Дисертації з теми "Security-oriented management"

Service-oriented architectures (SOA), and in particular Web services, have quickly become a popular technology to connect applications both within and across enterprise boundaries. However, as services are increasingly used to implement critical functionality, security has become an important concern impeding the widespread adoption of SOA. Trust negotiation is an approach to access control that may be applied in scenarios where service requesters are often unknown in advance, such as for services available via the public Internet. Rather than relying on requesters' identities, trust negotiation makes access decisions based on the level of trust established between the requester and the provider in a negotiation, during which the parties exchange credentials, which are signed assertions that describe some attributes of the owner. However, managing the evolution of trust negotiation policies is a difficult problem that has not been sufficiently addressed to date. Access control policies have a lifecycle, and they are revised based on applicable business policies. Additionally, because a trust relationship established in a trust negotiation may be long lasting, their evolution must also be managed. Simply allowing a negotiation to continue according to an old policy may be undesirable, especially if new important constraints have been added. In this thesis, we introduce a model-driven trust negotiation framework for service-oriented applications. The framework employs a model for trust negotiation, based on state machines, that allows automated generation of the control structures necessary to enforce trust negotiation policies from the visual model of the policy. Our policy model also supports lifecycle management. We provide sets of operations to modify policies and to manage ongoing negotiations, and operators for identifying and managing impacts of changes to trust negotiation policies on ongoing trust negotiations. The framework presented in the thesis has been implemented in the Trust-Serv prototype, which leverages industry specifications such as WS-Security and WS-Trust to offer a container-centric mechanism for deploying trust negotiation that is transparent to the services being protected.

Security can play an important role in the development of some multi agent systems. However, a careful analysis of software development processes indicates that the definition of security requirements is, usually, considered after the design of the system. This approach, usually, leads to problems, such as conflicts between security and functional requirements, which can translate into security vulnerabilities. As a result, the integration of security issues in agent oriented software engineering methodologies has been identified as an important issue. Nevertheless, developers of agent oriented software engineering methodologies have mainly neglected security engineering and in fact very little evidence has been reported on work that integrates security issues into the development stages of agent oriented software engineering methodologies. This thesis advances the current state of the art In agent oriented software engineering in many ways. It identifies problems associated with the integration of security and software engineering and proposes a set of minimum requirements that a security oriented process should demonstrate. It extends the concepts and the development process of the Tropos methodology with respect to security to allow developers, even those with minimum security knowledge, to identify desired security requirements for their multi agent systems, reason about them, and as a result develop a system that satisfies its security requirements. In doing so, this research has developed (1) an analysis technique to enable developers to select amongst alternative architectural styles using as criteria the security requirements of the system, (2) a pattern language consisting of security patterns for multi agent systems, and (3) a scenario-based technique that allows developers to test the reaction of the system to potential attacks. The applicability of the approach is demonstrated by employing it in the development of the electronic single assessment process (eSAP) system, a real-life case study that provided the initial motivation for this research.

Les changements de contexte économiques imposent de nouvelles stratégies organisationnelles aux entreprises : recentrages métier et développement de stratégies de collaboration interentreprises. Ces tendances du marché laissent prévoir une croissance exponentielle d'écosystèmes de service accessibles à la fois aux clients finaux et aux partenaires. Tout laisse prévoir que ces écosystèmes s'appuieront largement sur les architectures orientées services permettant de construire des systèmes d'information capable d'avoir l'agilité requise et de supporter l'interconnexion des processus métier collaboratifs en composant dynamiquement les processus à partir de services distribués. Ce type d'architecture qui permet d'assurer l'alignement du système d'information sur les besoins métier de l'entreprise, rend indispensable la prise en compte des contraintes de sécurité tant au niveau individuel des services qu'au niveau de la composition. Dans un environnement de services distribués et dynamiques, la sécurité ne doit pas se limiter à fournir des solutions technologiques mais à trouver une stratégie de sécurité prenant en compte les dimensions métier, organisationnelle et technologique. En outre, la sécurité doit être appréhendée comme un processus continu qui vise l'optimisation des investissements de sécurité et assure la pérennité des mesures de sécurité mises en œuvre. Or les modèles et architectures de référence du domaine des services ont sous-estimé la définition des besoins en termes de sécurité, les biens à protéger et l'identification des risques pesant sur ces biens. Pour cela, nous proposons d'aborder la problématique de la sécurité par une approche de gestion des risques permettant d'identifier les différents types de risques et de proposer les mesures de sécurité les plus adéquates au contexte. Toutefois, la gestion des risques s'avère un vrai défi dans un environnement ouvert de services collaboratifs. En effet, les méthodes de gestion des risques développées dans le cadre des systèmes d'information ne répondent pas aux exigences de sécurité dans un environnement ouvert et ne sont pas adaptées aux environnements dynamiques. Pour pallier ces limites, nous proposons un cadre méthodologique de gestion de la sécurité portant sur les phases préparation, conception, exécution et supervision du cycle de vie des services. Nous proposons un modèle de services sécurisés permettant de définir des patrons de sécurité, un modèle de classification des biens à protéger et une ontologie pour définir les concepts associés à ces biens. En outre, nous développons une méthodologie de conception d'une architecture orientée services sécurisée puis abordons la construction de processus métier sécurisés avant de proposer un service de gestion des vulnérabilités de l'infrastructure.

