880 resultados para Internet security applications
Resumo:
The traditional process of filling the medicine trays and dispensing the medicines to the patients in the hospitals is manually done by reading the printed paper medicinechart. This process can be very strenuous and error-prone, given the number of sub-tasksinvolved in the entire workflow and the dynamic nature of the work environment.Therefore, efforts are being made to digitalise the medication dispensation process byintroducing a mobile application called Smart Dosing application. The introduction ofthe Smart Dosing application into hospital workflow raises security concerns and callsfor security requirement analysis. This thesis is written as a part of the smart medication management project at EmbeddedSystems Laboratory, A˚bo Akademi University. The project aims at digitising the medicine dispensation process by integrating information from various health systems, and making them available through the Smart Dosing application. This application is intended to be used on a tablet computer which will be incorporated on the medicine tray. The smart medication management system include the medicine tray, the tablet device, and the medicine cups with the cup holders. Introducing the Smart Dosing application should not interfere with the existing process carried out by the nurses, and it should result in minimum modifications to the tray design and the workflow. The re-designing of the tray would include integrating the device running the application into the tray in a manner that the users find it convenient and make less errors while using it. The main objective of this thesis is to enhance the security of the hospital medicine dispensation process by ensuring the security of the Smart Dosing application at various levels. The methods used for writing this thesis was to analyse how the tray design, and the application user interface design can help prevent errors and what secure technology choices have to be made before starting the development of the next prototype of the Smart Dosing application. The thesis first understands the context of the use of the application, the end-users and their needs, and the errors made in everyday medication dispensation workflow by continuous discussions with the nursing researchers. The thesis then gains insight to the vulnerabilities, threats and risks of using mobile application in hospital medication dispensation process. The resulting list of security requirements was made by analysing the previously built prototype of the Smart Dosing application, continuous interactive discussions with the nursing researchers, and an exhaustive state-of-the-art study on security risks of using mobile applications in hospital context. The thesis also uses Octave Allegro method to make the readers understand the likelihood and impact of threats, and what steps should be taken to prevent or fix them. The security requirements obtained, as a result, are a starting point for the developers of the next iteration of the prototype for the Smart Dosing application.
Resumo:
With wireless vehicular communications, Vehicular Ad Hoc Networks (VANETs) enable numerous applications to enhance traffic safety, traffic efficiency, and driving experience. However, VANETs also impose severe security and privacy challenges which need to be thoroughly investigated. In this dissertation, we enhance the security, privacy, and applications of VANETs, by 1) designing application-driven security and privacy solutions for VANETs, and 2) designing appealing VANET applications with proper security and privacy assurance. First, the security and privacy challenges of VANETs with most application significance are identified and thoroughly investigated. With both theoretical novelty and realistic considerations, these security and privacy schemes are especially appealing to VANETs. Specifically, multi-hop communications in VANETs suffer from packet dropping, packet tampering, and communication failures which have not been satisfyingly tackled in literature. Thus, a lightweight reliable and faithful data packet relaying framework (LEAPER) is proposed to ensure reliable and trustworthy multi-hop communications by enhancing the cooperation of neighboring nodes. Message verification, including both content and signature verification, generally is computation-extensive and incurs severe scalability issues to each node. The resource-aware message verification (RAMV) scheme is proposed to ensure resource-aware, secure, and application-friendly message verification in VANETs. On the other hand, to make VANETs acceptable to the privacy-sensitive users, the identity and location privacy of each node should be properly protected. To this end, a joint privacy and reputation assurance (JPRA) scheme is proposed to synergistically support privacy protection and reputation management by reconciling their inherent conflicting requirements. Besides, the privacy implications of short-time certificates are thoroughly investigated in a short-time certificates-based privacy protection (STCP2) scheme, to make privacy protection in VANETs feasible with short-time certificates. Secondly, three novel solutions, namely VANET-based ambient ad dissemination (VAAD), general-purpose automatic survey (GPAS), and VehicleView, are proposed to support the appealing value-added applications based on VANETs. These solutions all follow practical application models, and an incentive-centered architecture is proposed for each solution to balance the conflicting requirements of the involved entities. Besides, the critical security and privacy challenges of these applications are investigated and addressed with novel solutions. Thus, with proper security and privacy assurance, these solutions show great application significance and economic potentials to VANETs. Thus, by enhancing the security, privacy, and applications of VANETs, this dissertation fills the gap between the existing theoretic research and the realistic implementation of VANETs, facilitating the realistic deployment of VANETs.
