866 resultados para RSA encryption
Resumo:
Depuis une quinzaine d’années, on assiste en Belgique francophone au développement d’une politique d’évaluation externe des écoles. Notre étude analyse la réception de cette politique par les acteurs locaux (directeurs et enseignants d’écoles primaires) et intermédiaires (inspecteurs) et montre comment les outils de régulation basés sur les connaissances mis en place par ces acteurs affectent la réception et la légitimité de la politique d’évaluation dans son ensemble. À l’aide de la sociologie de la traduction (Callon & Latour) et de la théorie néoinstitutionnaliste, nous comparons deux modes de construction et de mise en oeuvre de cette politique dans deux zones d’inspection. Dans la première, le dispositif repose pour l’essentiel sur la bureaucratie, tandis que dans la seconde la politique est construite par un réseau d’acteurs locaux et intermédiaires. Nous montrons que 1) les rôles et les stratégies des acteurs intermédiaires diffèrent considérablement ; 2) les différences constatées dans la construction de la politique d’évaluation (co-construction des outils par un réseau d’acteurs intermédiaires d’un côté, mise en oeuvre hiérarchique et bureaucratique de l’autre) sont liées aux différents effets des outils de régulation sur les pratiques des enseignants et sur la légitimité de cette politique.
Resumo:
Cloud storage has rapidly become a cornerstone of many businesses and has moved from an early adopters stage to an early majority, where we typically see explosive deployments. As companies rush to join the cloud revolution, it has become vital to create the necessary tools that will effectively protect users' data from unauthorized access. Nevertheless, sharing data between multiple users' under the same domain in a secure and efficient way is not trivial. In this paper, we propose Sharing in the Rain – a protocol that allows cloud users' to securely share their data based on predefined policies. The proposed protocol is based on Attribute-Based Encryption (ABE) and allows users' to encrypt data based on certain policies and attributes. Moreover, we use a Key-Policy Attribute-Based technique through which access revocation is optimized. More precisely, we show how to securely and efficiently remove access to a file, for a certain user that is misbehaving or is no longer part of a user group, without having to decrypt and re-encrypt the original data with a new key or a new policy.
Resumo:
Physical location of data in cloud storage is a problem that gains a lot of attention not only from the actual cloud providers but also from the end users' who lately raise many concerns regarding the privacy of their data. It is a common practice that cloud service providers create replicate users' data across multiple physical locations. However, moving data in different countries means that basically the access rights are transferred based on the local laws of the corresponding country. In other words, when a cloud service provider stores users' data in a different country then the transferred data is subject to the data protection laws of the country where the servers are located. In this paper, we propose LocLess, a protocol which is based on a symmetric searchable encryption scheme for protecting users' data from unauthorized access even if the data is transferred to different locations. The idea behind LocLess is that "Once data is placed on the cloud in an unencrypted form or encrypted with a key that is known to the cloud service provider, data privacy becomes an illusion". Hence, the proposed solution is solely based on encrypting data with a key that is only known to the data owner.
Resumo:
Notas críticas y exegéticas sobre el capítulo 166 (Antonio Diógenes, Las maravillas de más allá de Tule) de la Biblioteca de Focio.
Resumo:
L’étude du “brigandage lusitanien” a donné lieu à une importante activité de recherche depuis la fin du XIXe siècle. Pour autant, et malgré une inflexion progressive de l’historiographie moderne vers une approche plus nuancée de l’origine du phénomène, le problème de la terre reste encore aujourd’hui au centre des préoccupations de nombre d’historiens et archéologiques. À partir d’une discussion serrée des principaux passages de Tite-Live, Diodore et surtout Appien, relatifs à la relation que d’aucuns ont voulu établir entre manque et/ou pauvreté de la terre et développement du brigandage chez les Lusitaniens, il est proposé une critique de l’interprétation socio-économique.
Resumo:
Executive summary
Digital systems have transformed, and will continue to transform, our world. Supportive government policy, a strong research base and a history of industrial success make the UK particularly well-placed to realise the benefits of the emerging digital society. These benefits have already been substantial, but they remain at risk. Protecting the benefits and minimising the risks requires reliable and robust cybersecurity, underpinned by a strong research and translation system.
Trust is essential for growing and maintaining participation in the digital society. Organisations earn trust by acting in a trustworthy manner: building systems that are reliable and secure, treating people, their privacy and their data with respect, and providing credible and comprehensible information to help people understand how secure they are.
