simply enhance their security level with more sophisticated technologies, but this does not seem to guarantee the online banking system is in line with its key usability concern. Therefore, the research question raised in this thesis is to establish the relationships between usability, security and trustworthiness in the online banking system. To demonstrate these relationships, three experiments were carried out using the simulation of an online banking logon procedure to provide a similar online banking experience. Post questionnaires were used to measure the three concepts, i.e. usability, security and trustworthiness. The resulting analyses revealed that simply adding more identity-checking steps in the online banking system did not improve the customers? perceived security and trustworthiness, nor the biometric security technique (i.e., fingerprints) did enhance the subjective ratings on the perceived security and trustworthiness. This showed that the systems designer needs to be aware that the customer?s perception of the online banking system is not the same as that conceived from a technical standpoint.

In order to keep shared access computers secure and stable system administrators resort to locking down the computing environment in order to prevent intentional and unintentional damage by users. Skilled attackers are often able to break out of locked down computing environments and intentionally misuse shared access computers. This misuse has resulted in cases of mass identity theft and fraud, some of which have had an estimated cost ranging in millions. In order to determine if it is possible to break out of locked down computing environments an assessment method is required. Although a number of vulnerability assessment techniques exist, none of the existing techniques are sufficient for assessing locked down shared access computers. This is due to the existing techniques focusing on traditional, application specific, software vulnerabilities. Break out path vulnerabilities (which are exploited by attackers in order to break out of locked down environments) differ substantially from traditional vulnerabilities, and as a consequence are not easily discovered using existing techniques. Ontologies can be thought of as a modelling technique that can be used to capture expert knowledge about a domain of interest. The method for discovering break out paths in locked down computers can be considered expert knowledge in the domain of shared access computer security. This research proposes an ontology based assessment process for discovering break out path vulnerabilities in locked down shared access computers. The proposed approach is called the ontological lockdown assessment process. The ontological lockdown assessment process is implemented against a real world system and successfully identifies numerous break out path vulnerabilities.

Signal detection plays a critical role in realizing reliable transmission through communication systems. In this dissertation, by applying information theoretic approach, efficient detection schemes and algorithms are designed for three particular communication systems. First, a computation efficient coding and detection algorithm is developed to decode two dimensional inter-symbol interference (ISI) channels. The detection algorithm significantly reduces the computation complexity and makes the proposed equalization algorithm applicable. A new metric, the post-detection mutual information (PMI), is established to quantify the ultimate information rate between the discrete inputs and the hard detected output. This is the first time that the information rate loss caused by the hard mapping of the detectors is considered. Since the hard mapping step in the detector is irreversible, we expect that the PMI is reduced compared to the MI without hard mapping. The conclusion is confirmed by both the simulation and the theoretic results. Random complex field code is designed to achieve the secrecy capacity of wiretap channel with noiseless main channel and binary erasure eavesdroppers' channel. More importantly, in addition to approaching the secrecy capacity, RCFC is the first code design which provides a platform to tradeoff secrecy performance with the erasure rate of the eavesdropper's channel and the secrecy rate.

The Near Field Communication (NFC) technology is a short-range radio communication channel which enables users to exchange data between devices. NFC provides a contactless technology for data transmission between smart phones, Personal Computers (PCs), Personal Digital Assistants (PDAs) and such devices. It enables the mobile phone to act as identification and a credit card for customers. However, the NFC chip can act as a reader as well as a card, and also be used to design symmetric protocols. Having several parties involved in NFC ecosystem and not having a common standard affects the security of this technology where all the parties are claiming to have access to client’s information (e.g. bank account details). The dynamic relationships of the parties in an NFC transaction process make them partners in a way that sometimes they share their access permissions on the applications that are running in the service environment. These parties can only access their part of involvement as they are not fully aware of each other’s rights and access permissions. The lack of knowledge between involved parties makes the management and ownership of the NFC ecosystem very puzzling. To solve this issue, a security module that is called Secure Element (SE) is designed to be the base of the security for NFC. However, there are still some security issues with SE personalization, management, ownership and architecture that can be exploitable by attackers and delay the adaption of NFC payment technology. Reorganizing and describing what is required for the success of this technology have motivated us to extend the current NFC ecosystem models to accelerate the development of this business area. One of the technologies that can be used to ensure secure NFC transactions is cloud computing which offers wide range advantages compared to the use of SE as a single entity in an NFC enabled mobile phone. We believe cloud computing can solve many issues in regards to NFC application management. Therefore, in the first contribution of part of this thesis we propose a new payment model called “NFC Cloud Wallet". This model demonstrates a reliable structure of an NFC ecosystem which satisfies the requirements of an NFC payment during the development process in a systematic, manageable, and effective way.

