834 resultados para IT Security, Internet, Personal Firewall, Security Mechanism, Security System, Security Threat, Security Usability, Security Vulnerability
Resumo:
After the economic reforms of 1978, China started rising very fast and started engaging other countries in the region which has served to increase its confidence in the region. In the post cold war period, China was seen as a big threat for the region because of its claims on the South China Sea. Nevertheless, this image was eliminated when China engaged ASEAN and other multilateral and regional organizations. This paper is studying Chinas economic and security policies towards ASEAN. Globalization Theory is the theory being used to explain the nature of China-ASEAN relations. This research paper argues that Chinas rise is promoting peace in the region. With the engagement policy, China started promoting trade and security co operations based on mutual benefits and dialogues for the peaceful resolutions of the disputes in the region. This contributed greatly to improve Chinas image in the region. Additionally, Chinas posture during the economic crises of 1997 also greatly contributed to improve its image. Thus, the rise of China is providing opportunity to the other countries in East Asia. Chapter One: Background On China-ASEAN Relations The use of Soft Power and engagement policy by the Chinese government has helped to change Chinas image in the region. By using these policies China has been able to clear the feeling of suspicion and mistrust among the Asian states. China has increased its participation in multilateral and regional organizations, such as ASEAN. Due to this China has been able to promote economic and security co-operation among countries in the region. Thus, from being a potential threat China became a potential co-operative partner. Chapter Two: A Look into ASEAN ASEAN was originally formed on 8th August 1967 in Bangkok, Thailand, by Indonesia, Malaysia, the Philippines, Singapore and Thailand. Nevertheless, ASEAN was not the first regional group created to act as forum for dialogue between the leaders of different countries. Thought, it is the only one which could work in the region. The aim of the foundation of ASEAN was to promote peace and stability in the Abstract 2 region and also contain the spread of communism in Southeast Asia. For this reason, China did not engage ASEAN until 1990. However, in 1978 with the establishment of the open up policy China started engaging other countries. It started building trust among its neighboring countries by using soft power. By 1992, China formalized its diplomatic ties with ASEAN as a group. The diplomatic ties between China and ASEAN focus on multilateralism and co-operation as the best way for a more peaceful Asia and the search for common security. Thus, security in the region is promoted through economic co-operation among the states. Therefore the relation between China ASEAN emphasizes the five principles of peaceful coexistence, mutual benefits in economic co-operation, dialogue promoting trust and the peaceful settlement of disputes. Chapter Three: China-ASEAN Economic Relations Since 1978 The economic reform of 1978 has greatly contributed to the economic development of China. After the adoption of the open up policy, China has been able to establish economic and trade relations with the outside world. The realist school of thought had predicted that Asia will not be stable in the post cold war period. Nevertheless, this has not been the case in Asia. China is growing peacefully with the co-operation of countries in the region. China is establishing strong ties with its neighboring countries. China and ASEAN relations focus on mutual benefit instead of being a zero sum game. Thus these relations are aimed at encouraging trust and economic co-operation in the region. China and ASEAN have agreed on Free Trade to assure that the two parties benefit from the co-operation. The ACFTA will have a great impact on economic, political and security issues. This will enable China to increase its influence in Asia and counterbalance the influences that Japan and U.S have in the region. Chapter Four: China ASEAN Relations in the Security Perspective This Chapter is about China and ASEAN relations on security issue. The new security issues of the post cold war period need to be solved in multilateral way. China as a major power in the region, through its engagement policy has solved most Abstract 3 of the disputes in the region using multilateral means. China has also found ways to solve the dispute over Spratly Islands peacefully, through dialogue using ASEAN. Additionally, China signed the Treaty of Amity in 2003, promoted security initiatives through ARF, Declaration on Conduct of Parties in the South China Sea and documents covering non-traditional security threats, economic co-operation and agricultural co-operation in November 2002, and the Joint Declaration on Strategic. Chapter Five: Finding and Analysis This chapter provides a quantitative and qualitative analysis of the date collected throughout this research. It provides an analysis of how the rise of China is promoting peace in the region. China has been promoting mutual beneficial trade and security co-operation which has increased its influence in the region. China has also been able to solve most of the territorial and border dispute in the region through ASEAN. Thus, ASEAN has amended Chinas relations with other countries in the region. Therefore, Chinas foreign policy in the region has a big impact in shaping the dynamic relations in East Asia. Conclusion and Recommendations This paper concluded that the relationships between China and ASEAN are contributing to peace in the region. After China engaged ASEAN, it has been able to promote multilateral trade based on mutual benefit. This is clearly emphasized by the CAFTA. Additionally, China has solved most of the dispute in the region. It has also found way for a peaceful resolution of the dispute over Spratly Island. Nowadays, the ASEAN countries dont see China as a threat to the region. Nevertheless, theyve adopted deterrence measures such as establishing diplomatic relations with other big powers in the region to assure that the region continues to grow peacefully. Concerning this deterrence measures, I recommend as another way for a continued peaceful growth, the resolution of the outstanding dispute.