Resilience, the ability to function, adapt, grow, learn and transform under stress or in the face of shocks, will help organisations deliver systems that are reliable and secure. Resilient organisations can better protect their customers, provide more useful products and services, and earn people’s trust.
Research and innovation in industry and academia will continue to make important contributions to creating this resilient and trusted digital environment. Research can illuminate how best to build, assess and improve digital systems, integrating insights from different disciplines, sectors and around the globe. It can also generate advances to help cybersecurity keep up with the continued evolution of cyber risks.
Translation of innovative ideas and approaches from research will create a strong supply of reliable, proven solutions to difficult to predict cybersecurity risks. This is best achieved by maximising the diversity and number of innovations that see the light of day as products.
Policy, practice and research will all need to adapt. The recommendations made in this report seek to set up a trustworthy, self-improving and resilient digital environment that can thrive in the face of unanticipated threats, and earn the trust people place in it.
Innovation and research will be particularly important to the UK’s economy as it establishes a new relationship with the EU. Cybersecurity delivers important economic benefits, both by underpinning the digital foundations of UK business and trade and also through innovation that feeds directly into growth. The findings of this report will be relevant regardless of how the UK’s relationship to the EU changes.
Headline recommendations
● Trust: Governments must commit to preserving the robustness of encryption, including end-to-end encryption, and promoting its widespread use. Encryption is a foundational security technology that is needed to build user trust, improve security standards and fully realise the benefits of digital systems.
● Resilience: Government should commission an independent review of the UK’s future cybersecurity needs, focused on the institutional structures needed to support resilient and trustworthy digital systems in the medium and longer term. A self-improving, resilient digital environment will need to be guided and governed by institutions that are transparent, expert and have a clear and widely-understood remit.
● Research: A step change in cybersecurity research and practice should be pursued; it will require a new approach to research, focused on identifying ambitious high-level goals and enabling excellent researchers to pursue those ambitions. This would build on the UK's existing strengths in many aspects of cybersecurity research and ultimately help build a resilient and trusted digital sector based on excellent research and world-class expertise.
● Translation: The UK should promote a free and unencumbered flow of cybersecurity ideas from research to practical use and support approaches that have public benefits beyond their short term financial return. The unanticipated nature of future cyber threats means that a diverse set of cybersecurity ideas and approaches will be needed to build resilience and adaptivity. Many of the most valuable ideas will have broad security benefits for the public, beyond any direct financial returns.
Resumo:
This project is aimed at making comparison between current existing Internet- of-Things (IoT) platforms, SensibleThings (ST) and Global Sensors Networks (GSN). Project can be served as a further work of platforms’ investigation. Comparing and learning from each other aim to contribute to the improvement of future platforms development. Detailed comparison is mainly with the respect of platform feature, communication and data present-frequency performance under stress, and platform node scalability performance on one limited device. Study is conducted through developing applications on each platform, and making measuring performance under the same condition in household network environment. So far, all these respects have had results and been concluded. Qualitatively comparing, GSN performs better in the facets of node’s swift development and deployment, data management, node subscription and connection retry mechanism. Whereas, ST is superior in respects of network package encryption, platform reliability, session initializing latency, and degree of developing freedom. In quantitative comparison, nodes on GSN has better data push pressure resistence while ST nodes works with lower session latency. In terms of data present-frequency, ST node can reach higher updating frequency than GSN node. In the aspect of node sclability on one limited device, ST nodes take the advantage in averagely lower latency than GSN node when nodes number is less than 15 on limited device. But due to sharing mechanism of GSN, on one limited device, it's nodes shows more scalable if platform nodes have similar job.
