991 resultados para Matsumoto-Imai threat model
Resumo:
Recently a new human authentication scheme called PAS (predicate-based authentication service) was proposed, which does not require the assistance of any supplementary device. The main security claim of PAS is to resist passive adversaries who can observe the whole authentication session between the human user and the remote server. In this paper we show that PAS is insecure against both brute force attack and a probabilistic attack. In particular, we show that its security against brute force attack was strongly overestimated. Furthermore, we introduce a probabilistic attack, which can break part of the password even with a very small number of observed authentication sessions. Although the proposed attack cannot completely break the password, it can downgrade the PAS system to a much weaker system similar to common OTP (one-time password) systems.
Resumo:
Regenerating codes are a class of codes for distributed storage networks that provide reliability and availability of data, and also perform efficient node repair. Another important aspect of a distributed storage network is its security. In this paper, we consider a threat model where an eavesdropper may gain access to the data stored in a subset of the storage nodes, and possibly also, to the data downloaded during repair of some nodes. We provide explicit constructions of regenerating codes that achieve information-theoretic secrecy capacity in this setting.
Resumo:
Durante as ultimas décadas, os registos de saúde eletrónicos (EHR) têm evoluído para se adaptar a novos requisitos. O cidadão tem-se envolvido cada vez mais na prestação dos cuidados médicos, sendo mais pró ativo e desejando potenciar a utilização do seu registo. A mobilidade do cidadão trouxe mais desafios, a existência de dados dispersos, heterogeneidade de sistemas e formatos e grande dificuldade de partilha e comunicação entre os prestadores de serviços. Para responder a estes requisitos, diversas soluções apareceram, maioritariamente baseadas em acordos entre instituições, regiões e países. Estas abordagens são usualmente assentes em cenários federativos muito complexos e fora do controlo do paciente. Abordagens mais recentes, como os registos pessoais de saúde (PHR), permitem o controlo do paciente, mas levantam duvidas da integridade clinica da informação aos profissionais clínicos. Neste cenário os dados saem de redes e sistemas controlados, aumentando o risco de segurança da informação. Assim sendo, são necessárias novas soluções que permitam uma colaboração confiável entre os diversos atores e sistemas. Esta tese apresenta uma solução que permite a colaboração aberta e segura entre todos os atores envolvidos nos cuidados de saúde. Baseia-se numa arquitetura orientada ao serviço, que lida com a informação clínica usando o conceito de envelope fechado. Foi modelada recorrendo aos princípios de funcionalidade e privilégios mínimos, com o propósito de fornecer proteção dos dados durante a transmissão, processamento e armazenamento. O controlo de acesso _e estabelecido por políticas definidas pelo paciente. Cartões de identificação eletrónicos, ou certificados similares são utilizados para a autenticação, permitindo uma inscrição automática. Todos os componentes requerem autenticação mútua e fazem uso de algoritmos de cifragem para garantir a privacidade dos dados. Apresenta-se também um modelo de ameaça para a arquitetura, por forma a analisar se as ameaças possíveis foram mitigadas ou se são necessários mais refinamentos. A solução proposta resolve o problema da mobilidade do paciente e a dispersão de dados, capacitando o cidadão a gerir e a colaborar na criação e manutenção da sua informação de saúde. A arquitetura permite uma colaboração aberta e segura, possibilitando que o paciente tenha registos mais ricos, atualizados e permitindo o surgimento de novas formas de criar e usar informação clínica ou complementar.
Resumo:
The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants - insulated from the minutiae of hardware maintenance - rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organizations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments.
