From Social Data Mining to Forecasting Socio-Economic Crisis

Socio-economic data mining has a great potential in terms of gaining a better understanding of problems that our economy and society are facing, such as financial instability, shortages of resources, or conflicts. Without large-scale data mining, progress in these areas seems hard or impossible. Therefore, a suitable, distributed data mining infrastructure and research centers should be built in Europe. It also appears appropriate to build a network of Crisis Observatories. They can be imagined as laboratories devoted to the gathering and processing of enormous volumes of data on both natural systems such as the Earth and its ecosystem, as well as on human techno-socio-economic systems, so as to gain early warnings of impending events. Reality mining provides the chance to adapt more quickly and more accurately to changing situations. Further opportunities arise by individually customized services, which however should be provided in a privacy-respecting way. This requires the development of novel ICT (such as a self- organizing Web), but most likely new legal regulations and suitable institutions as well. As long as such regulations are lacking on a world-wide scale, it is in the public interest that scientists explore what can be done with the huge data available. Big data do have the potential to change or even threaten democratic societies. The same applies to sudden and large-scale failures of ICT systems. Therefore, dealing with data must be done with a large degree of responsibility and care. Self-interests of individuals, companies or institutions have limits, where the public interest is affected, and public interest is not a sufficient justification to violate human rights of individuals. Privacy is a high good, as confidentiality is, and damaging it would have serious side effects for society.Comment: 65 pages, 1 figure, Visioneer White Paper, see http://www.visioneer.ethz.c

A policy compliance detection architecture for data exchange infrastructures

Data sharing and federation can significantly increase efficiency and lower the cost of digital collaborations. It is important to convince the data owners that their outsourced data will be used in a secure and controlled manner. To achieve this goal, constructing a policy governing concrete data usage rule among all parties is essential. More importantly, we need to establish digital infrastructures that can enforce the policy. In this thesis, we investigate how to select optimal application-tailored infrastructures and enhance policy compliance capabilities. First, we introduce a component linking the policy to the infrastructure patterns. The mechanism selects digital infrastructure patterns that satisfy the collaboration request to a maximal degree by modelling and closeness identification. Second, we present a threat-analysis driven risk assessment framework. The framework quantitatively assesses the remaining risk of an application delegated to digital infrastructure. The optimal digital infrastructure for a specific data federation application is the one which can support the requested collaboration model and provides the best security guarantee. Finally, we present a distributed architecture that detects policy compliance when an algorithm executes on the data. A profile and an IDS model are built for each containerized algorithm and are distributed to endpoint execution platforms via a secure channel. Syscall traces are monitored and analysed in endpoint points platforms. The machine learning based IDS is retrained periodically to increase generalization. A sanitization algorithm is implemented to filter out malicious samples to further defend the architecture against adversarial machine learning attacks

Dynamic trust negotiation for decentralised e-health collaborations

In the Internet-age, the geographical boundaries that have previously impinged upon inter-organisational collaborations have become decreasingly important. Of more importance for such collaborations is the notion and subsequent nature of security and trust - this is especially so in open collaborative environments like the Grid where resources can be both made available, subsequently accessed and used by remote users from a multitude of institutions with a variety of different privileges spanning across the collaboration. In this context, the ability to dynamically negotiate and subsequently enforce security policies driven by various levels of inter-organisational trust is essential. Numerous access control solutions exist today to address aspects of inter-organisational security. These include the use of centralised access control lists where all collaborating partners negotiate and agree on privileges required to access shared resources. Other solutions involve delegating aspects of access right management to trusted remote individuals in assigning privileges to their (remote) users. These solutions typically entail negotiations and delegations which are constrained by organisations, people and the static rules they impose. Such constraints often result in a lack of flexibility in what has been agreed; difficulties in reaching agreement, or once established, in subsequently maintaining these agreements. Furthermore, these solutions often reduce the autonomous capacity of collaborating organisations because of the need to satisfy collaborating partners demands. This can result in increased security risks or reducing the granularity of security policies. Underpinning this is the issue of trust. Specifically trust realisation between organisations, between individuals, and/or between entities or systems that are present in multi-domain authorities. Trust negotiation is one approach that allows and supports trust realisation. The thesis introduces a novel model called dynamic trust negotiation (DTN) that supports n-tier negotiation hops for trust realisation in multi-domain collaborative environments with specific focus on e-Health environments. DTN describes how trust pathways can be discovered and subsequently how remote security credentials can be mapped to local security credentials through trust contracts, thereby bridging the gap that makes decentralised security policies difficult to define and enforce. Furthermore, DTN shows how n-tier negotiation hops can limit the disclosure of access control policies and how semantic issues that exist with security attributes in decentralised environments can be reduced. The thesis presents the results from the application of DTN to various clinical trials and the implementation of DTN to Virtual Organisation for Trials of Epidemiological Studies (VOTES). The thesis concludes that DTN can address the issue of realising and establishing trust between systems or agents within the e-Health domain, such as the clinical trials domain

Towards privacy protection in pervasive healthcare

Proliferation of small handheld devices and wireless technologies has kindled the phenomenon of pervasive computing. Healthcare, being a prime concern for every society, has been considered as an ideal setting for deployment of this technology. Pervasive healthcare aims to improve patient independent living and quality of life and pay special attention to issues of security, privacy, transparency and ease of use. From its very nature of being open and dynamic, the pervasive environment has been challenged with security and privacy related issues with regards to collaborative information sharing. In this paper, we present some of the privacy challenges that arise when designing pervasive healthcare environments and discuss addressing some of these issues in a home based patient monitoring system. Specifically, we cover privacy violation through individual healthcare information availability and information leakage through context-aware services. Keywords-Privacy violation; Information leakage; Healthcare; Pervasive Computing

Dagstuhl News January - December 2008

"Dagstuhl News" is a publication edited especially for the members of the Foundation "Informatikzentrum Schloss Dagstuhl" to thank them for their support. The News give a summary of the scientific work being done in Dagstuhl. Each Dagstuhl Seminar is presented by a small abstract describing the contents and scientific highlights of the seminar as well as the perspectives or challenges of the research topic