Verification of users’ identities are normally carried out via PIN-codes or ID- cards. Biometric identification, identification of unique body features, offers an alternative solution to these methods.

Fingerprint scanning is the most common biometric identification method used today. It uses a simple and quick method of identification and has therefore been favored instead of other biometric identification methods such as retina scan or signature verification.

In this report biometric security systems have been evaluated based on fingerprint scanners. The evaluation method focuses on copies of real fingers, artificial fingers, as intrusion method but it also mentions currently used algorithms for identification and strengths and weaknesses in hardware solutions used.

The artificial fingers used in the evaluation were made of gelatin, as it resembles the surface of human skin in ways of moisture, electric resistance and texture. Artificial fingers were based on ten subjects whose real fingers and artificial counterpart were tested on three different fingerprint scanners. All scanners tested accepted artificial fingers as substitutes for real fingers. Results varied between users and scanners but the artificial fingers were accepted between about one forth and half of the times.

Techniques used in image enhancement, minutiae analysis and pattern matching are analyzed. Normalization, binarization, quality markup and low pass filtering are described within image enhancement. In minutiae analysis connectivity numbers, point identification and skeletonization (thinning algorithms) are analyzed. Within pattern matching, direction field analysis and principal component analysis are described. Finally combinations of both minutiae analysis and pattern matching, hybrid models, are mentioned.

Based on experiments made and analysis of used techniques a recommendation for future use and development of fingerprint scanners is made.

Near Field Communication (NFC) är en teknik som möjliggjort utvecklingen av vardagliga betalningar med hjälp av mobiltelefonen. I Sverige är betalningar med NFC-tekniken i mobiltelefoner fortfarande i introduktionsfasen. För att denna teknik ska ha möjlighet att fungera som ett komplement till redan befintliga betallösningar, granskas därför möjligheten för NFC-teknik som betallösningsmetod med inriktning på säkerhetsaspekter. Syftet med uppsatsen är att granska säkerhetsaspekter för NFC-teknik som mobil betallösningsmetod samt analysera dessa aspekter för att få djupare kunskap för NFC-teknologins möjligheter. Kunskapen har erhållits genom en litteraturstudie samt kompletterande av en intervju för att få bredd i informationsbehandlingen. Resultatet av studien visar att NFC-teknologin som betallösningsmetod kan påverkas av ett antal säkerhetsaspekter. För att NFC-tekniken skall nå en bredd i marknaden måste flertalet aktörer samarbeta för en standardisering i användandet av tekniken.
Near Field Communication (NFC) is a technology that enables the development of payments using the mobile phone. In Sweden, payments with NFC technology in mobile phones are still in the introductory phase. To ensure that the proposed technology can be utilized as a complement to existing payment options, one must consider the safety aspects of said construct. In this thesis we will review the technology with a focus on safety aspects. The purpose of this thesis is to review the security aspects of NFC technology for mobile payment and analyze these aspects in order to gain deeper knowledge of NFC technology opportunities. The knowledge has been obtained through a literature review, complemented by an interview to get a wide knowledge about the information. The results of the study show that NFC technology as a payment option can be affected by a number of safety issues. To ensure a viable market share, operators utilizing NFC technology must cooperate to standardize the implementation.