Resumo:
Certaines personnes peuvent être stigmatisées quand elles présentent un attribut relié à une identité sociale qui est dénigrée dans un contexte particulier. Il existe plusieurs stéréotypes au sujet des personnes qui ont une perte d'audition. Le grand public associe souvent la perte d'audition à des comportements indésirables, au vieillissement et à une capacité intellectuelle réduite. Ces stéréotypes affectent négativement la participation des personnes ayant une perte auditive à diverses activités. Malgré les impacts évidents et importants que la stigmatisation a sur la participation sociale des personnes ayant une perte auditive et leur propension à recourir aux services de réadaptation, on constate une pénurie relative de recherche sur le stigmate lié à la perte d'audition. Ces dernières années, les chercheurs en sciences sociales ont fait de grands pas pour conceptualiser le stigmate selon la perspective des personnes qui sont la cible des attitudes nuisibles. La plupart de ces concepts peuvent s'appliquer au stigmate social lié à la perte d'audition. Le premier article de cette thèse tente de placer le stigmate lié à la perte d'audition dans un modèle de menace à l’identité induite par le stigmate (stigma-induced identity threat model). Ce chapitre explore comment les services pourraient être modifiés pour mieux soutenir les individus qui montrent des signes que leur identité personnelle est compromise à cause de leur perte d'audition. De façon générale, les buts de ce manuscrit sont a) de dresser un bref résumé de la question du stigmate lié à la perte d'audition ; b) de présenter un modèle spécifique de menace d'identité induite par le stigmate et d’incorporer des notions propres au stigmate lié à la perte d'audition à cette conceptualisation générale du stigmate et c) de réfléchir sur la pertinence de ce modèle pour la réadaptation audiologique. L'intention de la deuxième étude est de mieux comprendre comment le stigmate affecte les comportements de recherche d’aide des adultes ayant une perte d'audition acquise. Dix personnes ayant une perte d'audition, et appartenant à des groupes de soutien par les pairs ont participé à des entrevues semi-structurées audio-enregistrées. Les transcriptions de ces entrevues ont été analysées au moyen d’analyses thématiques. Les analyses ont indiqué que les répondants montre une plus grande propension à chercher de l'aide à la suite d’étapes charnières, où l’équilibre entre le stress négatif et l'énergie positive était rompu : a) un moment où le stress était de loin supérieur à l'énergie positive (première étape charnière) et b) un moment où l'énergie positive était de loin supérieure au stress négatif (deuxième étape charnière). On propose une série de représentations graphiques qui dépeignent comment les influences positives et négatives présentes dans l'environnement social et physique du répondant influencent la recherche d'aide. Le but de la troisième étude est d'identifier les facteurs qui amènent des individus à cacher ou révéler leur perte d'audition dans leur lieu de travail. Des entrevues semi-structurées ont été menées en utilisant une technique d’élicitation par photographies pour susciter des informations liées à la révélation de la perte d'audition. Les thèmes dégagés des entrevues incluent : l'importance perçue de la situation, la perception du sentiment de contrôle, l'affiliation à la communauté, le fardeau de communication et la présence de problèmes connexes à la perte d'audition. Les résultats de cette étude offrent un aperçu du monde caché des travailleurs ayant une perte d'audition. Cette étude sert à documenter certaines stratégies que les travailleurs avec une perte d'audition utilisent pour contrôler leur identité professionnelle et, plus spécifiquement, comment certains gèrent le dévoilement de leur perte d'audition dans leur lieu de travail. Les résultats fournissent des informations utiles pour le développement de programmes d'intervention appropriés pour des travailleurs ayant une perte d'audition.
Resumo:
In the last decade RFID technology has become a major contender for managing large scale logistics operations and generating and distributing the massive amount of data involved in such operations. One of the main obstacles to the widespread deployment and adoption of RFID systems is the security issues inherent in them. This is compounded by a noticeable lack of literature on how to identify the vulnerabilities of a RFID system and then effectively identify and develop counter measures to combat the threats posed by those vulnerabilities. In this chapter, the authors develop a conceptual framework for analysing the threats, attacks, and security requirements pertaining to networked RFID systems. The vulnerabilities of, and the threats to, the system are identified using the threat model. The security framework itself consists of two main concepts: (1) the attack model, which identifies and classifies the possible attacks, and (2) the system model, which identifies the security requirements. The framework gives readers a method with which to analyse the threats any given system faces. Those threats can then be used to identify the attacks possible on that system and get a better understanding of those attacks. It also allows the reader to easily identify all the security requirements of that system and identify how those requirements can be met.
