Top PDF A study on e-Taiwan information system security classification and implementation

A study on e-Taiwan information system security classification and implementation

A study on e-Taiwan information system security classification and implementation

4. Conclusion Security is just like air. It is originally worthless, but its existence will not be painfully detected until it is lost. The outflow of private information causes unprecedented threat to e-Taiwan. The investigation wastes time and the forensic is difficult. Rumor has it that Mainland China has obtained the individual data (i.e., census register, military record and tax) of people in Taiwan. On March 27, 2004, the event of Trojan-Horse detecting e-bank accounts and passwords has been occurred in Taiwan. On April 14, 2004, it was even reported by mass media that “Mainland China hackers invaded the Presidential Hall.” We should recognize how to ensure “when there is confidence that information and information systems are protected against attacks through the application of security services in such areas as availability, integrity, authentication, confidentiality, and non- repudiation. The application of these services should be based on the protection, detect, and react paradigm. This means that in addition to incorporating protection mechanisms, organizations
顯示更多

7 閱讀更多

A Study of Applying Information Technology to the Recoder Instruction System Implementation 鄭雅方、宋明弘

A Study of Applying Information Technology to the Recoder Instruction System Implementation 鄭雅方、宋明弘

台?:教育部。【36】王全世(民89a)。資訊科技融入教學之意義與內涵,資訊與教育雙月刊,80,頁23-31。【37】王全世(民89b)。 對資訊科技融入各科教學之資訊情境的評估標準,資訊與教育雙月刊,77,頁36-47。【38】徐新?、吳佩謹(民91)。資訊融入教學的 現代意義與具體作為,教學科技與媒體,59,頁63-73。【39】曾錦達(民90)。電腦融入各?域教學與師資培訓,國民教育,42(1), 頁27-31。【40】陳弘昌(民87)。國小語文科教學研究。台?:五南圖書出版有限公司。【41】?漢偉(民85)。國小語文科教學探?。高 雄:?文文化事業。【42】許惠卿(民85)。多媒體CAI 概?-電腦輔助教學軟體編制手冊。台?:教育部。【43】吳?賢、曾鴻超(民93)。?彩 多媒體運用-我是多媒體高手。台?:網奕資訊。【44】廖起超,(民91)。多媒體之情境設計探討-以「未?-?的憧憬」創作為?。元智 大學資訊傳播所碩士?文。【45】吳鼎武 瓦?斯(民85)。電腦多媒體在視覺藝術之應用,Power Media:動畫影像多媒體雜誌,19,
顯示更多

3 閱讀更多

A Study on Implementation of Voice Control System Using DSP Chip 蔡學承、李立民

A Study on Implementation of Voice Control System Using DSP Chip 蔡學承、李立民

In this research, we design and implement a voice control system and use it to control a robot. The voice control system is implemented on a TMS320C6713 DSK board, which is a digital signal processor circuit board from Texas Instruments. The speech feature vector consists of 12 linear prediction derived cepstral coefficients, log energy and their first and second order derivatives. The automatic speech recognition system used in this study is based on the hidden Markov model. The Matlab and Simulink are used as a high level system development environment in this study. The system designed as a Simulink model consists of several interconnected modules, each of which is either represented as a block of embedded function or a built-in block in Simulink. We use the Embedded Coder and the Real-time Workshop to convert the Simulink model the associated Matlab programs into C language programs. Using the Code Composer development environment, the C language programs are compiled and linked into an executable program and then downloaded into the DSK board. The recognition result is then used to drive an infrared remote controller to send a control signal to control the robot. The parameters of the speech models are obtained from offline training. The modules of the real-time automatic recognition system include a voice acquisition and digitization unit, a framing unit, an end-point detection unit, a feature extraction unit, a data buffering unit, a core speech decoding unit, and a control signal output unit.
顯示更多

2 閱讀更多

The Design and Implementation of Activity-Based Costing Systems: A Case Study on Building a Prototype system 葉士徹、包冬意

