9,783 research outputs found
A secure data outsourcing scheme based on Asmuth â Bloom secret sharing
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Data outsourcing is an emerging paradigm for data management in which a database is provided as a service by third-party service providers. One of the major benefits of offering database as a service is to provide organisations, which are unable to purchase expensive hardware and software to host their databases, with efficient data storage accessible online at a cheap rate. Despite that, several issues of data confidentiality, integrity, availability and efficient indexing of usersâ queries at the server side have to be addressed in the data outsourcing paradigm. Service providers have to guarantee that their clientsâ data are secured against internal (insider) and external attacks. This paper briefly analyses the existing indexing schemes in data outsourcing and highlights their advantages and disadvantages. Then, this paper proposes a secure data outsourcing scheme based on AsmuthâBloom secret sharing which tries to address the issues in data outsourcing such as data confidentiality, availability and order preservation for efficient indexing
Encryptionâs Importance to Economic and Infrastructure Security
Det övergripande syftet med den hĂ€r avhandlingen var att utreda om network coopetition, samarbete mellan konkurrerande aktörer, kan öka vĂ€rdeskapandet inom hĂ€lso- och sjukvĂ„rden. Inom hĂ€lso- och sjukvĂ„rden Ă€r network coopetition ett Ă€mne som fĂ„tt liten uppmĂ€rksamhet i tidigare studier. För att besvara syftet utvecklades en modell för network coopetition inom hĂ€lso- och sjukvĂ„rden. Modellen applicerades sedan pĂ„ en del av vĂ„rdkedjan för patienter i behov av neurokirurgisk vĂ„rd. Resultaten frĂ„n avhandlingen visar att: (1) FörutsĂ€ttningarna för network coopetition i vĂ„rdkedjan för patienter i behov av neurokirurgisk vĂ„rd Ă€r uppfyllda. (2) Det finns exempel pĂ„ horisontell network coopetition i den studerade vĂ„rdkedjan. (3) Det existerar en diskrepans mellan hur aktörerna ser pĂ„Â sitt eget och de andra aktörernas vĂ€rdeskapande. (4) VĂ€rdeskapandet bör utvĂ€rderas som ett gemensamt system dĂ€r hĂ€nsyn tas till alla aktörer och utvĂ€rderas pĂ„ process- nivĂ„ dĂ€r hĂ€nsyn tas till alla intressenter. Dessa resultat leder fram till den övergripande slutsatsen Ă€r att network coopetition bör kunna öka vĂ€rdeskapandet för högspecialiserade vĂ„rdkedjor med en stor andel inomlĂ€nspatienter.The overall purpose of this thesis was to investigate whether network coopetition, cooperation between competitive actors, can increase the value creation within the health care system. Within health care, network coopetition is a subject granted little attention in previous research. To fulfil the purpose a model for network coopetition within the health care system was developed. The model was the applied to one part of the chain of care for patients in need of neurosurgery. The results from this thesis show: (1) The conditions for network coopetition in the chain of care for patients in need of neurosurgery are fulfilled. (2) Examples of horizontal network coopetition have been found in the studied chain of care. (3) There is an existing discrepancy between how each actor recognizes its own and the other actorsâ value creation. (4) The value creation ought to be evaluated as a common system where all actors are taken into account and at a process level where all stakeholders are considered. These results supports the final conclusion that network coopetition ought to be able to increase the value creation for highly specialized chain of cares with a large share of within-county patients
Password Cracking and Countermeasures in Computer Security: A Survey
With the rapid development of internet technologies, social networks, and
other related areas, user authentication becomes more and more important to
protect the data of the users. Password authentication is one of the widely
used methods to achieve authentication for legal users and defense against
intruders. There have been many password cracking methods developed during the
past years, and people have been designing the countermeasures against password
cracking all the time. However, we find that the survey work on the password
cracking research has not been done very much. This paper is mainly to give a
brief review of the password cracking methods, import technologies of password
cracking, and the countermeasures against password cracking that are usually
designed at two stages including the password design stage (e.g. user
education, dynamic password, use of tokens, computer generations) and after the
design (e.g. reactive password checking, proactive password checking, password
encryption, access control). The main objective of this work is offering the
abecedarian IT security professionals and the common audiences with some
knowledge about the computer security and password cracking, and promoting the
development of this area.Comment: add copyright to the tables to the original authors, add
acknowledgement to helpe
Secure Cloud Storage: A Framework for Data Protection as a Service in the Multi-cloud Environment
This paper introduces Secure Cloud Storage (SCS), a framework for Data Protection as a Service (DPaaS) to cloud computing users. Compared to the existing Data Encryption as a Service (DEaaS) such as those provided by Amazon and Google, DPaaS provides more flexibility to protect data in the cloud. In addition to supporting the basic data encryption capability as DEaaS does, DPaaS allows users to define fine-grained access control policies to protect their data. Once data is put under an access control policy, it is automatically encrypted and only if the policy is satisfied, the data could be decrypted and accessed by either the data owner or anyone else specified in the policy. The key idea of the SCS framework is to separate data management from security management in addition to defining a full cycle of data security automation from encryption to decryption. As a proof-of-concept for the design, we implemented a prototype of the SCS framework that works with both BT Cloud Compute platform and Amazon EC2. Experiments on the prototype have proved the efficiency of the SCS framework
Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild
In this paper, we seek to better understand Android obfuscation and depict a
holistic view of the usage of obfuscation through a large-scale investigation
in the wild. In particular, we focus on four popular obfuscation approaches:
identifier renaming, string encryption, Java reflection, and packing. To obtain
the meaningful statistical results, we designed efficient and lightweight
detection models for each obfuscation technique and applied them to our massive
APK datasets (collected from Google Play, multiple third-party markets, and
malware databases). We have learned several interesting facts from the result.
For example, malware authors use string encryption more frequently, and more
apps on third-party markets than Google Play are packed. We are also interested
in the explanation of each finding. Therefore we carry out in-depth code
analysis on some Android apps after sampling. We believe our study will help
developers select the most suitable obfuscation approach, and in the meantime
help researchers improve code analysis systems in the right direction
- âŠ