Resumo:
The arbuscular mycorrhizal symbiosis is formed between arbuscular mycorrhizal fungi (AMF) and plant roots. The fungi provide the plant with inorganic phosphate (P). The symbiosis can result in increased plant growth. Although most global food crops naturally form this symbiosis, very few studies have shown that their practical application can lead to large-scale increases in food production. Application of AMF to crops in the tropics is potentially effective for improving yields. However, a main problem of using AMF on a large-scale is producing cheap inoculum in a clean sterile carrier and sufficiently concentrated to cheaply transport. Recently, mass-produced in vitro inoculum of the model mycorrhizal fungus Rhizophagus irregularis became available, potentially making its use viable in tropical agriculture. One of the most globally important food plants in the tropics is cassava. We evaluated the effect of in vitro mass-produced R. irregularis inoculum on the yield of cassava crops at two locations in Colombia. A significant effect of R. irregularis inoculation on yield occurred at both sites. At one site, yield increases were observed irrespective of P fertilization. At the other site, inoculation with AMF and 50% of the normally applied P gave the highest yield. Despite that AMF inoculation resulted in greater food production, economic analyses revealed that AMF inoculation did not give greater return on investment than with conventional cultivation. However, the amount of AMF inoculum used was double the recommended dose and was calculated with European, not Colombian, inoculum prices. R. irregularis can also be manipulated genetically in vitro, leading to improved plant growth. We conclude that application of in vitro R. irregularis is currently a way of increasing cassava yields, that there is a strong potential for it to be economically profitable and that there is enormous potential to improve this efficiency further in the future.
Resumo:
166 countries have some kind of public old age pension. What economic forcescreate and sustain old age Social Security as a public program? Mulligan and Sala-i-Martin (1999b) document several of the internationally and historically common features of social security programs, and explore "political" theories of Social Security. This paper discusses the "efficiency theories", which view creation of the SS program as a full of partial solution to some market failure. Efficiency explanations of social security include the "SS as welfare for the elderly" the "retirement increases productivity to optimally manage human capital externalities", "optimal retirement insurance", the "prodigal father problem", the "misguided Keynesian", the "optimal longevity insurance", the "governmenteconomizing transaction costs", and the "return on human capital investment". We also analyze four "narrative" theories of social security: the "chain letter theory", the "lump of labor theory", the "monopoly capitalism theory", and the "Sub-but-Nearly-Optimal policy response to private pensions theory".The political and efficiency explanations are compared with the international and historical facts and used to derive implications for replacing the typical pay-as-you-go system with a forced savings plan. Most of the explanations suggest that forced savings does not increase welfare, and may decrease it.
