834 resultados para IT Security, Internet, Personal Firewall, Security Mechanism, Security System, Security Threat, Security Usability, Security Vulnerability
Resumo:
File system security is fundamental to the security of UNIX and Linux systems since in these systems almost everything is in the form of a file. To protect the system files and other sensitive user files from unauthorized accesses, certain security schemes are chosen and used by different organizations in their computer systems. A file system security model provides a formal description of a protection system. Each security model is associated with specified security policies which focus on one or more of the security principles: confidentiality, integrity and availability. The security policy is not only about who can access an object, but also about how a subject can access an object. To enforce the security policies, each access request is checked against the specified policies to decide whether it is allowed or rejected. The current protection schemes in UNIX/Linux systems focus on the access control. Besides the basic access control scheme of the system itself, which includes permission bits, setuid and seteuid mechanism and the root, there are other protection models, such as Capabilities, Domain Type Enforcement (DTE) and Role-Based Access Control (RBAC), supported and used in certain organizations. These models protect the confidentiality of the data directly. The integrity of the data is protected indirectly by only allowing trusted users to operate on the objects. The access control decisions of these models depend on either the identity of the user or the attributes of the process the user can execute, and the attributes of the objects. Adoption of these sophisticated models has been slow; this is likely due to the enormous complexity of specifying controls over a large file system and the need for system administrators to learn a new paradigm for file protection. We propose a new security model: file system firewall. It is an adoption of the familiar network firewall protection model, used to control the data that flows between networked computers, toward file system protection. This model can support decisions of access control based on any system generated attributes about the access requests, e.g., time of day. The access control decisions are not on one entity, such as the account in traditional discretionary access control or the domain name in DTE. In file system firewall, the access decisions are made upon situations on multiple entities. A situation is programmable with predicates on the attributes of subject, object and the system. File system firewall specifies the appropriate actions on these situations. We implemented the prototype of file system firewall on SUSE Linux. Preliminary results of performance tests on the prototype indicate that the runtime overhead is acceptable. We compared file system firewall with TE in SELinux to show that firewall model can accommodate many other access control models. Finally, we show the ease of use of firewall model. When firewall system is restricted to specified part of the system, all the other resources are not affected. This enables a relatively smooth adoption. This fact and that it is a familiar model to system administrators will facilitate adoption and correct use. The user study we conducted on traditional UNIX access control, SELinux and file system firewall confirmed that. The beginner users found it easier to use and faster to learn then traditional UNIX access control scheme and SELinux.
Resumo:
Magdeburg, Univ., Fak. fr Informatik, Diss., 2015
Resumo:
Conceptual Information Systems are based on a formalization of the concept of "concept" as it is discussed in traditional philosophical logic. This formalization supports a human-centered approach to the development of Information Systems. We discuss this approach by means of an implemented Conceptual Information System for supporting IT security management in companies and organizations.
Resumo:
"16 September 1985."
Resumo:
Tt diplomityt sponsoroi suuri Isobritannialainen lentokoneteollisuudessa toimiva yritys, joka huomasi ett globaalin tuotantostrategian ollessa painopisteen ja tietoteknisten jrjestelmien kuten CAD/CAM ollessa merkittvn osana tuotantoa, on lydettv ymmrrys siit, mitk ovat tuotannon tietojrjestelmien tarpeet ja onko niiden kehittmisest hyty yritykselle.Diplomityss selitetn Internet teknologiaan perustuvan kioskin kehittmisest tietotukijrjestelmksi tuotanto-osastolle, jossa valmistetaan moottorin osia CNC-koneilla. Kioskeissa on piirteit, jotka voisivat osoittautua hydyllisiksi mys tuotantoympristiss ja siksi tss tyss tutkitaan kioskiin perustuvaa lhestymistapaa tuotantoympristn sovellettuna.Diplomity kuvaa informaatiokioskin kehittmist alkaen alkuvaatimusten keruusta tietojrjestelm varten, tietojrjestelmn suunnittelu- ja kehitysvaiheen sek lopuksi analysoi kioskin onnistuneisuutta tuotantoympristss kytettvyystutkimuksen avulla, joka suoritettiin sen jlkeen kun kioski oli implementoitu tehtaassa.Johtoptkset osoittavat, ett kioski on hyvin implementoitavissa tuotantoympristn ja todistaa, ett tuotantoinformaation jakelu shkisess muodossa on huomattavasti tehokkaampaa kuin paperilla. Kyttjien kommentit osoittavat ett kioski on sopiva heidn tietotarpeisiinsa ja siit on hyty heidn tylleen. Kioski tarjoaa hytyj tuotantotason lisksi mys johtotasolle.
