213 research outputs found
Tunable Security for Deployable Data Outsourcing
Security mechanisms like encryption negatively affect other software quality characteristics like efficiency. To cope with such trade-offs, it is preferable to build approaches that allow to tune the trade-offs after the implementation and design phase. This book introduces a methodology that can be used to build such tunable approaches. The book shows how the proposed methodology can be applied in the domains of database outsourcing, identity management, and credential management
Dynamic Privacy Management In Services Based Interactions
Technology advancements have enabled the distribution and sharing of users personal data over several data sources. Each data source is potentially managed by a different organization, which may expose its data as a Web service. Using such Web services, dynamic composition of atomic data items coupled with the context in which the data is accessed may breach sensitive data that may not comply with the users preference at the time of data collection. Thus, providing uniform access policies to such data can lead to privacy problems. Some fairly recent research has focused on providing solutions for dynamic privacy management. This thesis advances these techniques, and fills some gaps in the existing works. In particular, dynamically incorporating user access context into the privacy policy decision, and its enforcement
Anonymization of Event Logs for Network Security Monitoring
A managed security service provider (MSSP) must collect security event logs from
their customers’ network for monitoring and cybersecurity protection. These logs
need to be processed by the MSSP before displaying it to the security operation
center (SOC) analysts. The employees generate event logs during their working hours
at the customers’ site. One challenge is that collected event logs consist of personally
identifiable information (PII) data; visible in clear text to the SOC analysts or any
user with access to the SIEM platform.
We explore how pseudonymization can be applied to security event logs to help
protect individuals’ identities from the SOC analysts while preserving data utility
when possible. We compare the impact of using different pseudonymization functions
on sensitive information or PII. Non-deterministic methods provide higher level of
privacy but reduced utility of the data.
Our contribution in this thesis is threefold. First, we study available architectures
with different threat models, including their strengths and weaknesses. Second, we
study pseudonymization functions and their application to PII fields; we benchmark
them individually, as well as in our experimental platform. Last, we obtain valuable
feedbacks and lessons from SOC analysts based on their experience.
Existing works[43, 44, 48, 39] are generally restricting to the anonymization of
the IP traces, which is only one part of the SOC analysts’ investigation of PCAP
files inspection. In one of the closest work[47], the authors provide useful, practical
anonymization methods for the IP addresses, ports, and raw logs
A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view
CloudMed: plataforma de comunicações para medicina
Mestrado em Engenharia de Computadores e TelemáticaOs recentes avanços das tecnologias de informação e comunicação têm criado
novos cenários aplicacionais na área da telemedicina, nomeadamente na
forma como integramos diferentes fontes de dados, como acedemos e partilhamos
estes recursos em ambientes moveis e como integramos ferramentas
cooperativas inspiradas no paradigma das redes sociais.
Temos verificado nos últimos anos a terciarização de recursos computacionais,
processo conhecido como Cloud Computing. Esta realidade cria
novas oportunidades de exploração destes recursos para facilitar o acesso,
partilha e integração de informação médica, em qualquer local e a qualquer
hora. Mais ainda, a escalabilidade e fiabilidade oferecida por estas plataformas
satisfazem os requisitos de serviço impostos a soluções telemáticas na
área da saúde.
Esta dissertação teve como objetivo estudar o paradigma de software como
serviço, suportado por uma estrutura em Cloud, tendo em mente a sua
utilização em cenários de telemedicina e tele-trabalho. Muito concretamente,
desenvolveu-se uma plataforma Web de serviços orientada ás redes
de imagem médica. Esta solução disponibiliza um ambiente cooperativo inovador
onde os clínicos podem recolher dados, partilhar informação e aceder
remotamente a recursos imagiológicos. Aspetos de segurança e interoperabilidade
com os atuais sistemas e normas foram alvo de particular atenção.The recent technological developments in information and communications
technologies are promoting new studies and research in telemedicine area,
revolutionizing the access, integration and sharing of medical information.
For instance, many systems have been focusing on ubiquity through the use
of mobile computing and on enhance users cooperation through usage of
social networking paradigms.
In this regard, the rise of new model of outsourcing computing resources,
which is known as Cloud computing, creates new possibilities to explore their
bene_ts to facilitate the sharing and remote access to medical information,
anywhere and anytime. Moreover, the scalability and reliability o_ered by
Cloud platforms _t well to the medical area requirements.
This dissertation aimed to analyze the current state of the art of Cloud
Computing, namely studying their viability to support telemedicine and teleworking
scenarios. The proposal was focused in the medical imaging _eld.
The work resulted in a Cloud computing solution, following the software as
a service model, to support cooperative tele-imagiology networks. It is a
solution that allows users to setup collaborative environments in the _eld of
imagiology, targeting the acceleration and improvement of decision-making
processes. The proposal contemplates also other important issues like, for
instance, security and interoperability with actual medical imaging systems
Private search over big data leveraging distributed file system and parallel processing
In this work, we identify the security and privacy problems associated with a certain Big Data application, namely secure keyword-based search over encrypted cloud data and emphasize the actual challenges and technical difficulties in the Big Data setting. More specifically, we provide definitions from which privacy requirements can be derived. In addition, we adapt an existing work on privacy-preserving keyword-based search method to the Big Data setting, in which, not only data is huge but also changing and accumulating very fast. Our proposal is scalable in the sense that it can leverage distributed file systems and parallel programming techniques such as the Hadoop Distributed File System (HDFS) and the MapReduce programming model, to work with very large data sets. We also propose a lazy idf-updating method that can efficiently handle the relevancy scores of the documents in a dynamically changing, large data set. We empirically show the efficiency and accuracy of the method through extensive set of experiments on real data
- …