893 resultados para Data security principle
Resumo:
Introduction: The Violence Medical Unit (VMU), a specialised forensic medical consultation, was created at the Lausanne university Hospital in 2006. All patients consulting at the ED for interpersonal violencerelated injury are referred to the VMU, which provides forensic documentation of the injury and referral to the relevant community based victim-support organisations within 48 hours of the ED visit. This frees the ED medical staff from forensic injury documentation and legal/social referral, tasks for which they lack both time and training. Among community violence, assaults by nightclub security agents against patrons have increased from 6% to 10% between 2007 and 2009. We set out to characterise the demographics, assault mechanisms, subsequent injuries, prior alcohol intake and ED & VMU costs incurred by this group of patients. Methods: We retrospectively included all patients consulting at the VMU due to assault by nightclub security agents from January 2007 to December 2009. Data was obtained from ED & VMU medical, nursing and administrative records. Results: Our sample included 70 patients, of which 64 were referred by the CHUV ED. The victims were typically young (median age 29) males (93%). 77% of assaults occurred on the weekend between 12 PM and 4 AM, and 73% of the victims were under the influence of alcohol. 83% of the patients were punched, kicked and/or head-butted; 9% had been struck with a blunt instrument. 80% of the injuries were in the head and neck area and 19% of the victims sustained fractures. 21% of the victims were prescribed medical leave. Total ED & VMU costs averaged 1048 SFr. Conclusion: Medical staff treating this population of assault victims must be aware of the assault mechanisms and injury patterns, in particular the high probability of fractures, in order to provide adequate diagnosis and care. Associated inebriation mandates liberal use of radiology, as delayed or missed diagnosis may have medical, medicolegal and legal implications. Emergency medical services play an important role in detecting and reporting of such incidents. Centralised management of the forensic documentation facilitates referral to victim support organisations and epidemiological data collection. Magnitudes and trends of the different types of violence can be determined, and this information can be then impact public safety management policies.
Resumo:
Phase encoded nano structures such as Quick Response (QR) codes made of metallic nanoparticles are suggested to be used in security and authentication applications. We present a polarimetric optical method able to authenticate random phase encoded QR codes. The system is illuminated using polarized light and the QR code is encoded using a phase-only random mask. Using classification algorithms it is possible to validate the QR code from the examination of the polarimetric signature of the speckle pattern. We used Kolmogorov-Smirnov statistical test and Support Vector Machine algorithms to authenticate the phase encoded QR codes using polarimetric signatures.
Resumo:
Peer-reviewed
Resumo:
The purpose of this thesis is to examine how services can be developed and how the voice of the customer can be incorporated to the strategic planning of services. Furthermore, the objective is to investigate the methods of customer need analysis and service bundling. The data is collected from secondary and primary sources by reviewing the existing academic literature and by conducting in-depth interviews and surveys. The main findings of this research indicate that the service development in personal security service industry should be conducted through a formalized process and the process should begin with setting the strategic objectives. Moreover, the voice of the customer should be incorporated into all stages of the development process, especially into the front-end of the process. Furthermore, the information on customer needs should be gathered in a manner tailored for the purposes of service development.
Resumo:
Cyber security is one of the main topics that are discussed around the world today. The threat is real, and it is unlikely to diminish. People, business, governments, and even armed forces are networked in a way or another. Thus, the cyber threat is also facing military networking. On the other hand, the concept of Network Centric Warfare sets high requirements for military tactical data communications and security. A challenging networking environment and cyber threats force us to consider new approaches to build security on the military communication systems. The purpose of this thesis is to develop a cyber security architecture for military networks, and to evaluate the designed architecture. The architecture is described as a technical functionality. As a new approach, the thesis introduces Cognitive Networks (CN) which are a theoretical concept to build more intelligent, dynamic and even secure communication networks. The cognitive networks are capable of observe the networking environment, make decisions for optimal performance and adapt its system parameter according to the decisions. As a result, the thesis presents a five-layer cyber security architecture that consists of security elements controlled by a cognitive process. The proposed architecture includes the infrastructure, services and application layers that are managed and controlled by the cognitive and management layers. The architecture defines the tasks of the security elements at a functional level without introducing any new protocols or algorithms. For evaluating two separated method were used. The first method is based on the SABSA framework that uses a layered approach to analyze overall security of an organization. The second method was a scenario based method in which a risk severity level is calculated. The evaluation results show that the proposed architecture fulfills the security requirements at least at a high level. However, the evaluation of the proposed architecture proved to be very challenging. Thus, the evaluation results must be considered very critically. The thesis proves the cognitive networks are a promising approach, and they provide lots of benefits when designing a cyber security architecture for the tactical military networks. However, many implementation problems exist, and several details must be considered and studied during the future work.
