Literatura académica sobre el tema "Systèmes informatiques – Mesures de sûreté – Automatisation"
Crea una cita precisa en los estilos APA, MLA, Chicago, Harvard y otros
Consulte las listas temáticas de artículos, libros, tesis, actas de conferencias y otras fuentes académicas sobre el tema "Systèmes informatiques – Mesures de sûreté – Automatisation".
Junto a cada fuente en la lista de referencias hay un botón "Agregar a la bibliografía". Pulsa este botón, y generaremos automáticamente la referencia bibliográfica para la obra elegida en el estilo de cita que necesites: APA, MLA, Harvard, Vancouver, Chicago, etc.
También puede descargar el texto completo de la publicación académica en formato pdf y leer en línea su resumen siempre que esté disponible en los metadatos.
Tesis sobre el tema "Systèmes informatiques – Mesures de sûreté – Automatisation"
Mobarek, Iyad. "Conception d'un système national des équipements médicaux automatiques pour améliorer la performance et réduire les coûts d'investissements et d'exploitations des dispositifs médicaux". Compiègne, 2006. http://www.theses.fr/2006COMP1623.
Texto completoThis thesis describes the different phases of developing, implementing and evaluating a unique Clinical Engineering System (CES) based on Jordan. This includes establishing and then automating ail technical issues and information related to medical equipment in 29 hospitals, 685 health centers, 332 dental clinics, 348 pediatric and mother care clinics and 23 blood banks. Every medical equipment was assigned an identity code that can be recognized through a bar code scanning system and similarly ail other involved parameters like hospitals, personnel, spare parts, workshops. . . Etc. Are also coded comprehensively. The fully automated CES presents a powerful system; implemented over network covering different locations of the Directorate of Biomedical Engineering (DBE) at Ministry Of Heath ail over the country, presenting the first Comprehensive CES to be implemented on the national level and the automated system can read and report in both Arabic and English languages. Compared to international figures the developed clinical engineering system has enhanced the performance of medical equipment including its availability (uptime) up to the best available international levels at extremely low cost. The complete system proved to be invaluable tool to manage, control and report all different parameters concerning medical equipment in the considered clinical engineering system. The System was evaluated and found to be reliable, effective and unique compared to internationally available systems and it presents a. Successful model for other countries
Mantovani, Alessandro. "An Analysis of Human-in-the-loop Approaches for Reverse Engineering Automation". Electronic Thesis or Diss., Sorbonne université, 2022. https://accesdistant.sorbonne-universite.fr/login?url=https://theses-intra.sorbonne-universite.fr/2022SORUS052.pdf.
Texto completoIn system and software security, one of the first criteria before applying an analysis methodology is to distinguish according to the availability or not of the source code. When the software we want to investigate is present in binary form, the only possibility that we have is to extract some information from it by observing its machine code, performing what is commonly referred to as Binary Analysis (BA). The artisans in this sector are in charge of mixing their personal experience with an arsenal of tools and methodologies to comprehend some intrinsic and hidden aspects of the target binary, for instance, to discover new vulnerabilities or to detect malicious behaviors. Although this human-in-the-loop configuration is well consolidated over the years, the current explosion of threats and attack vectors such as malware, weaponized exploits, etc. implicitly stresses this binary analysis model, demanding at the same time for high accuracy of the analysis as well as proper scalability over the binaries to counteract the adversarial actors. Therefore, despite the many advances in the BA field over the past years, we are still obliged to seek novel solutions. In this thesis, we take a step more on this problem, and we try to show what current paradigms lack to increase the automation level. To accomplish this, we isolated three classical binary analysis use cases, and we demonstrated how the pipeline analysis benefits from the human intervention. In other words, we considered three human-in-the-loop systems, and we described the human role inside the pipeline with a focus on the types of feedback that the analyst ``exchanges'' with her toolchain. These three examples provided a full view of the gap between current binary analysis solutions and ideally more automated ones, suggesting that the main feature at the base of the human feedback corresponds to the human skill at comprehending portions of binary code. This attempt to systematize the human role in modern binary analysis approaches tries to raise the bar towards more automated systems by leveraging the human component that, so far, is still unavoidable in the majority of the scenarios. Although our analysis shows that machines cannot replace humans at the current stage, we cannot exclude that future approaches will be able to fill this gap as well as evolve tools and methodologies to the next level. Therefore, we hope with this work to inspire future research in the field to reach always more sophisticated and automated binary analysis techniques
Oulaaffart, Mohamed. "Automating Security Enhancement for Cloud Services". Electronic Thesis or Diss., Université de Lorraine, 2023. http://www.theses.fr/2023LORR0232.