Resumo:
2008
Resumo:
BACKGROUND Advanced heart failure (HF) is associated with high morbidity and mortality; it represents a major burden for the health system. Episodes of acute decompensation requiring frequent and prolonged hospitalizations account for most HF-related expenditure. Inotropic drugs are frequently used during hospitalization, but rarely in out-patients. The LAICA clinical trial aims to evaluate the effectiveness and safety of monthly levosimendan infusion in patients with advanced HF to reduce the incidence of hospital admissions for acute HF decompensation. METHODS The LAICA study is a multicenter, prospective, randomized, double-blind, placebo-controlled, parallel group trial. It aims to recruit 213 out-patients, randomized to receive either a 24-h infusion of levosimendan at 0.1g/kg/min dose, without a loading dose, every 30days, or placebo. RESULTS The main objective is to assess the incidence of admission for acute HF worsening during 12months. Secondarily, the trial will assess the effect of intermittent levosimendan on other variables, including the time in days from randomization to first admission for acute HF worsening, mortality and serious adverse events. CONCLUSIONS The LAICA trial results could allow confirmation of the usefulness of intermittent levosimendan infusion in reducing the rate of hospitalization for HF worsening in advanced HF outpatients.
Resumo:
The use of open source software continues to grow on a daily basis. Today, enterprise applications contain 40% to 70% open source code and this fact has legal, development, IT security, risk management and compliance organizations focusing their attention on its use, as never before. They increasingly understand that the open source content within an application must be detected. Once uncovered, decisions regarding compliance with intellectual property licensing obligations must be made and known security vulnerabilities must be remediated. It is no longer sufficient from a risk perspective to not address both open source issues.
Resumo:
The number of security violations is increasing and a security breach could have irreversible impacts to business. There are several ways to improve organization security, but some of them may be difficult to comprehend. This thesis demystifies threat modeling as part of secure system development. Threat modeling enables developers to reveal previously undetected security issues from computer systems. It offers a structured approach for organizations to find and address threats against vulnerabilities. When implemented correctly threat modeling will reduce the amount of defects and malicious attempts against the target environment. In this thesis Microsoft Security Development Lifecycle (SDL) is introduced as an effective methodology for reducing defects in the target system. SDL is traditionally meant to be used in software development, principles can be however partially adapted to IT-infrastructure development. Microsoft threat modeling methodology is an important part of SDL and it is utilized in this thesis to find threats from the Acme Corporations factory environment. Acme Corporation is used as a pseudonym for a company providing high-technology consumer electronics. Target for threat modeling is the IT-infrastructure of factorys manufacturing execution system. Microsoft threat modeling methodology utilizes STRIDE mnemonic and data flow diagrams to find threats. Threat modeling in this thesis returned results that were important for the organization. Acme Corporation now has more comprehensive understanding concerning IT-infrastructure of the manufacturing execution system. On top of vulnerability related results threat modeling provided coherent views of the target system. Subject matter experts from different areas can now agree upon functions and dependencies of the target system. Threat modeling was recognized as a useful activity for improving security.