Resumo:
Contemporary integrated circuits are designed and manufactured in a globalized environment leading to concerns of piracy, overproduction and counterfeiting. One class of techniques to combat these threats is circuit obfuscation which seeks to modify the gate-level (or structural) description of a circuit without affecting its functionality in order to increase the complexity and cost of reverse engineering. Most of the existing circuit obfuscation methods are based on the insertion of additional logic (called “key gates”) or camouflaging existing gates in order to make it difficult for a malicious user to get the complete layout information without extensive computations to determine key-gate values. However, when the netlist or the circuit layout, although camouflaged, is available to the attacker, he/she can use advanced logic analysis and circuit simulation tools and Boolean SAT solvers to reveal the unknown gate-level information without exhaustively trying all the input vectors, thus bringing down the complexity of reverse engineering. To counter this problem, some ‘provably secure’ logic encryption algorithms that emphasize methodical selection of camouflaged gates have been proposed previously in literature [1,2,3]. The contribution of this paper is the creation and simulation of a new layout obfuscation method that uses don't care conditions. We also present proof-of-concept of a new functional or logic obfuscation technique that not only conceals, but modifies the circuit functionality in addition to the gate-level description, and can be implemented automatically during the design process. Our layout obfuscation technique utilizes don’t care conditions (namely, Observability and Satisfiability Don’t Cares) inherent in the circuit to camouflage selected gates and modify sub-circuit functionality while meeting the overall circuit specification. Here, camouflaging or obfuscating a gate means replacing the candidate gate by a 4X1 Multiplexer which can be configured to perform all possible 2-input/ 1-output functions as proposed by Bao et al. [4]. It is important to emphasize that our approach not only obfuscates but alters sub-circuit level functionality in an attempt to make IP piracy difficult. The choice of gates to obfuscate determines the effort required to reverse engineer or brute force the design. As such, we propose a method of camouflaged gate selection based on the intersection of output logic cones. By choosing these candidate gates methodically, the complexity of reverse engineering can be made exponential, thus making it computationally very expensive to determine the true circuit functionality. We propose several heuristic algorithms to maximize the RE complexity based on don’t care based obfuscation and methodical gate selection. Thus, the goal of protecting the design IP from malicious end-users is achieved. It also makes it significantly harder for rogue elements in the supply chain to use, copy or replicate the same design with a different logic. We analyze the reverse engineering complexity by applying our obfuscation algorithm on ISCAS-85 benchmarks. Our experimental results indicate that significant reverse engineering complexity can be achieved at minimal design overhead (average area overhead for the proposed layout obfuscation methods is 5.51% and average delay overhead is about 7.732%). We discuss the strengths and limitations of our approach and suggest directions that may lead to improved logic encryption algorithms in the future. References: [1] R. Chakraborty and S. Bhunia, “HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection,” IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 28, no. 10, pp. 1493–1502, 2009. [2] J. A. Roy, F. Koushanfar, and I. L. Markov, “EPIC: Ending Piracy of Integrated Circuits,” in 2008 Design, Automation and Test in Europe, 2008, pp. 1069–1074. [3] J. Rajendran, M. Sam, O. Sinanoglu, and R. Karri, “Security Analysis of Integrated Circuit Camouflaging,” ACM Conference on Computer Communications and Security, 2013. [4] Bao Liu, Wang, B., "Embedded reconfigurable logic for ASIC design obfuscation against supply chain attacks,"Design, Automation and Test in Europe Conference and Exhibition (DATE), 2014 , vol., no., pp.1,6, 24-28 March 2014.
Resumo:
Elliptisten käyrien salakirjoitusjärjestelmät (ECC) ovat julkisen avaimen salakirjoitusjärjestelmiä, jotka perustuvat elliptisen käyrän pisteiden muodostamaan ryhmään. Ne ovat tällä hetkellä suuren mielenkiinnon kohteina, sillä perinteisesti käytössä olevan RSA-salausalgoritmin avainten pituudet ovat alkaneet kasvaa epäkäytännöllisen pitkiksi. Elliptisten käyrien järjestelmillä on mahdollista päästä 160 bitin avaimenpituudella vastaavan tasoiseen turvallisuuteen kuin 1024-bittisellä RSA-salausavaimella. Elliptisiin käyriin perustuvilla järjestelmillä on kuitenkin ollut omat ongelmansa yhtenäisyyden kanssa. Tämä on aiheuttanut haasteita salausjärjestelmän rakentamisessa ja saattanut vuotaa sivukanavatietoa. Määrittelemällä käytettävä elliptinen käyrä sopivasti näitä ongelmia on kuitenkin mahdollista välttää. Lisähyötynä voidaan saavuttaa nopeampi laskenta tinkimättä turvallisuudesta. Tässä työssä esitellään elliptisistä käyristä Weierstrassin normaalimuoto, Hessen käyrä, Edwardsin käyrä sekä binääriset Weierstrassin ja Edwardsin käyrät. Kaikille käyrille määritellään pisteiden yhteenlasku sekä esitetään käyräkohtaista tietoa niiden tehokkuudesta laskennassa.