Texto completoThe advances in virtualization techniques and the maturity of orchestration languages have contributed to the design and deployment of cloud composite services. These cloud services may be subject to changes over time, due to the migration of their resources. This may introduce new vulnerabilities, that compromise the whole services. In that context, this thesis proposes to enhance and automate the security of cloud composite services, according to three main axes. The first axis consists in an automated SMT-based security framework for supporting migrations in cloud composite services, such as those orchestrated with the TOSCA (Topology and Orchestration Specification for Cloud Applications) language. It relies on verification techniques for automatically assessing the configuration changes that affect the components of cloud services during their migrations and determining adequate countermeasures. The second axis investigates the design of an inter-cloud trusted third party, called C3S-TTP (Composite Cloud Configuration Security-Trusted Third Party). This one is capable to perform a precise and exhaustive vulnerability assessment, without requiring the cloud provider and the cloud tenant to share critical configuration information between each other. The third axis is centered on the investigation of a moving target defense strategy which combines artificial intelligence algorithms together with verification techniques. The purpose is to deceive reconnaissance activities performed by attackers through a large exploration of states, while minimizing the occurrence of new vulnerabilities that may impact on the attack surface of cloud composite services
Mendy, Norbert Lucien. "Les attaques et la sécurité des systèmes informatiques". Paris 8, 2006. http://www.theses.fr/2006PA082735.
Texto completoHacking activities appeared around 1980 with first personal computers and since did not stop developing. At the beginning, this practice was primarily individual and playful. Now it is mainly made up by the activities of groups, with very various motivations. Today, due to the development of electronic means of communication, data security concerns a wider public. This thesis examines initially, from a technical and sociological point of view, attacks and defense mechanisms, and proposes a new concept of the security which is not only any centered on technical solutions but also takes in consideration the social dimension of the problem
Koutsos, Adrien. "Preuves symboliques de propriétés d’indistinguabilité calculatoire". Thesis, Université Paris-Saclay (ComUE), 2019. http://www.theses.fr/2019SACLN029/document.
Texto completoOur society extensively relies on communications systems. Because such systems are used to exchange sensitive information and are pervasive, they need to be secured. Cryptographic protocols are what allow us to have secure communications. It is crucial that such protocols do not fail in providing the security properties they claim, as failures have dire consequences. Unfortunately, designing cryptographic protocols is notoriously hard, and major protocols are regularly and successfully attacked. We argue that formal verification is the best way to get a strong confidence in a protocol security. Basically, the goal is to mathematically prove that a protocol satisfies some security property.Our objective is to develop techniques to formally verify equivalence properties of cryptographic protocols, using a method that provides strong security guarantees while being amenable to automated deduction techniques. In this thesis, we argue that the Bana-Comon model for equivalence properties meets these goals. We support our claim through three different contributions.First, we design axioms for the usual functions used in security protocols, and for several cryptographic hypothesis. Second, we illustrate the usefulness of these axioms and of the model by completing case studies of concrete protocols: we study two RFID protocols, KCL et LAK, as well as the 5G-AKA authentication protocol used in mobile communication systems. For each of these protocols, we show existing or new attacks against current versions, propose fixes, and prove that the fixed versions are secure. Finally, we study the problem of proof automation in the Bana-Comon model, by showing the decidability of a set of inference rules which is a sound, though incomplete, axiomatization of computational indistinguishability when using an IND-CCA2 encryption scheme. From a cryptographer's point of view, this can be seen as the decidability of a fixed set of cryptographic game transformations
Cerf, Sophie. "control theory for computing systems : application to big-data cloud services & location privacy protection". Thesis, Université Grenoble Alpes (ComUE), 2019. http://www.theses.fr/2019GREAT024.
