834 resultados para IT Security, Internet, Personal Firewall, Security Mechanism, Security System, Security Threat, Security Usability, Security Vulnerability
Resumo:
Includes bibliography
Resumo:
Includes bibliography
Resumo:
This edition of the Bulletin is based on a document prepared by ECLAC and the Technical Coordination Committee of the presidential initiative for Regional Infrastructure Integration in South America (IIRSA), which is composed of the Inter-American Development Bank (IDB), the Andean Development Corporation (ADC) and the Financial Fund for the Development of the River Plate Basin (FONPLATA). The document was prepared as a joint activity on maritime and port security in South America in the context of the IIRSA sectoral integration process in relation to operational systems for maritime transport. It served as an input for the meeting on that subject held by representatives of the authorities of the South American countries in Montevideo, Uruguay, on 22 June 2004.This edition presents the results of the implementation cost assessment for the new compulsory regulations for maritime and port security of the International Maritime Organization (IMO) and also considers the costs of the voluntary measures.
Resumo:
The ALRED construction is a lightweight strategy for constructing message authentication algorithms from an underlying iterated block cipher. Even though this construction's original analyses show that it is secure against some attacks, the absence of formal security proofs in a strong security model still brings uncertainty on its robustness. In this paper, aiming to give a better understanding of the security level provided by different authentication algorithms based on this design strategy, we formally analyze two ALRED variants-the MARVIN message authentication code and the LETTERSOUP authenticated-encryption scheme,-bounding their security as a function of the attacker's resources and of the underlying cipher's characteristics.
Resumo:
The huge transformations that occurred in the last two decades had impacts on the standards of food production and consumption, and determined a wider discussion in Brazil about the theme of food and nutrition security. It has also expanded the scope of it, which now considers nourishing aspects regarding the entire population and not only its most vulnerable segments. This research identified different meanings present in the speech about food and nutrition security, terms incorporated by movements and civil society organizations that were represented at the National Council for Food and Nutrition Security (administration 2004-2007). Thematic appropriation could be observed in the following directions: a) privileging the interaction between thematic fields from both production and consumption spheres; b) strengthening the idea of nutrition as a human right; c) including an ethical goal to the country's development; d) development of an intra and intersectorial perspective; e) identifying the need of dialogic and freeing educational processes.
Resumo:
Food and Nutrition Security (FNS) must be ensured to everybody. The school environment is favorable to the formation of healthy habits and citizenship. The National Curriculum Parameters (PCNs) guide the promotion of health concepts in a transversal way in the school curriculum. This study aimed to identify and analyze the approach used for food and nutrition themes in Fundamental Education's teaching material and its interface with the concept of FNS and the PCNs. Documental research was conducted on the teaching material from 5th to 8th grades of Fundamental Education in Public School of the state of Sao Paulo. The diffuse presence of food and nutrition themes was found in most disciplines in all bimesters in the four series, which shows the interdisciplinarity in health. It was found that the PCNs are related to the concept of SAN in its various aspects and that most subjects include topics that approach this relationship. In the correlation between themes, there is emphasis to health promotion and food production. The methodology used in the teaching material presents the theme, but not the correspondent content, what made the analysis of its suitability impossible. We conclude that there is the approach of the issues related to food and nutrition in the teaching material, some of them in an inconsistent way; it is the educators' task to select the contents and the appropriate strategy, doing an effort of constant update. This isbeing proposed by the State, however it is not accessible to all professionals and therefore still depends on the initiative of each teacher.
Resumo:
The activity of the Ph.D. student Juri Luca De Coi involved the research field of policy languages and can be divided in three parts. The first part of the Ph.D. work investigated the state of the art in policy languages, ending up with: (i) identifying the requirements up-to-date policy languages have to fulfill; (ii) defining a policy language able to fulfill such requirements (namely, the Protune policy language); and (iii) implementing an infrastructure able to enforce policies expressed in the Protune policy language. The second part of the Ph.D. work focused on simplifying the activity of defining policies and ended up with: (i) identifying a subset of the controlled natural language ACE to express Protune policies; (ii) implementing a mapping between ACE policies and Protune policies; and (iii) adapting the ACE Editor to guide users step by step when defining ACE policies. The third part of the Ph.D. work tested the feasibility of the chosen approach by applying it to meaningful real-world problems, among which: (i) development of a security layer on top of RDF stores; and (ii) efficient policy-aware access to metadata stores. The research activity has been performed in tight collaboration with the Leibniz Universitt Hannover and further European partners within the projects REWERSE, TENCompetence and OKKAM.
