Rozprawy doktorskie na temat „Metric Security”
Utwórz poprawne odniesienie w stylach APA, MLA, Chicago, Harvard i wielu innych
Sprawdź 50 najlepszych rozpraw doktorskich naukowych na temat „Metric Security”.
Przycisk „Dodaj do bibliografii” jest dostępny obok każdej pracy w bibliografii. Użyj go – a my automatycznie utworzymy odniesienie bibliograficzne do wybranej pracy w stylu cytowania, którego potrzebujesz: APA, MLA, Harvard, Chicago, Vancouver itp.
Możesz również pobrać pełny tekst publikacji naukowej w formacie „.pdf” i przeczytać adnotację do pracy online, jeśli odpowiednie parametry są dostępne w metadanych.
Przeglądaj rozprawy doktorskie z różnych dziedzin i twórz odpowiednie bibliografie.
Khan, Moazzam. "Security metric based risk assessment". Diss., Georgia Institute of Technology, 2013. http://hdl.handle.net/1853/47527.
Pełny tekst źródłaOwusu-Kesseh, Daniel. "The Relative Security Metric of Information Systems: Using AIMD Algorithms". University of Cincinnati / OhioLINK, 2016. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1462278857.
Pełny tekst źródłaKarabey, Bugra. "Attack Tree Based Information Technology Security Metric Integrating Enterprise Objectives With Vulnerabilities". Phd thesis, METU, 2011. http://etd.lib.metu.edu.tr/upload/12614100/index.pdf.
Pełny tekst źródłaErturk, Volkan. "A Framework Based On Continuous Security Monitoring". Master's thesis, METU, 2008. http://etd.lib.metu.edu.tr/upload/12610139/index.pdf.
Pełny tekst źródłaRich, Ronald P., i Jonathan S. Holmgren. "Metric methodology for the creation of environments and processes to certify a component : specifically the Naval Research Laboratory Pump". Thesis, Monterey, California. Naval Postgraduate School, 2003. http://hdl.handle.net/10945/1102.
Pełny tekst źródłaApproved for public release; distribution is unlimited
A of the NP, but the key requirement for Certification and Accreditation is the creation of a Protection Profile and an understanding of the DITSCAP requirements and process. This thesis creates a Protection Profile for the NP along with a draft Type SSAA for Certification and Accreditation of the NP.
Lieutenant, United States Navy
Lieutenant, United States Navy
Zhou, Luyuan. "Security Risk Analysis based on Data Criticality". Thesis, Linnéuniversitetet, Institutionen för datavetenskap och medieteknik (DM), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-93055.
Pełny tekst źródłaHolmgren, Jonathan S. Rich Ronald P. "Metric methodology for the creation of environments and processes to certify a component : specifically the Naval Research Laboratory Pump /". Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2003. http://library.nps.navy.mil/uhtbin/hyperion-image/03Mar%5FHolmgren.pdf.
Pełny tekst źródłaThesis advisor(s): George Dinolt, Craig Rasmussen. Includes bibliographical references (p. 155-157). Also available online.
Homer, John. "A comprehensive approach to enterprise network security management". Diss., Manhattan, Kan. : Kansas State University, 2009. http://hdl.handle.net/2097/1372.
Pełny tekst źródłaBilal, Muhammad, i Ganesh Sankar. "Trust & Security issues in Mobile banking and its effect on Customers". Thesis, Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation, 2011. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-3166.
Pełny tekst źródłaUsing mobile phones for mobile banking, customers can push or pull the details like Funds transfer, Bill payment, Share trade, Check order and also inquiries like Account balance, Account statement and Check status Transaction history etc. It means that the customer is interacting with the files, databases etc., of the bank . Database at the server end is sensitive in terms of security. Customers distrust mobile devices to transfer money or for making any transactions. The reason is that security is a major concern for the customer’s fulfillment. Customer’s main concern in using mobile devices for mobile banking is the authentication method used to ensure that the right person is accessing the services like transaction etc.The authors made a basic model for mobile banking transaction. All security risks were included in the transaction model. Then the authors focused on authentication method. By literature review and interview it was concluded that security can be improved by bio metric methods. The authors focused on different bio-metric mechanism and concluded that fingerprint mechanism is more suitable as it requires less storage capacity in database and identifies the uniqueness of customers. The authors suggest a possible solution by proposing finger-print mechanism model and designed a bio-metric scanning device as a solution through which customer can interact with banking system using their finger-print. The result of workshop shows that bio-metric finger print mechanism is more suitable and secure then other authentication methods for mobile banking.
004531847791
Taylor, Christopher P. "A Security Framework for Logic Locking Through Local and Global Structural Analysis". The Ohio State University, 2020. http://rave.ohiolink.edu/etdc/view?acc_num=osu1587681912604658.
Pełny tekst źródłaBATISTA, CARLOS FREUD ALVES. "SOFTWARE SECURITY METRICS". PONTIFÍCIA UNIVERSIDADE CATÓLICA DO RIO DE JANEIRO, 2007. http://www.maxwell.vrac.puc-rio.br/Busca_etds.php?strSecao=resultado&nrSeq=10990@1.
Pełny tekst źródłaA dependência cada vez maior da tecnologia de informação (TI) torna software seguro um elemento chave para a continuidade dos serviços de nossa sociedade atual. Nos últimos anos, instituições públicas e privadas aumentaram seus investimentos em segurança da informação, mas a quantidade de ataques vem crescendo mais rapidamente do que a nossa capacidade de poder enfrentálos, colocando em risco a propriedade intelectual, a relação de confiança de clientes e a operação de serviços e negócios apoiados pelos serviços de TI. Especialistas em segurança afirmam que atualmente boa parte dos incidentes de segurança da informação ocorrem a partir de vulnerabilidades encontradas no software, componente presente em boa parte dos sistemas de informação. Para tornar o software fidedigno em relação à segurança, a criação e o uso de métricas de segurança serão fundamentais para gerenciar e entender o impacto dos programas de segurança nas empresas. Porém, métricas de segurança são cobertas de mistério e consideradas bastante difíceis de serem implementadas. Este trabalho pretende mostrar que hoje ainda não é possível termos métricas quantitativas capazes de indicar o nível de segurança que o software em desenvolvimento virá a ter. Necessitam-se, então, outras práticas para assegurar níveis de segurança a priori, ou seja, antes de se por o software em uso.
