Segui questo link per vedere altri tipi di pubblicazioni sul tema: Computer security.
Tesi sul tema "Computer security"
Cita una fonte nei formati APA, MLA, Chicago, Harvard e in molti altri stili
Vedi i top-50 saggi (tesi di laurea o di dottorato) per l'attività di ricerca sul tema "Computer security".
Accanto a ogni fonte nell'elenco di riferimenti c'è un pulsante "Aggiungi alla bibliografia". Premilo e genereremo automaticamente la citazione bibliografica dell'opera scelta nello stile citazionale di cui hai bisogno: APA, MLA, Harvard, Chicago, Vancouver ecc.
Puoi anche scaricare il testo completo della pubblicazione scientifica nel formato .pdf e leggere online l'abstract (il sommario) dell'opera se è presente nei metadati.
Vedi le tesi di molte aree scientifiche e compila una bibliografia corretta.
1
Anderson, Ross John. "Robust computer security." Thesis, University of Cambridge, 1994. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.338198.
Testo completo
2
Pohrebniak. "IMPROVING COMPUTER SECURITY." Thesis, Київ 2018, 2018. http://er.nau.edu.ua/handle/NAU/33885.
Testo completo
3
Burchett, Ian. "Quantifying Computer Network Security." TopSCHOLAR®, 2011. http://digitalcommons.wku.edu/theses/1118.
Testo completoAbstract (sommario):
Simplifying network security data to the point that it is readily accessible and usable by a wider audience is increasingly becoming important, as networks become larger and security conditions and threats become more dynamic and complex, requiring a broader and more varied security staff makeup. With the need for a simple metric to quantify the security level on a network, this thesis proposes: simplify a network’s security risk level into a simple metric. Methods for this simplification of an entire network’s security level are conducted on several characteristic networks. Identification of computer network port vulnerabilities from NIST’s Network Vulnerability Database (NVD) are conducted, and via utilization of NVD’s Common Vulnerability Scoring System values, composite scores are created for each computer on the network, and then collectively a composite score is computed for the entire network, which accurately represents the health of the entire network. Special concerns about small numbers of highly vulnerable computers or especially critical members of the network are confronted.
4
Besada, Jorge L. "Personal computer security system." FIU Digital Commons, 1993. http://digitalcommons.fiu.edu/etd/1707.
Testo completoAbstract (sommario):
This work consists on the design and implementation of a complete monitored security system. Two computers make up the basic system: one computer is the transmitter and the other is the receiver. Both computers interconnect by modems. Depending on the status of the input sensors (magnetic contacts, motion detectors and others) the transmitter detects an alarm condition and sends a detailed report of the event via modem to the receiver computer.
5
Memon, Abdul Qudoos, Ali Hasan Raza, and Sadia Iqbal Iqbal. "WLAN Security : WLAN Security." Thesis, Halmstad University, School of Information Science, Computer and Electrical Engineering (IDE), 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-4379.
Testo completoAbstract (sommario):
<p>WLANs are become popular due to their different advantages. Beside all these advantages WLANs are also facing the major problem of the security, so that why lots of people are doing research on WLAN to improve the security because many companies want to transfer their sensible data over WLAN.</p><p>This report discusses the security issues of WLAN based on IEEE 802.11 standard, such type of networks are referred to as wifi network. WLAN is deployed as an extension of already existed wired LAN. Therefore it is necessary to provide the security of WLAN equals to Wired LAN.</p><p>We worked in a lab environment in order to configure the three different security solutions (WEP, WPA & WPA2 using IEEE 802.1X and RADIUS Server) on infrastructure mode for personnel and enterprise architecture of WLAN. For each security solution we used the backtrack as a security cracking tool, in order to break the WEP (64 and 128 bit long) security key of WLAN, make comparison between 64 and 128 bit long WEP key and also analyzed the different kind of attacks and some drawbacks of using WEP security in WLAN. In the same way configure the WPA and WPA2 (using IEEE 802.1X and RADIUS Server) security solution in infrastructure mode of WLAN and use the same security cracking tool backtrack in order to break the security of the WLAN and analyze the different attacks on the network in these architecture and drawbacks of using WPA and WPA2 Security solutions. By using IEEE 802.1X and RADIUS Server we can improve the security of the enterprise network.</p><p>In the end we come with many conclusions and suggestions that will help in order to provide better security while deploying Wireless LAN.</p><br>Opponents: Ali Murtaza & Mansoor Ahmed
6
Taramonli, Chryssanthi. "Energy conscious adaptive security." Thesis, University of Warwick, 2014. http://wrap.warwick.ac.uk/74094/.
Testo completoAbstract (sommario):
The rapid growth of information and communication systems in recent years has brought with it an increased need for security. Meanwhile, encryption, which constitutes the basis of the majority of security schemes, may imply a significant amount of energy consumption. Encryption algorithms, depending on their complexity, may consume a significant amount of computing resources, such as memory, battery power and processing time. Therefore, low energy encryption is crucial, especially for battery powered and passively powered devices. Thus, it is of great importance to achieve the desired security possible at the lowest cost of energy. The approach advocated in this thesis is based on the lack of energy implication in security schemes. It investigates the optimum security mode selection in terms of the energy consumption taking into consideration the security requirements and suggests a model for energy-conscious adaptive security in communications. Stochastic and statistical methods are implemented – namely reliability, concentration inequalities, regression analysis and betweenness centrality – to evaluate the performance of the security modes and a novel adaptive system is proposed as a flexible decision making tool for selecting the most efficient security mode at the lowest cost of energy. Several symmetric algorithms are simulated and the variation of four encryption parameters is examined to conclude the selection of the most efficient algorithm in terms of energy consumption. The proposed security approach is twofold, as it has the ability to adjust dynamically the encryption parameters or the energy consumption, either according to the energy limitations or the severity of the requested service.
7
Skaria, Sherin, and Fazely Hamedani Amir Reza. "Network Security Issues, Tools for Testing Security in Computer Network and Development Solution for Improving Security in Computer Network." Thesis, Halmstad University, Halmstad University, Halmstad University, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-4396.
Testo completo
8
Lomas, Thomas Mark Angus. "Aspects of computer network security." Thesis, University of Cambridge, 1992. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.241051.
Testo completo
9
Soewito, Benfano. "Adaptive Security In Computer Networks." Available to subscribers only, 2009. http://proquest.umi.com/pqdweb?did=1879096201&sid=3&Fmt=2&clientId=1509&RQT=309&VName=PQD.
Testo completoAbstract (sommario):
Thesis (Ph. D.)--Southern Illinois University Carbondale, 2009.<br>"Department of Electrical and Computer Engineering." Keywords: Adaptive security, Computer networks, Intrusion detection. Includes bibliographical references (p. 78-84). Also available online.
10
Li, QianQian. "Human-Computer Interaction: Security Aspects." Doctoral thesis, Università degli studi di Padova, 2018. http://hdl.handle.net/11577/3427166.
Testo completoAbstract (sommario):
Along with the rapid development of intelligent information age, users are having a growing interaction with smart devices.
Such smart devices are interconnected together in the Internet of Things (IoT).
The sensors of IoT devices collect information about users' behaviors from the interaction between users and devices.
Since users interact with IoT smart devices for the daily communication and social network activities, such interaction generates a huge amount of network traffic.
Hence, users' behaviors are playing an important role in the security of IoT smart devices, and the security aspects of Human-Computer Interaction are becoming significant.