Resumo:
This paper quantifies the effects of social security on capital accumulation and wealth distribution in a life cycle framework with altruistic individuals. The main findings of this paper are that the current U.S. social security system has a significant impact on capital accumulation and wealth distribution. I find that social security crowds out 8\% of the capital stock of an economy without social security. This effect is driven by the distortions of labor supply due to the taxation of labor income rather than by the intergenerational redistribution of income imposed by the social security system. In contrast to previous analysis of social security, I found that social security does not affect the savings rate of the economy. Another interesting finding is that even though the current U.S. social security system is progressive in its benefits, it may lead to a more disperse distribution of wealth.
Resumo:
This paper uses Social Security records to study internal migrationin Spain. This is the first paper that uses this data source, whichhas some advantages with respect to existing data sources: it includesonly job-seeking migrants and it allows to identify temporary migration. Within the framework of an extended gravity model, we estimate a Generalized Negative Binomial regression on gross migration flows between provinces. We quantify the effect of local labor market imbalances on workers' mobility and discuss the equilibrating role of internal migration in Spain. Our main results show that the effect of employment opportunities have changed after 1984; migrants seem to be more responsive to economic conditions but, consistently with previous studies for the Spanish labor market, the migration response to wage differentials is wrongly signed. Our analysis also confirms the larger internal mobility of highly qualified workers.
Resumo:
There is no doubt about the necessity of protecting digital communication: Citizens are entrusting their most confidential and sensitive data to digital processing and communication, and so do governments, corporations, and armed forces. Digital communication networks are also an integral component of many critical infrastructures we are seriously depending on in our daily lives. Transportation services, financial services, energy grids, food production and distribution networks are only a few examples of such infrastructures. Protecting digital communication means protecting confidentiality and integrity by encrypting and authenticating its contents. But most digital communication is not secure today. Nevertheless, some of the most ardent problems could be solved with a more stringent use of current cryptographic technologies. Quite surprisingly, a new cryptographic primitive emerges from the ap-plication of quantum mechanics to information and communication theory: Quantum Key Distribution. QKD is difficult to understand, it is complex, technically challenging, and costly-yet it enables two parties to share a secret key for use in any subsequent cryptographic task, with an unprecedented long-term security. It is disputed, whether technically and economically fea-sible applications can be found. Our vision is, that despite technical difficulty and inherent limitations, Quantum Key Distribution has a great potential and fits well with other cryptographic primitives, enabling the development of highly secure new applications and services. In this thesis we take a structured approach to analyze the practical applicability of QKD and display several use cases of different complexity, for which it can be a technology of choice, either because of its unique forward security features, or because of its practicability.
Resumo:
Multiobjective matrix games have been traditionally analyzed from two different points of view: equiibrium concepts and security strategies. This paper is based upon the idea that both players try to reach equilibrium points playing pairs of security strategies, as it happens in scalar matrix games. We show conditions guaranteeing the existence of equilibria in security strategies, named security equilibria
Resumo:
Rsum La cryptographie classique est base sur des concepts mathmatiques dont la scurit dpend de la complexit du calcul de l'inverse des fonctions. Ce type de chiffrement est la merci de la puissance de calcul des ordinateurs ainsi que la dcouverte d'algorithme permettant le calcul des inverses de certaines fonctions mathmatiques en un temps raisonnable . L'utilisation d'un procd dont la scurit est scientifiquement prouve s'avre donc indispensable surtout les changes critiques (systmes bancaires, gouvernements,...). La cryptographie quantique rpond ce besoin. En effet, sa scurit est base sur des lois de la physique quantique lui assurant un fonctionnement inconditionnellement scuris. Toutefois, l'application et l'intgration de la cryptographie quantique sont un souci pour les dveloppeurs de ce type de solution. Cette thse justifie la ncessit de l'utilisation de la cryptographie quantique. Elle montre que le cot engendr par le dploiement de cette solution est justifi. Elle propose un mcanisme simple et ralisable d'intgration de la cryptographie quantique dans des protocoles de communication largement utiliss comme les protocoles PPP, IPSec et le protocole 802.1li. Des scnarios d'application illustrent la faisabilit de ces solutions. Une mthodologie d'valuation, selon les critres communs, des solutions bases sur la cryptographie quantique est galement propose dans ce document. Abstract Classical cryptography is based on mathematical functions. The robustness of a cryptosystem essentially depends on the difficulty of computing the inverse of its one-way function. There is no mathematical proof that establishes whether it is impossible to find the inverse of a given one-way function. Therefore, it is mandatory to use a cryptosystem whose security is scientifically proven (especially for banking, governments, etc.). On the other hand, the security of quantum cryptography can be formally demonstrated. In fact, its security is based on the laws of physics that assure the unconditional security. How is it possible to use and integrate quantum cryptography into existing solutions? This thesis proposes a method to integrate quantum cryptography into existing communication protocols like PPP, IPSec and the 802.l1i protocol. It sketches out some possible scenarios in order to prove the feasibility and to estimate the cost of such scenarios. Directives and checkpoints are given to help in certifying quantum cryptography solutions according to Common Criteria.