Today`s growing dependency on information technology (IT) makes software security a key element of IT services. In recent years public and private institutions raised the investment on information security, however the number of attacks is growing faster than our power to face them, putting at risk intellectual property, customer`s confidence and businesses that rely on IT services. Experts say that most information security incidents occur due to the vulnerabilities that exist in software systems in first place. Security metrics are essential to assess software dependability with respect to security, and also to understand and manage impacts of security initiatives in organizations. However, security metrics are shrouded in mystery and very hard to implement. This work intends to show that there are no adequate metrics capable of indicating the security level that a software will achieve. Hence, we need other practices to assess the security of software while developing it and before deploying it.
Deka, Bhaswati. "Secure Localization Topology and Methodology for a Dedicated Automated Highway System". DigitalCommons@USU, 2013. https://digitalcommons.usu.edu/etd/1995.
Pełny tekst źródłaCalmon, Flavio du Pin. "Information-theoretic metrics for security and privacy". Thesis, Massachusetts Institute of Technology, 2015. http://hdl.handle.net/1721.1/101567.
Pełny tekst źródłaCataloged from PDF version of thesis.
Includes bibliographical references (pages 143-150).
In this thesis, we study problems in cryptography, privacy and estimation through the information-theoretic lens. We introduce information-theoretic metrics and associated results that shed light on the fundamental limits of what can be learned from noisy data. These metrics and results, in turn, are used to evaluate and design both symmetric-key encryption schemes and privacy-assuring mappings with provable information-theoretic security guarantees. We start by studying information-theoretic properties of symmetric-key encryption in the "small key" regime (i.e. when the key rate is smaller than the entropy rate of the message source). It is well known that security against computationally unbounded adversaries in such settings can only be achieved when the communicating parties share a key that is at least as long as the secret message (i.e. plaintext) being communicated, which is infeasible in practice. Nevertheless, even with short keys, we show that a certain level of security can be guaranteed, albeit not perfect secrecy. In order to quantify exactly how much security can be provided with short keys, we propose a new security metric, called symbol secrecy, that measures how much an adversary that observes only the encrypted message learns about individual symbols of the plaintext. Unlike most traditional rate-based information-theoretic metrics for security, symbol secrecy is non-asymptotic. Furthermore, we demonstrate how fundamental symbol secrecy performance bounds can be achieved through standard code constructions (e.g. Reed-Solomon codes). While much of information-theoretic security has considered the hiding of the plaintext, cryptographic metrics of security seek to hide functions thereof. Consequently, we extend the definition of symbol secrecy to quantify the information leaked about certain classes of functions of the plaintext. This analysis leads to a more general question: can security claims based on information metrics be translated into guarantees on what an adversary can reliably infer from the output of a security system? On the one hand, information metrics usually quantify how far the probability distribution between the secret and the disclosed information is from the ideal case where independence is achieved. On the other hand, estimation guarantees seek to assure that an adversary cannot significantly improve his estimate of the secret given the information disclosed by the system. We answer this question in the positive, and present formulations based on rate-distortion theory that allow security bounds given in terms of information metrics to be transformed into bounds on how well an adversary can estimate functions of secret variable. We do this by solving a convex program that minimizes the average estimation error over all possible distributions that satisfy the bound on the information metric. Using this approach, we are able to derive a set of general sharp bounds on how well certain classes of functions of a hidden variable can(not) be estimated from a noisy observation in terms of different information metrics. These bounds provide converse (negative) results: If an information metric is small, then any non-trivial function of the hidden variable cannot be estimated with probability of error or mean-squared error smaller than a certain threshold. The main tool used to derive the converse bounds is a set of statistics known as the Principal Inertia Components (PICs). The PICs provide a fine-grained decomposition of the dependence between two random variables. Since there are well-studied statistical methods for estimating the PICs, we can then determine the (im)possibility of estimating large classes of functions by using the bounds derived in this thesis and standard statistical tests. The PICs are of independent interest, and are applicable to problems in information theory, statistics, learning theory, and beyond. In the security and privacy setting, the PICs fulfill the dual goal of providing (i) a measure of (in)dependence between the secret and disclosed information of a security system, and (ii) a complete characterization of the functions of the secret information that can or cannot be reliably inferred given the disclosed information. We study the information-theoretic properties of the PICs, and show how they characterize the fundamental limits of perfect privacy. The results presented in this thesis are applicable to estimation, security and privacy. For estimation and statistical learning theory, they shed light on the fundamental limits of learning from noisy data, and can help guide the design of practical learning algorithms. Furthermore, as illustrated in this thesis, the proposed converse bounds are particularly useful for creating security and privacy metrics, and characterize the inherent trade-off between privacy and utility in statistical data disclosure problems. The study of security systems through the information-theoretic lens adds a new dimension for understanding and quantifying security against very powerful adversaries. Furthermore, the framework and metrics discussed here provide practical insight on how to design and improve security systems using well-known coding and optimization techniques. We conclude the thesis by presenting several promising future research directions.
by Flavio du Pin Calmon.
Ph. D.
Bouyahia, Tarek. "Metrics for security activities assisted by argumentative logic". Thesis, Ecole nationale supérieure Mines-Télécom Atlantique Bretagne Pays de la Loire, 2017. http://www.theses.fr/2017IMTA0013/document.
