28 resultados para Arquitectura de segurança


Relevância:

20.00% 20.00%

Publicador:

Resumo:

The decrease in crime is one of the core issues that cause concern in society today. This study aims to propose improvements to public safety from the choice of points to the location of police units, ie the points which support the car and the police. For this, three models were developed in order to assist decision making regarding the best placement of these bases. The Model of Police Units Routing has the intention to analyze the current configuration of a given region and develop optimal routes for round preventative. The Model of Allocation and Routing for New Police Units (MARNUP) used the model of facility location called p-median weighted and traveling salesman problem (TSP) combined aiming an ideal setting for regions that do not yet have support points or to assess how far the distribution is present in relation to that found in solution. The Model Redefinition and Routing Unit Police (MRRUP) seek to change the current positioning taking into account the budgetary constraints of the decision maker. To verify the applicability of these models we used data from 602 points to instances of police command that is responsible for the capital city of Natal. The city currently has 31 police units for 36 of these 19 districts and police have some assistance. This reality can lead to higher costs and higher response times for answering emergency calls. The results of the models showed that in an ideal situation it is possible to define a distance of 500 km/round, whereas in this 900 km are covered by approximately round. However, a change from three-point lead reduced to 700 km / round which represents a decrease of 22% in the route. This reduction should help improve response time to emergency care, improving the level of service provided by the increase of solved cases, reducing police shifts and routing preventive patrols

Relevância:

20.00% 20.00%

Publicador:

Resumo:

This work provides great contribution to the documental study of the Work Safety courses offered by CEFETs in Brazil, under the perspective of safety management and occupational health, using as a referential the specification OHSAS 18001 (BSI, 1999), as well as directions provided by OIT (ILO, 2001). The theoretical research compares technical and managing competences of the projects of Work Safety courses at CEFETs with the international legislation mentioned above. For field research, questionnaires containing open and close questions were answered by teachers and students aiming at identifying the importance of technical and managing competences for the formation of Work Safety technicians, besides trying to identify which level of minimal formal knowledge should be required to perform managing activities in the area of Work Safety Management Systems and Occupational Health (SGSSO, in Portuguese). The results of the theoretical research point out differences between the projects of the Work Safety technical courses at CEFETs under the perspective of SGSSO. The field research shows that students and teachers opinions converge about most technical and managing competences. In relation to academic formation, the research suggests divergences to the criterion stated by the norm ISO 19011(ABNT, 2002)

Relevância:

20.00% 20.00%

Publicador:

Resumo:

The commitment assumed by Brazil to ILO in order to pursue actions toward the ILO/OSH-2001 adoption in the country poses the issue of modeling the institutional arrangement the set roles and relationship between government, standards organizations, health and safety organizations, professionals and other institutions to deploy the ILO/OSH-2001. This Thesis develop institutional arrangement models based on the current model and also in the ISO 9000 scheme and others. It is studied the US case with OSHA and VPP, the OHSAS 18001 and ANSI/AIHA Z-10, in addition to actual context of the regulating norms NR s. The scenarios developed are put to evaluation on feasibility, potential changes and effects on current MTE auditors work scheme. The main results are five scenarios developed and that the MTE auditors tend to be reactive to the change toward the ILO/OSH-2001.

Relevância:

20.00% 20.00%

Publicador:

Resumo:

This Master s Thesis deals with an analysis of the Regulatory Standards NR-9 e NR-13 on the perspective of occupational health and safety management systems (OHSMS) such as ILO deployed ILO/OSH-2001. Since the revamped OHSAS 18001:2007 complies with the ILO/OSH-2001 model it is used as benchmark to compare against the NR-9 and NR-13. The analysis suggests that the NR-9 has some important features present on the OHSAS 18001:2007 but lacks important others. The NR-13 turns out to be far from a modern model of OHSMS such as OHSAS 18001:2007 and a deep reformulation should be done in order to achieve the Brazil commitment with ILO to adopt OHSMS. Also, a small survey with companies with ISO 9000 certificates suggests that a NR-13 revised toward OHSMS would be welcome, but also that some more advanced issues present in ILO/OSH-2001 should be imposed by law in order to be achieved

Relevância:

20.00% 20.00%

Publicador:

Resumo:

Information is one of the most valuable organization s assets, mainly on a global and highly competitive world. On this scenery there are two antagonists forces: on one side, organizations struggle for keeping protected its information, specially those considered as strategic, on the other side, the invaders, leaded by innumerous reasons - such as hobby, challenge or one single protest with the intention of capturing and corrupting the information of other organizations. This thesis presents the descriptive results of one research that had as its main objective to identify which variables influence the Executives´ and CIOs´ perceptions toward Information Security. In addition, the research also identified the profile of Rio Grande do Norte s organizations and its Executives/CIOs concerning Information Security, computed the level of agreement of the respondents according to NBR ISO/IEC 17799 (Information technology Code of practice for information security management) on its dimension Access Control. The research was based on a model, which took into account the following variables: origin of the organization s capital, sector of production, number of PCs networked, number of employees with rights to network, number of attacks suffered by the organizations, respondent´s positions, education level, literacy on Information Technology and specific training on network. In the goal´s point of view, the research was classified as exploratory and descriptive, and, in relation of the approach, quantitative. One questionnaire was applied on 33 Executives and CIOs of the 50 Rio Grande do Norte s organizations that collected the highest taxes of ICMS - Imposto sobre Circulação de Mercadorias on 2000. After the data collecting, cluster analysis and chi-square statistical tools were used for data analysis. The research made clear that the Executives and CIOs of Rio Grande do Norte s organizations have low level of agreement concerning the rules of the NBR ISO/IEC 17799. It also made evident that the Executives and CIOs have its perception toward Information Security influenced by the number of PCs networked and by the number of attacks suffered by the organizations

Relevância:

20.00% 20.00%

Publicador:

Resumo:

The electronic mail service is one of the most Internet services that grow in the corporate environment. This evolution is bringing several problems for the organizations, especially to information that circulates inside of the corporate net. The lack of correct orientation to the people, about the usage and the security importance of these resources, is leaving breaches and causing misusage and overuse of service, for example. In recent literature, it starts to coming out several ideas, which has helped to rganizations how to plain and how to implement the information security system to the electronic mail in computer environment. However, these ideas are still not placed in practice in many companies, public or private. This dissertation tries to demonstrate the results of a research that has like goal, identify the importance that user training has over the information security policy, through a case study inside of private superior education institute in this state. Besides, this work had by basic orientation the ISO/IEC 17799, which talk about People Security. This study was developed over a proposed model to this research, which looked for offer conditions to guide the institution studied, how to plan better a information security policy to the electronic mail. Also, this research has an exploratory and descreptive nature and your type, qualitative. Firstly, it was applied na questionary to the information technology manager, as better way to get some general data and to deepen the contact which still then, it was being kept through e-mail. Thereupon this first contact, eleven interviews were done with the same manager, beside one interview with twenty-four users, among employees e students. After that to collect and transcript the interviews, were review with the manager all informations given, to correct any mistakes and to update that informations, to then, start the data analyze. The research suggests that the institution has a pro attitude about the information security policy and the electronic mail usage. However, it was clear that answers have their perception about information security under a very inexperient way, derived of a planning lack in relation to training program capable to solve the problem

Relevância:

20.00% 20.00%

Publicador:

Resumo:

This work presents a suggestion of a security system of land automation having as objective main the creation of a system capable from easy method, supervise the installations of a building with the goal to preserver security personal and patrimonial necessities, aim at portability low cost and use easiness. Was designed an alarms central and access controller that has digital and analogical inputs for sensors and outputs for buzzer, telephonic dialing and electronic lock. The system is supervised by software that makes solicitations of information to the alarms central through the one computer's serial port (RS-232). The supervisory software was developed in platform LabVIEW with displays the received data on a graphical interface informing the sensors' current states distributed in the building and system events as alarns occurrences. This system also can be viewed through the Internet for people registered by the land security's system administrator

Relevância:

20.00% 20.00%

Publicador:

Resumo:

Previous works have studied the characteristics and peculiarities of P2P networks, especially security information aspects. Most works, in some way, deal with the sharing of resources and, in particular, the storage of files. This work complements previous studies and adds new definitions relating to this kind of systems. A system for safe storage of files (SAS-P2P) was specified and built, based on P2P technology, using the JXTA platform. This system uses standard X.509 and PKCS # 12 digital certificates, issued and managed by a public key infrastructure, which was also specified and developed based on P2P technology (PKIX-P2P). The information is stored in a special file with XML format which is especially prepared, facilitating handling and interoperability among applications. The intention of developing the SAS-P2P system was to offer a complementary service for Giga Natal network users, through which the participants in this network can collaboratively build a shared storage area, with important security features such as availability, confidentiality, authenticity and fault tolerance. Besides the specification, development of prototypes and testing of the SAS-P2P system, tests of the PKIX-P2P Manager module were also performed, in order to determine its fault tolerance and the effective calculation of the reputation of the certifying authorities participating in the system

