Chemical applications of escience to interfacial spectroscopy

This report is a summary of works carried out by the author between October 2003 and September 2004, in the first year of his PhD studie

Philosophy of Blockchain Technology - Ontologies

About the necessity and usefulness of developing a philosophy specific to the blockchain technology, emphasizing on the ontological aspects. After an Introduction that highlights the main philosophical directions for this emerging technology, in Blockchain Technology I explain the way the blockchain works, discussing ontological development directions of this technology in Designing and Modeling. The next section is dedicated to the main application of blockchain technology, Bitcoin, with the social implications of this cryptocurrency. There follows a section of Philosophy in which I identify the blockchain technology with the concept of heterotopia developed by Michel Foucault and I interpret it in the light of the notational technology developed by Nelson Goodman as a notational system. In the Ontology section, I present two developmental paths that I consider important: Narrative Ontology, based on the idea of order and structure of history transmitted through Paul Ricoeur's narrative history, and the Enterprise Ontology system based on concepts and models of an enterprise, specific to the semantic web, and which I consider to be the most well developed and which will probably become the formal ontological system, at least in terms of the economic and legal aspects of blockchain technology. In Conclusions I am talking about the future directions of developing the blockchain technology philosophy in general as an explanatory and robust theory from a phenomenologically consistent point of view, which allows testability and ontologies in particular, arguing for the need of a global adoption of an ontological system for develop cross-cutting solutions and to make this technology profitable. CONTENTS: Abstract Introducere Tehnologia blockchain - Proiectare - Modele Bitcoin Filosofia Ontologii - Ontologii narative - Ontologii de intreprindere Concluzii Note Bibliografie DOI: 10.13140/RG.2.2.24510.3360

Privacy Preserving Enforcement of Sensitive Policies in Outsourced and Distributed Environments

The enforcement of sensitive policies in untrusted environments is still an open challenge for policy-based systems. On the one hand, taking any appropriate security decision requires access to these policies. On the other hand, if such access is allowed in an untrusted environment then confidential information might be leaked by the policies. The key challenge is how to enforce sensitive policies and protect content in untrusted environments. In the context of untrusted environments, we mainly distinguish between outsourced and distributed environments. The most attractive paradigms concerning outsourced and distributed environments are cloud computing and opportunistic networks, respectively. In this dissertation, we present the design, technical and implementation details of our proposed policy-based access control mechanisms for untrusted environments. First of all, we provide full confidentiality of access policies in outsourced environments, where service providers do not learn private information about policies. We support expressive policies and take into account contextual information. The system entities do not share any encryption keys. For complex user management, we offer the full-fledged Role-Based Access Control (RBAC) policies. In opportunistic networks, we protect content by specifying expressive policies. In our proposed approach, brokers match subscriptions against policies associated with content without compromising privacy of subscribers. As a result, unauthorised brokers neither gain access to content nor learn policies and authorised nodes gain access only if they satisfy policies specified by publishers. Our proposed system provides scalable key management in which loosely-coupled publishers and subscribers communicate without any prior contact. Finally, we have developed a prototype of the system that runs on real smartphones and analysed its performance.Comment: Ph.D. Dissertation. http://eprints-phd.biblio.unitn.it/1124

A Dynamic Access Control Model Using Authorising Workfow and Task Role-based Access Control