Resumo:
The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness. Security testing methodologies are the first step towards standardized security evaluation processes and understanding of how the security threats evolve over time. This dissertation analyzes some of the most used identifying differences and commonalities, useful to compare them and assess their quality. The dissertation then proposes a new enhanced methodology built by keeping the best of every analyzed methodology. The designed methodology is tested over different systems with very effective results, which is the main evidence that it could really be applied in practical cases. Most of the dissertation discusses and proves how the presented testing methodology could be applied to such different systems and even to evade security measures by inverting goals and scopes. Real cases are often hard to find in methodology' documents, in contrary this dissertation wants to show real and practical cases offering technical details about how to apply it. Electronic voting systems are the first field test considered, and Pvote and Scantegrity are the two tested electronic voting systems. The usability and effectiveness of the designed methodology for electronic voting systems is proved thanks to this field cases analysis. Furthermore reputation and anti virus engines have also be analyzed with similar results. The dissertation concludes by presenting some general guidelines to build a coordination-based approach of electronic voting systems to improve the security without decreasing the system modularity.
Resumo:
Food Security has become an important issue in the international debate, particularly during the latest economic crisis. It relevant issue also for the Mediterranean Countries (MCs), particularly those of the southern shore, as they are is facing complex economic and social changes. On the one hand there is the necessity to satisfy the increasing and changing food demand of the growing population; on the other hand it is important to promote economic growth and adjust the agricultural production to food demand in a sustainable perspective. The assessment of food security conditions is a challenging task due to the multi-dimensional nature and complexity of the matter. Many papers in the scientific literature focus on the nutritional aspects of food security, while its economic issues have been addressed less frequently and only in recent times. Thus, the main objective of the research is to assess food (in)security conditions in the MCs. The study intends to identify and implement appropriate theoretical concepts and methodological tools to be used in the assessment of food security, with a particular emphasis on its economic dimension within MCs. The study follows a composite methodological approach, based on the identification and selection of a number of relevant variables, a refined set of indicators is identified by means of a two-step Principal Component Analysis applied to 90 countries and the PCA findings have been studied with particular attention to the MCs food security situation. The results of the study show that MCs have an higher economic development compared to low-income countries, however the economic and social disparities of this area show vulnerability to food (in)security, due to: dependency on food imports, lack of infrastructure and agriculture investment, climate condition and political stability and inefficiency. In conclusion, the main policy implications of food (in)security conditions in MCs are discussed.
Resumo:
The times following international or civil conflicts but also violent revolutions often come with unequal share of the peace dividend for men and women. Delusions for women who gained freedom of movement and of roles during conflict but had to step back during reconstruction and peace have been recorded in all regions of the world. The emergence of peacebuilding as a modality for the international community to ensure peace and security has slowly incorporated gender sensitivity at the level of legal and policy instruments. Focusing on Rwanda, a country that has obtained significant gender advancement in the years after the genocide while also obtaining to not relapse into conflict, this research explores to what extent the international community has contributed to this transformation. From a review of evaluations, findings are that many of the interventions did not purse gender equality, and overall the majority understood gender and designed actions is a quite superficial way which would hardly account for the significative advancement in combating gender discrimination that the Government, for its inner political will, is conducting. Then, after a critique from a feminist standpoint to the concept of human security, departing from the assumption (sustained by the Governemnt of Rwanda as well) that domestic violence is a variable influencing level of security relevant at the national level, a review of available secondary data on GBV is conducted an trends over the years analysed. The emerging trends signal a steep increase in prevalence of GBV and in domestic violence in particular. Although no conclusive interpretation can be formulated on these data, there are elements suggesting the increase might be due to augmented reporting. The research concludes outlining possible further research pathways to better understand the link in Rwanda between the changing gender norms and the GBV.
Resumo:
Lavanzare delle tecnologie ICT e labbattimento dei costi di produzione hanno portato ad un aumento notevole della criminalit informatica. Tuttavia il cambiamento non stato solamente quantitativo, infatti si pu assistere ad un paradigm-shift degli attacchi informatici da completamente opportunistici, ovvero senza un target specico, ad attacchi mirati aventi come obiettivo una particolare persona, impresa o nazione. Lo scopo della mia tesi quello di analizzare modelli e tassonomie sia di attacco che di difesa, per poi valutare una eettiva strategia di difesa contro gli attacchi mirati. Il lavoro stato svolto in un contesto aziendale come parte di un tirocinio. Come incipit, ho eettuato un attacco mirato contro lazienda in questione per valutare la validit dei sistemi di difesa. Lattacco ha avuto successo, dimostrando linecacia di moderni sistemi di difesa. Analizzando i motivi del fallimento nel rilevare lattacco, sono giunto a formulare una strategia di difesa contro attacchi mirati sotto forma di servizio piuttosto che di prodotto. La mia proposta un framework concettuale, chiamato WASTE (Warning Automatic System for Targeted Events) il cui scopo fornire warnings ad un team di analisti a partire da eventi non sospetti, ed un business process che ho nominato HAZARD (Hacking Approach for Zealot Attack Response and Detection), che modella il servizio completo di difesa contro i targeted attack. Inne ho applicato il processo allinterno dellazienda per mitigare minacce ed attacchi informatici.
