Дисертації з теми "Security orchestration and automation"
Оформте джерело за APA, MLA, Chicago, Harvard та іншими стилями
Ознайомтеся з топ-50 дисертацій для дослідження на тему "Security orchestration and automation".
Біля кожної праці в переліку літератури доступна кнопка «Додати до бібліографії». Скористайтеся нею – і ми автоматично оформимо бібліографічне посилання на обрану працю в потрібному вам стилі цитування: APA, MLA, «Гарвард», «Чикаго», «Ванкувер» тощо.
Також ви можете завантажити повний текст наукової публікації у форматі «.pdf» та прочитати онлайн анотацію до роботи, якщо відповідні параметри наявні в метаданих.
Переглядайте дисертації для різних дисциплін та оформлюйте правильно вашу бібліографію.
Fernandes, Pereira Sonia, and Nejat Hamid. "Closed-Loop Orchestration Solution." Thesis, KTH, Hälsoinformatik och logistik, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-253005.
Повний текст джерелаDatornätverk utvecklas kontinuerligt och växer i storlek och komplexitet. Nyteknik införs som ytterligare ökar komplexiteten. Nätverksservice orkestrering handlar om att skicka ut konfiguration automatiskt till enheter i nätverket utan mänsklig in- blandning. Det kan finnas problem som gör att orkestreringen misslyckas. I många fall måste manuella åtgärder utföras för att lösa problemet, vilket är mycket motsä- gelsefullt, eftersom målet med orkestrering är att det ska vara fullt automatiserat. Det finns indikationer på att fel kan detekteras och hanteras av en återkopplings- mekanismen. Detta examensarbete syftar till att bygga på aktuell insikt, och om möj- ligt, verifiera att återkopplingsmekanismen är en möjlig metod. Efter överväganden på vilka olika sätt som projektmålet kunde uppnås föll valet på att skapa en testmiljö där ansatsen kunde testas. Testmiljön användes för att utreda om ett nätverksorkestreringssystem kan integreras med en återkopplings mekanism. Resultat av projektet presenterar ett sätt att automatiskt upptäcka ett nätverksfel och skicka återkoppling till ett nätverksorkestreringssystem. Nätverksorkestreraren kan sedan detektera och åtgärda felet.
Abdelmassih, Christian. "Container Orchestration in Security Demanding Environments at the Swedish Police Authority." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-228531.
Повний текст джерелаPopulariteten av containers och container-orkestrering inom molntjänster motiveras av många aspekter, från tekniska och organisatoriska till ekonomiska vinster. I detta klimat är även säkerhetskrävande organisationer intresserade av sådana teknologier men söker försäkran att deras kravbild går att möta. Syftet med denna avhandling var att utreda hur separation mellan applikationer kan nås vid användning av Docker och Kubernetes så att Polismyndighetens krav kan uppfyllas. Undersökningen omfattade en litterär studie av vetenskapliga publikationer och officiell dokumentation samt en teknisk studie med iterativt skapande av Kubernetes kluster med diverse variationer. En modell definierades för att representera kravbilden för ideal separation. Vidare så introducerades även ett system för klassificering av separationskrav hos applikationer. Resultatet omfattar tre förslag på arkitekturer för att uppnå segmentering av klusternätverk i Kubernetes, två föreslagna systemkomponenter för att uppfylla segmenteringen, och en strategi för att erbjuda värd-baserad separation mellan containers. Varje förslag evaluerades med hänsyn till lämplighet och risker för myndigheten och parter med liknande kravbild. Avhandlingens slutsats är att en mångsidig applikationsisolering kan uppnås i Docker och Kubernetes. Därmed kan teknologierna uppnå en lämplig grad av separation för att kunna användas för säkerhetskrävande miljöer.
Compastié, Maxime. "Software-defined Security for Distributed Clouds." Thesis, Université de Lorraine, 2018. http://www.theses.fr/2018LORR0307/document.
Повний текст джерелаIn this thesis, we propose an approach for software-defined security in distributed clouds. More specifically, we show to what extent this programmability can contribute to the protection of distributed cloud services, through the generation of secured unikernel images. These ones are instantiated in the form of lightweight virtual machines, whose attack surface is limited and whose security is driven by a security orchestrator. The contributions of this thesis are threefold. First, we present a logical architecture supporting the programmability of security mechanims in a multi-cloud and multi-tenant context. It permits to align and parameterize these mechanisms for cloud services whose resources are spread over several providers and tenants. Second, we introduce a method for generating secured unikernel images in an on-the-fly manner. This one permits to lead to specific and constrained resources, that integrate security mechanisms as soon as the image generation phase. These ones may be built in a reactive or proactive manner, in order to address elasticity requirements. Third, we propose to extend the TOSCA orchestration language, so that is is possible to generate automatically secured resources, according to different security levels in phase with the orchestration. Finally, we detail a prototyping and extensive series of experiments that are used to evaluate the benefits and limits of the proposed approach
Nejman, Dawid. "Automation of data processing in the network of geospatial web services." Thesis, Blekinge Tekniska Högskola, Institutionen för datalogi och datorsystemteknik, 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-4029.
Повний текст джерелаContact details: email: dawidnejman@gmail.com phone: +48 511-139-190
Pattaranantakul, Montida. "Moving towards software-defined security in the era of NFV and SDN." Thesis, Université Paris-Saclay (ComUE), 2019. http://www.theses.fr/2019SACLL009/document.
