985 resultados para security threat
Resumo:
Iris based identity verification is highly reliable but it can also be subject to attacks. Pupil dilation or constriction stimulated by the application of drugs are examples of sample presentation security attacks which can lead to higher false rejection rates. Suspects on a watch list can potentially circumvent the iris based system using such methods. This paper investigates a new approach using multiple parts of the iris (instances) and multiple iris samples in a sequential decision fusion framework that can yield robust performance. Results are presented and compared with the standard full iris based approach for a number of iris degradations. An advantage of the proposed fusion scheme is that the trade-off between detection errors can be controlled by setting parameters such as the number of instances and the number of samples used in the system. The system can then be operated to match security threat levels. It is shown that for optimal values of these parameters, the fused system also has a lower total error rate.
Resumo:
On 26 December 2003 an Israeli activist was shot by the Israeli Army while he was participating in a demonstration organized by Anarchists Against the Wall (AAtW) in the West Bank. This was the first time Israeli Soldiers have deliberately shot live bullets at a Jewish-Israeli activist. This paper is an attempt to understand the set of conditions, the enveloping frameworks, and the new discourses that have made this event, and similar shootings that soon followed, possible. Situating the actions of AAtW within a much wider context of securitization—of identities, movements, and bodies—we examine strategies of resistance which are deployed in highly securitized public spaces. We claim that an unexpected matrix of identity in which abnormality is configured as security threat render the bodies of activists especially precarious. The paper thus provides an account of the new rationales of security technologies and tactics which increasingly govern public spaces.
Resumo:
Understanding and managing information infrastructure (II) security risks is a priority to most organizations dealing with information technology and information warfare (IW) scenarios today (Libicki, 2000). Traditional security risk analysis (SRA) was well suited to these tasks within the paradigm of computer security, where the focus was on securing tangible items such as computing and communications equipment (NCS,1996; Cramer, 1998). With the growth of information interchange and reliance on information infrastructure, the ability to understand where vulnerabilities lie within an organization, regardless of size, has become extremely difficult (NIPC, 1996). To place a value on the information that is owned and used by an organization is virtually an impossible task. The suitability of risk analysis to assist in managing IW and information infrastructure-related security risks is unqualified, however studies have been undertaken to build frameworks and methodologies for modeling information warfare attacks (Molander, Riddile, & Wilson, 1996; Johnson, 1997; Hutchinson & Warren, 2001) which will assist greatly in applying risk analysis concepts and methodologies to the burgeoning information technology security paradigm, information warfare.
Resumo:
Many organizations still rely on deterrence to control insider threats and on purely preventive strategies to control outsider threats. Such a simple approach to organizational information security is no longer viable given the increasing operational sophistication of current security threat agents and the complexity of information technology infrastructure. Effective implementation of security requires organizations to select a combination of strategies that work in tandem and best suits their security situation. This paper addresses the identification and classification of factors that influence implementation of security strategies in organizations. In this paper, we develop a preliminary architecture that aims to assist organizations in deciding how strategies can be designed to complement each other to improve the cost-effectiveness of security.
Resumo:
We present a real-world problem that arises in security threat detection applications. The problem consists of deploying mobile detectors on moving units that follow predefined routes. Examples of such units are buses, coaches, and trolleys. Due to a limited budget not all available units can be equipped with a detector. The goal is to equip a subset of units such that the utility of the resulting coverage is maximized. Existing methods for detector deployment are designed to place detectors in fixed locations and are therefore not applicable to the problem considered here. We formulate the planning problem as a binary linear program and present a coverage heuristic for generating effective deployments in short CPU time. The heuristic has theoretical performance guarantees for important special cases of the problem. The effectiveness of the coverage heuristic is demonstrated in a computational analysis based on 28 instances that we derived from real-world data.
