Segurança na internet?

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro Tecnológico.No início dos anos 70, foi criada a Internet pelo Departamento de Defesa Americano (DoD). Foi desenvolvido uma arquitetura e softwares (protocolos) que permitiam a comunicação entre os computadores. O objetivo desta estrutura inicial era facilitar ao máximo o tráfego das informações entre os órgãos envolvidos no projeto. Foi um sucesso e rapidamente novos computadores se conectavam a esta estrutura de "rede". Conjuntamente com a Internet surgiram novos conceitos e entre eles a "segurança das informações" que transitam livremente pela rede. Matéria esta abordada desde 1970, em algumas universidades americanas, que com uma visão futurista já percebiam a importância da confiabilidade e integridade dos dados. Atualmente este é um tema polêmico, muito se ouve falar e muitos trabalhos são realizados em todas as partes do mundo. Mas, o que existe de real, de possível, sem os exageros da mídia e sem a grandiosidade pessoal? Existem muitos mecanismos que tratam de forma eficiente e confiável o tema "segurança". E é sobre eles que este trabalho se refere. Mostrando inicialmente a arquitetura básica de redes, os protocolos mais utilizados por esta estrutura, técnicas de firewalls para controle de fluxo de acesso na rede, os protocolos "seguros", a autenticação e certificação e finalmente das VPNs. "Segurança na Internet?" procura ser uma fonte de consulta para administradores e gerentes de redes que, preocupados com as informações coorporativas, gerenciam os acessos, as transações e as autenticações de suas redes locais e WANs, usuários e os acessos à Internet

Designing and generating prototype for E-Governance based election strategy using biometric authentication and smart card device

Not availabl

Junos Pulse Secure Access Service Administration Guide

This guide describes basic configuration procedures for Juniper Networks Secure Access Secure Access Service. This document was formerly titled Secure Access Administration Guide. This document is now part of the Junos Pulse documentation set. This guide is designed for network administrators who are configuring and maintaining a Juniper Networks Secure Access Service device. To use this guide, you need a broad understanding of networks in general and the Internet in particular, networking principles, and network configuration. Any detailed discussion of these concepts is beyond the scope of this guide.The Juniper Networks Secure Access Service enable you to give employees, partners, and customers secure and controlled access to your corporate data and applications including file servers, Web servers, native messaging and e-mail clients, hosted servers, and more from outside your trusted network using just a Web browser. Secure Access Service provide robust security by intermediating the data that flows between external users and your company’s internal resources. Users gain authenticated access to authorized resources through an extranet session hosted by the appliance. During intermediation, Secure Access Service receives secure requests from the external, authenticated users and then makes requests to the internal resources on behalf of those users. By intermediating content in this way, Secure Access Service eliminates the need to deploy extranet toolkits in a traditional DMZ or provision a remote access VPN for employees. To access the intuitive Secure Access Service home page, your employees, partners, and customers need only a Web browser that supports SSL and an Internet connection. This page provides the window from which your users can securely browse Web or file servers, use HTML-enabled enterprise applications, start the client/server application proxy, begin a Windows, Citrix, or Telnet/SSH terminal session, access corporate e-mail servers, start a secured layer 3 tunnel, or schedule or attend a secure online meeting

A framework to evaluate user experience of end user application security features

The use of technology in society moved from satisfying the technical needs of users to giving a lasting user experience while interacting with the technology. The continuous technological advancements have led to a diversity of emerging security concerns. It is necessary to balance security issues with user interaction. As such, designers have adapted to this reality by practising user centred design during product development to cater for the experiential needs of user - product interaction. These User Centred Design best practices and standards ensure that security features are incorporated within End User Programs (EUP). The primary function of EUP is not security, and interaction with security features while performing a program related task does present the end user with an extra burden. Evaluation mechanisms exist to enumerate the performance of the EUP and the user’s experience of the product interaction. Security evaluation standards focus on the program code security as well as on security functionalities of programs designed for security. However, little attention has been paid to evaluating user experience of functionalities offered by embedded security features. A qualitative case study research using problem based and design science research approaches was used to address the lack of criteria to evaluate user experience with embedded security features. User study findings reflect poor user experience with EUP security features, mainly as a result of low awareness of their existence, their location and sometimes even of their importance. From the literature review of the information security and user experience domains and the user study survey findings, four components of the framework were identified, namely: end user characteristics, information security, user experience and end user program security features characteristics. This thesis focuses on developing a framework that can be used to evaluate the user experience of interacting with end user program security features. The framework was designed following the design science research method and was reviewed by peers and experts for its suitability to address the problem. Subject experts in the fields of information security and human computer interaction were engaged, as the research is multidisciplinary. This thesis contributes to the body of knowledge on information security and on user experience elements of human computer interaction security regarding how to evaluate user experience of embedded InfoSec features. The research adds uniquely to the literature in the area of Human Computer Interaction Security evaluation and measurement in general, and is specific to end user program security features. The proposed metrics for evaluating UX of interacting with EUP security features were used to propose intervention to influence UX in an academic setup. The framework, besides presenting UX evaluation strategies for EUP security features, also presents a platform for further academic research on human factors of information security. The impact can be evaluated by assessing security behaviour, and successful security breaches, as well as user experience of interaction with end user programs