Pełny tekst źródłaThe growth and diversity of services offered by modern systems make the task of securing these systems a complex exercise. On the one hand, the evolution of the number of system services increases the risk of causing vulnerabilities. These vulnerabilities can be exploited by malicious users to reach some intrusion objectives. On the other hand, the most recent competitive systems are those that ensure a certain level of performance and quality of service while maintaining the safety state. Thus, modern security systems must consider the user requirements during the security process.In addition, reacting in critical contexts against an attack after its execution can not always mitigate the adverse effects of the attack. In these cases, security systems should be in a phase ahead of the attacker in order to take necessary measures to prevent him/her from reaching his/her intrusion objective. To address those problems, we argue in this thesis that the reaction process must follow a smart reasoning. This reasoning allows the system, according to a detected attack, to preview the related attacks that may occur and to apply the best possible countermeasures. On the one hand, we propose an approach that generates potential attack scenarios given a detected alert. Then, we focus on the generation process of an appropriate set of countermeasures against attack scenarios generated among all system responses defined for the system. A generated set of countermeasures is considered as appropriate in the proposed approach if it presents a coherent set (i.e., it does not contain conflictual countermeasures) and it satisfies security administrator requirements (e.g., performance, availability). We argue in this thesis that the reaction process can be seen as two agents arguing against each other. On one side the attacker chooses his arguments as a set of actions to try to reach an intrusion objective, and on the other side the agent defending the target chooses his arguments as a set of countermeasures to block the attacker's progress or mitigate the attack effects. On the other hand, we propose an approach based on a recommender system using Multi-Criteria Decision Making (MCDM) method. This approach assists security administrators while selecting countermeasures among the appropriate set of countermeasures generated from the first approach. The assistance process is based on the security administrator decisions historic. This approach permits also, to automatically select appropriate system responses in critical cases where the security administrator is unable to select them (e.g., outside working hours, lack of knowledge about the ongoing attack). Finally, our approaches are implemented and tested in the automotive system use case to ensure that our approaches implementation successfully responded to real-time constraints
Ramos, Alex Lacerda. "Network security metrics for the Internet of things". Universidade de Fortaleza, 2018. http://dspace.unifor.br/handle/tede/108423.
Pełny tekst źródłaRecent advances in networking technologies, such as the IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN) standard, have allowed to interconnect wireless sensor networks (WSNs) to the Internet, thus forming the Internet of Things (IoT). Despite the availability of different message security mechanisms, sensor networks are still vulnerable to several types of attack. To identify such attacks, an Intrusion Detection System (IDS) can be deployed. However, IDSs can generate several false positives and false negatives. Moreover, the alerts raised by IDSs provide no information regarding the impact an attack has on the security of a sensor network. As a consequence, it becomes difficult for WSN administrators and users to take proper responsive actions when attacks occur. To address these issues, this thesis proposes three security metrics. The first metric, called Trust Probability, quantifies by how much an IDS output could be trusted (to be correct). Such metric can help administrators decide which alerts deserve careful attention or which alerts might be safely ignored. Since this type of metric provides a measure of IDS effectiveness, it can also be used to compare different IDSs as well as to fine-tune a given IDS. The second metric, named Damage Level, quantifies the severity of an attack. This metric, when combined with the Trust Probability metric, enables the administrator to correctly prioritize and respond to alerts by evaluating them in terms of accuracy and attack impact. Finally, the third metric, namely Data Security Level, quantifies the degree to which sensor data can be trusted when the sensor is under attack. The security situational awareness provided by this metric helps WSN users make better decisions about the use of the gathered sensor data. Experimental results show that the proposed metrics can accurately quantify security level with low performance overhead and power consumption. Keywords: Network Security Metrics, Quantitative Security Analysis, Security Situational Awareness, Internet of Things, Wireless Sensor Networks.
Recentes avanços nas tecnologias de rede, tais como o padrão IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN), permitiram a interconexão de redes de sensores sem fio (RSSF) à Internet, formando assim a Internet das Coisas (Internet of Things -- IoT). Apesar da disponibilidade de diferentes mecanismos de segurança de mensagens, as redes de sensores ainda são vulneráveis a vários tipos de ataques. Para identificar esses ataques, um Sistema de Detecção de Intrusão (Intrusion Detection System -- IDS) pode ser implantado. No entanto, os IDSs podem gerar vários falsos positivos e falsos negativos. Além disso, os alertas gerados pelos IDSs não fornecem nenhuma informação sobre o impacto de um ataque sobre a segurança de uma RSSF. Consequentemente, torna-se difícil para os administradores e usuários da rede tomarem as devidas ações responsivas quando ataques ocorrerem. Para tratar estas questões, esta tese propõe três métricas de segurança. A primeira delas, chamada Trust Probability, quantifica o quão confiável (correto) é um output de um IDS. Essa métrica pode ajudar os administradores a decidir quais alertas merecem mais atenção ou quais podem ser ignorados com segurança. Já que essa métrica fornece uma medida da efetividade de um IDS, ela também pode ser usada para comparar diferentes IDSs, bem como para otimizar um dado IDS. A segunda métrica, denominada Damage Level, quantifica a gravidade de um ataque. Esta métrica, quando combinada com a Trust Probability, permite ao administrador priorizar e responder corretamente a alertas, avaliando-os em termos de precisão e impacto de ataque. Por fim, a terceira métrica, chamada de Data Security Level, quantifica quão confiáveis os dados dos sensores são quando a rede está sob ataque. Conhecer a informação fornecida por esta métrica ajuda os usuários a tomar melhores decisões sobre o uso dos dados coletados pelos sensores. Os resultados experimentais mostram que as métricas propostas podem quantificar com precisão o nível de segurança da rede, com baixo consumo de energia e sobrecarga de desempenho. Palavras-chave:Métricas de Segurança de Rede, Análise Quantitativa de Segurança, Consciência Situacional de Segurança, Internet das Coisas, Redes de Sensores sem Fio.
Alshammari, Bandar M. "Quality metrics for assessing security-critical computer programs". Thesis, Queensland University of Technology, 2011. https://eprints.qut.edu.au/49780/1/Bandar_Alshammari_Thesis.pdf.
Pełny tekst źródłaBengtsson, Mattias. "Mathematical foundation needed for development of IT security metrics". Thesis, Linköping University, Department of Electrical Engineering, 2007. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-9766.
