Gotowa bibliografia na temat „Systèmes informatiques – Mesures de sûreté – Évaluation”
Utwórz poprawne odniesienie w stylach APA, MLA, Chicago, Harvard i wielu innych
Spis treści
Zobacz listy aktualnych artykułów, książek, rozpraw, streszczeń i innych źródeł naukowych na temat „Systèmes informatiques – Mesures de sûreté – Évaluation”.
Przycisk „Dodaj do bibliografii” jest dostępny obok każdej pracy w bibliografii. Użyj go – a my automatycznie utworzymy odniesienie bibliograficzne do wybranej pracy w stylu cytowania, którego potrzebujesz: APA, MLA, Harvard, Chicago, Vancouver itp.
Możesz również pobrać pełny tekst publikacji naukowej w formacie „.pdf” i przeczytać adnotację do pracy online, jeśli odpowiednie parametry są dostępne w metadanych.
Artykuły w czasopismach na temat "Systèmes informatiques – Mesures de sûreté – Évaluation"
Kelly, H. William. "Comparison of Inhaled Corticosteroids". Annals of Pharmacotherapy 32, nr 2 (luty 1998): 220–32. http://dx.doi.org/10.1345/aph.17014.
Pełny tekst źródłaRozprawy doktorskie na temat "Systèmes informatiques – Mesures de sûreté – Évaluation"
Rabah, Mourad. "Évaluation de la sûreté de fonctionnement de systèmes multiprocesseurs à usage multiple". Toulouse, INPT, 2000. http://www.theses.fr/2000INPT021H.
Pełny tekst źródłaVache, Géraldine. "Evaluation quantitative de la sécurité informatique : approche par les vulnérabilités". Toulouse, INSA, 2009. http://eprint.insa-toulouse.fr/archive/00000356/.
Pełny tekst źródłaThis thesis presents a new approach for quantitative security evaluation for computer systems. The main objective of this work is to define and evaluate several quantitative measures. These measures are probabilistic and aim at quantifying the environment influence on the computer system security considering vulnerabilities. Initially, we identified the three factors that have a high influence on system state: 1) the vulnerability life cycle, 2) the attacker behaviour and 3) the administrator behaviour. We studied these three factors and their interdependencies and distinguished two main scenarios based on nature of vulnerability discovery, i. E. Malicious or non malicious. This step allowed us to identify the different states of the system considering the vulnerability exploitation process and to define four measures relating to the states of the system: vulnerable, exposed, compromised, patched and secure. To evaluate these measures, we modelled the process of system compromising by vulnerability exploitation. Afterwards, we characterized the vulnerability life cycle events quantitatively, using real data from a vulnerability database, in order to assign realistic values to the parameters of the models. The simulation of these models enabled to obtain the values of the four measures we had defined. Finally, we studied how to extend the modelling to consider several vulnerabilities. So, this approach allows the evaluation of measures quantifying the influences of several factors on the system security
Gadelrab, Mohammed El-Sayed Gadelrab. "Évaluation des systèmes de détection d'intrusion". Toulouse 3, 2008. http://thesesups.ups-tlse.fr/435/.
Pełny tekst źródłaThis thesis contributes to the improvement of intrusion detection system (IDS) evaluation. The work is motivated by two problems. First, the observed increase in the number and the complexity of attacks requires that IDSes evolve to stay capable of detecting new attack variations efficiently. Second, the large number of false alarms that are generated by current IDSes renders them ineffective or even useless. Test and evaluation mechanisms are necessary to determine the quality of detection of IDSes or of their detection algorithms. Unfortunately, there is currently no IDS evaluation method that would be unbiased and scientifically rigorous. During our study, we have noticed that current IDS evaluations suffer from three major weaknesses: 1) the lack of a rigorous methodology; 2) the use of non-representative test datasets; and 3) the use of incorrect metrics. From this perspective, we have introduced a rigorous approach covering most aspects of IDS evaluation. In the first place, we propose an evaluation methodology that allows carrying out the evaluation process in a systematic way. Secondly, in order to create representative test datasets, we have characterized attacks by classifying attack activities with respect to IDS-relevant manifestations or features. This allows not only to select attacks that will be included in the evaluation dataset but also to analyze the evaluation result with respect to attack classes rather than individual attack instances. Third, we have analyzed a large number of attack incidents and malware samples, such as viruses and worms. Thanks to this analysis, we built a model for the attack process that exhibits the dynamics of attack activities. This model allows us to generate a large number of realistic and diverse attack scenarios. The proposed methods have been experimented on two very different IDSes to show how general is our approach. The results show that the proposed approach allows overcoming the two main weaknesses of existing evaluations, i. E. , the lack of a rigorous methodology and the use of non-representative datasets. .
