993 resultados para Segurança cidadã
Resumo:
This Master s Thesis deals with an analysis of the Regulatory Standards NR-9 e NR-13 on the perspective of occupational health and safety management systems (OHSMS) such as ILO deployed ILO/OSH-2001. Since the revamped OHSAS 18001:2007 complies with the ILO/OSH-2001 model it is used as benchmark to compare against the NR-9 and NR-13. The analysis suggests that the NR-9 has some important features present on the OHSAS 18001:2007 but lacks important others. The NR-13 turns out to be far from a modern model of OHSMS such as OHSAS 18001:2007 and a deep reformulation should be done in order to achieve the Brazil commitment with ILO to adopt OHSMS. Also, a small survey with companies with ISO 9000 certificates suggests that a NR-13 revised toward OHSMS would be welcome, but also that some more advanced issues present in ILO/OSH-2001 should be imposed by law in order to be achieved
Resumo:
Information is one of the most valuable organization s assets, mainly on a global and highly competitive world. On this scenery there are two antagonists forces: on one side, organizations struggle for keeping protected its information, specially those considered as strategic, on the other side, the invaders, leaded by innumerous reasons - such as hobby, challenge or one single protest with the intention of capturing and corrupting the information of other organizations. This thesis presents the descriptive results of one research that had as its main objective to identify which variables influence the Executives´ and CIOs´ perceptions toward Information Security. In addition, the research also identified the profile of Rio Grande do Norte s organizations and its Executives/CIOs concerning Information Security, computed the level of agreement of the respondents according to NBR ISO/IEC 17799 (Information technology Code of practice for information security management) on its dimension Access Control. The research was based on a model, which took into account the following variables: origin of the organization s capital, sector of production, number of PCs networked, number of employees with rights to network, number of attacks suffered by the organizations, respondent´s positions, education level, literacy on Information Technology and specific training on network. In the goal´s point of view, the research was classified as exploratory and descriptive, and, in relation of the approach, quantitative. One questionnaire was applied on 33 Executives and CIOs of the 50 Rio Grande do Norte s organizations that collected the highest taxes of ICMS - Imposto sobre Circulação de Mercadorias on 2000. After the data collecting, cluster analysis and chi-square statistical tools were used for data analysis. The research made clear that the Executives and CIOs of Rio Grande do Norte s organizations have low level of agreement concerning the rules of the NBR ISO/IEC 17799. It also made evident that the Executives and CIOs have its perception toward Information Security influenced by the number of PCs networked and by the number of attacks suffered by the organizations
Resumo:
The electronic mail service is one of the most Internet services that grow in the corporate environment. This evolution is bringing several problems for the organizations, especially to information that circulates inside of the corporate net. The lack of correct orientation to the people, about the usage and the security importance of these resources, is leaving breaches and causing misusage and overuse of service, for example. In recent literature, it starts to coming out several ideas, which has helped to rganizations how to plain and how to implement the information security system to the electronic mail in computer environment. However, these ideas are still not placed in practice in many companies, public or private. This dissertation tries to demonstrate the results of a research that has like goal, identify the importance that user training has over the information security policy, through a case study inside of private superior education institute in this state. Besides, this work had by basic orientation the ISO/IEC 17799, which talk about People Security. This study was developed over a proposed model to this research, which looked for offer conditions to guide the institution studied, how to plan better a information security policy to the electronic mail. Also, this research has an exploratory and descreptive nature and your type, qualitative. Firstly, it was applied na questionary to the information technology manager, as better way to get some general data and to deepen the contact which still then, it was being kept through e-mail. Thereupon this first contact, eleven interviews were done with the same manager, beside one interview with twenty-four users, among employees e students. After that to collect and transcript the interviews, were review with the manager all informations given, to correct any mistakes and to update that informations, to then, start the data analyze. The research suggests that the institution has a pro attitude about the information security policy and the electronic mail usage. However, it was clear that answers have their perception about information security under a very inexperient way, derived of a planning lack in relation to training program capable to solve the problem
Resumo:
This work presents a suggestion of a security system of land automation having as objective main the creation of a system capable from easy method, supervise the installations of a building with the goal to preserver security personal and patrimonial necessities, aim at portability low cost and use easiness. Was designed an alarms central and access controller that has digital and analogical inputs for sensors and outputs for buzzer, telephonic dialing and electronic lock. The system is supervised by software that makes solicitations of information to the alarms central through the one computer's serial port (RS-232). The supervisory software was developed in platform LabVIEW with displays the received data on a graphical interface informing the sensors' current states distributed in the building and system events as alarns occurrences. This system also can be viewed through the Internet for people registered by the land security's system administrator
Resumo:
Previous works have studied the characteristics and peculiarities of P2P networks, especially security information aspects. Most works, in some way, deal with the sharing of resources and, in particular, the storage of files. This work complements previous studies and adds new definitions relating to this kind of systems. A system for safe storage of files (SAS-P2P) was specified and built, based on P2P technology, using the JXTA platform. This system uses standard X.509 and PKCS # 12 digital certificates, issued and managed by a public key infrastructure, which was also specified and developed based on P2P technology (PKIX-P2P). The information is stored in a special file with XML format which is especially prepared, facilitating handling and interoperability among applications. The intention of developing the SAS-P2P system was to offer a complementary service for Giga Natal network users, through which the participants in this network can collaboratively build a shared storage area, with important security features such as availability, confidentiality, authenticity and fault tolerance. Besides the specification, development of prototypes and testing of the SAS-P2P system, tests of the PKIX-P2P Manager module were also performed, in order to determine its fault tolerance and the effective calculation of the reputation of the certifying authorities participating in the system
Resumo:
The traditional perimeter-based approach for computer network security (the castle and the moat model) hinders the progress of enterprise systems and promotes, both in administrators and users, the delusion that systems are protected. To deal with the new range of threats, a new data-safety oriented paradigm, called de-perimeterisation , began to be studied in the last decade. One of the requirements for the implementation of the de-perimeterised model of security is the definition of a safe and effective mechanism for federated identity. This work seeks to fill this gap by presenting the specification, modelling and implementation of a mechanism for federated identity, based on the combination of SAML and X.509 digital certificates stored in smart-cards, following the A3 standard of ICP-Brasil (Brazilian official certificate authority and PKI)
Resumo:
This research study deals with the production and distribution of drinking water with quality and safety in order to meet the needs of the Man. Points out the limitations of the methodology for assessing water quality in use today. Approaches the recommendations of the World Health Organization (WHO) for adoption, by the companies responsible for producing and distributing water, of assessment methodologies and risk management (HACCP), in order to ensure the quality and safety of water drinking. Suggests strategies for implementing the plan for water safety plan. Uses the process of water production, composed by Maxaranguape river basin, the water treatment plant and distribution system, which is part of the Plan for Expansion of the Supply System of Natal, as case study. The results, it was possible to devise strategies for implementation of the Water Safety Plan (WSP), which comprises the following steps: a) a preliminary stage. b) assessment system. c) process monitoring. d) management plan and e) validation and verification of the PSA. At each stage are included actions for its implementation. The implementation of the PSA shows a new type of water production, in which the fountain as a whole (watershed and point of capture), the Water Treatment Plant (WTP) and distribution, shall compose the production process, over which to build quality and safety of the final product (drinking water)
Resumo:
Fundação de Amparo à Pesquisa do Estado de São Paulo (FAPESP)
Resumo:
O desenvolvimento de Sistemas de Gestão da Segurança e Saúde no Trabalho (SGSST) ganha um significado cada vez mais importante no desempenho das empresas, pois, por meio deles, é possível obter a promoção da saúde e satisfação dos trabalhadores e a redução dos riscos de acidentes. No entanto, para que um SGSST obtenha bons resultados, as empresas precisam estar atentas às dificuldades comumente encontradas durante o seu processo de implantação, procurando solucioná-las de maneira antecipada e estruturada. Pelo exposto, este trabalho tem como principal objetivo apresentar diretrizes, baseadas no referencial teórico e nos resultados dos estudos de caso realizados, para implantação de SGSSTs em empresas fabricantes de baterias automotivas. Para o seu desenvolvimento adotou-se o método de pesquisa qualitativa a partir da realização de dois estudos de caso em empresas fabricantes de baterias automotivas localizadas na cidade de Bauru. Os instrumentos de coleta de dados foram entrevistas semiestruturadas, análise de documentos e observação in loco. Ao final do artigo, são propostas diretrizes relacionadas aos seguintes elementos: alta direção, estratégia organizacional, cultura organizacional, departamento de Segurança e Saúde do Trabalho (SST), técnicos de SST, recursos humanos, treinamento, equipes multidisciplinares, comunicação interna, resistência à mudança, indicadores de desempenho, ferramentas gerenciais para solução de problemas de SST, gestão de projetos, recompensas e incentivos, e integração do sistema.