Pełny tekst źródłaIT security metrics are used to achieve an IT security assessment of certain parts of the IT security environment. There is neither a consensus of the definition of an IT security metric nor a natural scale type of the IT security. This makes the interpretation of the IT security difficult. To accomplish a comprehensive IT security assessment one must aggregate the IT security values to compounded values.
When developing IT security metrics it is important that permissible mathematical operations are made so that the information are maintained all the way through the metric. There is a need for a sound mathematical foundation for this matter.
The main results produced by the efforts in this thesis are:
• Identification of activities needed for IT security assessment when using IT security metrics.
• A method for selecting a set of security metrics in respect to goals and criteria, which also is used to
• Aggregate security values generated from a set of security metrics to compounded higher level security values.
• A mathematical foundation needed for development of security metrics.
Lundholm, Kristoffer. "Design and implementation of a framework for security metrics creation". Thesis, Linköping University, Department of Electrical Engineering, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-18217.
Pełny tekst źródłaMeasuring information security is the key to unlocking the knowledge of how secure information systems really are. In order to perform these measurements, security metrics can be used. Since all systems and organizations are different, there is no single set of metrics that is generally applicable. In order to help organizations create metrics, this thesis will present a metrics creation framework providing a structured way of creating the necessary metrics for any information system. The framework takes a high level information security goal as input, and transforms it to metrics using decomposition of goals that are then inserted into a template. The thesis also presents a set of metrics based on a minimum level of information security produced by the Swedish emergency management agency. This set of metrics can be used to show compliance with the minimum level or as a base when a more extensive metrics program is created.
Lemos, Maria Carmen, David Manuel-Navarrete, Bram Leo Willems, Rolando Diaz Caravantes i Robert G. Varady. "Advancing metrics: models for understanding adaptive capacity and water security". ELSEVIER SCI LTD, 2016. http://hdl.handle.net/10150/622827.
Pełny tekst źródłaNia, Ramadianti Putri Mganga i Medard Charles. "Enhancing Information Security in Cloud Computing Services using SLA based metrics". Thesis, Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation, 2011. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-1999.
Pełny tekst źródłaCarl, Stephen J. "United States Foreign Assistance Programs: the Requirement of Metrics for Security Assistance and Security Cooperation Programs". Thesis, Monterey, California. Naval Postgraduate School, 2012. http://hdl.handle.net/10945/7316.
Pełny tekst źródłaVasilevskaya, Maria. "Security in Embedded Systems : A Model-Based Approach with Risk Metrics". Doctoral thesis, Linköpings universitet, Institutionen för datavetenskap, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-122149.
Pełny tekst źródłaIn the electronic version are grammatical and spelling errors corrected.
Doherty, Vincent J. "Metrics for success : using metrics in exercises to assess the preparedness of the fire service in Homeland Security". Thesis, Monterey, California. Naval Postgraduate School, 2004. http://handle.dtic.mil/100.2/ADA424982.
Pełny tekst źródłaTitle from title page of source document (viewed on April 23, 2008). "Approved for public release, distribution is unlimited." Includes bibliographical references (p. 73-74).
Třeštíková, Lenka. "Bezpečnostní metriky platformy SAP". Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2017. http://www.nusl.cz/ntk/nusl-363799.
Pełny tekst źródłaFarhady, Ghalaty Nahid. "Fault Attacks on Cryptosystems: Novel Threat Models, Countermeasures and Evaluation Metrics". Diss., Virginia Tech, 2016. http://hdl.handle.net/10919/72280.
Pełny tekst źródłaPh. D.
Prosperi, Paolo. "Metrics of food security and sustainability An indicator-based vulnerability and resilience approach". Doctoral thesis, Università di Catania, 2015. http://hdl.handle.net/10761/4012.
Pełny tekst źródłaAndersson, Rikard. "A Method for Assessment of System Security". Thesis, Linköping University, Department of Electrical Engineering, 2005. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-4386.
Pełny tekst źródłaWith the increasing use of extensive IT systems for sensitive or safety-critical applications, the matter of IT security is becoming more important. In order to be able to make sensible decisions about security there is a need for measures and metrics for computer security. There currently exist no established methods to assess the security of information systems.
This thesis presents a method for assessing the security of computer systems. The basis of the method is that security relevant characteristics of components are modelled by a set of security features and connections between components are modelled by special functions that capture the relations between the security features of the components. These modelled components and relations are used to assess the security of each component in the context of the system and the resulting system dependent security values are used to assess the overall security of the system as a whole.
A software tool that implements the method has been developed and used to demonstrate the method. The examples studied show that the method delivers reasonable results, but the exact interpretation of the results is not clear, due to the lack of security metrics.
Lundin, Reine. "Towards Measurable and Tunable Security". Licentiate thesis, Karlstad : Faculty of Economic Sciences, Communication and IT, Computer Science, Karlstad University, 2007. http://www.diva-portal.org/kau/abstract.xsql?dbid=1200.
Pełny tekst źródłaGarfin, Gregg, Robert Varady, Robert Merideth, Margaret O. Wilder i Christopher Scott. "Metrics for assessing adaptive capacity and water security: Common challenges, diverging contexts, emerging consensus". ELSEVIER SCI LTD, 2016. http://hdl.handle.net/10150/622654.
Pełny tekst źródłaBengtsson, Jonna. "Scenario-Based Evaluation of a Method for System Security Assessment". Thesis, Linköping University, Department of Electrical Engineering, 2005. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-6004.
Pełny tekst źródłaThis thesis evaluates a method for system security assessment (MASS), developed at the Swedish Defence Research Agency in Linköping. The evaluation has been carried out with the use of scenarios, consisting of three example networks and several modifications of those. The results from the scenarios are then compared to the expectations of the author and a general discussion is taken about whether or not the results are realistic.
The evaluation is not meant to be exhaustive, so even if MASS had passed the evaluation with flying colors, it could not have been regarded as proof that the method works as intended. However, this was not the case; even though MASS responded well to the majority of the modifications, some issues indicating possible adjustments or improvements were found and commented on in this report.