Resumo:
This work present the application of a computer package for generating of projection data for neutron computerized tomography, and in second part, discusses an application of neutron tomography, using the projection data obtained by Monte Carlo technique, for the detection and localization of light materials such as those containing hydrogen, concealed by heavy materials such as iron and lead. For tomographic reconstructions of the samples simulated use was made of only six equal projection angles distributed between 0º and 180º, with reconstruction making use of an algorithm (ARIEM), based on the principle of maximum entropy. With the neutron tomography it was possible to detect and locate polyethylene and water hidden by lead and iron (with 1cm-thick). Thus, it is demonstrated that thermal neutrons tomography is a viable test method which can provide important interior information about test components, so, extremely useful in routine industrial applications.
Resumo:
This thesis presented the overview of Open Data research area, quantity of evidence and establishes the research evidence based on the Systematic Mapping Study (SMS). There are 621 such publications were identified published between years 2005 and 2014, but only 243 were selected in the review process. This thesis highlights the implications of Open Data principals’ proliferation in the emerging era of the accessibility, reusability and sustainability of data transparency. The findings of mapping study are described in quantitative and qualitative measurement based on the organization affiliation, countries, year of publications, research method, star rating and units of analysis identified. Furthermore, units of analysis were categorized by development lifecycle, linked open data, type of data, technical platforms, organizations, ontology and semantic, adoption and awareness, intermediaries, security and privacy and supply of data which are important component to provide a quality open data applications and services. The results of the mapping study help the organizations (such as academia, government and industries), re-searchers and software developers to understand the existing trend of open data, latest research development and the demand of future research. In addition, the proposed conceptual framework of Open Data research can be adopted and expanded to strengthen and improved current open data applications.
Resumo:
Inside cyber security threats by system administrators are some of the main concerns of organizations about the security of systems. Since operating systems are controlled and managed by fully trusted administrators, they can negligently or intentionally break the information security and privacy of users and threaten the system integrity. In this thesis, we propose some solutions for enhancing the security of Linux OS by restricting administrators’ access to superuser’s privileges while they can still manage the system. We designed and implemented an interface for administrators in Linux OS called Linux Admins’ User Interface (LAUI) for managing the system in secure ways. LAUI along with other security programs in Linux like sudo protect confidentiality and integrity of users’ data and provide a more secure system against administrators’ mismanagement. In our model, we limit administrators to perform managing tasks in secure manners and also make administrators accountable for their acts. In this thesis we present some scenarios for compromising users’ data and breaking system integrity by system administrators in Linux OS. Then we evaluate how our solutions and methods can secure the system against these administrators’ mismanagement.
Resumo:
Within the framework of state security policy, the focus of this dissertation are the relations between how new security threats are perceived and the policy planning and bureaucratic implementation that are designed to address them. In addition, this thesis explores and studies some of the inertias that might exist in the core of the state apparatus as it addresses new threats and how these could be better managed. The dissertation is built on five thematic and interrelated articles highlighting different aspects of when new significant national security threats are detected by different governments until the threats on the policy planning side translate into protective measures within the society. The timeline differs widely between different countries and some key aspects of this process are also studied. One focus concerns mechanisms for adaptability within the Intelligence Community, another on the policy planning process within the Cabinet Offices/National Security Councils and the third focus is on the planning process and how policy is implemented within the bureaucracy. The issue of policy transfer is also analysed, revealing that there is some imitation of innovation within governmental structures and policies, for example within the field of cyber defence. The main findings of the dissertation are that this context has built-in inertias and bureaucratic seams found in most government bureaucratic machineries. As much of the information and planning measures imply security classification of the transparency and internal debate on these issues, alternative assessments become limited. To remedy this situation, the thesis recommends ways to improve the decision-making system in order to streamline the processes involved in making these decisions. Another special focus of the thesis concerns the role of the public policy think tanks in the United States as an instrument of change in the country’s national security decision-making environment, which is viewed from the perspective as being a possible source of new ideas and innovation. The findings in this part are based on unique interviews data on how think tanks become successful and influence the policy debate in a country such as the United States. It appears clearly that in countries such as the United States think tanks smooth the decision making processes, and that this model with some adaptations also might be transferrable to other democratic countries.