Resumo:
Colombia's increasingly effective efforts to mitigate the power of the FARC and other illegitimately armed groups in the country can offer important lessons for the Peruvian government as it strives to prevent a resurgence of Sendero Luminoso and other illegal non-state actors. Both countries share certain particular challenges: deep economic, social, and in the case of Peru ethnic divisions, the presence of and/or the effects of violent insurgencies, a large-scale narcotics production and trafficking, and a history of weak state presence in large tracts of isolated and scarcely-populated areas. Important differences exist, however in the nature of the insurgencies in the two countries, the government response to them and the nature of government and society that affects the applicability of Colombia's experience to Peru. The security threat to Panama from drug trafficking and Colombian insurgents --often a linked phenomenon-- are in many ways different from the drug/insurgent factor in Colombia itself and in Peru, although there are similar variables. Unlike the Colombian and Peruvian cases, the security threat in Panama is not directed against the state, there are no domestic elements seeking to overthrow the government -- as the case of the FARC and Sendero Luminoso, security problems have not spilled over from rural to urban areas in Panama, and there is no ideological component at play in driving the threat. Nor is drug cultivation a major factor in Panama as it is in Colombia and Peru. The key variable that is shared among all three cases is the threat of extra-state actors controlling remote rural areas or small towns where state presence is minimal. The central lesson learned from Colombia is the need to define and then address the key problem of a "sovereignity gap," lack of legitimate state presence in many part of the country. Colombia's success in broadening the presence of the national government between 2002 and the presence is owed to many factors, including an effective national strategy, improvements in the armed forces and police, political will on the part of government for a sustained effort, citizen buy-in to the national strategy, including the resolve of the elite to pay more in taxes to bring change about, and the adoption of a sequenced approach to consolidated development in conflicted areas. Control of territory and effective state presence improved citizen security, strengthened confidence in democracy and the legitimate state, promoted economic development, and helped mitigate the effect of illegal drugs. Peru can benefit from the Colombian experience especially in terms of the importance of legitimate state authority, improved institutions, gaining the support of local citizens, and furthering development to wean communities away from drugs. State coordinated "integration" efforts in Peru as practiced in Colombia have the potential for success if properly calibrated to Peruvian reality, coordinated within government, and provided with sufficient resources. Peru's traditionally weak political institutions and lack of public confidence in the state in many areas of the country must be overcome if this effort is to be successful.
Resumo:
Immigration to Australia has long been the focus of negative political interest. In recent times, the proposal of exclusionary policies such as the Malaysia Deal in 2011 has fuelled further debate. In these debates, Federal politicians often describe asylum seekers and refugees as ‘illegal’, ‘queue jumpers’, and ‘boat people’. This paper investigates how the political discourse constructs asylum seekers and refugees during debates surrounding the Malaysia Deal in the Federal Parliament of Australia in 2011. Hansard Parliamentary debates were analysed to identify the underlying themes and constructions that permeate political discourse about asylum seekers and refugees. This paper argues that a dichotomous characterisation of legitimacy pervades their construction with this group constructed either as legitimate humanitarian refugees or as illegitimate ‘boat arrivals’. These constructions result in the misrepresentation of asylum seekers as illegitimate, undermining their right to protection under Australia’s laws and international obligations. This construction also represents a shift in federal political discourse from constructing asylum seekers as a border or security threat, towards an increasing preoccupation with this categorisation of people as legitimate, or illegitimate.
Resumo:
Social Engineering (ES) is now considered the great security threat to people and organizations. Ever since the existence of human beings, fraudulent and deceptive people have used social engineering tricks and tactics to trick victims into obeying them. There are a number of social engineering techniques that are used in information technology to compromise security defences and attack people or organizations such as phishing, identity theft, spamming, impersonation, and spaying. Recently, researchers have suggested that social networking sites (SNSs) are the most common source and best breeding grounds for exploiting the vulnerabilities of people and launching a variety of social engineering based attacks. However, the literature shows a lack of information about what types of social engineering threats exist on SNSs. This study is part of a project that attempts to predict a persons’ vulnerability to SE based on demographic factors. In this paper, we demonstrate the different types of social engineering based attacks that exist on SNSs, the purposes of these attacks, reasons why people fell (or did not fall) for these attacks, based on users’ opinions. A qualitative questionnaire-based survey was conducted to collect and analyse people’s experiences with social engineering tricks, deceptions, or attacks on SNSs.
Resumo:
The next-generation smart grid will rely highly on telecommunications infrastructure for data transfer between various systems. Anywhere we have data transfer in a system is a potential security threat. When we consider the possibility of smart grid data being at the heart of our critical systems infrastructure it is imperative that we do all we can to ensure the confidentiality, availability and integrity of the data. A discussion on security itself is outside the scope of this paper, but if we assume the network to be as secure as possible we must consider what we can do to detect when that security fails, or when the attacks comes from the inside of the network. One way to do this is to setup a hacker-trap, or honeypot. A honeypot is a device or service on a network which appears legitimate, but is in-fact a trap setup to catch breech attempts. This paper identifies the different types of honeypot and describes where each may be used. The authors have setup a test honeypot system which has been live for some time. The test system has been setup to emulate a device on a utility network. The system has had many hits, which are described in detail by the authors. Finally, the authors discuss how larger-scale systems in utilities may benefit from honeypot placement.
Resumo:
This article analyses the Democratic Unionist Party's (DUP) discursive responses to the Northern Ireland peace process. Drawing on narrative analysis of DUP discourses in the Belfast News Letter (1998–2005), it argues that the party has articulated five themes: the de‐legitimisation of David Trimble and the Ulster Unionist Party, the immorality of the peace process, the security threat, the victimisation of Protestants, and the ‘renegotiation’ of the Belfast Agreement. These discourses are analysed in light of a framework for understanding the relationship between the party's public discourses and the political strategies that have allowed for its electoral success. The framework includes the relationship between discourses, agenda‐setting in the media, ‘the politics of support’, and ‘the politics of power’. It considers how the DUP's discourses may impact on its relationships with nationalists and unionists. However, efforts by the DUP to communicate with the unionist grassroots may allow it to minimise alienation, thus contributing to a space in which principles such as power‐sharing can become bedded down.