Resumo:
Multiobjective matrix games have been traditionally analyzed from two different points of view: equiibrium concepts and security strategies. This paper is based upon the idea that both players try to reach equilibrium points playing pairs of security strategies, as it happens in scalar matrix games. We show conditions guaranteeing the existence of equilibria in security strategies, named security equilibria
Resumo:
Energy security is an important topic on the world agenda and has augmented its importance since the term peak oil was coined. Energy security is a crucial issue for most countries but some are more dependent on foreign supply than others. Traditionally, the Baltic States have been dependent on Russia for much of their oil and gas supplies, which makes them vulnerable to political pressure. Therefore, energy security, that is ensuring sufficient supply and safe delivery and in this case reduce dependency on a single provider Russia, entails a conspicuous foreign policy dimension. Estonia, Latvia and Lithuania have been described as energy islands within the EU. This paper tries to answer the question if energy security of the Baltic States has improved since their accession to the EU in 2004. Additionally, it will analyse the prospects of energy security, noting that one of the Lithuanian aims during its European presidency in 2013 is to improve energy security of the Baltic States by fostering cooperation with EU member states.
Resumo:
The Institute has professionals with extensive experience in training, specifically with experience in the field of police and emergencies training. Moreover, it also has very talented people. But above all, our institution has public professionals with a desire to serve, who love security and emergency responders and want to provide them with the best knowledge to make them every day better professionals. In the quest for continuous training improvement, its during 2009 when e-learning begins to have a presence at the Institute. Virtual training methodology becomes a facilitator for the training of various professionals, avoiding geographical displacement and easing the class schedule.
Resumo:
EXECUTIVE SUMMARY : Evaluating Information Security Posture within an organization is becoming a very complex task. Currently, the evaluation and assessment of Information Security are commonly performed using frameworks, methodologies and standards which often consider the various aspects of security independently. Unfortunately this is ineffective because it does not take into consideration the necessity of having a global and systemic multidimensional approach to Information Security evaluation. At the same time the overall security level is globally considered to be only as strong as its weakest link. This thesis proposes a model aiming to holistically assess all dimensions of security in order to minimize the likelihood that a given threat will exploit the weakest link. A formalized structure taking into account all security elements is presented; this is based on a methodological evaluation framework in which Information Security is evaluated from a global perspective. This dissertation is divided into three parts. Part One: Information Security Evaluation issues consists of four chapters. Chapter 1 is an introduction to the purpose of this research purpose and the Model that will be proposed. In this chapter we raise some questions with respect to "traditional evaluation methods" as well as identifying the principal elements to be addressed in this direction. Then we introduce the baseline attributes of our model and set out the expected result of evaluations according to our model. Chapter 2 is focused on the definition of Information Security to be used as a reference point for our evaluation model. The inherent concepts of the contents of a holistic and baseline Information Security Program are defined. Based on this, the most common roots-of-trust in Information Security are identified. Chapter 3 focuses on an analysis of the difference and the relationship between the concepts of Information Risk and Security Management. Comparing these two concepts allows us to identify the most relevant elements to be included within our evaluation model, while clearing situating these two notions within a defined framework is of the utmost importance for the results that will be obtained from the evaluation process. Chapter 4 sets out our evaluation model and