This report describes the development of a RESTful web service for mobile applications. The web service makes resources from an existing system called kompetensdatabasen ("the competence database") available. Kompetensdatabasen holds information about the capabilities of consultants and about assignments carried out at the IT consultant business Nethouse AB. The web service was developed according to the principles of REST and ROA (Resource Oriented Architecture) which puts focus on making resources available. The resources are made available through the HTTP protocol and the methods associated with it. This means it was designed to use the same technologies as the world wide web. Following these principles when designing the system has been of great importance. To make sure that the service does not leak information to competing companies or violate the Personal Data Act some kind of solution for securing the service had to be implemented. A model for authentication was produced to make the system accessible only for employees of the company.
Rapporten beskriver utvecklandet av en RESTful web service för mobilapplikationer. Web servicen tillgängliggör resurser från ett befintligt system som kallas kompetensdatabasen. Kompetensdatabasen innehåller information om konsulters kompetenser och de uppdrag som utförts vid IT-konsultföretaget Nethouse AB. Web servicen utvecklades enligt principerna för REST och ROA (Resource Oriented Architecture) vilket innebär ett fokus på att tillgängliggöra resurser. Resurserna görs nåbara genom HTTP-protokollet och dess metoder, det vill säga samma tekniker som används på webben. Stor vikt har lagts på att designa systemet enligt dessa principer. För att servicen inte skulle läcka information till konkurrenter eller bryta mot personuppgiftslagen behövde någon form av säkerhetslösning implementeras. En autentiseringsmodell togs fram för att göra systemet nåbart enbart för anställda vid företaget.

Enforcing security policies to distributed systems is difficult, in particular, when a system contains untrusted components. We designed AspectKE*, a distributed AOP language based on a tuple space, to tackle this issue. In AspectKE*, aspects can enforce access control policies that depend on future behavior of running processes. One of the key language features is the predicates and functions that extract results of static program analysis, which are useful for defining security aspects that have to know about future behavior of a program. AspectKE* also provides a novel variable binding mechanism for pointcuts, so that pointcuts can uniformly specify join points based on both static and dynamic information about the program. Our implementation strategy performs fundamental static analysis at load-time, so as to retain runtime overheads minimal. We implemented a compiler for AspectKE*, and demonstrate usefulness of AspectKE* through a security aspect for a distributed chat system.

碩士
國立中山大學
資訊管理學系研究所
97
Information security, sometimes referred as enterprise security, plays a very important and professional role in the enterprises. Therefore, information security management is getting more and more popularity among the enterprises in recent years. Several aspects on information, such as technical documents, research and development plans, product quotations, are considered as core assets in one company. How to effectively manage and realize an information security system has become a key for a company’s survival. The international information security management standard, ISO 27001:2005, which includes personnel security, technology security, physical security and management security has been promulgated. When bringing in an information security management system, a company usually embraces the process-oriented approach which treats the system’s structure view and behavior view separately. Separating structure view from behavior view during the planning phase may cause many difficulties, such as uneven distribution of resources, poor safety performance, bad risk management, poor system management and so on, when working on the later realization and verification phase of the information security management system’s construction. Up to date, there is no enterprise architecture theory for information security management system. This research utilizes architecture-oriented modeling methodology so that structure view and behavior view are coalesced when decomposing the information security management system to obtain structural elements and behaviors deriving from interactions among these structure elements. By adopting structure behavior coalescence, abbreviated as SBC, which includes “architecture hierarchy diagram", "structure element diagram", "structure element service diagram", "structure element connection diagram", "structure behavior coalescence diagram", and "interactive flow diagram", this research constructs a complete architecture-oriented information security management model, abbreviated as AOISMM. This research is the first study using architecture-oriented approach to construct the information security management system. Also, AOISMM solves many difficulties caused by the process-oriented approach when constructing information security management systems. These are the contributions of this research.