Resumo:
A szerzk tanulmnyukban az informcibiztonsg egy merben j, minsgi vltozst hoz tallmnyval, a kvantumkulcscservel (QKD-vel quantum key distribution) foglalkoznak. Cljuk az, hogy az jdonsgra mint informatikai biztonsgi termkre tekintsenek, s megvizsgljk a bevezetsrl szl vllalati dnts sorn felmerl rveket, ellenrveket. Munkjuk egyarnt mszaki s zleti szemllet. Elbb elklntik a kvantumkulcscsere hagyomnyos eljrsokkal szembeni hasznlatnak motivl tnyezit, s megllaptjk, milyen krlmnyek kztt szksges a napi mkdsben alkalmazni. Ezt kveten a forgalomban is kaphat QKD-termkek tulajdonsgait s gyrtit szemgyre vve megfogalmazzk a termk szles kr elterjedsnek korltait. Vgl a kvantumkulcscsere-termk bevezetsrl szl vllalati dntshozs klnbz aspektusait tekintik t. Informcibiztonsgi s zleti szempontbl sszehasonltjk az j, valamint a hagyomnyosan hasznlt kulcscsereeszkzket. Javaslatot tesznek a vdend informci rtknek becslsre, amely a hasznlatbavtel kltsg-haszon elemzst tmaszthatja al. Ebbl levezetve megllaptjk, hogy mely szervezetek alkotjk a QKD lehetsges clcsoportjt. Utols lpsknt pedig arra keresik a vlaszt, melyik idpont lehet idelis a termk bevezetsre. _____ This study aims to illuminate Quantum Key Distribution (QKD), a new invention that has the potential to bring sweeping changes to information security. The authors goal is to present QKD as a product in the field of IT security, and to examine several pro and con arguments regarding the installation of this product. Their work demonstrates both the technical and the business perspectives of applying QKD. First they identify motivational factors of using Quantum Key Distribution over traditional methods. Then the authors assess under which circumstances QKD could be necessary to be used in daily business. Furthermore, to evaluate the limitations of its broad spread, they introduce the vendors and explore the properties of their commercially available QKD products. Bearing all this in mind, they come out with numerous factors that can influence corporate decision making regarding the installation of QKD. The authors compare the traditional and the new tools of key distribution from an IT security and business perspective. They also take efforts to estimate the value of the pieces of information to be protected. This could be useful for a subsequent costbenefit analysis. Their findings try to provide support for determining the target audience of QKD in the IT security market. Finally the authors attempt to find an ideal moment for an organization to invest in Quantum Key Distribution.
Resumo:
Collaborative sharing of information is becoming much more needed technique to achieve complex goals in today's fast-paced tech-dominant world. Personal Health Record (PHR) system has become a popular research area for sharing patients informa- tion very quickly among health professionals. PHR systems store and process sensitive information, which should have proper security mechanisms to protect patients' private data. Thus, access control mechanisms of the PHR should be well-defined. Secondly, PHRs should be stored in encrypted form. Cryptographic schemes offering a more suitable solution for enforcing access policies based on user attributes are needed for this purpose. Attribute-based encryption can resolve these problems, we propose a patient-centric framework that protects PHRs against untrusted service providers and malicious users. In this framework, we have used Ciphertext Policy Attribute Based Encryption scheme as an efficient cryptographic technique, enhancing security and privacy of the system, as well as enabling access revocation. Patients can encrypt their PHRs and store them on untrusted storage servers. They also maintain full control over access to their PHR data by assigning attribute-based access control to selected data users, and revoking unauthorized users instantly. In order to evaluate our system, we implemented CP-ABE library and web services as part of our framework. We also developed an android application based on the framework that allows users to register into the system, encrypt their PHR data and upload to the server, and at the same time authorized users can download PHR data and decrypt it. Finally, we present experimental results and performance analysis. It shows that the deployment of the proposed system would be practical and can be applied into practice.
Resumo:
Historical evidence shows that chemical, process, and Oil&Gas facilities where dangerous substances are stored or handled are target of deliberate malicious attacks (security attacks) aiming at interfering with normal operations. Physical attacks and cyber-attacks may generate events with consequences on people, property, and the surrounding environment that are comparable to those of major accidents caused by safety-related causes. The security aspects of these facilities are commonly addressed using Security Vulnerability/Risk Assessment (SVA/SRA) methodologies. Most of these methodologies are semi-quantitative and non-systematic approaches that strongly rely on expert judgment, leading to security assessments that are not reproducible. Moreover, they do not consider the synergies with the safety domain. The present 3-year research is aimed at filling the gap outlined by providing knowledge on security attacks, as well as rigorous and systematic methods supporting existing SVA/SRA studies suitable for the chemical, process, and Oil&Gas industry. The different nature of cyber and physical attacks resulted in the development of different methods for the two domains. The first part of the research was devoted to the development and statistical analysis of security databases that allowed to develop new knowledge and lessons learnt on security threats. Based on the obtained background, a Bow-Tie based procedure and two reverse-HazOp based methodologies were developed as hazard identification approaches for physical and cyber threats respectively. To support the quantitative estimation of the security risk, a quantitative procedure based on the Bayesian Network was developed allowing to calculate the probability of success of physical security attacks. All the developed methods have been applied to case studies addressing chemical, process and Oil&Gas facilities (offshore and onshore) proving the quality of the results that can be achieved in improving site security. Furthermore, the outcomes achieved allow to step forward in developing synergies and promoting integration among safety and security management.
