Dissertations / Theses on the topic 'Private attribute'

As marcas de distribuidor têm vindo a evoluir nos últimos anos, sobretudo no sector alimentar, sendo um dos pilares do marketing-mix dos distribuidores, atingindo uma quota de mercado de aproximadamente 12 % em Portugal em 2005. O objetivo deste trabalho centra-se na caracterização dos consumidores de marcas de distribuidor, nas razões que os podem levar a adquirirem produtos alimentares com marca de distribuidor e quais as categorias destes produtos alimentares mais preferidas pelos consumidores. Para responder aos objetivos recorreu-se a um estudo, onde foi utilizado o questionário como instrumento de recolha de dados primários. Os dados foram analisados mediante estatísticas variadas, desde medidas de localização a análise de clusters e fatorial. Concluiu-se que a maior parte dos inquiridos são consumidores de marcas de distribuidor e consideram como razões mais importantes para efetuarem compras de produtos com a marca de distribuidor a qualidade e o preço. As categorias de produtos alimentares com maior frequência de compra, são a mercearia grossa e o OPLS (Outros Produtos de Livre Serviço). /ABSTRACT - Private labels have been evoluting from the past years, mostly in the food sector, being one of the pillars of the distributor marketing-mix, reaching a share of, more or less, 12% in Portugal in 2005. The main purpose of this assignment is the characterization of private labels consumers, the reasons that can lead them to acquire private labels food products and which are the categories of food products that are preferred by consumers. To answer to these aims I've done a study using a questionnaire as an instrument of primary data assembles. Data have been analyzed according to various statistic analyses, since locations measures to clusters and factorial analyses. It can be concluded that most of the inquired people in this questionnaire are private labels consumers. They consider quality and price as the most important factors in order to buy private label products in food sectors. Food categories with bigger frequency of purchase are grocery and OPLS.

Les réseaux sociaux contiennent de nombreuses informations personnelles telles que le genre, l'âge ou le statut d'une relation. Leur popularité et leur importance en font des cibles privilégiés pour des activités malveillantes menaçant la vie privée des utilisateurs. Les paramètres de sécurité disponibles sur les réseaux sociaux n'empêchent pas les attaques par inférence d'attribut, qui consistent pour l'attaquant à obtenir des données privées (comme le genre) à partir d'informations publiques. La divulgation d'une information personnelle peut avoir des conséquences négatives comme devenir la cible de spams, de harcèlements, ou se faire cloner son profil. Les techniques d'inférence les plus connues s'appuient soit sur l'analyse du comportement de l'utilisateur cible à travers ses préférences (e.g., likes) et ses groupes, soit sur ses listes d'amis. Cependant, en pratique, les informations disponibles pour ces attaques sont souvent limitées car beaucoup d'utilisateurs ont pris conscience des menaces et préfèrent protéger leurs données. Pour que les usagers des réseaux sociaux comprennent mieux les risques encourus par leur vie privée, dans cette thèse nous introduisons une nouvelle classe d'attaques par inférence sur les attributs de ces usagers. Nous montrons que ces attaques nécessitent très peu d'information. Elles s'appliquent même à des usagers qui protègent les éléments de leur profil ainsi que leurs commentaires. La méthode que nous proposons consiste à analyser les métadatas d'une image publiée sur Facebook, à savoir i) les tags engendrés par Facebook pour décrire les images (e.g., pour les usagers malvoyants), et ii) les commentaires sous formes textuelle ou d'émojis déposés sous l'image. Nous montrons comment réaliser ces attaques sur un utilisateur de Facebook en i) appliquant une technique de retrofitting pour traiter le vocabulaire rencontré en ligne et qui ne figurait pas dans la base d'apprentissage et ii) en calculant plusieurs plongements pour les unités textuelles (e.g., mot, emoji) chacun dépendant d'une valeur spécifique d'un attribut. Finalement nous proposons ProPic, un mécanisme de protection qui sélectionne de manière rapide des commentaires à cacher toute en minimisant la perte d'utilité, définie par une mesure sémantique. Le système permet aux utilisateurs de vérifier s'ils sont vulnérables à des attaques par inférence et, le cas échéant de suggérer les commentaires à cacher pour prévenir ces attaques. Nous avons pu vérifier l'efficacité de l'approche par des expérimentations sur des données réelles
Online Social Networks (OSN) are full of personal information such as gender, age, relationship status. The popularity and growth of OSN have rendered their platforms vulnerable to malicious activities and increased user privacy concerns. The privacy settings available in OSN do not prevent users from attribute inference attacks where an attacker seeks to illegitimately obtain their personal attributes (such as the gender attribute) from publicly available information. Disclosure of personal information can have serious outcomes such as personal spam, bullying, profile cloning for malicious activities, or sexual harassment. Existing inference techniques are either based on the target user behavior analysis through their liked pages and group memberships or based on the target user friend list. However, in real cases, the amount of available information to an attacker is small since users have realized the vulnerability of standard attribute inference attacks and concealed their generated information. To increase awareness of OSN users about threats to their privacy, in this thesis, we introduce a new class of attribute inference attacks against OSN users. We show the feasibility of these attacks from a very limited amount of data. They are applicable even when users hide all their profile information and their own comments. Our proposed methodology is to analyze Facebook picture metadata, namely (i) alt-text generated by Facebook to describe picture contents, and (ii) commenters’ words and emojis preferences while commenting underneath the picture, to infer sensitive attributes of the picture owner. We show how to launch these inference attacks on any Facebook user by i) handling online newly discovered vocabulary using a retrofitting process to enrich a core vocabulary that was built during offline training and ii) computing several embeddings for textual units (e.g., word, emoji), each one depending on a specific attribute value. Finally, we introduce ProPic, a protection mechanism that selects comments to be hidden in a computationally efficient way while minimizing utility loss according to a semantic measure. The proposed mechanism can help end-users to check their vulnerability to inference attacks and suggests comments to be hidden in order to mitigate the attacks. We have determined the success of the attacks and the protection mechanism by experiments on real data

The present thesis examines the relationship between contract, on the one hand, and publicity and privacy rights, on the other hand. The possibility to dispose of publicity rights – which, in the Italian system, are not easily separated from privacy rights – by means of contract is traditionally denied, due to the alleged inalienability of such rights. The first part of this work therefore analyses the meaning of inalienability, aiming to investigate the reasons underlying the traditional doctrine, and concludes that, in the modern economy, there are no solid grounds on which to reject the possibility to dispose of one's publicity rights. The thesis then examines the different kinds of contracts in question, which range from merchandising to film-making agreements, from endorsement contracts to agreements aimed to authorize the processing of personal data. The regulation of such contracts - which is not explicitly provided for by the legislator – must take into account the need to protect the person in the disposition of rights which are strongly connected to her personality. For this purpose, these agreements are subject to strict interpretation and the person must be granted the right to recede from the contract in certain qualified circumstances. The thesis therefore analyses such regulation and focuses, more specifically, on the consequences on our subject matter of the legislation on personal data.

"Personal health record (PHR) service is an emerging model for health information exchange. It allows patients to create, manage, control and share their health information with other users as well as healthcare providers. In reality, a PHR service is likely to be hosted by third-party cloud service providers in order to enhance its interoperability. However, there have been serious privacy concerns about outsourcing PHR data to cloud servers, not only because cloud providers are generally not covered entities under HIPAA, but also due to an increasing number of cloud data breach incidents happened in recent years. In this thesis, we propose a privacy-preserving PHR system using attribute-based encryption (ABE). In this system, patients can encrypt their PHRs and store them on semi-trusted cloud servers such that servers do not have access to sensitive PHR contexts. Meanwhile patients maintain full control over access to their PHR files, by assigning fine-grained, attribute-based access privileges to selected data users, while different users can have access to different parts of their PHR. Our system also provides extra features such as populating PHR from professional electronic health record (EHR) using ABE. In order to evaluate our proposal, we create a Linux library that implement primitive of key-policy attribute-based encryption (KP-ABE) algorithms. We also build a PHR application based on Indivo PCHR system that allow doctors to encrypt and submit their prescription and diagnostic note to PHR servers using KP-ABE. We evaluate the performance efficiency of different ABE schemes as well as the data query time of Indivo PCHR system when PHR data are encrypted under ABE scheme."

Cloud Computing today, is an evolving technology which features large Data Storage and ready-to-access from any device. The Healthcare Industry stores large Databases of patient’s records, considering the advantages of Cloud Computing it is looking forward to moving on from the traditional, proprietary Database Management Model into an Open Source Cloud DBMS Model. To complete this transition, it is of primary importance to provide Privacy and Security for Electronic Medical Record / Electronic Health Record. There are several kinds of research being done on how to mitigate these privacy issues using algorithms like Attribute Based Encryption and Identity-Based Encryption. In this study, we compare the performance of these two attribute based encryption methods. This thesis compares the performance of the state-of-the-art Attribute Based Encryption Schemas for Electronic Medical Record / Electronic Health Record Systems. Performance evaluation is conducted in local and cloud environments. A Literature Review has been performed to identify the existing Cloud-based Electronic Health Record Systems which uses the attribute based encryption as a mechanism to mitigate the privacy issues and realization in Cloud. Two algorithms have been selected by performing snowballing from the IEEE Research Articles. Experimentation was performed on the two algorithms in a local machine and on Amazon Web Services Cloud Platform to compare the performance. Verification of performance in each stage of the execution of the algorithms, in both local machine and Cloud environment, was done.

Thesis (Ed.D.)--Boston University
PLEASE NOTE: Boston University Libraries did not receive an Authorization To Manage form for this thesis or dissertation. It is therefore not openly accessible, though it may be available by request. If you are the author or principal advisor of this work and would like to request open access for it, please contact us at open-help@bu.edu. Thank you.
Today, the demand for higher education is growing at a rapid rate in many developing countries throughout the world. Unfortunately, many governments have realized that their public higher education systems are unable to satisfy this demand. Under this condition and strong encouragement from international donors, private higher education has begun to emerge. Sri Lanka is an example where private higher education surfaced in response to a need from its society. However, private higher education remains a foreign and elusive concept for many Sri Lankans. This study seeks to determine what are the perceptions and attributes that influence pupils and students in Sri Lanka regarding their selection between public and private higher education opportunities. This study, using traditional push-pull theory, utilized a research design that combined both quantitative and qualitative research methods. The design focused on the pupil, student, teacher, and administrator populations in Colombo, Sri Lanka. Questionnaire surveys and interviews were administered. The data produced consisted of quantitative data from the questionnaire surveys and qualitative data from the interviews, all of which were analyzed for common themes. The study concluded that the major themes of the responses included the cost of higher education, quality of higher education, recognition of higher education, and the environment within higher education institutions. Further, the study also discovered several minor themes that played a role for some pupils and students. These included the medium of instruction and the issue of social class in higher education. The recommendations proposed include a need to provide pupils with loans to pursue higher education, to increase awareness of private higher education, to establish smaller private community colleges in rural areas of Sri Lanka and to provide more interaction between public and private higher education.
2031-01-01

