427 resultados para VULNERABILITIES
Resumo:
The crisis has forced the Euro area to establish an emergency fund that supports member states experiencing a sovereign debt crisis. The difficulties of coming up with such a fund for Greece and other Euro area members stands in marked contrast to the balance of payments support that non-Euro members like Hungary received, swiftly and quietly. In order to solve this puzzle, we first establish the difference between EU interventions and IMF programs and, second, trace the evolution of crisis management with France and Germany in the lead. The lens of hegemonic stability theory suggests that the Franco-German leadership is too weak to provide stability and the extensive use of conditionality is one symptom of this weakness. Providing incentives for cooperation "after hegemony" (Keohane) is the unresolved issues troubling the monetary union. Its dominant powers must acknowledge that markets perceive monetary union to be already politically more integrated than its lack of fiscal integration suggests.
Resumo:
Shipping list no.: 2000-0249-P.
Resumo:
No abstract available.
Resumo:
This thesis presents security issues and vulnerabilities in home and small office local area networks that can be used in cyber-attacks. There is previous research done on single vulnerabilities and attack vectors, but not many papers present full scale attack examples towards LAN. First this thesis categorizes different security threads and later in the paper methods to launch the attacks are shown by example. Offensive security and penetration testing is used as research methods in this thesis. As a result of this thesis an attack is conducted using vulnerabilities in WLAN, ARP protocol, browser as well as methods of social engineering. In the end reverse shell access is gained to the target machine. Ready-made tools are used in the attack and their inner workings are described. Prevention methods are presented towards the attacks in the end of the thesis.
Resumo:
2009
Resumo:
Similar to seemingly maladaptive genes in general, the persistence of inherited cancer-causing mutant alleles in populations remains a challenging question for evolutionary biologists. In addition to traditional explanations such as senescence or antagonistic pleiotropy, here we put forward a new hypothesis to explain the retention of oncogenic mutations. We propose that although natural defenses evolve to prevent neoplasm formation and progression thus increasing organismal fitness, they also conceal the effects of cancer-causing mutant alleles on fitness and concomitantly protect inherited ones from purging by purifying selection. We also argue for the importance of the ecological contexts experienced by individuals and/or species. These contexts determine the locally predominant fitness-reducing risks, and hence can aid the prediction of how natural selection will influence cancer outcomes.
Resumo:
Purpose Alcohol-related disorder in Australia’s night-time economy has precipitated an expanding regulatory and legislative framework. A key feature is the growth of police-imposed discretionary justice, one example of which are Victoria’s banning provisions. Banning notices are imposed on-the-spot, may be issued pre-emptively, but permit no right of independent appeal. However, there has been little analysis of the enactment, implementation or use of police-imposed banning provisions. The paper aims to discuss these issues.
Design/methodology/approach This paper draws upon a detailed examination of the record of parliamentary debate of the banning notice legislation to document how the provisions, and their embedded procedural vulnerabilities, were legitimised. In addition, an analysis of Victoria Police data informs consideration of the ongoing scrutiny of the police power to ban.
FindingsThe absolute discretion afforded to police officers, and a lack of effective oversight, has created the potential for the disproportionate and discriminatory implementation of Victoria’s banning notice powers. The findings highlight procedural vulnerabilities within the provisions, and concern regarding the particular risk of banning notices for vulnerable recipients.
Research limitations/implications The nature of Victoria’s banning provisions created the circumstances for their inequitable imposition, but public scrutiny of their use and effect is limited. Omissions and deficiencies in the published data restricts meaningful analysis of how banning works in practice.
Originality/value The research underpinning this paper was the first detailed examination of the implementation and ongoing scrutiny of Victoria’s banning notice provisions. The findings presented in this paper highlight key procedural vulnerabilities resulting from the passage of the legislation and the absence of effective oversight.
Resumo:
Security defects are common in large software systems because of their size and complexity. Although efficient development processes, testing, and maintenance policies are applied to software systems, there are still a large number of vulnerabilities that can remain, despite these measures. Some vulnerabilities stay in a system from one release to the next one because they cannot be easily reproduced through testing. These vulnerabilities endanger the security of the systems. We propose vulnerability classification and prediction frameworks based on vulnerability reproducibility. The frameworks are effective to identify the types and locations of vulnerabilities in the earlier stage, and improve the security of software in the next versions (referred to as releases). We expand an existing concept of software bug classification to vulnerability classification (easily reproducible and hard to reproduce) to develop a classification framework for differentiating between these vulnerabilities based on code fixes and textual reports. We then investigate the potential correlations between the vulnerability categories and the classical software metrics and some other runtime environmental factors of reproducibility to develop a vulnerability prediction framework. The classification and prediction frameworks help developers adopt corresponding mitigation or elimination actions and develop appropriate test cases. Also, the vulnerability prediction framework is of great help for security experts focus their effort on the top-ranked vulnerability-prone files. As a result, the frameworks decrease the number of attacks that exploit security vulnerabilities in the next versions of the software. To build the classification and prediction frameworks, different machine learning techniques (C4.5 Decision Tree, Random Forest, Logistic Regression, and Naive Bayes) are employed. The effectiveness of the proposed frameworks is assessed based on collected software security defects of Mozilla Firefox.