In this dissertation, we provide a threefold contribution:
(1) we review security challenges of HCI-based authentication, and design a tool to detect deceitful users via keystroke dynamics; (2) we present the impact of users' behaviors on network traffic, and propose a framework to manage such network traffic; (3) we illustrate a proposal for energy-constrained IoT smart devices to be resilient against energy attack and efficient in network communication.
More in detail, in the first part of this thesis, we investigate how users' behaviors impact on the way they interact with a device.
Then we review the work related to security challenges of HCI-based authentication on smartphones, and Brain-Computer Interfaces (BCI).
Moreover, we design a tool to assess the truthfulness of the information that users input using a computer keyboard.
This tool is based on keystroke dynamics and it relies on machine learning technique to achieve this goal.
To the best of our knowledge, this is the first work that associates the typing users' behaviors with the production of deceptive personal information.
We reached an overall accuracy of 76% in the classification of a single answer as truthful or deceptive.
In the second part of this thesis, we review the analysis of network traffic, especially related to the interaction between mobile devices and users.
Since the interaction generates a huge amount of network traffic, we propose an innovative framework, GolfEngine, to manage and control the impact of users behavior on the network relying on Software Defined Networking (SDN) techniques.
GolfEngine provides users a tool to build their security applications and offers Graphical User Interface (GUI) for managing and monitoring the network.
In particular, GolfEngine provides the function of checking policy conflicts when users design security applications and the mechanism to check data storage redundancy.
GolfEngine not only prevents the malicious inputting policies but also it enforces the security about network management of network traffic.
The results of our simulation underline that GolfEngine provides an efficient, secure, and robust performance for managing network traffic via SDN.
In the third and last part of this dissertation, we analyze the security aspects of battery-equipped IoT devices from the energy consumption perspective.
Although most of the energy consumption of IoT devices is due to user interaction, there is still a significant amount of energy consumed by point-to-point communication and IoT network management.
In this scenario, an adversary may hijack an IoT device and conduct a Denial of Service attack (DoS) that aims to run out batteries of other devices.
Therefore, we propose EnergIoT, a novel method based on energetic policies that prevent such attacks and, at the same time, optimizes the communication between users and IoT devices, and extends the lifetime of the network.
EnergIoT relies on a hierarchical clustering approach, based on different duty cycle ratios, to maximize network lifetime of energy-constrained smart devices.
The results show that EnergIoT enhances the security and improves the network lifetime by 32%, compared to the earlier used approach, without sacrificing the network performance (i.e., end-to-end delay).<br>Insieme al rapido sviluppo dell'era dell'informazione, gli utenti stanno avendo una crescente interazione con i dispositivi intelligenti.
Tali dispositivi intelligenti sono interconnessi tra loro nell'Internet of Things (IoT).
I sensori dei dispositivi IoT raccolgono informazioni sui comportamenti degli utenti dall'interazione tra utenti e dispositivi.
Poiché gli utenti interagiscono con i dispositivi intelligenti IoT per le attività quotidiane di comunicazione e social network, tale interazione genera un'enorme quantità di traffico di rete.
Quindi, i comportamenti degli utenti stanno giocando un ruolo importante nella sicurezza dei dispositivi intelligenti IoT e gli aspetti di sicurezza dell'interazione uomo-macchina stanno diventando significativi.
In questa tesi, forniamo un triplice contributo:
(1) esaminiamo le sfide alla sicurezza dell'autenticazione basata su HCI e progettiamo uno strumento per rilevare utenti ingannevoli tramite la dinamica dei tasti;
(2) presentiamo l'impatto dei comportamenti degli utenti sul traffico di rete e proponiamo un framework per gestire tale traffico di rete;
(3) illustriamo una proposta per dispositivi intelligenti IoT con vincoli energetici per essere resilienti contro attacchi energetici ed efficienti nella comunicazione di rete.
Più in dettaglio, nella prima parte di questa tesi, analizziamo il modo in cui i comportamenti degli utenti influiscono sul modo in cui essi interagiscono con un dispositivo.
Quindi, esaminiamo il lavoro relativo alle sfide di sicurezza dell'autenticazione basata su HCI su smartphone e Brain-Computer Interfaces (BCI).
Inoltre, progettiamo uno strumento per valutare la veridicità delle informazioni che gli utenti inseriscono usando la tastiera di un computer.
Questo strumento si basa sulla dinamica dei tasti e si basa sulla tecnica di apprendimento automatico per raggiungere tale obiettivo.
Per quanto siamo a conoscenza, questo è il primo lavoro che associa i comportamenti degli utenti di digitazione alla produzione di informazioni personali ingannevoli.
Abbiamo raggiunto un'accuratezza complessiva del 76% nella classificazione di una singola risposta come veritiera o mendace.
Nella seconda parte di questa tesi, esaminiamo l'analisi del traffico di rete, in particolare in relazione all'interazione tra dispositivi mobili e utenti.
Poiché l'interazione genera un'enorme quantità di traffico di rete, proponiamo un framework innovativo, GolfEngine, per gestire e controllare l'impatto del comportamento degli utenti sulla rete facendo affidamento sulle tecniche di Software Defined Networking (SDN).
GolfEngine fornisce agli utenti uno strumento per costruire le loro applicazioni di sicurezza e offre una GUI (Graphical User Interface) per la gestione e il monitoraggio della rete.
In particolare, GolfEngine fornisce la funzione di controllare i conflitti di policy quando gli utenti progettano applicazioni di sicurezza e il meccanismo per controllare la ridondanza dell'archiviazione dei dati.
GolfEngine non solo previene le politiche di inserimento malizioso, ma impone anche la sicurezza sulla gestione della rete del traffico di rete.
I risultati della nostra simulazione sottolineano che GolfEngine fornisce prestazioni efficienti, sicure e robuste per la gestione del traffico di rete tramite SDN.
Nella terza e ultima parte di questa tesi, analizziamo gli aspetti di sicurezza dei dispositivi IoT dotati di batteria dal punto di vista del consumo energetico.
Sebbene la maggior parte del consumo di energia dei dispositivi IoT sia dovuta all'interazione dell'utente, c'è ancora una quantità significativa di energia consumata dalla comunicazione point-to-point e dalla gestione della rete IoT.
In questo scenario, un avversario può compromettere un dispositivo IoT e condurre un attacco Denial of Service (DoS) che punta a esaurire le batterie di altri dispositivi.
Pertanto, proponiamo EnergIoT, un nuovo metodo basato su politiche energetiche che prevengono tali attacchi e, allo stesso tempo, ottimizza la comunicazione tra utenti e dispositivi IoT ed estende la durata della rete.
EnergIoT si basa su un approccio di clustering gerarchico, basato su diversi rapporti di duty cycle, per massimizzare la durata della rete di dispositivi intelligenti con vincoli energetici.
I risultati mostrano che EnergIoT migliora la sicurezza e la durata della rete del 32%, rispetto agli approcci utilizzati in precedenza, senza sacrificare le prestazioni della rete (cioè, ritardo end-to-end).
11
Huang, Jianyong. "Security for PDAs." School of Information Technology and Computer Science - Faculty of Informatics, 2004. http://ro.uow.edu.au/theses/184.