Resumo:
In modern society, security issues of IT Systems are intertwined with interdisciplinary aspects, from social life to sustainability, and threats endanger many aspects of every- one’s daily life. To address the problem, it’s important that the systems that we use guarantee a certain degree of security, but to achieve this, it is necessary to be able to give a measure to the amount of security. Measuring security is not an easy task, but many initiatives, including European regulations, want to make this possible. One method of measuring security is based on the use of security metrics: those are a way of assessing, from various aspects, vulnera- bilities, methods of defense, risks and impacts of successful attacks then also efficacy of reactions, giving precise results using mathematical and statistical techniques. I have done literature research to provide an overview on the meaning, the effects, the problems, the applications and the overall current situation over security metrics, with particular emphasis in giving practical examples. This thesis starts with a summary of the state of the art in the field of security met- rics and application examples to outline the gaps in current literature, the difficulties found in the change of application context, to then advance research questions aimed at fostering the discussion towards the definition of a more complete and applicable view of the subject. Finally, it stresses the lack of security metrics that consider interdisciplinary aspects, giving some potential starting point to develop security metrics that cover all as- pects involved, taking the field to a new level of formal soundness and practical usability.
Resumo:
During the last few years, the evolution of fieldbus and computers networks allowed the integration of different communication systems involving both production single cells and production cells, as well as other systems for business intelligence, supervision and control. Several well-adopted communication technologies exist today for public and non-public networks. Since most of the industrial applications are time-critical, the requirements of communication systems for remote control differ from common applications for computer networks accessing the Internet, such as Web, e-mail and file transfer. The solution proposed and outlined in this work is called CyberOPC. It includes the study and the implementation of a new open communication system for remote control of industrial CNC machines, making the transmission delay for time-critical control data shorter than other OPC-based solutions, and fulfilling cyber security requirements.
Resumo:
Interactive health communication using Internet technologies is expanding the range and flexibility of intervention and teaching options available in preventive medicine and the health sciences. Advantages of interactive health communication include the enhanced convenience, novelty, and appeal of computer-mediated communication; its flexibility and interactivity; and automated processing. We outline some of these fundamental aspects of computer-mediated communication as it applies to preventive medicine. Further, a number of key pathways of information technology evolution are creating new opportunities for the delivery of professional education in preventive medicine and other health domains, as well as for delivering automated, self-instructional health behavior-change programs through the Internet. We briefly describe several of these key evolutionary pathways, We describe some examples from work we have done in Australia. These demonstrate how we have creatively responded to the challenges of these new information environments, and how they may be pursued in the education of preventive medicine and other health care practitioners and in the development and delivery of health behavior change programs through the Internet. Innovative and thoughtful applications of this new technology can increase the consistency, reliability, and quality of information delivered.
Resumo:
Some patients are no longer able to communicate effectively or even interact with the outside world in ways that most of us take for granted. In the most severe cases, tetraplegic or post-stroke patients are literally `locked in` their bodies, unable to exert any motor control after, for example, a spinal cord injury or a brainstem stroke, requiring alternative methods of communication and control. But we suggest that, in the near future, their brains may offer them a way out. Non-invasive electroencephalogram (EEG)-based brain-computer interfaces (BCD can be characterized by the technique used to measure brain activity and by the way that different brain signals are translated into commands that control an effector (e.g., controlling a computer cursor for word processing and accessing the internet). This review focuses on the basic concepts of EEG-based BC!, the main advances in communication, motor control restoration and the down-regulation of cortical activity, and the mirror neuron system (MNS) in the context of BCI. The latter appears to be relevant for clinical applications in the coming years, particularly for severely limited patients. Hypothetically, MNS could provide a robust way to map neural activity to behavior, representing the high-level information about goals and intentions of these patients. Non-invasive EEG-based BCIs allow brain-derived communication in patients with amyotrophic lateral sclerosis and motor control restoration in patients after spinal cord injury and stroke. Epilepsy and attention deficit and hyperactive disorder patients were able to down-regulate their cortical activity. Given the rapid progression of EEG-based BCI research over the last few years and the swift ascent of computer processing speeds and signal analysis techniques, we suggest that emerging ideas (e.g., MNS in the context of BC!) related to clinical neuro-rehabilitation of severely limited patients will generate viable clinical applications in the near future.
