1,891 research outputs found
End-to-End Privacy for Open Big Data Markets
The idea of an open data market envisions the creation of a data trading
model to facilitate exchange of data between different parties in the Internet
of Things (IoT) domain. The data collected by IoT products and solutions are
expected to be traded in these markets. Data owners will collect data using IoT
products and solutions. Data consumers who are interested will negotiate with
the data owners to get access to such data. Data captured by IoT products will
allow data consumers to further understand the preferences and behaviours of
data owners and to generate additional business value using different
techniques ranging from waste reduction to personalized service offerings. In
open data markets, data consumers will be able to give back part of the
additional value generated to the data owners. However, privacy becomes a
significant issue when data that can be used to derive extremely personal
information is being traded. This paper discusses why privacy matters in the
IoT domain in general and especially in open data markets and surveys existing
privacy-preserving strategies and design techniques that can be used to
facilitate end to end privacy for open data markets. We also highlight some of
the major research challenges that need to be address in order to make the
vision of open data markets a reality through ensuring the privacy of
stakeholders.Comment: Accepted to be published in IEEE Cloud Computing Magazine: Special
Issue Cloud Computing and the La
CamFlow: Managed Data-sharing for Cloud Services
A model of cloud services is emerging whereby a few trusted providers manage
the underlying hardware and communications whereas many companies build on this
infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS
applications. From the start, strong isolation between cloud tenants was seen
to be of paramount importance, provided first by virtual machines (VM) and
later by containers, which share the operating system (OS) kernel. Increasingly
it is the case that applications also require facilities to effect isolation
and protection of data managed by those applications. They also require
flexible data sharing with other applications, often across the traditional
cloud-isolation boundaries; for example, when government provides many related
services for its citizens on a common platform. Similar considerations apply to
the end-users of applications. But in particular, the incorporation of cloud
services within `Internet of Things' architectures is driving the requirements
for both protection and cross-application data sharing.
These concerns relate to the management of data. Traditional access control
is application and principal/role specific, applied at policy enforcement
points, after which there is no subsequent control over where data flows; a
crucial issue once data has left its owner's control by cloud-hosted
applications and within cloud-services. Information Flow Control (IFC), in
addition, offers system-wide, end-to-end, flow control based on the properties
of the data. We discuss the potential of cloud-deployed IFC for enforcing
owners' dataflow policy with regard to protection and sharing, as well as
safeguarding against malicious or buggy software. In addition, the audit log
associated with IFC provides transparency, giving configurable system-wide
visibility over data flows. [...]Comment: 14 pages, 8 figure
SafeWeb: A Middleware for Securing Ruby-Based Web Applications
Web applications in many domains such as healthcare and finance must process sensitive data, while complying with legal policies regarding the release of different classes of data to different parties. Currently, software bugs may lead to irreversible disclosure of confidential data in multi-tier web applications. An open challenge is how developers can guarantee these web applications only ever release sensitive data to authorised users without costly, recurring security audits.
Our solution is to provide a trusted middleware that acts as a “safety net” to event-based enterprise web applications by preventing harmful data disclosure before it happens. We describe the design and implementation of SafeWeb, a Ruby-based middleware that associates data with security labels and transparently tracks their propagation at different granularities across a multi-tier web architecture with storage and complex event processing. For efficiency, maintainability and ease-of-use, SafeWeb exploits the dynamic features of the Ruby programming language to achieve label propagation and data flow enforcement. We evaluate SafeWeb by reporting our experience of implementing a web-based cancer treatment application and deploying it as part of the UK National Health Service (NHS)
Recommended from our members
QServ: Integrating Testing and Auditing into QoS Management of Web Services
In a web service environment, service requesters are able to locate functionally equivalent services dynamically making quality of service (QoS) the differentiating factor amongst the web services. Service providers need to formulate QoS aware services in order to remain competitive and to achieve the highest possible profit from their offerings. There are several quality attributes to consider in any operating environment and we’ve grouped these requirements into 5 major categories: Service Dependability, Architectural Flexibility, Operational Capability, Risk Exposure and Financial Accountability. In the web services environment the realization of the attributes in these quality categories has increased in complexity due to the distributed and dynamic nature of the environment. While much of the research, standards and specifications address these issues, to the knowledge of the authors, an end to end solution for managing the quality attributes in a web service environment that include both testing and auditing has not been proposed. This paper will describe some of the current research that has been conducted to address the various aspects of quality as well as introduce the design for an end-to-end solution that will include testing and auditing
Traceability system for capturing, processing and providing consumer-relevant information about wood products: System solution and its economic feasibility
Current research and practice reports indicate the existence of purchase barriers concerning eco-friendly products, e.g. wood products. These can be ascribed to consumers' mistrust regarding the non-observable environmental impact of wood products. To counter the mistrust, wood products are commonly endowed with eco-labels, which may be perceived mostly as a marketing tool, therefore not fulfilling their intended purpose. Current studies have shown that providing consumers with wood product information based on traceability systems increases product trust and purchase intentions, with those information items most valued by consumers being identified as well. Based on this, the paper proposes a traceability information system for the capturing, processing, and provision of product information using examples of wood furniture. Furthermore, a cost-benefit model for the proposed solution is developed. The calculations indicate the possibility of implementing traceability at the item level based on a four-layer system architecture enabling the capture and delivery of all information valued by consumers at acceptable costs. The proposed system helps to overcome purchase barriers of eco-friendly products, increasing consumers' product trust and purchase intentions
Privacy-by-Design Framework for Assessing Internet of Things Applications and Platforms
Internet of Things (IoT) systems are designed and developed either as standalone applications from the ground-up or with the help of IoT middleware platforms. They are designed to support different kinds of scenarios, such as smart homes and smart cities. Thus far, privacy concerns have not been explicitly considered by IoT ap- plications and middleware platforms. This is partly due to the lack of systematic methods for designing privacy that can guide the software development process in IoT. In this paper, we propose a set of guidelines, a privacy- by-design framework, that can be used to assess privacy capabilities and gaps of existing IoT applications as well as middleware platforms. We have evaluated two open source IoT middleware platforms, namely OpenIoT and Eclipse SmartHome, to demonstrate how our framework can be used in this way
- …