Повний текст джерелаThis thesis is intended to explore security issues in the virtualized and software-defined world, and starts with two important hypotheses: (1) SDN and NFV offer plenty of opportunities for us to rethink security management in the new networking paradigms; (2) both legacy and new security threats and vulnerabilities in NFV/SDN enabled environments need to be sufficiently addressed in order to pave the way for their further development and deployment. To validate the hypotheses, we carry out an in-depth study on NFV/SDN from security perspective, including its architecture, management and orchestration (MANO) framework, and use cases, leading to two major contributions, (1) a security management and orchestration framework (called SecMANO) based on NFV MANO, which has the potential to manage a set of policy-driven security mechanisms, such as access control, IDS/IPS, network isolation, data protection; (2) a comprehensive threat analysis on five NFV use cases and the state-of-the-art security countermeasures, resulting in a NFV layer-specific threat taxonomy and a set of security recommendations on securing NFV based services.We believe that both of the two contributions lay down a foundation for security research in NFV/SDN domain. In particular, based on the two contributions, we further develop a security orchestrator as an extension of available NFV orchestrator, with an objective to enabling the basic security functions to be effectively orchestrated and provided as on-demand services to the customers, meanwhile allowing high-level security policies to be specified and enforced in a dynamic and flexible way. Specifically, a software-defined access control paradigm is implemented and prototyped with OpenStack and Tacker (a NFV orchestrator using TOSCA model), which allows the security administrators to dynamically customize the access control models and policies for different tenant domains, eventually achieving flexible and scalable protection across different layers and multiple cloud data centers. Both prototype of concept and real-life experiments on testbed have been carried out, clearly demonstrating the feasibility and effectiveness of our security orchestrator.In addition, as our NFV cross-layer threat taxonomy indicates, a large set of novel threats will be introduced, among which VNF (Virtualized Network Function) is a unique and important asset that deserves careful protection. The fourth contribution of this thesis is therefore devoted to achieving secure and dependable SFC (Service Function Chaining) in NFV and SDN environment. Specifically, an identity-based ordered multisignature scheme called SecSFC is designed and applied to ensure that, (1) each service function involved in a particular service chain is authenticated and legitimate; (2) all the service functions are chained in a consistent, optimal, and reliable way, meeting with the pre-defined high-level specifications like VNF Forwarding Graph. Both theoretical security analysis and experimental results demonstrate that our scheme can effectively defend against a large set of destructive attacks like rule modification and topology tempering, moving an important step towards secure and dependable SFC. Importantly, the signature construction and validation process is lightweight, generating compact and constant-size keys and signatures, thereby only incurring minimal computational overhead and latency
Thakur, Ritika. "Access control model to support orchestration of CRUD expressions." Master's thesis, Universidade de Aveiro, 2015. http://hdl.handle.net/10773/18452.
Повний текст джерелаAccess Control is a sensitive and crucial aspect when it comes to securing the data present in the databases. In an application which is driven by Create, Read, Update and Delete (CRUD) expressions, users can execute a single CRUD expression or a sequence of CRUD expressions to achieve the desired results. In such type of applications, the Access Control is not just Iimited to authorizing the subject for accessing the object, but it also aims to authorize and validate the operations that a subject can perform on the data after the authorization. Current Access Control models are generally concerned with restricting the access to the resources. However, once the subject is authorized, there are no restrictions on the actions a subject can perform on the resources. In this work an Access Control Model has been presented which extends current Access Control model's features to provide an environment where a set of predefined policies are implemented as graphs of CRUD expressions. The design of the access control policies is based on the CRUD expressions that a user needs to execute to complete a task. These graphs of CRUD expressions are hence used for controlling and validating the actions that can be performed on authorized information. In order to reuse the policies, presented model allows the inter execution of the policies based on some predefined rules. The aim of the present thesis work is to provide a structure which allows the application users to only execute the authorized sequences of CRUD expressions in a predefined order and allows the security experts to design the policies in a flexible way through the graph data structure. As a proof of concept, Role based Access Control model (RBAC) has been taken as a reference access control model and the base for this work is chosen as Secured, Distributed and Dynamic RBAC (S-DRACA) which allowed the sequence of CRUD expressions to be executed in single direction.
O controlo de acesso é um aspecto sensível e crucial quando se fala de proteger dados presentes em base de dados. Em aplicações que assentam numa base de dados baseadas em expressões Creafe, Read, Update e Delefe (CRUD) , os utilizadores podem executar uma ou uma sequência de expressões CRUD para obter um dado resultado. Neste tipo de aplicações o controlo de acesso não é limitado apenas a autorizar o acesso a um objecto por um sujeito, mas também a autorizar e validar as operações que o sujeito pode fazer sobre os dados depois de obter autorização. Os modelos atuais de controlo de acesso geralmente focamse em restringir o acesso aos recursos CRUD a CRUD. No entanto, logo que o sujeito é autorizado, não há restrições sob as ações que este pode efetuar sobre esses recursos. Neste trabalho é apresentado um modelo de controlo de acesso que extende as funcionalidades dos modelos de controlo de acesso atuais para fornecer um ambiente onde um conjunto de politicas predefinidas são implementadas como grafos de expressões CRUD. Estes grafos de expressões CRUD são considerados como sequências que atuam como politicas guardadas e preconfiguradas. O design das sequências é baseado nas operações que o utilizador deseja efetuar para obter um dado resultado. Estas sequências de expressões CRUD são assim usadas para controlar e validar as ações que podem ser efetuadas sobre a informação armazenada. De forma a reusar estas políticas, o modelo apresentado define o uso de execuçao externa de políticas configuradas. O objetivo do trabalho nesta tese é fornecer uma estrutura que permite aos utilizadores de aplicações apenas executarem sequências autorizadas de expressões CRUD numa ordem predefinida e permitir aos administradores de sistema de desenharem politicas de uma forma flexível através de estruturas de grafos. Como prova de conceito, o modelo Role Based Access Control (RBAC) foi tido como referência para o modelo de controlo de acesso e para a base deste trabalho foi escolhido o S-DRACA que permite sequências de expressões CRUD de serem executadas por ordem.