Martinello, Magnos. "Modélisation et évaluation de la disponibilité de services mis en oeuvre sur le web : une approche pragmatique". Toulouse, INPT, 2005. https://hal.science/tel-04595476.
Pełny tekst źródłaThis thesis presents a pragmatic modeling approach allowing designers of web-based applications and systems to evaluate the service availability provided to the users. Multiple sources of service unavailability are taken into account, in particular i) hardware and software failures affecting the servers, and ii) performance degradation (overload of servers, very long response time, etc. ). An hierarchical multi-level approach is proposed based on performability modeling, combining Markov chains and queueing models. The main concepts and the feasibility of this approach are illustrated using a web-based travel agency. Various analytical models and sensitivity studies are presented considering different assumptions with respect to the architectures, recovery strategies, faults, users profile and traffic characteristics
Kang, Eun-Young. "Abstractions booléennes pour la vérification des systèmes temps-réel". Thesis, Nancy 1, 2007. http://www.theses.fr/2007NAN10089/document.
Pełny tekst źródłaThis thesis provides an efficient formal scheme for the tool-supported real-time system verification by combination of abstraction-based deductive and model checking techniques in order to handle the limitations of the applied verification techniques. This method is based on IAR (Iterative Abstract Refinement) to compute finite state abstractions. Given a transition system and a finite set of predicates, this method determines a finite abstraction, where each state of the abstract state space is a true assignment to the abstraction predicates. A theorem prover can be used to verify that the finite abstract model is a correct abstraction of a given system by checking conformance between an abstract and a concrete model by establishing/proving that a set of verification conditions are obtained during the IAR procedure. Then the safety/liveness properties are checked over the abstract model. If the verification condition holds successfully, IAR terminates its procedure. Otherwise more analysis is applied to identify if the abstract model needs to be more precise by adding extra predicates. As abstraction form, we adopt a class of predicate diagrams and define a variant of predicate diagram PDT (Predicate Diagram for Timed systems) that can be used to verify real-time and parameterized systems
Varet, Antoine. "Conception, mise en oeuvre et évaluation d'un routeur embarqué pour l'avionique de nouvelle génération". Phd thesis, INSA de Toulouse, 2013. http://tel.archives-ouvertes.fr/tel-00932283.
Pełny tekst źródłaDacier, Marc. "Vers une évaluation quantitative de la sécurité informatique". Phd thesis, Institut National Polytechnique de Toulouse - INPT, 1994. http://tel.archives-ouvertes.fr/tel-00012022.
Pełny tekst źródłaLes modèles formels développés pour l'étude de la sécurité informatique, n'offrent pas le cadre mathématique désiré. L'auteur montre qu'ils adoptent une hypothèse de pire cas sur le comportement des utilisateurs, incompatible avec une modélisation réaliste. Après avoir montré, sur la base du modèle take-grant, comment s'affranchir de cette hypothèse, l'auteur définit un nouveau modèle, le graphe des privilèges, plus efficace pour gérer certains problèmes de protection. Il illustre son utilisation dans le cadre des systèmes Unix.
Enfin, l'auteur propose d'évaluer la sécurité en calculant le temps et l'effort nécessaires à un intrus pour violer les objectifs de protection. Il montre comment définir un cadre mathématique apte à représenter le système pour obtenir de telles mesures. Pour cela, le graphe des privilèges est transformé en un réseau de Petri stochastique et son graphe des marquages est dérivé. Les mesures sont calculées sur cette dernière structure et leurs propriétés mathématiques sont démontrées. L'auteur illustre l'utilité du modèle par quelques résultats issus d'un prototype développé afin d'étudier la sécurité opérationnelle d'un système Unix.