Resumo:
Ce mémoire a pour objectif d’analyser la pertinence d’une culture stratégique particulière, celle de l’Inde. Au moins quatre variables culturelles à dimension sécuritaire – l’identité, les valeurs, les normes et les perceptions – permettent d’expliquer la conception de la sécurité et du pouvoir indiens. L’hypothèse avancée dans ce mémoire est la suivante : à cause de l’influence de la culture stratégique indienne, l’océan Indien est perçu par l’élite indienne comme l’endroit où réside la principale menace à la sécurité de l’Inde. En outre, cette perception particulière de la menace permet de mieux comprendre les ambitions maritimes de l’Inde dans l’océan Indien à l’aube du 21e siècle. Afin de confirmer l’hypothèse, nous analysons l’influence de la culture stratégique indienne sur les approches stratégiques privilégiées par les décideurs Indiens au sein de l’océan Indien. Nous concluons, sur la base de l’étude cas, que l’objectif stratégique de New Delhi est de devenir la puissance maritime dominante de l’océan Indien. Le moyen privilégié est la création d’une marine océanique puissante, capable de maintenir en permanence une escadre en patrouille loin de ses bases navales. Sur le plan théorique, les actions indiennes – qui ont surtout un caractère défensif – sont justifiées par une doctrine de non-ingérence des grandes puissances dans les affaires indiennes, doctrine calquée sur la doctrine Monroe. Selon la doctrine indienne, seules les puissances régionales sont à même de préserver la stabilité dans la région de l’océan Indien. Conséquemment, le Gouvernement indien œuvre à réduire l’ingérence des marines de guerre étrangères au sein de l’océan Indien.
Resumo:
n the recent years protection of information in digital form is becoming more important. Image and video encryption has applications in various fields including Internet communications, multimedia systems, medical imaging, Tele-medicine and military communications. During storage as well as in transmission, the multimedia information is being exposed to unauthorized entities unless otherwise adequate security measures are built around the information system. There are many kinds of security threats during the transmission of vital classified information through insecure communication channels. Various encryption schemes are available today to deal with information security issues. Data encryption is widely used to protect sensitive data against the security threat in the form of “attack on confidentiality”. Secure transmission of information through insecure communication channels also requires encryption at the sending side and decryption at the receiving side. Encryption of large text message and image takes time before they can be transmitted, causing considerable delay in successive transmission of information in real-time. In order to minimize the latency, efficient encryption algorithms are needed. An encryption procedure with adequate security and high throughput is sought in multimedia encryption applications. Traditional symmetric key block ciphers like Data Encryption Standard (DES), Advanced Encryption Standard (AES) and Escrowed Encryption Standard (EES) are not efficient when the data size is large. With the availability of fast computing tools and communication networks at relatively lower costs today, these encryption standards appear to be not as fast as one would like. High throughput encryption and decryption are becoming increasingly important in the area of high-speed networking. Fast encryption algorithms are needed in these days for high-speed secure communication of multimedia data. It has been shown that public key algorithms are not a substitute for symmetric-key algorithms. Public key algorithms are slow, whereas symmetric key algorithms generally run much faster. Also, public key systems are vulnerable to chosen plaintext attack. In this research work, a fast symmetric key encryption scheme, entitled “Matrix Array Symmetric Key (MASK) encryption” based on matrix and array manipulations has been conceived and developed. Fast conversion has been achieved with the use of matrix table look-up substitution, array based transposition and circular shift operations that are performed in the algorithm. MASK encryption is a new concept in symmetric key cryptography. It employs matrix and array manipulation technique using secret information and data values. It is a block cipher operated on plain text message (or image) blocks of 128 bits using a secret key of size 128 bits producing cipher text message (or cipher image) blocks of the same size. This cipher has two advantages over traditional ciphers. First, the encryption and decryption procedures are much simpler, and consequently, much faster. Second, the key avalanche effect produced in the ciphertext output is better than that of AES.
Resumo:
El presente trabajo de investigación surge de la necesidad de estudiar el reciente fenómeno de las maras que se presenta en la región, analizando los elementos que las componen y los escenarios que las rodean, siendo los puntos claves para lograr entender su peligrosidad y porque se les considera un desafío a la seguridad de las naciones.
Resumo:
El presente estudio de caso tiene como objetivo principal analizar, desde el punto de vista venezolano, las estrategias implementadas por Venezuela para contrarrestar las que identifica como múltiples amenazas a su seguridad nacional desde 1998 hasta 2009, puesto que la alta mediatización de las acciones emprendidas durante la última década por parte del gobierno venezolano para mitigar las que considera amenazas a su seguridad nacional, está produciendo estereotipos y polarización no sólo en los ciudadanos venezolanos, sino también, en la comunidad internacional.