Testo completoAbstract (sommario):
Personal Digital Assistants (PDAs) are one of the most popular computing tools nowadays. Compared with desktop and notebook computers, PDAs are smaller, lighter and can be carried everywhere. However, PDAs have several limitations. They use smaller microprocessors which are much slower than their PC counterparts. Their lack of computational power makes it very difficult to perform some heavy computations, such as generating RSA keys, which needs large prime numbers. Thus, it is useful to have a combination of a PC and a PDA, where the PC performs heavy computations to assist the PDA. This scenario is feasible as long as we assure that the PC will not learn the secret of the PDA. We propose two schemes, which involve some server-aided computations, where the server will not learn the PDAs secret from the interaction. This thesis also investigates the security of PDAs when they are used to perform some cryptographic applications. Due to the limited computational power of PDAs, such computations require some amount of time (and battery life). We show that by observing one of the parameters, we can reduce the hard problem being predictable. We also propose how to securely generate these kinds of computations in PDAs by using some different techniques, so that it will not reveal any additional information to a passive eavesdropper. In addition, along with their popularity, handheld devices are starting to become the target for attackers, who are mainly interested in gaining the data stored in handheld devices. In this thesis, we review the security threats to handheld computers and propose two possible solutions. The first solution is to use a desktop computer to act as a bastion host to protect the handheld computer. The second proposed solution is to build a personal firewall for handheld computers.Keywords:
12
Shonola, Shaibu A. "Mobile learning security in Nigeria." Thesis, University of Warwick, 2017. http://wrap.warwick.ac.uk/98529/.
Testo completoAbstract (sommario):
Innovation in learning technologies is driven by demands to meet students’ needs and make knowledge delivery easier by Higher Education Institutions. The technologies could play an important role in extending the possibilities for teaching, learning, and research in higher educational institutions (HEIs). Mobile learning emerged from this innovation as a result of massive use in the number of mobile devices due to availability and affordability among students. The lightweight nature of mobile devices in comparison to textbooks is also a source of attraction for students. Competition in the mobile device industry is encouraging mobile developers to be innovative and constantly striving to introduce new features in the devices. Consequently, newer sources of risks are being introduced in mobile computing paradigm at production level. Similarly, many m-learning developers are interested in developing learning content and instruction without adequate consideration for security of stakeholders’ data, whereas mobile devices used in m-learning can potentially become vulnerable if the security aspects are neglected. The purpose of this research is to identify the security concerns in mobile learning from the users’ perspective based on studies conducted in HEIs in Nigeria. While the challenges of adopting mobile learning in Nigerian universities are enormous, this study identifies the critical security challenges that learners and other users may face when using mobile devices for educational purposes. It examines the effects on the users if their privacy is breached and provides recommendations for alleviating the security threats. This research also, after considering users’ opinions and evaluating relevant literature, proposes security frameworks for m-learning as bedrocks for designing or implementing a secured environment. In identifying the security threats, the study investigates components of mobile learning systems that are prone to security threats and the common attack routes in m-learning, most especially among students in Nigerian universities. In order to reduce the security threats, the research presents a mobile security enhancement app, designed and developed for android smart mobile devices to promote security awareness among students. The app can also identify some significant security weaknesses by scanning/checking for vulnerabilities in m-learning devices as well as reporting any security threat. The responsibilities of the stakeholders in ensuring risk free mobile learning environments are also examined.
13
Holtje, Carl. "Security in serverless network environments /." Link to online version, 2004. https://ritdml.rit.edu/dspace/handle/1850/439.
Testo completo
14
Frisk, Ulf, and Semir Drocic. "The State of Home Computer Security." Thesis, Linköping University, Department of Electrical Engineering, 2004. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-2584.
Testo completoAbstract (sommario):
<p>Hundreds of millions of people use their home computers every day for different purposes. Many of them are connected to the Internet. Most of them are unaware of the threats or do not know how to protect themselves. This unawareness is a major threat to global computer security. </p><p>This master thesis starts by explaining some security related terms that might be unknown to the reader. It then goes on by addressing security vulnerabilities and flaws in the most popular home computer operating systems. The most important threats to home computer security are reviewed in the following chapter. These threats include worms, email worms, spyware and trojan horses. After this chapter some possible solutions for improving home computer security are presented. Finally this master thesis contains a short user survey to find out what the problems are in the real world and what can be doneto improve the current situation.</p>
15
Ali, Dana, and Goran Kap. "Statistical Analysis of Computer Network Security." Thesis, KTH, Matematisk statistik, 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-129948.
Testo completoAbstract (sommario):
In this thesis it isshown how to measure the annual loss expectancy of computer networks due to therisk of cyber attacks. With the development of metrics for measuring theexploitation difficulty of identified software vulnerabilities, it is possibleto make a measurement of the annual loss expectancy for computer networks usingBayesian networks. To enable the computations, computer net-work vulnerabilitydata in the form of vulnerability model descriptions, vulnerable dataconnectivity relations and intrusion detection system measurements aretransformed into vector based numerical form. This data is then used to generatea probabilistic attack graph which is a Bayesian network of an attack graph.The probabilistic attack graph forms the basis for computing the annualizedloss expectancy of a computer network. Further, it is shown how to compute anoptimized order of vulnerability patching to mitigate the annual lossexpectancy. An example of computation of the annual loss expectancy is providedfor a small invented example network
16
Neophytou, Andonis. "Computer security : data control and protection." Virtual Press, 1992. http://liblink.bsu.edu/uhtbin/catkey/834504.
Testo completoAbstract (sommario):
Computer security is a crucial area for any organization based on electronic devices that process data. The security of the devices themselves and the data they process are the backbone of the organization. Until today there have been no completely secure systems or procedures until and a lot of research is being done in this area. It impossible for a machine or a mechanical procedure to "guess" all possible events and lead to conclusive, cohesive and comprehensive secure systems, because of: 1) the human factor, and 2) acts of nature (fire, flood etc). However, proper managerial control can alleviate the extent of the damage caused by those factors.The purpose of this study is to examine the different frameworks of computer security. Emphasis is given to data/database security and the various kinds of attacks on the data. Controls over these attacks and preventative measures will be discussed, and high level language programs will demonstrate the protection issues. The Oracle, SOL query language will be used to demonstrate these controls and prevention measures. In addition the FORTRAN high level language will be used in conjunction with SOL (Only the FORTRAN and COBOL compilers are available for embedded SOL). The C language will be used to show attacks on password files and also as an encryption/decryption program.This study was based mainly on research. An investigation of literature spanning the past decade, was examined to produce the ideas and methods of prevention and control discussed in the study.<br>Department of Computer Science
17
Kong, Jingfei. "ARCHITECTURAL SUPPORT FOR IMPROVING COMPUTER SECURITY." Doctoral diss., University of Central Florida, 2010. http://digital.library.ucf.edu/cdm/ref/collection/ETD/id/2610.
Testo completoAbstract (sommario):
Computer security and privacy are becoming extremely important nowadays. The task of protecting computer systems from malicious attacks and potential subsequent catastrophic losses is, however, challenged by the ever increasing complexity and size of modern hardware and software design. We propose several methods to improve computer security and privacy from architectural point of view. They provide strong protection as well as performance efficiency. In our first approach, we propose a new dynamic information flow method to protect systems from popular software attacks such as buffer overflow and format string attacks. In our second approach, we propose to deploy encryption schemes to protect the privacy of an emerging non-volatile main memory technology  phase change memory (PCM). The negative impact of the encryption schemes on PCM lifetime is evaluated and new methods including a new encryption counter scheme and an efficient error correct code (ECC) management are proposed to improve PCM lifetime. In our third approach, we deconstruct two previously proposed secure cache designs against software data-cache-based side channel attacks and demonstrate their weaknesses. We propose three hardware-software integrated approaches as secure protections against those data cache attacks. Also we propose to apply them to protect instruction caches from similar threats. Furthermore, we propose a simple change to the update policy of Branch Target Buffer (BTB) to defend against BTB attacks. Our experiments show that our proposed schemes are both security effective and performance efficient.<br>Ph.D.<br>School of Electrical Engineering and Computer Science<br>Engineering and Computer Science<br>Computer Science PhD
18
Baldwin, Robert W. (Robet William). "Rule based analysis of computer security." Thesis, Massachusetts Institute of Technology, 1987. http://hdl.handle.net/1721.1/14592.