Resumo:
Most Internet search engines are keyword-based. They are not efficient for the queries where geographical location is important, such as finding hotels within an area or close to a place of interest. A natural interface for spatial searching is a map, which can be used not only to display locations of search results but also to assist forming search conditions. A map-based search engine requires a well-designed visual interface that is intuitive to use yet flexible and expressive enough to support various types of spatial queries as well as aspatial queries. Similar to hyperlinks for text and images in an HTML page, spatial objects in a map should support hyperlinks. Such an interface needs to be scalable with the size of the geographical regions and the number of websites it covers. In spite of handling typically a very large amount of spatial data, a map-based search interface should meet the expectation of fast response time for interactive applications. In this paper we discuss general requirements and the design for a new map-based web search interface, focusing on integration with the WWW and visual spatial query interface. A number of current and future research issues are discussed, and a prototype for the University of Queensland is presented. (C) 2001 Published by Elsevier Science Ltd.
Resumo:
Telemedicine promises to revolutionize medical care delivery in rural and remote areas. The ability to accurately evaluate physical impairment via the Internet is important to the possible future provision of Internet-based physiotherapy. This study evaluated the reliability and validity of assessing knee range of motion via the Internet. Two therapists evaluated knee angle on a single subject via two methods of assessment: the Internet and the traditional method (face-to-face). Nine random positions of the knee were chosen with the principal examiner performing 20 face-to-face and two sets of 20 Internet measures in each position (n=540). The secondary therapist performed Internet assessments only. The Internet connection was established at a readily available speed of 17 kbit/s. The Internet-based goniometer was found to be a valid tool for measuring both knee flexion and extension angles. It was shown to possess both high intra and inter-rater reliability. Difference average plots of the scores verified the consistency of measurement between both modes of assessment. The successful evaluation of the physical outcome measure of knee range of motion via the Internet assists the further development of Internet-based physiotherapy applications. (C) 2003 Elsevier Science Ltd. All rights reserved.
Resumo:
RESUMO: A presente investigação incide no estudo da influência das dimensões do controlo do acesso à Internet, propostas por Hackman e Oldham (1975), e das facetas da satisfação com o trabalho, propostas por Spector (1985) num contexto organizacional. Os dados foram obtidos através da aplicação de três escalas avaliativas: o "Job Diagnostic Survey" (JDS), o "Job Satisfaction Survey" (JSS), e uma escala criada para avaliar as dimensões do controlo do acesso à Internet. O estudo incidiu numa amostra de conveniência, constituída por 135 colaboradores pertencentes a três organizações. Os resultados obtidos demonstraram que apenas três dimensões revelaram relações de antecedência com as dimensões da satisfação com o trabalho: no bloqueio a páginas e aplicações foram identificadas relações de antecedência com a da satisfação com os benefícios adicionais e com a promoção. Quanto à voz nas políticas da organização foram identificadas relações com a satisfação com os colegas, e com a natureza do trabalho. E na legislação foram identificadas relações com a satisfação com as recompensas contingenciais, com as condições operantes e com a comunicação. Os resultados levaram à não confirmação do modelo em análise, por não estar em linha com o quadro teórico estabelecido. Foram discutidas algumas das implicações dos resultados obtidos. ABSTRACT: The current research focus in the study of influence between the Internet Access control dimensions, proposed in this study, and the global Job satisfaction, proposed by Hackman e Oldham (1975) and the job satisfaction facets proposed by Spector (1985) in a organizationsl context. The data eas obtained through the application of three scales: num contexto organizacional. "Job Diagnostic Survey" (JDS), the "Job Satisfaction Survey" (JSS),and a scale that was created to evaluate the internet Access control. The study focused on a convenience sample, constituted by 135 participants from three organizations. The results show that only three dimensions revealed to have an antecedent relationship with the job satisfaction dimensions: in the websites and applications blocking, it was identified as having an antecedent relationship with the satisfaction with fringe benefits and promotion. Voice in the organizational policies was verified as an antecedent to the dimensions of the satisfaction with the coworkers and with the nature of work. And finally, the legislation was confirmed as an antecedent in the relationship with the dimensions satisfaction with contingent rewards, operating conditions and communication. The results led to the non confirmation of the studied theoretical model. Some of these results implications were discussed.
Resumo:
One of the major problems that prevents the spread of elections with the possibility of remote voting over electronic networks, also called Internet Voting, is the use of unreliable client platforms, such as the voter's computer and the Internet infrastructure connecting it to the election server. A computer connected to the Internet is exposed to viruses, worms, Trojans, spyware, malware and other threats that can compromise the election's integrity. For instance, it is possible to write a virus that changes the voter's vote to a predetermined vote on election's day. Another possible attack is the creation of a fake election web site where the voter uses a malicious vote program on the web site that manipulates the voter's vote (phishing/pharming attack). Such attacks may not disturb the election protocol, therefore can remain undetected in the eyes of the election auditors. We propose the use of Code Voting to overcome insecurity of the client platform. Code Voting consists in creating a secure communication channel to communicate the voter's vote between the voter and a trusted component attached to the voter's computer. Consequently, no one controlling the voter's computer can change the his/her's vote. The trusted component can then process the vote according to a cryptographic voting protocol to enable cryptographic verification at the server's side.