Resumo:
Imagine being told that your wage was going to be cut in half. Well, that’s what’s soon going to happen to those who make money from Bitcoin mining, the process of earning the online currency Bitcoin. The current expected date for this change is 11 July 2016. Many see this as the day when Bitcoin prices will rocket and when Bitcoin owners could make a great deal of money. Others see it as the start of a Bitcoin crash. At present no one quite knows which way it will go. Bitcoin was created in 2009 by someone known as Satoshi Nakamoto, borrowing from a whole lot of research methods. It is a cryptocurrency, meaning it uses digital encryption techniques to create bitcoins and secure financial transactions. It doesn’t need a central government or organisation to regulate it, nor a broker to manage payments. Conventional currencies usually have a central bank that creates money and controls its supply. Bitcoin is instead created when individuals “mine” for it by using their computers to perform complex calculations through special software. The algorithm behind Bitcoin is designed to limit the number of bitcoins that can ever be created. All Bitcoin transactions are recorded on a public database known as a blockchain. Every time someone mines for Bitcoin, it is recorded with a new block that is transmitted to every Bitcoin app across the network, like a bank updating its online records.
Resumo:
Many existing encrypted Internet protocols leak information through packet sizes and timing. Though seemingly innocuous, prior work has shown that such leakage can be used to recover part or all of the plaintext being encrypted. The prevalence of encrypted protocols as the underpinning of such critical services as e-commerce, remote login, and anonymity networks and the increasing feasibility of attacks on these services represent a considerable risk to communications security. Existing mechanisms for preventing traffic analysis focus on re-routing and padding. These prevention techniques have considerable resource and overhead requirements. Furthermore, padding is easily detectable and, in some cases, can introduce its own vulnerabilities. To address these shortcomings, we propose embedding real traffic in synthetically generated encrypted cover traffic. Novel to our approach is our use of realistic network protocol behavior models to generate cover traffic. The observable traffic we generate also has the benefit of being indistinguishable from other real encrypted traffic further thwarting an adversary's ability to target attacks. In this dissertation, we introduce the design of a proxy system called TrafficMimic that implements realistic cover traffic tunneling and can be used alone or integrated with the Tor anonymity system. We describe the cover traffic generation process including the subtleties of implementing a secure traffic generator. We show that TrafficMimic cover traffic can fool a complex protocol classification attack with 91% of the accuracy of real traffic. TrafficMimic cover traffic is also not detected by a binary classification attack specifically designed to detect TrafficMimic. We evaluate the performance of tunneling with independent cover traffic models and find that they are comparable, and, in some cases, more efficient than generic constant-rate defenses. We then use simulation and analytic modeling to understand the performance of cover traffic tunneling more deeply. We find that we can take measurements from real or simulated traffic with no tunneling and use them to estimate parameters for an accurate analytic model of the performance impact of cover traffic tunneling. Once validated, we use this model to better understand how delay, bandwidth, tunnel slowdown, and stability affect cover traffic tunneling. Finally, we take the insights from our simulation study and develop several biasing techniques that we can use to match the cover traffic to the real traffic while simultaneously bounding external information leakage. We study these bias methods using simulation and evaluate their security using a Bayesian inference attack. We find that we can safely improve performance with biasing while preventing both traffic analysis and defense detection attacks. We then apply these biasing methods to the real TrafficMimic implementation and evaluate it on the Internet. We find that biasing can provide 3-5x improvement in bandwidth for bulk transfers and 2.5-9.5x speedup for Web browsing over tunneling without biasing.
Resumo:
International audience
Resumo:
Celem artykułu jest prezentacja myśli politycznej Ruchu Społeczeństwa Alternatywnego. W artytkule prezentowana jest diagnoza stanu sytuacji społeczenej w Polsce pierwszej połowy lat 80 prezentowana na łamach "Homka", propozycje programowe RSA oraz dyskuja nad metodami i strategią działania politycznego.