Cette thèse vise à comprendre le risque de fuite d’informations personnelles sur un réseau social. Nous étudions les violations potentielles de la vie privée, concevons des attaques, prouvons leur faisabilité et analysons leur précision. Cette approche nous aide à identifier l’origine des menaces et constitue un premier pas vers la conception de contre-mesures efficaces. Nous avons d’abord introduit une mesure de sensibilité des sujets à travers une enquête par questionnaire. Puis, nous avons conçu des attaques de divulgation (avec certitude) des liens d’amitié et des liens d’appartenance aux groupes sur “Facebook”. Ces attaques permettent de découvrir le réseau local d’une cible en utilisant uniquement des requêtes légitimes. Nous avons également conçu une technique d’échantillonnage pour collecter rapidement des données utiles autour d’une cible. Les données collectées sont ensuite représentées par des graphes et utilisées pour effectuer des inférences d’attributs (avec incertitude). Pour augmenter la précision des attaques, nous avons conçu des algorithmes de nettoyage. Ces algorithmes quantifient la corrélation entre les sujets, sélectionnent les plus pertinents et permettent de gérer la rareté (sparsity) des données. Enfin, nous avons utilisé un réseau de neurones pour classer les données et déduire les valeurs secrètes d’un attribut sensible d’une cible donnée avec une précision élevée mesurée par AUC sur des données réelles. Les algorithmes proposés dans ce travail sont inclus dans un système appelé SONSAI qui aide les utilisateurs finaux à contrôler la collecte d’informations sur leur vie privée
In this thesis we shed the light on the danger of privacy leakage on social network. We investigate privacy breaches, design attacks, show their feasibility and study their accuracies. This approach helps us to track the origin of threats and is a first step toward designing effective countermeasures. We have first introduced a subject sensitivity measure through a questionnaire survey. Then, we have designed on-line friendship and group membership link disclosure (with certainty) attacks on the largest social network “Facebook”. These attacks successfully uncover the local network of a target using only legitimate queries. We have also designed sampling techniques to rapidly collect useful data around a target. The collected data are represented by social-attribute networks and used to perform attribute inference (with uncertainty) attacks. To increase the accuracy of attacks, we have designed cleansing algorithms. These algorithms quantify the correlation between subjects, select the most relevant ones and combat data sparsity. Finally, we have used a shallow neural network to classify the data and infer the secret values of a sensitive attribute of a given target with high accuracy measured by AUC on real datasets. The proposed algorithms in this work are included in a system called SONSAI that can help end users analyzing their local network to take the hand over their privacy

Made available in DSpace on 2016-04-28T20:19:15Z (GMT). No. of bitstreams: 1 2006-Paulo Roberto Nascimento Meira Vasconcellos.pdf: 1413172 bytes, checksum: 5ff61766dea9829714eab7042d67a796 (MD5) Previous issue date: 2006-08-30
This study is based on a research aiming to verify the most relevant skills and attitudes for the composition of the professional profile of the managers of private institution of superior education. The methodology of exploratory study was adopted in this work, in order to contributes for academic literature, because it deepens a subject associated with abilities and business management. Nowadays, these subjects are highlighted because they help verifying the attributes that are perceived as important to compose the profile of the academics managers, aiming better performing their managerial functions. For the accomplishment of the present study, the data were collected by a questionnaire, which had been answered by professionals who work in a private institution of superior education located in the city of Rio de Janeiro, during the months of November of 2005 and January of 2006. The idea of competencies, more specifically centered in two of its components, the abilities and the attitudes, was evidenced according to the views of the interviews. The results observed in the present research point those attributes that had been considered as relevant. The abilities of communication, negotiation, creativity, logic and relationship; and the attitudes of responsibility, honesty, balance, ethics and disciplines are the attributes that have been most pointed out in this research.
Este trabalho realiza uma investiga??o com a finalidade de verificar as habilidades e atitudes relevantes para a composi??o do perfil profissional dos gestores de institui??o de ensino superior de car?ter privado. Empregando a metodologia do estudo explorat?rio, este trabalho contribui para a literatura acad?mica, por aprofundar um tema ligado ? compet?ncia e ? gest?o, ao verificar os atributos que s?o percebidos como importantes, por parte de diretores, coordenadores e professores, para compor o perfil dos gestores, visando o exerc?cio de suas fun??es. Para a consecu??o do presente estudo, optou-se pela confec??o de um question?rio, que foi respondido por profissionais pertencentes a uma institui??o de ensino superior de car?ter privado. A pesquisa foi levada a efeito entre os meses de novembro de 2005 e janeiro de 2006. A no??o de compet?ncia, mais especificamente centrada em dois de seus componentes, as habilidades e as atitudes, teve suas relev?ncias evidenciadas segundo a percep??o dos entrevistados. Os resultados alcan?ados na presente pesquisa apontam aqueles atributos que, de acordo com a percep??o dos entrevistados, foram considerados como relevantes. Dentre esses atributos foram evidenciadas, dentre outras, as habilidades de comunica??o, negocia??o, criatividade, l?gica e conviv?ncia, e as atitudes de responsabilidade, honestidade, equil?brio, ?tica e disciplina.

Mestrado em Marketing
O crescimento global das marcas de distribuidor veio transformar e dinamizar a distribuição moderna. Estas marcas vieram intensificar o espaço concorrencial, além de possibilitarem a construção de uma vantagem valiosa para os distribuidores. A aposta nestas marcas tem vindo a expandir-se em diversas categorias de produtos, no entanto algumas delas revelam maiores dificuldades de penetração. Um desses exemplos é a categoria de beleza e cuidados pessoais, que é fortemente dominada pelas marcas de fabricante. Este estudo pretende investigar e compreender os fatores antecedentes de compra de produtos de marca de distribuidor na categoria de beleza e cuidados pessoais. São abordados os antecedentes: familiaridade, espaço de linear, atributos extrínsecos e risco percebido e o seu impacto na decisão de compra. Foi adotada uma abordagem qualitativa com recurso a entrevistas semiestruturadas em profundidade.
The global growth of private brands has transformed and energized modern distribution. These brands have intensified the competitive space, also enabling the development of competitive advantage for distributors. The investment in these brands has been expanding in several product categories, however some of them reveal bigger difficulties in penetration. One example is the beauty and personal care category, which is heavily dominated by national brands. This study aims to investigate and understand the antecedents of private label products purchase in the beauty and personal care category. The following antecedents will be addressed: familiarity, shelf space, extrinsic attributes and perceived risk and their impact on the purchase decision. A qualitative analysis will be carried out using in-depth interviews.
info:eu-repo/semantics/publishedVersion

Cette thèse vise à comprendre le risque de fuite d’informations personnelles sur un réseau social. Nous étudions les violations potentielles de la vie privée, concevons des attaques, prouvons leur faisabilité et analysons leur précision. Cette approche nous aide à identifier l’origine des menaces et constitue un premier pas vers la conception de contre-mesures efficaces. Nous avons d’abord introduit une mesure de sensibilité des sujets à travers une enquête par questionnaire. Puis, nous avons conçu des attaques de divulgation (avec certitude) des liens d’amitié et des liens d’appartenance aux groupes sur “Facebook”. Ces attaques permettent de découvrir le réseau local d’une cible en utilisant uniquement des requêtes légitimes. Nous avons également conçu une technique d’échantillonnage pour collecter rapidement des données utiles autour d’une cible. Les données collectées sont ensuite représentées par des graphes et utilisées pour effectuer des inférences d’attributs (avec incertitude). Pour augmenter la précision des attaques, nous avons conçu des algorithmes de nettoyage. Ces algorithmes quantifient la corrélation entre les sujets, sélectionnent les plus pertinents et permettent de gérer la rareté (sparsity) des données. Enfin, nous avons utilisé un réseau de neurones pour classer les données et déduire les valeurs secrètes d’un attribut sensible d’une cible donnée avec une précision élevée mesurée par AUC sur des données réelles. Les algorithmes proposés dans ce travail sont inclus dans un système appelé SONSAI qui aide les utilisateurs finaux à contrôler la collecte d’informations sur leur vie privée
In this thesis we shed the light on the danger of privacy leakage on social network. We investigate privacy breaches, design attacks, show their feasibility and study their accuracies. This approach helps us to track the origin of threats and is a first step toward designing effective countermeasures. We have first introduced a subject sensitivity measure through a questionnaire survey. Then, we have designed on-line friendship and group membership link disclosure (with certainty) attacks on the largest social network “Facebook”. These attacks successfully uncover the local network of a target using only legitimate queries. We have also designed sampling techniques to rapidly collect useful data around a target. The collected data are represented by social-attribute networks and used to perform attribute inference (with uncertainty) attacks. To increase the accuracy of attacks, we have designed cleansing algorithms. These algorithms quantify the correlation between subjects, select the most relevant ones and combat data sparsity. Finally, we have used a shallow neural network to classify the data and infer the secret values of a sensitive attribute of a given target with high accuracy measured by AUC on real datasets. The proposed algorithms in this work are included in a system called SONSAI that can help end users analyzing their local network to take the hand over their privacy

When sharing data across multiple sites, service applications should not be trusted automatically. Services that are suspected of faulty, erroneous, or malicious behaviors, or that run on systems that may be compromised, should not be able to gain access to protected data or entrusted with the same data access rights as others. This thesis proposes a context flow model that controls the information flow in a distributed system. Each service application along with its surrounding context in a distributed system is treated as a controllable principal. This thesis defines a trust-based access control model that controls the information exchange between these principals. An online monitoring framework is used to evaluate the trustworthiness of the service applications and the underlining systems. An external communication interception runtime framework enforces trust-based access control transparently for the entire system.

Submitted by Nadir Basilio (nadirsb@uninove.br) on 2017-04-05T15:15:14Z No. of bitstreams: 1 Antonio Marcos Vivan.pdf: 2697267 bytes, checksum: 298b43b52360cb2bd563fb52df4e3c39 (MD5)
Made available in DSpace on 2017-04-05T15:15:14Z (GMT). No. of bitstreams: 1 Antonio Marcos Vivan.pdf: 2697267 bytes, checksum: 298b43b52360cb2bd563fb52df4e3c39 (MD5) Previous issue date: 2016-04-07
The attractiveness of Higher Education Institutes (HEIs), especially private HEIs, has been infrequently referenced in bibliographical studies from 1926 to 2015. In fact, this study searched in the bibliography of the main bases of international publications, and found the nonexistence of research that binds attribute value to institutional attractiveness. Therefore, this work focuses on the relationship between the attributes of value and the tangible and intangible aspects for the construction of the attractiveness of private HEIs in Brazil. This was completed by validating a theoretical model, submitted to educational managers. 2376 private Brazilian HEIs, and non-profits, registered in MEC (Ministry of Education and Culture), were contacted, which resulted in obtaining 108 validated questionnaires responses. We tested two research models using multivariate analysis and modeling of structural equations. One of them, defined as linear, advocates a positive and significant relationship between tangible and intangible attributes, in that order, and considers the tangible attributes are responsible for these intangible attributes and the construction of institutional attractiveness. The other model, called competitor, considers that the tangible and intangible attributes are autonomous and simultaneously build the institutional attractiveness. The main results indicate that both the linear model and the competitor were validated. The linear model explained 64% of the existing variance in the dependent variable (attractiveness). The competing model, however, explained 81% of variance and after convergent and discriminant validity, this same model still had the ability to explain 79% of the variance observed in the dependent variable. The results also indicate that, among the 34 attributes of value surveyed, some stood out as the other grounds of possible strategies of attractiveness. It can be concluded that first, institutional attractiveness is built through attributes of tangible and intangible value. Second, the competing model of construction of attractiveness is more robust than the linear model for the explanation as the most effective format for construction of institutional attractiveness. Third, depending on the momentum of HEI it is possible to determine the best combination of routes of the attributes of value; so that it can build strategies that increase its institutional attractiveness. Finally, the models open a new frontier in the knowledge of the management of IES, for the expansion of knowledge and methodologies of institutional management of Higher Education Institutions.
A atratividade de Instituições de Ensino Superior (IES), em especial de IES privadas, tem sido apontada vagamente em estudos bibliográficos realizados no período de 1996 a 2015. Efetivamente, comprovou-se, neste estudo, prospectado na bibliografia das principais bases de publicações internacionais, a inexistência de pesquisas que ligassem atributos de valor à atratividade institucional. Assim, o presente trabalho foca a relação entre os atributos de valor, tangíveis e intangíveis, para a construção da atratividade de IES privadas no Brasil, por meio da validação de um modelo teórico, submetido à apreciação de gestores educacionais. Para tanto, foram contatadas 2376 IES privadas brasileiras, com e sem fins lucrativos, com cadastro regularizado no MEC, das quais se obtiveram respostas para 108 questionários validados. Foram testados dois modelos na pesquisa, utilizando-se análise multivariada e modelagem de equações estruturais. Um dos modelos, definido como linear, preconiza uma relação positiva e significante entre atributos tangíveis e atributos intangíveis, nesta ordem, considerando que os atributos tangíveis são responsáveis pelos atributos intangíveis e estes pela construção da atratividade institucional. O outro modelo, chamado concorrente, considera que os atributos tangíveis e intangíveis, autônoma e simultaneamente, constroem a atratividade institucional. Os principais resultados indicaram que tanto o modelo linear quanto o concorrente foram validados. O modelo linear explicou 64% da variância existente na variável dependente (atratividade). O modelo concorrente, no entanto, explicou 81% da variância e, após validação convergente e discriminante, ainda apresentou poder de explicação de 79% da variância observada na variável dependente. Os resultados indicaram ainda que, dentre os 34 atributos de valor pesquisados, alguns se sobressaíram aos demais, como fundamento de possíveis estratégias de atratividade. Pode-se concluir, portanto, que, em primeiro lugar, de fato, a atratividade institucional é construída por meio de atributos de valor tangíveis e intangíveis. Em segundo lugar, o modelo concorrente de construção da atratividade apresenta maior robustez do que o modelo linear, para a explicação do formato mais eficaz de construção da atratividade institucional. Em terceiro lugar, dependendo do momentum da IES, é possível determinar as melhores rotas de combinação dos atributos de valor, para que ela possa construir estratégias que proporcionem o aumento da sua atratividade institucional. Por fim, dado o seu caráter amplamente generalizante, a validação dos modelos de atratividade institucional abre uma nova fronteira no conhecimento da gestão de IES, para a expansão do conhecimento e metodologias de gestão institucional de instituições de ensino superior.

