822 resultados para Computer and network security
Resumo:
O crescimento dos sistemas de informação e a sua utilização massiva criou uma nova realidade no acesso a experiências remotas que se encontram geograficamente distribuídas. Nestes últimos tempos, a temática dos laboratórios remotos apareceu nos mais diversos campos como o do ensino ou o de sistemas industriais de controlo e monitorização. Como o acesso aos laboratórios é efectuado através de um meio permissivo como é o caso da Internet, a informação pode estar à mercê de qualquer atacante. Assim, é necessário garantir a segurança do acesso, de forma a criar condições para que não se verifique a adulteração dos valores obtidos, bem como a existência de acessos não permitidos. Os mecanismos de segurança adoptados devem ter em consideração a necessidade de autenticação e autorização, sendo estes pontos críticos no que respeita à segurança, pois estes laboratórios podem estar a controlar equipamentos sensíveis e dispendiosos, podendo até eventualmente comprometer em certos casos o controlo e a monotorização de sistemas industriais. Este trabalho teve como objectivo a análise da segurança em redes, tendo sido realizado um estudo sobre os vários conceitos e mecanismos de segurança necessários para garantir a segurança nas comunicações entre laboratórios remotos. Dele resultam as três soluções apresentadas de comunicação segura para laboratórios remotos distribuídos geograficamente, recorrendo às tecnologias IPSec, OpenVPN e PPTP. De forma a minimizar custos, toda a implementação foi assente em software de código aberto e na utilização de um computador de baixo custo. No que respeita à criação das VPNs, estas foram configuradas de modo a permitir obter os resultados pretendidos na criação de uma ligação segura para laboratórios remotos. O pfSense mostrou-se a escolha acertada visto que suporta nativamente quaisquer das tecnologias que foram estudadas e implementadas, sem necessidade de usar recursos físicos muito caros, permitindo o uso de tecnologias de código aberto sem comprometer a segurança no funcionamento das soluções que suportam a segurança nas comunicações dos laboratórios remotos.
Resumo:
A Web aproximou a humanidade dos seus pares a um nível nunca antes visto. Com esta facilidade veio também o cibercrime, o terrorismo e outros fenómenos característicos de uma sociedade tecnológica, plenamente informatizada e onde as fronteiras terrestres pouco importam na limitação dos agentes ativos, nocivos ou não, deste sistema. Recentemente descobriu-se que as grandes nações “vigiam” atentamente os seus cidadãos, desrespeitando qualquer limite moral e tecnológico, podendo escutar conversas telefónicas, monitorizar o envio e receção de e-mails, monitorizar o tráfego Web do cidadão através de poderosíssimos programas de monitorização e vigilância. Noutros cantos do globo, nações em tumulto ou envoltas num manto da censura perseguem os cidadãos negando-lhes o acesso à Web. Mais mundanamente, há pessoas que coagem e invadem a privacidade de conhecidos e familiares, vasculhando todos os cantos dos seus computadores e hábitos de navegação. Neste sentido, após o estudo das tecnologias que permitem a vigilância constante dos utilizadores da Web, foram analisadas soluções que permitem conceder algum anónimato e segurança no tráfego Web. Para suportar o presente estudo, foi efetuada uma análise das plataformas que permitem uma navegação anónima e segura e um estudo das tecnologias e programas com potencial de violação de privacidade e intrusão informática usados por nações de grande notoriedade. Este trabalho teve como objetivo principal analisar as tecnologias de monitorização e de vigilância informática identificando as tecnologias disponíveis, procurando encontrar potenciais soluções no sentido de investigar a possibilidade de desenvolver e disponibilizar uma ferramenta multimédia alicerçada em Linux e em LiveDVD (Sistema Operativo Linux que corre a partir do DVD sem necessidade de instalação). Foram integrados recursos no protótipo com o intuito de proporcionar ao utilizador uma forma ágil e leiga para navegar na Web de forma segura e anónima, a partir de um sistema operativo (SO) virtualizado e previamente ajustado para o âmbito anteriormente descrito. O protótipo foi testado e avaliado por um conjunto de cidadãos no sentido de aferir o seu potencial. Termina-se o documento com as conclusões e o trabalho a desenvolver futuramente.