The conclusion from the evaluation is therefore that there are issues to be solved and that the evaluated version of MASS is not ready to be used to evaluate real networks. The method has enough promise not to be discarded, though. With the aid of the issues found in this thesis, it should be developed further, along with the supporting tools, and be re-evaluated.
Lundin, Reine. "Guesswork and Entropy as Security Measures for Selective Encryption". Doctoral thesis, Karlstads universitet, Avdelningen för datavetenskap, 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-14032.
Pełny tekst źródłaMiah, Abdul. "Product-based environmental metrics for use within aerospace, defence, space and security industries (ADS)". Thesis, University of Surrey, 2018. http://epubs.surrey.ac.uk/845983/.
Pełny tekst źródłaAraujo, Neto Afonso Comba de. "Security Benchmarking of Transactional Systems". reponame:Biblioteca Digital de Teses e Dissertações da UFRGS, 2012. http://hdl.handle.net/10183/143292.
Pełny tekst źródłaMost organizations nowadays depend on some kind of computer infrastructure to manage business critical activities. This dependence grows as computer systems become more reliable and useful, but so does the complexity and size of systems. Transactional systems, which are database-centered applications used by most organizations to support daily tasks, are no exception. A typical solution to cope with systems complexity is to delegate the software development task, and to use existing solutions independently developed and maintained (either proprietary or open source). The multiplicity of software and component alternatives available has boosted the interest in suitable benchmarks, able to assist in the selection of the best candidate solutions, concerning several attributes. However, the huge success of performance and dependability benchmarking markedly contrasts with the small advances on security benchmarking, which has only sparsely been studied in the past. his thesis discusses the security benchmarking problem and main characteristics, particularly comparing these with other successful benchmarking initiatives, like performance and dependability benchmarking. Based on this analysis, a general framework for security benchmarking is proposed. This framework, suitable for most types of software systems and application domains, includes two main phases: security qualification and trustworthiness benchmarking. Security qualification is a process designed to evaluate the most obvious and identifiable security aspects of the system, dividing the evaluated targets in acceptable or unacceptable, given the specific security requirements of the application domain. Trustworthiness benchmarking, on the other hand, consists of an evaluation process that is applied over the qualified targets to estimate the probability of the existence of hidden or hard to detect security issues in a system (the main goal is to cope with the uncertainties related to security aspects). The framework is thoroughly demonstrated and evaluated in the context of transactional systems, which can be divided in two parts: the infrastructure and the business applications. As these parts have significantly different security goals, the framework is used to develop methodologies and approaches that fit their specific characteristics. First, the thesis proposes a security benchmark for transactional systems infrastructures and describes, discusses and justifies all the steps of the process. The benchmark is applied to four distinct real infrastructures, and the results of the assessment are thoroughly analyzed. Still in the context of transactional systems infrastructures, the thesis also addresses the problem of the selecting software components. This is complex as evaluating the security of an infrastructure cannot be done before deployment. The proposed tool, aimed at helping in the selection of basic software packages to support the infrastructure, is used to evaluate seven different software packages, representative alternatives for the deployment of real infrastructures. Finally, the thesis discusses the problem of designing trustworthiness benchmarks for business applications, focusing specifically on the case of web applications. First, a benchmarking approach based on static code analysis tools is proposed. Several experiments are presented to evaluate the effectiveness of the proposed metrics, including a representative experiment where the challenge was the selection of the most secure application among a set of seven web forums. Based on the analysis of the limitations of such approach, a generic approach for the definition of trustworthiness benchmarks for web applications is defined.
Ray, Donald James. "A Quantified Model of Security Policies, with an Application for Injection-Attack Prevention". Scholar Commons, 2016. http://scholarcommons.usf.edu/etd/6133.
Pełny tekst źródłaRieger, Pavel. "Právní a systémová analýza e-Governmentu". Doctoral thesis, Vysoká škola ekonomická v Praze, 2013. http://www.nusl.cz/ntk/nusl-202340.
Pełny tekst źródłaMiani, Rodrigo Sanches 1983. "Um estudo sobre métricas e quantificação em segurança da informação". [s.n.], 2013. http://repositorio.unicamp.br/jspui/handle/REPOSIP/260948.
Pełny tekst źródłaTese (doutorado) - Universidade Estadual de Campinas, Faculdade de Engenharia Elétrica e de Computação
Made available in DSpace on 2018-08-23T07:05:01Z (GMT). No. of bitstreams: 1 Miani_RodrigoSanches_D.pdf: 2910742 bytes, checksum: e722dcc4c3bc0741a15ed5ec79cfa1ec (MD5) Previous issue date: 2013
Resumo: Com o aumento da frequência e diversidade de ataques, uma preocupação crescente das organizações é garantir a segurança da rede. Para compreender as ações que conduziram os incidentes e como eles podem ser mitigados, pesquisadores devem identificar e medir os fatores que influenciam os atacantes e também as vítimas. A quantificação de segurança é, em particular, importante na construção de métricas relevantes para apoiar as decisões que devem ser tomadas para a proteção de sistemas e redes. O objetivo deste trabalho foi propor soluções para auxiliar o desenvolvimento de modelos de quantificação de segurança aplicados em ambientes reais. Três diferentes abordagens foram usadas para a investigação do problema: identificação de limitações nos métodos existentes na literatura, investigação de fatores que influenciam a segurança de uma organização e a criação e aplicação de um questionário para investigar o uso de métricas na prática. Os estudos foram conduzidos usando dados fornecidos pela University of Maryland e pelo Centro de Atendimento a Incidentes de Segurança (CAIS) vinculado a Rede Nacional de Pesquisa (RNP). Os resultados mostraram que as organizações podem se beneficiar de análises mais rigorosas e eficientes a partir do uso de métricas de segurança e que a continuidade das pesquisas nessa área está intimamente ligada ao desenvolvimento de estudos em sistemas reais
Abstract: With the increase in the number and diversity of attacks, a critical concern for organizations is to keep their network secure. To understand the actions that lead to successful attacks and also how they can be mitigated, researchers should identify and measure the factors that influence both attackers and victims. Quantifying security is particularly important to construct relevant metrics that support the decisions that need to be made to protect systems and networks. In this work, we aimed at proposing solutions to support the development of security quantification models applied in real environments. Three different approaches were used to investigate the problem: identifying issues on existing methods, evaluating metrics using empirical analysis and conducting a survey to investigate metrics in practice. Studies were conducted using data provided by the University of Maryland and also by the Security Incident Response Team (CAIS) from the National Education and Research Network (RNP). Our results showed that organizations could better manage security by employing security metrics and also that future directions in this field are related to the development of studies on real systems
Doutorado
Telecomunicações e Telemática
Doutor em Engenharia Elétrica
Edge, Crystal. "Quantitative Assessment of the Modularization of Security Design Patterns with Aspects". NSUWorks, 2010. http://nsuworks.nova.edu/gscis_etd/142.