The Internet of Things (IoT) paradigm is gradually populating the world with billions of interconnected smart devices, which are rapidly spreading in different domains. These devices range from tiny wearables to larger interconnected industrial devices, and are used for very different purposes, e.g., building automation, physical access control, or healthcare. As IoT is penetrating in every domain of our life, and in particular in safety and privacy critical domains such as automotive or healthcare, security and privacy become extremely important concerns. This dissertation analyzes emerging security and privacy challenges in different IoT services, and presents targeted solutions to mitigate potential threats. The content of this thesis is composed of three main parts: (1) an introduction of the Attribute-Based Encryption (ABE) cryptographic tool, and an assessment of its performance on IoT devices; (2) the design of secure management solution services for large scale IoT deployments; and (3) the design of privacy-enhanced IoT services. The first part of this dissertation provides an introduction of ABE, and presents a comprehensive evaluation of its performance on popular low cost IoT-enabling boards. ABE is a novel and expressive cryptographic tool that allows a data owner to (cryptographically) enforce access control on a piece of data, specifying the required attributes to decrypt it. Thanks to its high-level and expressive set of functionalities, ABE has been used in several security enhancing IoT services in the literature, as well as in two solutions we later present in this thesis. Our evaluation aims at providing researchers and practitioners with a tool to estimate costs and trade-offs of using ABE in novel IoT solutions. The second part of this dissertation focuses on secure device management, and in particular looks at two fundamental management sub-tasks: software updates distribution for IoT devices, and software integrity assessment of large scale IoT deployments. We consider a scenario where a management entity communicates with a network of IoT devices through a (potentially untrusted) intermediate distribution infrastructure; such infrastructure provides in-network data aggregation and caching, to facilitate data collection (many-to-one) and distribution (one-to-many). In the realistic case where this intermediate infrastructure can be compromised, providing scalable and secure management becomes a challenging task: the management entity cannot rely on the intermediate network to correctly aggregate the data it collects; or to respect the confidentiality and integrity of the transmitted data. For this reason, we present our protocol for one-to-many software updates distribution, which provides both updates end-to-end integrity and confidentiality using ABE as a building block. We describe our design on top of the Named-Data Networking protocol, a data-centric network protocol that provides request aggregation and pervasive caching at the network level. Then, we present our secure collective attestation protocol, which allows to securely collect and aggregate attestation proofs from end devices, this way reducing the complexity of the assessment at the management server side, even in presence of an untrusted aggregation network. The third and final part of this dissertation presents privacy-enhancing solutions for three relevant IoT scenarios: Location-Based Services (LBS), Advanced Metering Infrastructure (AMI), and decentralized multi-agent systems. In a LBS, mobile users share their location with a LBS Provider (LBSP) in order to obtain location information, such as the position of the closest hospital, movie theater, etc. In this scenario, users' privacy may be at risk--LBSP can track or identify users based on their location. We present a collaborative solution for mobile users that guarantees users' anonymity in LBS, and that gives users flexibility in selecting the desired anonymity degree. Another privacy sensitive domain is AMI, an infrastructure in modern Smart Grids that allows a management entity to collect fine-grained measurements from Smart Meter devices. Unfortunately, metering data collection in an AMI may turn into a privacy nightmare for users: researchers showed how the detailed energy consumption data from private houses (collected by smart energy meters) can reveal privacy sensitive information, such as user physical presence, or even the appliances in use, at a given point in time. We propose a solution to tackle this problem, which provides anonymous and scalable metering data collection under realistic security assumptions. Finally, we look at privacy-preserving decentralized information fusion in a multi-agent system. In this scenario, interconnected IoT devices collaboratively combine multiple local measurements into a unique value without the need for them to share their local measurements in clear; the final goal is to derive a binary decision, e.g., if the final value is above or below a threshold. We propose the design of a privacy-preserving protocol for information fusion in a decentralized semi-trusted setting. Our protocol leverages additive blinding and proxy re-encryption as building blocks to privately reach a consensus, and garbled circuit to perform a binary decision step.
Il paradigma Internet of Things (IoT) sta popolando il mondo di milioni di dispositivi "smart" interconnessi tra loro, e in continua espansione in domini diversi. I dispositivi IoT variano da oggetti di piccole dimensioni, come i cosiddetti "wearables", a dispositivi industriali, e sono utilizzati per scopi diversi, per esempio automazione di edifici, controllo di accesso, o in ambito sanitario. Dato il grado di diffusione di IoT in vari aspetti delle nostre vite, ed in particolare in ambienti critici, come nel settore automobilistico o nel campo sanitario, diviene fondamentale progettare sistemi e servizi che garantiscano la sicurezza e la privacy degli utenti. Questa tesi analizza problematiche relative a sicurezza e privacy in diversi servizi IoT, e presenta soluzioni ad-hoc per mitigare potenziali minacce. Il contenuto della tesi è suddiviso in tre parti: (1) una introduzione dell'algoritmo di crittografia Attribute-Based Encryption (ABE), e un'analisi delle sue performance su dispositivi IoT; (2) la progettazione di soluzioni scalabili e sicure per la gestione e il controllo di sistemi IoT su larga scala; e (3) la progettazione di servizi IoT "privacy-friendly'. La prima parte di questa tesi introduce ABE, e presenta una valutazione delle sue performance su popolari dispositivi a basso costo e con ridotte capacità di calcolo, tipici del mondo IoT. ABE è un algoritmo di crittografia a chiave pubblica che permette di applicare (crittograficamente) politiche di controllo di accessi sui dati, specificando gli "attributi" che un utente deve avere per decifrarli. Grazie alla sua espressività e alle sue funzionalità, ABE è stato utilizzato sia in molti servizi IoT proposti in letteratura, che in due soluzioni che verranno introdotte nella tesi. La nostra valutazione sperimentale ha come obiettivo quello fornire mezzi per stimare a priori il costo, ed eventuali trade-off, derivanti dall'utilizzo di ABE. La seconda parte della tesi si focalizza sulla gestione e il controllo di dispositivi IoT in sistemi di larghe dimensioni. In particolare, questa parte presenta il nostro contributo nella risoluzione di due sottoproblemi: la distribuzione sicura di aggiornamenti software, e la valutazione dell'integrità del software in esecuzione nei dispositivi. Consideriamo uno scenario dove un'entità di controllo comunica con una rete di dispositivi IoT di larghe dimensioni tramite una rete di distribuzione intermedia "inaffidabile"; questa infrastruttura intermedia applica tecniche di caching e aggregazione dati con lo scopo di facilitare la distribuzione di contenuti (uno-a-molti) e la raccolta di dati dai dispositivi (molti-a-uno). In scenari realistici, questa infrastruttura può essere compromessa e/o controllata da attaccanti, e ció rende le attività di gestione e controllo dei dispositivi particolarmente complesse: l'entità di controllo non può infatti affidarsi completamente all'infrastruttura intermedia, ne per quanto riguarda l'aggregazione, ne per il mantenimento della confidenzialità e l'integrità dei dati distribuiti. Per questo motivo, in questa parte della tesi descriviamo prima il nostro protocollo per la distribuzioni di aggiornamenti software, il quale mantenendone confidenzialità e integrità sfruttando ABE; il design del protocollo viene presentato sopra a Named-Data Networking, un protocollo di rete di tipo "data centric" che fornisce nativamente aggregazione dati e caching a livello rete. Presentiamo poi il design di un protocollo per la verifica collettiva di una rete di dispositivi IoT. Il protocollo prevede la raccolta e l'aggregazione di prove di integrità del software da dispositivi IoT, e garantisce allo stesso tempo una ridotta complessità di processing lato entità di controllo, e l'integrità delle prove raccolte. La terza e ultima parte della tesi presenta soluzioni che forniscono garanzie di privacy in tre importanti servizi legati a IoT, e in particolare in servizi basati su: localizzazione (Location-Based Services, LBS), misurazione avanzata in ambito Smart Grid (noti come Advanced Metering Infrastructure, AMI), e comunicazione decentralizzata in sistemi muli-agente. Nei servizi LBS, gli utenti mobili condividono la loro posizione geografica con dei provider, i quali forniscono informazioni legate ad essa, come ad esempio l'ospedale, ristorante, o cinema, più vicini alla posizione dell'utente. Servizi di questo tipo possono rappresentare una minaccia per la privacy degli utenti: un provider può infatti tracciare o acquisire informazioni sensibili sugli utenti, in base alla loro posizione. Per ovviare a questo problema, presentiamo un protocollo che permette agli utenti di usufruire di tali servizi mantenendo l'anonimato. Il protocollo presentato funziona in modo collaborativo, e permette agli utenti di inviare richieste definendo il grado di privacy desiderato. Il secondo servizio considerato è quello di misurazione avanzata (AMI) fornito dalle moderne reti Smart Grid. Questo servizio permette ai gestori di energia elettrica di raccogliere misurazioni frequenti del consumo elettrico da dispositivi intelligenti denominati Smart Meters, per motivi di monitoraggio e/o controllo. Purtroppo, an- che questo servizio rappresenta una minaccia per la privacy gli utenti finali: infatti, ricercatori hanno dimostrato come le informazioni sul consumo energetico possano essere utilizzate in modo malevolo per inferire informazioni sensibili, come la presenza fisica di un utente in casa, o il tipo di elettrodomestici che utilizza. Presentiamo la nostra soluzione a questo problema, la quale permette allo stesso tempo agli utenti di condividere misurazioni in modo anonimo, e al gestore di energia elettrica di effettuare agevolmente la raccolta dei dati di consumo. Infine, in questa parte della tesi presentiamo la nostra soluzione per garantire "private information fusion" in servizi basati su sistemi multi-agente. In tali sistemi, dispositivi IoT (agenti) interconnessi tra loro spesso necessitano di combinare osservazioni locali per ottenere un unico valore, ed effettuare una decisione binaria (per esempio, decidere se un valore combinato di temperatura è inferiore ad una soglia data). L'obiettivo è quello di permettere ai vari dispositivi di effettuare tale "fusione", senza dover condividere le loro misurazioni locali in chiaro. La soluzione presentata in questa tesi permette ai dispositivi di raggiungere un consenso in modo decentralizzato, e in presenza di dispositivo "semi-trusted", utilizzando come building block additive blinding e proxy re-encryption, per raggiungere un consenso, mentre garbled circuit per effettuare lo step finale di decisione.