Chollet, Stéphanie. "Orchestration de services hétérogènes et sécurisés." Grenoble 1, 2009. http://www.theses.fr/2009GRE10283.
Повний текст джерелаService-oriented Computing (SOC) has appeared recently as a new software engineering paradigm. The very purpose of this reuse-based approach is to build applications through the late composition of independent software elements, called services, which are made available at run-time by internal or external providers. SOC brings properties of major interest. First, it supports rapid application development. Using existing, already tested, services is likely to reduce the time needed to build up an application and the overall quality of this application. SOC also improves software flexibility through late binding. A service to be used by an application is chosen at the last moment, based on its actual availability and on its properties at that moment. The service orientation has also to face thorny problems, as in any reuse-based approach. In this work, we focus on two major issues: the integration of heterogeneous service-oriented technologies and the management of security aspects when invoking a service. Security is actually a major concern to SOC practitioners. SOC technologies have allowed companies to expose applications, internally and externally, and, for that reason are heavily used. However, in some distributed environments, software services and process engines can be alarmingly vulnerable. Service-based processes can expose organizations to a considerable amount of security risk and dependability degradation. We propose to use a model-driven approach for solving this problem. During system design, paradigms such as abstraction, separation of concerns and language definition are used to define a model of the service composition with security properties. This model is transformed into an execution model. We present a generative environment applying these principles for service composition. This environment has been built as part of the SODA European project and validated on several industrial use cases
Zerkane, Salaheddine. "Security Analysis and Access Control Enforcement through Software Defined Networks." Thesis, Brest, 2018. http://www.theses.fr/2018BRES0057/document.
Повний текст джерелаSoftware Defined Networking (SDN) is an emerging paradigm that promises to resolve the limitations of the conventional network architecture.SDN and cyber security have a reciprocal relationship. In this thesis, we study and explore two aspects of this relationship. On the one hand, we study security for SDN by performing a vulnerability analysis of SDN. Such security analysis is a crucial process in identifying SDN security flaws and in measuring their impacts. It is necessary for improving SDN security and for understanding its weaknesses.On the other hand, we explore SDN for security. Such an aspect of the relationship between SDN and security focusses on the advantages that SDN brings into security.The thesis designs and implements an SDN stateful firewall that transforms the Finite State Machine of network protocols to an SDN Equivalent State Machine. Besides, the thesis evaluates SDN stateful firewall and NetFilter regarding their performance and their resistance to Syn Flooding attacks.Furthermore, the thesis uses SDN orchestration for policy enforcement. It proposes a firewall policy framework to express, assess, negotiate and deploy firewall policies in the context of SDN as a Service in the cloud
Gill, Khusvinder. "Enhancing the security of wireless sensor network based home automation systems." Thesis, Loughborough University, 2009. https://dspace.lboro.ac.uk/2134/5951.
Повний текст джерелаPeacock, Matthew. "Anomaly Detection in BACnet/IP managed Building Automation Systems." Thesis, Edith Cowan University, Research Online, Perth, Western Australia, 2019. https://ro.ecu.edu.au/theses/2178.
Повний текст джерелаSchnepf, Nicolas. "Orchestration et vérification de fonctions de sécurité pour des environnements intelligents." Thesis, Université de Lorraine, 2019. http://www.theses.fr/2019LORR0088/document.
Повний текст джерелаSmart environments, in particular smartphones, are the target of multiple security attacks. Moreover, the deployment of traditional security mechanisms is often inadequate due to their highly constrained resources. In that context, we propose to use chains of security functions which are composed of several security services, such as firewalls or antivirus, automatically configured and deployed in the network. Chains of security functions are known as being error prone and hard to validate. This difficulty is caused by the complexity of these constructs that involve hundreds and even thousands of configuration rules. In this PhD thesis, we propose the architecture of an orchestrator, exploiting the programmability brought by software defined networking, for the automated configuration and deployment of chains of security functions. It is important to automatically insure that these security chains are correct, before their deployment in order to avoid the introduction of security breaches in the network. To do so, our orchestrator relies on methods of automated verification and synthesis, also known as formal methods, to ensure the correctness of the chains. Our work also consider the optimization of the deployment of chains of security functions in the network, in order to maintain its resources and quality of service
Habeeb, Richard. "Improving the Security of Building Automation Systems Through an seL4-based Communication Framework." Scholar Commons, 2018. http://scholarcommons.usf.edu/etd/7161.
Повний текст джерелаJose, Arun Cyril. "Intelligent home automation security system based on novel logical sensing and behaviour prediction." Thesis, University of Pretoria, 2017. http://hdl.handle.net/2263/65012.
Повний текст джерелаThesis (PhD)--University of Pretoria, 2017.
Electrical, Electronic and Computer Engineering
PhD
Unrestricted
Costley, Austin D. "Platform Development and Path Following Controller Design for Full-Sized Vehicle Automation." DigitalCommons@USU, 2017. https://digitalcommons.usu.edu/etd/6429.
Повний текст джерелаMekki, Mohamed-Anis. "Synthèse et compilation de services web sécurisés." Thesis, Nancy 1, 2011. http://www.theses.fr/2011NAN10123/document.
Повний текст джерелаAutomatic composition of web services is a challenging task. Many works have considered simplified automata models that abstract away from the structure of messages exchanged by the services. For the domain of secured services we propose a novel approach to automated composition of services based on their security policies. Given a community of services and a goal service, we reduce the problem of composing the goal from services in the community to a security problem where an intruder we call mediator should intercept and redirect messages from the service community and a client service till reaching a satisfying state. We have implemented the algorithm in AVANTSSAR Platform and applied the tool to several case studies. Then we present a tool that compiles the obtained trace describing the execution of a the mediator into its corresponding runnable code. For that we first compute an executable specification as prudent as possible of her role in the orchestration. This specification is expressed in ASLan language, a formal language designed for modeling Web Services tied with security policies. Then we can check with automatic tools that this ASLan specification verifies some required security properties such as secrecy and authentication. If no flaw is found, we compile the specification into a Java servlet that can be used by the mediatior to lead the orchestration
Janes, Ricardo. "Estudo sobre sistemas de segurança em instalações elétricas automatizadas." Universidade de São Paulo, 2009. http://www.teses.usp.br/teses/disponiveis/3/3143/tde-29062009-181507/.