Resumo:
Although the ASP model has been around for over a decade, it has not achieved the expected high level of market uptake. This research project examines the past and present state of ASP adoption and identifies security as a primary factor influencing the uptake of the model. The early chapters of this document examine the ASP model and ASP security in particular. Specifically, the literature and technology review chapter analyses ASP literature, security technologies and best practices with respect to system security in general. Based on this investigation, a prototype to illustrate the range and types of technologies that encompass a security framework was developed and is described in detail. The latter chapters of this document evaluate the practical implementation of system security in an ASP environment. Finally, this document outlines the research outputs, including the conclusions drawn and recommendations with respect to system security in an ASP environment. The primary research output is the recommendation that by following best practices with respect to security, an ASP application can provide the same level of security one would expect from any other n-tier client-server application. In addition, a security evaluation matrix, which could be used to evaluate not only the security of ASP applications but the security of any n-tier application, was developed by the author. This thesis shows that perceptions with regard to fears of inadequate security of ASP solutions and solution data are misguided. Finally, based on the research conducted, the author recommends that ASP solutions should be developed and deployed on tried, tested and trusted infrastructure. Existing Application Programming Interfaces (APIs) should be used where possible and security best practices should be adhered to where feasible.
Resumo:
Aquest projecte té la intenció d'identificar i analitzar els efectes de la introducció d'Internet a les escoles catalanes (educació primària i secundària). L'objectiu és posar de manifest la manera com s'utilitza la xarxa en aquest àmbit i en quina mesura contribueix a l'aparició, en els centres educatius, d'una nova cultura adaptada a les necessitats de la societat xarxa. Amb aquest propòsit, aquest projecte desplega les seves línies d'anàlisi per a fer atenció al procés d'incorporació d'Internet, principalment, en tres direccions: la pràctica pedagògica, les formes d'organització i gestió dels centres educatius i la seva vinculació amb la comunitat i el territori. Aquesta investigació ha estat desenvolupada pel grup de recerca ENS (Education and Network Society). Amb una perspectiva comparativa, el treball d'aquest grup vol contribuir, sobre la base de dades empíriques, a interpretar la transformació de l'àmbit educatiu no universitari en els paràmetres que estableix, avui dia, la nostra societat.
Resumo:
We study the social, demographic and economic origins of social security. The data for the U.S. and for a cross section of countries suggest that urbanization and industrialization are associated with the rise of social insurance. We describe an OLG model in which demographics, technology, and social security are linked together in a political economy equilibrium. In the model economy, there are two locations (sectors), the farm (agricultural) and the city (industrial) and the decision to migrate from rural to urban locations is endogenous and linked to productivity differences between the two locations and survival probabilities. Farmers rely on land inheritance for their old age and do not support a pay-as-you-go social security system. With structural change, people migrate to the city, the land loses its importance and support for social security arises. We show that a calibrated version of this economy, where social security taxes are determined by majority voting, is consistent with the historical transformation in the United States.
Resumo:
Many political economic theories use and emphasize the process of votingin their explanation of the growth of Social Security, governmentspending, and other public policies. But is there an empirical connectionbetween democracy and Social Security program size or design? Using somenew international data sets to produce both country-panel econometricestimates as well as case studies of South American and southern Europeancountries, we find that Social Security policy varies according toeconomic and demographic factors, but that very different politicalhistories can result in the same Social Security policy. We find littlepartial effect of democracy on the size of Social Security budgets, onhow those budgets are allocated, or how economic and demographic factorsaffect Social Security. If there is any observed difference, democraciesspend a little less of their GDP on Social Security, grow their budgetsa bit more slowly, and cap their payroll tax more often, than doeconomically and demographically similar nondemocracies. Democracies andnondemocracies are equally likely to have benefit formulas inducingretirement and, conditional on GDP per capita, equally likely to induceretirement with a retirement test vs. an earnings test.
Resumo:
This paper studies the impact of an unfunded social security system on the distribution of bequests in a framework where savings are due both by life cycle and by random altruistic motivations. We show that the impact of social security on the distribution of bequests depends crucially on the importance of the bequest motive in explaining savings behavior. If the bequest motive is strong, then an increase in the social security tax raises the bequests left by altruistic parents. On the other hand, when the importance of bequests in motivating savings is sufficiently low, theincrease in the social security tax could result in a reduction of the bequests left by altruistic parents under some conditions on the attitude of individuals toward risk and on the relative returns associated with private saving and social security. Some implications concerning the transitional effects of introducing an unfunded social security scheme are also discussed.