The Design and Implementation of Activity-Based Costing Systems: A Case Study on Building a Prototype system 葉士徹、包冬意

ABSTRACT High cost quality information can reduce errors in planning strategy and provide exact and excellent criteria for executing the strategy. The Activity-Based Costing system analyzes all of the processes during operating activities to find out real results and to offer the correct cost information. This essay discusses the design and implemention of the cost management information system which is based on Activity-Based Costing, to study these topics as follows: 1. The Activity-Based Costing system introduction and application. 2. These methods which are invented by Accounting scholars, Cooper, Kaplan and Turney. 3. Based on the
顯示更多

1 閱讀更多

A Study on Security Schemes for Community HealthCare Information System 賴惠美、曹偉駿

A Study on Security Schemes for Community HealthCare Information System 賴惠美、曹偉駿

pp.311-316,2004 [36] H. Y. Chien,J. K. Jan ,and Y. M. Tseng,”An Efficient and Practical Solution to Remote Authentication: Smart Card,” Computers and Security, Vol.21, No.4, pp.372-375,2002 [37] J. K. Lee, S. R. Ryu and K. Y. Yoo, “Fingerprint-based Remote User Authentication Scheme Using Smart Cards,” Electronics Letters, Vol.38, No. 12, pp.554-555,2002 [38] K.S.Carrison et al.“Implementation of ISO17799 and BS7799 in picture archiving and communication system: local experience in implementation of BS7799 standard,” International Congress Series,Vol.1256 , pp.311-318,2003 [39] M. Girault, “Self-certified public keys,” Advances in Cryptology:EuroCrypt’91, Lecture Notes in Computer Science, Vol. 547, Springer-Verlag, 1991, pp. 491-497.
顯示更多

3 閱讀更多

Paper: a study on the certification of the information security management systems

Paper: a study on the certification of the information security management systems

Owing to the speed with which quality and envi- ronmental management certification has developed in Taiwan, quality or certification is not standardized. This could easily have a negative impact on trades, and the Ministry of Economic Affairs on March 5, 1997, set and issued BCIQ order 86350708 ‘‘Imple- mentation Rules for the Chinese Quality Management and Environmental Management Accreditation Sys- tem,’’ and on March 26 of the same year, it set and issued BCIQ order 86260244 ‘‘Points for the Estab- lishment of the Chinese National Accreditation Board.’’ On July 30, 1998, the Chinese National Accreditation Board (CNAB) began accepting appli- cations for accreditation from relevant certification organizations and organizations training inspection personnel. Based on the definition in the Article 4 in the above-mentioned implementation rules:
顯示更多

15 閱讀更多

Framing Information Systems: An Institutional Perspective on CRM System Implementation

Framing Information Systems: An Institutional Perspective on CRM System Implementation

are formed. The theories show how organisational institutions, such as incentive systems and cognitive structures, can significantly influence or even dominate how people view and use the system. The institution perspective may help explain the congruence of technological frames in an organisation by pointing out that it is not the result of the shared interests or background but of the dominance of some organisational institutions. Identifying these key institutions may help explain why even with careful system design and expected benefits, an IS may still not be used by the adopting organisations. Second, the study shows that frame incongruence may not necessary be a critical issue (Karsten and Laine, 2007) leading to implementation failure; however frame congruence (e.g., technology in use) can be an issue when most people in an organisation frame the technology in one dimension. This issue has not yet been addressed in the literature thus far and it is worthy of further investigation.
顯示更多

19 閱讀更多

A study on information security management system evaluation - assets, threat and vulnerability

A study on information security management system evaluation - assets, threat and vulnerability

‘‘Fluxay’’ and other utility programs, 5 – 10% of websites in Taiwan are intruded and the users are not aware of it. It was estimated that there are about 15 bugs in each 1000 lines of coding program. So in the Win- dows 2000, which is about 500,000,000,000 lines of coding, there should be 750,000 bugs. In January 2002, the president of Microsoft, Bill Gates, an- nounced: ‘‘The security and privacy of all the soft- ware products are far more important than any other new functions.’’ Later, in February 2002, Microsoft sent 7000 systems programmers for special security training. The company openly declared ‘‘An estab- lishment of a confidential information system war,
顯示更多