Повний текст джерелаThis work presents a study of the main security systems used in automatized electric installations, with approach in the physical access control, using biometric technologies. The main characteristics of the security systems applied to the detection and fire combat, to the physical access control, to the internal and external security control, as closed-circuits television and perimetral security control, and the biometric technologies are presented in this work that can be used for the people access control. The development of a low cost prototype is presented, using biometric technology for the physical access control, as well as the main advantages and disadvantages, algorithms and cost-benefit relations for the use of biometry in security systems. The study shows that the use of the biometry as tool for the existing security systems improvement is a world-wide trend, however, an increasing concern exists of the people biometric information confidentiality.
Allwood, Gary Andrew. "Intensity based interrogation of optical fibre sensors for industrial automation and intrusion detection systems." Thesis, Edith Cowan University, Research Online, Perth, Western Australia, 2015. https://ro.ecu.edu.au/theses/1702.
Повний текст джерелаJonnalagadda, Hari Krishna. "Secure Communication Scheme in Smart Home Environment." Scholar Commons, 2016. http://scholarcommons.usf.edu/etd/6270.
Повний текст джерелаLee, Kum-Yu Enid. "Privacy and security of an intelligent office form." Thesis, Kansas State University, 1986. http://hdl.handle.net/2097/9930.
Повний текст джерелаErturk, Volkan. "A Framework Based On Continuous Security Monitoring." Master's thesis, METU, 2008. http://etd.lib.metu.edu.tr/upload/12610139/index.pdf.
Повний текст джерелаPan, Zhiwen, and Zhiwen Pan. "A Context Aware Anomaly Behavior Analysis Methodology for Building Automation Systems." Diss., The University of Arizona, 2017. http://hdl.handle.net/10150/625624.
Повний текст джерелаRomandini, Nicolò. "Evaluation and implementation of reinforcement learning and pattern recognition algorithms for task automation on web interfaces." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2021.
Знайти повний текст джерелаWang, Xiaolong. "A Secure Computing Platform for Building Automation Using Microkernel-based Operating Systems." Scholar Commons, 2018. https://scholarcommons.usf.edu/etd/7589.
Повний текст джерелаAslam, Mudassar. "Bringing Visibility in the Clouds : using Security, Transparency and Assurance Services." Doctoral thesis, Mälardalens högskola, Akademin för innovation, design och teknik, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:mdh:diva-25376.
Повний текст джерелаChristiaens, Steven A. "Evaluating the Security of Smart Home Hubs." BYU ScholarsArchive, 2015. https://scholarsarchive.byu.edu/etd/5631.
Повний текст джерелаSun, Luyi. "SCLEX-Lang : A Threat Modeling Language for Substation Automation Systems." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-286831.
Повний текст джерелаEnergisystemen i industrin i dag antar automatiserade transformatorstationer på grund av en växande tendens till digitalisering. Automatisering av transformatorstationer har väldigt minskat interventionen från såväl mänskliga som drifts-och underhållskostnader. Även om det har medfört fördelar uppstår nya utmaningar när det gäller säkerhetsmässiga sårbarheter, vilket kan ge möjligheter för angripare att fördärva hela system och tjuvlyssna kommunikation. För att hålla de automatiserade transformatorstationerna säkra och fria från angripare är hotmodell en av de alternativa metoder som kan användas för att utföra attacksimulering och bedöma systemens säkerhet. KTH har utvecklat Meta Attack Language, en ram för att konstruera domänspecifika språk där hotmodeller kan framställas, på grund av vilka attackgraf kommer att skapas och angrepp kan simuleras. Det är en ram för utvecklare som underlättar för dem att skapa attackgraf med nya språk. Meta Attack Language har tillämpats på olika dömäner vid det här laget, såsom fordons-IT och Amazon Web Services. Avhandlingen genomförs hos ABB, som utvidgar SCLLang och ABB:s tidigare arbete med det befintliga säkerhetsbedömningsverktyget, och gör hotmodeller särskilt för automatisering av transformatorstationer. Den sista hotmodellen används för att bedöma säkerheten av produkter hos ABB, som också kommer att tjäna som grund för ytterligare utvidgning av företaget.
Mitchell, Samuel A. "Ground Vehicle Platooning Control and Sensing in an Adversarial Environment." DigitalCommons@USU, 2016. https://digitalcommons.usu.edu/etd/5021.
Повний текст джерелаDutson, Jonathan William. "Managing Two-Factor Authentication Setup Through Password Managers." BYU ScholarsArchive, 2020. https://scholarsarchive.byu.edu/etd/8976.
Повний текст джерелаBardas, Alexandru Gavril. "Evaluating and quantifying the feasibility and effectiveness of whole IT system moving target defenses." Diss., Kansas State University, 2016. http://hdl.handle.net/2097/32570.