Resumo:
La tesi di laurea presentata si inserisce nellampio contesto della Sicurezza Informatica, in particolare tratta il problema del testing dei sistemi di sicurezza concepiti per contrapporsi alle odierne minacce: gli attacchi mirati (Targeted Attacks) ed in generale le minacce avanzate persistenti (Advanced Persistent Threats). Il principale obiettivo del lavoro svolto lo sviluppo e la discussione di una metodologia di test per sistemi di sicurezza focalizzati su questo genere di problemi. Le linee guida proposte hanno lo scopo di aiutare a colmare il divario tra quello che viene testato e quello che in realt`a deve essere affrontato realmente. Le attivit svolte durante la preparazione della tesi sono state sia di tipo teorico, per quanto concerne lo sviluppo di una metodologia per affrontare al meglio il testing di sistemi di sicurezza a fronte di attacchi mirati, che ne di tipo sperimentale in quanto si sono utilizzati tali concetti per lo svolgimento di test su pi strumenti di difesa in uno scenario dinteresse reale.
Resumo:
This work presents first a study of the national and international laws in the fields of safety, security and safeguards. The international treaties and the recommendations issued by the IAEA as well as the national regulations in force in France, the United States and Italy are analyzed. As a result of this, a comparison among them is presented. Given the interest of the Japan Atomic Energy Agency for the aspects of criminal penalties and monetary, also the Japanese case is analyzed. The main part of this work was held at the JAEA in the field of proliferation resistance (PR) and physical protection (PP) of a GEN IV sodium fast reactor. For this purpose the design of the system is completed and the PR & PP methodology is applied to obtain data usable by designers for the improvement of the system itself. Due to the presence of sensitive data, not all the details can be disclosed. The reactor site of a hypothetical and commercial sodium-cooled fast neutron nuclear reactor system (SFR) is used as the target NES for the application of the methodology. The methodology is applied to all the PR and PP scenarios: diversion, misuse and breakout; theft and sabotage. The methodology is applied to the SFR to check if this system meets the target of PR and PP as described in the GIF goal; secondly, a comparison between the SFR and a LWR is performed to evaluate if and how it would be possible to improve the PR&PP of the SFR. The comparison is implemented according to the example development target: achieving PR&PP similar or superior to domestic and international ALWR. Three main actions were performed: implement the evaluation methodology; characterize the PR&PP for the nuclear energy system; identify recommendations for system designers through the comparison.
Resumo:
Questo scritto mira a fare una panoramica dei problemi legati alla sicurezza della comunicazione tra componenti interne dei veicoli e delle soluzioni oggigiorno disponibili. Partendo con una descrizione generale del circuito interno dellauto analizzeremo i suoi punti di accesso e discuteremo i danni prodotti dalla sua manomissione illecita. In seguito vedremo se possibile prevenire tali attacchi dando unocchiata alle soluzioni disponibili e soffermandoci in particolare sui moduli crittografici e le loro applicazioni. Infine presenteremo limplementazione pratica di un protocollo di autenticazione tra ECUs e una dimostrazione matematica della sua sicurezza.
Resumo:
The US penitentiary at Lewisburg, Pennsylvania, was retrofitted in 2008 to offer the countrys first federal Special Management Unit (SMU) program of its kind. This model SMU is designed for federal inmates from around the country identified as the most intractably troublesome, and features double-celling of inmates in tiny spaces, in 23-hour or 24-hour a day lockdown, requiring them to pass through a two-year program of readjustment. These spatial tactics, and the philosophy of punishment underlying them, contrast with the modern reform ideals upon which the prison was designed and built in 1932. The SMU represents the latest punitive phase in American penology, one that neither simply eliminates men as in the premodern spectacle, nor creates the docile, rehabilitated bodies of the modern panopticon; rather, it is a late-modern structure that produces only fear, terror, violence, and death. This SMU represents the latest of the late-modern prisons, similar to other supermax facilities in the US but offering its own unique system of punishment as well. While the prison exists within the system of American law and jurisprudence, it also manifests features of Agambens lawless, camp-like space that emerges during a state of exception, exempt from outside scrutiny with inmate treatment typically beyond the scope of the law.
