898 resultados para Security Analysis
Resumo:
The Universal Serial Bus (USB) is an extremely popular interface standard for computer peripheral connections and is widely used in consumer Mass Storage Devices (MSDs). While current consumer USB MSDs provide relatively high transmission speed and are convenient to carry, the use of USB MSDs has been prohibited in many commercial and everyday environments primarily due to security concerns. Security protocols have been previously proposed and a recent approach for the USB MSDs is to utilize multi-factor authentication. This paper proposes significant enhancements to the three-factor control protocol that now makes it secure under many types of attacks including the password guessing attack, the denial-of-service attack, and the replay attack. The proposed solution is presented with a rigorous security analysis and practical computational cost analysis to demonstrate the usefulness of this new security protocol for consumer USB MSDs.
Resumo:
The goal of this publication is to attempt to assess the thirteen years (2001- -2014) of the West’s military presence in the countries of post-Soviet Central Asia, closely associated with the ISAF and OEF-A (Operation Enduring Freedom – Afghanistan) missions in Afghanistan. There will also be an analysis of the actual challenges for the region’s stability after 2014. The current and future security architecture in Central Asia will also be looked at closely, as will the actual capabilities to counteract the most serious threats within its framework. The need to separately handle the security system in Central Asia and security as such is dictated by the particularities of political situation in the region, the key mechanism of which is geopolitics understood as global superpower rivalry for influence with a secondary or even instrumental role of the five regional states, while ignoring their internal problems. Such an approach is especially present in Russia’s perception of Central Asia, as it views security issues in geopolitical categories. Because of this, security analysis in the Central Asian region requires a broader geopolitical context, which was taken into account in this publication. The first part investigates the impact of the Western (primarily US) military and political presence on the region’s geopolitical architecture between 2001 and 2014. The second chapter is an attempt to take an objective look at the real challenges to regional security after the withdrawal of the coalition forces from Afghanistan, while the third chapter is dedicated to analysing the probable course of events in the security dimension following 2014. The accuracy of predictions time-wise included in the below publication does not exceed three to five years due to the dynamic developments in Central Asia and its immediate vicinity (the former Soviet Union, Afghanistan, Pakistan, Iran), and because of the large degree of unpredictability of policies of one of the key regional actors – Russia (both in the terms of its activity on the international arena, and its internal developments).
Resumo:
Brazilians greeted the long-awaited decision of making Rio de Janeiro the host of the 2016 Olympic Games with tremendous exhilaration. Although Rio’s fantastic natural beauty certainly added to its attraction in hosting the games, its alarming rates of urban crime and violence largely associated with drug trafficking immediately triggered worldwide criticism, and put at issue its ability to guarantee the security for the games. Brazilians have been vying for a position as an emerging global economy and understand the importance of the Games for international prestige. This makes the stakes very high when hosting the Olympic Games in the wake of the 2014 Soccer World Cup, which will also be held in Brazil. This paper explores these criticisms and assesses Rio’s ability to prepare for this important event. The paper further explores the consensus that Brazilians will be more equipped to address actions taken by organized crime capable of affecting the Olympic Games than to face a terrorist attack. Brazil – and Rio – does not figure in the “terrorism map” as a region particularly linked to terrorism. Aside from uncorroborated suspicions of activities by terrorist organizations on the Tri-Border region (Argentina, Brazil, and Paraguay), Brazil does not elicit many concerns regarding terrorism.1 Yet, there is no way to guarantee that terrorist organizations will not try to make use of the 2016 Rio Olympic Games to advance their agenda. This being in mind, Rio and Brazil in general face a long road ahead to prepare, prevent, protect and respond to a possible terrorist attack during the 2016 Olympics. It is clear that prevention and preparation towards potential threats to the Games must necessarily include cooperation and exchange of best practices with other countries. 1 U.S. Department of State has confirmed that this area may have been used to transport weapons and conduct financial affairs in the past. This type of activity has been made more difficult with the fortification of border controls in more recent times.