Повний текст джерелаComputing and Information Sciences
Scott A. DeLoach
Xinming (Simon) Ou
The Moving Target Defense (MTD) concept has been proposed as an approach to rebalance the security landscape by increasing uncertainty and apparent complexity for attackers, reducing their window of opportunity, and raising the costs of their reconnaissance and attack efforts. Intuitively, the idea of applying MTD techniques to a whole IT system should provide enhanced security; however, little research has been done to show that it is feasible or beneficial to the system’s security. This dissertation presents an MTD platform at the whole IT system level in which any component of the IT system can be automatically and reliably replaced with a fresh new one. A component is simply a virtual machine (VM) instance or a cluster of instances. There are a number of security benefits when leveraging such an MTD platform. Replacing a VM instance with a new one with the most up-to-date operating system and applications eliminates security problems caused by unpatched vulnerabilities and all the privileges the attacker has obtained on the old instance. Configuration parameters for the new instance, such as IP address, port numbers for services, and credentials, can be changed from the old ones, invalidating the knowledge the attackers already obtained and forcing them to redo the work to re-compromise the new instance. In spite of these obvious security benefits, building a system that supports live replacement with minimal to no disruption to the IT system’s normal operations is difficult. Modern enterprise IT systems have complex dependencies among services so that changing even a single instance will almost certainly disrupt the dependent services. Therefore, the replacement of instances must be carefully orchestrated with updating the settings of the dependent instances. This orchestration of changes is notoriously error-prone if done manually, however, limited tool support is available to automate this process. We designed and built a framework (ANCOR) that captures the requirements and needs of a whole IT system (in particular, dependencies among various services) and compiles them into a working IT system. ANCOR is at the core of the proposed MTD platform (ANCOR-MTD) and enables automated live instance replacements. In order to evaluate the platform’s practicality, this dissertation presents a series of experiments on multiple IT systems that show negligible (statistically non-significant) performance impacts. To evaluate the platform’s efficacy, this research analyzes costs versus security benefits by quantifying the outcome (sizes of potential attack windows) in terms of the number of adaptations, and demonstrates that an IT system deployed and managed using the proposed MTD platform will increase attack difficulty.
Жуковський, Андрій Віталійович. "Система автоматизації адміністрування сайту". Bachelor's thesis, КПІ ім. Ігоря Сікорського, 2020. https://ela.kpi.ua/handle/123456789/37533.
Повний текст джерелаDiploma Thesis (Bachelor’s Thesis): 118 p., 40 fig., 10 tabl., 3 annexes, 26 sources. The purpose of the work is to develop a system of automation of site administration for the provision of sports services in the Ukrainian market. The research and analysis of the market of sports services, methods and methodologies for automation of administration and identification of functions necessary for solving administrative problems are carried out in the work. The study identified the necessary functions to reduce the time and resources spent on administrative operations, both on the part of the administration and on the part of users. A web service for managing, processing and entering data with the necessary functions for automation of administration was implemented, as well as a web interface that interacts with the web service. It is planned to develop work in the direction of growing functionality, as well as the transition to native applications of different platforms.
Giallorenzo, Saverio. "Workflow Patterns for Service Oriented Computing in JOLIE." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2012. http://amslaurea.unibo.it/3870/.
Повний текст джерелаŠabart, Otto. "Testování Open vSwitch a DPDK." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2017. http://www.nusl.cz/ntk/nusl-363892.
Повний текст джерелаViggiani, Fabio. "Design and implementation of a non-aggressive automated penetration testing tool : An approach to automated penetration testing focusing on stability and integrity for usage in production environments." Thesis, KTH, Radio Systems Laboratory (RS Lab), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-122906.
Повний текст джерелаDet här examensarbete fokuserar i automatiserade penetrationstester. Penetrationstester används av säkerhetsspecialister för att bedöma säkerheten i ett system. Processen av ett penetrationstest består av olika attacker mot ett system för att hitta säkerhetshål. Automatiserade penetrationstester har fördelar som faktumet att det kostar mindre i tid och i mänskliga resurser som krävs. Trots att det finns många olika automatiserade verktyg för penetrationstestning, väljer många säkerhetsspecialister att göra det manuellt. Den största anledningen till att det görs manuellt är för att automatiserade verktygen använder sig av tekniker som kan kompromissa systemets stabilitet samt integritet. Det tillåts ofta inte, eftersom majoriteten av penetrationstesterna utförs i produktionsmiljöer som kräver hög tillgänglighet. Målet för det här examensarbetet är att introducera ett nytt tillvägagångssätt för automatiserad penetrationstestning, som inriktar sig på att ta fram användbara resultat utan tekniker som kan störa system under drift. Genom att undersöka procedurerna, utmaningarna samt vad som en penetrationstestare tar hänsyn till kommer ett verktyg designas och implementeras för att automatisera flödet av ett icke-aggressivt test. Resultatet av examensarbetet visar på att verktyget utvecklat kan uppnå samma resultat som de standardiserade penetrations-procedurerna givet begränsad tillgång till systemet.
Kahlström, Joakim, and Johan Hedlin. "Automating software installation for cyber security research and testing public exploits in CRATE." Thesis, Linköpings universitet, Databas och informationsteknik, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-177401.
Повний текст джерелаHrozek, Jakub. "Penetrační testování open-source software." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2010. http://www.nusl.cz/ntk/nusl-237145.
Повний текст джерелаAvanesov, Tigran. "Résolution de contraintes de déductibilité : application à la composition de services Web sécurisés." Phd thesis, Université Henri Poincaré - Nancy I, 2011. http://tel.archives-ouvertes.fr/tel-00641237.
Повний текст джерелаKero, Chanelle. "A Literature Review of Connected and Automated Vehicles : Attack Vectors Due to Level of Automation." Thesis, Luleå tekniska universitet, Institutionen för system- och rymdteknik, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-80322.
Повний текст джерелаTroják, Pavel. "Přístupové a zabezpečovací systémy v automatizaci budov." Master's thesis, Vysoké učení technické v Brně. Fakulta strojního inženýrství, 2009. http://www.nusl.cz/ntk/nusl-228599.