Testo completoAbstract (sommario):
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1987.<br>Includes bibliographical references.<br>Supported by the Defense Advanced Research Projects Agency of the Department of Defense, monitored by the Office of Naval Research. N00014-83-K-0125<br>by Robert W. Baldwin.<br>Ph.D.
19
Щеглов, Сергій Анатолійович, Сергей Анатольевич Щеглов, Serhii Anatoliiovych Shchehlov, Віра Вікторівна Шендрик, Вера Викторовна Шендрик, Vira Viktorivna Shendryk, and I. Sumtsova. "Bell-LaPadula model of computer security." Thesis, Сумський державний університет, 2012. http://essuir.sumdu.edu.ua/handle/123456789/28822.
Testo completoAbstract (sommario):
The exact description is given of Bell and La Padula security model with use of modern notation. The document is intended serve as a basis for more precise formal and academic discussion model. The Bell-La Padula security model created conceptual tools for the analysis and design of safe computer systems.
When you are citing the document, use the following link http://essuir.sumdu.edu.ua/handle/123456789/28822
20
Hausrath, Nathaniel L. "Methods for Hospital Network and Computer Security." University of Cincinnati / OhioLINK, 2011. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1303845234.
Testo completo
21
Kainda, Ronald. "Usability and security of human-interactive security protocols." Thesis, University of Oxford, 2011. http://ora.ox.ac.uk/objects/uuid:ea14d34a-d232-4c8b-98ab-abbf0d7a5d36.
Testo completoAbstract (sommario):
We investigate the security and usability of Human-Interactive Security Protocols (HISPs); specifically, how digests of 4 or more digits can be compared between two or more sys- tems as conveniently as possible while ensuring that issues such as user complacency do not compromise security. We address the research question: given different association scenarios and modes of authentication in HISPs, how can we improve on existing, or design new, empirical channels that suit human and contextual needs to achieve acceptable effective security? We review the literature of HISPs, proposed empirical channels,and usability studies of HISPs; we follow by presenting the methodology of the research reported in this thesis. We then make a number of contributions discussing the effectiveness of empirical channels and address the design, analysis, and evaluation of these channels. In Chapter 4 we present a user study of pairwise device associations and discuss the factors affecting effective security of empirical channels in single-user scenarios. In Chapter 5 we present a user study of group device associations and discuss the factors affecting effective security of empirical channels in multi-user scenarios. In Chapter 7 we present a framework designed for researchers and system designers to reason about empirical channels in HISPs. The framework is grounded in experimental data, related research, and validated by experts. In Chapter 8 we present a methodology for analysing and evaluating the security and usability of HISPs. We validate the methodology by applying it in laboratory experiments of HISPs. Finally, in Chapter 6 we present a set of principles for designing secure and usable empirical channels. We demonstrate the effectiveness of these principles by proposing new empirical channels.
22
Baratz, Joshua W. (Joshua William) 1981. "Regions Security Policy (RSP) : applying regions to network security." Thesis, Massachusetts Institute of Technology, 2004. http://hdl.handle.net/1721.1/17933.
Testo completoAbstract (sommario):
Thesis (M. Eng. and S.B.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2004.<br>Includes bibliographical references (p. 51-54).<br>The Regions network architecture is a new look at network organization that groups nodes into regions based on common purposes. This shift from strict network topology groupings of nodes requires a change in security systems. This thesis designs and implements the Regions Security Policy (RSP). RSP allows a unified security policy to be set across a region, fully controlling data as it enters into, exits from, and transits within a region. In doing so, it brings together several existing security solutions so as to provide security comparable to existing systems that is more likely to function correctly.<br>by Joshua W. Baratz.<br>M.Eng.and S.B.
23
Pino, Luca. "Security aware service composition." Thesis, City University London, 2015. http://openaccess.city.ac.uk/13170/.
Testo completoAbstract (sommario):
Security assurance of Service-Based Systems (SBS) is a necessity and a key challenge in Service Oriented Computing. Several approaches have been introduced in order to take care of the security aspect of SBSs, from the design to the implementation stages. Such solutions, however, require expertise with regards to security languages and technologies or modelling formalisms. Furthermore, existing approaches allow only limited verification of security properties over a service composition, as they focus just on specific properties and require expressing compositions and properties in a model based formalism. In this thesis we present a unified security aware service composition approach capable of validation of arbitrary security properties. This approach allows SBS designers to build secure applications without the need to learn formal models thanks to security descriptors for services, being they self-appointed or certified by an external third-party. More specifically, the framework presented in this thesis allows expressing and propagating security requirements expressed for a security composition to requirements for the single activities of the composition, and checking security requirements over security service descriptors. The approach relies on the new core concept of secure composition patterns, modelling proven implications of security requirements within an orchestration pattern. The framework has been implemented and tested extensively in both a SBS design-time and runtime scenario, based respectively on Eclipse BPEL Designer and the Runtime Service Discovery Tool.
24
Jackson, Jennifer T. "A biodiversity approach to cyber security." Thesis, University of Warwick, 2017. http://wrap.warwick.ac.uk/106820/.
Testo completoAbstract (sommario):
Cyber crime is a significant threat to modern society that will continue to grow as technology is integrated further into our lives. Cyber attackers can exploit vulnerabilities to access computing systems and propagate malware. Of growing concern is the use of multiple exploits across layers of the software stack, plus faster criminal response times to newly disclosed vulnerabilities creating surges in attacks before signature-based malware protection can take effect. The wide scale adoption of few software systems fuels the problem, allowing identical vulnerabilities to be exploited across networks to maximise infection in a single attack. This requires new perspectives to tackle the threat. Biodiversity is critical in the functioning of healthy ecosystems. Whilst the idea of diversity benefiting computer security is not new, there are still gaps in understanding its advantages. A mathematical and an agent-based model have been developed using the ecosystem as a framework. Biodiversity is generated by individualised software stacks defined as genotypes with multiple loci. The models allow the protection offered by diversity to be quantified for ad hoc networks which are expected to become prevalent in the future by specifying how much diversity is needed to tolerate or mitigate two abstract representations of malware encompassing different ways multiple exploits target software stack layers. Outputs include the key components of ecosystem stability: resistance and resilience. Results show that diversity by itself can reduce susceptibility, increase resistance, and increase the time taken for malware to spread, thereby allowing networks to tolerate malware and maintain Quality of Service. When dynamic diversity is used as part of a multi-layered defence strategy with additional mechanisms such as blacklisting, virtualisation, and recovery through patching and signature based protection, diversity becomes more effective since the power of dynamic software updating can be utilised to mitigate attacks whilst maintaining network operations.
25
Katsikas, Stamatios. "Game theoretic models of networks security." Thesis, University of Warwick, 2017. http://wrap.warwick.ac.uk/102611/.