Texto completoThis thesis presents an application of Control Theory for Computing Systems. It aims at investigating techniques to build and control efficient, dependable and privacy-preserving computing systems. Ad-hoc service configuration require a high level of expertise which could benefit from automation in many ways. A control algorithm can handle bigger and more complex systems, even when they are extremely sensitive to variations in their environment. However, applying control to computing systems raises several challenges, e.g. no physics governs the applications. On one hand, the mathematical framework provided by control theory can be used to improve automation and robustness of computing systems. Moreover, the control theory provides by definition mathematical guarantees that its objectives will be fulfilled. On the other hand, the specific challenges of such use cases enable to expand the control theory itself. The approach taken in this work is to use two application computing systems: location privacy and cloud control. Those two use-cases are complementary in the nature of their technologies and softwares, their scale and in their end-users.The widespread of mobile devices has fostered the broadcasting and collection of users’ location data. It could be for the user to benefit from a personalized service (e.g. weather forecast or route planning) or for the service provider or any other third party to derive useful information from the mobility databases (e.g. road usage frequency or popularity of places). Indeed, many information can be retrieved from location data, including highly sensitive personal data. To overcome this privacy breach, Location Privacy Protection Mechanisms (LPPMs) have been developed. They are algorithm that modify the user’s mobility data, hopefully to hide some sensitive information. However, those tools are not easily configurable by non experts and are static processes that do not adapt to the user’s mobility. We develop two tools, one for already collected databases and one for online usage, that, by tuning the LPPMs, guarantee to the users objective-driven levels of privacy protection and of service utility preservation. First, we present an automated tool able to choose and configure LPPMs to protect already collected databases while ensuring a trade-off between privacy protection and database processing quality. Second, we present the first formulation of the location privacy challenge in control theory terms (plant and control, disturbance and performance signals), and a feedback controller to serve as a proof of concept. In both cases, design, implementation and validation has been done through experiments using data of real users collected on the field.The surge in data generation of the last decades, the so-called bigdata, has lead to the development of frameworks able to analyze them, such as the well known MapReduce. Advances in computing practices has also settled the cloud paradigms (where low-level resources can be rented to allow the development of higher level application without dealing with consideration such as investment in hardware or maintenance) as premium solution for all kind of users. Ensuring the performances of MapReduce jobs running on clouds is thus a major concern for the big IT companies and their clients. In this work, we develop advanced monitoring techniques of the jobs execution time and the platform availability by tuning the resource cluster size and realizing admission control, in spite of the unpredictable client workload. In order to deal with the non linearities of the MapReduce system, a robust adaptive feedback controller has been designed. To reduce the cluster utilization (leading to massive financial and energetic costs), we present a new event-based triggering mechanism formulation combined with an optimal predictive controller. Evaluation is done on a MapReduce benchmark suite running on a large-scale cluster, and using real jobs workloads
Balduzzi, Marco. "Mesures automatisées de nouvelles menaces sur Internet". Paris, Télécom ParisTech, 2011. http://www.theses.fr/2011ENST0042.