Resumo:
Water is now considered the most important but vulnerable resource in the Mediterranean region. Nev ertheless, irrigation expanded fast in the region (e.g. South Portugal and Spain) to mitigate environmental stress and to guarantee stable grape yield and quality. Sustainable wine production depends on sustain able water use in the wine’s supply chain, from the vine to the bottle. Better understanding of grapevine stress physiology (e.g. water relations, temperature regulation, water use efficiency), more robust crop monitoring/phenotyping and implementation of best water management practices will help to mitigate climate effects and will enable significant water savings in the vineyard and winery. In this paper, we focused on the major vulnerabilities and opportunities of South European Mediterranean viticulture (e.g. in Portugal and Spain) and present a multi-level strategy (from plant to the consumer) to overcome region’s weaknesses and support strategies for adaptation to water scarcity, promote sustainable water use and minimize the environmental impact of the sector.
Resumo:
Water is now considered the most important but vulnerable resource in the Mediterranean region. Nevertheless, irrigation expanded fast in the region (e.g. South Portugal and Spain) to mitigate environmental stress and to guarantee stable grape yield and quality. Sustainable wine production depends on sustainable water use in the wine’s supply chain, from the vine to the bottle. Better understanding of grapevine stress physiology (e.g. water relations, temperature regulation, water use efficiency), more robust crop monitoring/phenotyping and implementation of best water management practices will help to mitigate climate effects and will enable significant water savings in the vineyard and winery. In this paper, we focused on the major vulnerabilities and opportunities of South European Mediterranean viticulture (e.g. in Portugal and Spain) and present a multi-level strategy (from plant to the consumer) to overcome region’s weaknesses and support strategies for adaptation to water scarcity, promote sustainable water use and minimize the environmental impact of the sector.
Resumo:
In this paper we propose an efficient authentication and integrity scheme to support DGPS corrections using the RTCM protocol, such that the identified vulnerabilities in DGPS are mitigated. The proposed scheme is based on the TESLA broadcast protocol with modifications that make it suitable for the bandwidth and processor constrained environment of marine DGPS.
Resumo:
Denial-of-service attacks (DoS) and distributed denial-of-service attacks (DDoS) attempt to temporarily disrupt users or computer resources to cause service un- availability to legitimate users in the internetworking system. The most common type of DoS attack occurs when adversaries °ood a large amount of bogus data to interfere or disrupt the service on the server. The attack can be either a single-source attack, which originates at only one host, or a multi-source attack, in which multiple hosts coordinate to °ood a large number of packets to the server. Cryptographic mechanisms in authentication schemes are an example ap- proach to help the server to validate malicious tra±c. Since authentication in key establishment protocols requires the veri¯er to spend some resources before successfully detecting the bogus messages, adversaries might be able to exploit this °aw to mount an attack to overwhelm the server resources. The attacker is able to perform this kind of attack because many key establishment protocols incorporate strong authentication at the beginning phase before they can iden- tify the attacks. This is an example of DoS threats in most key establishment protocols because they have been implemented to support con¯dentiality and data integrity, but do not carefully consider other security objectives, such as availability. The main objective of this research is to design denial-of-service resistant mechanisms in key establishment protocols. In particular, we focus on the design of cryptographic protocols related to key establishment protocols that implement client puzzles to protect the server against resource exhaustion attacks. Another objective is to extend formal analysis techniques to include DoS- resistance. Basically, the formal analysis approach is used not only to analyse and verify the security of a cryptographic scheme carefully but also to help in the design stage of new protocols with a high level of security guarantee. In this research, we focus on an analysis technique of Meadows' cost-based framework, and we implement DoS-resistant model using Coloured Petri Nets. Meadows' cost-based framework is directly proposed to assess denial-of-service vulnerabil- ities in the cryptographic protocols using mathematical proof, while Coloured Petri Nets is used to model and verify the communication protocols using inter- active simulations. In addition, Coloured Petri Nets are able to help the protocol designer to clarify and reduce some inconsistency of the protocol speci¯cation. Therefore, the second objective of this research is to explore vulnerabilities in existing DoS-resistant protocols, as well as extend a formal analysis approach to our new framework for improving DoS-resistance and evaluating the performance of the new proposed mechanism. In summary, the speci¯c outcomes of this research include following results; 1. A taxonomy of denial-of-service resistant strategies and techniques used in key establishment protocols; 2. A critical analysis of existing DoS-resistant key exchange and key estab- lishment protocols; 3. An implementation of Meadows's cost-based framework using Coloured Petri Nets for modelling and evaluating DoS-resistant protocols; and 4. A development of new e±cient and practical DoS-resistant mechanisms to improve the resistance to denial-of-service attacks in key establishment protocols.