碩士
國立中山大學
資訊管理學系研究所
103
Due to the trend of globalization, international trade, and a variety of business activities, companies must be able to provide timely, safely, and integrity information disclosure for interested party of enterprise . Therefore, the establishment of enterprise security management such as the International Organization for Standardization （ISO） becomes a key issue for any company to get involved in international trade. The main purpose of this research is to construct an architecture-oriented model for enterprise security management according to ISO 27001 : 2005 information security management system（ISMS）requirements. This model will combine the components and component operations of the department and software systems, in order to describe in detail about the interaction relationship and information flow of enterprise security management. In this thesis, we construct an architecture-oriented enterprise security management model （AOESMM） based on theory and methods of enterprise architecture. This model uses the structure-behavior coalescence approach with six fundamental diagrams: the “architecture hierarchy diagram,” the “framework diagram,” the “component operation diagram,” the “component connection diagram, the “structure-behavior coalescence diagram,” and the “interaction flow diagram”. AOESMM shall allow organizational structures, systems operations, and information flow, with a great deal of simple, clear, and easy communication features.

碩士
正修科技大學
資訊管理研究所
103
In this study, we adopt the structure behavior coalescence methodology to construct an architecture-oriented information security risk management model (AOISRMM), which is integrated structure and behavior of the risk management model. AOISRMM solves many difficulties caused by the process-oriented approach in ISO 27001:2013 of information security risk assessment such as uneven distribution of resources, poor safety performance and high risk. We find out the vice president’s office, information security consultant, project manager and risk management system are the key roles for the success of the risk management from structure behavior coalescence diagram. The feedback mechanism in the enterprise is essential to report and respond to the incidents for reducing the risk. AOISRMM represents multiple views of information security risk management by integrating the structure and behavior of the risk management. We conclude that AOISRMM, being an integration model, enables enterprise organization, IT system, internal risk management processes to be a single interface to the vice president and department heads. The staffs can effectively understand the whole picture of information security risk management through AOISRMM, which shall clarify the duties for each unit and flexible sources allocation for the enterprise. Also AOISRMM have a good communication effect of organization and external environment.

abstract: With the increasing user demand for low latency, elastic provisioning of computing resources coupled with ubiquitous and on-demand access to real-time data, cloud computing has emerged as a popular computing paradigm to meet growing user demands. However, with the introduction and rising use of wear- able technology and evolving uses of smart-phones, the concept of Internet of Things (IoT) has become a prevailing notion in the currently growing technology industry. Cisco Inc. has projected a data creation of approximately 403 Zetabytes (ZB) by 2018. The combination of bringing benign devices and connecting them to the web has resulted in exploding service and data aggregation requirements, thus requiring a new and innovative computing platform. This platform should have the capability to provide robust real-time data analytics and resource provisioning to clients, such as IoT users, on-demand. Such a computation model would need to function at the edge-of-the-network, forming a bridge between the large cloud data centers and the distributed connected devices. This research expands on the notion of bringing computational power to the edge- of-the-network, and then integrating it with the cloud computing paradigm whilst providing services to diverse IoT-based applications. This expansion is achieved through the establishment of a new computing model that serves as a platform for IoT-based devices to communicate with services in real-time. We name this paradigm as Gateway-Oriented Reconfigurable Ecosystem (GORE) computing. Finally, this thesis proposes and discusses the development of a policy management framework for accommodating our proposed computational paradigm. The policy framework is designed to serve both the hosted applications and the GORE paradigm by enabling them to function more efficiently. The goal of the framework is to ensure uninterrupted communication and service delivery between users and their applications.
Dissertation/Thesis
Masters Thesis Computer Science 2015

碩士
國立中山大學
資訊管理學系研究所
100
With the popularity of computer networks, e-systems have enhanced the information flow within the Coast Guard Institute. Due to constant information security incidents, formulating policies and managing mechanisms become an important task of the internal security authorities. In this study, we construct an Architecture-Oriented Coast Guard Information Security Management Model (AOCGISMM) which is based on the six fundamental diagrams of Structure-Behavior Coalescence (SBC) Architecture. AOCGISMM, not only provides an integrated description of structure and behavior on the Coast Guard Institute Information Security operations, but also makes the employees within the organization easily to promote compliance.. AOCGISMM covers all structure and behavior of the whole Coast Guard Institute Information Security operations. Therefore, AOCGISMM describes the complete picture of Coast Guard Institute Information Security so that every employee shall understand and communicate well to meet the organization needs.

