Suchergebnisse
Filter
982 Ergebnisse
Sortierung:
Sécurité: nouvelles éxigences
In: Administration: revue de l'administration territoriale de l'état, Heft 239, S. 2-109
ISSN: 0223-5439
World Affairs Online
Memento défense - désarmement 1994/95: l'Europe et la sécurité internationale
In: Les dossiers du GRIP 191/195
La sécurité des transports maritimes
In: La revue maritime: informations, actualités, documentation maritime, S. 2-84
ISSN: 0335-3796, 1146-2132
Sécurité de la plaisance
In: La revue maritime: informations, actualités, documentation maritime, Heft 482, S. 22-25
ISSN: 0335-3796, 1146-2132
Quantitative Evaluation of Information Systems Security ; Évaluation quantitative de la sécurité des systèmes d'information
This dissertation presents a general method for the specification and quantitative evaluation of information systems security. This method allows to monitor the evolutions of an information system in operation, as well as to compare the impact on security of possible modifications of the functioning. It relies on a formal specification of the system security policy, augmented by a model of the vulnerabilities observed in the real system in operation. Then, a security measure represents the difficulty for an attacker to exploit the vulnerabilities and defeat the objectives defined in the security policy.Information systems security policy specification necessitates the definition of a rigorous and expressive framework. Furthermore, the language should be general enough to be usable in the context of an organization. The method defined and used in this work is based on an extension of deontic logic, enriched with a graphical representation.Vulnerabilities of the information system are described by a model called a privilege graph. These vulnerabilities, probed in the system, may have various origins, such as incorrect operation of the protection mechanisms of a computer system, or delegation of privileges in an organization. The assessment of a weight to these individual vulnerabilities allows the definition of highly relevant and global quantitative measures of security.Two practical examples are presented to illustrate the methodology: the study of a medium-size bank agency; and the observation of the security evolutions of a large computer system in operation. ; Cette thèse présente une méthode générale de spécification et d'évaluation quantitative de la sécurité des systèmes d'information. Cette méthode permet de surveiller les évolutions d'un système d'information pendant sa vie opérationnelle, ainsi que de comparer l'impact sur la sécurité de modifications éventuelles du fonctionnement. Elle s'appuie sur une spécification formelle de la politique de sécurité, complétée par un modèle des vulnérabilités du ...
BASE
Quantitative Evaluation of Information Systems Security ; Évaluation quantitative de la sécurité des systèmes d'information
This dissertation presents a general method for the specification and quantitative evaluation of information systems security. This method allows to monitor the evolutions of an information system in operation, as well as to compare the impact on security of possible modifications of the functioning. It relies on a formal specification of the system security policy, augmented by a model of the vulnerabilities observed in the real system in operation. Then, a security measure represents the difficulty for an attacker to exploit the vulnerabilities and defeat the objectives defined in the security policy.Information systems security policy specification necessitates the definition of a rigorous and expressive framework. Furthermore, the language should be general enough to be usable in the context of an organization. The method defined and used in this work is based on an extension of deontic logic, enriched with a graphical representation.Vulnerabilities of the information system are described by a model called a privilege graph. These vulnerabilities, probed in the system, may have various origins, such as incorrect operation of the protection mechanisms of a computer system, or delegation of privileges in an organization. The assessment of a weight to these individual vulnerabilities allows the definition of highly relevant and global quantitative measures of security.Two practical examples are presented to illustrate the methodology: the study of a medium-size bank agency; and the observation of the security evolutions of a large computer system in operation. ; Cette thèse présente une méthode générale de spécification et d'évaluation quantitative de la sécurité des systèmes d'information. Cette méthode permet de surveiller les évolutions d'un système d'information pendant sa vie opérationnelle, ainsi que de comparer l'impact sur la sécurité de modifications éventuelles du fonctionnement. Elle s'appuie sur une spécification formelle de la politique de sécurité, complétée par un modèle des vulnérabilités du ...
BASE
Quantitative Evaluation of Information Systems Security ; Évaluation quantitative de la sécurité des systèmes d'information
This dissertation presents a general method for the specification and quantitative evaluation of information systems security. This method allows to monitor the evolutions of an information system in operation, as well as to compare the impact on security of possible modifications of the functioning. It relies on a formal specification of the system security policy, augmented by a model of the vulnerabilities observed in the real system in operation. Then, a security measure represents the difficulty for an attacker to exploit the vulnerabilities and defeat the objectives defined in the security policy.Information systems security policy specification necessitates the definition of a rigorous and expressive framework. Furthermore, the language should be general enough to be usable in the context of an organization. The method defined and used in this work is based on an extension of deontic logic, enriched with a graphical representation.Vulnerabilities of the information system are described by a model called a privilege graph. These vulnerabilities, probed in the system, may have various origins, such as incorrect operation of the protection mechanisms of a computer system, or delegation of privileges in an organization. The assessment of a weight to these individual vulnerabilities allows the definition of highly relevant and global quantitative measures of security.Two practical examples are presented to illustrate the methodology: the study of a medium-size bank agency; and the observation of the security evolutions of a large computer system in operation. ; Cette thèse présente une méthode générale de spécification et d'évaluation quantitative de la sécurité des systèmes d'information. Cette méthode permet de surveiller les évolutions d'un système d'information pendant sa vie opérationnelle, ainsi que de comparer l'impact sur la sécurité de modifications éventuelles du fonctionnement. Elle s'appuie sur une spécification formelle de la politique de sécurité, complétée par un modèle des vulnérabilités du ...
BASE
Arbitrage, sécurité et réduction des armements: documents et travaux de la 5. assemblée
In: Section d'information [14]
Sciences du comportement et sécurité maritime
In: La revue maritime: informations, actualités, documentation maritime, Heft 485, S. 74-79
ISSN: 0335-3796, 1146-2132
Dossier: Politique maritime - Sécurité maritime
In: La revue maritime: informations, actualités, documentation maritime, Heft 478, S. 52-55
ISSN: 0335-3796, 1146-2132
Éditorial: Sécurité maritime : risque d'overdose ?
In: La revue maritime: informations, actualités, documentation maritime, Heft 464, S. 4-11
ISSN: 0335-3796, 1146-2132
Contrepoint - La protection sociale avant la « Sécu »
In: Informations sociales, Band 189, Heft 3, S. 20-20
Contrepoint — Faut-il sauvegarder la Sécurité sociale ?
In: Informations sociales, Band 175, Heft 1, S. 141-141
en contrepoint - La sécurité au niveau local
In: Informations sociales, Band 121, Heft 1, S. 39-40