Resumo:
In the quest for shorter time-to-market, higher quality and reduced cost, model-driven software development has emerged as a promising approach to software engineering. The central idea is to promote models to first-class citizens in the development process. Starting from a set of very abstract models in the early stage of the development, they are refined into more concrete models and finally, as a last step, into code. As early phases of development focus on different concepts compared to later stages, various modelling languages are employed to most accurately capture the concepts and relations under discussion. In light of this refinement process, translating between modelling languages becomes a time-consuming and error-prone necessity. This is remedied by model transformations providing support for reusing and automating recurring translation efforts. These transformations typically can only be used to translate a source model into a target model, but not vice versa. This poses a problem if the target model is subject to change. In this case the models get out of sync and therefore do not constitute a coherent description of the software system anymore, leading to erroneous results in later stages. This is a serious threat to the promised benefits of quality, cost-saving, and time-to-market. Therefore, providing a means to restore synchronisation after changes to models is crucial if the model-driven vision is to be realised. This process of reflecting changes made to a target model back to the source model is commonly known as Round-Trip Engineering (RTE). While there are a number of approaches to this problem, they impose restrictions on the nature of the model transformation. Typically, in order for a transformation to be reversed, for every change to the target model there must be exactly one change to the source model. While this makes synchronisation relatively “easy”, it is ill-suited for many practically relevant transformations as they do not have this one-to-one character. To overcome these issues and to provide a more general approach to RTE, this thesis puts forward an approach in two stages. First, a formal understanding of model synchronisation on the basis of non-injective transformations (where a number of different source models can correspond to the same target model) is established. Second, detailed techniques are devised that allow the implementation of this understanding of synchronisation. A formal underpinning for these techniques is drawn from abductive logic reasoning, which allows the inference of explanations from an observation in the context of a background theory. As non-injective transformations are the subject of this research, there might be a number of changes to the source model that all equally reflect a certain target model change. To help guide the procedure in finding “good” source changes, model metrics and heuristics are investigated. Combining abductive reasoning with best-first search and a “suitable” heuristic enables efficient computation of a number of “good” source changes. With this procedure Round-Trip Engineering of non-injective transformations can be supported.
Resumo:
Authorised users (insiders) are behind the majority of security incidents with high financial impacts. Because authorisation is the process of controlling users’ access to resources, improving authorisation techniques may mitigate the insider threat. Current approaches to authorisation suffer from the assumption that users will (can) not depart from the expected behaviour implicit in the authorisation policy. In reality however, users can and do depart from the canonical behaviour. This paper argues that the conflict of interest between insiders and authorisation mechanisms is analogous to the subset of problems formally studied in the field of game theory. It proposes a game theoretic authorisation model that can ensure users’ potential misuse of a resource is explicitly considered while making an authorisation decision. The resulting authorisation model is dynamic in the sense that its access decisions vary according to the changes in explicit factors that influence the cost of misuse for both the authorisation mechanism and the insider.
Resumo:
The upper Condamine River in southern Queensland has formed extensive alluvial deposits which have been used for irrigation of cotton crops for over 40 years. Due to excessive use and long term drought conditions these groundwater resources are under substantial threat. This condition is now recognised by all stakeholders, and Qld Department of Environment and Resource Management (DERM) are currently undertaking a water planning process for the Central Condamine Alluvium with water users and other stakeholders. DERM aims to effectively demonstrate the character of the groundwater system and its current status, and notably the continued long-term drawdown of the watertable. It was agreed that 3D visualisation was an ideal tool to achieve this. The Groundwater Visualisation System (GVS) developed at QUT was utilised and the visualisation model developed in conjunction with DERM to achieve a planning-management tool for this particular application
Resumo:
Diagnosis threat is a psychosocial factor that has been proposed to contribute to poor outcomes following mild traumatic brain injury (mTBI). This threat is thought to impair the cognitive test performance of individuals with mTBI because of negative injury stereotypes. University students (N= 45, 62.2% female) with a history of mTBI were randomly allocated to a diagnosis threat (DT, n=15), reduced threat (DT-reduced, n=15) or neutral (n=15) group. The reduced threat condition invoked a positive stereotype (i.e., that people with mTBI can perform well on cognitive tests). All participants were given neutral instructions before they completed baseline tests of: a) objective cognitive function across a number of domains; b) psychological symptoms; and, c) PCS symptoms, including self-reported cognitive and emotional difficulties. Participants then received either neutral, DT or DT-reduced instructions, before repeating the tests. Results were analyzed using separate mixed model ANOVAs; one for each dependent measure. The only significant result was for the 2 X 3 ANOVA on an objective test of attention/working memory, Digit Span, p<.05, such that the DT-reduced group performed better than the other groups, which were not different from each other. Although not consistent with predictions or earlier DT studies, the absence of group differences on most tests fits with several recent DT findings. The results of this study suggest that it is timely to reconsider the role of DT as a unique contributor to poor mTBI outcome.