Testo completoAbstract (sommario):
Decision making in the context of crime execution and crime prevention can be successfully investigated with the implementation of game-theoretic tools. Evolutionary and mean-field game theory allow for the consideration of a large number of interacting players organized in social and behavioural structures, which typically characterize this context. Alternatively, `traditional' game-theoretic approaches can be applied for studying the security of an arbitrary network on a two player non-cooperative game. Theoretically underpinned by these instruments, in this thesis we formulate and analyse game-theoretic models of inspection, corruption, counter- terrorism, patrolling, and similarly interpreted paradigms. Our analysis suggests optimal strategies for the involved players, and illustrates the long term behaviour of the introduced systems. Our contribution is towards the explicit formulation and the thorough analysis of real life scenaria involving the security in network structures.
26
AlAdraj, Resala A. "Security and collaborative groupware tools usage." Thesis, University of Warwick, 2015. http://wrap.warwick.ac.uk/73319/.
Testo completoAbstract (sommario):
This thesis investigates the usage problems of Online Collaborative Groupware (OCG) tools for learning at the University of Bahrain (UOB) in the Kingdom of Bahrain. An initial study revealed that the main problems faced by students when they use OCG tools in the learning process are security and trust. SWFG (Skype, Wiki, Facebook, and Gmail) tools were proposed as being effective and commonly used OCG tools for learning. A quasi-experiment has been done with UOB students to identify the perceptions of the students towards security, privacy and safety relating to use of SWFG tools. Based on this experiment the researcher has derived the following results: Secure Skype has a positive relationship with Skype usage; Private Skype has a positive relationship with Skype trust; Secure Gmail has a negative relationship with Gmail usage and trust; Wiki usage has a negative relationship with trust in Wikis. Additionally, the research revealed that students may be more motivated to use OCG tools if the security and privacy of these tools was to be improved. The thesis also focuses on security and trust within email. In order to evaluate the usage of secure emails, students‘ awareness of the secure email awareness was investigated using quantitative and qualitative methods. The results of this evaluation informed the design of an experiment that was then conducted by tracking secure email usage and gathering information about the students‘ usage and awareness of their secure emails. The aim of this activity was to identify a clear representation of secure email usage over specified periods for both academic and non-academic purposes by students in both the UK and Bahrain. It has been concluded from this experiment that there are differences between the usage of secure email in each country when applied to both academic and non-academic purposes. Finally, based on these results, the researcher developed a framework which derives from the Technology Acceptance Model (TAM) model by testing security and trust effects on the ease of use and on usefulness. A case study has been conducted using a new secure email instructional model in order to validate the research framework. The study found that security provided by webmails and students‘ trust affects the webmail‘s perceived usefulness, and that in turn this leads to ease of use regardless of which type of email client is used. However, it was not proof that usefulness affects the usage of email. Evidence suggests that the model may be a suitable solution for increasing the usefulness of email in Computer Supported Collaborative Learning (CSCL), and can help to strengthen communication between faculty and students. This study has contributed valuable knowledge and information in this particular field of study. It has been able to gather a satisfactory amount of information from both students and teachers in both the University of Bahrain (UOB) and the University of Warwick (UOW). A number of different methods were used in this task – interviews, questionnaires, observations, experiments and student feedback, amongst others. The entire study was conducted in a way that it would empirically evaluate different dimensions of secure Online Collaborative Groupware (OCG) tools usage in the educational environment. The research framework applied in this investigation provided many insights into OCG tools. These new insights and information may be used to test and validate the framework with a large number of students.
27
Goktepe, Meftun. "Windows XP Operating System security analysis." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2002. http://library.nps.navy.mil/uhtbin/hyperion-image/02sep%5FGoktepe.pdf.
Testo completoAbstract (sommario):
Thesis (M.S. in Information Technology Management)--Naval Postgraduate School, September 2002.<br>Thesis advisor(s): Richard Harkins, Cynthia Irvine. Includes bibliographical references (p. 105-107). Also available online.
28
Haley, Charles B. "Arguing security : a framework for analyzing security requirements." n.p, 2006. http://ethos.bl.uk/.
Testo completo
29
Tyukala, Mkhululi. "Governing information security using organisational information security profiles." Thesis, Nelson Mandela Metropolitan University, 2007. http://hdl.handle.net/10948/626.
Testo completoAbstract (sommario):
The corporate scandals of the last few years have changed the face of information security and its governance. Information security has been elevated to the board of director level due to legislation and corporate governance regulations resulting from the scandals. Now boards of directors have corporate responsibility to ensure that the information assets of an organisation are secure. They are forced to embrace information security and make it part of business strategies. The new support from the board of directors gives information security weight and the voice from the top as well as the financial muscle that other business activities experience. However, as an area that is made up of specialist activities, information security may not easily be comprehended at board level like other business related activities. Yet the board of directors needs to provide oversight of information security. That is, put an information security programme in place to ensure that information is adequately protected. This raises a number of challenges. One of the challenges is how can information security be understood and well informed decisions about it be made at the board level? This dissertation provides a mechanism to present information at board level on how information security is implemented according to the vision of the board of directors. This mechanism is built upon well accepted and documented concepts of information security. The mechanism (termed An Organisational Information Security Profile or OISP) will assist organisations with the initialisation, monitoring, measuring, reporting and reviewing of information security programmes. Ultimately, the OISP will make it possible to know if the information security endeavours of the organisation are effective or not. If the information security programme is found to be ineffective, The OISP will facilitate the pointing out of areas that are ineffective and what caused the ineffectiveness. This dissertation also presents how the effectiveness or ineffctiveness of information security can be presented at board level using well known visualisation methods. Finally the contribution, limits and areas that need more investigation are provided.
30
Lurain, Sher. "Networking security : risk assessment of information systems /." Online version of thesis, 1990. http://hdl.handle.net/1850/10587.
Testo completo
31
Akinbi, Olushola Alexander. "An adaptive security framework for evaluating and assessing security implementations in PaaS cloud models." Thesis, Edge Hill University, 2015. http://repository.edgehill.ac.uk/7762/.
Testo completoAbstract (sommario):
The security risks of cloud computing and ambiguity of security mechanisms implemented on an ondemand cloud service such as Platform-as-a-Service (PaaS), continues to raise concerns by cloud consumers. These concerns continue to hinder the adoption of the potentials offered by provisioning of computer resources of this scale. It also indicates a lot needs to be done to improve security controls implemented on cloud computing services as a whole. There is the need to understand and evaluate security mechanisms and controls implemented to preserve the confidentiality, integrity and availability of data stored, processed and accessed in the cloud. Also there is the need to ensure these mechanisms meet security standards and requirements to mitigate any security risks. Although most organisations and cloud service providers (CSPs) have various information security management systems they used to evaluate their computer security and CSPs try to obtain security certifications based on industry standards, cloud customers are however not sure of the security mechanisms implemented on cloud services and how these mechanism are integrated to provide adequate security for their data and applications developed and deployed in the cloud. This research study highlights the use of a systematic and comprehensive approach developed by the researcher to understand in detail, the security architecture of PaaS clouds. This approach presents the development of a security framework which is used as a tool in an attempt to identify and evaluate security mechanism implemented on each PaaS component. The primary findings and preliminary analysis of the evaluation enabled the researcher determine the security provisions, capabilities and limitations of security features implemented on this type of cloud delivery model.
32
Clarke, Marlon Renese. "The Role of Self-Efficacy in Computer Security Behavior: Developing the Construct of Computer Security Self-Efficacy (CSSE)." NSUWorks, 2011. http://nsuworks.nova.edu/gscis_etd/121.