the way it addresses issues relating to the evaluation of Information Security. Within this Chapter the underlying concepts of assurance and trust are discussed. Based on these two concepts, the structure of the model is developed in order to provide an assurance related platform as well as three evaluation attributes: "assurance structure", "quality issues", and "requirements achievement". Issues relating to each of these evaluation attributes are analysed with reference to sources such as methodologies, standards and published research papers. Then the operation of the model is discussed. Assurance levels, quality levels and maturity levels are defined in order to perform the evaluation according to the model. Part Two: Implementation of the Information Security Assurance Assessment Model (ISAAM) according to the Information Security Domains consists of four chapters. This is the section where our evaluation model is put into a welldefined context with respect to the four pre-defined Information Security dimensions: the Organizational dimension, Functional dimension, Human dimension, and Legal dimension. Each Information Security dimension is discussed in a separate chapter. For each dimension, the following two-phase evaluation path is followed. The first phase concerns the identification of the elements which will constitute the basis of the evaluation: ? Identification of the key elements within the dimension; ? Identification of the Focus Areas for each dimension, consisting of the security issues identified for each dimension; ? Identification of the Specific Factors for each dimension, consisting of the security measures or control addressing the security issues identified for each dimension. The second phase concerns the evaluation of each Information Security dimension by: ? The implementation of the evaluation model, based on the elements identified for each dimension within the first phase, by identifying the security tasks, processes, procedures, and actions that should have been performed by the organization to reach the desired level of protection; ? The maturity model for each dimension as a basis for reliance on security. For each dimension we propose a generic maturity model that could be used by every organization in order to define its own security requirements. Part three of this dissertation contains the Final Remarks, Supporting Resources and Annexes. With reference to the objectives of our thesis, the Final Remarks briefly analyse whether these objectives were achieved and suggest directions for future related research. Supporting resources comprise the bibliographic resources that were used to elaborate and justify our approach. Annexes include all the relevant topics identified within the literature to illustrate certain aspects of our approach. Our Information Security evaluation model is based on and integrates different Information Security best practices, standards, methodologies and research expertise which can be combined in order to define an reliable categorization of Information Security. After the definition of terms and requirements, an evaluation process should be performed in order to obtain evidence that the Information Security within the organization in question is adequately managed. We have specifically integrated into our model the most useful elements of these sources of information in order to provide a generic model able to be implemented in all kinds of organizations. The value added by our evaluation model is that it is easy to implement and operate and answers concrete needs in terms of reliance upon an efficient and dynamic evaluation tool through a coherent evaluation system. On that basis, our model could be implemented internally within organizations, allowing them to govern better their Information Security. RSUM : Contexte gnral de la thse L'valuation de la scurit en gnral, et plus particulirement, celle de la scurit de l'information, est devenue pour les organisations non seulement une mission cruciale raliser, mais aussi de plus en plus complexe. A l'heure actuelle, cette valuation se base principalement sur des mthodologies, des bonnes pratiques, des normes ou des standards qui apprhendent sparment les diffrents aspects qui composent la scurit de l'information. Nous pensons que cette manire d'valuer la scurit est inefficiente, car elle ne tient pas compte de l'interaction des diffrentes dimensions et composantes de la scurit entre elles, bien