Texto completoLn the last twenty years, the Internet has grown from a simple, small network to a complex, large-scale system. While the Internet was originally used to offer static content that was organized around simple websites, today, it provides both content and services (e. G. Chat, e-mail, web) as weil as the outsourcing of computation and applications (e. G. Cloud computing). Attackers are not indifferent to the evolution of the Internet. Often driven by a flourishing underground economy, attackers are constantly looking for vulnerabilities, misconfigurations and novel techniques to access protected and authorized systems, to steal private information, or to deliver malicious content. To date, not much research has been conducted to measure the importance and extent of these emerging Internet threats. Conventional detection techniques cannot easily scale to large scale installations, and novel methodologies are required to analyze and discover bugs and vulnerabilities in these complex systems. Ln this thesis, we advance the state-of-art in large scale testing and measurement of Internet threats. We research lnto three novel classes of security problems that affect Internet systems that experienced a fast surge in popularity (i. E. , ClickJacking, HTIP Parameter Pollution, and commercial cloud computing services that allow the outsourcing of server infrastructures). We introduce the tirst, large scale attempt to estimate the prevalence and relevance of these problems on the Internet
Kanoun, Wael. "Intelligent risk-aware system for activating and deactivating policy-based response". Télécom Bretagne, 2011. http://www.theses.fr/2011TELB0165.
Texto completoLa croissance de l'échelle des systèmes d'information critiques, combinée à l'augmentation continue de la fréquence et de la sophistication des attaques, rend les systèmes de réponses classiques inadéquats. Le système peut être la cible de plusieurs attaques simultanées, qui nécessitent l'activation de réponses différentes et contradictoires. En outre, une réponse peut avoir des effets collatéraux, comme (i) induire un coût intrinsèque sur le système, (ii) permettre et faciliter l'exécution d'autres attaques. Ainsi, les systèmes de réponse doivent être conçus d'une manière intelligente, pour optimiser l'activation des réponses appropriées, soit pour les automatiser, soit pour fournir une assistance à la décision aux administrateurs. Alors que la majorité des modèles de réponses existants considère seulement le coût des attaques et des réponses, nous adoptons une perspective plus générale basée sur le risque. Conformément à la définition du risque, nous considérons conjointement l'impact et la vraisemblance de succès des attaques en cours dans le processus de sélection de réponse. D'abord, nous proposons un workflow qui permet de réagir sur deux plans distincts, sur le plan tactique, et sur le plan stratégique. La réponse tactique est composée des contremesures élémentaires à portées limitées dans le système. Elles sont généralement liées à l'occurrence d'attaque en cours. En revanche, la réponse stratégique est spécifiée avec un langage formel qui permet d'exprimer des politiques de sécurité. Elles sont déployées globalement dans le système pour des menaces majeures. Ensuite, nous proposons un modèle pour la réponse tactique, basé sur une évaluation de risques dynamique. Quand une attaque en cours est détectée, nous évaluons le risque global en combinant l'impact potentiel avec la vraisemblance de succès de l'attaque. Les contremesures seront ordonnées par rapport à leur efficacité à réduire le risque global. Nous mettons l'accent sur le facteur de vraisemblance de succès, et nous proposons un modèle dynamique pour évaluer ce paramètre, en tenant compte du progrès de l'attaque en cours et l'état du système. Enfin, nous présentons un framework basé sur les risques pour l'activation et la désactivation de la réponse stratégique. Cette réponse est activée et déployée quand le risque de l'attaque en cours dépasse le coût cumulé de la réponse, et elle est maintenue tant que le risque reste présent. Contrairement aux systèmes existants, nous considérons la désactivation d'une réponse qui est effectuée lorsque le risque de l'attaque décroît, ou dés lors que le coût de la réponse devient important. Dans cette thèse, un service VoIP a été choisi pour valider nos propositions, tout en respectant les contraintes opérationnelles et de sécurité
Znaidi, Wassim. "Quelques propositions de solutions pour la sécurité des réseaux de capteurs sans fil". Lyon, INSA, 2010. http://theses.insa-lyon.fr/publication/2010ISAL0083/these.pdf.