Pełny tekst źródłaWang, Hsiu-Chung. "Toward a Heuristic Model for Evaluating the Complexity of Computer Security Visualization Interface". Digital Archive @ GSU, 2006. http://digitalarchive.gsu.edu/cs_theses/35.
Pełny tekst źródłaAparicio-Navarro, Francisco J. "Using metrics from multiple layers to detect attacks in wireless networks". Thesis, Loughborough University, 2014. https://dspace.lboro.ac.uk/2134/16309.
Pełny tekst źródłaBirch, Huw. "A study into the feasibility of local renewable energy systems with storage, using security and sustainability metrics for optimisation and evaluation". Thesis, University of Sheffield, 2016. http://etheses.whiterose.ac.uk/16725/.
Pełny tekst źródłaMiani, Rodrigo Sanches. "Aplicação de metricas a analise de segurança em redes metropolitanas de acesso aberto". [s.n.], 2009. http://repositorio.unicamp.br/jspui/handle/REPOSIP/259460.
Pełny tekst źródłaDissertação (mestrado) - Universidade Estdual de Campinas, Faculdade de Engenharia Eletrica e de Computação
Made available in DSpace on 2018-08-13T09:33:37Z (GMT). No. of bitstreams: 1 Miani_RodrigoSanches_M.pdf: 1458322 bytes, checksum: 8aae1af3ae9789f087bb70e07f08660a (MD5) Previous issue date: 2009
Resumo: As questões relacionadas à garantia de segurança influenciam diretamente o sucesso da implantação de redes metropolitanas de acesso aberto. Dessa forma, são necessários métodos eficientes para analisar a segurança destas redes em todos os níveis (organizacional, físico e de sistemas), a fim de propor soluções e implementar melhorias. Nossa proposta consiste em criar métricas de segurança específicas para as redes metropolitanas de acesso aberto que visam medir a eficiência dos programas de segurança e apoiar o planejamento das ações contra os problemas detectados. Este trabalho apresenta um conjunto de doze métricas de segurança para tais redes e os parâmetros para a sua definição, tais como dois modelos para o cálculo do indicador de segurança de uma métrica. Também serão apresentados os resultados obtidos com a aplicação de tais métricas para o estabelecimento de políticas de segurança na rede metropolitana de acesso aberto de Pedreira, cidade localizada no interior do estado de São Paulo. Os resultados mostraram que a aplicação de métricas bem definidas pode ser eficiente na detecção de vulnerabilidades e correção de problemas de segurança.
Abstract: Information security has direct influence on any successful deployment of metropolitan broadband access networks. Efficient methods are required for security analysis of metropolitan networks in all levels: organization, structure and system. This work proposes the development and application of specific security metrics for metropolitan broadband access networks that aim to measure the efficiency of security programs and support action planning against detected problems. The approach presented in this work show metrics developed for these networks and parameters for metrics definition, such as a model for calculation of a security indicator of a metric. This paper also presents results achieved from application of the metrics reported here to establish security policies in the metropolitan broadband access network of Pedreira, a city located in the state of São Paulo, Brazil. These results show that well formed security metrics can be efficient in vulnerability detection and solutions of security issues.
Mestrado
Telecomunicações e Telemática
Mestre em Engenharia Elétrica
Nascimento, Tiago Belmonte. "Uma proposta de desenvolvimento de métricas para a rede da Unipampa". Universidade Federal do Pampa, 2013. http://dspace.unipampa.edu.br:8080/xmlui/handle/riu/246.
Pełny tekst źródłaMade available in DSpace on 2015-05-09T19:15:36Z (GMT). No. of bitstreams: 1 107110009.pdf: 1750995 bytes, checksum: 7c771ac4e6d9517bfe5c709731c3743e (MD5) Previous issue date: 2013-07-25
Um dos maiores desafios da implantação da Universidade Federal do Pampa como uma instituição pública de ensino superior no interior do Rio Grande do Sul é a estruturação de sua rede de dados. Devido às suas peculiaridades a rede de computadores da UNIPAMPA necessita de controles eficientes para garantir sua operação com estabilidade e segurança. Dessa forma, torna-se imprescindível o uso de sistemas confiáveis de comunicação que interliguem todas estas unidades descentralizadas. Em geral, a confiabilidade dos sistemas de comunicação pode ser melhorada em três grandes frentes de ação. 1) manipulação e codificação da informação, 2) melhoria de recursos como potência e banda nos canais de comunicação físicos 3) levantamento de métricas nos pontos de transmissão e recepção. A fim de colaborar neste processo, nosso trabalho consistiu na elaboração de uma proposta do uso de métricas na política de segurança desta rede, tornando mais eficiente a detecção de vulnerabilidades e a orientação de novas políticas de segurança e investimentos. As 10 métricas apresentadas e o método que foi utilizado para gerá-las podem ser aplicados em qualquer rede com características similares à rede da Unipampa.