Resumo:
Authentication plays an important role in how we interact with computers, mobile devices, the web, etc. The idea of authentication is to uniquely identify a user before granting access to system privileges. For example, in recent years more corporate information and applications have been accessible via the Internet and Intranet. Many employees are working from remote locations and need access to secure corporate files. During this time, it is possible for malicious or unauthorized users to gain access to the system. For this reason, it is logical to have some mechanism in place to detect whether the logged-in user is the same user in control of the user's session. Therefore, highly secure authentication methods must be used. We posit that each of us is unique in our use of computer systems. It is this uniqueness that is leveraged to "continuously authenticate users" while they use web software. To monitor user behavior, n-gram models are used to capture user interactions with web-based software. This statistical language model essentially captures sequences and sub-sequences of user actions, their orderings, and temporal relationships that make them unique by providing a model of how each user typically behaves. Users are then continuously monitored during software operations. Large deviations from "normal behavior" can possibly indicate malicious or unintended behavior. This approach is implemented in a system called Intruder Detector (ID) that models user actions as embodied in web logs generated in response to a user's actions. User identification through web logs is cost-effective and non-intrusive. We perform experiments on a large fielded system with web logs of approximately 4000 users. For these experiments, we use two classification techniques; binary and multi-class classification. We evaluate model-specific differences of user behavior based on coarse-grain (i.e., role) and fine-grain (i.e., individual) analysis. A specific set of metrics are used to provide valuable insight into how each model performs. Intruder Detector achieves accurate results when identifying legitimate users and user types. This tool is also able to detect outliers in role-based user behavior with optimal performance. In addition to web applications, this continuous monitoring technique can be used with other user-based systems such as mobile devices and the analysis of network traffic.
Resumo:
Trabalho apresentado no mbito do Mestrado em Engenharia Informtica, como requisito parcial para obteno do grau de Mestre em Engenharia Informtica
Resumo:
LEGISLATIVE STUDY The 83rd General Assembly of the Iowa Legislature, in Senate File 2273, directed the Iowa Department of Transportation (DOT) to conduct a study of how to implement a uniform statewide system to allow for electronic transactions for the registration and titling of motor vehicles. PARTICIPANTS IN STUDY As directed by Senate File 2273, the DOT formed a working group to conduct the study that included representatives from the Consumer Protection Division of the Office of the Attorney General, the Department of Public Safety, the Department of Revenue, the Iowa State County Treasurers Association, the Iowa Automobile Dealers Association, and the Iowa Independent Automobile Dealers Association. CONDUCT OF THE STUDY The working group met eight times between June 17, 2010, and October 1, 2010. The group discussed the costs and benefits of electronic titling from the perspectives of new and used motor vehicle dealers, county treasurers, the DOT, lending institutions, consumers and consumer protection, and law enforcement. Security concerns, legislative implications, and implementation timelines were also considered. In the course of the meetings the group: 1. Reviewed the specific goals of S.F. 2273, and viewed a demonstration of Iowas current vehicle registration and titling system so participants that were not users of the system could gain an understanding of its current functionality and capabilities. 2. Reviewed the results of a survey of county treasurers conducted by the DOT to determine the extent to which county treasurers had processing backlogs and the extent to which county treasurers limited the number of dealer registration and titling transactions that they would process in a single day and while the dealer waited. Only eight reported placing a limit on the number of dealer transactions that would be processed while the dealer waited (with the number ranging from one to four), and only 11 reported a backlog in processing registration and titling transactions as of June 11, 2010, with most backlogs being reported in the range of one to three days. 3. Conducted conference calls with representatives of the American Association of Motor Vehicle Administrators (AAMVA) and representatives of three states -- Kansas, which has an electronic lien and titling (ELT) program, and Wisconsin and Florida, each of which have both an ELT program and an electronic registration and titling (ERT) program to assess current and best practices for electronic transactions. In addition, the DOT (through AAMVA) submitted a survey to all U.S. jurisdictions to determine how, if at all, other states implemented electronic transactions