Повний текст джерелаOttosson, Henrik, and Per Lindquist. "Penetration testing for the inexperienced ethical hacker : A baseline methodology for detecting and mitigating web application vulnerabilities." Thesis, Linköpings universitet, Databas och informationsteknik, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-148581.
Повний текст джерелаAtt ha en gedigen metodologi för att försvara mot attacker är avgörande för att upprätthålla säkerheten i webbapplikationer, både vad gäller applikationen själv och dess användare. Penetrationstestning (eller etisk hacking) har länge varit en av de främsta metoderna för att upptäcka sårbarheter mot sådana attacker, men det är kostsamt och kräver stor personlig förmåga och kunskap. Eftersom denna expertis förblir i stor utsträckning individuell och odokumenterad, fortsätter industrin vara baserad på expertis. En brist på omfattande metodiker på nivåer som är tillgängliga för oerfarna etiska hackare är tydligt observerbar. Även om försök att automatisera processen har givit visst resultat är automatiserade verktyg ofta specifika för vissa typer av sårbarheter och lider av bristande flexibilitet. En tydlig, enkel och övergripande metodik som använder sig av automatiska sårbarhetsverktyg och kompletterande manuella metoder är därför nödvändig för att få till en grundläggande och heltäckande säkerhetsnivå. Denna masteruppsats beskriver konstruktionen av en sådan metodik. För att definiera metodologin genomfördes en litteraturstudie för att identifiera de typer av sårbarheter som är mest kritiska för webbapplikationer, samt tillämpligheten av automatiserade verktyg för var och en av dessa sårbarhetstyper. Verktygen i fråga testades mot olika befintliga applikationer, både mot avsiktligt sårbara, och sådana som var utvecklade med syfte att vara säkra. Metodiken konstruerades som en fyrstegsprocess: manuell granskning, sårbarhetstestning, riskanalys och rapportering. Vidare definierades sårbarhetstestningen som en iterativ process i tre delar: val av verkyg och metoder, sårbarhetsprovning och sårbarhetsverifiering. För att verifiera metodens tillräcklighet användes metoder såsom peer-review och fältexperiment.
Dušek, Daniel. "Automatizace penetračního testování webových aplikací." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2019. http://www.nusl.cz/ntk/nusl-403167.
Повний текст джерелаValičková, Monika. "Řízení bezpečnosti inteligentní domácnosti." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2018. http://www.nusl.cz/ntk/nusl-378362.
Повний текст джерелаДудик, Василь Юрійович, та Vasyl Dudyk. "Розробка та дослідження автоматизованої системи безпеки офісного приміщення на базі ультразвукового та контактних давачів". Master's thesis, Тернопільський національний технічний університет ім. І. Пулюя, Факультет прикладних інформаційних технологій та електроінженерії, Кафедра автоматизації технологічних процесів і виробництв, 2020. http://elartu.tntu.edu.ua/handle/lib/33272.
Повний текст джерелаУ даній кваліфікаційній роботі розроблено складальні креслення автоматичних офісних дверей, систему управління дверима, яка включає також блок контролю доступу в приміщення. Крім того досліджено, що загальна ймовірність зондування покращується за рахунок використання декількох датчиків, що мають механізму збільшення сигналізування. Результатом є вища вартість завдяки використанню декількох датчиків, схем підсилювача та схеми сигналізації. Проте це дозволяє підвищувати надійність та значно зменшує кількість помилкових тривог із системи офісного спостереження.
In this qualification work, assembly drawings of automatic office doors, a door control system, which also includes a control unit for access to the premises. In addition, it was investigated that the overall probability of sounding is improved through the use of several sensors with a mechanism to increase the signaling. The result is a higher cost due to the use of multiple sensors, amplifier circuits and signaling circuits. However, this increases reliability and significantly reduces the number of false alarms from the office surveillance system.
ВCТYП 4 1 АНАЛІТИЧНА ЧАСТИНА 5 1.1 Аналіз відомих технічних рішень з питань автоматизації технологічного процесу 5 1.2 Обґрунтування актуальності автоматизації вибраного напрямку розробки 8 2 ТЕХНОЛОГІЧНА ЧАСТИНА 11 2.1 Аналіз вихідних даних на проектування і розробка технічного завдання на проектування 11 2.2. Опис структурної та кінематичної схем системи 12 2.3 Опис алгоритму роботи автоматичної системи 14 3. КОНСТРУКТОРСЬКА ЧАСТИНА 18 3.1 Розробка електричної принципової схеми системи керування електродвигунами 18 3.2 Алгоритми керуючої програми 27 3.3. Розробка керуючої програми 33 4 НAYКOВO-ДOCЛІДНA ЧACТИНA 37 4.1 Дослідження застосування механізму збільшення сигналізування ультразвукових давачів 37 4.1.1 Механізм сигналізування 38 4.1.1 Архітектура системи 40 5 CПЕЦІAЛЬНA ЧACТИНA 48 5.1 Модулювання вимірювання в приміщенні 48 6 OХOPOНA ПPAЦІ ТA БЕЗПЕКA В НAДЗВИЧAЙНИХ CИТYAЦІЯХ 54 6. Охорона праці та безпека в надзвичайних ситуаціях 54 6.1 Заходи з охорони праці 54 6.1.1 Характеристика пристрою та корекція його конструкції з точки зору охорони праці 54 6.1.2 Розрахунок захисного заземлення для пристрою управління автоматичними дверима 55 6.2 Заходи з безпеки в надзвичайних ситуаціях 58 6.2.1 Обгрунтування необхідності і доцільності підвищення стійкості роботи підприємств в умовах надзвичайних ситуацій 58 6.2.2 Оцінка стійкості підприємства до дії ударної хвилі ядерного вибуху. 59 ВИCНOВКИ (62)3 ПЕPЕЛІК ПOCИЛAНЬ (63)4 ДОДАТКИ (66)7
Horn, Christian [Verfasser], Jörg [Akademischer Betreuer] Krüger, Jean-Pierre [Akademischer Betreuer] Seifert, Jörg [Gutachter] Krüger, Jean-Pierre [Gutachter] Seifert, and Michael [Gutachter] Meier. "Information security for industrial applications : detection of anomalous values in industrial automation technology infrastructures / Christian Horn ; Gutachter: Jörg Krüger, Jean-Pierre Seifert, Michael Meier ; Jörg Krüger, Jean-Pierre Seifert." Berlin : Technische Universität Berlin, 2019. http://d-nb.info/1191256537/34.