Resumo:
A difficult transition to a new paradigm of Democratic Security and the subsequent process of military restructuring during the nineties led El Salvador, Honduras, Guatemala and Nicaragua to re-consider their old structures and functions of their armed forces and police agencies. This study compares the institutions in the four countries mentioned above to assess their current condition and response capacity in view of the contemporary security challenges in Central America. This report reveals that the original intention of limiting armies to defend and protect borders has been threatened by the increasing participation of armies in public security. While the strength of armies has been consolidated in terms of numbers, air and naval forces have failed to become strengthened or sufficiently developed to effectively combat organized crime and drug trafficking and are barely able to conduct air and sea operations. Honduras has been the only country that has maintained a proportional distribution of its armed forces. However, security has been in the hands of a Judicial Police, supervised by the Public Ministry. The Honduran Judicial Police has been limited to exercising preventive police duties, prohibited from carrying out criminal investigations. Nicaragua, meanwhile, possesses a successful police force, socially recognized for maintaining satisfactory levels of security surpassing the Guatemalan and El Salvadoran police, which have not achieved similar results despite of having set up a civilian police force separate from the military. El Salvador meanwhile, has excelled in promoting a Police Academy and career professional education, even while not having military attachés in other countries. Regarding budgetary issues, the four countries allocate almost twice the amount of funding on their security budgets in comparison to what is allocated to their defense budgets. However, spending in both areas is low when taking into account each country's GDP as well as their high crime rates. Regional security challenges must be accompanied by a professionalization of the regional armies focused on protecting and defending borders. Therefore, strong institutional frameworks to support the fight against crime and drug trafficking are required. It will require the strengthening of customs, greater control of illicit arms trafficking, investment in education initiatives, creating employment opportunities and facilitating significant improvements in the judicial system, as well as its accessibility to the average citizen.
Resumo:
Organized crime and illegal economies generate multiple threats to states and societies. But although the negative effects of high levels of pervasive street and organized crime on human security are clear, the relationships between human security, crime, illicit economies, and law enforcement are highly complex. By sponsoring illicit economies in areas of state weakness where legal economic opportunities and public goods are seriously lacking, both belligerent and criminal groups frequently enhance some elements of human security of the marginalized populations who depend on illicit economies for basic livelihoods. Even criminal groups without a political ideology often have an important political impact on the lives of communities and on their allegiance to the State. Criminal groups also have political agendas. Both belligerent and criminal groups can develop political capital through their sponsorship of illicit economies. The extent of their political capital is dependent on several factors. Efforts to defeat belligerent groups by decreasing their financial flows through suppression of an illicit economy are rarely effective. Such measures, in turn, increase the political capital of anti-State groups. The effectiveness of anti-money laundering measures (AML) also remains low and is often highly contingent on specific vulnerabilities of the target. The design of AML measures has other effects, such as on the size of a country’s informal economy. Multifaceted anti-crime strategies that combine law enforcement approaches with targeted socio-economic policies and efforts to improve public goods provision, including access to justice, are likely to be more effective in suppressing crime than tough nailed-fist approaches. For anti-crime policies to be effective, they often require a substantial, but politically-difficult concentration of resources in target areas. In the absence of effective law enforcement capacity, legalization and decriminalization policies of illicit economies are unlikely on their own to substantially reduce levels of criminality or to eliminate organized crime. Effective police reform, for several decades largely elusive in Latin America, is one of the most urgently needed policy reforms in the region. Such efforts need to be coupled with fundamental judicial and correctional systems reforms. Yet, regional approaches cannot obliterate the so-called balloon effect. If demand persists, even under intense law enforcement pressures, illicit economies will relocate to areas of weakest law enforcement, but they will not be eliminated.