for the registration and titling of motor vehicles. Twenty-eight states responded to the survey; of the 28 states that responded, only 13 allowed liens to be added or released electronically, and only five indicated allowing applications for registration and titling to be submitted electronically. DOT staff also heard a presentation from South Dakota on its ERT system at an AAMVA regional meeting. ELT information that emerged suggests a multi-vendor approach, in which vendors that meet state specifications for participation are authorized to interface with the states system to serve as a portal between lenders and the state system, will facilitate electronic lien releases and additions by offering lenders more choices and the opportunity to use the same vendor in multiple states. The ERT information that emerged indicates a multi-interface approach that offers an interface with existing dealer management software (DMS) systems and through a separate internet site will facilitate ERT by offering access that meets a variety of business needs and models. In both instances, information that emerged indicates that, in the long-term, adoption rates are positively affected by making participation above a certain minimum threshold mandatory. 4. To assess and compare functions or services that might be offered by or through a vendor, the group heard presentations from vendors that offer products or services that facilitate some aspect of ELT or ERT. 5. To assess the concerns, needs and interest of Iowa motor vehicle dealers, the group surveyed dealers to assess registration and titling difficulties experienced by dealers, the types of DMS systems (if any) used by dealers, and the dealers interest and preference in using an electronic interface to submit applications for registration and titling. Overall, 40% of the dealers that responded indicated interest and 57% indicated no interest, but interest was pronounced among new car dealers (75% were interested) and dealers with a high number of monthly transactions (85% of dealers averaging more than 50 sales per month were interested). The majority of dealers responding to the dealer survey ranked delays in processing and problems with daily limits on transaction as minor difficulty or no difficulty. RECOMMENDATIONS -- At the conclusion of the meetings, the working group discussed possible approaches for implementation of electronic transactions in Iowa and reached a consensus that a phased implementation of electronic titling that addressed first electronic lien and title transactions (ELT) and electronic fund transfers (EFT), and then electronic applications for registration and titling (ERT) is recommended. The recommendation of a phased implementation is based upon recognition that aspects of ELT and EFT are foundational to ERT, and that ELT and EFT solutions are more readily and easily attained than the ERT solution, which will take longer and be somewhat more difficult to develop and will require federal approval of an electronic odometer statement to fully implement. ELT A multi-vendor approach is proposed for ELT. No direct costs to the state, counties, consumers, or dealers are anticipated under this approach. The vendor charges participating lenders user or transaction fees for the service, and it appears the lenders typically absorb those costs due to the savings offered by ELT. Existing staff can complete the programming necessary to interface the state system with vendors systems. The estimated time to implement ELT is six to nine months. Mandatory participation is not recommended initially, but should be considered after ELT has been implemented and a suitable number of vendors have enrolled to provide a fair assessment of participation rates and opportunities. EFT A previous attempt to implement ELT and EFT was terminated due to concern that it would negatively impact county revenues by reducing interest income earned on state funds collected by the county and held until the monthly transfer to the state. To avoid that problem in this implementation, the EFT solution should remain revenue neutral to the counties, by allowing fees submitted by EFT to be immediately directed to the proper county account. Because ARTS was designed and has the capacity to accommodate EFT, a vendor is not needed to implement EFT. The estimated time to implement EFT is six to nine months. It is expected that EFT development will overlap ELT development. ERT ERT itself must be developed in phases. It will not be possible to quickly implement a fully functioning, paperless ERT system, because federal law requires that transfer of title be accompanied by a written odometer statement unless approval for an alternate electronic statement is granted by the National Highway Traffic Safety Administration (NHTSA). It is expected that it will take as much as a year or more to obtain NHTSA approval, and that NHTSA approval will require design of a system that requires the seller to electronically confirm the sellers identity, make the required disclosure to the buyer, and then transfer the disclosure to the buyer, who must also electronically confirm the buyers identity and electronically review and accept the disclosure to complete