13 閱讀更多

Constructing an Information Security Governance for University Campus Based on ITIL and ISO 27001 - A Case Study on Som 鄭植尹、曹偉駿

Constructing an Information Security Governance for University Campus Based on ITIL and ISO 27001 - A Case Study on Som 鄭植尹、曹偉駿

ABSTRACT With the development of information technology, the service provided by the campus information system becomes increasingly diverse; at the same time of enjoying conveniences, the private information of individuals and the confidential documents of organizations are gradually exposed to the security vulnerability. To raise the security degree of campus information service and enhance the cognition of information security of the members in organizations, the government is actively promoting college campuses to pass the audit of the information security management system. At present, ISO 27001 is the effective audit tool, but its control measures are quite complex. Therefore, how to simplify the control measures of ISO 27001 to reach the optimization in security theory and practice has become the topic attracting increasing attention. Therefore, the research will propose the ITIL and ISO 27001-based campus information security governance model and discuss the situation of the information security governance of a university in middle Taiwan with the case study method. The research process is that we first conduct in-depth interview to the personnel related to the research subjects, then deduce related propositions in accordance with strategies, technologies,
顯示更多

2 閱讀更多

The Design and Implementation of a Baseball Scouting Information Analysis System

The Design and Implementation of a Baseball Scouting Information Analysis System

落點等,以資料庫裡所擁有的欄位,設計出選手 需要的分析角度,這是本論文最重要的部份。 因此,本論文研究實作的目標,為設計架構 一 個用於 棒 球 情 蒐之 運動 資訊 記錄 與 分 析系 統,將比賽記錄數位化,方便比賽資料傳遞查閱 及轉換輸出,並節省統計數據所花費的大量人力 與時間,減少錯誤和增加效率等問題。此系統使 用視窗圖形介面,以棒球記錄資料庫為統計資料 來源,[r]

10 閱讀更多

Security Analysis and Improvement of E-voting System based on Oblivious Signatures

Security Analysis and Improvement of E-voting System based on Oblivious Signatures

2. 可預測性: 在 Voting phase 中,任何一張有效的投票都 會得到 CA 對訊息 CAN j ∈ { CAN 1 , CAN 2 ..., CAN j } 所簽的模糊簽章 σ = ( s e , ) 。然後在 Ballot casting phase 中,投票者會將 σ 傳送給 VC。但為保障投 票 的 公 正 性 , 此 簽 章 σ 的 正 確 性 應 在 Tally phase,也就是記票階段才可被驗證。簽章的正確 性是透過計算 e 是否等於 H ( CAN j , g s y e mod p ) 的值來驗證。然而,任何攻擊者其實在開票之 前,就可事先知道每張有效票的投票的結果。因 為 g , y , p 是公開的,而 e, s 攻擊者可以經由 Ballot casting phase 的步驟 2 擷取獲得 σ = ( s e , ) ,所以 驗證方程式只剩下 CAN j 無法得知,但是因為候 選人是有限個,因此攻擊者可以透過暴力攻擊法 一個 一個代入測 試得知 選票是投給 哪位 候 選 人,進而取得投票最後的結果,達到投票結果的 可預測性。
顯示更多

7 閱讀更多

A study on VoIP Security

A study on VoIP Security

Figure 16. Network delay simulation 6. Conclusion In this paper, we apply the visual cryptographic concepts, which original used in image procession, to secure SIP VoIP. We segregate the voice data into two shares, and then transmit them on two disjoint paths over the network. Hackers cannot recover the voice data if they only intercept any one share. We use an alternative disjoint path to transmit the shorter share of the segregated voice data since the alternative path is not the shortest path. Since we implement the disjoint multi-path algorithm in the

