Building the Infrastructure for Cloud Security

Computer scienc

Towards a Network-based Approach for Smartphone Security

Smartphones have become an important utility that affects many aspects of our daily life. Due to their large dissemination and the tasks that are performed with them, they have also become a valuable target for criminals. Their specific capabilities and the way they are used introduce new threats in terms of information security. The research field of smartphone security has gained a lot of momentum in the past eight years. Approaches that have been presented so far focus on investigating design flaws of smartphone operating systems as well as their potential misuse by an adversary. Countermeasures are often realized based upon extensions made to the operating system itself, following a host-based design approach. However, there is a lack of network-based mechanisms that allow a secure integration of smartphones into existing IT infrastructures. This topic is especially relevant for companies whose employees use smartphones for business tasks. This thesis presents a novel, network-based approach for smartphone security called CADS: Context-related Signature and Anomaly Detection for Smartphones. It allows to determine the security status of smartphones by analyzing three aspects: (1) their current configuration in terms of installed software and available hardware, (2) their behavior and (3) the context they are currently used in. Depending on the determined security status, enforcement actions can be defined in order to allow or to deny access to services provided by the respective IT infrastructure. The approach is based upon the distributed collection and central analysis of data about smartphones. In contrast to other approaches, it explicitly supports to leverage existing security services both for analysis and enforcement purposes. A proof of concept is implemented based upon the IF-MAP protocol for network security and the Google Android platform. An evaluation verifies (1) that the CADS approach is able to detect so-called sensor sniffing attacks and (2) that reactions can be triggered based on detection results to counter ongoing attacks. Furthermore, it is demonstrated that the functionality of an existing, host-based approach that relies on modifications of the Android smartphone platform can be mimicked by the CADS approach. The advantage of CADS is that it does not need any modifications of the Android platform itself

Secure portable execution and storage environments: A capability to improve security for remote working

Remote working is a practice that provides economic benefits to both the employing organisation and the individual. However, evidence suggests that organisations implementing remote working have limited appreciation of the security risks, particularly those impacting upon the confidentiality and integrity of information and also on the integrity and availability of the remote worker’s computing environment. Other research suggests that an organisation that does appreciate these risks may veto remote working, resulting in a loss of economic benefits. With the implementation of high speed broadband, remote working is forecast to grow and therefore it is appropriate that improved approaches to managing security risks are researched. This research explores the use of secure portable execution and storage environments (secure PESEs) to improve information security for the remote work categories of telework, and mobile and deployed working. This thesis with publication makes an original contribution to improving remote work information security through the development of a body of knowledge (consisting of design models and design instantiations) and the assertion of a nascent design theory. The research was conducted using design science research (DSR), a paradigm where the research philosophies are grounded in design and construction. Following an assessment of both the remote work information security issues and threats, and preparation of a set of functional requirements, a secure PESE concept was defined. The concept is represented by a set of attributes that encompass the security properties of preserving the confidentiality, integrity and availability of the computing environment and data. A computing environment that conforms to the concept is considered to be a secure PESE, the implementation of which consists of a highly portable device utilising secure storage and an up-loadable (on to a PC) secure execution environment. The secure storage and execution environment combine to address the information security risks in the remote work location. A research gap was identified as no existing ‘secure PESE like’ device fully conformed to the concept, enabling a research problem and objectives to be defined. Novel secure storage and execution environments were developed and used to construct a secure PESE suitable for commercial remote work and a high assurance secure PESE suitable for security critical remote work. The commercial secure PESE was trialled with an existing telework team looking to improve security and the high assurance secure PESE was trialled within an organisation that had previously vetoed remote working due to the sensitivity of the data it processed. An evaluation of the research findings found that the objectives had been satisfied. Using DSR evaluation frameworks it was determined that the body of knowledge had improved an area of study with sufficient evidence generated to assert a nascent design theory for secure PESEs. The thesis highlights the limitations of the research while opportunities for future work are also identified. This thesis presents ten published papers coupled with additional doctoral research (that was not published) which postulates the research argument that ‘secure PESEs can be used to manage information security risks within the remote work environment’

