Catch, Clean, and Release: A Survey of Obstacles and Opportunities for Network Trace Sanitization

Network researchers benefit tremendously from access to traces of production networks, and several repositories of such network traces exist. By their very nature, these traces capture sensitive business and personal activity. Furthermore, network traces contain significant operational information about the target network, such as its structure, identity of the network provider, or addresses of important servers. To protect private or proprietary information, researchers must “sanitize” a trace before sharing it. \par In this chapter, we survey the growing body of research that addresses the risks, methods, and evaluation of network trace sanitization. Research on the risks of network trace sanitization attempts to extract information from published network traces, while research on sanitization methods investigates approaches that may protect against such attacks. Although researchers have recently proposed both quantitative and qualitative methods to evaluate the effectiveness of sanitization methods, such work has several shortcomings, some of which we highlight in a discussion of open problems. Sanitizing a network trace, however challenging, remains an important method for advancing network–based research

New Conditional Privacy-preserving Encryption Schemes in Communication Network

Nowadays the communication networks have acted as nearly the most important fundamental infrastructure in our human society. The basic service provided by the communication networks are like that provided by the ubiquitous public utilities. For example, the cable television network provides the distribution of information to its subscribers, which is much like the water or gas supply systems which distribute the commodities to citizens. The communication network also facilitates the development of many network-based applications such as industrial pipeline controlling in the industrial network, voice over long-term evolution (VoLTE) in the mobile network and mixture reality (MR) in the computer network, etc. Since the communication network plays such a vital role in almost every aspect of our life, undoubtedly, the information transmitted over it should be guarded properly. Roughly, such information can be categorized into either the communicated message or the sensitive information related to the users. Since we already got cryptographical tools, such as encryption schemes, to ensure the confidentiality of communicated messages, it is the sensitive personal information which should be paid special attentions to. Moreover, for the benefit of reducing the network burden in some instances, it may require that only communication information among legitimated users, such as streaming media service subscribers, can be stored and then relayed in the network. In this case, the network should be empowered with the capability to verify whether the transmitted message is exchanged between legitimated users without leaking the privacy of those users. Meanwhile, the intended receiver of a transmitted message should be able to identify the exact message sender for future communication. In order to cater to those requirements, we re-define a notion named conditional user privacy preservation. In this thesis, we investigate the problem how to preserve user conditional privacy in pubic key encryption schemes, which are used to secure the transmitted information in the communication networks. In fact, even the term conditional privacy preservation has appeared in existing works before, there still have great differences between our conditional privacy preservation definition and the one proposed before. For example, in our definition, we do not need a trusted third party (TTP) to help tracing the sender of a message. Besides, the verification of a given encrypted message can be done without any secret. In this thesis, we also introduce more desirable features to our redefined notion user conditional privacy preservation. In our second work, we consider not only the conditional privacy of the message sender but also that of the intended message receiver. This work presents a new encryption scheme which can be implemented in communication networks where there exists a blacklist containing a list of blocked communication channels, and each of them is established by a pair of sender and receiver. With this encryption scheme, a verifier can confirm whether one ciphertext is belonging to a legitimated communication channel without knowing the exact sender and receiver of that ciphertext. With our two previous works, for a given ciphertext, we ensure that no one except its intended receiver can identify the sender. However, the receiver of one message may behave dishonest when it tries to retrieve the real message sender, which incurs the problem that the receiver of a message might manipulate the origin of the message successfully for its own benefit. To tackle this problem, we present a novel encryption scheme in our third work. Apart from preserving user conditional privacy, this work also enforces the receiver to give a publicly verifiable proof so as to convince others that it is honest during the process of identifying the actual message sender. In our forth work, we show our special interest in the access control encryption, or ACE for short, and find this primitive can inherently achieve user conditional privacy preservation to some extent. we present a newly constructed ACE scheme in this work, and our scheme has advantages over existing ACE schemes in two aspects. Firstly, our ACE scheme is more reliable than existing ones since we utilize a distributed sanitizing algorithm and thus avoid the so called single point failure happened in ACE systems with only one sanitizer. Then, since the ciphertext and key size of our scheme is more compact than that of the existing ACE schemes, our scheme enjoys better scalability

A Deep Learning-Based Privacy-Preserving Model for Smart Healthcare in Internet of Medical Things Using Fog Computing

With the emergence of COVID-19, smart healthcare, the Internet of Medical Things, and big data-driven medical applications have become even more important. The biomedical data produced is highly confidential and private. Unfortunately, conventional health systems cannot support such a colossal amount of biomedical data. Hence, data is typically stored and shared through the cloud. The shared data is then used for different purposes, such as research and discovery of unprecedented facts. Typically, biomedical data appear in textual form (e.g., test reports, prescriptions, and diagnosis). Unfortunately, such data is prone to several security threats and attacks, for example, privacy and confidentiality breach. Although significant progress has been made on securing biomedical data, most existing approaches yield long delays and cannot accommodate real-time responses. This paper proposes a novel fog-enabled privacy-preserving model called [Formula: see text] sanitizer, which uses deep learning to improve the healthcare system. The proposed model is based on a Convolutional Neural Network with Bidirectional-LSTM and effectively performs Medical Entity Recognition. The experimental results show that [Formula: see text] sanitizer outperforms the state-of-the-art models with 91.14% recall, 92.63% in precision, and 92% F1-score. The sanitization model shows 28.77% improved utility preservation as compared to the state-of-the-art