Mestrado em Gestão e Estratégia Industrial
Com o aparecimento da crise económica, as marcas de distribuidor entraram no mercado como uma alternativa a preços acessíveis e, ao longo dos anos, sofreram uma crescente popularidade entre os consumidores devido à sua melhoria de qualidade. Atualmente, as marcas de distribuidor têm uma grande presença no mercado e mantêm uma grande competitividade com as marcas de fabricante. Neste sentido, o presente estudo pretende conhecer as preferências dos consumidores de dois produtos opostos quanto à penetração das marcas de distribuidor, neste caso, o leite e as tabletes de chocolate. Para tal, pretende identificar os atributos mais valorizados pelos consumidores na escolha destes dois produtos e compreender se existem diferenças na preferência pela "marca" entre os mesmos. A técnica de pesquisa utilizada foi a Análise Conjunta, onde foram geradas dezasseis combinações para cada um dos produtos, baseadas em três atributos chave e seus respetivos níveis. Em ambos os produtos, a marca Continente é apresentada como um dos níveis do atributo "marca" porque foi esta a marca de distribuidor escolhida para o estudo. As combinações geradas foram avaliadas pelos consumidores através de um questionário presencial, onde obteve-se uma amostra não probabilística por conveniência de 210 inquiridos. O resultado retirado da análise aos questionários revela que o atributo mais valorizado pelos consumidores na escolha de leite é o teor de gordura, seguido da marca e do preço, e o atributo mais valorizado na escolha de tabletes de chocolate é o tipo de chocolate, seguindo-se a marca e o preço.
With the appearance of the economic crisis, private labels entered the market as an alternative, providing accessible prices and, over the years, experienced a growing popularity among consumers due to its quality improvement. Nowadays, the private labels have a big market presence and are able to compete with the manufacturer brands. Regarding this matter, the present study aims to understand the preferences of the consumers of the two opposite products in terms of penetration of private labels, in this case, milk and chocolate bars. For this purpose, it intends to identify the attributes that are most valued by consumers when choosing one of these products and understand if there are differences in the preference/utility of the "brand" attribute between these products. The searching technique used was the Conjoint Analysis, where sixteen combinations for each product, based on three key attributes and their respective levels, were generated. In both products, the Continente brand is presented as one of the levels of the brand attribute because this was the private label chosen for the study. The generated combinations were evaluated by consumers through a classroom questionnaire, which was obtained from a non-probabilistic convenience sample of 210 interviewed. The result obtained from the questionnaire analysis reveals that the most valued attribute by consumers in choosing milk is the fat, followed by brand and price, and the most valued attribute in choosing chocolate bars is the type of chocolate, followed by brand and the price.

Dizertační práce se zabývá kryptografickými schématy zvyšující ochranu soukromí uživatelů v systémech řízení přístupu a sběru dat. V současnosti jsou systémy fyzického řízení přístupu na bázi čipových karet využívány téměř dennodenně většinou z nás, například v zaměstnání, ve veřejné dopravě a v hotelech. Tyto systémy však stále neposkytují dostatečnou kryptografickou ochranu a tedy bezpečnost. Uživatelské identifikátory a klíče lze snadno odposlechnout a padělat. Funkce, které by zajišťovaly ochranu soukromí uživatele, téměř vždy chybí. Proto je zde reálné riziko možného sledovaní lidí, jejich pohybu a chovaní. Poskytovatelé služeb nebo případní útočníci, kteří odposlouchávají komunikaci, mohou vytvářet profily uživatelů, ví, co dělají, kde se pohybují a o co se zajímají. Za účelem zlepšení tohoto stavu jsme navrhli čtyři nová kryptografická schémata založená na efektivních důkazech s nulovou znalostí a kryptografii eliptických křivek. Konkrétně dizertační práce prezentuje tři nová autentizační schémata pro využití v systémech řízení přístupu a jedno nové schéma pro využití v systémech sběru dat. První schéma využívá distribuovaný autentizační přístup vyžadující spolupráci více RFID prvků v autentizačním procesu. Tato vlastnost je výhodná zvláště v případech řízení přístupu do nebezpečných prostor, kdy pro povolení přístupu uživatele je nezbytné, aby byl uživatel vybaven ochrannými pomůckami (se zabudovanými RFID prvky). Další dvě schémata jsou založena na atributovém způsobu ověření, tj. schémata umožňují anonymně prokázat vlastnictví atributů uživatele, jako je věk, občanství a pohlaví. Zatím co jedno schéma implementuje efektivní revokační a identifikační mechanismy, druhé schéma poskytuje nejrychlejší verifikaci držení uživatelských atributů ze všech současných řešení. Poslední, čtvrté schéma reprezentuje schéma krátkého skupinového podpisu pro scénář sběru dat. Schémata sběru dat se používají pro bezpečný a spolehlivý přenos dat ze vzdálených uzlů do řídící jednotky. S rostoucím významem chytrých měřičů v energetice, inteligentních zařízení v domácnostech a rozličných senzorových sítí, se potřeba bezpečných systémů sběru dat stává velmi naléhavou. Tato schémata musí podporovat nejen standardní bezpečnostní funkce, jako je důvěrnost a autentičnost přenášených dat, ale také funkce nové, jako je silná ochrana soukromí a identity uživatele či identifikace škodlivých uživatelů. Navržená schémata jsou prokazatelně bezpečná a nabízí celou řadu funkcí rozšiřující ochranu soukromí a identity uživatele, jmenovitě se pak jedná o zajištění anonymity, nesledovatelnosti a nespojitelnosti jednotlivých relací uživatele. Kromě úplné kryptografické specifikace a bezpečnostní analýzy navržených schémat, obsahuje tato práce také výsledky měření implementací jednotlivých schémat na v současnosti nejpoužívanějších zařízeních v oblasti řízení přístupu a sběru dat.

Pour étudier le phénomène paradoxal d’un renforcement de l’autonomie de la volonté parallèlement à une multiplication des impérativités en droit international privé contemporain, le concept de norme permissive apparaît particulièrement pertinent. Il permet de saisir l’ensemble des énoncés normatifs où l’auteur de la norme octroie à un destinataire une faculté de faire ou de ne pas faire, qu’il s’agisse du juge lorsqu’il lui est permis de surseoir à statuer en cas de connexité ou des parties lorsqu’il leur est permis de choisir la loi applicable à un contrat international.L’étude du droit positif montre que les manifestations des normes permissives sont nombreuses, tant dans les conflits de lois que de juridictions et qu’elles obéissent à des logiques distinctes selon qu’elles octroient une faculté au juge ou aux parties. Dans cette seconde hypothèse, en effet, il n’est plus question d’une liberté octroyée par la règle de droit mais d’une liberté concédée dans le choix de la règle de droit. Cette spécificité, conjuguée à la multiplication des normes permissives en droit international privé, a donc justifié que leur efficacité soit éprouvée.Dans cette perspective, le présupposé selon lequel les normes permissives constitueraient une traduction normative adéquate de l’objectif de prévisibilité des solutions, qui sert de justification à leur admission, doit être remis en cause. L’appréciation critique de ce postulat permet de proposer que les normes permissives n’occupent, à l’avenir, qu’un rôle résiduel en droit international privé, soit comme instrument de consensus soit comme palliatif à l’indétermination d’un critère de rattachement suffisamment prévisible
In order to study the paradoxical phenomenon of the rise of party autonomy in parallel with the multiplication of mandatory norms in contemporary private international law, the concept of permissive rule is particularly apposite. It accounts for all instances where the law-making body grants a beneficiary the possibility to do or not to do something; be it the judge when he is authorized to stay the proceedings in case of related actions, or the parties when they are authorized to choose the law applicable to an international contract.A study of the positive law shows that permissive rules are numerous in both Choice of laws and Jurisdiction and that they operate under distinct logics depending on whether they grant a possibility to a judge or to the parties. In the latter case, the issue at stake is no longer whether a right is granted by the legal rule, but rather whether a right is conceded in the choice of the legal rule. This specificity, together with the proliferation of permissive rules in private international law, warrants that their relevancy be tested.In this context, the assumption that permissive norms would adequately serve the purpose of foreseeability of solutions, which forms the basis for their adoption, must be questioned. This critical assessment leads to the proposal that permissive norms should, in the future, play only a residual role in private international law, either as a way to reach consensus or as a stopgap in the absence of a sufficiently foreseeable connecting factor

Selon l'Union Internationale des Télécommunications (UIT), la progression importante du nombre de téléphones mobiles à travers le monde a dépassé toutes les prévisions avec un nombre d'utilisateurs estimé à 6 Mds en 2011 dont plus de 75% dans les pays développés. Cette progression importante produit une pression forte sur les opérateurs de téléphonie mobile concernant les ressources radio et leur impact sur la qualité et le degré de service (GoS) dans le réseau. Avec des demandes différenciées de services émanant de différentes classes d'utilisateurs, la capacité d'identifier les types d'utilisateurs dans le réseau devient donc vitale pour l'optimisation de l'infrastructure et des ressources. Dans la présente thèse, une nouvelle approche de classification des utilisateurs d'un réseau cellulaire mobile est proposée, en exploitant les données du trafic réseau fournies par deux opérateurs de téléphonie mobile en Afrique du Sud. Dans une première étape, celles-ci sont décomposées en utilisant deux méthodes multi-échelles ; l'approche de décomposition en mode empirique (Empirical Mode Decomposition approach - EMD) et l'approche en Ondelettes Discrètes (Discrete Wavelet Packet Transform approach - DWPT). Les résultats sont ensuite comparés avec l'approche dite de Difference Histogram qui considère le nombre de segments de données croissants dans les séries temporelles. L'approche floue de classification FCM (Fuzzy C-means) est utilisée par la suite pour déterminer les clusters, ou les différentes classes présentes dans les données, obtenus par analyse multi-échelles et par différence d'histogrammes. Les résultats obtenus montrent, pour la méthode proposée, une séparation claire entre les différentes classes de trafic par rapport aux autres méthodes. La deuxième partie de la thèse concerne la proposition d'une approche d'optimisation des ressources réseau, qui prend en compte la variation de la demande en termes de trafic basée sur les classes d'abonnés précédemment identifiés dans la première partie. Une nouvelle approche hybride en deux niveaux pour l'allocation des canaux est proposée. Le premier niveau considère un seuil fixe de canaux alloués à chaque cellule en prenant en considération la classe d'abonnés identifiée par une stratégie statique d'allocation de ressources tandis que le deuxième niveau considère une stratégie dynamique d'allocation de ressources. Le problème d'allocation de ressources est formulé comme un problème de programmation linéaire mixte (Mixed-Integer Linear programming - MILP). Ainsi, une approche d'allocation par période est proposée dans laquelle un groupe de canaux est alloué de façon dynamique pour répondre à la variation de la demande dans le réseau. Pour résoudre le problème précédent, nous avons utilisé l'outil CPLEX. Les résultats obtenus montrent qu'une solution optimale peux être atteinte par l'approche proposée (MILP)
The growth in the number of cellular mobile subscribers worldwide has far outpaced expected rates of growth with worldwide mobile subscriptions reaching 6 Billion subscribers in 2011 according to the International Telecommunication Union (ITU). More than 75% of this figure is in developing countries. With this rate of growth, greater pressure is placed on radio resources in mobile networks which impacts on the quality and grade of service (GOS) in the network. With varying demands that are generated from different subscriber classes in a network, the ability to distinguish between subscriber types in a network is vital to optimise infrastructure and resources in a mobile network. In this study, a new approach for subscriber classification in mobile cellular networks is proposed. In the proposed approach, traffic data extracted from two network providers in South Africa is considered. The traffic data is first decomposed using traditional feature extraction approaches such as the Empirical Mode Decomposition (EMD) and the Discrete Wavelet Packet Transform (DWPT) approach. The results are then compared with the Difference Histogram approach which considers the number of segments of increase in the time series. Based on the features extracted, classification is then achieved by making use of a Fuzzy C-means algorithm. It is shown from the results obtained that a clear separation between subscriber classes based on inputted traffic signals is possible through the proposed approach. Further, based on the subscriber classes extracted, a novel two-level hybrid channel allocation approach is proposed that makes use of a Mixed Integer Linear Programming (MILP) model to consider the optimisation of radio resources in a mobile network. In the proposed model, two levels of channel allocation are considered: the first considers defining a fixed threshold of channels allocated to each cell in the network. The second level considers a dynamic channel allocation model to account for the variations in traffic experienced in each traffic class identified. Using the optimisation solver, CPLEX, it is shown that an optimal solution can be achieved with the proposed two-level hybrid allocation model

