908 resultados para Security-critical software
Resumo:
The present work offers a brief historical and evolutionary introduction to the legal basis of the Portuguese Republic Intelligence System (SIRP) which comprises two services – the Security Intelligence Service (SIS) and the Defence Strategic Intelligence Service (SIED) – and two entities responsible for its oversight – the Supervisory Body (CFSIRP) and the Data Monitoring Committee (CFD), also responsible for supervising the Military Intelligence and Security Centre (CISMIL) of the General Staff of the Armed Forces (EMGFA). The initial narrative subsequently leads us to a detailed analysis of the Portuguese Intelligence services' current model of monitoring, as well as of the legislator’s options, namely in the legal drafting field, used within the construction and definition of the legal structure that currently regulates the Portuguese Republic Intelligence System. For the purposes of this study we have broadly examined different models of the European Union, in particular those of Belgium, the Netherlands and Croatia. We have also transposed to the text the valuable contributions collected during the research phase, more precisely the replies to questionnaires and interviews conducted with certain individuals selected according to their knowledge and affinity with the subject of this study, including members and former members of the Supervisory Body and former directors of the three portuguese intelligence services. The present dissertation intends to contribute to the development of this subject, promoting critical analysis, within and beyond the academia, with the aim that some of its reflections might be useful towards the intelligence system’s future reform, particularly in what concerns intelligence services monitoring.
Resumo:
Information systems are widespread and used by anyone with computing devices as well as corporations and governments. It is often the case that security leaks are introduced during the development of an application. Reasons for these security bugs are multiple but among them one can easily identify that it is very hard to define and enforce relevant security policies in modern software. This is because modern applications often rely on container sharing and multi-tenancy where, for instance, data can be stored in the same physical space but is logically mapped into different security compartments or data structures. In turn, these security compartments, to which data is classified into in security policies, can also be dynamic and depend on runtime data. In this thesis we introduce and develop the novel notion of dependent information flow types, and focus on the problem of ensuring data confidentiality in data-centric software. Dependent information flow types fit within the standard framework of dependent type theory, but, unlike usual dependent types, crucially allow the security level of a type, rather than just the structural data type itself, to depend on runtime values. Our dependent function and dependent sum information flow types provide a direct, natural and elegant way to express and enforce fine grained security policies on programs. Namely programs that manipulate structured data types in which the security level of a structure field may depend on values dynamically stored in other fields The main contribution of this work is an efficient analysis that allows programmers to verify, during the development phase, whether programs have information leaks, that is, it verifies whether programs protect the confidentiality of the information they manipulate. As such, we also implemented a prototype typechecker that can be found at http://ctp.di.fct.unl.pt/DIFTprototype/.
Resumo:
A permanently changing occidental society framework, simultaneously, to a world Globalization and a market liberalization, requires to know how important and which role the agents plays, in Estates representation, to guarantee their own intern security. Portugal is an example of that since has been integrated in European and world politics that allowed the borders opening, with all the negative consequences of that kind of measures. In way to struggle with those debilities emerge, in our Juridical Order, several security forces such as Prison Guards Corporation, whose contribute to intern security seems undefined and confuse, being urgent legislation in way to describe and clearly define their goals and functions. We begin with a brief history view to understand the evolution, focusing on the present moment, correlate several laws in way to clarify their juridical situation. Using a own critical sense, it draws attention to legislation lack problem in opposition to the conclusion that, Prison Guards Corporation is a security force with specialized expertise in matter and territory fields. Their activity occurs, generally, in penitentiaries where people see themselves without their freedom, legally determinated and confined to places as other individuals with deviant behaviors that deserve society refutation, establishing a separation period having rehabilitation as a goal – it is called general and special prevention. Penitentiaries specificities requires specially police force because penitentiaries are places where tensions are often, both between inmates and against employees, above all prison guards, the first to struggle inmates daily frustrations. In way that institutions achieve their purpose, it is necessary that citizens respect all the rules, although, to their efficacy is necessary to inflict punishment to those who did not respect the rules. Furthermore, it will be indispensable to act immediately in situations as impeding runaway helping, illegally standing in jail and to avoid violent acts against personal and patrimonial belongings. Juridical Order has a few security tools that are available to administration, in which is included coercive methods, that as damaging to citizens in whom they are use, are restricted, unavoidably, to inflexible control rules. Concluding, Prison Guards and Penitentiaries General Direction last goal is to give back recovered inmates to society, in a way to conduct their lives responsibly, without committing crimes.