M.Tech.
Service Oriented Architecture has many advantages. For example, organisations can align business with Information Technology, reuse the developed functionality, reduce development and maintain cost for applications. Organisations adopt Service Oriented Architecture with the aim of automating and integrating business processes. However, it has information security vulnerabilities that should be considered. For example, applications exchange information across the Internet, where it can be tampered with. Information security is therefore one of the crucial qualities that need to be satisfied within information systems. This dissertation addresses the issue of information security within Service Oriented Architecture applications. Some organisations rely on Service Oriented Architecture governance tools when securing information in their Service Oriented Architecture environment. However, they may purchase them without investigating whether they include information security. The aim of this dissertation is to analyse whether these tools include information security. Each tool is benchmarked against the five information security services, defined by the ISO 7498/2 document and including identification and authentication, authorisation, confidentiality, integrity and non-repudiation. The dissertation concludes with a table summarising the results. This dissertation offers decision-makers information that can assist them in analysing whether Service Oriented Architecture governance tools includes information security. It also assists organisations to be aware of security vulnerabilities within Service Oriented Architecture applications, and the consequences that may arise if information security measures are ignored.

碩士
國立高雄科技大學
電子工程系
107
With the rapid development of telecommunication and network information technologies, network administrators often require to maintain and manage network equipment in a laborious and time-consuming manner. Due to cost constraints in Small/Medium Enterprise (SME), most of these companies typically do not have IT specialists or IT departments to manage network and maintain corporate network security. Therefore, a system architecture that meets the needs of SMEs' networks is required. With the advantages of centralized control and programmable networks of Software-Defined Network (SDN), it not only provides an abundance network information that may be used to expand a variety of applications in the network to provide a more flexible network management. For example, periodic traffic monitoring, firewalls, dynamic routing or dynamic bandwidth, etc. Thus, this study utilizes the global view of the network maintained by the SDN controller and designs network service discovery and state-based network security protection mechanism. Furthermore, traditional SDN did not differentiate different users and service levels in the SME networking environments. Thus, to improve bandwidth utilization and enhance network efficiency, network service dynamic bandwidth management and consider user-level dynamic routing configuration is also introduced in this study. These mechanisms are used to provide basic network QoS guarantee, overall network topology monitoring, SME-oriented hierarchical QoS management, and network security protection with flexible configurations. To do so, dynamic bandwidth management mechanism utilizes network service discovery mechanism to configure the bandwidth according to service bandwidth requirements and allocate extra bandwidth to the service dynamically if required. The experimental results show the maximum, minimum and average time to identify insufficient bandwidth until successfully allocate bandwidth to a service are 4.0 seconds, 3.2 seconds and 3.6 seconds, respectively. Furthermore, the user-level dynamic routing mechanism can dynamically allocate original routing path to an appropriate alternate routing path when path is congested. Experimental results show the average throughput of UDP video streaming services for level I and level II users can be increased by 29% and 47%, the transmission delay jitter rate can be reduced by 89% and 91%, and the packet transmission loss rate can be reduced by 20.7% and 28.5%. Furthermore, compare the advantages and disadvantages of the FTP file transmission service of the proposed SDN system with the traditional SDN system, the bandwidth usage rate of path W is improved by 58.12%. In the experiment, the time taken by user A and B to transmit 100 Mbytes files was reduced by 117 seconds and 80 seconds, respectively. With state-based network security protection mechanism, SMEs can standardize the specifications of users at all levels according to time, user level and user behavior. The experimental results shown that the abnormal traffic of SME can be detected and controlled at all time. Furthermore, different level users may refuse or accept access during specific period of time. Therefore, the proposed system can not only provide automated network policy configuration and flexible SME network management system, but also greatly improve the bandwidth utilization and enhance network efficiency compared with the traditional SDN architecture.

碩士
正修科技大學
資訊管理研究所
106
The main purpose of this research is to discuss the physical information security, and discuss the security protection and practical management of enterprise companies. Sustainable development is the highest indicator for enterprise development, which enables the company's operational business and manufacturing to be undisturbed. To ensure commercial confidential information, that is needed safely and managed. This study adopts Structure-Behavior Coalescence Architecture methodology to build an Architecture-Oriented Enterprise Physical Information Security Management Model. The Structure-Behavior Coalescence Architecture methodology is to first construct the components and operations of the electronic company's organizational structure that belongs to the structural plane, and then the interaction between components derives the corporate behavior of the electronics factory. The Architecture-Oriented Enterprise Physical Information Security Management Model can establish a proper security management mechanism, so that the relationship between organizational hierarchy and behavior is clearer. From the Architecture-Oriented Enterprise Physical Information Security Management Model, continuous enhancement of the plant security management model.