194 research outputs found
Recommended from our members
Big Data Assurance Evaluation: An SLA-Based Approach.
The Big Data community has started noticing that there is the need to complete Big Data platforms with assurance techniques proving the correct behavior of Big Data
analytics and management. In this paper, we propose a Big Data assurance solution based on Service-Level Agreements (SLAs), focusing on a platform providing Model-based Big Data Analytics-as-a-Service (MBDAaaS)
Machine-Readable Privacy Certificates for Services
Privacy-aware processing of personal data on the web of services requires
managing a number of issues arising both from the technical and the legal
domain. Several approaches have been proposed to matching privacy requirements
(on the clients side) and privacy guarantees (on the service provider side).
Still, the assurance of effective data protection (when possible) relies on
substantial human effort and exposes organizations to significant
(non-)compliance risks. In this paper we put forward the idea that a privacy
certification scheme producing and managing machine-readable artifacts in the
form of privacy certificates can play an important role towards the solution of
this problem. Digital privacy certificates represent the reasons why a privacy
property holds for a service and describe the privacy measures supporting it.
Also, privacy certificates can be used to automatically select services whose
certificates match the client policies (privacy requirements).
Our proposal relies on an evolution of the conceptual model developed in the
Assert4Soa project and on a certificate format specifically tailored to
represent privacy properties. To validate our approach, we present a worked-out
instance showing how privacy property Retention-based unlinkability can be
certified for a banking financial service.Comment: 20 pages, 6 figure
Recommended from our members
Towards Transparent and Trustworthy Cloud
Despite its immense benefits in terms of flexibility, resource consumption, and simplified management, cloud computing raises several concerns due to lack of trust and transparency. Like all computing paradigms based on outsourcing, the use of cloud computing is largely a matter of trust. There is an increasing pressure by cloud customers for solutions that would increase their confidence that a cloud service/application is behaving in a secure and correct manner. Cloud assurance techniques, developed to assess the trustworthiness of cloud services, can play a major role in building trust. In this paper, we start from the assumption that an opaque cloud does not fit security, and present a reliable evidence collection process and infrastructure extending existing assurance techniques towards the definition of a trustworthy cloud. The proposed process and infrastructure are applied to a case study on cloud certification showing their utility
Weight filtration on the cohomology of complex analytic spaces
We extend Deligne's weight filtration to the integer cohomology of complex
analytic spaces (endowed with an equivalence class of compactifications). In
general, the weight filtration that we obtain is not part of a mixed Hodge
structure. Our purely geometric proof is based on cubical descent for
resolution of singularities and Poincar\'e-Verdier duality. Using similar
techniques, we introduce the singularity filtration on the cohomology of
compactificable analytic spaces. This is a new and natural analytic invariant
which does not depend on the equivalence class of compactifications and is
related to the weight filtration.Comment: examples added + minor correction
Recommended from our members
ASSERT4SOA: Toward Security Certification of Service-Oriented Applications
ASSERT4SOA project proposes machine readable certificates to be used to allow Web service requesters to automatically assess the security properties of Web services (and their providers) as certified by a trusted third party. This vision promises to open up an entire new market for certification services
Generalized differential privacy: regions of priors that admit robust optimal mechanisms
International audienceDifferential privacy is a notion of privacy that was initially designed for statistical databases, and has been recently extended to a more general class of domains. Both differential privacy and its generalized version can be achieved by adding random noise to the reported data. Thus, privacy is obtained at the cost of reducing the data's accuracy, and therefore their utility. In this paper we consider the problem of identifying optimal mechanisms for gen- eralized differential privacy, i.e. mechanisms that maximize the utility for a given level of privacy. The utility usually depends on a prior distribution of the data, and naturally it would be desirable to design mechanisms that are universally optimal, i.e., optimal for all priors. However it is already known that such mechanisms do not exist in general. We then characterize maximal classes of priors for which a mechanism which is optimal for all the priors of the class does exist. We show that such classes can be defined as convex polytopes in the priors space. As an application, we consider the problem of privacy that arises when using, for instance, location-based services, and we show how to define mechanisms that maximize the quality of service while preserving the desired level of geo- indistinguishability
Recommended from our members
Aligning Monitoring and Compliance Requirements in Evolving Business Networks
Dynamic business networks (BNs) are intrinsically characterised by change. Compliance requirements management, in this context, may become particularly challenging. Partners in the network may join and leave the collaboration dynamically and tasks over which compliance requirements are specified may be consequently delegated to new partners or backsourced by network participants. This paper considers the issue of aligning the compliance requirements in a BN with the monitoring requirements they induce on the BN participants when change (or evolution) occurs. We first provide a conceptual model of BNs and their compliance requirements, introducing the concept of monitoring capabilities induced by compliance requirements. Then, we present a set of mechanisms to ensure consistency between the monitoring and compliance requirements when BNs evolve, e.g. tasks are delegated or backsourced in-house. Eventually, we discuss a prototype implementation of our framework, which also implements a set of metrics to check the status of a BN in respect of compliance monitorability
Fiscal Multipliers and Public Debt Dynamics in Consolidations
The success of a consolidation in reducing the debt ratio depends crucially on the value of the multiplier, which measures the impact of consolidation on growth, and on the reaction of sovereign yields to such a consolidation.
We present a theoretical framework that formalizes the re spo nse of the public debt ratio to fiscal consolidations in relation to the value of fiscal multipliers, the starting debt level and the cyclical elasticity of the budget balance. We also assess the role of markets confidence to fiscal consolidations under al ternative scenarios. We find that with high levels of public debt and sizeable fiscal multipliers , debt ratios are likely to increase in the short term in response to fiscal consolidations. Hence, the typical horizon for a consolidation during crises episo des to reduce the debt ratio is two - three years , although this horizon depends critically on the size and persistence of fiscal multipliers and the reaction of financial markets.
Anyway, such undesired debt responses are mainly short - lived.
This effect is very unlikely in non - crisis times, as it requires a number of conditions difficult to observe at the same time , especially high fiscal multipliers
Data security issues in cloud scenarios
The amount of data created, stored, and processed has enormously increased in the last years. Today, millions of devices are connected to the Internet and generate a huge amount of (personal) data that need to be stored and processed using scalable, efficient, and reliable computing infrastructures. Cloud computing technology can be used to respond to these needs. Although cloud computing brings many benefits to users and companies, security concerns about the cloud still represent the major impediment for its wide adoption.
We briefly survey the main challenges related to the storage and processing of data in the cloud. In particular, we focus on the problem of protecting data in storage, supporting fine-grained access, selectively sharing data, protecting query privacy, and verifying the integrity of computations
- …