Dissertations / Theses on the topic 'Sécurité et confidentialité'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 15 dissertations / theses for your research on the topic 'Sécurité et confidentialité.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
Cherif, Amina. "Sécurité des RFIDs actifs et applications." Thesis, Limoges, 2021. http://www.theses.fr/2021LIMO0015.
Full textOver the 30 last years, active RFID devices have evolved from nodes dedicated to identification to autonomous nodes that, in addition, sense (from environment or other sources) and exchange data. Consequently, the range of their applications has rapidly grown from identification only to monitoring and real time localisation. In recent years, thanks to their advantages, the use of active RFID nodes for mobile data collection has attracted significant attention. However, in most scenarios, these nodes are unattended in an adverse environments, so data must be securely stored and transmitted to prevent attack by active adversaries: even if the nodes are captured, data confidentiality must be ensured. Furthermore, due to the scarce resources available to nodes in terms of energy, storage and/or computation, the used security solution has to be lightweight. This thesis is divided in two parts. In the first, we will study in details the evolution of active RFID nodes and their security. We will then, present, in the second part, a new serverless protocol to enable MDCs (Mobile Data Collectors), such as drones, to collect data from mobile and static Active RFID nodes and then deliver them later to an authorized third party. The whole solution ensures data confidentiality at each step (from the sensing phase, before data collection by the MDC, once data have been collected by MDC, and during final delivery) while fulfilling the lightweight requirements for the resource-limited entities involved. To assess the suitability of the protocol against the performance requirements, we will implement it on the most resource-constrained secure devices to prove its efficiency even in the worst conditions. In addition, to prove the protocol fulfills the security requirements, we will analyze it using security games and we will also formally verify it using the AVISPA and ProVerif tools
Dubreil, Jérémy. "Vérification et Synthèse de Contrôleur pour des Propriétés de Confidentialité." Phd thesis, Université Rennes 1, 2009. http://tel.archives-ouvertes.fr/tel-00461306.
Full textMartinet, Gwenaëlle. "Contribution à une théorie de la sécurité des implémentations cryptographiques." Paris 7, 2004. http://www.theses.fr/2004PA077195.
Full textSomé, Dolière Francis. "Sécurité et vie privée dans les applications web." Thesis, Université Côte d'Azur (ComUE), 2018. http://www.theses.fr/2018AZUR4085/document.
Full textIn this thesis, we studied security and privacy threats in web applications and browser extensions. There are many attacks targeting the web of which XSS (Cross-Site Scripting) is one of the most notorious. Third party tracking is the ability of an attacker to benefit from its presence in many web applications in order to track the user has she browses the web, and build her browsing profile. Extensions are third party software that users install to extend their browser functionality and improve their browsing experience. Malicious or poorly programmed extensions can be exploited by attackers in web applications, in order to benefit from extensions privileged capabilities and access sensitive user information. Content Security Policy (CSP) is a security mechanism for mitigating the impact of content injection attacks in general and in particular XSS. The Same Origin Policy (SOP) is a security mechanism implemented by browsers to isolate web applications of different origins from one another. In a first work on CSP, we analyzed the interplay of CSP with SOP and demonstrated that the latter allows the former to be bypassed. Then we scrutinized the three CSP versions and found that a CSP is differently interpreted depending on the browser, the version of CSP it implements, and how compliant the implementation is with respect to the specification. To help developers deploy effective policies that encompass all these differences in CSP versions and browsers implementations, we proposed the deployment of dependency-free policies that effectively protect against attacks in all browsers. Finally, previous studies have identified many limitations of CSP. We reviewed the different solutions proposed in the wild, and showed that they do not fully mitigate the identified shortcomings of CSP. Therefore, we proposed to extend the CSP specification, and showed the feasibility of our proposals with an example of implementation. Regarding third party tracking, we introduced and implemented a tracking preserving architecture, that can be deployed by web developers willing to include third party content in their applications while preventing tracking. Intuitively, third party requests are automatically routed to a trusted middle party server which removes tracking information from the requests. Finally considering browser extensions, we first showed that the extensions that users install and the websites they are logged into, can serve to uniquely identify and track them. We then studied the communications between browser extensions and web applications and demonstrate that malicious or poorly programmed extensions can be exploited by web applications to benefit from extensions privileged capabilities. Also, we demonstrated that extensions can disable the Same Origin Policy by tampering with CORS headers. All this enables web applications to read sensitive user information. To mitigate these threats, we proposed countermeasures and a more fine-grained permissions system and review process for browser extensions. We believe that this can help browser vendors identify malicious extensions and warn users about the threats posed by extensions they install
Grall, Hervé. "Deux critères de sécurité pour l'exécution de code mobile." Phd thesis, Ecole des Ponts ParisTech, 2003. http://tel.archives-ouvertes.fr/tel-00007549.