Resumo:
Small states that lack capacity and act on their own may fall victim to international and domestic terrorism, transnational organized crime or criminal gangs. The critical issue is not whether small Caribbean states should cooperate in meeting security challenges, but it is rather in what manner, and by which mechanisms can they overcome obstacles in the way of cooperation. The remit of the Regional Security System (RSS) has expanded dramatically, but its capabilities have improved very slowly. The member governments of the RSS are reluctant to develop military capacity beyond current levels since they see economic and social development and disaster relief as priorities, requiring little investment in military hardware. The RSS depends on international donors such as the USA, Canada, Great Britain, and increasingly China to fund training programs, maintain equipment and acquire material. In the view of most analysts, an expanded regional arrangement based on an RSS nucleus is not likely in the foreseeable future. Regional political consensus remains elusive and the predominance of national interests over regional considerations continues to serve as an obstacle to any CARICOM wide regional defense mechanism. Countries in the Caribbean, including the members of the RSS, have to become more responsible for their own security from their own resources. While larger CARICOM economies can do this, it would be difficult for most OECS members of the RSS to do the same. The CARICOM region including the RSS member countries, have undertaken direct regional initiatives in security collaboration. Implementation of the recommendations of the Regional Task Force on Crime and Security (RTFCS) and the structure and mechanisms created for the staging of the Cricket World Cup (CWC 2007) resulted in unprecedented levels of cooperation and permanent legacy institutions for the regional security toolbox. The most important tier of security relationships for the region is the United States and particularly USSOUTHCOM. The Caribbean Basin Security Initiative [CBSI] in which the countries of the RSS participate is a useful U.S. sponsored tool to strengthen the capabilities of the Caribbean countries and promote regional ownership of security initiatives. Future developments under discussion by policy makers in the Caribbean security environment include the granting of law enforcement authority to the military, the formation of a single OECS Police Force, and the creation of a single judicial and law enforcement space. The RSS must continue to work with its CARICOM partners, as well as with the traditional “Atlantic Powers” particularly Canada, the United States and the United Kingdom to implement a general framework for regional security collaboration. Regional security cooperation should embrace wider traditional and non-traditional elements of security appropriate to the 21st century. Security cooperation must utilize to the maximum the best available institutions, mechanisms, techniques and procedures already available in the region. The objective should not be the creation of new agencies but rather the generation of new resources to take effective operations to higher cumulative levels. Security and non-security tools should be combined for both strategic and operational purposes. Regional, hemispheric, and global implications of tactical and operational actions must be understood and appreciated by the forces of the RSS member states. The structure and mechanisms, created for the staging of Cricket World Cup 2007 should remain as legacy institutions and a toolbox for improving regional security cooperation in the Caribbean. RSS collaboration should build on the process of operational level synergies with traditional military partners. In this context, the United States must be a true partner with shared interests, and with the ability to work unobtrusively in a nationalistic environment. Withdrawal of U.S. support for the RSS is not an option.
Resumo:
This study on China’s relations with Brazil and Argentina, as well as its implications for U.S. concerns examines two main questions: Why China’s increasing influence on Brazil and Argentina may be considered a cause for U.S. security concerns? And if this is the case, how do China’s strategic alliances with the two countries has impacted U.S. leadership? In an effort to look at China’s influence from multidimensional angles and beyond China’s visible economic influence in these two countries, this paper argues that China’s interest in the Latin American region, with a focus on brazil and Argentina, responds to a more crafted, pragmatic and tailored vision with long-term strategic and political goals. The results of this study reveal that China – avoiding intra-regional competition through a strategic diversification of sectors – has been able to secure critical resources for its population as well as promote enduring alliances in the region that could represent a plausible cause of concern for U.S. interests. In this regard, China’s avoidance of a direct challenge to traditional partners’ influence has responded to the gaps left by a gradual, but steady lack of U.S. involvement.