Large-scale Wireless Local-area Network Measurement and Privacy Analysis

The edge of the Internet is increasingly becoming wireless. Understanding the wireless edge is therefore important for understanding the performance and security aspects of the Internet experience. This need is especially necessary for enterprise-wide wireless local-area networks (WLANs) as organizations increasingly depend on WLANs for mission- critical tasks. To study a live production WLAN, especially a large-scale network, is a difficult undertaking. Two fundamental difficulties involved are (1) building a scalable network measurement infrastructure to collect traces from a large-scale production WLAN, and (2) preserving user privacy while sharing these collected traces to the network research community. In this dissertation, we present our experience in designing and implementing one of the largest distributed WLAN measurement systems in the United States, the Dartmouth Internet Security Testbed (DIST), with a particular focus on our solutions to the challenges of efficiency, scalability, and security. We also present an extensive evaluation of the DIST system. To understand the severity of some potential trace-sharing risks for an enterprise-wide large-scale wireless network, we conduct privacy analysis on one kind of wireless network traces, a user-association log, collected from a large-scale WLAN. We introduce a machine-learning based approach that can extract and quantify sensitive information from a user-association log, even though it is sanitized. Finally, we present a case study that evaluates the tradeoff between utility and privacy on WLAN trace sanitization

A Business Process Reengineering of the Surgical Path through Lean Technique: The Real Case Study of a Midsize Italian Hospital

This period of pandemic has had important consequences on the flow and the entire organization of any hospital. In particular, the number of accesses to the emergency room has increased, with the consequent urgent need to reorgani ze it quickly. The model proposed in this paper allows to respond to these needs by freeing not only shifts of nursing staff but also surgical staff. This workforce can then be relocated in the emergency room or of the intensive care unit who are in fact at the forefront of emergency management. The aim of this study conducted by the authors is to analyze, inside the context of a midsize Italian hospital, the actual organization model, and then to approach it by Business Process Reengineering (BPR) methodology with the goal to propose a KPI management system that evaluates the efficiency of the whole surgical path. The second objective of the study is to verify if the Operating Rooms (ORs) are properly sized to cover the surgical workload or if it would be necessary to build new ORs (answer to this question is the project mandate by Surgical Wards Chiefs). The last objective is to implement a flexible to cope with emergency situations such as a pandemic. The main result is the approximate maintenance of surgical annual activity (8169 vs 7889). The fewer resources required can be reallocated to deal with emergencies such as the current COVID-19 pandemic. In fact, the surgical shifts decreased during the test case from 464 versus 365 (-15,32%). The rooms’ utilization coefficient rose from 41% to over 52%, whereas the surgeons’ utilization coefficient rose to 61% (with values over 68% for parallel shifts). The results achieved demonstrate that improving efficiency of surgical processes is feasible and a systematic approach allows to respond to new global health challenges

Return To Campus Plan Fall 2020

EXECUTIVE SUMMARY & GUIDING PRINCIPLES INITIAL RETURN TO CAMPUS CONTINGENCY PLAN 1 CONTINGENCY PLAN 2 CONTINGENCY PLAN 3 TESTING, SCREENING, CONTACT TRACING, ISOLATION, NOTIFICATION COMMUNICATIONS FISCAL IMPACT APPENDI

"Modern" suburbs in lockdown: the INA CASA neighbourhood by Filippo Rovigo in Messina

[EN] The recent CoViD-19 emergency, a dramatic issue for our health, and the vexata quaestio of the existing buildings recovery, especially of the neighborhood, are the ends of an Ariadne's thread that must help us find an exit from the two huge problems. These issues, coupled by the isolation constrain, can be converted in a great opportunity by using targeted choices, supported by sustainability criteria that are now unavoidable.In the present paper, a specific suburban area- former Fondo Basile by architect Filippo Rovigo, on the northern edge of Messina was selected. For this area - following the original indications formulated by the emerging "neorealist" culture for garden cities – we intend: to redefine barrier-free paths; to add green and blue infrastructures; to evaluate incidences on energy performance; to redesign interior spaces to accept the need for sterilization and “flexible” furnishings; to experiment with functionalized surfaces (self-cleaning, antibacterial, heat-insulating); to introduce ad hoc home automation.Therefore, it is necessary to start from a very serious accident on which we stumbled exploiting this experience in order to look at the virus as an opportunity for a general rebirth of the neighbourhood. This latter can be based on new or experimental concepts in order to allow a sustainable restoration of the Modern Architecture, addressed to the second post-war period heritage, not guaranteed by the constrained regime provided for by the Cultural Heritage Code. This possibility is back in the fore thanks to a more recent strategic direction for the protection of "new landscapes" promoted by the Regional Department for Sicilian culture and identity.Arena, M.; Calabrese, L.; Di Bella, G.; Fiandaca, O.; Minutoli, F.; Lione, R.; Todesco, F. (2020). "Modern" suburbs in lockdown: the INA CASA neighbourhood by Filippo Rovigo in Messina. VITRUVIO - International Journal of Architectural Technology and Sustainability. 5(2):17-36. https://doi.org/10.4995/vitruvio-ijats.2020.14465OJS17365

Ensuring data confidentiality via plausibly deniable encryption and secure deletion – a survey

Ensuring confidentiality of sensitive data is of paramount importance, since data leakage may not only endanger dataowners’ privacy, but also ruin reputation of businesses as well as violate various regulations like HIPPA andSarbanes-Oxley Act. To provide confidentiality guarantee, the data should be protected when they are preserved inthe personal computing devices (i.e.,confidentiality duringtheirlifetime); and also, they should be rendered irrecoverableafter they are removed from the devices (i.e.,confidentiality after their lifetime). Encryption and secure deletion are usedto ensure data confidentiality during and after their lifetime, respectively.This work aims to perform a thorough literature review on the techniques being used to protect confidentiality of thedata in personal computing devices, including both encryption and secure deletion. Especially for encryption, wemainly focus on the novel plausibly deniable encryption (PDE), which can ensure data confidentiality against both acoercive (i.e., the attacker can coerce the data owner for the decryption key) and a non-coercive attacker