870 resultados para Electronic commerce - Security measures
Resumo:
Teleradiology allows medical images to be transmitted over electronic networks for clinical interpretation, and for improved healthcare access, delivery and standards. Although, such remote transmission of the images is raising various new and complex legal and ethical issues, including image retention and fraud, privacy, malpractice liability, etc., considerations of the security measures used in teleradiology remain unchanged. Addressing this problem naturally warrants investigations on the security measures for their relative functional limitations and for the scope of considering them further. In this paper, starting with various security and privacy standards, the security requirements of medical images as well as expected threats in teleradiology are reviewed. This will make it possible to determine the limitations of the conventional measures used against the expected threats. Further, we thoroughly study the utilization of digital watermarking for teleradiology. Following the key attributes and roles of various watermarking parameters, justification for watermarking over conventional security measures is made in terms of their various objectives, properties, and requirements. We also outline the main objectives of medical image watermarking for teleradiology, and provide recommendations on suitable watermarking techniques and their characterization. Finally, concluding remarks and directions for future research are presented.
Resumo:
The Australian Business Assessment of Computer User Security (ABACUS) survey is a nationwide assessment of the prevalence and nature of computer security incidents experienced by Australian businesses. This report presents the findings of the survey which may be used by businesses in Australia to assess the effectiveness of their information technology security measures.
Resumo:
The invention of asymmetric encryption back in the seventies was a conceptual leap that vastly increased the expressive power of encryption of the times. For the first time, it allowed the sender of a message to designate the intended recipient in an cryptographic way, expressed as a “public key” that was related to but distinct from the “private key” that, alone, embodied the ability to decrypt. This made large-scale encryption a practical and scalable endeavour, and more than anything else—save the internet itself—led to the advent of electronic commerce as we know and practice it today.
Resumo:
To harness safe operation of Web-based systems in Web environments, we propose an SSPA (Server-based SHA-1 Page-digest Algorithm) to verify the integrity of Web contents before the server issues an HTTP response to a user request. In addition to standard security measures, our Java implementation of the SSPA, which is called the Dynamic Security Surveillance Agent (DSSA), provides further security in terms of content integrity to Web-based systems. Its function is to prevent the display of Web contents that have been altered through the malicious acts of attackers and intruders on client machines. This is to protect the reputation of organisations from cyber-attacks and to ensure the safe operation of Web systems by dynamically monitoring the integrity of a Web site's content on demand. We discuss our findings in terms of the applicability and practicality of the proposed system. We also discuss its time metrics, specifically in relation to its computational overhead at the Web server, as well as the overall latency from the clients' point of view, using different Internet access methods. The SSPA, our DSSA implementation, some experimental results and related work are all discussed
Resumo:
The workshop is an activity of the IMIA Working Group ‘Security in Health Information Systems’ (SiHIS). It is focused to the growing global problem: how to protect personal health data in today’s global eHealth and digital health environment. It will review available trust building mechanisms, security measures and privacy policies. Technology alone does not solve this complex problem and current protection policies and legislation are considered woefully inadequate. Among other trust building tools, certification and accreditation mechanisms are dis-cussed in detail and the workshop will determine their acceptance and quality. The need for further research and international collective action are discussed. This workshop provides an opportunity to address a critical growing problem and make pragmatic proposals for sustainable and effective solutions for global eHealth and digital health.
Resumo:
[ES] Los trabajos de investigación sobre comercio electrónico en Internet ocupan gran parte de la investigación de marketing, pero son pocos aún los que se han ocupado de estudiar el sistema de subasta. Ante las peculiares características de una compra online, transmitir confianza al consumidor en este contexto es uno de los retos más importantes y difíciles en comparación con la compra offline. No obstante, es de esperar que las señales generadoras de confianza sean diferentes en la compra online por subasta que en la compra online en otros sitios web.
Resumo:
The TCP/IP architecture was originally designed without taking security measures into consideration. Over the years, it has been subjected to many attacks, which has led to many patches to counter them. Our investigations into the fundamental principles of networking have shown that carefully following an abstract model of Interprocess Communication (IPC) addresses many problems [1]. Guided by this IPC principle, we designed a clean-slate Recursive INternet Architecture (RINA) [2]. In this paper, we show how, without the aid of cryptographic techniques, the bare-bones architecture of RINA can resist most of the security attacks faced by TCP/IP. We also show how hard it is for an intruder to compromise RINA. Then, we show how RINA inherently supports security policies in a more manageable, on-demand basis, in contrast to the rigid, piecemeal approach of TCP/IP.