Based on the analysis of reports and literature on the vulnerability of global navigation satellite systems, the robot presents a developed threat model and an intruder model for navigation information. Using the developed models, organizational and technical measures to protect information are determined. Directions for improving consumer equipment to jamming are given. Organizational measures for protecting against jamming are described.

Ubiquitous access to patient medical records is an important aspect of caring for patient safety. Unavailability of sufficient medical information at the point-ofcare could possibly lead to a fatality. The U.S. Institute of Medicine has reported that between 44,000 and 98,000 people die each year due to medical errors, such as incorrect medication dosages, due to poor legibility in manual records, or delays in consolidating needed information to discern the proper intervention. In this research we propose employing emergent technologies such as Java SIM Cards (JSC), Smart Phones (SP), Next Generation Networks (NGN), Near Field Communications (NFC), Public Key Infrastructure (PKI), and Biometric Identification to develop a secure framework and related protocols for ubiquitous access to Electronic Health Records (EHR). A partial EHR contained within a JSC can be used at the point-of-care in order to help quick diagnosis of a patient’s problems. The full EHR can be accessed from an Electronic Health Records Centre (EHRC) when time and network availability permit. Moreover, this framework and related protocols enable patients to give their explicit consent to a doctor to access their personal medical data, by using their Smart Phone, when the doctor needs to see or update the patient’s medical information during an examination. Also our proposed solution would give the power to patients to modify the Access Control List (ACL) related to their EHRs and view their EHRs through their Smart Phone. Currently, very limited research has been done on using JSCs and similar technologies as a portable repository of EHRs or on the specific security issues that are likely to arise when JSCs are used with ubiquitous access to EHRs. Previous research is concerned with using Medicare cards, a kind of Smart Card, as a repository of medical information at the patient point-of-care. However, this imposes some limitations on the patient’s emergency medical care, including the inability to detect the patient’s location, to call and send information to an emergency room automatically, and to interact with the patient in order to get consent. The aim of our framework and related protocols is to overcome these limitations by taking advantage of the SIM card and the technologies mentioned above. Briefly, our framework and related protocols will offer the full benefits of accessing an up-to-date, precise, and comprehensive medical history of a patient, whilst its mobility will provide ubiquitous access to medical and patient information everywhere it is needed. The objective of our framework and related protocols is to automate interactions between patients, healthcare providers and insurance organisations, increase patient safety, improve quality of care, and reduce the costs.

International lawyers are familiar with the question: “Is international law law?” But this thesis instead asks the question: “Is international law international?” Using a variety of methods, this work sheds light on some of the ways in which international law as a transnational legal field is constructed by international law academics, and is conceptualized in international law textbooks, in the five permanent members of the Security Council: the People’s Republic of China, the French Republic, the Russian Federation, the United Kingdom of Great Britain and Northern Ireland, and the United States of America. It explores how different national communities of international lawyers construct and pass on their understandings of “international law” in ways that belie the field’s claim to universality, perpetuating certain forms of difference and dominance. By adopting a comparative approach, it aims to make international lawyers more aware of the frames that shape their own understandings of and approaches to the field, as well as how these might be similar to or different from the frames adopted by those coming from other states, regions or geopolitical groupings. It also examines how some of these patterns might be disrupted as a result of shifts in geopolitical power, such as the movement from unipolar power toward greater multipolarity and the growing confrontations between Western liberal democratic states (like the United States, the United Kingdom, and France) and non-Western authoritarian states (like China and Russia).

Telemetry system, Optimisation, Sensoric networks, Smart Grid, Internet of Things, Sensors, Information security, Cryptography, Cryptography algorithms, Cryptosystem, Confidentiality, Integrity, Authentication, Data freshness, Non-Repudiation.