Resumo:
Naturally-occurring phytochemicals have received a pivotal attention in the last years, due to the increasing evidences of biological activities. Equisetum giganteum L., commonly known as “giant horsetail”, is a native plant from Central and South America, being largely used in dietary supplements as diuretic, hemostatic, antiinflammatory and anti-rheumatic agents [1,2]. The aim of the present study was to evaluate the antioxidant (scavenging effects on 2,2-diphenyl-1-picrylhydrazyl radicals- RSA, reducing power- RP, β-carotene bleaching inhibition- CBI and lipid peroxidation inhibition- LPI), anti-inflammatory (inhibition of NO production in lipopolysaccharidestimulated RAW 264.7 macrophages) and cytotoxic (in a panel of four human tumor cell lines: MCF-7- breast adenocarcinoma, NCI-H460- non-small cell lung cancer, HeLa- cervical carcinoma and HepG2- hepatocellular carcinoma; and in non-tumor porcine liver primary cells- PLP2) properties of E. giganteum, providing a phytochemical characterization of its extract (ethanol/water, 80:20, v/v), by using highperformance liquid chromatography coupled to diode array detection and electrospray ionisation mass spectrometry (HPLC-DAD–ESI/MS). E. giganteum presented fourteen phenolic compounds, two phenolic acids and twelve flavonol glycoside derivatives, mainly kaempferol derivatives, accounting to 81% of the total phenolic content, being kaempferol-O-glucoside-O-rutinoside, the most abundant molecule (7.6 mg/g extract). The extract exhibited antioxidant (EC50 values = 123, 136, 202 and 57.4 μg/mL for RSA, RP, CBI and LPI, respectively), anti-inflammatory (EC50 value = 239 μg/mL) and cytotoxic (GI50 values = 250, 258, 268 and 239 μg/mL for MCF-7, NCI-H460, HeLa and HepG2, respectively) properties, which were positively correlated with its concentration in phenolic compounds. Furthermore, up to 400 μg/mL, it did not revealed toxicity in non-tumor liver cells. Thus, this study highlights the potential of E. giganteum extracts as rich sources of phenolic compounds that can be used in the food, pharmaceutical and cosmetic fields.
Resumo:
Mushrooms are rich in several bioactive metabolites among them are phenolic compounds, terpenoids, polysaccharides, lectins, and steroids including mycosterols, namely ergosterol [1]. Ethanolic extracts prepared by maceration of several mushroom species have been recently described as having antiinflammatory properties [2]. In the present work, ethanolic extracts of Agaricus bisporus L., Lentinus edodes (Berk.) Pegler and Pleurotus ostreatus (Jacq. ex Fr.) P.Kumm., purchased from a local supermarket in the Northeast of Portugal, were obtained by Soxhlet and chemically characterized in terms of ergosterol content by HPLC-UV. The antioxidant properties of these extracts were evaluated through DPPH (2,2-diphenyl-1-picrylhydrazyl) radical scavenging activity (RSA), reducing power (RP), p. carotene bleaching inhibition (CBI) and lipid peroxidation inhibition in TBARS (thiobarbituric acid reactive substances) assay (LPI); the antioxidant activity of ergosterol was also evaluated by the DPPH assay. The anti-inflammatory activity of the same extracts and ergosterol was evaluated in LPS (lipopolysaccharide) stimulated RAW 264.7 macrophages, through the inhibition of NO production. A. bisporus revealed the highest content in ergosterol (44.8 ± 0.4 mg/ g extract) followed by P. ostreatus (34 ± 3 mg/ g extract) and finally L. edodes (8.9 ± 0.1 mg/ g extract). A. bisporus showed the highest RSA, RP and CBI (EC50 values= 7.0 ± 0.8, 2.3 ± 0.1 and 1.4 ± 0.1 mg/mL, respectively), while L. edodes presented the highest LPI (2.5 ± 0.1 mg/mL ); ergosterol revealed higher RSA (0.46±0. 0 I mg/mL) than the extracts. Concerning the anti-inflammatory potential, the most efficient species was L. edodes (lC50 value = 164 ± 16 J.lg/mL), followed by A. bisporus (185 ± 16 J.lg/mL) and finally P. ostreatus (290 ± 10 J.lg/mL). However, ergosterol presented lower activity (338 ± 23 J.lg/mL) due to its low solubility in the culture medium. The higher antioxidant properties displayed by A. bisporus can be related with its higher ergosterol content, while in the anti-inflammatory activity this relation cannot be established also due to the low solubility of ergosterol in the cells culture medium, decreasing the ergosterol availability. More studies are being conducted regarding the ergosterol solubility. Several compounds have been implicated in the bioactivity of mushrooms and in this study we have found that ergosterol can give an important contribution.