L'etude met en lumiere le regime de la validite et de l'opposabilite des clauses de competence des connaissements en droit francais tel que ce dernier est aujourd'hui entendu, c'est-adire en droit francais commun et en droit communautaire. L'analyse porte essentiellement sur la jurisprudence. Elle permet d'en suivre l'evolution depuis l'admission en 1888 de la validite de principe desdites clauses en matiere de transport maritime international. La fonction essentielle attribuee a la signature du connaissement par les tribunaux dans l'appreciation de la validite est mise en evidence. L'appreciation des caracteres de redaction des clauses et de la precision de la designation du tribunal a ete faite assez longtemps avec une grande rigueur par les tribunaux. Un certain assouplissement de cette rigueur peut etre a present observe. Quant au revirement de jurisprudence de 1994 (arret nagasaki) qui a introduit l'exigence de l'acceptation du destinataire pour l'opposabilite des clauses a ce dernier, il se justifie par le caractere particulier de ces clauses par rapport a celle(qui definissent la relation concrete du transport. Non essentielles a cette relation, les clauses de competence imposent une contrainte particuliere pour laquelle le destinataire est bien fonde a se prevaloir de ses droits propres. Par ailleurs, ledit revirement de jurisprudence conforte l'analyse traditionnelle du contrat de transport comme un contrat tripartite par nature. La jurisprudence la plus recente de la cour de justice des communautes europeennes, liberale et abstraite, ne met pas en cause la jurisprudence nagasaki

Ces dernières années, nous assistons à une immense révolution numérique de l’internet où de nombreuses applications, innovantes telles que l’internet des objets, les voitures autonomes, etc., ont émergé. Par conséquent, l’adoption des technologies d’externalisations des données, telles que le cloud ou le fog computing, afin de gérer cette expansion technologique semble inévitable. Cependant, l’utilisation du cloud ou du fog computing en tant que plateforme d’externalisation pour le stockage ou le partage des données crée plusieurs défis scientifiques. En effet, externaliser ses données signifie que l’utilisateur perd le contrôle sur ces derniers. D’où la sécurité des données devienne une préoccupation majeure qui doit être proprement traitée. C’est dans ce contexte que s’inscrivent les travaux de cette thèse dans laquelle nous avons déterminé dans un premier temps les principaux problèmes de sécurité liés à l’adoption du cloud et du fog computing. Puis, nous avons adressé trois problématiques de sécurité majeure, qui sont : 1 - Le contrôle d’accès aux données dans une architecture de type Cloud storage, où nous avons proposé une nouvelle solution de contrôle d’accès basée sur le chiffrement à base d’attributs. Notre solution assure un contrôle d’accès souple et à grains fins. De plus, elle permet d’effectuer une révocation immédiate des utilisateurs et des attributs sans aucune mise à jour des clés de chiffrement fournies aux utilisateurs. 2 - Le problème de l’authentification mutuelle entre les utilisateurs et les serveurs Fog dans une architecture Fog computing, où nous avons proposé un nouveau schéma d’authentification efficace, qui assure l’authentification mutuelle et qui est robuste contre les comportements malicieux des serveurs Fog. 3 - Le problème de traçabilité et de la protection de la vie privée dans le cadre des applications de partage d’informations publiques, où nous avons proposé une nouvelle solution pour le partage d’informations publiques assurant le service de traçabilité tout en préservant les informations privées des utilisateurs. Avec notre solution, les serveurs d’externalisations authentifient les utilisateurs sans pouvoir obtenir des informations sur leur vie privée. En cas de comportements malicieux, notre solution permet de tracer les utilisateurs malveillants grâce à une autorité
These last years, we are witnessing a real digital revolution of Internet where many innovative applications such as Internet of Things, autonomous cars, etc., have emerged. Consequently, adopting externalization technologies such as cloud and fog computing to handle this technological expansion seems to be an inevitable outcome. However, using the cloud or fog computing as a data repository opens many challenges in prospect. This thesis addresses security issues in cloud and fog computing which is a major challenge that need to be appropriately overcomed. Indeed, adopting these technologies means that the users lose control over their own data, which exposes it to several security threats. Therefore, we first investigated the main security issues facing the adoption of cloud and fog computing technologies. As one of the main challenges pointed in our investigation, access control is indeed a cornerstone of data security. An efficient access control mechanism must provide enforced and flexible access policies that ensure data protection, even from the service provider. Hence, we proposed a novel secure and efficient attribute based access control scheme for cloud data-storage applications. Our solution ensures flexible and fine-grained access control and prevents security degradations. Moreover, it performs immediate users and attributes revocation without any key regeneration. Authentication service in fog computing architecture is another issue that we have addressed in this thesis. Some traditional authentication schemes endure latency issues while others do not satisfy fog computing requirements such as mutual authentication between end-devices and fog servers. Thus, we have proposed a new, secure and efficient authentication scheme that ensures mutual authentication at the edge of the network and remedies to fog servers' misbehaviors.Finally, we tackled accountability and privacy-preserving challenges in information-sharing applications for which several proposals in the literature have treated privacy issues, but few of them have considered accountability service. Therefore, we have proposed a novel accountable privacy preserving solution for public information sharing in data externalization platforms. Externalization servers in our scheme authenticate any user in the system without violating its privacy. In case of misbehavior, our solution allows to trace malicious users thanks to an authority

Le Cloud Computing, ou informatique en nuages, est un environnement de stockage et d’exécution flexible et dynamique qui offre à ses utilisateurs des ressources informatiques à la demande via internet. Le Cloud Computing se développe de manière exponentielle car il offre de nombreux avantages rendus possibles grâce aux évolutions majeures des Data Centers et de la virtualisation. Cependant, la sécurité est un frein majeur à l’adoption du Cloud car les données et les traitements seront externalisés hors de site de confiance de client. Cette thèse contribue à résoudre les défis et les issues de la sécurité des données dans le Cloud pour les applications critiques. En particulier, nous nous intéressons à l’utilisation de stockage pour les applications médicales telles que les dossiers de santé électroniques et les réseaux de capteurs pour la santé. D’abord, nous étudions les avantages et les défis de l’utilisation du Cloud pour les applications médicales. Ensuite, nous présentons l’état de l’art sur la sécurité dans le Cloud et les travaux existants dans ce domaine. Puis nous proposons une architecture sécurisée basée sur le Cloud pour la supervision des patients. Dans cette solution, nous avons développé un contrôle d’accès à granularité fine pour résoudre les défis de la sécurité des données dans le Cloud. Enfin, nous proposons une solution de gestion des accès en urgence
Cloud computing has recently emerged as a new paradigm where resources of the computing infrastructures are provided as services over the Internet. However, this paradigm also brings many new challenges for data security and access control when business or organizations data is outsourced in the cloud, they are not within the same trusted domain as their traditional infrastructures. This thesis contributes to overcome the data security challenges and issues due to using the cloud for critical applications. Specially, we consider using cloud storage services for medical applications such as Electronic Health Record (EHR) systems and medical Wireless Sensor Networks. First, we discuss the benefits and challenges of using cloud services for healthcare applications. Then, we study security risks of the cloud, and give an overview on existing works. After that, we propose a secure and scalable cloud-based architecture for medical applications. In our solution, we develop a fine-grained access control in order to tackle the challenge of sensitive data security, complex and dynamic access policies. Finally, we propose a secure architecture for emergency management to meet the challenge of emergency access

Dans un contexte où le recours au mécanisme des lois de police apparaît de plus en plus fréquent et facilité sur le plan des conflits de lois, la perte d’impérativité que connaissent ces dispositions du fait des solutions libérales retenues sur le plan des conflits de juridictions, conduit à s’interroger sur la possibilité d’apporter des correctifs. En droit positif, l’admission généralisée des clauses de prorogation de for, étatique et arbitral, malgré l’applicabilité d’une loi de police, associée à un système de reconnaissance pratiquement automatique des jugements étrangers et des sentences arbitrales au stade du contentieux de l’exequatur, conduit à rendre ces dispositions globalement semi-nécessaires dans les rapports internationaux. Alors que la mise en œuvre des lois de police devant un for étatique étranger ou arbitral apparaît très incertaine et que la violation de ces dispositions ne fait pas obstacle à la reconnaissance d’un jugement ou d’une sentence qui les aurait négligées, les clauses de prorogation de for apparaissent comme des instruments à la disposition des parties pour se livrer au forum shopping et contourner les impérativités étatiques. Cette solution, paradoxale et peu satisfaisante, compte tenu de l’importance et de la nature des intérêts par principe mis en cause à travers ces dispositions, incite à envisager une solution permettant de restaurer l’impérativité des lois de police dans les conflits de juridictions. Dès lors que ce résultat apparaît comme la conséquence du maintien du principe traditionnel de l’indépendance des compétences législative et juridictionnelle malgré le lien existant entre forum et jus en matière de lois de police, ce constat conduit à s’interroger sur la possibilité de déroger exceptionnellement à ce principe pour consacrer un forum legis impératif et exclusif, fondé sur l’applicabilité d’une telle disposition. Cette solution, restaurant efficacement l’impérativité des lois de police dans leur for d’origine, devrait néanmoins être associée à la mise en place d’un mécanisme de coordination des systèmes permettant de prolonger son efficacité devant les fors étrangers. Il pourrait trouver ses fondements dans certains procédés préexistants, susceptibles d’être adaptés à la réalisation de l’objectif de protection des impérativités étatiques poursuivis. La mise en place de différents mécanismes, apparentés à celui du forum non conveniens, fondés sur un système de coopération interjuridictionnelle ou inspirés de la méthode de référence à l’ordre juridique compétent envisagée par P. Picone, pourrait permettre d’assurer, à l’étranger, le respect des lois de police du for dans des hypothèses différentes. De manière transversale, la restauration de l’impérativité des lois de police pourrait être assurée grâce à un recours à la notion d’ordre juridique prépondérant. Désignant un ordre juridique dont une loi de police mettant directement en cause un intérêt étatique réellement fondamental serait applicable au fond du litige, elle devrait pouvoir fonder la reconnaissance de la vocation plus forte de celui-ci à faire valoir ses vues pour la résolution d’un litige. Elle pourrait fonder à la fois la revendication de compétence juridictionnelle prioritaire de celui-ci pour trancher le différend et un effacement des fors étrangers pour faire prévaloir le point de vue qu’il retient. Une telle solution, étroitement délimitée et justifiée au regard de l’importance des intérêts mis en cause, assurerait une solution satisfaisante permettant à la fois d’articuler harmonieusement la poursuite de la politique libérale qui s’impose dans les conflits de juridictions avec le respect des lois de police et de réconcilier la protection des impérativités étatiques avec la coordination des systèmes
In times of mandatory provisions becoming more and more prevalent, based on conflict of law, the concept of mandatory enforcement appears to be somehow diluted regarding the liberal solutions found in conflicts of jurisdictions. In positive law, mandatory rules do not prevent the enforcement of a forum clause, no more than they are considered during the enforcement stage of decisions. While the application of these rules before foreign courts and arbitrators is very uncertain and does not raise obstacles to the recognition of foreign judgments or arbitral judgment which overlook them, choice of forum clauses has become an instrument of forum shopping in order to avoid mandatory regulations. This solution paradoxically induces a search for a solution to restore there international imperativity. This result has appeared as a consequence of the principle of separation of conflicts of law and conflicts of jurisdictions. That observation leads to ask questions about the possibility of an exemption to this general principle. Indeed, this encourages to consider the possibility to admit a correlation between forum and jus in order to establish imperative and exclusive competence, based on the applicability of such mandatory rules. This forum legis would require to maintain the litigation in its courts and could ensure their application in international relations. However, unilateralism that governs rules of judicial competence should involve the establishment of a mechanism of different legal systems coordination. Depending on the type of mandatory rules concerned, it could be based on an adapted form of forum non conveniens, on international judicial Co-operation processes, or be inspired by the method of reference to the competent legal order envisaged by P. Picone. The deployment of these solutions could be based on using preponderant state notion, that would be the one with the most widely public policy involved. It would lead to the recognition of the strong vocation of it to assert its views for the resolution of a dispute and would justify both the priority jurisdiction of its courts and circumspection of the other jurisdictional authorities to exercise their competence. Such a solution, tightly defined and justified in view of the importance of the interests involved, would provide a satisfactory solution to both harmoniously articulate the pursuit of liberal politics required in conflicts of jurisdictions with respect of public policy, and reconcile the protection of imperativities with the coordination of legal systems