Resumo:
The number of security violations is increasing and a security breach could have irreversible impacts to business. There are several ways to improve organization security, but some of them may be difficult to comprehend. This thesis demystifies threat modeling as part of secure system development. Threat modeling enables developers to reveal previously undetected security issues from computer systems. It offers a structured approach for organizations to find and address threats against vulnerabilities. When implemented correctly threat modeling will reduce the amount of defects and malicious attempts against the target environment. In this thesis Microsoft Security Development Lifecycle (SDL) is introduced as an effective methodology for reducing defects in the target system. SDL is traditionally meant to be used in software development, principles can be however partially adapted to IT-infrastructure development. Microsoft threat modeling methodology is an important part of SDL and it is utilized in this thesis to find threats from the Acme Corporation’s factory environment. Acme Corporation is used as a pseudonym for a company providing high-technology consumer electronics. Target for threat modeling is the IT-infrastructure of factory’s manufacturing execution system. Microsoft threat modeling methodology utilizes STRIDE –mnemonic and data flow diagrams to find threats. Threat modeling in this thesis returned results that were important for the organization. Acme Corporation now has more comprehensive understanding concerning IT-infrastructure of the manufacturing execution system. On top of vulnerability related results threat modeling provided coherent views of the target system. Subject matter experts from different areas can now agree upon functions and dependencies of the target system. Threat modeling was recognized as a useful activity for improving security.
Resumo:
The recent rapid development of biotechnological approaches has enabled the production of large whole genome level biological data sets. In order to handle thesedata sets, reliable and efficient automated tools and methods for data processingand result interpretation are required. Bioinformatics, as the field of studying andprocessing biological data, tries to answer this need by combining methods and approaches across computer science, statistics, mathematics and engineering to studyand process biological data. The need is also increasing for tools that can be used by the biological researchers themselves who may not have a strong statistical or computational background, which requires creating tools and pipelines with intuitive user interfaces, robust analysis workflows and strong emphasis on result reportingand visualization. Within this thesis, several data analysis tools and methods have been developed for analyzing high-throughput biological data sets. These approaches, coveringseveral aspects of high-throughput data analysis, are specifically aimed for gene expression and genotyping data although in principle they are suitable for analyzing other data types as well. Coherent handling of the data across the various data analysis steps is highly important in order to ensure robust and reliable results. Thus,robust data analysis workflows are also described, putting the developed tools andmethods into a wider context. The choice of the correct analysis method may also depend on the properties of the specific data setandthereforeguidelinesforchoosing an optimal method are given. The data analysis tools, methods and workflows developed within this thesis have been applied to several research studies, of which two representative examplesare included in the thesis. The first study focuses on spermatogenesis in murinetestis and the second one examines cell lineage specification in mouse embryonicstem cells.
Resumo:
The Finnish legislation requires for a safe and secure learning environment. However, the comprehensive, risk based safety and security management (SSM) and the management commitment in the implementation and development of the SSM are not mentioned in the legislation. Multiple institutions, operators and researchers have studied and developed safety and security in educational institutions over the past decade. Typically the approach has been fragmented and without bringing up the importance of the comprehensive SSM. The development needs of the safety and security operations in universities have been studied. However, in universities of applied sciences (UASs) and in elementary schools (ESs), the performance level, strengths and weaknesses of the comprehensive SSM have not been studied. The objective of this study was to develop the comprehensive, risk based SSM of educational institutions by developing the new Asteri consultative auditing process and study its effects on auditees. Furthermore, the performance level in the comprehensive SSM in UASs and ESs were studied using Asteri and the TUTOR model developed by the Keski-Uusimaa Department for Rescue Services. In addition, strengths, development needs and differences were identified. In total, 76 educational institutions were audited between the years 2011 and 2014. The study is based on logical empiricism, and an observational applied research design was used. Auditing, observation and an electronic survey were used for data collection. Statistical analysis was used to analyze the collected information. In addition, thematic analysis was used to analyze the development areas of the organizations mentioned by the respondents in the survey. As one of the main contributions, this research presents the new Asteri consultative auditing process. Organizations with low performance levels on the audited subject benefit the most from the Asteri consultative auditing process. Asteri may be usable in many different types of audits, not only in SSM audits. As a new result, this study provides new knowledge on attitudes related to auditing. According to the research findings, auditing may generate negative attitudes and the auditor should take them into account when planning and preparing for audits. Negative attitudes can be compensated by producing added value, objectivity and positivity for the audit and, thus, improve the positive effects of auditing on knowledge and skills. Moreover, as the results of this study shows, auditing safety and security issues do not increase feelings of insecurity, but rather increase feelings of safety and security when using the new Asteri consultative auditing process with the TUTOR model. The results showed that the SSM in the audited UASs was statistically significantly more advanced than that in the audited ESs. However, there is still room for improvement in the ESs and the UASs as the approach to the SSM was fragmented. It can be assumed that the majority of Finnish UASs and ESs do not likely meet the basic level of the comprehensive, risk based the SSM.