Resumo:
Experiences from smart grid cyber-security incidents in the past decade have raised questions on the applicability and effectiveness of security measures and protection mechanisms applied to the grid. In this chapter we focus on the security measures applied under real circumstances in today’s smart grid systems. Beginning from real world example implementations, we first review cyber-security facts that affected the electrical grid, from US blackout incidents, to the Dragonfly cyber-espionage campaign currently focusing on US and European energy firms. Provided a real world setting, we give information related to energy management of a smart grid looking also in the optimization techniques that power control engineers perform into the grid components. We examine the application of various security tools in smart grid systems, such as intrusion detection systems, smart meter authentication and key management using Physical Unclonable Functions, security analytics and resilient control algorithms. Furthermore we present evaluation use cases of security tools applied on smart grid infrastructure test-beds that could be proved important prior to their application in the real grid, describing a smart grid intrusion detection system application and security analytics results. Anticipated experimental results from the use-cases and conclusions about the successful transitions of security measures to real world smart grid operations will be presented at the end of this chapter.
Resumo:
Os Mercados Eletrónicos atingiram uma complexidade e nível de sofisticação tão elevados, que tornaram inadequados os modelos de software convencionais. Estes mercados são caracterizados por serem abertos, dinâmicos e competitivos, e constituídos por várias entidades independentes e heterogéneas. Tais entidades desempenham os seus papéis de forma autónoma, seguindo os seus objetivos, reagindo às ocorrências do ambiente em que se inserem e interagindo umas com as outras. Esta realidade levou a que existisse por parte da comunidade científica um especial interesse no estudo da negociação automática executada por agentes de software [Zhang et al., 2011]. No entanto, a diversidade dos atores envolvidos pode levar à existência de diferentes conceptualizações das suas necessidades e capacidades dando origem a incompatibilidades semânticas, que podem prejudicar a negociação e impedir a ocorrência de transações que satisfaçam as partes envolvidas. Os novos mercados devem, assim, possuir mecanismos que lhes permitam exibir novas capacidades, nomeadamente a capacidade de auxiliar na comunicação entre os diferentes agentes. Pelo que, é defendido neste trabalho que os mercados devem oferecer serviços de ontologias que permitam facilitar a interoperabilidade entre os agentes. No entanto, os humanos tendem a ser relutantes em aceitar a conceptualização de outros, a não ser que sejam convencidos de que poderão conseguir um bom negócio. Neste contexto, a aplicação e exploração de relações capturadas em redes sociais pode resultar no estabelecimento de relações de confiança entre vendedores e consumidores, e ao mesmo tempo, conduzir a um aumento da eficiência da negociação e consequentemente na satisfação das partes envolvidas. O sistema AEMOS é uma plataforma de comércio eletrónico baseada em agentes que inclui serviços de ontologias, mais especificamente, serviços de alinhamento de ontologias, incluindo a recomendação de possíveis alinhamentos entre as ontologias dos parceiros de negociação. Este sistema inclui também uma componente baseada numa rede social, que é construída aplicando técnicas de análise de redes socias sobre informação recolhida pelo mercado, e que permite melhorar a recomendação de alinhamentos e auxiliar os agentes na sua escolha. Neste trabalho são apresentados o desenvolvimento e implementação do sistema AEMOS, mais concretamente: • É proposto um novo modelo para comércio eletrónico baseado em agentes que disponibiliza serviços de ontologias; • Adicionalmente propõem-se o uso de redes sociais emergentes para captar e explorar informação sobre relações entre os diferentes parceiros de negócio; • É definida e implementada uma componente de serviços de ontologias que é capaz de: • o Sugerir alinhamentos entre ontologias para pares de agentes; • o Traduzir mensagens escritas de acordo com uma ontologia em mensagens escritas de acordo com outra, utilizando alinhamentos previamente aprovados; • o Melhorar os seus próprios serviços recorrendo às funcionalidades disponibilizadas pela componente de redes sociais; • É definida e implementada uma componente de redes sociais que: • o É capaz de construir e gerir um grafo de relações de proximidade entre agentes, e de relações de adequação de alinhamentos a agentes, tendo em conta os perfis, comportamento e interação dos agentes, bem como a cobertura e utilização dos alinhamentos; • o Explora e adapta técnicas e algoritmos de análise de redes sociais às várias fases dos processos do mercado eletrónico. A implementação e experimentação do modelo proposto demonstra como a colaboração entre os diferentes agentes pode ser vantajosa na melhoria do desempenho do sistema e como a inclusão e combinação de serviços de ontologias e redes sociais se reflete na eficiência da negociação de transações e na dinâmica do mercado como um todo.
Resumo:
Este é um estudo sobre o perfil do e-consumidor brasileiro. Através de um enquadramento do ecommerce no Brasil e de uma pesquisa qualitativa, o trabalho busca identificar quem é este consumidor, o que ele compra, porque ele compra online, como coleta as informações necessárias para escolher um produto ou serviço, quais são os fatores determinantes da compra e quais os locais escolhidos.