One of the biggest challenges in the implementation of the University of Pampa as a public university in the countryside of the state of Rio Grande do Sul is the structure of its data network. Due to its peculiarities, the Unipampa's computer network needs efficient controls to ensure operations with stability and safety. Thus, it ecomes essential to use reliable communication systems that interconnect all these decentralized units. In general, the reliability of communication systems can be improved in three major areas of action. 1) anipulation and encoding of information, 2) improving resources such as power and bandwidth in communication physical channels 3) survey metrics at points of transmission and reception. Aiming to contribute in this process, our research consisted in elaborating a proposal of metric use in the security policy of this network, making the vulnerability detection more efficient as well as the orientation of new policies of safety and investment. The 10 metrics and presented method was used to generate them may be applied in any network with similar characteristics to the network of Unipampa.
Voronkov, Artem. "Usable Firewall Rule Sets". Licentiate thesis, Karlstads universitet, Institutionen för matematik och datavetenskap (from 2013), 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-64703.
Pełny tekst źródłaNetwork security is an important aspect that must be taken into account. Firewalls are systems that are used to make sure that authorized network traffic is allowed and unauthorized traffic is prohibited. However, setting up a firewall correctly is a challenging task. Their configuration files might be hard to understand even for system administrators. The overall aim of this thesis is to identify firewall usability gaps and to mitigate them. To achieve the first part of the objective, we conduct a series of interviews with system administrators. In the interviews, system administrators are asked about the problems they face when dealing with firewalls. After having ascertained that the usability problems exist, we conduct a systematic literature review to get an understanding on the state of the art of the field. This review classifies available solutions and identifies open challenges. To achieve the second part of the objective, a set of usability metrics is proposed and mathematically formalized. A strong correlation between our metrics and how system administrators describe usability is identified.
HITS, 4707
Holm, Hannes. "A Framework and Calculation Engine for Modeling and Predicting the Cyber Security of Enterprise Architectures". Doctoral thesis, KTH, Industriella informations- och styrsystem, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-140525.
Pełny tekst źródłaInformationsteknik (IT) är en grundsten i vårt moderna samhälle och grundläggande för staters hantering av samhällstjänster, ekonomisk tillväxt och nationell säkerhet. Det är därför av vikt att IT-system hålls i ett tillförlitligt och säkert tillstånd. Då moderna IT-system vanligen består av en mångfald av olika integrerade komponenter, inklusive människor och processer som nyttjar eller stödjer systemet (ofta benämnd organisationsövergripande arkitektur, eller enterprise architecture), är detta tyvärr ingen enkel uppgift. För att förvärra det hela så finns det även illvilliga aktörer som ämnar utnyttja sårbarheter i den organisationsövergripande arkitekturen för att utföra obehörig aktivitet inom den. Olika modeller har föreslagits av den akademiska världen och näringslivet för att identifiera samt behandla sårbarheter i organisationsövergripande arkitekturer, men det finns ännu ingen modell som är tillräckligt omfattande. Bidraget presenterat i denna avhandling är ett modelleringsramverk och en beräkningsmotor som kan användas som stöd av organisatoriska beslutsfattare med avseende på säkerhetsärenden. Sammanfattningsvis kan bidraget användas för att modellera och analysera sårbarheten av organisationsövergripande arkitekturer, samt ge förbättringsförslag baserat på dess uppskattningar. Bidraget har testats i fallstudier och validerats på både komponentnivå och systemnivå; resultaten från dessa studier visar att det är lämpligt för att stödja organisatoriskt beslutsfattande. Avhandlingen är en sammanläggningsavhandling med åtta artiklar. Artikel 1 beskriver en metod och ett dataset som kan användas för att validera avhandlingens bidrag och andra modeller likt detta. Artikel 2 presenterar vilka statistiska fördelningar som är bäst lämpade för att beskriva tiden som krävs för att kompromettera en dator. Artikel 3 beskriver uppskattningar av tiden som krävs för att upptäcka nya sårbarheter i webbapplikationer. Artikel 4 beskriver uppskattningar för möjligheten att kringgå webbapplikationsbrandväggar. Artikel 5 beskriver en studie av den tid som krävs för att en angripare skall kunna anskaffa kritiska sårbarheter och program för att utnyttja dessa för kompilerad programvara. Artikel 6 presenterar effektiviteten av sju vanligt nyttjade verktyg som används för att automatiskt identifiera sårbarheter i nätverk. Artikel 7 beskriver förmågan av det signatur-baserade intrångsdetekteringssystemet Snort att upptäcka attacker som är nyare, eller äldre, än dess regeluppsättning. Slutligen beskriver artikel 8 ett verktyg som kan användas för att uppskatta sårbarheten av organisationsövergripande arkitekturer; grunden för detta verktyg är de resultat som presenteras i artikel 1-7.
QC 20140203
Wonjiga, Amir Teshome. "User-centric security monitoring in cloud environments". Thesis, Rennes 1, 2019. http://www.theses.fr/2019REN1S080.