Access control is fundamental and prerequisite to govern and safeguard information assets within an organisation. Organisations generally use Web enabled remote access coupled with applications access distributed across various networks. These networks face various challenges including increase operational burden and monitoring issues due to the dynamic and complex nature of security policies for access control. The increasingly dynamic nature of collaborations means that in one context a user should have access to sensitive information, whilst not being allowed access in other contexts. The current access control models are static and lack Dynamic Segregation of Duties (SoD), Task instance level of Segregation, and decision making in real time. This thesis addresses these limitations describes tools to support access management in borderless network environments with dynamic SoD capability and real time access control decision making and policy enforcement. This thesis makes three contributions: i) Defining an Authorising Workflow Task Role Based Access Control (AW-TRBAC) using existing task and workflow concepts. This new workflow integrates dynamic SoD, whilst considering task instance restriction to ensure overall access governance and accountability. It enhances existing access control models such as Role Based Access Control (RBAC) by dynamically granting users access rights and providing access governance. ii) Extension of the OASIS standard of XACML policy language to support dynamic access control requirements and enforce access control rules for real time decision making. This mitigates risks relating to access control, such as escalation of privilege in broken access control, and insucient logging and monitoring. iii) The AW-TRBAC model is implemented by extending the open source XACML (Balana) policy engine to demonstrate its applicability to a real industrial use case from a financial institution. The results show that AW-TRBAC is scalable, can process relatively large numbers of complex requests, and meets the requirements of real time access control decision making, governance and mitigating broken access control risk

Blockchain-Supported Food Supply Chain Reference Architecture

Department of Management EngineeringA food security issue increased rapidly due to numerous food frauds and tragic incidents and overall growth in the scale of food supply chain network in the last years. Since the recent evolution of Blockchain technology, it promises high potential ability to guarantee and trace the originality of products in supply chain network The main purpose of this research work is to build general Blockchain-supported food supply chain reference architecture model along with supplementary guidelines which could be applied in real-life supply chain cases with or without customization or inspire their design of supply chain system. A case driven bottom-up approach is used to create the reference architecture with the help of BOAT framework as a base tool to align the case details. A total of three food supply chain cases were utilized for the development of reference architecture and third case study of Mongolian meat trade supply chain was examined with the proposed solution and finally evaluated by the local experts. I believe this reference framework will help fellow researchers and industry practitioners to use this as a base knowledge without beginning from the scratches because current literature lacks extremely in this field. In overall, I expect this work will contribute to the current literature in the followings: 1. To expand the implementation mechanism of Blockchain solutions in general supply chain cases especially in food supply chain. 2. To provide practical exemplary implementation of real life case scenarios 3. To provide detailed analysis of benefits and weaknesses of using Blockchain in food supply chainope

SoNeUCON_{ABC}Pro: an access control model for social networks with translucent user provenance

Proceedings of: SecureComm 2017 International Workshops, ATCS and SePrIoT, Niagara Falls, ON, Canada, October 22–25, 2017Web-Based Social Networks (WBSNs) are used by millions of people worldwide. While WBSNs provide many benefits, privacy preservation is a concern. The management of access control can help to assure data is accessed by authorized users. However, it is critical to provide sufficient flexibility so that a rich set of conditions may be imposed by users. In this paper we coin the term user provenance to refer to tracing users actions to supplement the authorisation decision when users request access. For example restricting access to a particular photograph to those which have “liked” the owners profile. However, such a tracing of actions has the potential to impact the privacy of users requesting access. To mitigate this potential privacy loss the concept of translucency is applied. This paper extends SoNeUCONABC model and presents SoNeUCONABCPro, an access control model which includes translucent user provenance. Entities and access control policies along with their enforcement procedure are formally defined. The evaluation demonstrates that the system satisfies the imposed goals and supports the feasibility of this model in different scenarios.This work was supported by the MINECO grants TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You) and TIN2016-79095-C2-2-R (SMOG-DEV); by the CAM grant S2013/ICE-3095 (CIBERDINE: Cybersecurity, Data, and Risks); and by the Programa de Ayudas para la Movilidad of Carlos III University of Madrid, Spain (J. M. de Fuentes and L. Gonzalez-Manzano grants)

Scenarios for Description Logic

Description logics form a family of knowledge representation languages for modeling ontologies. Model-finding is a technique for analyzing a first-order theory T by constructing and querying the models of T. This project develops a translation from description logic theories to first-order theories, enabling the use of the Razor model-finder. We provide an implementation of the translation algorithm, and a proof of correctness of the algorithm. As a case study, we explore a sample role-based access control policy formalized in description logic and show how to reason about using Razor