Full textBègue, Guillaume. "Confidentialité et prévention de la criminalité financière : étude de droit comparé." Thesis, Paris 1, 2016. http://www.theses.fr/2016PA01D019.
Full textThe recent trend towards transaprency in business highlights a more global disenchantment with the concept of secrecy. The concept of secrecy benefits from various legal expressions whose origins give it as undisputable legitimacy. This observation leads us to recognise the existence of a "Principle of confidentiality". The clash betxeen the rules of Financial Crime prevention and this principle of confidentiality is causing legal uncertainty not only for professional subject to Anti-money laundering and counter-terrorism financing regulations but also gor persons whose data is being processed. These two sets of conflicting rules nevertheless share a common goal, namely to ensure respect for fundamental rights. Notwithstanding this, both the risk of abuse of legal instruments offered by one set for illegitimate purposes and the shortcomings attached to the other set potentially hinder the efficient and reasonable use of Law. This study aims at analysing antagonistic principles to reach a certain balance by applying solutions which preserve their respective interests and contribute to legal certainty. In this regard, the comparative law analysis helps better interpret customer due diligence measures whilst rehabilitating the arguments in favour of the principle of confidentiality. This shows the development of e genuine AML/CFT Law and in particular its preventive aspects that form a major part of the Banking and Financial Regulations
Delannoy, Xavier. "Contributions à l'étude de la tension entre cohérence et confidentialité et du classement d'objets selon leur histoire dans les bases de données." Phd thesis, Université Joseph Fourier (Grenoble), 1997. http://tel.archives-ouvertes.fr/tel-00004936.
Full textBadra, Mohamad. "Le transport et la sécurisation des échanges sur les réseaux sans fil." Phd thesis, Télécom ParisTech, 2004. http://pastel.archives-ouvertes.fr/pastel-00000952.
Full textKauffmann-Tourkestansky, Xavier. "Analyses sécuritaires de code de carte à puce sous attaques physiques simulées." Phd thesis, Université d'Orléans, 2012. http://tel.archives-ouvertes.fr/tel-00771273.
Full textBarquissau, Eric. "L’évaluation de la qualité de la relation client en ligne par les utilisateurs d’espaces clients de sites web : une application dans le secteur bancaire et dans le secteur de la téléphonie mobile." Thesis, Paris 10, 2013. http://www.theses.fr/2013PA100205.
Full textThe Internet has dramatically changed the way companies interact with their customers. Because of the importance of e-customer relationship management, companies have to reconsider their strategies in terms of relationship marketing. The purpose of this research is to investigate the way users of personal websites’ accounts evaluate e-relationship quality within two sectors: the banking sector and the mobile phone sector. This research deals with an important concept: appropriation.A qualitative study has been conducted in order to build a research model and to create a measurement scale to study the appropriation of a personal websites’ account. Therefore, an online survey (N=534) was conducted to test the hypothesis. The findings suggest that the appropriation of a personal websites’ account is a mediating variable between perceived ease of use, perceived usability and relationship quality, both in the banking sector and in the mobile phone sector. In the same way, privacy has a positive influence on e-relationship quality. Moreover, perceived interactivity has a positive influence on e-relationship quality, but that particular hypothesis is partially validated. Finally, social presence does not have a positive influence on e-relationship quality
Memon, Irfana. "Energy efficient secure and privacy preserving data aggregation in Wireless Sensor Networks." Thesis, Aix-Marseille, 2013. http://www.theses.fr/2013AIXM4079.
Full textWSNs are formed by sensor nodes that have the ability to sense the environment, process the sensed information, and communicate via radio without any additional prior backbone infrastructure. In WSNs, communication with other nodes is the most energy consuming task. Hence, the primary objective in designing protocols for WSNs is to minimize communication overhead. This is often achieved using in-network data aggregation. As WSNs are often deployed in open environments, they are vulnerable to security attacks. This thesis contributes toward the design of energy efficient secure and privacy preserving data aggregation protocol for WSNs. First, we classify the main existing secure and privacy-preserving data aggregation protocols for WSNs in the literature. We then propose an energy-efficient secure and privacy-preserving data aggregation (ESPPA) scheme for WSNs. ESPPA scheme is tree-based and achieves confidentiality and privacy based on shuffling technique. We propose a secure tree construction (ST) and tree-reconstruction scheme. Simulation results show that ESPPA scheme effectively preserve privacy, confidentiality, and has less communication overhead than SMART. Finally we propose an extension of ST scheme, called secure coverage tree (SCT) construction scheme. SCT applies sleep scheduling. Through simulations, we show the efficacy and efficiency of the SCT scheme. Beside the work on secure and privacy preserving data aggregation, during my research period, we have also worked on another interesting topic (i.e., composite event detection for WSNs). Appendix B presents a complementary work on composite event detection for WSNs
Kaâniche, Mohamed. "Evaluation de la sûreté de fonctionnement informatique. Fautes physiques, fautes de conception, malveillances." Habilitation à diriger des recherches, Institut National Polytechnique de Toulouse - INPT, 1999. http://tel.archives-ouvertes.fr/tel-00142168.
