On the modelling of Kerberos protocol in the Quality of Protection Modelling Language (QoP-ML)

The security modelling of IT systems is a very complicated task. One of the issues which must be analysed is the performance of IT systems. In many cases the guaranteed security level is too high in relation to the real threats. The overestimation of security measures can decrease system performance. The paper presents the analysis of Kerberos cryptographic protocol in terms of quality of protection performed by Quality of Protection Modelling Language (QoP-ML). The analysis concerns the availability attribute. In the article the Kerberos protocol was modelled and the QoP analysis of two selected versions was performed

Quality of Protection Evaluation of Security Mechanisms

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol

Bursting the broadband bubble

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.Broadband has revolutionised the way the Internet is used and has become the critical enabling infrastructure of our modem and knowledge-based economy. Its widespread introduction has not only greatly enhanced the speed at which information online can be accessed, but also the range and sophistication of the content available. It is still penetrating the telecommunication market and is seen by some as the most significant evolutionary step since the emergence of the Internet. However in the rush to achieve market share, there is a risk that insufficient attention may be paid to quality issues, the central theme of this research. The research addresses the issues of broadband quality with a stated objective of assessing broadband quality by means of an integrated framework that encompasses factors beyond strict technical characteristics of broadband networks. Indeed, the concept of quality is a multi-facetted one, for which various perspectives can be distinguished. In this work, broadband quality as perceived by users, ISP and Government in the United Kingdom (UK) is looked at and a survey report is given and analysed. The aim of this doctoral research was to provide much needed empirical broadband quality framework that would guide the service provider as well as the UK government in the provision of quality broadband to its consumers. It will also stand as a benchmark to countries wanting to provide quality broadband to its citizens. A survey research approach was employed to achieve the overall aim and objective of this research. This was conducted using the response of 133 participants located in various boroughs in the UK. The results of the survey show that quality, though desired by many, has been short-changed by the desire to have access to the Internet via broadband at the lowest cost possible. However, this has not encouraged some consumers to switch to broadband from dial-up service despite continuous low prices being offered by service providers. Furthermore, the results also indicated that focusing on broadband quality will improve and promote investment in broadband capacity and decrease the uncertainty in consumer demand for applications such as multi-media content delivery, enhanced electronic commerce and telecommuting that exploit broadband access

On Security Management: Improving Energy Efficiency, Decreasing Negative Environmental Impact, and Reducing Financial Costs for Data Centers

Security management is one of the most significant issues in nowadays data centers. Selection of appropriate security mechanisms and effective energy consumption management together with caring for the environment enforces a profound analysis of the considered system. In this paper, we propose a specialized decision support system with a multilevel, comprehensive analysis scheme. As a result of the extensive use of mathematical methods and statistics, guidelines and indicators returned by the proposed approach facilitate the decision-making process and conserve decision-maker’s time and attention. In the paper we utilized proposed multilevel analysis scheme to manage security-based data flow in the example data center. Determining the most secure, energy-efficient, environmental friendly security mechanisms, we implemented the role-based access control method in Quality of Protection Modeling Language (QoP-ML) and evaluated its performance in terms of mentioned factors

A case study : academic achievement in an after-school tutoring program with Black middle school youth

unavailabl

The international competitiveness of Chinese construction firms

Many Chinese construction firms have strategically started to develop their overseas construction markets in line with the development of the integration of global economies, following China’s accession to the World Trade Organisation in 2001, and the Chinese government’s 2013 proposal for the “One Belt One Road”, which was an opportunity for Chinese construction firms to expand their global business. However, in the current dynamic global construction market there are factors, which may affect Chinese construction firms’ global expansion. However, the competitiveness theories, such as, Porter’s Competition theory, the Resources-Based Approach, and the Strategic Management Approach, had application limitations with respect to Chinese construction firms, because of the unique characteristics of China’s construction industry, which is a socialist market economy and is moving towards integration into the global market. It has been important for Chinese construction firms to focus on investigating those indicators, which have contributed to their international operations. Therefore, it was necessary to establish a framework to assess and improve Chinese construction firms’ international competitiveness. A competitiveness framework was established through the application of mixed methods relating to a sequential explanatory strategy, with strong quantitative and qualitative considerations. For this sequential study, firstly, the key players in the competitive global construction market were identified through analysis of secondary quantitative data. Secondly, a total of 21 key competitiveness indicators were identified through analysis of secondary qualitative data, after which a draft conceptual competitiveness framework was proposed. Thirdly, Modified Delphi interviews were conducted, in order to refine and tighten the draft conceptual competitiveness framework, in all a total of 49 key competitiveness indicators were identified and a competitiveness framework was established. Finally, a case study was conducted through an analysis of both secondary data and structured interview results, which validated that the competitiveness framework was a strategy and a practical tool for assessing and improving Chinese construction firms’ international competitiveness. In addition, a mathematical method named Weighted Summation was employed in this research for calculating competitiveness. Chinese construction firms’ international competitiveness could then be calculated. This research found that the meaning of competitiveness could not be precisely defined, but the indicators, which contributed to Chinese construction firms’ international competitiveness could be identified. This research provided a useful learning tool to assess and improve construction firms’ international competitiveness

A survey of the Victoria Falls with a view to repositioning this key tourist attraction in Zimbabwe.

