Security and Privacy in Resource-constrained Devices

Recent adversarial attacks have been shown IoT devices weaknesses due to their limited computing power. Given also their ubiquitous presence, lower costs and limitations in keeping security measures up-todate, resource-constrained devices represent a growing risk for the security of IT infrastructure. The scope of the research is to investigate the weaknesses of resource-constrained IoT devices. The methodology for the investigation is the legal analysis of existing legal frameworks regulating IoT cybersecurity and data security; afterwards it will be carried out a critical evaluation of the existing best practices. This critical analysis should face the twofold challenge of increasing transparency and trust in resource-constrained systems. Users and companies are two faces of the same coin: accountability of data collectors and user awareness are crucial in the security and data protection debate. Thus, a comprehensive overview of the relevant legal frameworks and guidelines would increase the understanding of risks of the users, whilst data controllers (especially of small and medium enterprises) may have an instrument to implement properly security measures

Exploring the organizational respones to reforms in the Italian industrial sector

Masteroppgave i økonomistyring - Nord universitet 201

Security and Privacy in Resource-Constrained Devices

Recent adversarial attacks have been shown IoT devices weaknesses due to their limited computing power. Given also their ubiquitous presence, lower costs and limitations in keeping security measures up-todate, resource-constrained devices represent a growing risk for the security of IT infrastructure. The scope of the research is to investigate the weaknesses of resource-constrained IoT devices. The methodology for the investigation is the legal analysis of existing legal frameworks regulating IoT cybersecurity and data security; afterwards it will be carried out a critical evaluation of the existing best practices. This critical analysis should face the twofold challenge of increasing transparency and trust in resource-constrained systems. Users and companies are two faces of the same coin: accountability of data collectors and user awareness are crucial in the security and data protection debate. Thus, a comprehensive overview of the relevant legal frameworks and guidelines would increase the understanding of risks of the users, whilst data controllers (especially of small and medium enterprises) may have an instrument to implement properly security measures

Investigating Regulative Implications for User-generated Content and a Design Proposal

The rapid increase of the Internet connectivity and the data publishing activity, like user-generated content, has lead Internet Service Providers (ISPs) to establish more efficient mechanisms for content delivery, such as caching. Mechanisms such as content-aware-networks and in-network caching reduce network load, server load, and user response time, thus, manage the network. However, caching of content also raises major implications in terms of legal acts and bills (e.g., data privacy, copyright), dealing with access control, validation scheme, and regulations (e.g., contractual obligation, legal restrictions). In general, user-generated content is linked with sensitive information, such as geographical information, medical and financial information, personal identifiable data, photos, videos, and contact information. Therefore, it is essential to secure data and regulate access. The latter, is gained by including access control mechanisms in the data exchange process, where a user requesting data must prove his access rights. Therefore, a user has to show an access ticket, which includes his rights based on legal and regulative implications. In order to secure any kind of data exchange, authentication of each participating communication entity (e.g., content owner, server, and end-user) is essential, which is part of the proposed two-way authentication handshake in this paper that is performed to generate a secure communication channel. The main contribution of this paper is to show that transmission, storage, and usage of user-generated data in caches within the network is manageable within the legal laws on sensitivity, copyright, and privacy. The scope of studying these laws, acts, and policies is restricted to Switzerland (CH), the European Union (EU), and the United States of America (USA). Finally, a solution is presented including access ticketing and two-way authentication mechanisms based oncommonstandards from IP network

Ethical and Social Aspects of Self-Driving Cars

As an envisaged future of transportation, self-driving cars are being discussed from various perspectives, including social, economical, engineering, computer science, design, and ethics. On the one hand, self-driving cars present new engineering problems that are being gradually successfully solved. On the other hand, social and ethical problems are typically being presented in the form of an idealized unsolvable decision-making problem, the so-called trolley problem, which is grossly misleading. We argue that an applied engineering ethical approach for the development of new technology is what is needed; the approach should be applied, meaning that it should focus on the analysis of complex real-world engineering problems. Software plays a crucial role for the control of self-driving cars; therefore, software engineering solutions should seriously handle ethical and social considerations. In this paper we take a closer look at the regulative instruments, standards, design, and implementations of components, systems, and services and we present practical social and ethical challenges that have to be met, as well as novel expectations for software engineering.Comment: 11 pages, 3 figures, 2 table

Digitalization of revenue mobilization in an emerging economy: the new Institutional Theory perspective

This study sought to explore how the institutional environment comprising regulative, normative, and cognitive factors influences the use of technology in revenue mobilization in the public sector of an emerging economy. The study used the new institutional theory as a theoretical lens and a qualitative case study as a methodological stance. Data was collected from the agency in charge of revenue mobilization in the developing economy through interviews. The study established that regulative, normative and cognitive factors influence the digitalization of revenue mobilization. With regards to the regulative pillar, it was revealed that legislation for a revenue authority with a focus on digitalization, legislation for taxpayer identification and legislation for electronic transactions were laws that governed the use of the system and played essential roles in ensuring that the system was used effectively to fully realize its benefits. The cognitive pillar, on the other hand, revealed some challenges faced with the implementation and use of the digital system. The study contributes to the literature on the digitalization of revenue mobilization, which has arguably seen very few studies conducted in Africa, especially in Ghana, hence calling for more future studies on the use of e-revenue systems in developing economies

A Pervasive Computational Intelligence based Cognitive Security Co-design Framework for Hype-connected Embedded Industrial IoT

The amplified connectivity of routine IoT entities can expose various security trajectories for cybercriminals to execute malevolent attacks. These dangers are even amplified by the source limitations and heterogeneity of low-budget IoT/IIoT nodes, which create existing multitude-centered and fixed perimeter-oriented security tools inappropriate for vibrant IoT settings. The offered emulation assessment exemplifies the remunerations of implementing context aware co-design oriented cognitive security method in assimilated IIoT settings and delivers exciting understandings in the strategy execution to drive forthcoming study. The innovative features of our system is in its capability to get by with irregular system connectivity as well as node limitations in terms of scares computational ability, limited buffer (at edge node), and finite energy. Based on real-time analytical data, projected scheme select the paramount probable end-to-end security system possibility that ties with an agreed set of node constraints. The paper achieves its goals by recognizing some gaps in the security explicit to node subclass that is vital to our system’s operations

Digitalization of revenue mobilization in an emerging economy: the new Institutional Theory perspective

This study sought to explore how the institutional environment comprising regulative, normative, and cognitive factors influences the use of technology in revenue mobilization in the public sector of an emerging economy. The study used the new institutional theory as a theoretical lens and a qualitative case study as a methodological stance. Data was collected from the agency in charge of revenue mobilization in the developing economy through interviews. The study established that regulative, normative and cognitive factors influence the digitalization of revenue mobilization. With regards to the regulative pillar, it was revealed that legislation for a revenue authority with a focus on digitalization, legislation for taxpayer identification and legislation for electronic transactions were laws that governed the use of the system and played essential roles in ensuring that the system was used effectively to fully realize its benefits. The cognitive pillar, on the other hand, revealed some challenges faced with the implementation and use of the digital system. The study contributes to the literature on the digitalization of revenue mobilization, which has arguably seen very few studies conducted in Africa, especially in Ghana, hence calling for more future studies on the use of e-revenue systems in developing economies