8 閱讀更多

Design and Implementation of an Integrated Home Information and Service System

Design and Implementation of an Integrated Home Information and Service System

In CC/PP specifications, the actual capability description can be placed at the locations specified by URIs described in the CC/PP header. So the capability descriptions we defined are putting in a single file, which can be retrieved by a location string written in URI format [8]. When we want to get capability descriptions of a device, we can put the names of capability descriptions after the location string so that we can get the part of capability description we want. The Profile-Diff support of the CC/PP description in our system is not needed, so we didn’t implement it. Because IAs are not available at this time, we have developed several IA simulators that help us to evaluate our system. Figure 4 shows a screenshot of PC/Notebook with 100 Mbps broadband connection. Figure 5 show a screenshot of Compaq iPAQ H3800 Pocket PC with 11 Mbps wireless connection and screenshots of WAP mobile device with 9.6 Kbps dial up connection. These figures show how content adaptation is performed based on device capabilities and network characteristics.
顯示更多

20 閱讀更多

A VIKOR technique based on DEMATEL and ANP for information security risk control assessment

A VIKOR technique based on DEMATEL and ANP for information security risk control assessment

the compromise-solution method and overcoming the problem of interdependence and feedback among criteria. Further- more, our proposed method uses NRM, to analyze the results, which is a better way than traditional analysis. Many uncertain influencers and factors affect risk. Moreover, human beings determine the risk value, risk probability of occurrence of security breach, or the consequence of occurrence of security breach according to their experiences. This im- plies some subjectivity; accordingly, it would be very appropriate to use the fuzzy concept here. Furthermore, ANP can over- come the problems of interdependence and feedback among criteria. Another method—the fuzzy integral method—can overcome interdependence among criteria. Therefore, when the criteria do not show feedback, the fuzzy integral can also be a very suitable method. Finally, managers should consider the related costs and resources when they implement the con- trols to reduce risk. How do managers use the lowest cost and the least resources to establish controls to reduce risk to an acceptable level? All these above issues can be investigated in future studies.
顯示更多

19 閱讀更多

Twhhcs A Study of Hierarchical Structure of Information Security Valuation Criteria

Twhhcs A Study of Hierarchical Structure of Information Security Valuation Criteria

美國國防部發展的可信賴電腦系統評估準則( Trusted Computer System Evaluated Criterion) (TCSEC, 1985) 指出:安全的系統應是藉由使用特別的安全功能,以對 資訊的擷取加以控制,如:經過適當授權的個人或處 理,才能讀、寫、新增或刪除資訊。美國國防部的「軍 事及相關術語國防辭典」 ,對資訊安全定義為: 「保護資 訊及資訊系統;以避免在儲存、處理或傳輸中的資訊遭 受未經授權的存取或更改;且避免經授權的使用者遭到 服務拒絕。」由於美國將資訊基礎建設中的資訊安全防 護,在 Y2K 後納入國家的範圍,亦即成為國防保護的 範圍,而美國的資訊安全技術研發,一向由軍方支持,
顯示更多

23 閱讀更多

A Study of Security on Electronic Payment System 梁道一、顏嵩銘

A Study of Security on Electronic Payment System 梁道一、顏嵩銘

As business is moving from face-to-face trading, mail order and phone order to electronic commerce over open networks such as the Internet, crucial security issues are being raised. While Electronic Fund Transfer over financial networks is reasonably secure, securing payments over open networks connecting commercial servers and consumer workstations poses challenges of a new dimension. We believe that will be done which must sign his name on for the same experience. One, your trade under the control of someone. Two, you can''t use credit card to buy a beverage, dut to the two point. Maybe you don''t think so, but it have some problem in the viewpoint of privacy and conveniently. Therefore, we will to bring up electronic cash to accomplish anonymous system. It will be include merchant and bank. However, we also added some escrow function in here for the sake of convenient to control disputes or extorts. Otherwise, in this time, it has to use payment systems that only buy a beverage, it have the aid of micropayment. Consequently, we will to discuss and some problem about efficiency of micropayment.
顯示更多