Pełny tekst źródłaMigrating to the cloud results in losing full control of the physical infrastructure as the cloud service provider (CSP) is responsible for managing the infrastructure including its security. As this incites tenants to rely on CSPs for the security of their information system, it creates a trust issue. CSPs acknowledge the trust issue and provide a guarantee through Service Level Agreement (SLA). The agreement describes the provided service and penalties for the cases of violation. Almost all existing SLAs only address the functional features of the cloud and thus do not guarantee the security aspect of tenants’ hosted services. Security monitoring is the process of collecting and analyzing indicators of potential security threats, then triaging these threats by appropriate action. It is highly desirable for CSPs to provide user-specific security monitoring services which are based on the requirements of a tenant. In this thesis we present our contribution to include user-centric security monitoring terms into cloud SLAs. This requires performing different tasks in the cloud service life-cycle, starting before the actual service deployment until the end of the service. Our contributions are presented as follows : we design extensions to an existing SLA language called Cloud SLA (CSLA). Our extension, called Extended CSLA (ECSLA), allows tenants to describe their security monitoring requirements in terms of vulnerabilities. More precisely, a security monitoring service is described as a relation between user requirements as vulnerabilities, a software product having the vulnerabilities and an infrastructure where the software is running. To offer security monitoring SLAs, CSPs need to measure the performance of their security monitoring capability with different configurations. We propose a solution to reduces the required number of evaluations compared to the number of possible configurations. The proposed solution introduces two new ideas. First, we design a knowledge base building method which uses clustering to categorize a bunch of vulnerabilities together in groups using some heuristics. Second we propose a model to quantify the interference between operations of monitoring vulnerabilities. Using these two methods we can estimate the performance of a monitoring device with few numbers of evaluations compared to the naive approach. The metrics used in our SLA terms consider the operational environment of the security monitoring devices. In order to consider the non-determistic operational environment parameters, we propose an estimation mechanism where the performance of a monitoring device is measured using known parameters and the result is used to model its performance and estimate it for unknown values of that parameter. An SLA definition contains the model, which can be used whenever the measurement is performed. We propose an in situ evaluation method of the security monitoring configuration. It can evaluate the performance of a security monitoring setup in a production environment. The method uses an attack injection technique but injected attacks do not affect the production virtual machines. We have implemented and evaluated the proposed method. The method can be used by either of the parties to compute the required metric. However, the method requires cooperation between tenants and CSPs. In order to reduce the dependency between tenants and CSPs while performing verification, we propose to use a logical secure component. The proposed use of a logical secure component for verification is illustrated in an SLA addressing data integrity in clouds. The method uses a secure trusted and distributed ledger (blockchain) to store evidences of data integrity. The method allows checking data integrity without relying on the other party. If there is any conflict between tenants and CSPs the evidence can be used to resolve the conflict
Habib, Zadeh Esmaeil. "Modelling and Quantitative Analysis of Performance vs Security Trade-offs in Computer Networks: An investigation into the modelling and discrete-event simulation analysis of performance vs security trade-offs in computer networks, based on combined metrics and stochastic activity networks (SANs)". Thesis, University of Bradford, 2017. http://hdl.handle.net/10454/17412.
Pełny tekst źródłaBaker, Wade Henderson. "Toward a Decision Support System for Measuring and Managing Cybersecurity Risk in Supply Chains". Diss., Virginia Tech, 2017. http://hdl.handle.net/10919/85128.
Pełny tekst źródłaPh. D.
Prosperi, Paolo. "Mesures de la sécurité alimentaire et de l'alimentation durable en Méditerranée, basées sur les approches de la vulnérabilité et de la résilience". Electronic Thesis or Diss., Montpellier, SupAgro, 2015. http://www.supagro.fr/theses/extranet/15-0003_Prosperi.pdf.
Pełny tekst źródłaRecurrent food crises and global change, along with habitat loss and micronutrient deficiencies, placed food security and environmental sustainability at the top of the political agenda. Analyses of the dynamic interlinkages between food consumption patterns and environmental concerns recently received considerable attention from the international community. Socioeconomic and biophysical changes affect the food system functions including food and nutrition security. The sustainability of food system is at risk. Building sustainable food systems has become a key effort to redirect our food systems and policies towards better-adjusted goals and improved societal welfare. Food systems involve multiple interactions between human and natural components. The systemic nature of these interactions calls for systems approaches and integrated assessment tools. Identifying and modeling the intrinsic properties of the food system can help tracking progress towards sustainability and setting policies towards positive transformations.The general objective of this thesis is to analyze and explore the sustainability of the food system through identifying a set of metrics at the Mediterranean region level. The specific aims consist of developing a multidimensional framework to evaluate the sustainability of food systems and diets, identifying the main variables to formalize and operationalize the abstract and multidimensional concept of sustainable food systems, and defining metrics for assessing the sustainability of food systems and diets, at a subregional level.Through a broad understanding of sustainability, the methodological approach of this thesis builds on the theories of vulnerability and resilience. Following the steps of the global change vulnerability assessment a causal factor analysis is presented concerning three Mediterranean countries, namely Spain, France and Italy. Formulating "what is vulnerable to what" hypotheses, we identified eight causal models of vulnerability. A three-round Delphi survey was then applied to select indicators on the basis of the vulnerability/resilience theoretical framework.A conceptual hierarchical framework was identified for modeling the complex relationships between food and nutrition security and sustainability for developing potential indicators of sustainable diets and food systems. A feedback-structured framework of the food system formalized eight selected causal models of vulnerability and resilience and identified intrinsic properties of the food system, shaping the interactions where a set of drivers of change (Water depletion; Biodiversity loss; Food price volatility; Changes in food consumption patterns) directly affect food and nutrition security outcomes at a subregional level (Nutritional quality of food supply; Affordability of food; Dietary energy balance; Satisfaction of cultural food preferences). Each interaction was disentangled in exposure, sensitivity and resilience. This theoretical framework was operationalized through the identification of a set of 136 indicators. The Delphi study revealed low, medium, and high consensus and majority level on indicators in 75% of the interactions out of the 24 initial ones. The results obtained in terms of global response, expert participation rates, and consensus on indicators were then satisfactory. Also, expert confirmed with positive feedback the appraisal of the components of the framework.This theoretical modeling exercise and the Delphi survey allowed the identification of a first suite of indicators, moving beyond single and subjective evaluation, and reaching consensus on metrics of sustainable diets and food systems for supporting decision-making. The operationalization of the theories of vulnerability and resilience, through an indicator-based approach, can contribute to further analyses on the socioeconomic and biophysical aspects and interlinkages concerning the sustainability of diets and food systems
Mohd, Saudi Madihah. "A new model for worm detection and response : development and evaluation of a new model based on knowledge discovery and data mining techniques to detect and respond to worm infection by integrating incident response, security metrics and apoptosis". Thesis, University of Bradford, 2011. http://hdl.handle.net/10454/5410.
Pełny tekst źródłaBarabas, Maroš. "Bezpečnostní analýza síťového provozu pomocí behaviorálních signatur". Doctoral thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2016. http://www.nusl.cz/ntk/nusl-412570.
Pełny tekst źródła