Resumo:
Colombia's increasingly effective efforts to mitigate the power of the FARC and other illegitimately armed groups in the country can offer important lessons for the Peruvian government as it strives to prevent a resurgence of Sendero Luminoso and other illegal non-state actors. Both countries share certain particular challenges: deep economic, social, and in the case of Peru ethnic divisions, the presence of and/or the effects of violent insurgencies, a large-scale narcotics production and trafficking, and a history of weak state presence in large tracts of isolated and scarcely-populated areas. Important differences exist, however in the nature of the insurgencies in the two countries, the government response to them and the nature of government and society that affects the applicability of Colombia's experience to Peru. The security threat to Panama from drug trafficking and Colombian insurgents --often a linked phenomenon-- are in many ways different from the drug/insurgent factor in Colombia itself and in Peru, although there are similar variables. Unlike the Colombian and Peruvian cases, the security threat in Panama is not directed against the state, there are no domestic elements seeking to overthrow the government -- as the case of the FARC and Sendero Luminoso, security problems have not spilled over from rural to urban areas in Panama, and there is no ideological component at play in driving the threat. Nor is drug cultivation a major factor in Panama as it is in Colombia and Peru. The key variable that is shared among all three cases is the threat of extra-state actors controlling remote rural areas or small towns where state presence is minimal. The central lesson learned from Colombia is the need to define and then address the key problem of a "sovereignity gap," lack of legitimate state presence in many part of the country. Colombia's success in broadening the presence of the national government between 2002 and the presence is owed to many factors, including an effective national strategy, improvements in the armed forces and police, political will on the part of government for a sustained effort, citizen buy-in to the national strategy, including the resolve of the elite to pay more in taxes to bring change about, and the adoption of a sequenced approach to consolidated development in conflicted areas. Control of territory and effective state presence improved citizen security, strengthened confidence in democracy and the legitimate state, promoted economic development, and helped mitigate the effect of illegal drugs. Peru can benefit from the Colombian experience especially in terms of the importance of legitimate state authority, improved institutions, gaining the support of local citizens, and furthering development to wean communities away from drugs. State coordinated "integration" efforts in Peru as practiced in Colombia have the potential for success if properly calibrated to Peruvian reality, coordinated within government, and provided with sufficient resources. Peru's traditionally weak political institutions and lack of public confidence in the state in many areas of the country must be overcome if this effort is to be successful.
Resumo:
The South American Defense Council (CSD), created in March 2009 as a military coordinating body of the Union of South American Nations (UNASUR) demonstrates a growing trend among Latin American countries to approach matters of regional security independent of the United States. The CSD also indicates a maturation of democratic civil military relations in a region once dominated by authoritarian military regimes. The CSD aims to facilitate the exchange of information about regional defense policies, promote collaboration for disaster relief, and promote civil-military engagement. In less than a year it is hardly a tested entity, but the presence of 12 South American states coming together around security policy marks an important moment in the evolution of civil-military relations in the region. Brazil has taken on an important leadership role in the CSD, acting as a leader in recent regional peacekeeping efforts. As a geopolitical move, Brazil also sees a benefit in promoting good relationships with all countries of South america, given its common border with nine of them. Although the United States is not a member of the CSD, the organization's agenda of infromation exchange of defense policies, military cooperation, and capacity building, including disaster assistance and preparedness provide opportunities for greater collaboration. The CSD is not part of the Inter-American System created after the Second World War. It is unclear how its work will coincide with the OAS Committee on Hemispheric Security or its Secretariat for Multidimensional Security. The U.S. should view the CSD as a mechanism to promote joint initiatives that encourage democratic governance in the region.