Software obfuscation is a protection technique for making code unintelligible to automated program comprehension and analysis tools. It works by performing semantic preserving transformations such that the difficulty of automatically extracting the computational logic out of code is increased. Obfuscating transforms in existing literature have been designed with the ambitious goal of being resilient against all possible reverse engineering attacks. Even though some of the constructions are based on intractable computational problems, we do not know, in practice, how to generate hard instances of obfuscated problems such that all forms of program analyses would fail. In this thesis, we address the problem of software protection by developing a weaker notion of obfuscation under which it is not required to guarantee an absolute blackbox security. Using this notion, we develop provably-correct obfuscating transforms using dependencies existing within program structures and indeterminacies in communication characteristics between programs in a distributed computing environment. We show how several well known static analysis tools can be used for reverse engineering obfuscating transforms that derive resilience from computationally hard problems. In particular, we restrict ourselves to one common and potent static analysis tool, the static slicer, and use it as our attack tool. We show the use of derived software engineering metrics to indicate the degree of success or failure of a slicer attack on a piece of obfuscated code. We address the issue of proving correctness of obfuscating transforms by adapting existing proof techniques for functional program refinement and communicating sequential processes. The results of this thesis could be used for future work in two ways: first, future researchers may extend our proposed techniques to design obfuscations using a wider range of dependencies that exist between dynamic program structures. Our restricted attack model using one static analysis tool can also be relaxed and obfuscations capable of withstanding a broader class of static and dynamic analysis attacks could be developed based on the same principles. Secondly, our obfuscatory strength evaluation techniques could guide anti-malware researchers in the development of tools to detect obfuscated strains of polymorphic viruses.
Whole document restricted, but available by request, use the feedback form to request access.

碩士
國立高雄應用科技大學
模具系碩士在職專班
101
Near Field Communication Technique is a short-distance wireless technology, and achieves date intercommunication in a very short distance. NFC device replaces the current smartphone code-interception through photographic lens, and allows users to use NFC tag scanning to obtain regional information, internet connection, discount information, software and music downloading, etc. In some countries, in order to improve the life convenience, smartphone which built-in NFC device is used directly as an electronic wallet. This study investigated the NFC for future research and development direction of information security, and compared the patent systems between Taiwan and other countries in the world. This research studied the datebases of Taiwan intellectual office patnet(TIPO), United States Patent and Trademark Office(USPTO), European Patent office(EPO), and Patent Abstracts of Japan(PAJ) to analyze the related patents of NFC technique and produce patent map and patnet analysis. This research contains many charts of patent date, including analysis from quantity of historic patents, countries, companies, IPC, patent life cycle, technology matrix, etc. This research results and the patent technique charts can be used to analyze the trend of NFC.

碩士
國立臺灣大學
商學研究所
94
PRC has built up a modern troop which is using hacker measures as a weapon to invade each level of government units in order to steal conferential data in recent years, and it has endangered the overall national security. Therefore, this research was focus on information status quo of Taiwan government in depth which including “invading path”, “assaulting model” and “security strategy”, in order to clear up usual patterns that hackers are using as a path to break into specific information system，and help to find out adaptive protection strategy for information system. This research has taken 561 sample sizes from units of ROC government as a target, and adopted field study method to test three hypotheses. It has been found that “assaulting model” and “security strategy” were both of significance with “invading path” factor. We hence have concluded two results：First, the different types of invading path that hackers adopted will effect on assaulting manners, it means that hacker assaulting manners are varied depending on invading path. Second, the higher information security grades of the information system, the lesser opportunity the information system being invaded. Results of this study can be referenced to build up protection strategy and counter measure for the information security, and hope it can be of help to the step-searcher.