qu'il soit admis depuis longtemps que le niveau de scurit globale d'une organisation est toujours celui du maillon le plus faible de la chane scuritaire. Nous avons identifi le besoin d'une approche globale, intgre, systmique et multidimensionnelle de l'valuation de la scurit de l'information. En effet, et c'est le point de dpart de notre thse, nous dmontrons que seule une prise en compte globale de la scurit permettra de rpondre aux exigences de scurit optimale ainsi qu'aux besoins de protection spcifiques d'une organisation. Ainsi, notre thse propose un nouveau paradigme d'valuation de la scurit afin de satisfaire aux besoins d'efficacit et d'efficience d'une organisation donne. Nous proposons alors un modle qui vise valuer d'une manire holistique toutes les dimensions de la scurit, afin de minimiser la probabilit qu'une menace potentielle puisse exploiter des vulnrabilits et engendrer des dommages directs ou indirects. Ce modle se base sur une structure formalise qui prend en compte tous les lments d'un systme ou programme de scurit. Ainsi, nous proposons un cadre mthodologique d'valuation qui considre la scurit de l'information partir d'une perspective globale. Structure de la thse et thmes abords Notre document est structur en trois parties. La premire intitule : La problmatique de l'valuation de la scurit de l'information est compose de quatre chapitres. Le chapitre 1 introduit l'objet de la recherche ainsi que les concepts de base du modle d'valuation propos. La manir traditionnelle de l'valuation de la scurit fait l'objet d'une analyse critique pour identifier les lments principaux et invariants prendre en compte dans notre approche holistique. Les lments de base de notre modle d'valuation ainsi que son fonctionnement attendu sont ensuite prsents pour pouvoir tracer les rsultats attendus de ce modle. Le chapitre 2 se focalise sur la dfinition de la notion de Scurit de l'Information. Il ne s'agit pas d'une redfinition de la notion de la scurit, mais d'une mise en perspectives des dimensions, critres, indicateurs utiliser comme base de rfrence, afin de dterminer l'objet de l'valuation qui sera utilis tout au long de notre travail. Les concepts inhrents de ce qui constitue le caractre holistique de la scurit ainsi que les lments constitutifs d'un niveau de rfrence de scurit sont dfinis en consquence. Ceci permet d'identifier ceux que nous avons dnomms les racines de confiance . Le chapitre 3 prsente et analyse la diffrence et les relations qui existent entre les processus de la Gestion des Risques et de la Gestion de la Scurit, afin d'identifier les lments constitutifs du cadre de protection inclure dans notre modle d'valuation. Le chapitre 4 est consacr la prsentation de notre modle d'valuation Information Security Assurance Assessment Model (ISAAM) et la manire dont il rpond aux exigences de l'valuation telle que nous les avons pralablement prsentes. Dans ce chapitre les concepts sous-jacents relatifs aux notions d'assurance et de confiance sont analyss. En se basant sur ces deux concepts, la structure du modle d'valuation est dveloppe pour obtenir une plateforme qui offre un certain niveau de garantie en s'appuyant sur trois attributs d'valuation, savoir : la structure de confiance , la qualit du processus , et la ralisation des exigences et des objectifs . Les problmatiques lies chacun de ces attributs d'valuation sont analyses en se basant sur l'tat de l'art de la recherche et de la littrature, sur les diffrentes mthodes existantes ainsi que sur les normes et les standards les plus courants dans le domaine de la scurit. Sur cette base, trois diffrents niveaux d'valuation sont construits, savoir : le niveau d'assurance, le niveau de qualit et le niveau de maturit qui constituent la base de l'valuation de l'tat global de la scurit d'une organisation. La deuxime partie: L'application du Modle d'valuation de l'assurance de la scurit de l'information par domaine de scurit est elle aussi compose de quatre chapitres. Le modle d'valuation dj construit et analys est, dans cette partie, mis dans un contexte spcifique selon les quatre dimensions prdfinies de scurit qui sont: la dimension Organisationnelle, la dimension Fonctionnelle, la dimension Humaine, et la dimension Lgale. Chacune de ces dimensions et son valuation spcifique fait l'objet d'un chapitre distinct. Pour chacune des dimensions, une valuation en deux phases est construite comme suit. La premire phase concerne l'identification des lments