Seamless Communication for Crises Management

SECRICOM is proposed as a collaborative research project aiming at development of a reference security platform for EU crisis management operations with two essential ambitions: (A) Solve or mitigate problems of contemporary crisis communication infrastructures (Tetra, GSM, Citizen Band, IP) such as poor interoperability of specialized communication means, vulnerability against tapping and misuse, lack of possibilities to recover from failures, inability to use alternative data carrier and high deployment and operational costs. (B) Add new smart functions to existing services which will make the communication more effective and helpful for users. Smart functions will be provided by distributed IT systems based on an agents’ infrastructure. Achieving these two project ambitions will allow creating a pervasive and trusted communication infrastructure fulfilling requirements of crisis management users and ready for immediate application

Blockchain in Energy Communities, A proof of concept

This report aims at exploring the use of the distributed ledger paradigm to incentive the participation of the citizen to a truly free, open and interoperable energy market, producing a feasibility study and a first demo testbed, taking also into consideration privacy, cybersecurity and big-data issues of the smart-home in the Energy market context. This study is intended to support point 4.1, 4.2 and 4.3 of the DSM (COM(2015)192) and point 2.2 of the Energy Union package (COM(2015)80.JRC.E.3-Cyber and Digital Citizens' Securit

THE AMERICAN CORRECTIONAL HEALTHCARE SYSTEM IS AILING: TECHNOLOGY INNOVATION AS A PRESCRIPTION FOR PENAL SYSTEM HEALTHCARE DELIVERY

The U.S. corrections industry has a history of poor inmate healthcare delivery, with penal-system reform advocates and other stakeholders highlighting these failures. Inmates receiving poor medical and psychiatric care behind jail walls experience greater difficulty becoming self-sufficient, and this situation contributes to the nation’s recidivism problem. Caring for inmates is often a neglected proposition and because of this, the U.S. courts impose legal requirements that inmates receive healthcare. Access to quality healthcare specialists for inmates led the penal system to investigate and implement use of telehealth during the 1990s. This thesis investigates how the evolving field of telehealth and emerging technologies may contribute to improved inmate healthcare in the future. A myriad of factors discussed in the thesis pose as challenges to implementing innovations that could improve penal system healthcare. For all the challenges confronting corrections administrators and criminal reform advocates, the corrections system is at a crossroads, as there is potential to modernize jail facilities and use technology to improve the safety and healthcare of inmates, corrections officers and those who render care. Investing in technology infrastructure that supports emerging technologies could also facilitate simpler integration of future innovations that address suicide, mental illness and other medical health maladies that would otherwise go unaddressed.Civilian, Dallas Fire-Rescue DepartmentApproved for public release. Distribution is unlimited

Top 10 technologies 2003 and their impact on the accounting profession

https://egrove.olemiss.edu/aicpa_guides/1609/thumbnail.jp

Economically sustainable public security and emergency network exploiting a broadband communications satellite

The research contributes to work in Rapid Deployment of a National Public Security and Emergency Communications Network using Communication Satellite Broadband. Although studies in Public Security Communication networks have examined the use of communications satellite as an integral part of the Communication Infrastructure, there has not been an in-depth design analysis of an optimized regional broadband-based communication satellite in relation to the envisaged service coverage area, with little or no terrestrial last-mile telecommunications infrastructure for delivery of satellite solutions, applications and services. As such, the research provides a case study of a Nigerian Public Safety Security Communications Pilot project deployed in regions of the African continent with inadequate terrestrial last mile infrastructure and thus requiring a robust regional Communications Satellite complemented with variants of terrestrial wireless technologies to bridge the digital hiatus as a short and medium term measure apart from other strategic needs. The research not only addresses the pivotal role of a secured integrated communications Public safety network for security agencies and emergency service organizations with its potential to foster efficient information symmetry amongst their operations including during emergency and crisis management in a timely manner but demonstrates a working model of how analogue spectrum meant for Push-to-Talk (PTT) services can be re-farmed and digitalized as a “dedicated” broadband-based public communications system. The network’s sustainability can be secured by using excess capacity for the strategic commercial telecommunication needs of the state and its citizens. Utilization of scarce spectrum has been deployed for Nigeria’s Cashless policy pilot project for financial and digital inclusion. This effectively drives the universal access goals, without exclusivity, in a continent, which still remains the least wired in the world