Duchene, Julien. "Développement et évaluation d'obfuscations de protocoles basées sur la spécification". Electronic Thesis or Diss., Toulouse, INSA, 2018. http://www.theses.fr/2018ISAT0054.
Pełny tekst źródłaThere are more and more protocols. Many of them have their specification available for interoperability purpose for instance. However, when it comes to intellectual property, this specification is kept secret. Attackers might use a wrongly implemented protocol to compromise a system, if he has access to the specification, it’s attack would be far more efficient. Even if he does not have access to the specification, he can reverse-engine it. Thus, create protocols hard to reverse is interesting. In this thesis, we develop a novel approach of protocol protections to make protocol reverse engineering more complex. We apply some obfuscations on protocol message format, furthermore, we do it automatically from the original protocol specification. Firstly, we have analyzed more than 30 different contributions of protocol reverse engineering tools. We retrieved the following elements : 1) Protocol reverse engineering tools try to infer regular models ; 2) They suppose that the parsing is done from left to right ; 3) They delimit fields based on well-known delimiters or with ad-hoc techniques ; 4) They cluster messages based on pattern similarity measures. Thus, to make protocol reverse harder, one can create protocols which does not respect theses statements. Secondly, we have proposed a model of message format on which obfuscations can be applied. With this model, we also provide some atomic obfuscations which can be composed. Each obfuscation target one or more protocol reverse engineering hypothesis. Obfuscation composition ensures effectiveness of our solution and makes protocol reverse-engineering more complex. This model is used to automatically generate code for parser, serializer and accessors. This solution is implemented into a framework we called ProtoObf. ProtoObf is used to evaluate obfuscations performance. Results show an increase of protocol complexity with the number of obfuscation composition while costs (particularly the serialized buffer size) stay low
Bennaceur, Mokhtar Walid. "Formal models for safety analysis of a Data Center system". Thesis, Université Paris-Saclay (ComUE), 2019. http://www.theses.fr/2019SACLV078/document.
Pełny tekst źródłaA Data Center (DC) is a building whose purpose is to host IT devices to provide different internet services. To ensure constant operation of these devices, energy is provided by the electrical system, and to keep them at a constant temperature, a cooling system is necessary. Each of these needs must be ensured continuously, because the consequence of breakdown of one of them leads to an unavailability of the whole DC system, and this can be fatal for a company.In our Knowledge, there exists no safety and performance studies’, taking into account the whole DC system with the different interactions between its sub-systems. The existing analysis studies are partial and focus only on one sub-system, sometimes two. The main objective of this thesis is to contribute to the safety analysis of a DC system. To achieve this purpose, we study, first, each DC sub-system (electrical, thermal and network) separately, in order to define their characteristics. Each DC sub-system is a production system and consists of combinations of components that transform entrance supplies (energy for the electrical system, air flow for the thermal one, and packets for the network one) into exits, which can be internet services. Currently the existing safety analysis methods for these kinds of systems are inadequate, because the safety analysis must take into account not only the internal state of each component, but also the different production flows circulating between components. In this thesis, we consider a new modeling methodology called Production Trees (PT) which allows modeling the relationship between the components of a system with a particular attention to the flows circulating between these components.The PT modeling technique allows dealing with one kind of flow at once. Thus its application on the electrical sub-system is suitable, because there is only one kind of flows (the electric current). However, when there are dependencies between sub-systems, as in thermal and network sub-systems, different kinds of flows need to be taken into account, making the application of the PT modeling technique inadequate. Therefore, we extend this technique to deal with dependencies between the different kinds of flows in the DC. Accordingly it is easy to assess the different safety indicators of the global DC system, taking into account the interactions between its sub-systems. Moreover we make some performance statistics. We validate the results of our approach by comparing them to those obtained by a simulation tool that we have implemented based on Queuing Network theory.So far, Production Trees models are not tool supported. Therefore we propose a solution method based on the Probability Distribution of Capacity (PDC) of flows circulating in the DC system. We implement also the PT model using the AltaRica 3.0 modeling language, and use its dedicated stochastic simulator to estimate the reliability indices of the system. This is very important to compare and validate the obtained results with our assessment method. In parallel, we develop a tool which implements the PT solution algorithm with an interactive graphical interface, which allows creating, editing and analyzing PT models. The tool allows also displaying the results, and generates an AltaRica code, which can be subsequently analyzed using the stochastic simulator of AltaRica 3.0 tool
Liu, Yi. "Security Assessment Against Side-Channel Attacks : Insights from an Information-Theoretic Perspective". Electronic Thesis or Diss., Institut polytechnique de Paris, 2023. http://www.theses.fr/2023IPPAT033.