L’objet de cette thèse est de dresser une méthode qui permet d’expliquer, au regard du droit commun, le phénomène de l’extension et la transmission de certaines clauses dans les chaînes de contrats et les ensembles contractuels. Cette méthode devrait aussi justifier certaines dérogations au droit commun.La thèse commence par aborder certaines questions préalables relatives aux groupes de contrats, qui ont une portée directe sur l’objet de cette étude. Les membres de l’ensemble contractuel et de la chaîne de contrats sont des tiers dans leurs rapports respectifs. L’action directe, qui constitue l’élément dynamique de la chaîne de contrats, peut s’analyser en un mécanisme de compensation multilatérale. L’ensemble contractuel multipartite ne peut produire ses effets à l’égard de ses membres que si ces derniers connaissaient l’existence des liens qui unissent leur contrat aux autres contrats de l’ensemble. Enfin, dans les ensembles contractuels bipartites, une distinction s’impose entre le véritable ensemble contractuel et entre le contrat complexe, qui n’est qu’un contrat unique divisé en plusieurs intrumentum. Une méthode chronologique est proposée, prenant en compte le nombre d’échanges de consentements ayant eu lieu entre les deux parties.Après avoir répondu à ces questions préalables, la thèse examine certaines hypothèses dans la jurisprudence dans lesquelles l’effet d’une clause a été étendu ou transmis, dans une chaîne de contrats ou un ensemble contractuel. Les clauses de compétence font l’objet du contentieux le plus abondant mais beaucoup d’autres clauses, telles que la clause limitative de responsabilité, la clause de non-concurrence, la clause de non-garantie et la clause de renonciation à recours font également l’objet d’une extension ou d’une transmission dans les groupes de contrats. L’examen de cette jurisprudence a pu écarter certaines décisions qui ont paru mal fondés et de poser des principes généraux qui peuvent gérer la problématique de l’extension et de la transmission dans les groupes de contrats.Ces règles à caractères générales dégagés après l’examen de la jurisprudence, associées aux réponses qui ont été apportées en premier lieu aux questions préalables, ont abouti à la création de la méthode recherchée. La première étape dans cette méthode est de reconnaître le type de groupe de contrats auquel on fait face : s’agit-il d’un ensemble contractuel bipartite, d’un ensemble contractuel multipartite ou d’une chaîne de contrats ?Si c’est un ensemble contractuel bipartite, la première question qu’on devrait se poser serait de savoir s’il s’agit d’un seul contrat divisé en plusieurs instrumentum, ou d’un véritable ensemble contractuel. Si le groupe prend la forme d’une chaîne de contrats ou d’un ensemble multipartite, la problématique de l’effet relatif des contrats paraît alors sur le devant de la scène. Il a été démontré que l’article 1165 ne fait obstacle qu’à l’extension des clauses à contenu obligationnel. Cinq éléments caractéristiques ont été retenus pour caractériser la clause génératrice d’obligation. Si la clause a un contenu obligationnel, elle ne peut en principe être étendue aux autres membres de la chaîne ou de l’ensemble contractuel. Sinon, la clause est potentiellement opposable.Les dérogations à l’effet relatif des contrats ne sont qu’au nombre de deux. Dans les chaînes de contrats, cette dérogation se manifeste par la transmission des droits à l’ayant cause à titre particulier. Dans les ensembles contractuels une autre dérogation au principe de l’effet relatif des contrats apparaît lorsque le respect de la force obligatoire de la clause exige inévitablement de l’étendre à un autre membre de l’ensemble.Dans les chaînes de contrats, les clauses, sans effet obligationnel, qui affectent l’existence ou le montant de la créance sont de plein droit opposables aux autres membres de la chaîne
The objet of this thesis is to create a method that could explain a phenomenon that has been observed by scholars and practitioners of law for decades; which is the extension end the transmission of certain clauses in chain agreements and contractual sets. Through this method one should be able, on one hand, to justify this phenomenon in regard to general principals of law and, on the other hand, to find an explanation for some necessary derogations to the Law.The first step in this thesis was to find answers for some basic questions about groups of contracts that have a direct impact on our subject. We have demonstrated that the fundament of contractual sets relies in the concept of “economy of contract”. Members of chain agreements and contractual sets should be considered as third parties in their mutual relationships. Direct action, which constitutes the dynamic face of chain agreements, could be analyzed as a multilateral set-off. In multiparty contractual sets, the set could not produce its effects in regard to its members unless it could be proven that the concerned member has knowledge of the existence of the other contracts forming the set and of the links between these contracts and his own one. Finally, in two parties’ contractual sets, it’s mandatory to distinguish between a real contractual set, and complex contract which is merely a contract written in several documents. We have proposed a chronological method to establish this distinction, taking into account the number of times the parties have exchanged their consent. After this preliminary part, we have studied precedents regarding the extension and the transmission of some clauses in chain agreements and contractual sets. Jurisdiction clauses and arbitration clauses are by far the most represented, but other clauses such as clauses of disclaimer of warranty, clauses of limited liability, clauses of waiver of action and clauses of non-competition are also sometimes extended or transmitted to other contracts and/or to other members in the group. Through an analysis of these decisions, we have shown that some of them didn’t have enough legal ground. Using those decisions that seemed to us well-founded, we have deduced a number of rules that could be applied for other cases of extension and transmission of clauses in groups of contracts.The rules that we have deduces from the study of the case law, together with the answers that we have provided for some preliminary questions in the first part of the thesis, have lead us to find the method we are looking for in this study.The first step in this method is to recognize the type of group of contracts involved: is it a chain agreement, a multiparty contractual set or a two parties’ set ?If it’s a contractual set between two parties, the first question should be to decide whether it’s really a contractual set, or if it’s a complex contract. If the group of contracts involved is a chain agreement or a multiparty contractual set, then one should wonder whether the doctrine of privity of contract could form an obstacle against the extension or the transmission of the clause. We have demonstrated in this thesis that article 1165 of the Civil Code is only applicable to clauses that contain an obligation. In order to qualify recognize clauses having an “obligational” content, we have proposed five fundamental elements. If the clause contains an obligation it could not be extended to the other members of the chain agreement or the contractual set. Otherwise, the clause is potentially opposable.There are only two exceptions to the doctrine of privity of contract. The first one, in chain agreements is the transmission of rights to singular successors. This exception could be justified by article 1122 of the Civil Code and by the concept of accessoire. The second exception could be seen in contractual sets where the binding authority of the clause could not be respected unless it is extended to certain third parties

碩士
國立臺灣科技大學
資訊管理系
107
In these several years, the knowledge finding from big data keeps growing. Big companies or organization try to get an accurate prediction for their customer or targeted customer. The privacy of customer can be abused by the companies and also not get another benefit from the data that already provided to companies. In this thesis, we propose a private data buying-selling platform that not only secure but also can protect the user's identity. Utilizing ciphertext-policy attribute-based encryption for securing private data. Also uses a blockchain framework to create anonymity of user and securing transaction using a decentralized method. Moreover, our proposed platform is also proven to be secure and could withstand some well-known attacks.

abstract: This dissertation is focused on building scalable Attribute Based Security Systems (ABSS), including efficient and privacy-preserving attribute based encryption schemes and applications to group communications and cloud computing. First of all, a Constant Ciphertext Policy Attribute Based Encryption (CCP-ABE) is proposed. Existing Attribute Based Encryption (ABE) schemes usually incur large, linearly increasing ciphertext. The proposed CCP-ABE dramatically reduces the ciphertext to small, constant size. This is the first existing ABE scheme that achieves constant ciphertext size. Also, the proposed CCP-ABE scheme is fully collusion-resistant such that users can not combine their attributes to elevate their decryption capacity. Next step, efficient ABE schemes are applied to construct optimal group communication schemes and broadcast encryption schemes. An attribute based Optimal Group Key (OGK) management scheme that attains communication-storage optimality without collusion vulnerability is presented. Then, a novel broadcast encryption model: Attribute Based Broadcast Encryption (ABBE) is introduced, which exploits the many-to-many nature of attributes to dramatically reduce the storage complexity from linear to logarithm and enable expressive attribute based access policies. The privacy issues are also considered and addressed in ABSS. Firstly, a hidden policy based ABE schemes is proposed to protect receivers' privacy by hiding the access policy. Secondly,a new concept: Gradual Identity Exposure (GIE) is introduced to address the restrictions of hidden policy based ABE schemes. GIE's approach is to reveal the receivers' information gradually by allowing ciphertext recipients to decrypt the message using their possessed attributes one-by-one. If the receiver does not possess one attribute in this procedure, the rest of attributes are still hidden. Compared to hidden-policy based solutions, GIE provides significant performance improvement in terms of reducing both computation and communication overhead. Last but not least, ABSS are incorporated into the mobile cloud computing scenarios. In the proposed secure mobile cloud data management framework, the light weight mobile devices can securely outsource expensive ABE operations and data storage to untrusted cloud service providers. The reported scheme includes two components: (1) a Cloud-Assisted Attribute-Based Encryption/Decryption (CA-ABE) scheme and (2) An Attribute-Based Data Storage (ABDS) scheme that achieves information theoretical optimality.
Dissertation/Thesis
Ph.D. Computer Science 2011

Private Label brands (often referred to as low-cost options) are the strategy retailers found to offer quality products at affordable prices, allowing families to fulfil their needs and better manage their monthly disposable income. However, these brands tend to suffer from lack of identity, poor perception of quality and scepticism, which often disappear after people start consuming the products. This dissertation aims to test to which extent the presence of Irrelevant Attributes effectively contributes to reducing perceived quality deficits through the creation or enhancement of brands’ personality traits. By strengthening their identities, brands can turn consumers’ identification with the brand easier, which positively impacts their perceived value, expected hedonic experience, purchase intentions and willingness-to-pay. Although some authors claim that the presence of Irrelevant Attributes is understood by consumers as a mechanism that brands use to compensate for the underperforming attributes (as found in National brands), Private Labels may benefit from using this tool to outperform in competitive markets like Food Retail or FMCG, where players are fierce and fight incessantly. This research’s results reveal that the presence of Irrelevant Attributes allows brands to enhance their personality and differentiate themselves from its competitors. Nevertheless, they also show that perceived value and purchase intentions do not increase significantly, unlike the willingness to pay, which increases when Irrelevant Attributes are present. The presence of Irrelevant Attributes in National brands tends to weaken them, which reinforces their importance to Private Label brands as a point of differentiation.
As marcas próprias têm permitido aos retalhistas oferecer produtos de qualidade a preços acessíveis, que permitem uma melhor gestão do rendimento mensal disponível e a satisfação das necessidades das famílias. Contudo, estas marcas sofrem de falta de identidade, baixa perceção de qualidade e de ceticismo criado pelos consumidores, tendencialmente suprimido após consumir o produto. As marcas próprias tendem, por isso, a ser vistas como uma opção low-cost. Esta dissertação pretende testar se a presença de Atributos Irrelevantes contribui de forma eficaz para a redução do défice de qualidade percebido através da criação de uma personalidade, o que, facilitando a identificação do consumidor com a marca, impactaria positivamente o valor percebido, as expetativas, as intenções de compra e o valor que o consumidor está disposto a despender. Apesar de alguns autores afirmarem que a presença de Atributos Irrelevantes é vista pelos consumidores como um mecanismo a que as marcas recorrem para compensar pela performance deficitária de outros atributos (o que se verificou para as marcas de fabricante), as marcas próprias podem recorrer à utilização desta ferramenta para se diferenciarem em mercados competitivos. Este estudo revela que a presença de Atributos Irrelevantes permite às marcas enaltecer a sua personalidade e diferenciar-se da concorrência. Contudo, os resultados mostram que o valor percebido e as intenções de compra não aumentam significativamente, ao contrário do preço a pagar. A presença de Atributos Irrelevantes em marcas de fabricante tende a prejudicá-las, reforçando a importância dos mesmos para as marcas próprias enquanto ponto de diferenciação.