qui constituent la base de l'valuation: ? Identification des lments cls de l'valuation ; ? Identification des Focus Area pour chaque dimension qui reprsentent les problmatiques se trouvant dans la dimension ; ? Identification des Specific Factors pour chaque Focus Area qui reprsentent les mesures de scurit et de contrle qui contribuent rsoudre ou diminuer les impacts des risques. La deuxime phase concerne l'valuation de chaque dimension prcdemment prsentes. Elle est constitue d'une part, de l'implmentation du modle gnral d'valuation la dimension concerne en : ? Se basant sur les lments spcifis lors de la premire phase ; ? Identifiant les taches scuritaires spcifiques, les processus, les procdures qui auraient d tre effectus pour atteindre le niveau de protection souhait. D'autre part, l'valuation de chaque dimension est complte par la proposition d'un modle de maturit spcifique chaque dimension, qui est considrer comme une base de rfrence pour le niveau global de scurit. Pour chaque dimension nous proposons un modle de maturit gnrique qui peut tre utilis par chaque organisation, afin de spcifier ses propres exigences en matire de scurit. Cela constitue une innovation dans le domaine de l'valuation, que nous justifions pour chaque dimension et dont nous mettons systmatiquement en avant la plus value apporte. La troisime partie de notre document est relative la validation globale de notre proposition et contient en guise de conclusion, une mise en perspective critique de notre travail et des remarques finales. Cette dernire partie est complte par une bibliographie et des annexes. Notre modle d'valuation de la scurit intgre et se base sur de nombreuses sources d'expertise, telles que les bonnes pratiques, les normes, les standards, les mthodes et l'expertise de la recherche scientifique du domaine. Notre proposition constructive rpond un vritable problme non encore rsolu, auquel doivent faire face toutes les organisations, indpendamment de la taille et du profil. Cela permettrait ces dernires de spcifier leurs exigences particulires en matire du niveau de scurit satisfaire, d'instancier un processus d'valuation spcifique leurs besoins afin qu'elles puissent s'assurer que leur scurit de l'information soit gre d'une manire approprie, offrant ainsi un certain niveau de confiance dans le degr de protection fourni. Nous avons intgr dans notre modle le meilleur du savoir faire, de l'exprience et de l'expertise disponible actuellement au niveau international, dans le but de fournir un modle d'valuation simple, gnrique et applicable un grand nombre d'organisations publiques ou prives. La valeur ajoute de notre modle d'valuation rside prcisment dans le fait qu'il est suffisamment gnrique et facile implmenter tout en apportant des rponses sur les besoins concrets des organisations. Ainsi notre proposition constitue un outil d'valuation fiable, efficient et dynamique dcoulant d'une approche d'valuation cohrente. De ce fait, notre systme d'valuation peut tre implment l'interne par l'entreprise elle-mme, sans recourir des ressources supplmentaires et lui donne galement ainsi la possibilit de mieux gouverner sa scurit de l'information.
Resumo:
JXME es la especificacin de JXTA para dispositivos mviles con J2ME. Hay dos versiones diferentes de la aplicacin JXME disponibles, cada una especfica para un determinado conjunto de dispositivos, de acuerdo con sus capacidades. El principal valor de JXME es su simplicidad para crear peer-to-peer (P2P) en dispositivos limitados. Adems de evaluar las funciones JXME, tambin es importante tener en cuenta el nivel de seguridad por defecto que se proporciona. Este artculo presenta un breve anlisis de la situacin actual de la seguridad en JXME, centrndose en la versin JXME-Proxyless, identifica las vulnerabilidades existentes y propone mejoras en este campo.
Resumo:
The JXTA-Overlay project is an effort to use JXTA technologyto provide a generic set of functionalities that can be used by developers to deploy P2P applications. Since its design mainly focuses on issues such as scalability or overall performance, it does not take security into account. However, as P2P applications have evolved to fulfill more complex scenarios, security has become a very important aspect to take into account when evaluating a P2P framework. This work proposes a security extension specifically suited to JXTA-Overlays idiosyncrasies, providing an acceptable solution to some of its current shortcomings.