Повний текст джерелаFältros, Jesper, Isak Alinger, and Bergen Axel von. "Safety risks with ZigBee smart devices : Identifying risks and countermeasures in ZigBee devices with an eavesdropping experiment." Thesis, Tekniska Högskolan, Jönköping University, JTH, Datateknik och informatik, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:hj:diva-49630.
Повний текст джерелаCarohl, Qvist Amanda. "IOT inom hemautomation : Jämförande av open-source kontrollers." Thesis, Högskolan i Skövde, Institutionen för informationsteknologi, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-18922.
Повний текст джерелаInternet of Things (IoT) and home automation means the opportunity to connect various devices in a home to the Internet, which has the goal of facilitating and making consumers’ everyday lives more comfortable. For example, home automation could be about locking doors and lighting lamps from a single device (the controller), which may make it easier for the consumer since the consumer does not have to go to each device to perform the desired activity. Controllers are the part of a home automation IoT-system that acts as an interface between the consumer and the devices.Open-source offers consumers a freer use of products, due to its open-source code. Many problems and issues that arise in connection with these products originate in the field of security, as well as what distinguishes the products in terms of security.This study has collected six open-source controllers and conducted a comparison to identify which controllers achieve security regarding confidentiality, integrity and availability. This has been done by identifying the values that appear in previous articles where security is evaluated for IoT and home automation, and controllers.This study links identified values with the CIA model, which stands for confidentiality, integrity, and availability. In accordance with the CIA model, a result is presented where the study’s current controllers show to what level they maintain the CIA model, based on the identifies values established. The controllers that appears in this study are Home Genie, OpenHAB, Home Assistant, Domoticz, Calaos, and Pimatic.This study’s results are obtained through a literary study of 25 studies, and 12 additional technical documentations and information through forums for all the associated controllers. All studies have been retrieved from the Google Scholar database, IEEE Xplore, and ACM Digital Library, and subsequently analyzed and thematically coded for further information. In total, the material of this study has been selected in five steps to ensure relevant material that meets this study’s criteria and objectives for content. This study’s results present an overview that provides knowledge about compared controllers, specifically in connection with the CIA model which highlights the products in the field of security, regarding confidentiality, integrity, and availability.
Pathan, Sakib, and Erik Stenström. "Säkerhetsfrågor beträffande Sakernas Internet med fokus på fastighetsinfrastruktur." Thesis, KTH, Data- och elektroteknik, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-168949.
Повний текст джерелаThis project presents an analysis of the security regarding some of the controllers which are used in real estates managed by Riksbyggen. The controllers are used to control different parts of a property, such as lighting and temperature. In most cases, the controllers are reached via their own public IP address, while some manufacturers have a cloud service for their controllers. The purpose with this project has been to examine the different controllers’ security, discover weaknesses and provide suggestions for improvements to these. In addition, examples are also given on how smart homes can be built. The study has been made in several ways, partly with the help of controlled attacks but also by gathering information about the controllers and how they operate. Based on the studies that were made, a number of weaknesses have been observed, including passwords’ strength and encryption of these. General suggestions for improvements have been given to reduce the vulnerability for possible attacks that may occur in the future.
Fontana, Caio Fernando. "Metodologia para a implantação dos processos da cadeia logística segura." Universidade de São Paulo, 2009. http://www.teses.usp.br/teses/disponiveis/3/3143/tde-12082010-120918/.
Повний текст джерелаThe development of the Methodology for the Implantation of the Processes of the Safe Logistic Chain aims at to establish parameters and methodology for application of the diverse concepts and programs of security for the foreign commerce being aimed at the load control that come being implemented for agencies of government and international organisms. These programs have as focus the control on the processes of load movement, through the use of technology applied to the not intrusive inspection of load, electronic tracking and sealing waxes, systems of electronic exchange of information and the systemic integration of these components. In such a way, this thesis searchs to demonstrate as the considered model will impact in the fiscal and customs controls as well as in the improvement of the logistic flows. The considered model is anchored in the lines of direction of security established by the Organização Munidal das Aduanas (OMA) through the SAFE Frameworks of Standards through the International Maritime Organization (IMO), through the International Code of Security and Protection the Ships and Port Installations (ISPS-Code), for the Government of the United States of America through Container Security Initiative (CSI) and of Safe Ports Act, for the Secretariat of the Brazilian Federal Prescription through the Plano Nacional de Segurança Aduaneira (PNSA) of Nota Fiscal Eletrônica (NFe) and Conhecimento de Trânsito Eletrônico (CTe) in set with the Secretarias de Fazenda Estaduais, as well as for the private sector who they come implemented initiatives directed to the control and monitorial of load through systems of Management of Risk and the systems of Tracking and Electronic Sealing waxes applied to loads and vehicles. For context effect, it will be presented the process of importation and exportation, its aspects of transport, load storage and manipulation, as well as a macro vision of the documentary flow and the intervening private public and involved in the process. To follow the proposals of regularization of the logistic process of chain will be presented insurance elaborated by Customs-Trade Partnership Against Terrorism (C-TPAT), Business Alliance will be Secure Commerce (BASC) and of the International Organization for Standardization (ISO) through the ISO 28000 and correlates. The operational model that will be formulated consists of the proposal of an integrated logistic control. This boarding has for objective to present the diverse characteristics of the modal load flows and type, that is granary, container and general load. The implementation of this model will provide to an increase of productivity of the sector therefore the adoption of measures of load control demands that the planning of the logistic operations is effected, followed and corrected whenever necessary. In such a way the sector of logistic could use this tool for the increase of productivity and consequence reduction of what is called as Custo Brasil. The implementation model will be formulated supported in four pillars: regularization of processes, regularization of technology, formularization of a model of Acreditação of modal process and entities for and/or area of performance and the formularization of a model of continuous evaluation of level of service of the companies and the process.