Full textVermeys, Nicolas W. "Qualification et quantification de l'obligation de sécurité informationnelle dans la détermination de la faute civile." Thèse, 2009. http://hdl.handle.net/1866/3663.
Full textIn Quebec, as in most western jurisdictions, the duty to ensure information security, i.e. the obligation bestowed upon companies to protect the integrity, confidentiality and availability of information, stems from a series of legal dispositions which, rather than to impose a certain conduct, or the use of given technologies or processes, simply demand that "reasonable", "adequate", or "sufficient" security measures be applied. However, in a field an nascent and complex as information security, where available solutions are numerous, and where case law is sparse, how can a company reliably predict the full extend of its duty? In other words, how can one establish what a reasonably prudent and diligent company would do in a field where laws, case law, and even customs fail to dictate precisely what level of diligence is sought by the legislator? The lack of legal certainty offered in such a case is obvious, and requires us to reconfigure the framework associated with the duty to ensure information security in order to identify its components and objectives. Such an endeavour begins with redefining the duty to ensure information security as a duty to reduce information-related risk to a socially acceptable leve1. Since security stems from risk management, it can therefore be said that risk is at the core of said duty. By analysing risk, i.e. by identifying the threats that aim to exploit a system's vulnerabilities, it becomes possible to specify which counter measures could be useful and what costs they may entail. From that point, it's feasible, if using the economic definition of negligence (which is based on the probability of a security breach, and the damages incurred), to establish the optimal amount that should be invested in the purchasing, upkeep and replacement of these counter measures. This type of analysis will allow companies to quantify, with a certain degree of precision, the extend to which they need to ensure information security by giving them a set of tools based on easily accessible data. Furthermore, said tools appear to be fully compatible with the current legal landscape.
Vermeys, Nicolas. "Qualification et quantification de l'obligation de sécurité informationnelle dans la détermination de la faute civile." Thèse, 2009. http://hdl.handle.net/1866/3663.
Full textIn Quebec, as in most western jurisdictions, the duty to ensure information security, i.e. the obligation bestowed upon companies to protect the integrity, confidentiality and availability of information, stems from a series of legal dispositions which, rather than to impose a certain conduct, or the use of given technologies or processes, simply demand that "reasonable", "adequate", or "sufficient" security measures be applied. However, in a field an nascent and complex as information security, where available solutions are numerous, and where case law is sparse, how can a company reliably predict the full extend of its duty? In other words, how can one establish what a reasonably prudent and diligent company would do in a field where laws, case law, and even customs fail to dictate precisely what level of diligence is sought by the legislator? The lack of legal certainty offered in such a case is obvious, and requires us to reconfigure the framework associated with the duty to ensure information security in order to identify its components and objectives. Such an endeavour begins with redefining the duty to ensure information security as a duty to reduce information-related risk to a socially acceptable leve1. Since security stems from risk management, it can therefore be said that risk is at the core of said duty. By analysing risk, i.e. by identifying the threats that aim to exploit a system's vulnerabilities, it becomes possible to specify which counter measures could be useful and what costs they may entail. From that point, it's feasible, if using the economic definition of negligence (which is based on the probability of a security breach, and the damages incurred), to establish the optimal amount that should be invested in the purchasing, upkeep and replacement of these counter measures. This type of analysis will allow companies to quantify, with a certain degree of precision, the extend to which they need to ensure information security by giving them a set of tools based on easily accessible data. Furthermore, said tools appear to be fully compatible with the current legal landscape.
Turgeon, Londei Sophie. "Perception des personnes âgées à l'égard de la vidéosurveillance intelligente pour leur soutien à domicile." Thèse, 2008. http://hdl.handle.net/1866/2711.
Full textBackgroung: Among the elderly, at-home falls are a significant problem (on average, 1 elder/3 falls at least 1/year). In order to automatically detect falls while maintaining privacy, an innovative technology was developed: an intelligent videomonitoring system. Objective: To explore the perception and receptivity of the elderly regarding the introduction of this new technology at home. Methodology: Using a mixed methods design, 30 elderly underwent a structured interview. A content analysis (qualitative data) and descriptive analyses (quantitative data) were executed and then combined. Findings: 93.4% of the participants were favorable (or partially) to the intelligent videomonitoring system and 43.3% would use it for the sense of security and the privacy provided. Conclusion: The living situation of the elderly influences their perception and receptivity regarding an intelligent videomonitoring system. The next step will be to evaluate this new technology in various living environments.