Relevância:

20.00% 20.00%

Publicador:

Resumo:

The traditional perimeter-based approach for computer network security (the castle and the moat model) hinders the progress of enterprise systems and promotes, both in administrators and users, the delusion that systems are protected. To deal with the new range of threats, a new data-safety oriented paradigm, called de-perimeterisation , began to be studied in the last decade. One of the requirements for the implementation of the de-perimeterised model of security is the definition of a safe and effective mechanism for federated identity. This work seeks to fill this gap by presenting the specification, modelling and implementation of a mechanism for federated identity, based on the combination of SAML and X.509 digital certificates stored in smart-cards, following the A3 standard of ICP-Brasil (Brazilian official certificate authority and PKI)

Relevância:

20.00% 20.00%

Publicador:

Resumo:

This research study deals with the production and distribution of drinking water with quality and safety in order to meet the needs of the Man. Points out the limitations of the methodology for assessing water quality in use today. Approaches the recommendations of the World Health Organization (WHO) for adoption, by the companies responsible for producing and distributing water, of assessment methodologies and risk management (HACCP), in order to ensure the quality and safety of water drinking. Suggests strategies for implementing the plan for water safety plan. Uses the process of water production, composed by Maxaranguape river basin, the water treatment plant and distribution system, which is part of the Plan for Expansion of the Supply System of Natal, as case study. The results, it was possible to devise strategies for implementation of the Water Safety Plan (WSP), which comprises the following steps: a) a preliminary stage. b) assessment system. c) process monitoring. d) management plan and e) validation and verification of the PSA. At each stage are included actions for its implementation. The implementation of the PSA shows a new type of water production, in which the fountain as a whole (watershed and point of capture), the Water Treatment Plant (WTP) and distribution, shall compose the production process, over which to build quality and safety of the final product (drinking water)

Relevância:

20.00% 20.00%

Publicador:

Resumo:

The academic community and software industry have shown, in recent years, substantial interest in approaches and technologies related to the area of model-driven development (MDD). At the same time, continues the relentless pursuit of industry for technologies to raise productivity and quality in the development of software products. This work aims to explore those two statements, through an experiment carried by using MDD technology and evaluation of its use on solving an actual problem under the security context of enterprise systems. By building and using a tool, a visual DSL denominated CALV3, inspired by the software factory approach: a synergy between software product line, domainspecific languages and MDD, we evaluate the gains in abstraction and productivity through a systematic case study conducted in a development team. The results and lessons learned from the evaluation of this tool within industry are the main contributions of this work

Relevância:

20.00% 20.00%

Publicador:

Resumo:

The way to deal with information assets means nowadays the main factor not only for the success but also for keeping the companies in the global world. The number of information security incidents has grown for the last years. The establishment of information security policies that search to keep the security requirements of assets in the desired degrees is the major priority for the companies. This dissertation suggests a unified process for elaboration, maintenance and development of information security policies, the Processo Unificado para Políticas de Segurança da Informação - PUPSI. The elaboration of this proposal started with the construction of a structure of knowledge based on documents and official rules, published in the last two decades, about security policies and information security. It's a model based on the examined documents which defines the needed security policies to be established in the organization, its work flow and identifies the sequence of hierarchy among them. It's also made a model of the entities participating in the process. Being the problem treated by the model so complex, which involves all security policies that the company must have. PUPSI has an interative and developing approach. This approach was obtained from the instantiation of the RUP - Rational Unified Process model. RUP is a platform for software development object oriented, of Rational Software (IBM group). Which uses the best practice known by the market. PUPSI got from RUP a structure of process that offers functionality, diffusion capacity and comprehension, performance and agility for the process adjustment, offering yet capacity of adjustment to technological and structural charges of the market and the company

Relevância:

20.00% 20.00%

Publicador:

Resumo:

Com o intuito de impedir que computadores enviem mensagens automáticas se passando por usuários reais, desenvolvedores tem utilizado o recurso de interface CAPTCHA para distinguir o preenchimento de dados e submissões realizadas por humanos e por máquinas. Este trabalho apresenta as principais modalidades de CAPTCHAs e discute as implicações na usabilidade. Para tanto, foram aplicados questionários e realizados testes de usabilidade em três modalidades de CAPTCHA. Verificou-se que, embora os usuários tenham consciência da importância do uso do CAPTCHA como ferramenta de segurança, percebeu-se que tal recurso compromete a usabilidade, gerando insatisfação e em alguns casos, a desistência da realização da tarefa