Implantación de un sistema de seguridad perimetral

Este proyecto está desarrollado sobre la seguridad de redes, y más concretamente en la seguridad perimetral. Para mostrar esto se hará una definición teórico-práctica de un sistema de seguridad perimetral. Para ello se ha desglosado el contenido en dos partes fundamentales, la primera incide en la base teórica relativa a la seguridad perimetral y los elementos más importantes que intervienen en ella, y la segunda parte, que es la implantación de un sistema de seguridad perimetral habitual en un entorno empresarial. En la primera parte se exponen los elementos más importantes de la seguridad perimetral, incidiendo en elementos como pueden ser cortafuegos, IDS/IPS, antivirus, proxies, radius, gestores de ancho de banda, etc. Sobre cada uno de ellos se explica su funcionamiento y posible configuración. La segunda parte y más extensa a la vez que práctica, comprende todo el diseño, implantación y gestión de un sistema de seguridad perimetral típico, es decir, el que sería de aplicación para la mayoría de las empresas actuales. En esta segunda parte se encontrarán primeramente las necesidades del cliente y situación actual en lo que a seguridad se refiere, con los cuales se diseñará la arquitectura de red. Para comenzar será necesario definir formalmente unos requisitos previos, para satisfacer estos requisitos se diseñará el mapa de red con los elementos específicos seleccionados. La elección de estos elementos se hará en base a un estudio de mercado para escoger las mejores soluciones de cada fabricante y que más se adecúen a los requisitos del cliente. Una vez ejecutada la implementación, se diseñará un plan de pruebas, realizando las pruebas de casos de uso de los diferentes elementos de seguridad para asegurar su correcto funcionamiento. El siguiente paso, una vez verificado que todos los elementos funcionan de forma correcta, será diseñar un plan de gestión de la plataforma, en el que se detallan las rutinas a seguir en cada elemento para conseguir que su funcionamiento sea óptimo y eficiente. A continuación se diseña una metodología de gestión, en las que se indican los procedimientos de actuación frente a determinadas incidencias de seguridad, como pueden ser fallos en elementos de red, detección de vulnerabilidades, detección de ataques, cambios en políticas de seguridad, etc. Finalmente se detallarán las conclusiones que se obtienen de la realización del presente proyecto. ABSTRACT. This project is based on network security, specifically on security perimeter. To show this, a theoretical and practical definition of a perimeter security system will be done. This content has been broken down into two main parts. The first part is about the theoretical basis on perimeter security and the most important elements that it involves, and the second part is the implementation of a common perimeter security system in a business environment. The first part presents the most important elements of perimeter security, focusing on elements such as firewalls, IDS / IPS, antivirus, proxies, radius, bandwidth managers, etc... The operation and possible configuration of each one will be explained. The second part is larger and more practical. It includes all the design, implementation and management of a typical perimeter security system which could be applied in most businesses nowadays. The current status as far as security is concerned, and the customer needs will be found in this second part. With this information the network architecture will be designed. In the first place, it would be necessary to define formally a prerequisite. To satisfy these requirements the network map will be designed with the specific elements selected. The selection of these elements will be based on a market research to choose the best solutions for each manufacturer and are most suited to customer requirements. After running the implementation, a test plan will be designed by testing each one of the different uses of all the security elements to ensure the correct operation. In the next phase, once the proper work of all the elements has been verified, a management plan platform will be designed. It will contain the details of the routines to follow in each item to make them work optimally and efficiently. Then, a management methodology will be designed, which provides the procedures for action against certain security issues, such as network elements failures, exploit detection, attack detection, security policy changes, etc.. Finally, the conclusions obtained from the implementation of this project will be detailed.

A policy-driven architecture for supporting joint degrees through e-learning services