Testo completoAbstract (sommario):
As organizations have become more dependent on networked information systems (IS) to conduct their business operations, their susceptibility to various threats to information security has also increased. Research has consistently identified the inappropriate security behavior of the users as the most significant of these threats. Various factors have been identified as contributing to these inappropriate security behaviors, however, not enough is known about the role of social factors in mediating these behaviors.
This study developed a new computer security self-efficacy (CSSE) construct, identified items of CSSE in the context of individuals' use of encrypted e-mail, and determined the validity and reliability of the items of CSSE. Further, significant factors of CSSE were identified. First, a qualitative phase comprising focus groups and an expert panel was used to identify valid items of CSSE, develop a new instrument to measure the new CSSE construct, and validate the new CSSE instrument. After completing the qualitative phase, a quantitative phase was employed to collect empirical data on the CSSE items. The CSSE measurement instrument was administered to IS users at a major university in the southeastern United States and 292 responses were received. The collected data was statistically analyzed to identify significant factors of CSSE and the items of CSSE that demonstrate high reliability. Factor analysis was performed using Principal Component Analysis (PCA) and identified four significant and highly reliable factors of CSSE with a cumulative variance of nearly 68%. The four factors were named Performance Accomplishments and Technical Support, Goal Commitment and Resource Availability, Experience Level, and Individual Characteristics. Additionally, 35 items of CSSE were identified as possessing high reliability.
This study contributes to advancing of the body of knowledge regarding the use of e-mail encryption by developing a new CSSE construct and extending Computer Self-Efficacy research into the area of computer security and e-mail encryption. Further, by identifying factors of CSSE, an understanding of what IS users believe will impact their ability to use encryption to send e-mail messages is obtained. This understanding can aid in enhancing the use of encryption mechanisms to send e-mail, promoting positive computer security behavior, and so contribute positively to IS practice.
33
Lu, Long. "Reinforcing the weakest link in cyber security: securing systems and software against attacks targeting unwary users." Diss., Georgia Institute of Technology, 2013. http://hdl.handle.net/1853/49090.
Testo completoAbstract (sommario):
Unwary computer users are often blamed as the weakest link on the security chain, for unknowingly facilitating incoming cyber attacks and jeopardizing the efforts to secure systems and networks. However, in my opinion, average users should not bear the blame because of their lack of expertise to predict the security consequence of every action they perform, such as browsing a webpage, downloading software to their computers, or installing an application to their mobile devices.
My thesis work aims to secure software and systems by reducing or eliminating the chances where users’ mere action can unintentionally enable external exploits and attacks. In achieving this goal, I follow two complementary paths: (i) building runtime monitors to identify and interrupt the attack-triggering user actions; (ii) designing offline detectors for the software vulnerabilities that allow for such actions. To maximize the impact, I focus on securing software that either serve the largest number of users (e.g. web browsers) or experience the fastest user growth (e.g. smartphone apps), despite the platform distinctions.
I have addressed the two dominant attacks through which most malicious software (a.k.a. malware) infections happen on the web: drive-by download and rogue websites. BLADE, an OS kernel extension, infers user intent through OS-level events and prevents the execution of download files that cannot be attributed to any user intent. Operating as a browser extension and identifying malicious post-search redirections, SURF protects search engine users from falling into the trap of poisoned search results that lead to fraudulent websites. In the infancy of security problems on mobile
devices, I built Dalysis, the first comprehensive static program analysis framework for vetting Android apps in bytecode form. Based on Dalysis, CHEX detects the component hijacking vulnerability in large volumes of apps.
My thesis as a whole explores, realizes, and evaluates a new perspective of securing software and system, which limits or avoids the unwanted security consequences caused by unwary users. It shows that, with the proposed approaches, software can be reasonably well protected against attacks targeting its unwary users. The knowledge and insights gained throughout the course of developing the thesis have advanced the community’s awareness of the threats and the increasing importance of considering unwary users when designing and securing systems. Each work included in this thesis has yielded at least one practical threat mitigation system. Evaluated by the large-scale real-world experiments, these systems have demonstrated the effectiveness at thwarting the security threats faced by most unwary users today. The threats addressed by this thesis have span multiple computing platforms, such as desktop operating systems, the Web, and smartphone devices, which highlight the broad impact of the thesis.
34
Umeh, Njideka Adaku. "Security architecture methodology for large net-centric systems." Diss., Rolla, Mo. : University of Missouri-Rolla, 2007. http://scholarsmine.mst.edu/thesis/Umeh_09007dcc8049b3f0.pdf.
Testo completoAbstract (sommario):
Thesis (M.S.)--University of Missouri--Rolla, 2007.<br>Vita. The entire thesis text is included in file. Title from title screen of thesis/dissertation PDF file (viewed December 6, 2007) Includes bibliographical references (p. 60-63).
35
Simpson, Andrew C. "Safety through security." Thesis, University of Oxford, 1996. http://ora.ox.ac.uk/objects/uuid:4a690347-46af-42a4-91fe-170e492a9dd1.
Testo completoAbstract (sommario):
In this thesis, we investigate the applicability of the process algebraic formal method Communicating Sequential Processes (CSP) [Hoa85] to the development and analysis of safetycritical systems. We also investigate how these tasks might be aided by mechanical verification, which is provided in the form of the proof tool Failures-Divergences Refinement (FDR) [Ros94]. Initially, we build upon the work of [RWW94, Ros95], in which CSP treatments of the security property of non-interference are described. We use one such formulation to define a property called protection, which unifies our views of safety and security. As well as applying protection to the analysis of safety-critical systems, we develop a proof system for this property, which in conjunction with the opportunity for automated analysis provided by FDR, enables us to apply the approach to problems of a sizable complexity. We then describe how FDR can be applied to the analysis of mutual exclusion, which is a specific form of non-interference. We investigate a number of well-known solutions to the problem, and illustrate how such mutual exclusion algorithms can be interpreted as CSP processes and verified with FDR. Furthermore, we develop a means of verifying the faulttolerance of such algorithms in terms of protection. In turn, mutual exclusion is used to describe safety properties of geographic data associated with Solid State Interlocking (SSI) railway signalling systems. We show how FDR can be used to describe these properties and model interlocking databases. The CSP approach to compositionality allows us to decompose such models, thus reducing the complexity of analysing safety invariants of SSI geographic data. As such, we describe how the mechanical verification of Solid State Interlocking geographic data, which was previously considered to be an intractable problem for the current generation of mechanical verification tools, is computationally feasible using FDR. Thus, the goals of this thesis are twofold. The first goal is to establish a formal encapsulation of a theory of safety-critical systems based upon the relationship which exists between safety and security. The second goal is to establish that CSP, together with FDR, can be applied to the modelling of Solid State Interlocking geographic databases. Furthermore, we shall attempt to demonstrate that such modelling can scale up to large-scale systems.
36
Haroutunian, George V. "Security aspects of computer supported collaborative work." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 1993. http://handle.dtic.mil/100.2/ADA275638.
Testo completoAbstract (sommario):
Thesis (M.S. in Information Technology Management) Naval Postgraduate School, September 1993.<br>Thesis advisor(s): Tung X. Bui ; Roger Stemp. "September 1993." Bibliography: p. 75-78. Also available online.
37
Teoh, Soon Tee. "Interactive visualization techniques for computer network security /." For electronic version search Digital dissertations database. Restricted to UC campuses. Access is free to UC campus dissertations, 2004. http://uclibs.org/PID/11984.
Testo completo
38
Lázaro, Pablo García-Crovetto. "Forensic Computing from a Computer Security perspective." Thesis, Linköping University, Department of Electrical Engineering, 2004. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-2421.