Pedretti, Andrea. "Design of a thermographic device and of the rugged frame of a radio-frequency spectrum analyzer." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2021. http://amslaurea.unibo.it/24654/.
Повний текст джерелаТурчин, Святослав Іванович, та Sviatoslav Turchin. "Розробка та дослідження автоматизованої системи охорони приміщення з функцією віддаленого управління та моніторингу". Master's thesis, Тернопільський національний технічний університет ім. І. Пулюя, Факультет прикладних інформаційних технологій та електроінженерії, Кафедра автоматизації технологічних процесів і виробництв, 2021. http://elartu.tntu.edu.ua/handle/lib/36714.
Повний текст джерелаМета кваліфікаційної роботи – розробка та дослідження системи охорони приміщення на основі мікрокомп’ютера Raspberry Pi використовуючи протокол бездротової передачі даних Zigbee з функцією віддаленого управління та моніторингу. Розроблена система не має недоліків проаналізованих актуальних систем охорони приміщень. В роботі досліджено дальність сигналу протоколу Zigbee, проведено розрахунок шумів та втрати для лінії. Розроблено та програмно реалізовано алгоритм роботи системи охорони за допомогою мови програмування JavaScript та середовища потокового програмування Node-RED. Розроблена панелі візуалізації системних даних та даних, отриманих від давачів на основі платформи Grafana. Розроблена система розрахована для житлових та офісних приміщень та не підходить для виробничих приміщень, лабораторій, а також установ з пожежонебезпечними та вибухонебезпечними речовинами.
The purpose of the qualification work is to develop and research a security system based on the Raspberry Pi microcomputer using the Zigbee wireless data transmission protocol with remote control and monitoring. The developed system does not have the defects of the analyzed current security systems. The signal range of the Zigbee protocol is investigated, noise and loss for the line are calculated. An algorithm for the operation of the security system using the JavaScript programming language and the Node-RED streaming programming environment has been developed and implemented. Developed panels for visualization of system data and data received from sensors based on the Grafana platform. The developed system is designed for residential and office rooms and is not suitable for industrial rooms, laboratories, as well as institutions with flammable and explosive substances.
Анотація 4 ЗМІСТ 5 ВСТУП 7 1. АНАЛІТИЧНА ЧАСТИНА 9 1.1 Аналіз та класифікація охоронних систем 9 1.2 Аналіз актуальних систем охорони приміщення 12 1.3 Актуальність виконання роботи 17 1.4 Методи вирішення поставленої задачі 18 1.5 Висновки та постановка задач на кваліфікаційну роботу 19 2. ТЕХНОЛОГІЧНА ЧАСТИНА 20 2.1 Дротові технології передачі даних 20 2.2 Бездротові технології передачі даних 24 3. НАУКОВО-ДОСЛІДНА ЧАСТИНА 29 3.1 Розрахунок дальності передачі сигналу протоколу 29 3.2 Розрахунок шумів 35 3.3 Розрахунок втрат у лінії 37 3.4 Розрахунок тривалості роботи системи від джерела безперебійного живлення 39 4. КОНСТРУКТОРСЬКА ЧАСТИНА 40 4.1 Вибір технічного забезпечення 40 4.2 Вибір програмного забезпечення 51 4.3 Аналіз об’єкта охорони 62 4.4 Проектування архітектури програмного забезпечення 66 5. СПЕЦІАЛЬНА ЧАСТИНА 68 5.1 Розробка алгоритму роботи системи охорони 68 5.2 Налаштування мікрокомп’ютера 69 5.3 Налаштування віддаленого сервера 83 5.4 Програмна реалізація алгоритму роботи системи охорони приміщення 89 5.5 Розробка панелі візуалізації системи охорони приміщення 105 6. ОХОРОНА ПРАЦІ ТА БЕЗПЕКА В НАДЗВИЧАЙНИХ СИТУАЦІЯХ 109 6.1 Охорона праці 109 6.2 Правила безпеки при експлуатації обладнання, що проектується 110 6.3 Розрахунок природнього освітлення для проектованої дільниці. 113 6.4 Основні заходи захисту населення і територій 115 6.5 Евакуаційні заходи 117 6.6 Розрахунок евакуаційних шляхів із виробничих приміщень (дільниці) цеху що проектується 119 6.7 Інженерний захист 125 ВИСНОВКИ 128 СПИСОК ВИКОРИСТАНОЇ ЛІТЕРАТУРИ 129 ДОДАТКИ 130
Шушарина, Е. Е., та E. E. Shusharina. "Методика предотвращения угроз информационной безопасности на предприятии : магистерская диссертация". Master's thesis, б. и, 2020. http://hdl.handle.net/10995/93449.
Повний текст джерелаThe relevance of the research topic is due to the lack of an integrated approach to preventing threats to information security of federal executive authorities and the continuous growth of the volume of processed information in tax authorities. The methodology for preventing threats to information security is appropriate for operation in practice, and will contribute not only to the rational use of working time, but also to maintain the state of information security at the informatization facility. The implementation of the project is aimed at strengthening information security control.