En un mercado de educación superior cada vez más competitivo, la colaboración entre universidades es una efectiva estrategia para acceder al mercado global. El desarrollo de titulaciones conjuntas es un importante mecanismo para fortalecer las colaboraciones académicas y diversificar los conocimientos. Las titulaciones conjuntas están siendo cada vez más implementadas en las universidades de todo el mundo. En Europa, el proceso de Bolonia y el programa Erasmus, están fomentado el reconocimiento de titulaciones conjuntas y dobles y promoviendo la colaboración entre las instituciones académicas. En el imparable proceso de la globalización y convergencia educativa, el uso de sistemas de e-learning para soportar cursos tanto semipresencial como online es una tendencia en crecimiento. Dado que los sistemas de e-learning soportan una amplia variedad de cursos, es necesario encontrar una solución adecuada que permita a las universidades soportar y gestionar las titulaciones conjuntas a través de sus sistemas de e-learning en conformidad con los acuerdos de colaboración establecidos por las universidades participantes. Esta tesis doctoral abordará las siguientes preguntas de investigación: 1. ¿Qué factores deben tenerse en cuenta en la implementación y gestión de titulaciones conjuntas? 2. ¿Cómo pueden los sistemas actuales de e-learning soportar el desarrollo de titulaciones conjuntas? 3. ¿Qué otros servicios y sistemas necesitan ser adaptados por las universidades interesadas en participar en una titulación conjunta a través de sus sistemas de e-learning? La implementación de titulaciones conjuntas a través de sistemas de e-learning es compleja e implica retos técnicos, administrativos, culturales, financieros, jurídicos y de seguridad. Esta tesis doctoral propone una serie de contribuciones que pueden ayudar a resolver algunos de los retos identificados. En primer lugar se ha elaborado un modelo conceptual que incluye la información del contexto de las titulaciones conjuntas que es relevante para la implementación de estas titulaciones en los sistemas de e-learning. Después de definir el modelo conceptual, se ha propuesto una arquitectura basada en políticas para la implementación de titulaciones interinstitucionales a través de sistemas de e-learning de acuerdo a los términos estipulados en los acuerdos de colaboración que son firmados por las universidades participantes. El autor se ha centrado en el componente de gestión de flujos de trabajo de esta arquitectura. Por último y con el fin de permitir la interoperabilidad de repositorios de objetos educativos, los componentes básicos a implementar han sido identificados y validados. El uso de servicios multimedia en educación es una tendencia creciente, proporcionando servicios de e-learning que permiten mejorar la comunicación y la interacción entre profesores y alumnos. Dentro de estos servicios, nos hemos centrado en el uso de la videoconferencia y la grabación de clases como servicios adecuados para el desarrollo de cursos impartidos en escenarios de educación colaborativos. Las contribuciones han sido validadas en proyectos de investigación de ámbito nacional y europeo en los que el autor ha participado. Abstract In an increasingly competitive higher education market, collaboration between universities is an effective strategy for gaining access to the global market. The development of joint degrees is an important mechanism for strengthening academic research collaborations and diversifying knowledge. Joint degrees are becoming increasingly implemented in universities around the world. In Europe, the Bologna process and the Erasmus programme have encouraged both the global recognition of joint and double degrees and promoted close collaboration between academic institutions. In the unstoppable process of globalization and educational convergence, the use of e-learning systems for supporting both blended and online courses is becoming a growing trend. Since e-learning systems covers a wide range of courses, it becomes necessary to find a suitable solution that enables universities to support and manage joint degrees through their e-learning systems in accordance with the collaboration agreements established by the universities involved. This dissertation will address the following research questions: 1. What factors need to be considered in the implementation and management of joint degrees? 2. How can the current e-learning systems support the development of joint degrees? 3. What other services and systems need to be adapted by universities interested in participating in a joint degree through their e-learning systems? The implementation of joint degrees using e-learning systems is complex and involves technical, administrative, security, cultural, financial and legal challenges. This dissertation proposes a series of contributions to help solve some of the identified challenges. One of the cornerstones of this proposal is a conceptual model of all the relevant issues related to the support of joint degrees by means of e-learning systems. After defining the conceptual model, this dissertation proposes a policy-driven architecture for implementing inter-institutional degree collaborations through e-learning systems as stipulated by a collaboration agreement signed by two universities. The author has focused on the workflow management component of this architecture. Finally, the building blocks for achieving interoperability of learning object repositories have been identified and validated. The use of multimedia services in education is a growing trend, providing rich e-learning services that improve the communication and interaction between teachers and students. Within these e-learning services, we have focused on the use of videoconferencing and lecture recording as the best-suited services to support collaborative learning scenarios. The contributions have been validated within national and European research projects that the author has been involved in.

Development of a Model for Security and Usability

This research addressed the development of a consolidated model designed especially to cover the security and usability attributes of a software product. As a starting point, we built a new usability model on the basis of well-known quality standards and models. We then used an existing security model to analyse the relationship between these two approaches. This analysis consisted of a systematic mapping study of the relationship between security and usability as global quality factors. We identified five relationship types: inverse, direct, relative, one-way inverse, and no relationship. Most authors agree that there is an inverse relationship between security and usability. However, this is not a unanimous finding, and this study unveils a number of open questions, like application domain dependency and the need to explore lower-level relationships between attribute subcharacteristics. In order to clarify the questions raised during the research, we conducted a second systematic mapping to further analyse the finer-grained structure of these factors, such as authentication as a subset of security and user efficiency as a subset of usability. The most relevant finding is that efficiency does not depend on the security level during the authentication process. There are other subfactors that require analysis. Accordingly, this research is the first part of a larger project to develop a full-blown consolidated model for security and usability.