and submit the transaction. Given the time that it will take to develop and gain approval for this solution, initial ERT implementation will focus on completing and submitting applications and issuing registration applied for cards electronically, with the understanding that this process will still require submission of paper documents until an electronic odometer solution is developed. Because continued submission of paper documents undermines the efficiencies sought, full ERT that is, all documents necessary for registration and titling should be capable of approval and/or acceptance by all parties, and should be capable of submission without transmittal or delivery of duplicate paper documents . should remain the ultimate goal. ERT is not recommended as a means to eliminate review and approval of registration and titling transactions by the county treasurers, or to place registration and titling approval in the hands of the dealers, as county treasurers perform an important role in deterring fraud and promoting accuracy by determining the genuineness and regularity of each application. Authorizing dealers to act as registration agents that approve registration and title applications, issue registration receipts, and maintain and deliver permanent metal license plates is not recommended. Although distribution of permanent plates by dealers is not recommended, it is recommended that dealers participating in ERT generate and print registration applied for cards electronically. Unlike the manually-issued cards currently in use, cards issued in this fashion may be queried by law enforcement and are less susceptible to misuse by customers and dealers. The estimated time to implement the electronic application and registration applied for cards is 12 to 18 months, to begin after ELT and EFT have been implemented. It is recommended that focus during this time be on facilitating transfers through motor vehicle dealers, with initial deployment focused on higher-volume dealers that use DMS systems. In the long term an internet option for access to ERT must also be developed and maintained to allow participation for lower-volume dealers that do not use a DMS system. This option will also lay the ground work for an ERT option for sales between private individuals. Mandatory participation in Iowa is not recommended initially. As with ELT, it is recommended that mandatory participation be considered after at least an initial phase of ERT has been implemented and a suitable number of dealers have enrolled to provide a fair assessment of participation rates and opportunities. The use of vendors to facilitate ERT is not initially proposed because 1) DOT IT support staff is capable of developing a system that will interact with DMS systems and will still have to develop a dealer and public interface regardless of whether a vendor acts as intermediary between the DMS systems, and 2) there is concern that the cost of the vendor-based system, which is funded by transaction-based payments from the dealer to the vendor, will be passed to the consumer in the form of additional documentation or conveyance fees. However, the DOT recommends flexibility on this point, as development and pilot of the system may indicate that a multi-vendor approach similar to that recommended for ELT may increase the adoption rate by larger dealers and may ultimately decrease the user management to be exercised by DOT staff. If vendors are used in the process, additional legislation or administrative rules may be needed to control the fees that may be passed to the consumer. No direct cost to the DOT or county treasurers is expected, as the DOT expects that it may complete necessary programming with existing staff. Use of vendors to facilitate ERT transactions by dealers using DMS systems would result in transaction fees that may ultimately be passed to consumers. LEGISLATION As a result of the changes implemented in 2004 under Senate File 2070, the only changes to Iowa statutes proposed are to section 321.69 of the Iowa Code, Damage disclosure statement,and section 321.71, Odometer requirements. In each instance, authority to execute these statements by electronic means would be clarified by authorizing language similar to that used in section 321.20, subsections 2 and 3, which allows for electronic applications and directs the department to adopt rules on the method for providing signatures for applications made by electronic means. In these sections, the authorizing language might read as follows: Notwithstanding contrary provisions of this section, the department may develop and implement a program to allow for any statement required by this section to be made electronically. The department shall adopt rules on the method for providing signatures for statements made by electronic means. Some changes to DOT administrative rules will be useful but only to enable changes to work processes that would be desirable in the long term. Examples of long term work processes that would be enabled by rule changes include allowing for signatures created through electronic means and electronic odometer certifications. The DOT rules, as currently written, do not hinder the ability to proceed with ELT, EFT, and ERT.
