338,642 research outputs found
Dynamic Trust Federation in Grids
Grids are becoming economically viable and productive tools. Grids provide a way of utilizing a vast array of linked resources such as computing systems, databases and services online within Virtual Organizations (VO). However, today’s Grid architectures are not capable of supporting dynamic, agile federation across multiple administrative domains and the main barrier, which hinders dynamic federation over short time scales is security. Federating security and trust is one of the most significant architectural issues in Grids. Existing relevant standards and specifications can be used to federate security services, but do not directly address the dynamic extension of business trust relationships into the digital domain. In this paper we describe an experiment in which we highlight those challenging architectural issues and we will further describe how the approach that combines dynamic trust federation and dynamic authorization mechanism can address dynamic security trust federation in Grids. The experiment made with the prototype described in this paper is used in the NextGRID project for the definition of requirements for next generation Grid architectures adapted to business application need
Machine-Readable Privacy Certificates for Services
Privacy-aware processing of personal data on the web of services requires
managing a number of issues arising both from the technical and the legal
domain. Several approaches have been proposed to matching privacy requirements
(on the clients side) and privacy guarantees (on the service provider side).
Still, the assurance of effective data protection (when possible) relies on
substantial human effort and exposes organizations to significant
(non-)compliance risks. In this paper we put forward the idea that a privacy
certification scheme producing and managing machine-readable artifacts in the
form of privacy certificates can play an important role towards the solution of
this problem. Digital privacy certificates represent the reasons why a privacy
property holds for a service and describe the privacy measures supporting it.
Also, privacy certificates can be used to automatically select services whose
certificates match the client policies (privacy requirements).
Our proposal relies on an evolution of the conceptual model developed in the
Assert4Soa project and on a certificate format specifically tailored to
represent privacy properties. To validate our approach, we present a worked-out
instance showing how privacy property Retention-based unlinkability can be
certified for a banking financial service.Comment: 20 pages, 6 figure
Recommended from our members
Evaluating empowerment and control of HE e-learning in a secure environment
With the increased spread of HE distance learning into a wide variety of contexts it is important for us to understand the factors involved in its successful deployment for students. E-learning has a great potential to support effective and empowering HE distance learning (Wilson, 2007; Adams, 2005; Hughes, 2005). However, within two secure environments, prisons and health service, the factors involved are complex. This paper reviews HE e-learning technology perceptions within these two contrasting contexts from 225 students' and stakeholders' perspectives. Previous research has detailed literature limitations on obtaining students' perspectives of e-learning (Conole et al, 2006). These limitations are compounded when other stakeholder perceptions are not integrated (Sun et al, 2007; Adams et al, 2005; Millen at al, 2002). This paper developed and applied an e-learning framework for student and stakeholder perceptions. This social psychological framework, is based on previous practice based e-learning studies and is used here to synthesise two large-scale case studies. The framework focuses on three concepts learner Access (e.g. learning design, technology design, physical access), Awareness (e.g. of resources, their usage and support for e-learning tasks) and Acceptability (e.g. trust, privacy, aesthetics, engagement). Students' and stakeholders' perceptions identified high levels of students' empowerment through e-learning whilst still requiring a further pedagogical tailoring and an awareness of support. However, serious problems within these contexts have identified blocks to e-learning through stakeholders perceptions and fears of acceptability (i.e. issues of risk and trust). Ultimately, through understanding competing perceptions and needs within these complex environments we can support the effective technological development, pedagogical design and deployment of e-learning systems
Localization to Enhance Security and Services in Wi-Fi Networks under Privacy Constraints
Developments of seamless mobile services are faced with two broad challenges, systems security and user privacy - access to wireless systems is highly insecure due to the lack of physical boundaries and, secondly, location based services (LBS) could be used to extract highly sensitive user information. In this paper, we describe our work on developing systems which exploit location information to enhance security and services under privacy constraints. We describe two complimentary methods which we have developed to track node location information within production University Campus Networks comprising of large numbers of users. The location data is used to enhance security and services. Specifically, we describe a method for creating geographic firewalls which allows us to restrict and enhance services to individual users within a specific containment area regardless of physical association. We also report our work on LBS development to provide visualization of spatio-temporal node distribution under privacy considerations
Secure data sharing and processing in heterogeneous clouds
The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors
- …