Data security issues in cloud scenarios

The amount of data created, stored, and processed has enormously increased in the last years. Today, millions of devices are connected to the Internet and generate a huge amount of (personal) data that need to be stored and processed using scalable, efficient, and reliable computing infrastructures. Cloud computing technology can be used to respond to these needs. Although cloud computing brings many benefits to users and companies, security concerns about the cloud still represent the major impediment for its wide adoption. We briefly survey the main challenges related to the storage and processing of data in the cloud. In particular, we focus on the problem of protecting data in storage, supporting fine-grained access, selectively sharing data, protecting query privacy, and verifying the integrity of computations

Static Human Detection and Scenario Recognition via Wearable Thermal Sensing System

Conventional wearable sensors are mainly used to detect the physiological and activity information of individuals who wear them, but fail to perceive the information of the surrounding environment. This paper presents a wearable thermal sensing system to detect and perceive the information of surrounding human subjects. The proposed system is developed based on a pyroelectric infrared sensor. Such a sensor system aims to provide surrounding information to blind people and people with weak visual capability to help them adapt to the environment and avoid collision. In order to achieve this goal, a low-cost, low-data-throughput binary sampling and analyzing scheme is proposed. We also developed a conditioning sensing circuit with a low-noise signal amplifier and programmable system on chip (PSoC) to adjust the amplification gain. Three statistical features in information space are extracted to recognize static humans and human scenarios in indoor environments. The results demonstrate that the proposed wearable thermal sensing system and binary statistical analysis method are efficient in static human detection and human scenario perception

Personalizing the web: A tool for empowering end-users to customize the web through browser-side modification

167 p.Web applications delegate to the browser the final rendering of their pages. Thispermits browser-based transcoding (a.k.a. Web Augmentation) that can be ultimately singularized for eachbrowser installation. This creates an opportunity for Web consumers to customize their Web experiences.This vision requires provisioning adequate tooling that makes Web Augmentation affordable to laymen.We consider this a special class of End-User Development, integrating Web Augmentation paradigms.The dominant paradigm in End-User Development is scripting languages through visual languages.This thesis advocates for a Google Chrome browser extension for Web Augmentation. This is carried outthrough WebMakeup, a visual DSL programming tool for end-users to customize their own websites.WebMakeup removes, moves and adds web nodes from different web pages in order to avoid tabswitching, scrolling, the number of clicks and cutting and pasting. Moreover, Web Augmentationextensions has difficulties in finding web elements after a website updating. As a consequence, browserextensions give up working and users might stop using these extensions. This is why two differentlocators have been implemented with the aim of improving web locator robustness

Personalizing the web: A tool for empowering end-users to customize the web through browser-side modification

167 p.Web applications delegate to the browser the final rendering of their pages. Thispermits browser-based transcoding (a.k.a. Web Augmentation) that can be ultimately singularized for eachbrowser installation. This creates an opportunity for Web consumers to customize their Web experiences.This vision requires provisioning adequate tooling that makes Web Augmentation affordable to laymen.We consider this a special class of End-User Development, integrating Web Augmentation paradigms.The dominant paradigm in End-User Development is scripting languages through visual languages.This thesis advocates for a Google Chrome browser extension for Web Augmentation. This is carried outthrough WebMakeup, a visual DSL programming tool for end-users to customize their own websites.WebMakeup removes, moves and adds web nodes from different web pages in order to avoid tabswitching, scrolling, the number of clicks and cutting and pasting. Moreover, Web Augmentationextensions has difficulties in finding web elements after a website updating. As a consequence, browserextensions give up working and users might stop using these extensions. This is why two differentlocators have been implemented with the aim of improving web locator robustness

Data protection in Cloud scenarios

We present a brief overview of the main challenges related to data protection that need to be addressed when data are stored, processed, or managed in the cloud. We also discuss emerging approaches and directions to address such challenges

Supporting Application Requirements in Cloud-based IoT Information Processing

IoT infrastructures can be seen as an interconnected network of sources of data, whose analysis and processing can be beneficial for our society. Since IoT devices are limited in storage and computation capabilities, relying on external cloud providers has recently been identified as a promising solution for storing and managing IoT data. Due to the heterogeneity of IoT data and applicative scenarios, the cloud service delivery should be driven by the requirements of the specific IoT applications. In this paper, we propose a novel approach for supporting application requirements (typically related to security, due to the inevitable concerns arising whenever data are stored and managed at external third parties) in cloud-based IoT data processing. Our solution allows a subject with an authority over an IoT infrastructure to formulate conditions that the provider must satisfy in service provisioning, and computes a SLA based on these conditions while accounting for possible dependencies among them. We also illustrate a CSP-based formulation of the problem of computing a SLA, which can be solved adopting off-the-shelves CSP solvers

Cloud Security: Issues and Concerns

The cloud has emerged as a successful computing paradigm, allowing users and organizations to rely on external providers to store and process their data and make it available to others. An increasingly important priority, if there is to be wide adoption and acceptance of cloud computing, is for data owners and users to have security guarantees. Guaranteeing security means ensuring confidentiality and integrity of data, access to it, and computations with it, and ensuring availability of data and services to legitimate users in compliance with agreements with the providers. In this chapter, we present an overview of the main security issues and concerns arising in the cloud scenario, in particular with respect to the storage, management, and processing of data

A Language for the Specification of Administrative Workflow Processes with Emphasis on Actors’ Views

International audienceAdministrative workflows refer to variable business processes in which all cases are known; tasks are predictable and their sequencing rules are simple and clearly defined. When such processes are collaboratively executed by several actors, it may be desirable, for security reasons (confidentiality), that each of them has at all times, only a partial perception (this is what we call "actor's view") of the current process state. This concern seems sufficiently important to be considered when specifying such workflows. However, traditional workflow specification languages (BPMN, BPEL, YAWL) only partially address it. This is why we present in this paper, a new language for specifying administrative workflows that allows us not only to simply model all of the processes tasks and their sequence, but also and especially to explicitly express the rights of the various actors with respect to each of them, in order to guarantee a certain degree of security. The proposed model is an executable grammatical specification that allows to express using decorated productions, the different types of basic flows (sequential, parallel, alternative and iterative) that are found in workflow specification languages; moreover, it also allows to specify the rights of each actor in each process and on its data in a formalism similar to that used in UNIX-like operating systems