3,662 research outputs found
State of Alaska Election Security Project Phase 2 Report
A laska’s election system is among the most secure in the country,
and it has a number of safeguards other states are now adopting. But
the technology Alaska uses to record and count votes could be improved—
and the state’s huge size, limited road system, and scattered communities
also create special challenges for insuring the integrity of the vote.
In this second phase of an ongoing study of Alaska’s election
security, we recommend ways of strengthening the system—not only the
technology but also the election procedures. The lieutenant governor
and the Division of Elections asked the University of Alaska Anchorage to
do this evaluation, which began in September 2007.Lieutenant Governor Sean Parnell.
State of Alaska Division of Elections.List of Appendices / Glossary / Study Team / Acknowledgments / Introduction / Summary of Recommendations / Part 1 Defense in Depth / Part 2 Fortification of Systems / Part 3 Confidence in Outcomes / Conclusions / Proposed Statement of Work for Phase 3: Implementation / Reference
Enhancing pharmaceutical packaging through a technology ecosystem to facilitate the reuse of medicines and reduce medicinal waste
The idea of reusing dispensed medicines is appealing to the general public provided its benefits are illustrated, its risks minimized, and the logistics resolved. For example, medicine reuse could help reduce medicinal waste, protect the environment and improve public health. However, the associated technologies and legislation facilitating medicine reuse are generally not available. The availability of suitable technologies could arguably help shape stakeholders’ beliefs and in turn, uptake of a future medicine reuse scheme by tackling the risks and facilitating the practicalities. A literature survey is undertaken to lay down the groundwork for implementing technologies on and around pharmaceutical packaging in order to meet stakeholders’ previously expressed misgivings about medicine reuse (’stakeholder requirements’), and propose a novel ecosystem for, in effect, reusing returned medicines. Methods: A structured literature search examining the application of existing technologies on pharmaceutical packaging to enable medicine reuse was conducted and presented as a narrative review. Results: Reviewed technologies are classified according to different stakeholders’ requirements, and a novel ecosystem from a technology perspective is suggested as a solution to reusing medicines. Conclusion: Active sensing technologies applying to pharmaceutical packaging using printed electronics enlist medicines to be part of the Internet of Things network. Validating the quality and safety of returned medicines through this network seems to be the most effective way for reusing medicines and the correct application of technologies may be the key enabler
Technologie RFID a Blochkchain v dodavatelském řetězci
The paper discusses the possibility of combining RFID and Blockchain technology to more effectively prevent counterfeiting of products or raw materials, and to solve problems related to production, logistics and storage. Linking these technologies can lead to better planning by increasing the transparency and traceability of industrial or logistical processes or such as efficient detection of critical chain sites.Příspěvek se zabývá možností kombinace technologií RFID a Blockchain pro účinnější zabránění padělání výrobků či surovin a řešení problémů spojených s výrobou, logistikou a skladováním. Spojení těchto technologií může vést k lepšímu plánování díky vyšší transparentnosti a sledovatelnosti průmyslových nebo logistických procesů, nebo například k efektivnímu zjišťování kritických míst řetězce
DBKnot: A Transparent and Seamless, Pluggable Tamper Evident Database
Database integrity is crucial to organizations that rely on databases of important data. They suffer from the vulnerability to internal fraud. Database tampering by internal malicious employees with high technical authorization to their infrastructure or even compromised by externals is one of the important attack vectors.
This thesis addresses such challenge in a class of problems where data is appended only and is immutable. Examples of operations where data does not change is a) financial institutions (banks, accounting systems, stock market, etc., b) registries and notary systems where important data is kept but is never subject to change, and c) system logs that must be kept intact for performance and forensic inspection if needed. The target of the approach is implementation seamlessness with little-or-no changes required in existing systems.
Transaction tracking for tamper detection is done by utilizing a common hashtable that serially and cumulatively hashes transactions together while using an external time-stamper and signer to sign such linkages together. This allows transactions to be tracked without any of the organizations’ data leaving their premises and going to any third-party which also reduces the performance impact of tracking. This is done so by adding a tracking layer and embedding it inside the data workflow while keeping it as un-invasive as possible.
DBKnot implements such features a) natively into databases, or b) embedded inside Object Relational Mapping (ORM) frameworks, and finally c) outlines a direction of implementing it as a stand-alone microservice reverse-proxy. A prototype ORM and database layer has been developed and tested for seamlessness of integration and ease of use. Additionally, different models of optimization by implementing pipelining parallelism in the hashing/signing process have been tested in order to check their impact on performance.