Testo completoAbstract (sommario):
<p>This work contains a brief study about Forensic Computing problems done from a Computer Security perspective. </p><p>Based on the description and investigation methods of Forensic Computing, a list of common difficulties that forensic examiners have to deal with has been created. After making an analysis about each difficulty in the Forensic Computing field, it can be said that the main reasons are related to the legal restrictions and an incorrect security management. </p><p>Using a Computer Security perspective for analysing why the incorrect security management generates problems in the forensic computing field, we have made a risk analysis of a possible distribution for a correct security management. Later, based on own results, a list on priorities in prevention methods in t he Forensic Computing field has been created. </p><p>Finally it can be said that the difficulties in the Forensic Computing field could be avoided by creating awareness among users about the importance of taking prevention methods for protecting data and consequently for decreasing the number of e-crimes.</p>
39
Årnes, Andre. "Risk, Privacy, and Security in Computer Networks." Doctoral thesis, Norwegian University of Science and Technology, Faculty of Information Technology, Mathematics and Electrical Engineering, 2006. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-1725.
Testo completoAbstract (sommario):
<p>With an increasingly digitally connected society comes complexity, uncertainty, and risk. Network monitoring, incident management, and digital forensics is of increasing importance with the escalation of cybercrime and other network supported serious crimes. New laws and regulations governing electronic communications, cybercrime, and data retention are being proposed, continuously requiring new methods and tools.</p><p>This thesis introduces a novel approach to real-time network risk assessment based on hidden Markov models to represent the likelihood of transitions between security states. The method measures risk as a composition of individual hosts, providing a precise, fine-grained model for assessing risk and providing decision support for incident response. The approach has been integrated with an existing framework for distributed, large-scale intrusion detection, and the results of the risk assessment are applied to prioritize the alerts produced by the intrusion detection sensors. Using this implementation, the approach is evaluated on both simulated and real-world data.</p><p>Network monitoring can encompass large networks and process enormous amounts of data, and the practice and its ubiquity can represent a great threat to the privacy and confidentiality of network users. Existing measures for anonymization and pseudonymization are analyzed with respect to the trade-off of performing meaningful data analysis while protecting the identities of the users. The results demonstrate that most existing solutions for pseudonymization are vulnerable to a range of attacks. As a solution, some remedies for strengthening the schemes are proposed, and a method for unlinkable transaction pseudonyms is considered.</p><p>Finally, a novel method for performing digital forensic reconstructions in a virtual security testbed is proposed. Based on a hypothesis of the security incident in question, the testbed is configured with the appropriate operating systems, services, and exploits. Attacks are formulated as event chains and replayed on the testbed. The effects of each event are analyzed in order to support or refute the hypothesis. The purpose of the approach is to facilitate reconstruction experiments in digital forensics. Two examples are given to demonstrate the approach; one overview example based on the Trojan defense and one detailed example of a multi-step attack. Although a reconstruction can neither prove a hypothesis with absolute certainty, nor exclude the correctness of other hypotheses, a standardized environment combined with event reconstruction and testing can lend credibility to an investigation and can be a valuable asset in court.</p>
40
Bouffard, Marc. "A commercially viable computer security implementation framework." Thesis, National Library of Canada = Bibliothèque nationale du Canada, 1998. http://www.collectionscanada.ca/obj/s4/f2/dsk2/ftp03/MQ39963.pdf.
Testo completo
41
Wolfe, Alex Forrest. "Mental Models of Computer Security Among Adolescents." Kent State University / OhioLINK, 2021. http://rave.ohiolink.edu/etdc/view?acc_num=kent1619032044319319.
Testo completo
42
Whitaker, Robert Bruce. "Applying Information Visualization to Computer Security Applications." DigitalCommons@USU, 2010. https://digitalcommons.usu.edu/etd/636.
Testo completoAbstract (sommario):
This thesis presents two phases of research in applying visualization to network security challenges. The first phase included discovering the most useful and powerful features in existing computer security visualizations and incorporating them into the AdviseAid visualization platform, an existing software package. The incorporation of such a complete feature set required novel resolution of software engineering, human factors, and computer graphics issues. We also designed additional novel features, such as plugin interfaces, allowing for rapid prototyping and experimentation with novel visualization features and capabilities. The second phase of the research focused on the development of novel visualization techniques themselves. These novel visualizations were designed and created within AdviseAid to demonstrate that the features of AdviseAid are functional and helpful in the development process, as well as to be effective in the analysis of computer networks in their own right.
43
Ramilli, Marco <1983>. "A Design Methodology for Computer Security Testing." Doctoral thesis, Alma Mater Studiorum - Università di Bologna, 2013. http://amsdottorato.unibo.it/4438/4/Marco_Ramilli_Dissertation.pdf.
Testo completoAbstract (sommario):
The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness.
Security testing methodologies are the first step towards standardized security evaluation processes and understanding of how the security threats evolve over time. This dissertation analyzes some of the most used identifying differences and commonalities, useful to compare them and assess their quality.
The dissertation then proposes a new enhanced methodology built by keeping the best of every analyzed methodology. The designed methodology is tested over different systems with very effective results, which is the main evidence that it could really be applied in practical cases. Most of the dissertation discusses and proves how the presented testing methodology could be applied to such different systems and even to evade security measures by inverting goals and scopes. Real cases are often hard to find in methodology' documents, in contrary this dissertation wants to show real and practical cases offering technical details about how to apply it.
Electronic voting systems are the first field test considered, and Pvote and Scantegrity are the two tested electronic voting systems. The usability and effectiveness of the designed methodology for electronic voting systems is proved thanks to this field cases analysis. Furthermore reputation and anti virus engines have also be analyzed with similar results.
The dissertation concludes by presenting some general guidelines to build a coordination-based approach of electronic voting systems to improve the security without decreasing the system modularity.
44
Ramilli, Marco <1983>. "A Design Methodology for Computer Security Testing." Doctoral thesis, Alma Mater Studiorum - Università di Bologna, 2013. http://amsdottorato.unibo.it/4438/.
Testo completoAbstract (sommario):
The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness.
Security testing methodologies are the first step towards standardized security evaluation processes and understanding of how the security threats evolve over time. This dissertation analyzes some of the most used identifying differences and commonalities, useful to compare them and assess their quality.
The dissertation then proposes a new enhanced methodology built by keeping the best of every analyzed methodology. The designed methodology is tested over different systems with very effective results, which is the main evidence that it could really be applied in practical cases. Most of the dissertation discusses and proves how the presented testing methodology could be applied to such different systems and even to evade security measures by inverting goals and scopes. Real cases are often hard to find in methodology' documents, in contrary this dissertation wants to show real and practical cases offering technical details about how to apply it.
Electronic voting systems are the first field test considered, and Pvote and Scantegrity are the two tested electronic voting systems. The usability and effectiveness of the designed methodology for electronic voting systems is proved thanks to this field cases analysis. Furthermore reputation and anti virus engines have also be analyzed with similar results.
The dissertation concludes by presenting some general guidelines to build a coordination-based approach of electronic voting systems to improve the security without decreasing the system modularity.
45
Dalwadi, Chintan. "Network and data security." Birmingham, Ala. : University of Alabama at Birmingham, 2006. http://www.mhsl.uab.edu/dt/2006m/dalwadi.pdf.
Testo completo
46
Desrosiers, Simon Pierre. "Quantum entropic security." Thesis, McGill University, 2009. http://digitool.Library.McGill.CA:80/R/?func=dbin-jump-full&object_id=95620.