Resumo:
Dissertação de Mestrado apresentada ao Instituto de Contabilidade e Administração do Porto para a obtenção do grau de Mestre em Marketing Digital, sob orientação de Mestre António da Silva Vieira.
Resumo:
A voltage limiter circuit for indoor light energy harvesting applications is presented. This circuit is a part of a bigger system, whose function is to harvest indoor light energy, process it and store it, so that it can be used at a later time. This processing consists on maximum power point tracking (MPPT) and stepping-up, of the voltage from the photovoltaic (PV) harvester cell. The circuit here described, ensures that even under strong illumination, the generated voltage will not exceed the limit allowed by the technology, avoiding the degradation, or destruction, of the integrated die. A prototype of the limiter circuit was designed in a 130 nm CMOS technology. The layout of the circuit has a total area of 23414 mu m(2). Simulation results, using Spectre, are presented.
Resumo:
Traditionally, a country's electoral system requires the voter to vote at a specific day and place, which conflicts with the mobility usually seen in modern live styles. Thus, the widespread of Internet (mobile) broadband access can be seen as an opportunity to deal with this mobility problem, i.e. the adoption of an Internet voting system can make the live of voter's much more convenient; however, a widespread Internet voting systems adoption relies on the ability to develop trustworthy systems, i.e. systems that are verifiable and preserve the voter's privacy. Building such a system is still an open research problem. Our contribution is a new Internet voting system: EVIV, a highly sound End-to-end Verifiable Internet Voting system, which offers full voter's mobility and preserves the voter's privacy from the vote casting PC even if the voter votes from a public PC, such as a PC at a cybercafe or at a public library. Additionally, EVIV has private vote verification mechanisms, in which the voter just has to perform a simple match of two small strings (4-5 alphanumeric characters), that detect and protect against vote manipulations both at the insecure vote client platform and at the election server side. (c) 2012 Elsevier Ltd. All rights reserved.
Resumo:
Perante a evolução constante da Internet, a sua utilização é quase obrigatória. Através da web, é possível conferir extractos bancários, fazer compras em países longínquos, pagar serviços sem sair de casa, entre muitos outros. Há inúmeras alternativas de utilização desta rede. Ao se tornar tão útil e próxima das pessoas, estas começaram também a ganhar mais conhecimentos informáticos. Na Internet, estão também publicados vários guias para intrusão ilícita em sistemas, assim como manuais para outras práticas criminosas. Este tipo de informação, aliado à crescente capacidade informática do utilizador, teve como resultado uma alteração nos paradigmas de segurança informática actual. Actualmente, em segurança informática a preocupação com o hardware é menor, sendo o principal objectivo a salvaguarda dos dados e continuidade dos serviços. Isto deve-se fundamentalmente à dependência das organizações nos seus dados digitais e, cada vez mais, dos serviços que disponibilizam online. Dada a mudança dos perigos e do que se pretende proteger, também os mecanismos de segurança devem ser alterados. Torna-se necessário conhecer o atacante, podendo prever o que o motiva e o que pretende atacar. Neste contexto, propôs-se a implementação de sistemas de registo de tentativas de acesso ilícitas em cinco instituições de ensino superior e posterior análise da informação recolhida com auxílio de técnicas de data mining (mineração de dados). Esta solução é pouco utilizada com este intuito em investigação, pelo que foi necessário procurar analogias com outras áreas de aplicação para recolher documentação relevante para a sua implementação. A solução resultante revelou-se eficaz, tendo levado ao desenvolvimento de uma aplicação de fusão de logs das aplicações Honeyd e Snort (responsável também pelo seu tratamento, preparação e disponibilização num ficheiro Comma Separated Values (CSV), acrescentando conhecimento sobre o que se pode obter estatisticamente e revelando características úteis e previamente desconhecidas dos atacantes. Este conhecimento pode ser utilizado por um administrador de sistemas para melhorar o desempenho dos seus mecanismos de segurança, tais como firewalls e Intrusion Detection Systems (IDS).
Resumo:
Dissertação de Natureza Científica para obtenção do grau de Mestre em Engenharia Civil na Área de Especialização de Edificações