Stock-market information was used for experimentation with DBKnot and the initial results gave a slightly less than 100% increase in transaction time by using the most basic, sequential, and synchronous version of DBKnot. Signing and hashing overhead does not show significant increase per record with the increased amount of data. A number of different alternate optimizations were done to the design that via testing have resulted in significant increase in performance
PDFS: Practical Data Feed Service for Smart Contracts
Smart contracts are a new paradigm that emerged with the rise of the
blockchain technology. They allow untrusting parties to arrange agreements.
These agreements are encoded as a programming language code and deployed on a
blockchain platform, where all participants execute them and maintain their
state. Smart contracts are promising since they are automated and
decentralized, thus limiting the involvement of third trusted parties, and can
contain monetary transfers. Due to these features, many people believe that
smart contracts will revolutionize the way we think of distributed
applications, information sharing, financial services, and infrastructures.
To release the potential of smart contracts, it is necessary to connect the
contracts with the outside world, such that they can understand and use
information from other infrastructures. For instance, smart contracts would
greatly benefit when they have access to web content. However, there are many
challenges associated with realizing such a system, and despite the existence
of many proposals, no solution is secure, provides easily-parsable data,
introduces small overheads, and is easy to deploy.
In this paper we propose PDFS, a practical system for data feeds that
combines the advantages of the previous schemes and introduces new
functionalities. PDFS extends content providers by including new features for
data transparency and consistency validations. This combination provides
multiple benefits like content which is easy to parse and efficient
authenticity verification without breaking natural trust chains. PDFS keeps
content providers auditable, mitigates their malicious activities (like data
modification or censorship), and allows them to create a new business model. We
show how PDFS is integrated with existing web services, report on a PDFS
implementation and present results from conducted case studies and experiments.Comment: Blockchain; Smart Contracts; Data Authentication; Ethereu
Tampering in RFID: A Survey on Risks and Defenses
RFID is a well-known pervasive technology, which provides promising opportunities
for the implementation of new services and for the improvement of traditional
ones. However, pervasive environments require strong efforts on all the aspects
of information security. Notably, RFID passive tags are exposed to attacks, since strict
limitations affect the security techniques for this technology. A critical threat for RFIDbased
information systems is represented by data tampering, which corresponds to the
malicious alteration of data recorded in the tag memory. The aim of this paper is to describe
the characteristics and the effects of data tampering in RFID-based information
systems, and to survey the approaches proposed by the research community to protect
against it. The most important recent studies on privacy and security for RFID-based
systems are examined, and the protection given against tampering is evaluated. This
paper provides readers with an exhaustive overview on risks and defenses against data
tampering, highlighting RFID weak spots and open issues
Towards CRISP‐BC: 3TIC specification framework for Blockchain use‐cases
The application of Blockchain and augmented technologies such as IoT, AI, and Big Data platforms present a feasible approach for resolving the implementation challenges of trusted, decentralized platforms. This article proposes a DevOps framework for the specification of Blockchain use‐cases that enables evaluation, replication, and benchmarking. Specifically, it could be applied to specify the requirements and design characteristics of Blockchain applications in terms of key attributes such as: (i) transparency; (ii) traceability; (iii) tamper‐resistance; (iv) immutability; and (v) compliance. The article first introduces the design characteristics of Blockchain as a Platform and then examines successful use‐cases for its implementation using the above attributes. It may be conjectured that the 3TIC framework would serve as the basis of a cross industry process for Blockchain. The intended contribution is that such a standard process will support industry‐academia collaboration in the development of Blockchain platforms and services of relevance and utility as it can be applied by firms to structure their requirements and design specifications. As Blockchain technology moves from nascent to emergence, it is opportune to discuss standards in the context of use‐cases. This article provides some arguments for why and how requirements and design specifications could be standardised
Harnessing the Potential of Blockchain in DevOps: A Framework for Distributed Integration and Development
As the use of DevOps practices continues to grow, organizations are seeking
ways to improve collaboration, speed up development cycles, and increase
security, transparency, and traceability. Blockchain technology has the
potential to support these goals by providing a secure, decentralized platform
for distributed integration and development. In this paper, we propose a
framework for distributed DevOps that utilizes the benefits of blockchain
technology that can eliminate the shortcomings of DevOps. We demonstrate the
feasibility and potential benefits of the proposed framework that involves
developing and deploying applications in a distributed environment. We present
a benchmark result demonstrating the effectiveness of our framework in a
real-world scenario, highlighting its ability to improve collaboration, reduce
costs, and enhance the security of the DevOps pipeline. Conclusively, our
research contributes to the growing body of literature on the intersection of
blockchain and DevOps, providing a practical framework for organizations
looking to leverage blockchain technology to improve their development
processes.Comment: pages 10, figures
- …