The Internet of Things (IoT) technology is now widespread and is indisputably changing our lives. As this technology advances, new security and privacy challenges must be faced. The limitations imposed by resource-constrained devices used in IoT applications play a crucial role and often determine the research directions. This dissertation addresses security problems related to the two main branches of the IoT, namely smart cities and industrial IoT. IoT applications usually rely on input data coming from either provider's smart devices or by end-user's devices, as in mobile participatory sensing. In the latter case, the infrastructure rests on data reported by participants. This paradigm, however, introduces new security problems related to the trustworthiness of the reported data, which might be inaccurate or even counterfeit. Differently, if the data is sensed by trusted devices, the data trustworthiness is not a concern as far as other security properties, e.g., authentication and integrity, are guaranteed. Depending on the scenario, the sensed data can be directly transmitted to the users or stored on cloud servers. Oftentimes, sensed data includes sensitive or valuable information which is intended to be read only by authorized users. If data is stored on the cloud, the owner loses any control on it, and an attack that leads to data disclosure could represent an important loss of money for the data owner or a serious privacy violation for the users. In this dissertation we propose novel solutions to the aforementioned problems. False-measurement reports could be tackled by having a set of trusted verifiers which checks the same measurement. If the measurement cannot be directly checked, the verifiers could at least check the participant's position as an indirect proof. To this aim, we propose an effective and secure location verification solution which uses a swarm of few drones equipped only with common radio-frequency transceivers, e.g., WiFi. Secondly, we propose the use of Attribute-Based Encryption (ABE) in IoT scenarios to protect the data from unauthorized access. We propose ABE-Cities, a secure scheme for smart cities which implements a publish/subscribe-like application in which the data is outsourced to a semi-trusted cloud server. Since ABE encryption might be burdensome for a range of resource-constrained devices, in ABE-Cities, the sensing devices execute only symmetric-key algorithms. Moreover, ABE-Cities leverages the peculiarities of a smart city in order to reduce the complexity of the key revocation operation, which is the most onerous one in ABE systems. In addition, we extend an existing ABE revocation scheme by providing additional security that limits the cloud server capabilities and inhibits it from accessing the data stored on it, when in possession of a revoked key. Finally, we propose fABElous, an ABE scheme for low-bitrate wireless sensor and actuator networks, often used in industrial IoT systems, which aims at minimizing the communication overhead introduced by the adoption of ABE to selectively distribute data through broadcast communications.

碩士
國立彰化師範大學
工業教育學系
88
ABSTRACT The purpose of this study was to examine the relationships among leadership behaviors, leadership attributes and leadership effectiveness of principals at private vocational high schools. The study was designed to contribute to an understanding of the types of leadership behaviors and leadership attributes which can produce high leadership effectiveness. Therefore, this study attempted to explore the following five research concerns : (1) understanding the leadership behaviors, leadership attributes and leadership effectiveness of principals at private vocational high schools, (2) examining the relationships among background variables, leadership behaviors, leadership attributes and leadership effectiveness, (3) exploring the predictions of leadership behaviors by leadership attributes, (4) exploring the predictions of leadership effectiveness by leadership attributes, and (5) exploring the predictions of leadership effectiveness by leadership behaviors. The population of the study was the 8,962 private vocational high school teachers in Taiwan in 2000. The sample consisted of 1528 subjects who were selected by proportional stratified random sampling techniques. The total number of usable sets of instrument returned was 915 and a usable return rate of 59.88%. The research instrument was composed of four questionnaires : (1) the Personal Profile for vocational principals and teachers which was used to assess personal information, (2) the Leadership Behaviors Questionnaire (LBQ) for the vocational teachers which was used to assess transformational, transactional, and non-transactional leadership behaviors, (3) the Leadership Attributes Questionnaire (LAQ) for vocational teachers which was used to assess leadership attributes, and (4) the Leadership Effectiveness Questionnaire (LEQ) for vocational teachers which was used to assess leadership effectiveness. All the LBQ, LAQ and LEQ were revised by scholars and tested by factor analysis. The Cronbach α was .92, .98 and .95 ,respectively. Therefore, the validity and reliability of four questionnaires were acceptable. The data was analyzed by a number of statistical techniques such as descriptive statistics, t-test, one way ANOVA, and stepwise multiple regression. The results were as follows: (1) The transactional behaviors were moderate high, transformational behaviors were lower, and non-transactional behavior were the lowest performed by the private vocational principals. (2) The leadership attributes performed by the private vocational high school principals was higher than average, especially good at characteristic attributes but not good at organization management attributes. (3) The leadership effectiveness performed by the private vocational high school principals was higher than average, however, leadership satisfaction was the highest and organizational goal achievement, job satisfaction was the second. (4) There were significant differences among all aspects in terms of leadership behaviors, leadership attributes and leadership effectiveness based on different background variables. (5) According to all aspects of leadership behaviors, (a)energetic with stamina, (b)tolerant of ambiguity and complexity, (c)achievement-oriented, (d)initiating, (e)willing to accept responsibility, (f)sensitivity respect and (g)motivating others leadership attributes have higher predictions of all aspects of behaviors. (6) According to leadership effectiveness, (a)even disposition, (b)committed to the common good, (c)sensitivity respect, (d)motivating others and (e)ideological beliefs were appropriate are important leadership attributes, however, Motivating others leadership attribute is the most important. (7) The leadership behaviors such as individualized consideration, contingent reward, charisma, and intellectual stimulation were highly and positively related to perceived overall leadership effectiveness, however, individualized consideration, contingent reward, these two leadership behaviors were the most important.

碩士
國立臺北大學
資訊工程學系
104
Under data mining to flourish in all areas get benefit, but because to get the information so generated data privacy issues, and in recent years many techniques on data protection, are focus one data types to protect, we are focus to different data types, so in this paper we propose CRebSTa method, which at the same time taking into consideration the relationship between tabular data and sequential data between, in order to retain more sequential multi-table data and the relevance of the format, in order to achieve less information loss, and thus enhance the good utility. In our experimental section of our approach with k-anonymity and (k, p) -anonymity compare our approach, although in attack to protect do not best, but our approach in the performance of three methods to center, but our approach in information loss and utility above, our approach is best which also shows the sequential and tabular data that need to be considered simultaneously.

碩士
國立中興大學
電機工程學系所
107
There are increasing demands on open data for scientific, medical, and social applications. Open data is a new trend and more data are being released for data mining and decision-making. To avoid the leakage of personal privacy caused by the release of data, data must be processed through privacy protection methods before being released. Since the optimization of privacy preserving models like K-anonymity and L-diversity are NP problems, most previous privacy preserving methods trade off privacy preserving and data utility by designing heuristic algorithms to reduce information loss. Different from the previous works, our main idea is that the released data should be privacy protected meanwhile they should provide different levels of discrimination for different individuals, i.e., observers of different backgrounds shall get different levels of information from the released data. For example, data are required to be released for supervision of public administration or financial inspection of foundations. Also, for a mass casualty incident (MCI), the up to date information of injured and ill patients, especially their status and location, should be released for the ambulance and medical staff or the patients’ family for easy of finding the required resource for the patients. However, few privacy protection methods that take into account both privacy and data discrimination in the literature. In the thesis, we study the privacy protection and data discrimination problem and found that the attributes of a dataset could be classified into static and dynamic attributes. Considering the dynamic discrimination privacy preserving problem, we propose a new privacy-preserving model called K_1 K_2-anonymization model. It is to ensure that the equivalence class on static attributes is still K-anonymization while in a equivalence class, the numbers of data with the same dynamic attributes should be less than K_2. If the dynamic attribute values within equivalent classes are similar, there are no solutions because it is hard to differentiate. We propose a clustering-based SimDiv algorithm to make the dynamic attributes within equivalence classes more discriminable as a compromised solution to the K_1 K_2-anonymization problem. To validate the effectiveness, we conduct experiments on a real dataset. The experimental results show that the proposed method outperforms the other methods of similar models in term of discriminability on dynamic attributes.

碩士
國立成功大學
企業管理學系碩博士班
100
Private-brand products are well developed in foreign markets. On the other hand, due to the economic downturn, the concept of smart shopping, oligopolistic retailers and other factors in Taiwan, private-brand products are attracting the attention of consumers. This study uses the traditional model of conjoint analysis to discuss the preferences and the combinations of the attributes of the private brand, as well as different market segments. Furthermore, the results can be provided for the retailers as references while designing products. The results show that, store brand, quality, price and promotion are the four main attributes of private brand. In addition, there are four groups, which are promotion-averter, store-brand-advocator, public-resemblance and promotion-lover, after market segmented. The group of store-brand-advocator is the biggest group of these four. In most of market segments in this study, store brand is the most important attribute of private brand. Thus, the retailers should aware that the first condition of developing private brand is properly operating their own store brand to obtain the favor of consumers.

碩士
開南大學
財務金融學系
96
Along with the development trend of financial liberalization and internationalization, the first issue faced by commercial bank industry is exactly the promotion of service quality. The research adopts the questionnaire investigation method, from January 1 to April 30 of 2008, taking the customers served by financial advisors of Cathay United Bank in Taipei area as the research object to carry on tracing investigation. The main purpose lies in understanding customers’ value degree and satisfaction towards the service quality that financial advisors provide. The research can provide the financial advisors of the bank to improve the service quality, and it will be the reference of the future programs. The research has 230 valid questionnaires. The recovery rate of valid questionnaires is 93.5%. The statistic analyzes and explanations of the data mainly adopt the statistic software, SPSS. After the analysis of the reach, the conclusions are as follows. First, there are three aspects of financial advisors’ service quality towards customers  profession, trust and concern. Second, through importance, expressive degree analysis method, we learn that financial advisors should improve the aspects of profession and trust of service quality. For the aspect of concern, the customers are very satisfied with it, which should be kept. Third, for customers, there is apparent difference between the value degree and satisfaction of financial advisors’ items of service quality. Besides, for every service item, the value degree is higher than the satisfaction. It means that for customers the value degree of service quality is very much higher than the satisfaction. Therefore, financial advisors should make efforts to strengthen service quality. Fourth, there is no apparent difference for customers with different backgrounds towards the value degree (satisfaction) of financial advisors’ service quality of profession, trust, concern. From the result of the examination, we know that financial advisors serve customers with different backgrounds in the same way, which exactly benefits business continuity. Fifth, financial advisors’ service quality is apparently related to the satisfaction of overall customers. The correlation coefficients are all positives. It means that the better the service quality is, the higher customer satisfaction will be.