Field area networks are rapidly expanding to include a wide range of applications. Intelligent nodes on the network will be installed in a small to medium geographical area to monitor and control processes. Such nodes are generally connected to a centralized gateway used by a service provider to monitor and control various applications. The growth in popularity of ubiquitous computing requires the use of embedded network processors in everyday objects. Even though the idea of interaction between the digital devices around us could bring a great deal of convenience it also introduces great risks. Therefore such applications would not only require measurement, control and communication functionality but also a high level of security. Smart cards offer a simple, inexpensive method of incorporating a cryptographic processor into an embedded system that will allow for the implementation of security services. A field area network has resource limitations that influence security service implementation, such as low bandwidth, limited processing power, limited storage capacity and limited communication protocols. This dissertation discussed the implementation of a security policy for embedded field area networks used in distributed real-time applications, using smart card technology. The primary objective is to formulate a policy that can be implemented to secure a field area network. The secondary objective is to determine whether this policy can be implemented using mechanisms provided by smart card technology, while maintaining reasonable system performance. It states the approach taken to finding a viable solution to the problem defined above. A comprehensive literature study provides background on relevant technology and possible solutions. In a system overview the system’s boundaries and functional requirements are defined. The implementation section outlines possible solutions and describes how these can be implemented. Evaluation, verification and quantification of the performance of the proposed system are performed according to the experimental procedures described. The results obtained are documented and discussed. In the conclusion the proposed solution and the findings from the results are placed in context. Future topics of research in this field are suggested.
Dissertation (MSc)--University of Pretoria, 2006.
Computer Science
unrestricted

碩士
銘傳大學
資訊管理學系碩士在職專班
97
The topic that it is with safe interest to write letters in recent years has already been paid attention to by enterprises gradually, enterprises are devoted to the setting-up of the management system of the information safety while organizing and push, hope to set up the culture of information safety while organizing. But keep pouring in to the incident of information safety, although enterprises make great efforts on information is promoted safely, but still the topic of staying technically, lie in in cognition of information safetying after neglecting the foundation set up of the management system of the information safety, if can''t get the staff''s approval, will cause the effect to be non- good, even cause the staff''s rebounding, and derive the production of various conflicts. This research goes on with the law of case study, promote the management system of the information safety to carry on research to the case company, probe into the conflict and promote roles under different departments type, safe and cognitive influence as to information. The result of study reveals, under different departments type, it will be different that the conflict influences the cognition of information safety. Will not have too many opinions on law and norm that the company make because of the colleague when the unit colleague is from the on-line unit, all stipulate that carry out in accordance with the company, so the probability of having task contradiction law and norm is relatively low. But because the colleagues only care that influence it one''s own homework, hit organizing with information safely as to the cognition of information safety, systematic interconnection with information share, risk management, management control, systematic lifespan chain of command understand intensity to be insufficient to cause, shoulder to influence. And because colleagues have less contact time on ordinary days, while having relation contradiction, will belong to and avoid responsibility, not understand the functions and powers of the pusher of information safety, take precautions against practice and procedure that incident happen in company, return on unit information safety pusher this question responsibility, unfavorable to information safety cognition organize with information safe piece taking shape, shouldering to influence with systematic lifespan chain of command and technological chain of command; In in charge of in the unitting, because working the environmental factor must deal with the incident happening suddenly at any time, regard finishing in task as the direction, will often neglect or simplify the procedure, though pusher of information safety mentions one and is in charge of accusing of personnel''s really observing, but the order which faces the executive can only be acted in accordance with, so the loophole causing the money and fitting, unfavorable to information safety cognition manage chain of command and systematic lifespan control mask shoulder to influence. When the unit colleague belongs to the office unit, facilitate the cognition of information safety to hit and organize with information safely while having task contradiction, until information share, risk management, management control, systematic lifespan chain of command,etc. have positive relation of influencing systematic interconnection. Have relation contradiction, familiar with each other and mutual understanding, work relatively clear promoting, will discuss, propose each other idea each other, so relation conflict cognition of information security organize with information safe piece and systematic lifespan chain of command producing to influence. While having procedure contradiction, while making the operation procedure, the pusher of information safety, with the unit colleague besides one''s own business, still need to be responsible for the demand that the on-line colleague puts forward, simplifies some procedures and is in charge of accusing of for prescroption sometimes, so procedure conflict unfavorable to, promote course information safety cognition systematic interconnection with information share surface, sensitiveness, management control Taxi influence. But help to organize and control Taxi influence with safe one of information and homework; In in charge of in the unitting, it will make duty of everybody, and working content its pay training that there should be, tell the project that colleagues are in charge of accusing of and responsibility that should be shouldered, offer the abundant right the pusher of information safety, require it to shoulder duty supervised, pass interdynamic and exchange each other''s homework, help information safety manage chain of command and systematic lifespan control mask to influence in the cognition.