Testo completoAbstract (sommario):
We present full generalizations of entropic security and entropic indistinguishability,notions introduced by Russell and Wang and then Dodis and Smith, to the quantumworld where no assumption other than a limit on the knowledge of the adversary ismade. This limit is quantified using the quantum conditional min-entropy as introducedby Renner. In this fully generalized model, we allow any kind of entanglementor correlation between the Sender and the Eavesdropper.A proof of equivalence between the two security definitions is presented. This proofof equivalence is much simpler and more powerful than what was previously doneand is by itself a worthy contribution. We also provide proofs of security for twodifferent ciphers in this model. These ciphers generalize existing schemes for approximatequantum encryption to the entropic security model. The key length requirementof these two schemes is exactly the same as their classical counterparts for separablestates. It is also, as far as we know, the first time that one can prove securityfor encryption schemes while allowing entanglement with the adversary and yet notrequiring perfect security .<br>Une généralisation complète des notions de sécurité entropique et d'indistinguabilitéentropique, telles que définies par Russell et Wang puis par Dodis et Smith, aumonde quantique est présentée. Aucune autre hypothèse qu'une borne inférieure surl'incertitude de l'adversaire, incertitude quantifiée par la notion de min-entropie conditionellequantique telle que définie par Renner, n'est présumée. Ce modèle permettoute forme de corrélation ou d'intrication entre l'adversaire et l'émetteur du message.Une démonstration de l'équivalence entre ces deux notions de sécurité est présentéequi est beaucoup plus simple que ce qui était connue au-paravant. Cette nouvellesimplicité est une contribution notable. Deux chiffres sont aussi généralisés à ce nouveaumodèle de sécurité et leur sécurité est démontrée. La taille de la clef requise afind'assurer la sécurité de ces deux chiffres est exactement la même que celle requise parleur équivalent classique. Ces chiffres sont sécuritaires même en présence d'intricationentre l'adversaire et l'émetteur, ce qui est, autant que nous le sachions, une premièresans requérir une sécurité parfaite.
47
Deccio, Casey T. "Network-layer Selective Security." Diss., CLICK HERE for online access, 2004. http://contentdm.lib.byu.edu/ETD/image/etd560.pdf.
Testo completo
48
Glisson, William Bradley. "The Web Engineering Security (WES) methodology." Thesis, University of Glasgow, 2008. http://theses.gla.ac.uk/186/.
Testo completoAbstract (sommario):
The World Wide Web has had a significant impact on basic operational economical components in global information rich civilizations. This impact is forcing organizations to provide justification for security from a business case perspective and to focus on security from a web application development environment perspective. This increased focus on security was the basis of a business case discussion and led to the acquisition of empirical evidence gathered from a high level Web survey and more detailed industry surveys to analyse security in the Web application development environment. Along with this information, a collection of evidence from relevant literature was also gathered. Individual aspects of the data gathered in the previously mentioned activities contributed to the proposal of the Essential Elements (EE) and the Security Criteria for Web Application Development (SCWAD). The Essential Elements present the idea that there are essential, basic organizational elements that need to be identified, defined and addressed before examining security aspects of a Web Engineering Development process. The Security Criteria for Web Application Development identifies criteria that need to be addressed by a secure Web Engineering process. Both the EE and SCWAD are presented in detail along with relevant justification of these two elements to Web Engineering. SCWAD is utilized as a framework to evaluate the security of a representative selection of recognized software engineering processes used in Web Engineering application development. The software engineering processes appraised by SCWAD include: the Waterfall Model, the Unified Software Development Process (USD), Dynamic Systems Development Method (DSDM) and eXtreme Programming (XP). SCWAD is also used to assess existing security methodologies which are comprised of the Orion Strategy; Survivable / Viable IS approaches; Comprehensive Lightweight Application Security Process (CLASP) and Microsoft’s Trust Worthy Computing Security Development Lifecycle. The synthesis of information provided by both the EE and SCWAD were used to develop the Web Engineering Security (WES) methodology. WES is a proactive, flexible, process neutral security methodology with customizable components that is based on empirical evidence and used to explicitly integrate security throughout an organization’s chosen application development process. In order to evaluate the practical application of the EE, SCWAD and the WES methodology, two case studies were conducted during the course of this research. The first case study describes the application of both the EE and SCWAD to the Hunterian Museum and Art Gallery’s Online Photo Library (HOPL) Internet application project. The second case study presents the commercial implementation of the WES methodology within a Global Fortune 500 financial service sector organization. The assessment of the WES methodology within the organization consisted of an initial survey establishing current security practices, a follow-up survey after changes were implemented and an overall analysis of the security conditions assigned to projects throughout the life of the case study.
49
El, Salamouny Ehab. "Probabilistic trust models in network security." Thesis, University of Southampton, 2011. https://eprints.soton.ac.uk/179163/.
Testo completoAbstract (sommario):
One of the dominant properties of a global computing network is the incomplete information available to principals about each other. This was the motivation of using the notion of probabilistic trust as an approach to security sensitive decision making in modern open and global computing systems. In such systems any principal A uses the outcomes of past interactions with another principal B to construct a probabilistic model approximating the behaviour of B. Using this model, the principal A can take decisions regarding interactions with B by estimating its future actions. Many existing frameworks adopt the so-called ‘Beta model’. The main limitation of these frameworks is that they assume the behaviour of any principal to be fixed, which is not realistic in many cases. In this thesis, we first address the application of probabilistic trust to optimise security protocols, and specifically give an example where the Crowds anonymity protocol is extended to use trust information. We then address the problem of evaluating probabilistic trust in principals exhibiting dynamic behaviours. In this respect, we formally analyse the ‘exponential decay’ technique as an approach to coping with principals’ dynamic behaviours. Given the identified limitations of this technique, a more general framework for trust and reputation is introduced. In this framework, Hidden Markov Models (HMMs) are used for modelling the dynamic behaviours of principals. This framework is formally analysed in terms of a notion of ‘estimation error’. Using an experimental approach based on Monte-Carlo methods to evaluate the expected estimation error, the introduced HMM-based framework for trust and reputation is compared to the existing Beta framework. The results show in general that the latter is getting more promising in evaluating trust in principals (‘trustees’) having dynamic behaviours as longer sequences of observations are available about such trustees.
50
Donta, Praveen Kumar. "Performance Analysis of Security Protocols." UNF Digital Commons, 2007. http://digitalcommons.unf.edu/etd/172.
Testo completoAbstract (sommario):
Security is critical to a wide range of applications and services. Numerous security mechanisms and protocols have been developed and are widely used with today’s Internet. These protocols, which provide secrecy, authentication, and integrity control, are essential to protecting electronic information.
There are many types of security protocols and mechanisms, such as symmetric key algorithms, asymmetric key algorithms, message digests, digital certificates, and secure socket layer (SSL) communication. Symmetric and asymmetric key algorithms provide secrecy. Message digests are used for authentication. SSL communication provides a secure connection between two sockets.
The purpose of this graduate project was to do performance analysis on various security protocols. These are performance comparisons of symmetric key algorithms DES (Data Encryption Standard), 3DES (Triple DES), AES (Advanced Encryption Standard), and RC4; of public-private key algorithms RSA and ElGamal; of digital certificates using message digests SHA1 (Secure Hash Algorithm) and MD5; and of SSL (Secure Sockets Layer) communication using security algorithms 3DES with SHA1 and RC4 with MD5.