SIP based IP-telephony network security analysis

Masteroppgave i informasjons- og kommunikasjonsteknologi 2004 - Høgskolen i Agder, GrimstadThis thesis evaluates the SIP Protocol implementation used in the Voice over IP (VoIP) solution at the fibre/DSL network of Èlla Kommunikasjon AS. The evaluation focuses on security in the telephony service, and is performed from the perspective of an attacker trying to find weaknesses in the network. For each type of attempt by the malicious attacker, we examined the security level and possible solutions to flaws in the system. The conclusion of this analysis is that the VoIP service is exploitable, and that serious improvements are needed to achieve a satisfying level of security for the system

Cyber-Activists As Innovators: Online Technologies and the Power Struggle in Iran

This thesis analyses key social and technical capabilities and functions in Iran through the lens of the National Innovation System (NIS) model, focusing on processes influencing the on-going online encounter between the regime and local and expatriate prodemocracy cyber-activists in the aftermath of the country's contested presidential elections in June 2009. Conceptually, it is located in Science and Technology Studies (STS), with an emphasis on constructivist theory including Social Shaping of Technology (SST) as its creative backbone. In the original Nordic conceptualisation of the NIS model, openness is considered a given. This prevents the model from adequately explaining the dynamics of innovation in repressive countries. In Iran, nationwide innovation processes are distorted by high level security officials' ideology-driven approach to the generation and diffusion of scientific knowledge and the influence of the Islamic Revolutionary Guards Corps (IRGC) over Iran's national economy. Bifurcated due to significant political differences, the Iranian NIS has become dysfunctional in the absence of an integrated, democratic structure, making the country highly dependent on foreign expertise. The overreliance of Iran on cross-border technological contributions is reflected in the state's internet surveillance apparatus. Currently, major European information and communications technology (ICT) companies aid the core of the censorship infrastructure employed by the Iranian regime, while a great majority of the anti-filtering software used by the cyber-activists is developed by North American universities, research centres and human rights NGOs. This, in turn, highlights a limitation in the EU export policy regimen, which fails to promote the development of pro-democracy online innovations and remains relatively weak in terms of its ability to regulate the overseas trade of telecommunications technologies. Laying emphasis on the social responsibility of large international telecommunications companies based on the outcome of a combination of weblog content analysis, semistructured expert interviews and document reviews, the results of this project are expected to help improve Western policies on dual-use ICT exports to repressive countries. A focused attempt at the dynamisation of relevant legislation by the European Parliament (EP) can help more effectively foster egalitarian values in emerging economies through supporting legitimate, bottom-up dissent. The main body of data used by this research was collected through a longitudinal observation of 65 Persian activist weblogs evaluated against an inductively crafted checklist. The preliminary findings of the weblog content analysis were later on examined in relation to the scripts of direct discussions with 17 active scholars and practitioners sampled largely by snowballing, as well as to an extensive archive of legal and journalistic documents

Műszaki Tudományos Közlemények = Papers on Technical Science 2019

10. kötet: A XIX. Műszakiak Tudományos Ülésszak előadásai (Kolozsvár, 2018. november 24.) = Proceedings of the XIXth International Scientific Conference of Technical Sciences (Cluj, November 24. 2018.) | 11. kötet: A XXIV. Fiatal Műszakiak Tudományos Ülésszak előadásai (Kolozsvár, 2019. március 28.) = Proceedings of the XXIVth International Scientific Conference of Young Engineers (Cluj, March 28. 2019.

Naval Postgraduate School Catalog 2015

Approved for public release; distribution is unlimited

Naval Postgraduate School Catalog 2016

Approved for public release; distribution is unlimited