Resumo:
Contemporary integrated circuits are designed and manufactured in a globalized environment leading to concerns of piracy, overproduction and counterfeiting. One class of techniques to combat these threats is circuit obfuscation which seeks to modify the gate-level (or structural) description of a circuit without affecting its functionality in order to increase the complexity and cost of reverse engineering. Most of the existing circuit obfuscation methods are based on the insertion of additional logic (called “key gates”) or camouflaging existing gates in order to make it difficult for a malicious user to get the complete layout information without extensive computations to determine key-gate values. However, when the netlist or the circuit layout, although camouflaged, is available to the attacker, he/she can use advanced logic analysis and circuit simulation tools and Boolean SAT solvers to reveal the unknown gate-level information without exhaustively trying all the input vectors, thus bringing down the complexity of reverse engineering. To counter this problem, some ‘provably secure’ logic encryption algorithms that emphasize methodical selection of camouflaged gates have been proposed previously in literature [1,2,3]. The contribution of this paper is the creation and simulation of a new layout obfuscation method that uses don't care conditions. We also present proof-of-concept of a new functional or logic obfuscation technique that not only conceals, but modifies the circuit functionality in addition to the gate-level description, and can be implemented automatically during the design process. Our layout obfuscation technique utilizes don’t care conditions (namely, Observability and Satisfiability Don’t Cares) inherent in the circuit to camouflage selected gates and modify sub-circuit functionality while meeting the overall circuit specification. Here, camouflaging or obfuscating a gate means replacing the candidate gate by a 4X1 Multiplexer which can be configured to perform all possible 2-input/ 1-output functions as proposed by Bao et al. [4]. It is important to emphasize that our approach not only obfuscates but alters sub-circuit level functionality in an attempt to make IP piracy difficult. The choice of gates to obfuscate determines the effort required to reverse engineer or brute force the design. As such, we propose a method of camouflaged gate selection based on the intersection of output logic cones. By choosing these candidate gates methodically, the complexity of reverse engineering can be made exponential, thus making it computationally very expensive to determine the true circuit functionality. We propose several heuristic algorithms to maximize the RE complexity based on don’t care based obfuscation and methodical gate selection. Thus, the goal of protecting the design IP from malicious end-users is achieved. It also makes it significantly harder for rogue elements in the supply chain to use, copy or replicate the same design with a different logic. We analyze the reverse engineering complexity by applying our obfuscation algorithm on ISCAS-85 benchmarks. Our experimental results indicate that significant reverse engineering complexity can be achieved at minimal design overhead (average area overhead for the proposed layout obfuscation methods is 5.51% and average delay overhead is about 7.732%). We discuss the strengths and limitations of our approach and suggest directions that may lead to improved logic encryption algorithms in the future. References: [1] R. Chakraborty and S. Bhunia, “HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection,” IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 28, no. 10, pp. 1493–1502, 2009. [2] J. A. Roy, F. Koushanfar, and I. L. Markov, “EPIC: Ending Piracy of Integrated Circuits,” in 2008 Design, Automation and Test in Europe, 2008, pp. 1069–1074. [3] J. Rajendran, M. Sam, O. Sinanoglu, and R. Karri, “Security Analysis of Integrated Circuit Camouflaging,” ACM Conference on Computer Communications and Security, 2013. [4] Bao Liu, Wang, B., "Embedded reconfigurable logic for ASIC design obfuscation against supply chain attacks,"Design, Automation and Test in Europe Conference and Exhibition (DATE), 2014 , vol., no., pp.1,6, 24-28 March 2014.
Resumo:
In restructured power systems, generation and commercialization activities became market activities, while transmission and distribution activities continue as regulated monopolies. As a result, the adequacy of transmission network should be evaluated independent of generation system. After introducing the constrained fuzzy power flow (CFPF) as a suitable tool to quantify the adequacy of transmission network to satisfy 'reasonable demands for the transmission of electricity' (as stated, for instance, at European Directive 2009/72/EC), the aim is now showing how this approach can be used in conjunction with probabilistic criteria in security analysis. In classical security analysis models of power systems are considered the composite system (generation plus transmission). The state of system components is usually modeled with probabilities and loads (and generation) are modeled by crisp numbers, probability distributions or fuzzy numbers. In the case of CFPF the component’s failure of the transmission network have been investigated. In this framework, probabilistic methods are used for failures modeling of the transmission system components and possibility models are used to deal with 'reasonable demands'. The enhanced version of the CFPF model is applied to an illustrative case.