Дисертацію присвячено обґрунтуванню теоретичних та методологічних засад, розробці науково-практичних рекомендацій щодо електронного забезпечення сфери здійснення державних закупівель в Україні. Досліджено еволюцію наукових поглядів на концептуальні засади електронного забезпечення сфери здійснення державних закупівель. Визначено особливості системи державного регулювання інформаційного забезпечення сфери здійснення державних закупівель в Україні. Обґрунтовано застосування методичних підходів до електронного забезпечення сфери здійснення державних закупівель. Проаналізовано вітчизняний та зарубіжний досвід державного регулювання сфери здійснення державних закупівель. Здійснено декомпозицію нормативно-правових та організаційно-економічних механізмів регулювання державної закупівельної діяльності в Україні. Діагностовано стан інформаційного забезпечення сфери здійснення державних закупівель. Визначено параметри формування єдиної електронної системи моніторингу всіх стадій здійснення державного замовлення в Україні. Обґрунтовано шляхи удосконалення системи та структури механізму державних закупівель. Розроблено цілісну концепцію та стратегічні підходи до електронного забезпечення сфери здійснення державних закупівель. Поглиблено принципи державного регулювання сфери здійснення державних закупівель на засадах електронного забезпечення. Розроблено ефективний інструментарій електронного забезпечення сфери здійснення державних закупівель.
Диссертация посвящена обоснованию теоретических и методологических основ, разработке научно-практических рекомендаций по электронному обеспечению сферы осуществления государственных закупок. Сфера осуществления государственных закупок является одной из важнейших компонентов финансово-бюджетной системы любой страны мира. Обосновано, что в условиях рыночной экономики, государство не обладает более эффективным и действенным инструментарием регулирования, который способен сбалансировать интересы всех экономических субъектов, чем система осуществления государственных закупок, поэтому постановка задач электронного обеспечения сферы осуществления государственных закупок вызвана тенденциями информатизации мировой экономики. Выявлено, что существующая стратегия управления государственными финансами имеет вектор на гармонизацию нормативно-правового обеспечения сферы осуществления государственных закупок Украины со стандартами Европейского союза (далее ЕС). Таким образом, главной тенденцией развития системы осуществления государственных закупок Украины, является задекларированные властью намерения интегрировать в отечественную систему государственных закупок европейские принципы и традиции, гармонизировать нормативно-правовую базу, синхронизируя отечественную государственную закупочную деятельность с нормами ЕС. Предложен усовершенствованный научно-методический и практический подход к определению критериев оценки готовности регионов Украины к процессу интеграции системы государственных электронных торгов в рыночную и организационно-правовую систему регионов. Обоснована концепция создания механизма сферы осуществления государственных закупок, основанная на принципе формирования целостного функционального цикла, который включает в себя все этапы государственной закупочной деятельности, на базе их электронного обеспечения. Суть концепции состоит в том, чтобы процессы, происходящие в сфере осуществления государственных закупок, трансформировались в единый цикл, начиная от этапа долгосрочного планирования государственных нужд, заканчивая мониторингом надлежащего исполнения условий государственного контракта.
The thesis is devoted to substantiation of theoretical and methodological foundations, developing scientific recommendations for capacity on electronic public procurement in Ukraine. The evolution of scientific views on the conceptual foundations of capacity on electronic public procurement. The features of the market regulatory information capacity on public procurement in Ukraine. Application of methodological approaches to capacity on electronic public procurement. Analyzed national and international experience of state regulation of public procurement. Done decomposition legal and organizational-economic mechanisms of public procurement in Ukraine. Diagnosed condition information capacity on public procurement. The parameters of the formation of a single electronic system for monitoring all stages of procurement in Ukraine. The ways of improving the system structure and mechanism of public procurement. Developed a holistic concept and strategic approaches to capacity on electronic public procurement. Profound principles of state regulation of public procurement on the basis of electronic security. The effective electronic tools capacity on public procurement.