Resumo:
Spatial data representation and compression has become a focus issue in computer graphics and image processing applications. Quadtrees, as one of hierarchical data structures, basing on the principle of recursive decomposition of space, always offer a compact and efficient representation of an image. For a given image, the choice of quadtree root node plays an important role in its quadtree representation and final data compression. The goal of this thesis is to present a heuristic algorithm for finding a root node of a region quadtree, which is able to reduce the number of leaf nodes when compared with the standard quadtree decomposition. The empirical results indicate that, this proposed algorithm has quadtree representation and data compression improvement when in comparison with the traditional method.
Resumo:
While service-learning is often said to be beneficial for all those involved—students, community members, higher education institutions, and faculty members—there are relatively few studies of the attraction to, and effect of, service-learning on faculty members. Existing studies have tended to use a survey design, and to be based in the United States. There is a lack of information on faculty experiences with service-learning in Ontario or Canada. This qualitative case study of faculty experiences with service-learning was framed through an Appreciative Inquiry social constructionist approach. The data were drawn from interviews with 18 faculty members who belong to a Food Security Research Network (FSRN) at a university in northern Ontario, reports submitted by the network, and personal observation of a selection of network-related events. This dissertation study revealed how involvement with service-learning created opportunities for faculty learning and growth. The focus on food security and a commitment to the sustainability of local food production was found to be an ongoing attraction to service-learning and a means to engage in and integrate research and teaching on matters of personal and professional importance to these faculty members. The dissertation concludes with a discussion of the FSRN’s model and the perceived value of a themed, transdisciplinary approach to service-learning. This study highlights promising practices for involving faculty in service-learning and, in keeping with an Appreciative Inquiry approach, depicts a view of faculty work at its best.
Resumo:
Le respect de la vie privée est garanti dans presque tous les pays du monde, dont la République Démocratique du Congo. Les textes juridiques internes et internationaux qui assurent la protection de la vie privée ont généralement été édictés à une époque où l'on ne pouvait tenir compte de l’avènement des inforoutes. Cet article tend à rechercher, autant que faire se peut, les divers formes de violations de la vie privée pouvant être commises sur les réseaux numériques et les mécanismes de protection y relatifs. Sont abordées, en premier lieu, les violations effectuées par les pouvoirs publics. Nombreuses sont les atteintes à la vie privée autorisées par les normes juridiques étatiques pour raison de sécurité publique. Il en est ainsi des perquisitions électroniques, des visites de lieux et des saisies opérées par des agents des services étatiques porteurs des titres réguliers et dans le strict respect tant de la procédure que des lois. Toutefois, il arrive que les agents d'État débordent le cadre de l’objet de leur mission ou agissent sans titre régulier. Du côté des atteinte perpétrées par les personnes privées, l'on pourra citer, à titre indicatif, la commission des délits de presse et la violation du secret professionnel, la prise de connaissance ou la soustraction frauduleuse des données à caractère personnel. Ces atteintes procèdent de divers fondements, parmi lesquels on retrouvera les conceptions libertaires, les intérêts égoïstes, l’ignorance des législations étrangères, le principe de la liberté de l’information, les raisons scientifiques ou celles d’ordre public. Un certain nombre de mécanismes juridiques permet néanmoins de combattre ou de réfréner les violations de la vie privée. Tout semble graviter autour de la mise en œuvre d’une procédure pouvant enclencher des sanctions pénales, civiles, disciplinaires ou administratives, hormis l’existence de certains mécanismes de protection particuliers tel que le droit de réponse.
