979 resultados para Security control
Resumo:
The authors thank M. C. Romano, I. Stansfield, L. Ciandrini, A. Kort, and M. Rehberg for helpful discussions. This work was funded by BBSRC grants BB/F00513/X1 and BB/G010722, and the Scottish Universities Life Science Alliance (SULSA).
Resumo:
The authors thank M. C. Romano, I. Stansfield, L. Ciandrini, A. Kort, and M. Rehberg for helpful discussions. This work was funded by BBSRC grants BB/F00513/X1 and BB/G010722, and the Scottish Universities Life Science Alliance (SULSA).
Resumo:
Funded by UK Government's Overseas Territories Environmental Programme (OTEP)
Resumo:
C.-W.W. is supported by a studentship funded by the College of Physical Sciences, University of Aberdeen. M.S.B. acknowledges EPSRC grant NO. EP/I032606/1.
Resumo:
This article analyses the factors behind the paradoxical result of the Brazilian gun-control referendum. It adopts a qualitative approach to explore the dissemination of ideologies surrounding crime, gun control and security. For this purpose, interviews were conducted with activists involved in the referendum's campaign. The results reveal that ideologically driven campaigns in a context of corruption scandals, high levels of violence and fear influenced the result. The neoliberal discourse of individual freedoms played a role, as did the phrasing of the referendum's question, fragile confidence in public institutions and unequal campaign funding and regulation.
Resumo:
Bajo el paradigma de modernización y desarrollo norteamericano -y en un contexto de Guerra Fría-, durante la década de 1960 se adecuaron a la realidad chilena programas de control de natalidad que no sólo buscaron disminuir las altas tasas de mortalidad materno infantil, sino que además respondieron al proyecto de seguridad hemisférica norteamericana de contención a posibles revoluciones populares en países del Tercer Mundo.
Resumo:
The proliferation of weapons of mass destruction (WMD), nuclear, biological and chemical (NBC) is one of the main security challenges facing the international community today. However the new Global Security Strategy of 2016 raises the question of non-proliferation of WMD only as an incidental matter, not addressing directly the threat, a fundamental threat in the regional and global security. This is a clear step backwards for the European common security.
Resumo:
The present article reviews the relations between the EU and Russia in the past decade and shows the deterioration of the bilateral relations. The Putin´s Russia has become a very active geostrategic player, with a worrying behaviour, breaking balances in the international scene established since the end of the Cold War. Russia is a priority in the Foreign and Security Policy of the European Global Security Strategy, but has become also a clear competitor. This last aspect is not sufficiently underlined in the Strategy and thus the strategic framework is not clear. In parallel, it is not clear in the Strategy which are the tools the EU has to defend its neighbourhood when their independence, sovereignty or territorial defence may be put in question. This question goes beyond the support to the resilience of those neighbours.
Resumo:
The BlackEnergy malware targeting critical infrastructures has a long history. It evolved over time from a simple DDoS platform to a quite sophisticated plug-in based malware. The plug-in architecture has a persistent malware core with easily installable attack specific modules for DDoS, spamming, info-stealing, remote access, boot-sector formatting etc. BlackEnergy has been involved in several high profile cyber physical attacks including the recent Ukraine power grid attack in December 2015. This paper investigates the evolution of BlackEnergy and its cyber attack capabilities. It presents a basic cyber attack model used by BlackEnergy for targeting industrial control systems. In particular, the paper analyzes cyber threats of BlackEnergy for synchrophasor based systems which are used for real-time control and monitoring functionalities in smart grid. Several BlackEnergy based attack scenarios have been investigated by exploiting the vulnerabilities in two widely used synchrophasor communication standards: (i) IEEE C37.118 and (ii) IEC 61850-90-5. Specifically, the paper addresses reconnaissance, DDoS, man-in-the-middle and replay/reflection attacks on IEEE C37.118 and IEC 61850-90-5. Further, the paper also investigates protection strategies for detection and prevention of BlackEnergy based cyber physical attacks.
Resumo:
Thesis (Ph.D.)--University of Washington, 2016-08
Resumo:
We outline a philosophical approach to Grand Challenge projects, with particular reference to our experience in our food security project involving the protection of stored grain from insect attack in two countries on different continents. A key consideration throughout has been the management of resistance in these pests to the valuable fumigant phosphine. Emphasis is given to the chain of research issues that required solution and the assembly of a well-integrated team, overlapping in skills for effective communication, in each country to solve the problems identified along that chain. A crucial aspect to maintaining direction is the inclusion of key end users in all deliberations, as well as the establishment and maintenance of effective outlets for the dissemination of practical recommendations. We finish with a summary of our achievements with respect to our approach to this food security Grand Challenge.
Resumo:
In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: 1) if policies are complex, their enforcement can lead to performance decay of database servers; 2) when modifications in the established policies implies modifications in the business logic (usually deployed at the client-side), there is no other possibility than modify the business logic in advance and, finally, 3) malicious users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.
Resumo:
In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: (1) if policies are complex, their enforcement can lead to performance decay of database servers; (2) when modifications in the established policies implies modifications in the business logic (usually deployed at the client-side), there is no other possibility than modify the business logic in advance and, finally, 3) malicious users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.
Resumo:
Each year the Medical University of South Carolina produces an annual accountability report for the South Carolina General Assembly and the Budget and Control Board. Included is an executive summary, agency discussion and analysis, and strategic planning documents.
Resumo:
In recent years, security of industrial control systems has been the main research focus due to the potential cyber-attacks that can impact the physical operations. As a result of these risks, there has been an urgent need to establish a stronger security protection against these threats. Conventional firewalls with stateful rules can be implemented in the critical cyberinfrastructure environment which might require constant updates. Despite the ongoing effort to maintain the rules, the protection mechanism does not restrict malicious data flows and it poses the greater risk of potential intrusion occurrence. The contributions of this thesis are motivated by the aforementioned issues which include a systematic investigation of attack-related scenarios within a substation network in a reliable sense. The proposed work is two-fold: (i) system architecture evaluation and (ii) construction of attack tree for a substation network. Cyber-system reliability remains one of the important factors in determining the system bottleneck for investment planning and maintenance. It determines the longevity of the system operational period with or without any disruption. First, a complete enumeration of existing implementation is exhaustively identified with existing communication architectures (bidirectional) and new ones with strictly unidirectional. A detailed modeling of the extended 10 system architectures has been evaluated. Next, attack tree modeling for potential substation threats is formulated. This quantifies the potential risks for possible attack scenarios within a network or from the external networks. The analytical models proposed in this thesis can serve as a fundamental development that can be further researched.