Resumo:
Abstract The aim of this research project is to draw on accounts of experiences ofborder crossing and regulation at the Canada/U.S. border at Niagara in order to illuminate the dynamics of differentiation and inequality at this site. The research is informed by claims that the world is turning into a global village due to transnational flows oftechnology, infonnation, capital and people. Much of the available literature on globalization shows that while the transfer of technology, information, and capital are enhanced, the transnational movement of people is both facilitated and constrained in complex and unequal ways. In this project, the workings of facilitation and constraint were explored through an analysis often interviews with people who had spent a substantial portion oftheir childhood (e.g. 5 years) in a Canadian border community. The interviewees were at the time ofthe research between the ages of 19 and 25. Because most ofthe respondents were 'white' Canadians of working to upper middle class status, my focus was to explore how 'whiteness' as privilege may translate into enhanced movement across borders and how 'white' people may internalize and enjoy this privilege but may often deny its reality. I was also interested in how inequality is perceived, understood, and legitimated by these relatively privileged people. My analysis ofthe ten accounts ofborder crossing and regulation suggests that differentially situated people experience border crossing differently. An important finding is that while relatively privileged border crossers perceived and often problernatized differential treatment based on external factors such as physical appearance, and especially race, most did not challenge such treatment but rather saw it as acceptable. These findings are located within newer literature that addresses the increasing securitization ofborders and migration in western societies.
Resumo:
The current study examined whether overt and relational forms of reactive and proactive aggression were differentially related to adolescents’ temperament and attachment security. Measures of adolescents’ temperament, attachment security, and aggression were completed by 211 adolescents, ages 10–14, and their caregivers. Attachment security was consistently associated with all four dimensions of aggression, whereas proneness to frustration was found to be uniquely associated with reactive-overt aggression. Additionally, it was found that at lower levels of effortful control more secure attachment was related to lower levels of reactive-relational aggression. Results also indicated that, for girls, the relation between attachment and proactive-overt and proactive-relational aggression was only significant when effortful control was low. Conversely, for boys, the relation between attachment and proactive-overt aggression and proactive-relational aggression was significant when effortful control was high. Implications of these findings and limitations to the current study are discussed.
Resumo:
"Mémoire présenté à la Faculté des études supérieures en vue de l'obtention du grade de Maîtrise en droit (LLM)"
Resumo:
"Thèse en vue de l'obtention du grade de docteur en droit de l'Université Panthéon-Assas (Paris II) et de docteur en droit de la faculté de droit de l'Université de Montréal en droit privé"
Resumo:
L'obligation de sécurité informationnelle - c'est-à-dire la tâche qui incombe aux entreprises d'assurer l'intégrité, la confidentialité et la disponibilité de l'information découle, tant en droit québécois que dans une majorité de juridictions occidentales, d'une série de dispositions législatives imposant non pas l'adoption de comportements ou l'utilisation de technologies ou de procédés identifiables, mais bien l'implantation de mesures de sécurité «raisonnables », «adéquates », ou « suffisantes ». Or, dans un domaine aussi embryonnaire et complexe que celui de la sécurité informationnelle, domaine dans lequel les solutions disponibles sont multiples et où la jurisprudence est éparse, comment une entreprise peut-elle jauger avec justesse l'étendue de son obligation? Bref, comment établir ce que ferait une entreprise raisonnablement prudente et diligente dans un domaine où il n'existe actuellement aucune balise législative, jurisprudentielle ou même coutumière permettant de fixer avec justesse le niveau de diligence imposé par le législateur? L'absence de sécurité juridique offerte par une telle situation est patente et nécessite une reconfiguration du cadre opératoire de l'obligation de sécurité informationnelle afin d'en identifier les composantes et les objectifs. Cet exercice passera par la redéfinition de l'obligation de sécurité informationnelle comme obligation de réduire les risques qui guettent l'information à un niveau socialement acceptable. En effet, la sécurité pouvant être définie comme étant la gestion du risque, c'est donc le risque qui réside au cœur de cette obligation. Or, en analysant les risques qui guettent un système, soit en analysant les menaces qui visent à exploiter ses vulnérabilités, il est possible d'établir quelles contre-mesures s'avèrent utiles et les coûts associés à leur mise en œuvre. Par la suite, il devient envisageable, en recourant à la définition économique de la négligence et en prenant compte des probabilités de brèches de sécurité et des dommages escomptés, d'établir les sommes optimales à investir dans l'achat, l'entretien et la mise à jour de ces contre-mesures. Une telle analyse permet ainsi de quantifier avec un certain degré de précision l'étendue de l'obligation de sécurité informationnelle en offrant aux entreprises un outil s'inspirant de données matérielles auxquelles elles ont librement accès et s'intégrant aisément dans le contexte juridique contemporain.