Assessing the impact of adaptive accessibility on the optimal transport policy implementation by using an integrated land-use/transport model for Madrid

Accessibility is an essential concept widely used to evaluate the impact of land-use and transport strategies in transport and urban planning. Accessibility is typically evaluated by using a transport model or a land-use model independently or successively without a feedback loop, thus neglecting the interaction effects between the two systems and the induced competition effects among opportunities due to accessibility improvements. More than a mere methodological curiosity, failure to account for land- use/transport interactions and the competition effect may result in large underestimation of the policy effects. With the recent development of land-use and transport interaction (LUTI) models, there is a growing interest in using these models to adequately measure accessibility and evaluate its impact. The current study joins this research stream by embedding an accessibility measure in a LUTI model with two main aims. The first aim is to account for adaptive accessibility, namely the adjustment of the potential accessibility due to the effect of competition among opportunities (e.g., workplaces) as a result of improved accessibility. LUTI models are particularly suitable for assessing adaptive accessibility because the competition factor is a function of the number of jobs, which is related to land-use attractiveness and the number of workers which is related, among other factors, to the transport demand. The second aim is to identify the optimal implementation scenario of policy measures on the basis of the potential and adaptive accessibility and analyse the results in terms of social welfare and accessibility. The metropolitan area of Madrid is used as a case-study and two transport policy instruments, namely a cordon toll and bus frequency increase, have been chosen for the simulation study in order to present the usefulness of the approach to urban planners and policy makers. The MARS model (Metropolitan Activity Relocation Simulator) calibrated for Madrid was employed as the analysis tool. The impact of accessibility is embedded in the model through a social welfare function that includes not only costs and benefits to both road users and transport operators, but also costs and benefits for the government and society in general (external costs). An optimisation procedure is performed by the MARS model for maximizing the value of objective function in order to find the best (optimal) policy imp lementations intensity (i.e., price, frequency). Last, the two policy strategies are evaluated in terms of their accessibility. Results show that the accessibility with competition factor influences the optimal policy implementation level and also generates different results in terms of social welfare. In addition, mapping the difference between the potential and the adaptive accessibility indicators shows that the main changes occur in areas where there is a strong competition among land-use opportunities.

A general framework to testing the effect of transport policy measures to achieve a modal shift: a sequental hybrid model

In order to achieve to minimize car-based trips, transport planners have been particularly interested in understanding the factors that explain modal choices. In the transport modelling literature there has been an increasing awareness that socioeconomic attributes and quantitative variables are not sufficient to characterize travelers and forecast their travel behavior. Recent studies have also recognized that users? social interactions and land use patterns influence travel behavior, especially when changes to transport systems are introduced, but links between international and Spanish perspectives are rarely deal. In this paper, factorial and path analyses through a Multiple-Indicator Multiple-Cause (MIMIC) model are used to understand and describe the relationship between the different psychological and environmental constructs with social influence and socioeconomic variables. The MIMIC model generates Latent Variables (LVs) to be incorporated sequentially into Discrete Choice Models (DCM) where the levels of service and cost attributes of travel modes are also included directly to measure the effect of the transport policies that have been introduced in Madrid during the last three years in the context of the economic crisis. The data used for this paper are collected from a two panel smartphone-based survey (n=255 and 190 respondents, respectively) of Madrid.

Assessing the accessibility impact of transport policy by a land-use and transport interaction model - The case of Madrid

Accessibility is an essential concept widely used to evaluate the impact of transport and land-use strategies in urban planning and policy making. Accessibility is typically evaluated by using separately a transport model or a land-use model. This paper embeds two accessibility indicators (i.e., potential and adaptive accessibility) in a land use and transport interaction (LUTI) model in order to assess transport policies implementation. The first aim is to define the adaptive accessibility, considering the competition factor at territorial level (e.g. workplaces and workers). The second aim is to identify the optimal implementation scenario of policy measures using potential and adaptive accessibility indicators. The analysis of the results in terms of social welfare and accessibility changes closes the paper. Two transport policy measures are applied in Madrid region: a cordon toll and increase bus frequency. They have been simulated through the MARS model (Metropolitan Activity Relocation Simulator, i.e. LUTI model). An optimisation procedure is performed by MARS for maximizing the value of the objective function in order to find the optimal policy implementation (first best). Both policy measures are evaluated in terms of accessibility. Results show that the introduction of the accessibility indicators (potential and adaptive) influence the optimal value of the toll price and bus frequency level, generating different results in terms of social welfare. Mapping the difference between potential and adaptive accessibility indicator shows that the main changes occur in areas where there is a strong competition among different land-use opportunities.