Σκοπός της παρούσας εργασίας είναι να μελετήσουμε τη συμπεριφορά των χρηστών νέων τεχνολογιών και τους παράγοντες που αλληλεπιδρούν στην οικοδόμηση της εμπιστοσύνης τους απέναντι σε αυτές. Παράλληλα, εξετάζουμε τη στάση των χρηστών απέναντι στα ABC διαπιστευτήρια με δυνατότητα ελάχιστης αποκάλυψης προσωπικών δεδομένων (minimal disclosure), ως λύση για την προστασία της ιδιωτικότητάς τους.
The purpose of this paper is to study the behavior of users of new technologies and the factors that interact to build their confidence against them. In addition, we examine the attitude of users towards ABC credentials with minimal disclosure of personal data, as a solution to protect their privacy.

Thesis (M.S.)--University of Wisconsin--Madison, 1995.
Typescript. eContent provider-neutral record in process. Description based on print version record. Includes bibliographical references (leaves 73-75).

Indiana University-Purdue University Indianapolis (IUPUI)
As medical data continues to transition to electronic formats, opportunities arise for researchers to use this microdata to discover patterns and increase knowledge that can improve patient care. Now more than ever, it is critical to protect the identities of the patients contained in these databases. Even after removing obvious “identifier” attributes, such as social security numbers or first and last names, that clearly identify a specific person, it is possible to join “quasi-identifier” attributes from two or more publicly available databases to identify individuals. K-anonymity is an approach that has been used to ensure that no one individual can be distinguished within a group of at least k individuals. However, the majority of the proposed approaches implementing k-anonymity have focused on improving the efficiency of algorithms implementing k-anonymity; less emphasis has been put towards ensuring the “utility” of anonymized data from a researchers’ perspective. We propose a new data utility measurement, called the research value (RV), which extends existing utility measurements by employing data constraints rules that are designed to improve the effectiveness of queries against the anonymized data. To anonymize a given raw dataset, two algorithms are proposed that use predefined generalizations provided by the data content expert and their corresponding research values to assess an attribute’s data utility as it is generalizing the data to ensure k-anonymity. In addition, an automated algorithm is presented that uses clustering and the RV to anonymize the dataset. All of the proposed algorithms scale efficiently when the number of attributes in a dataset is large.

In service-oriented architecture, services can communicate and share data among themselves. This thesis presents a solution that allows detecting several types of data leakages made by authorized insiders to unauthorized services. My solution provides role-based and attribute-based access control for data so that each service can access only those data subsets for which the service is authorized, considering a context and service’s attributes such as security level of the web browser and trust level of service. My approach provides data protection in transit and at rest for both centralized and peer-to-peer service architectures. The methodology ensures confidentiality and integrity of data, including data stored in untrusted cloud. In addition to protecting data against malicious or curious cloud or database administrators, the capability of running a search through encrypted data, using SQL queries, and building analytics over encrypted data is supported. My solution is implemented in the “WAXEDPRUNE” (Web-based Access to Encrypted Data Processing in Untrusted Environments) project, funded by Northrop Grumman Cybersecurity Research Consortium. WAXEDPRUNE methodology is illustrated in this thesis for two use cases, including a Hospital Information System with secure storage and exchange of Electronic Health Records and a Vehicle-to-Everything communication system with secure exchange of vehicle’s and drivers’ data, as well as data on road events and road hazards.

To help with investigating data leakage incidents in service-oriented architecture, integrity of provenance data needs to be guaranteed. For that purpose, I integrate WAXEDPRUNE with IBM Hyperledger Fabric blockchain network, so that every data access, transfer or update is recorded in a public blockchain ledger, is non-repudiatable and can be verified at any time in the future. The work on this project, called “Blockhub,” is in progress.

Non c’è dubbio sul fatto che la RAI, dal 1954 a oggi, abbia contribuito in misura considerevole a determinare la fisionomia dell’immaginario collettivo e dell’identità culturale dell’Italia. Si tratta di un assunto che, a distanza di più di sessant’anni, resta sempre di grande attualità, per chi si occupa della questione televisiva (e non solo). Ma a differenza di quanto avveniva nel passato, quando la tv appariva più preoccupata dei reali interessi dei cittadini, oggi essa sembra rispondere prevalentemente a dinamiche di mercato, in grado di alterarne la funzione etica e sociale. E nonostante il livello di istruzione e di benessere economico si siano evidentemente alzati, in questi ultimi anni si è assistito a programmi di sempre più bassa qualità e in controtendenza a un incremento del potere modellante e suggestivo sull’immaginario dei telespettatori. C’è di più: l’interesse verso la tv ha coinvolto anche gli storici dell’epoca contemporanea, i quali hanno iniziato a prendere coscienza che le produzioni audiovisive sono strumenti imprescindibili per la ricerca. Se si pensa ad esempio al ‹‹boom economico›› del Paese, negli anni Cinquanta e Sessanta, non si può non considerare che la tv, insieme agli altri media, abbia contributo a raccontare e allo stesso tempo ad accelerare i progressi economici e sociali di quell’epoca. Partendo, dunque, dal presupposto che la televisione da sempre esercita un potere decisivo sulla collettività, si è scelto di concentrarsi sulla fase meno indagata della sua storia, quella della televisione delle origini: ‹‹migliore›› perché senza competitor, ‹‹autentica›› perché incontestabile e soprattutto ‹‹pedagogica›› perché è di istruzione e di formazione che, quell’Italia appena uscita dalla guerra, aveva più urgenza. La storia della televisione italiana inizia il 3 gennaio 1954, con la nascita del servizio pubblico televisivo e insieme di un mezzo che, di lì a poco, avrebbe completamente rivoluzionato la società italiana, trasformandola in una civiltà di massa. Si accorciano le distanze territoriali e insieme culturali e la società inizia a omologarsi nei gusti, poi nei consumi e infine nel pensiero. Il punto d’arrivo si colloca negli anni Settanta, quando ha termine il monopolio della RAI, che fino a quel momento era stato visto come il garante del pluralismo culturale. La RAI passa dal controllo governativo a quello parlamentare, mentre si assiste al boom delle televisioni private e alla necessità della tv di Stato di stare al passo con la concorrenza, attraverso una produzione diversa da quella degli esordi. Dunque cambia la tv, come pure cambia la sua funzione e la forma mentis di chi ne detiene le redini. Ne risulta un’indagine trasversale, che passa nel mezzo di molteplici discipline che afferiscono alla materia televisiva e che non evita di porsi quelle domande scomode, necessarie tuttavia a comprendere la verità sugli artefici della prima RAI e sui loro obiettivi. E allora: qual era il valore attribuito alla televisione degli esordi? Era davvero uno strumento pedagogico? Sulla base di quali presupposti? Chi scriveva i palinsesti di quegli anni? Chi e perché sceglieva temi e format televisivi? Chi decideva, in ultima analisi, la forma da dare all’identità culturale nazionale attraverso questo nuovo apparecchio? Il metodo di ricerca si è articolato su tre distinte fasi di lavoro. In primis si è puntato a individuare e raccogliere bibliografia, sitografia, studi e materiale bibliografico reperibile a livello nazionale e internazionale sulla storia della televisione italiana e sulla sua programmazione nel primo ventennio. In particolare sono stati presi in esame i programmi scolastici ed educativi (Telescuola, Non è mai troppo tardi), la Tv dei Ragazzi e i programmi divulgativi culturali. Successivamente si è resa necessaria una definizione degli elementi per l’analisi dei programmi presi in esame, operazione resa possibile grazie alla consultazione del Catalogo multimediale della Rai. In questa seconda parte della ricerca si è voluto puntare i riflettori su ‹‹L’Approdo››, la storia, le peculiarità e gli obiettivi di quella che a ragione potrebbe essere definita una vera e propria impresa culturale, declinata in tutte le sue forme: radiofonica, di rivista cartacea e televisiva. In ultimo, sulla base dell’analisi dei materiali d’archivio, sono state realizzate interviste e ricerche all’interno dei palazzi della Rai per constatare la fondatezza e l’attendibilità dell’ipotesi relativa agli obiettivi educativi sottesi ai format televisivi presi in esame. Le conclusioni di questa ricerca hanno portato a sostenere che la tv delle origini, con tutti i suoi limiti, era uno strumento pedagogico e di coesione sociale. E se ciò appare come un aspetto ampiamente verificabile, oltreché evidente, qualora si voglia prendere in esame la televisione scolastica ed educativa di quegli anni, meno scontato risulta invece dimostrarlo se si decide – come si è fatto – di prendere in esame un programma divulgativo culturale come ‹‹L’Approdo››, che rientra nell’esperienza televisiva definita di ‹‹educazione permanente››. Ripercorrere la storia della trasmissione culturale più longeva della tv italiana degli esordi, per avvalorarne la funzione educativa, si è rivelata una strada interessante da battere, per quanto innegabilmente controversa, proprio per il principale intento insito nella trasmissione: diffondere la cultura ‹‹alta›› a milioni di telespettatori che erano praticamente digiuni della materia. Un obiettivo che alla fine della disamina si è rivelato centrato, grazie alla qualità della trasmissione, al suo autorevole e prestigioso groupe d'intellectuels, agli ascolti registrati dal ‹‹Servizio Opinioni›› e alla potenzialità divulgativa e penetrante della tv, nel suo saper trasmettere qualunque tematica, anche quelle artistiche e letterarie. Dunque se la prima conclusione di questo studio induce a considerare che la tv del primo ventennio era pedagogica, la seconda è che ‹‹L’Approdo›› tv di questa televisione fu un’espressione felice. ‹‹L’Approdo›› conserva ancora oggi un fascino innegabile, non foss’altro per la tenacia con la quale i letterati difesero l’idea stessa della cultura classica dal trionfo lento e inesorabile della società mediatica. Come pure appare ammirevole e lungimirante il tentativo, mai azzardato prima, di far incontrare la cultura con i nuovi media. Si potrebbe dire che ‹‹L’Approdo›› oggi rappresenti una rubrica del passato di inimmaginata modernità e, nel contempo, una memoria storica, lunga più di trent’anni, che proietta nel futuro la ricerca storica grazie al suo repertorio eccezionale di immagini e fatti che parlano di arte, di letteratura, di cultura, di editoria e di società e che raccontano il nostro Paese e la sua identità culturale, la stessa che la televisione da sempre contribuisce a riflettere e a delineare. Lo studio è partito da un’accurata analisi delle fonti, focalizzando l’attenzione, in primo luogo, sugli ‹‹Annuari della Rai›› (che contengono le Relazioni del Cda Rai, le Relazioni del Collegio Sindacale, i Bilanci dell’Esercizio e gli Estratti del Verbale dell’Assemblea Ordinaria). Altre fonti prese in esame sono gli stati gli opuscoli di ‹‹Servizio Opinioni››, le pubblicazioni relative a studi e ricerche in materia di televisione e pedagogia e le riviste edite dalla Rai Eri: ‹‹Radiocorriere tv››, ‹‹L’Approdo Letterario››, ‹‹Notizie Rai››, ‹‹La nostra RAI››, ‹‹Video››. Negli ultimi anni la Rai ha messo a disposizione del pubblico una cospicua varietà di video trasmessi dalle origini a oggi (www.techeaperte.it): si tratta del Catalogo Multimediale della Rai, che si è rivelato fondamentale al fine della realizzazione della presente ricerca. Altre sedi indispensabili per la realizzazione di questa ricerca si sono rivelate le due Biblioteche romane della Rai di Viale Mazzini e di via Teulada.