Resumo:
Forgiveness has been subject of interest, mainly in the psychology fields of study. Relatively to the organizational context, this topic has been somehow put aside and settled as something that is purely an intra-individual phenomenon which organizations cannot force, or even stimulate. As conflicts are common within organizations and being often difficult to overcome, eyes have turned into the role forgiveness might take in this scenario. Despite forgiveness being accepted as an intrapersonal decision and a result of predisposition as it is a result of education and culture. This study, as some already done, refuses to accept forgiveness as an unchangeable behavior that cannot be manipulated or induced by managers or by organizational context. Therefore, offering a set of incidents as well as their classification, that have been identified by individuals performing different types organizational roles in different organization which is believed as being a genuine way of delivering to the reader a set of actions and behaviors that if taken, may incentivize or inhibit forgiveness.
Resumo:
A critical analysis of the type collections of 39 species names of Paspalum L. (Poaceae: Paniceae) from Brazil described by Swallen is presented along with comments based on more recent gatherings of the species. Eighteen new synonyms are proposed.
Resumo:
Os estudos da satisfação e lealdade do cliente em ambiente Business-to-Business têm emergido devido ao interesse práctico e académico. Recorreu-se a um caso práctico de uma empresa de software internacional, ESRI, a operar em Portugal com modelo de negócio B2B e comportamento de compra extensivo. Desenvolveu-se um modelo estrutural com 11 variáveis latentes: lealdade; satisfação; imagem; atmosfera; cooperação; adaptação; processos; tecnologia; orientação ao cliente; competências; colaboradores e comunicação. Foram analisadas 304 respostas ao questionário de satisfação e de seguida aplicou-se o modelo a seis grupos de clientes segmentados de acordo com a contribuição do cliente para as receitas e o comportamento no processo de decisão de compra. Recorreu-se a modelos SEM (Structural Equation Modelling) com estimação dos parâmetros através da metodologia PLS (partial Least Squares). Os resultados mostram nos seis segmentos, que os valores da empresa, a cooperação através da competência dos colaboradores e da orientação ao cliente e a tecnologia são factores mais importantes para a satisfação e lealdade dos clientes.
Resumo:
Security risk management is by definition, a subjective and complex exercise and it takes time to perform properly. Human resources are fundamental assets for any organization, and as any other asset, they have inherent vulnerabilities that need to be handled, i.e. managed and assessed. However, the nature that characterize the human behavior and the organizational environment where they develop their work turn these task extremely difficult, hard to accomplish and prone to errors. Assuming security as a cost, organizations are usually focused on the efficiency of the security mechanisms implemented that enable them to protect against external attacks, disregarding the insider risks, which are much more difficult to assess. All these demands an interdisciplinary approach in order to combine technical solutions with psychology approaches in order to understand the organizational staff and detect any changes in their behaviors and characteristics. This paper intends to discuss some methodological challenges to evaluate the insider threats and its impacts, and integrate them in a security risk framework, that was defined according to the security standard ISO/IEC_JTC1, to support the security risk management process.
Resumo:
This work was supported by FCT (Fundação para a Ciência e Tecnologia) within Project Scope (UID/CEC/00319/2013), by LIP (Laboratório de Instrumentação e Física Experimental de Partículas) and by Project Search-ON2 (NORTE-07-0162- FEDER-000086), co-funded by the North Portugal Regional Operational Programme (ON.2 - O Novo Norte), under the National Strategic Reference Framework, through the European Regional Development Fund.
Resumo:
Dissertação de Mestrado em Engenharia Informática
Resumo:
An increasing number of m-Health applications are being developed benefiting health service delivery. In this paper, a new methodology based on the principle of calm computing applied to diagnostic and therapeutic procedure reporting is proposed. A mobile application was designed for the physicians of one of the Portuguese major hospitals, which takes advantage of a multi-agent interoperability platform, the Agency for the Integration, Diffusion and Archive (AIDA). This application allows the visualization of inpatients and outpatients medical reports in a quicker and safer manner, in addition to offer a remote access to information. This project shows the advantages in the use of mobile software in a medical environment but the first step is always to build or use an interoperability platform, flexible, adaptable and pervasive. The platform offers a comprehensive set of services that restricts the development of mobile software almost exclusively to the mobile user interface design. The technology was tested and assessed in a real context by intensivists.
Resumo:
PhD thesis in Bioengineering
Resumo:
Tese de Doutoramento em Tecnologias e Sistemas de Informação
Resumo:
Tese de Doutoramento em Ciências da Educação - Especialidade de Desenvolvimento Curricular
Resumo:
Tese de Doutoramento em Ciências da Educação - Especialidade em Política Educativa
Resumo:
Tese de Doutoramento em Ciências da Educação (Área de Conhecimento: Educação ambiental e para a Sustentabilidade)
