Search results for "Tietoturva"
showing 10 items of 184 documents
PSD2 ja sen vaikutukset verkkomaksamisen tietoturvaan ja liiketoimintamalleihin
2016
Web payments have created a whole industry around them in the last decade where sensitive data is moved around and where security is one of the key concepts. On top of internal facilities, members of the EU are regulated by EU directives of which the second will be taken to legislation by the start of year 2017. It forces the banks to open interfaces that allow third parties to use web shop customers banking credentials in order to initiate payments. Second directive on payment services brings up a set of web security hazards that have yet to be studied. In this thesis a literature review is made on web payment security. I will also study the second directive on payment services and its eff…
Leveraging National Auditing Criteria to Implement Cybersecurity Safeguards for the Automotive Emergency Response Vehicles : A case study from Finland
2017
A modern Emergency Response Vehicle (ERV) is a combination of emergency services and functional mobile office on the wheels. The mobile office is aiming to leverage the benefits of fixed office while moving on the wheels. Researchers have observed that emergency response personnel including Law Enforcement Authorities (LEAs), Police and border guards, could be on the duty while having possibility to use same services compared to fixed office. On the one hand, demand of mobile office has significantly improved the emergency response services. On the other hand, emergency vehicle designers should rethink the demand of users. This resulted into modern standard emergency response vehicle with t…
Do SETA Interventions Change Security Behavior? : A Literature Review
2023
Information security education, training, and awareness (SETA) are approaches to changing end-users’ security behavior. Research into SETA has conducted interventions to study the effects of SETA on security behavior. However, we lack aggregated knowledge on ‘how do SETA interventions influence security behavior?’. This study reviews 21 empirical SETA intervention studies published across the top IS journals. The theoretical findings show that the research has extended Protection Motivation Theory by (1) enhancements to fear appeals; (2) drawing attention to relevance; (3) incorporating temporality; (4) and shifting from intentions to behavior. In terms of behavior, the SETA interventions h…
Enhancing the user authentication process with colour memory cues
2022
The authentication process is the first line of defence against potential impostors, and therefore is an important concern when protecting personal and organisational data. Although there are many options to authenticate digital users, passwords remain the most common authentication mechanism. However, with password numbers increasing, many users struggle with remembering multiple passwords, which affects their security behaviour. Previous researchers and practitioners have attempted to suggest ways to improve password memorability and security simultaneously. We introduce novel approach that utilises colour as a memory cue to increase password memorability and security. A longitudinal stud…
Selaimen sormenjälkitunnistamisen torjunta käyttöjärjestelmäavusteisella virtualisoinnilla
2017
Selaimen sormenjälkitunnistaminen mahdollistaa käyttäjien seurannan käyttäjien yksityisyyttä luokkaavasti. Tutkielmassa selvitetään voidaanko käyttöjärjestelmäavusteisilla virtualisointiteknologioilla vastata selaimen sormenjälkitunnistamisen torjunnan asettamiin haasteisiin. Tutkielmassa havaittiin neljä eri haastetta selaimen sormenjälkitunnistamisen torjunnalle. Tutkielma keskittyy Linux-kernelin tukemiin käyttöjärjestelmäavusteisiin virtualisointiteknologiohin, jotka mahdollistavat ohjelmistokonttien toteuttamisen. Preventing browser fingerprinting using operating system level virtualization. Browser fingerprinting enables tracking of users in a way that violates users' privacy. In this…
Tietoturvamallien hyödyntäminen sovelluskehityksessä
2008
Tietoturvauhat ja niiden ehkäiseminen Android-sovelluksissa
2017
Kandidaatintutkielma käsittelee Android-sovellusten tietoturvauhkia ja näiden ehkäisemistä. Tutkielma rajautuu älypuhelimien tarkasteluun kaikkien Android-laitteiden sijasta. Kyberrikollisuuden lisääntymisen myötä on sovellusten turvallisuuden varmistamisen merkitys noussut. Kandidaatintutkielma käsittelee tietoturvaa ensisijaisesti sovelluksen ohjelmoitsijan näkökulmasta. This study investigates security threats and their prevention in Android applications. The study concentrates especially on Android mobile devices instead of all Android devices. Security is an essential priority in applications since the cyber criminal acitivity is on the increase. The study focuses primarily on the soft…
Intelligent solutions for real-life data-driven applications
2017
The subject of this thesis belongs to the topic of machine learning or, specifically, to the development of advanced methods for regression analysis, clustering, and anomaly detection. Industry is constantly seeking improved production practices and minimized production time and costs. In connection to this, several industrial case studies are presented in which mathematical models for predicting paper quality were proposed. The most important variables for the prediction models are selected based on information-theoretic measures and regression trees approach. The rest of the original papers are devoted to unsupervised machine learning. The main focus is developing advanced spectral cluster…
Attacking TrustZone on devices lacking memory protection
2021
AbstractARM TrustZone offers a Trusted Execution Environment (TEE) embedded into the processor cores. Some vendors offer ARM modules that do not fully comply with TrustZone specifications, which may lead to vulnerabilities in the system. In this paper, we present a DMA attack tutorial from the insecure world onto the secure world, and the design and implementation of this attack in a real insecure hardware.
Towards Automated Classification of Firmware Images and Identification of Embedded Devices
2017
Part 4: Operating System and Firmware Security; International audience; Embedded systems, as opposed to traditional computers, bring an incredible diversity. The number of devices manufactured is constantly increasing and each has a dedicated software, commonly known as firmware. Full firmware images are often delivered as multiple releases, correcting bugs and vulnerabilities, or adding new features. Unfortunately, there is no centralized or standardized firmware distribution mechanism. It is therefore difficult to track which vendor or device a firmware package belongs to, or to identify which firmware version is used in deployed embedded devices. At the same time, discovering devices tha…