A LITERATURE REVIEW ON THE CURRENT STATE OF SECURITY AND PRIVACY OF MEDICAL DEVICES AND SENSORS WITH BLUETOOTH LOW ENERGY

Technology use in healthcare is an integral part of diagnosis and treatment. The use of technology in medical devices and sensors is growing. These devices include implantable medical devices, and consumer health and fitness tracking devices and applications. Bluetooth Low Energy (BLE) is the most commonly used communication method in medical devices and sensors. Security and privacy are important, especially in healthcare technologies that can impact morbidity. There is an increasing need to evaluate the security and privacy of healthcare technology, especially with devices and sensors that use Bluetooth Low Energy due to the increasing prevalence and use of medical devices and sensors. Therefore, more robust security analysis is needed to evaluate security and privacy aspects of medical devices and sensors that use Bluetooth Low Energy

A LITERATURE REVIEW ON THE CURRENT STATE OF SECURITY AND PRIVACY OF MEDICAL DEVICES AND SENSORS WITH BLUETOOTH LOW ENERGY

Technology use in healthcare is an integral part of diagnosis and treatment. The use of technology in medical devices and sensors is growing. These devices include implantable medical devices, and consumer health and fitness tracking devices and applications. Bluetooth Low Energy (BLE) is the most commonly used communication method in medical devices and sensors. Security and privacy are important, especially in healthcare technologies that can impact morbidity. There is an increasing need to evaluate the security and privacy of healthcare technology, especially with devices and sensors that use Bluetooth Low Energy due to the increasing prevalence and use of medical devices and sensors. Therefore, more robust security analysis is needed to evaluate security and privacy aspects of medical devices and sensors that use Bluetooth Low Energy

SafeguaRDP: an Architecture for Mediated Control of Desktop Applications by Untrusted Crowd Workers

The future of crowdsourcing depends on improving usability for the requesters who post jobs. Allowing workers to perform tasks directly on a requester’s computer could help, by obviating the need to adapt data into formats that a crowdsourcing platform can handle. However, granting remote access to a requester’s desktop would also pose the risk the workers might steal information or take malicious actions. This thesis presents SafeguaRDP, an architecture designed to enable future services in which a mediated and redacted desktop is shown to a remote worker. The redaction of the desktop does not modify any files on the desktop; it only changes what is shown to the worker. This thesis contributes the rationale behind the architecture as well as a threat analysis based on accepted software security principles. To place the SafeguaRDP architecture in context, a set of eight vignettes illustrate potential applications that would be possible with future services based on the SafeguaRDP architecture. With these applications, the transfer of digital labor may someday become as simple as the transfer of data today, all while preserving the privacy of the hiring party

Social networks privacy policy awareness among undergraduate students: the case of Twitter

People nowadays freely give out their personal information on social media without knowing the implications of such actions. The proliferation of social networking sites creates the illusion of fun that made people to overlook the downsides of using these media. This paper examines the privacy awareness and general concerns of undergraduate students who form the bulk of users of these media. An evaluation of students has been carried out to assess their level of concern for privacy and how conscientious they are regarding privacy policies. The work also examines whether based on the awareness, users are more careful or generally carefree. Furthermore, the research also sought to evaluate whether the privacy policies as currently presented is adequate. Another objective of the research is to examine better ways of engaging users if the composition and presentation of privacy policies are found to be contributive to the low level engagement

Early warning identity threat and mitigation system

While many organizations share threat intelligence, there is still a lack of actionable data for organizations to proactively and effectively respond to emerging identity threats to mitigate a wide range of crimes. There currently exists no solution for organizations to access current trends and intelligence to understand emerging threats and how to appropriately respond to them. This research project delivers I-WARN, to help bridge that gap. Using a wide range of open-source information, I-WARN gathers, analyzes, and reports on threats related to the theft, fraud, and abuse of Personal Identifiable Information (PII). Then maps those threats to the MITRE ATT&CK framework to offer mitigation and risk reduction tactics. I-WARN aims to deliver actionable intelligence, offering early warning into threat behaviors, and mitigation responses. This thesis discusses the technical details of I-WARN, current solutions for threat intelligence sharing with how they compare to I-WARN, and future work.Electrical and Computer Engineerin

Data security and confidentiality guidelines for HIV, viral hepatitis, sexually transmitted disease, and tuberculosis programs; standards to facilitate sharing and use of surveillance data for public health action

This report was prepared by Security and Confidentiality Guidelines Subgroup of CDC's NCHHSTP Surveillance Work Group."CS227952-A."Available via the World Wide Web as an Acrobat .pdf file (2.22 MB, 72 p.).Includes bibliographical references (p. 35-37).Centers for Disease Control and Prevention. Data Security and Confidentiality Guidelines for HIV, Viral Hepatitis, Sexually Transmitted Disease, and Tuberculosis Programs: Standards to Facilitate Sharing and Use of Surveillance Data for Public Health Action. Atlanta (GA): U.S. Department of Health and Human Services, Centers for Disease Control and Prevention; 2011.Man-HueiChang/KLIrwin1/13/2014I. Executive summary -- II. Introduction -- III. About this document -- IV. Using this document -- V. Benefits, risks, and costs of sharing data and maintaining security and confidentiality -- VI. Guiding principles for data collection, storage, sharing, and use to ensure security and confidentiality -- VII. Standards for data collection, storage, sharing, and use to ensure security and confidentiality -- VIII. References -- IX. Acknowledgements -- Appendix A. Glossary -- Appendix B. Checklists for assessment of data security and confidentiality protections -- Appendix C. Data sharing scenario -- Appendix D. Sample Certification statement -- Appendix E. Suggested outline for a policy on data confidentiality, security, sharing and use -- Appendix F. Guidelines for the use of facsimile machines -- Appendix G. Ensuring data security in nontraditional work settings2011CurrentSurveillance and Investigation807