Resumo:
While social engineering represents a real and ominous threat to many organizations, companies, governments, and individuals, social networking sites (SNSs), have been identified as among the most common means of social engineering attacks. Owing to factors that reduce the ability of users to detect social engineering tricks and increase the ability of attackers to launch them, SNSs seem to be perfect breeding ground for exploiting the vulnerabilities of people, and the weakest link in security. This work will contribute to the knowledge of social engineering by identifying different entities and subentities that affect social engineering based attacks in SNSs. Moreover, this paper includes an intensive and comprehensive overview of different aspects of social engineering threats in SNSs.
Resumo:
The impact of future climate change on the glaciers in the Karakoram and Himalaya (KH) is investigated using CMIP5 multi-model temperature and precipitation projections, and a relationship between glacial accumulation-area ratio and mass balance developed for the region based on the last 30 to 40 years of observational data. We estimate that the current glacial mass balance (year 2000) for the entire KH region is -6.6 +/- 1 Gta(-1), which decreases about sixfold to -35 +/- 2 Gta(-1) by the 2080s under the high emission scenario of RCP8.5. However, under the low emission scenario of RCP2.6 the glacial mass loss only doubles to -12 +/- 2 Gta(-1) by the 2080s. We also find that 10.6 and 27 % of the glaciers could face `eventual disappearance' by the end of the century under RCP2.6 and RCP8.5 respectively, underscoring the threat to water resources under high emission scenarios.
Resumo:
The main objective of this thesis is the critical analysis of the evolution of the criminal justice systems throughout the past decade, with special attention to the fight against transnational terrorism. It is evident – for any observer - that such threats and the associated risk that terrorism entails, has changed significantly throughout the past decade. This perception has generated answers – many times radical ones – by States, as they have committed themselves to warrant the safety of their populations and to ease a growing sentiment of social panic. This thesis seeks to analyse the characteristics of this new threat and the responses that States have developed in the fight against terrorism since 9/11, which have questioned some of the essential principles and values in place in their own legal systems. In such sense, freedom and security are placed into perspective throughout the analysis of the specific antiterrorist legal reforms of five different States: Israel, Portugal, Spain, the United Kingdom and the United States of America. On the other hand, in light of those antiterrorist reforms, it will be questioned if it is possible to speak of the emergence of a new system of criminal justice (and of a process of a convergence between common law and civil law systems), built upon a control and preventive security framework, significantly different from traditional models. Finally, this research project has the fundamental objective to contribute to a better understanding on the economic, social and civilization costs of those legal reforms regarding human rights, the rule of law and democracy in modern States.
Resumo:
The present study focused on the role of the Health Belief Model (HBM) in predicting willingness to use functional breads, across four European countries: UK (N = 552), Italy (N = 504), Germany (N = 525) and Finland (N = 513). The behavioural evaluation components of the HBM (the perceived benefits and barriers conceptualized respectively as perceived healthiness and pleasantness) and the health motivation component were good predictors of willingness to use functional breads whereas threat perception components (perceived susceptibility and perceived anticipated severity) failed as predictors. This result was common in all four countries and across products. The role of 'cue to action' was marginal. On the whole the HBM fit was similar across the countries and products in terms of significant predictors (the perceived benefits, barriers and health motivation) with the exception of self-efficacy which was significant only in Finland. Young consumers seemed more interested in the functional bread with a health claim promoting health rather than in reducing risk of disease, whereas the opposite was true for older people. However, functional staple foods, such as bread in this European study, are still perceived as common foods rather than as a means of avoiding diseases. Consumers seek these foods for their healthiness (the perceived benefits) as they expect them to be healthier than regular foods and for the pleasantness (the perceived barriers) as they do not expect any change in the sensory characteristics due to the addition of the functional ingredients. The importance of health motivation in willingness to use products with health claims implies that there is an opening for developing better models for explaining health-promoting food choices that take into account both food and health-related factors without making a reference to disease-related outcome. (C) 2008 Elsevier Ltd. All rights reserved.