Resumo:
Health Information Systems (HIS) make extensive use of Information and Communication Technologies (ICT). The use of ICT aids in improving the quality and efficiency of healthcare services by making healthcare information available at the point of care (Goldstein, Groen, Ponkshe, and Wine, 2007). The increasing availability of healthcare data presents security and privacy issues which have not yet been fully addressed (Liu, Caelli, May, and Croll, 2008a). Healthcare organisations have to comply with the security and privacy requirements stated in laws, regulations and ethical standards, while managing healthcare information. Protecting the security and privacy of healthcare information is a very complex task (Liu, May, Caelli and Croll, 2008b). In order to simplify the complexity of providing security and privacy in HIS, appropriate information security services and mechanisms have to be implemented. Solutions at the application layer have already been implemented in HIS such as those existing in healthcare web services (Weaver et al., 2003). In addition, Discretionary Access Control (DAC) is the most commonly implemented access control model to restrict access to resources at the OS layer (Liu, Caelli, May, Croll and Henricksen, 2007a). Nevertheless, the combination of application security mechanisms and DAC at the OS layer has been stated to be insufficient in satisfying security requirements in computer systems (Loscocco et al., 1998). This thesis investigates the feasibility of implementing Security Enhanced Linux (SELinux) to enforce a Role-Based Access Control (RBAC) policy to help protect resources at the Operating System (OS) layer. SELinux provides Mandatory Access Control (MAC) mechanisms at the OS layer. These mechanisms can contain the damage from compromised applications and restrict access to resources according to the security policy implemented. The main contribution of this research is to provide a modern framework to implement and manage SELinux in HIS. The proposed framework introduces SELinux Profiles to restrict access permissions over the system resources to authorised users. The feasibility of using SELinux profiles in HIS was demonstrated through the creation of a prototype, which was submitted to various attack scenarios. The prototype was also subjected to testing during emergency scenarios, where changes to the security policies had to be made on the spot. Attack scenarios were based on vulnerabilities common at the application layer. SELinux demonstrated that it could effectively contain attacks at the application layer and provide adequate flexibility during emergency situations. However, even with the use of current tools, the development of SELinux policies can be very complex. Further research has to be made in order to simplify the management of SELinux policies and access permissions. In addition, SELinux related technologies, such as the Policy Management Server by Tresys Technologies, need to be researched in order to provide solutions at different layers of protection.
Resumo:
Measuring quality attributes of object-oriented designs (e.g. maintainability and performance) has been covered by a number of studies. However, these studies have not considered security as much as other quality attributes. Also, most security studies focus at the level of individual program statements. This approach makes it hard and expensive to discover and fix vulnerabilities caused by design errors. In this work, we focus on the security design of an object oriented application and define a number of security metrics. These metrics allow designers to discover and fix security vulnerabilities at an early stage, and help compare the security of various alternative designs. In particular, we propose seven security metrics to measure Data Encapsulation (accessibility) and Cohesion (interactions) of a given object-oriented class from the point of view of potential information flow.
Resumo:
Crash risk is the statistical probability of a crash. Its assessment can be performed through ex post statistical analysis or in real-time with on-vehicle systems. These systems can be cooperative. Cooperative Vehicle-Infrastructure Systems (CVIS) are a developing research avenue in the automotive industry worldwide. This paper provides a survey of existing CVIS systems and methods to assess crash risk with them. It describes the advantages of cooperative systems versus non-cooperative systems. A sample of cooperative crash risk assessment systems is analysed to extract vulnerabilities according to three criteria: market penetration, over-reliance on GPS and broadcasting issues. It shows that cooperative risk assessment systems are still in their infancy and requires further development to provide their full benefits to road users.