Resumo:
The academic community and software industry have shown, in recent years, substantial interest in approaches and technologies related to the area of model-driven development (MDD). At the same time, continues the relentless pursuit of industry for technologies to raise productivity and quality in the development of software products. This work aims to explore those two statements, through an experiment carried by using MDD technology and evaluation of its use on solving an actual problem under the security context of enterprise systems. By building and using a tool, a visual DSL denominated CALV3, inspired by the software factory approach: a synergy between software product line, domainspecific languages and MDD, we evaluate the gains in abstraction and productivity through a systematic case study conducted in a development team. The results and lessons learned from the evaluation of this tool within industry are the main contributions of this work
Resumo:
The way to deal with information assets means nowadays the main factor not only for the success but also for keeping the companies in the global world. The number of information security incidents has grown for the last years. The establishment of information security policies that search to keep the security requirements of assets in the desired degrees is the major priority for the companies. This dissertation suggests a unified process for elaboration, maintenance and development of information security policies, the Processo Unificado para Políticas de Segurança da Informação - PUPSI. The elaboration of this proposal started with the construction of a structure of knowledge based on documents and official rules, published in the last two decades, about security policies and information security. It's a model based on the examined documents which defines the needed security policies to be established in the organization, its work flow and identifies the sequence of hierarchy among them. It's also made a model of the entities participating in the process. Being the problem treated by the model so complex, which involves all security policies that the company must have. PUPSI has an interative and developing approach. This approach was obtained from the instantiation of the RUP - Rational Unified Process model. RUP is a platform for software development object oriented, of Rational Software (IBM group). Which uses the best practice known by the market. PUPSI got from RUP a structure of process that offers functionality, diffusion capacity and comprehension, performance and agility for the process adjustment, offering yet capacity of adjustment to technological and structural charges of the market and the company
Resumo:
Com o intuito de impedir que computadores enviem mensagens automáticas se passando por usuários reais, desenvolvedores tem utilizado o recurso de interface CAPTCHA para distinguir o preenchimento de dados e submissões realizadas por humanos e por máquinas. Este trabalho apresenta as principais modalidades de CAPTCHAs e discute as implicações na usabilidade. Para tanto, foram aplicados questionários e realizados testes de usabilidade em três modalidades de CAPTCHA. Verificou-se que, embora os usuários tenham consciência da importância do uso do CAPTCHA como ferramenta de segurança, percebeu-se que tal recurso compromete a usabilidade, gerando insatisfação e em alguns casos, a desistência da realização da tarefa
Resumo:
Fundação de Amparo à Pesquisa do Estado de São Paulo (FAPESP)
Resumo:
Este estudo teve como objetivo aplicar o checklist de cirurgia segura, da Organização Mundial de Saúde, nas especialidades cirúrgicas de um hospital escola, e verificar a opinião das equipes sobre a influência da aplicação do checklist na segurança do processo cirúrgico e da comunicação interpessoal da equipe. Trata-se de um estudo de campo, descritivo, analítico, com abordagem qualitativa, realizado no centro cirúrgico de um hospital-escola. Para a coleta de dados, foi aplicado o checklist num total de 30 cirurgias, conduzido pela pesquisadora, em três etapas, e, a seguir, um componente da equipe cirúrgica foi convidado a participar do estudo, assinando o TCLE e respondendo a questões norteadoras. Para organização e análise dos dados, recorremos ao Método de Análise de Conteúdo de Bardin. Os sujeitos não perceberam mudanças na comunicação interpessoal com o uso do checklist, porém, indicaram que o uso proporcionou mais segurança ao procedimento. Adaptações ao checklist foram sugeridas.
Resumo:
OBJETIVO: Avaliar a segurança e a efetividade do uso do 5-fluoruracila (5-FU) como tratamento adjuvante do pterígio, aplicado sob a forma de infiltração subconjuntival, no período intraoperatório. MÉTODOS: Foram avaliados prospectivamente 125 indivíduos (125 olhos) portadores de pterígio. Os indivíduos foram operados segundo a técnica de retalho de deslizamento e receberam, ao final do procedimento, injeção subconjuntival de 0,2 mL de 5-FU (25 mg/mL). Foram anotados os dados do paciente como idade, sexo, profissão, características da lesão (primário ou recidivado, tamanho, carnoso ou involutivo) e feito seguimento pós-operatório, aos 7, 21, 60 e 180 dias. Os dados foram submetidos à avaliação estatística. RESULTADOS: Não foram observados casos de complicação decorrente do uso do 5-FU em injeção no intraoperatório do pterígio. A taxa de recidiva geral observada aos 180 dias de pós-operatório foi de 35,8%, sendo de 35,7% para os pterígios primários e de 36,4% para os recidivados. CONCLUSÃO: A aplicação do 5-FU no período intraoperatório sob a forma de infiltração subconjuntival é segura. Entretanto, ainda resulta em altas taxas de recidiva e novos estudos devem ser realizados a fim de conhecer a concentração/dose ideal que permitirá menores chances de recidiva da lesão.