Resumo:
ABSTRACT : A firm's competitive advantage can arise from internal resources as well as from an interfirm network. -This dissertation investigates the competitive advantage of a firm involved in an innovation network by integrating strategic management theory and social network theory. It develops theory and provides empirical evidence that illustrates how a networked firm enables the network value and appropriates this value in an optimal way according to its strategic purpose. The four inter-related essays in this dissertation provide a framework that sheds light on the extraction of value from an innovation network by managing and designing the network in a proactive manner. The first essay reviews research in social network theory and knowledge transfer management, and identifies the crucial factors of innovation network configuration for a firm's learning performance or innovation output. The findings suggest that network structure, network relationship, and network position all impact on a firm's performance. Although the previous literature indicates that there are disagreements about the impact of dense or spare structure, as well as strong or weak ties, case evidence from Chinese software companies reveals that dense and strong connections with partners are positively associated with firms' performance. The second essay is a theoretical essay that illustrates the limitations of social network theory for explaining the source of network value and offers a new theoretical model that applies resource-based view to network environments. It suggests that network configurations, such as network structure, network relationship and network position, can be considered important network resources. In addition, this essay introduces the concept of network capability, and suggests that four types of network capabilities play an important role in unlocking the potential value of network resources and determining the distribution of network rents between partners. This essay also highlights the contingent effects of network capability on a firm's innovation output, and explains how the different impacts of network capability depend on a firm's strategic choices. This new theoretical model has been pre-tested with a case study of China software industry, which enhances the internal validity of this theory. The third essay addresses the questions of what impact network capability has on firm innovation performance and what are the antecedent factors of network capability. This essay employs a structural equation modelling methodology that uses a sample of 211 Chinese Hi-tech firms. It develops a measurement of network capability and reveals that networked firms deal with cooperation between, and coordination with partners on different levels according to their levels of network capability. The empirical results also suggests that IT maturity, the openness of culture, management system involved, and experience with network activities are antecedents of network capabilities. Furthermore, the two-group analysis of the role of international partner(s) shows that when there is a culture and norm gap between foreign partners, a firm must mobilize more resources and effort to improve its performance with respect to its innovation network. The fourth essay addresses the way in which network capabilities influence firm innovation performance. By using hierarchical multiple regression with data from Chinese Hi-tech firms, the findings suggest that there is a significant partial mediating effect of knowledge transfer on the relationships between network capabilities and innovation performance. The findings also reveal that the impacts of network capabilities divert with the environment and strategic decision the firm has made: exploration or exploitation. Network constructing capability provides a greater positive impact on and yields more contributions to innovation performance than does network operating capability in an exploration network. Network operating capability is more important than network constructing capability for innovative firms in an exploitation network. Therefore, these findings highlight that the firm can shape the innovation network proactively for better benefits, but when it does so, it should adjust its focus and change its efforts in accordance with its innovation purposes or strategic orientation.
Resumo:
The purpose of the Introduction to Homeland Security and Emergency Management for Local Officials is to provide you with information regarding this system. Inside, you will learn about local and state emergency management and homeland security; the phases of homeland security and emergency management; hazards that affect the state; comprehensive planning requirements; emergency declarations; available state and federal assistance; and other important topics that will help you become more versed in homeland security and emergency management in Iowa.
Resumo:
The purpose of the Introduction to Homeland Security and Emergency Management for Local Officials is to provide you with information regarding this system. Inside, you will learn about local and state emergency management and homeland security; the phases of homeland security and emergency management; hazards that affect the state; comprehensive planning requirements; emergency declarations; available state and federal assistance; and other important topics that will help you become more versed in homeland security and emergency management in Iowa.
Resumo:
The design of an efficient collaborative multirobot framework that ensures the autonomy and the individualrequirements of the involved robots is a very challenging task. This requires designing an efficient platform for inter-robot communication. P2P is a good approach to achieve this goal. P2P aims at making the communication ubiquitous thereby crossing the communication boundary and has many attractive features to use it as a platform for collaborative multi-robot environments. In this work, we present the JXTA Overlay P2P system and its application for robot control. Since JXTAOverlay is able to overcome Firewalls, Routers and NATs, it is possible to control end-devices in a WAN without changing the network security policy. We used JXTA-Overlay for the control of robot motors. We evaluated the proposed system by many experiments and have shown that the proposed system has a good performance and can be used successfully for the control of robot.
Resumo:
This paper describes the state of the art of secure ad hoc routing protocols and presents SEDYMO, a mechanism to secure a dynamic multihop ad hoc routing protocol. The proposed solution defeats internal and external attacks usinga trustworthiness model based on a distributed certification authority. Digital signatures and hash chains are used to ensure the correctness of the protocol. The protocol is compared with other alternatives in terms of security strength, energy efficiency and time delay. Both computational and transmission costs are considered and it is shown that the secure protocol overhead is not a critical factor compared to the high network interface cost.
Resumo:
The use of open source software continues to grow on a daily basis. Today, enterprise applications contain 40% to 70% open source code and this fact has legal, development, IT security, risk management and compliance organizations focusing their attention on its use, as never before. They increasingly understand that the open source content within an application must be detected. Once uncovered, decisions regarding compliance with intellectual property licensing obligations must be made and known security vulnerabilities must be remediated. It is no longer sufficient from a risk perspective to not address both open source issues.