Texto completoThe self-organized growth of three-dimensional (3D) quantum dots has attracted a lot of interest for their potential applications in ptoelectronic and in nanophotonic devices. In this work, we study by optical spectroscopy lnAs/lnP and lnAs/GaAs quantum dots grown by molecular beam epitaxy (MBE) using the Stanski-Krastanov (SK) growth mode. The quantum dots are then embedded in an electric-field tunable device called « nanopixel ». Ln the case of the lnAs/lnP quantum dots, we focused on the impact of growth conditions like the cap thickness of the double cap process on the emission energy, the influence of the first cap, temperature effect and the exciton-biexciton system. In the case of lnAs/GaAs system, we studied the impact of the capping layer, the excited level sates, the excitonbi-exciton system, and the impact of temperature. We successfully fabricated nanopixels including a quantum dots layer inside the intrinsic region of a Schottky diode. First results showing the effect of an electric field on a single quantum dot emission are finally described
Garcia-Alfaro, Joaquin. "Platform of intrusion management : design and implementation". Télécom Bretagne, 2006. http://www.theses.fr/2006TELB0025.
Texto completoAujourd’hui les systèmes informatiques sont plus vulnérables aux activités malveillantes qu’auparavant. C’est pour cela que l’utilisation des mécanismes de sécurité traditionnaux est encore nécessaire mais pas suffisante. Nous devons élaborer des méthodes efficaces de détection et de réponse aux attaques afin d’arrêter les événements détectés. Nous présentons dans cette thèse la conception d’une architecture générale qui agira en tant que point central pour analyser et vérifier des politiques de sécurité réseaux, et pour contrôler et configurer – sans anomalies ou erreurs de configuration – des composants de sécurité préventifs et de détection. Nous présentons également un mécanisme de réponse basé sur une bibliothèque de différents types de contremesures. L’objectif de ce mécanisme est d’aider l’administrateur à choisir dans cette bibliothèque la contremesure la mieux adaptée quand une intrusion est détectée. Nous finissons par la présentation d’une infrastructure pour la communication des composants de notre plateforme, et d’un mécanisme pour la protection des composants de celle-ci. Toutes les propositions et approches introduites dans cette thèse ont été implémentées et évaluées. Nous présentons les résultats obtenus dans les sections respectives de cette dissertation
Libros sobre el tema "Systèmes informatiques – Mesures de sûreté – Automatisation"
Jan, Christophe. La sécurité informatique. Paris: Eyrolles, 1989.
Buscar texto completoCRYPTO (Conference) (1992 Santa Barbara, Calif.). Advances in cryptology--CRYPTO '92: 12th Annual International Cryptology Conference, Santa Barbara, California, USA, August 16-20, 1992 : proceedings. Berlin: Springer-Verlag, 1993.
Buscar texto completoFaith, Cranor Lorrie y Garfinkel Simson, eds. Security and Usability: Designing Secure Systems That People Can Use. Beijing: O'Reilly, 2005.
Buscar texto completoBauer, Friedrich Ludwig. Decrypted secrets: Methods and maxims of cryptology. Berlin: Springer, 1997.
Buscar texto completoHansteen, Peter N. M. Le livre de PF: Packet filter. Paris: Eyrolles, 2009.
Buscar texto completoJoshua, Quittner, ed. Masters of deception: The gang that ruled cyberspace. New York: HarperPerennial, 1996.
Buscar texto completoSlatalla, Michelle. Masters of deception: The gang that ruled cyberspace. New York: HarperCollins Publishers, 1995.
Buscar texto completoEuropean Symposium on Research in Computer Security (3rd 1994 Brighton, England). Computer security: ESORICS 94 : third European Symposium on Research in Computer Security, Brighton, United Kingdom, November 7-9, 1994 : proceedings. Berlin: Springer-Verlag, 1994.
Buscar texto completoCSIS Global Organized Crime Project. y Center for Strategic and International Studies (Washington, D.C.), eds. Cybercrime-- cyberterrorism-- cyberwarfare--: Averting an electronic Waterloo. Washington, D.C: CSIS Press, 1998.
Buscar texto completoPaget, François. Vers & virus: Classification, lutte anti-virale et perspectives. Paris: Dunod, 2005.
Buscar texto completo