Thesis (MBA)- University of Kwazulu-Natal, 2004.This study looks at the ailing Zimbabwean tourism industry and efforts to reverse the negative trend in tourist arrivals. Despite this sector of the economy enjoying positive growth both globally and at a regional level, the local industry had been adversely affected by negative perceptions about the country. The Zimbabwe Tourism Authority (ZTA), whose mission is to professionally market Zimbabwe as a leading tourist destination, has embarked on various initiatives. Unfortunately however, the organisation has enjoyed limited success in recapturing the demand experienced in the years prior to 1999. In order to investigate other avenues to pursue, this study sought the perspectives of two major stakeholders of the local tourism industry. These were namely "buyers" comprising the international tourist, who were probed for their motivations in selecting a holiday destination. In addition, local "suppliers" to the sector who interface directly with the international traveller, were asked to give their perspective on the performance of the ZTA in fulfilling its mission. Personal interviews were conducted in the resort town of Victoria Falls. This area was chosen over other attractions in Zimbabwe because our neighbouring competitors, South Africa and Zambia have promoted the resort for their own benefit, at the expense of the local industry. Another reason is the worldwide recognition and appeal of the attraction, owing to its historical significance. The study established that the resort still enjoys immense popularity, with international visitors opting to return several times in order to gaze at the scenic wonder. However, since the falls lack a truly Zimbabwean identity or image, travel agents and tour operators have either channeled tourist to the Zambian side or flown them in via South Africa as day visitors. The resultant effect has been minimal financial benefit to Zimbabwe by way of receipts from tourist expenditure. Adopting a co-operative strategic orientation with these neighbouring countries is recommended. At a local level the study found that the local tourism industry lacked a unified approach in tackling the challenges facing sector

Gestion de la sécurité dans une infrastructure de services dynamique (Une approche par gestion des risques)

Les changements de contexte économiques imposent de nouvelles stratégies organisationnelles aux entreprises : recentrages métier et développement de stratégies de collaboration interentreprises. Ces tendances du marché laissent prévoir une croissance exponentielle d écosystèmes de service accessibles à la fois aux clients finaux et aux partenaires. Tout laisse prévoir que ces écosystèmes s appuieront largement sur les architectures orientées services permettant de construire des systèmes d information capable d avoir l agilité requise et de supporter l interconnexion des processus métier collaboratifs en composant dynamiquement les processus à partir de services distribués. Ce type d architecture qui permet d assurer l alignement du système d information sur les besoins métier de l entreprise, rend indispensable la prise en compte des contraintes de sécurité tant au niveau individuel des services qu au niveau de la composition. Dans un environnement de services distribués et dynamiques, la sécurité ne doit pas se limiter à fournir des solutions technologiques mais à trouver une stratégie de sécurité prenant en compte les dimensions métier, organisationnelle et technologique. En outre, la sécurité doit être appréhendée comme un processus continu qui vise l optimisation des investissements de sécurité et assure la pérennité des mesures de sécurité mises en œuvre. Or les modèles et architectures de référence du domaine des services ont sous-estimé la définition des besoins en termes de sécurité, les biens à protéger et l identification des risques pesant sur ces biens. Pour cela, nous proposons d aborder la problématique de la sécurité par une approche de gestion des risques permettant d identifier les différents types de risques et de proposer les mesures de sécurité les plus adéquates au contexte. Toutefois, la gestion des risques s avère un vrai défi dans un environnement ouvert de services collaboratifs. En effet, les méthodes de gestion des risques développées dans le cadre des systèmes d information ne répondent pas aux exigences de sécurité dans un environnement ouvert et ne sont pas adaptées aux environnements dynamiques. Pour pallier ces limites, nous proposons un cadre méthodologique de gestion de la sécurité portant sur les phases préparation, conception, exécution et supervision du cycle de vie des services. Nous proposons un modèle de services sécurisés permettant de définir des patrons de sécurité, un modèle de classification des biens à protéger et une ontologie pour définir les concepts associés à ces biens. En outre, nous développons une méthodologie de conception d une architecture orientée services sécurisée puis abordons la construction de processus métier sécurisés avant de proposer un service de gestion des vulnérabilités de l infrastructure.Changes in economic environment impose new organizational strategies to companies: refocusing business and creating collaboration strategies. These trends point to an exponential growth of service ecosystems accessible to both end users and partners. All foreshadows that these ecosystems rely heavily on service-oriented architectures that can build information systems having the required agility and supporting the interconnection of collaborative business processes by composing processes dynamically from distributed services. This type of architecture that ensures business and information systems alignment, makes it essential to take into account security constraints at the services and the composition s levels. In a distributed and dynamic services environment, security should not be limited to providing technological solutions but to find a security strategy taking into account the business, organizational and technological dimensions. Besides, the security must be considered as an ongoing process that aims to optimize security investments and ensures the sustainability of implemented security measures. However, the models and reference architectures in the services domain have underestimated the definition of security requirements, assets to protect and the identification of risks to those assets. Therefore, we propose to address the security management issues by a risk management approach to identify the different types of risks and propose the most appropriate security measures to the context. Nevertheless, risk management is a real challenge in an open collaborative services environment. The methods of risk management developed in the context of information systems do not meet the security requirements in an open environment and are not suitable for dynamic environments. To overcome these limitations, we propose a methodological framework for security management covering the phases: preparation, design, execution and supervision of the services lifecycle. We propose a model of secure services to identify security patterns, an assets classification model and an ontology defining the concepts associated with those assets. Moreover, we develop a methodology for designing secure service oriented architectures, we address the development of secure business processes then we propose a security service for managing and supervising the infrastructure components vulnerabilities.VILLEURBANNE-DOC'INSA-Bib. elec. (692669901) / SudocSudocFranceF