2 閱讀更多

Design and Implementation of E-mail Filtering System

Design and Implementation of E-mail Filtering System

Many universities and corporations provide their users with the comfort of Web-based email. However, web mail uses only the HTTP protocol when sending an email from one internal user to another. In this case, if a user sends email with an infected attachment to another user utilizing a Web mail tool, the message will be delivered without being scanned since traditional anti-virus engines only monitor the POP3 and SMTP ports. We tried to solve this problem by linking Sophos Anti-Virus Engine to our EMF system. In order to integrate the anti-virus engine into our EMF which implemented in PERL, SAVI-Perl is chosen to be the API (APplication Interface). SAVI-Perl is a Perl module interface to the Sophos Anti-Virus Engine.
顯示更多

10 閱讀更多

Development and implementation of a nationwide health care quality indicator system in Taiwan

Development and implementation of a nationwide health care quality indicator system in Taiwan

Implementation After 2 years of research and development, THIS was offi- cially launched in 2001. Participation is voluntary. Participat- ing hospitals can choose whichever indictors they feel are suitable for their own settings and report them to the Taiwan College of Healthcare Executives monthly via a web-based interface. The college processes the data, provides feedback to them, and is responsible for the statistical analyses by applying the overall data or the data of subgroups, according to ownership, accreditation level, and so on. Participating hospitals learn the statistical distributions of all indicators, including the mean, standard deviation, range, percentile, and so on. The information derived from the database is for par- ticipating hospitals’ own uses and is not yet meant to be released to the general public. Hospitals are allowed to publi- cize their participation in the system, but not the results.
顯示更多

8 閱讀更多

A Study on Wealth Management of Security Industry Between Hong Kong and Taiwan 趙裕彬、施能仁

A Study on Wealth Management of Security Industry Between Hong Kong and Taiwan 趙裕彬、施能仁

ABSTRACT Within wealth management as a main axle , this research chose a total ten funds as a portfolio investment in Taiwan and Hong Kong regions to discuss how to pursue the most appropriate mode of portfolio investment under a premise of expected rate of re-turn and based on efficient frontier analysis method by Markowitz. The case study indicates:1.According to the portfolio investment theory by Markowitz, a correct asset allocation strategy is far more important than the ability of choosing investment target and timing. This research proved the importance of above view by gathering 10 years of data of fund returns. Upon the Taiwan funds chosen for this portfolio investment research, searching for the best efficient frontier while the weight limit was equal to one and the variance component was as low as 0.00015, the various types of funds could still achieve 10% expected rate of return.
顯示更多

2 閱讀更多

A Study on Vulnerabilities of Information Security Protection Mechanism on SNMPv3 Network Management 蔡明隆、曹偉駿

A Study on Vulnerabilities of Information Security Protection Mechanism on SNMPv3 Network Management 蔡明隆、曹偉駿

ABSTRACT With increasing popularity of network equipments, managers can log in the network management system remotely, monitor the states of equipments, and process alarm signal. For integration, many manufacturers jointly develop SNMP(Simple Network Management Protocol) to provide important network management functions, such as network monitoring. For example, HP OPENVIEW can find the cause of network failure rapidly, search new equipments, and help network managers design expanded functions for the network. However, previous SNMP messages are sent by the form of plaintext. These messages will be captured and decoded easily by programs such as Micorsoft Internet Monitor or Sniffer. In addition, under the architecture of SNMP, there are some literatures to point that SNMPv3 can not resist DDoS (Dirtributed Denial of Service) attacks, and support web-based management seldomly. So, this article designs a system for preventing SNMPv3 from DDoS attacks, and combines the public key infrastructure and web-based management function, in order to solve the weaknesses of mechanisms of information security. In such a way, it provides useful suggestions for network managers.
顯示更多

2 閱讀更多

Show all 10000 documents...