Pełny tekst źródłaIn today's world, the widespread use of cryptographic devices highlights the need for their secure operation. Unintended leakages, like time, power, and electromagnetic emissions, can allow attackers to deduce secret keys via side-channel attacks (SCAs). Evaluating the security of cryptographic devices against SCAs is important for both the industrial and academic sectors, and information-theoretic metrics turn out to be effective tools. “Masking” stands out as a key countermeasure, with ongoing discussions on its optimization and the security of its implementations. In light of this context, the central aims of this thesis are to quantify side-channel leakage, appraise the security of cryptographic devices against SCAs (both unprotected and masked), and to explore methodologies for formulating more potent masking codes. For masking code construction, we establish linear programming bounds for the kissing number of q-ary linear codes, guided by recent findings on optimized code-based masking performance related to the dual code's kissing number. In addition, we demonstrate the connection between code-based masking efficacy and the whole weight enumeration of the dual of the masking code. The lexicographical order based on weight distribution prefixes is proposed for selecting ideal masking codes. Regarding side-channel leakage evaluation, we introduce a novel information metric, called conditional Sibson's alpha-information. This metric has an explicit expression and possesses several beneficial properties. Utilizing this metric, we delve into the sidechannel leakage of unprotected devices. Additionally, we use Fano's mutual information to evaluate the sidechannel leakage of code-based masked implementations under probing model. Lastly, when considering the security assessment of masked implementations, we utilize the alphainformation measure to appraise the security of both arithmetic and Boolean masking implementations. We derive universal bounds on the probability of success of any type of side-channel attack. These also provide lower bounds on the minimum number of queries required to achieve a given success rate
Książki na temat "Systèmes informatiques – Mesures de sûreté – Évaluation"
Jan, Christophe. La sécurité informatique. Paris: Eyrolles, 1989.
Znajdź pełny tekst źródłaCRYPTO (Conference) (1992 Santa Barbara, Calif.). Advances in cryptology--CRYPTO '92: 12th Annual International Cryptology Conference, Santa Barbara, California, USA, August 16-20, 1992 : proceedings. Berlin: Springer-Verlag, 1993.
Znajdź pełny tekst źródłaFaith, Cranor Lorrie, i Garfinkel Simson, red. Security and Usability: Designing Secure Systems That People Can Use. Beijing: O'Reilly, 2005.
Znajdź pełny tekst źródłaBauer, Friedrich Ludwig. Decrypted secrets: Methods and maxims of cryptology. Berlin: Springer, 1997.
Znajdź pełny tekst źródłaHansteen, Peter N. M. Le livre de PF: Packet filter. Paris: Eyrolles, 2009.
Znajdź pełny tekst źródłaJoshua, Quittner, red. Masters of deception: The gang that ruled cyberspace. New York: HarperPerennial, 1996.
Znajdź pełny tekst źródłaSlatalla, Michelle. Masters of deception: The gang that ruled cyberspace. New York: HarperCollins Publishers, 1995.
Znajdź pełny tekst źródłaEuropean Symposium on Research in Computer Security (3rd 1994 Brighton, England). Computer security: ESORICS 94 : third European Symposium on Research in Computer Security, Brighton, United Kingdom, November 7-9, 1994 : proceedings. Berlin: Springer-Verlag, 1994.
Znajdź pełny tekst źródłaCSIS Global Organized Crime Project. i Center for Strategic and International Studies (Washington, D.C.), red. Cybercrime-- cyberterrorism-- cyberwarfare--: Averting an electronic Waterloo. Washington, D.C: CSIS Press, 1998.
Znajdź pełny tekst źródłaPaget, François. Vers & virus: Classification, lutte anti-virale et perspectives. Paris: Dunod, 2005.
Znajdź pełny tekst źródła