77 research outputs found
Ensuring Data Security and Individual Privacy in Health Care Systems
Ph.DDOCTOR OF PHILOSOPH
Pervasively Distributed Copyright Enforcement
In an effort to control flows of unauthorized information, the major copyright industries are pursuing a range of strategies designed to distribute copyright enforcement functions across a wide range of actors and to embed these functions within communications networks, protocols, and devices. Some of these strategies have received considerable academic and public scrutiny, but much less attention has been paid to the ways in which all of them overlap and intersect with one another. This article offers a framework for theorizing this process. The distributed extension of intellectual property enforcement into private spaces and throughout communications networks can be understood as a new, hybrid species of disciplinary regime that locates the justification for its pervasive reach in a permanent state of crisis. This hybrid regime derives its force neither primarily from centralized authority nor primarily from decentralized, internalized norms, but instead from a set of coordinated processes for authorizing flows of information. Although the success of this project is not yet assured, its odds of success are by no means remote as skeptics have suggested. Power to implement crisis management in the decentralized marketplace for digital content arises from a confluence of private and public interests and is amplified by the dynamics of technical standards processes. The emergent regime of pervasively distributed copyright enforcement has profound implications for the production of the networked information society
Permissão para partilha seletiva em ambientes IoT
The increasing use of smart devices for monitoring spaces has caused an increase
in concerns about the privacy of users of these spaces. Given this problem, the
legislation on the right to privacy has been worked to ensure that the existing
laws on this subject are sufficiently comprehensive to preserve the privacy of users.
In this way, research on this topic evolves in the sense of creating systems that
ensure compliance with these laws, that is, increase transparency in the treatment
of user data. In the context of this dissertation, a demonstrator-based strategy
is presented to provide users control over their stored data during the temporary
use of an intelligent environment. In addition, this strategy includes transparency
guarantees, highlights the right to forgetting, provides the ability to consent and
proof of that consent. A strategy for privacy control in such environments is also
mentioned in this paper. This dissertation was developed within the CASSIOPEIA
project where the case study focuses on the SmartBnB problem where a user rents
a smart home for a limited time. This paper presents the developed system that
ensures the user’s privacy and control over their data.O uso crescente de dispositivos inteligentes para monitorização de espaços tem
provocado um aumento das preocupações sobre a privacidade dos utilizadores destes
espaços. Face a este problema, a legislação sobre o direito à privacidade tem
sido trabalhada de forma a garantir que as leis existentes sobre este tema são
suficientemente abrangentes para preservar a privacidade dos utilizadores. Desta
forma, a investigação neste tópico evolui no sentido de criar sistemas que garantam
o cumprimento destas leis, ou seja aumentam a transparência no tratamentos dos
dados dos utilizadores. No contexto desta dissertação, é apresentada uma estratégia
baseado num demonstrador para fornecer um controlo ao utilizador sobre os
seus dados armazenados durante a utilização temporária de um ambiente inteligente.
Para além disso, esta estratégia inclui garantias de transparência, evidencia
o direito ao esquecimento, fornece a capacidade de consentimento e prova desse
consentimento. É também mencionada neste documento uma estratégia para um
controlo de privacidade neste tipo de ambientes. Esta dissertação foi desenvolvida
no âmbito do projeto CASSIOPEIA onde o caso de estudo se foca no SmartBnB
problem onde um utilizador arrenda uma casa inteligente durante um tempo limitado.
Este documento apresenta o sistema desenvolvido que garante a privacidade
e controlo do utilizador sobre os seus próprios dados.This work is partially funded by NGI Trust, with number 3.85, Pro-ject CASSIOPEIA.Mestrado em Engenharia de Computadores e Telemátic
Enhancing Cyber-Resiliency of DER-based SmartGrid: A Survey
The rapid development of information and communications technology has
enabled the use of digital-controlled and software-driven distributed energy
resources (DERs) to improve the flexibility and efficiency of power supply, and
support grid operations. However, this evolution also exposes
geographically-dispersed DERs to cyber threats, including hardware and software
vulnerabilities, communication issues, and personnel errors, etc. Therefore,
enhancing the cyber-resiliency of DER-based smart grid - the ability to survive
successful cyber intrusions - is becoming increasingly vital and has garnered
significant attention from both industry and academia. In this survey, we aim
to provide a systematical and comprehensive review regarding the
cyber-resiliency enhancement (CRE) of DER-based smart grid. Firstly, an
integrated threat modeling method is tailored for the hierarchical DER-based
smart grid with special emphasis on vulnerability identification and impact
analysis. Then, the defense-in-depth strategies encompassing prevention,
detection, mitigation, and recovery are comprehensively surveyed,
systematically classified, and rigorously compared. A CRE framework is
subsequently proposed to incorporate the five key resiliency enablers. Finally,
challenges and future directions are discussed in details. The overall aim of
this survey is to demonstrate the development trend of CRE methods and motivate
further efforts to improve the cyber-resiliency of DER-based smart grid.Comment: Submitted to IEEE Transactions on Smart Grid for Publication
Consideratio
A DISTRIBUTED APPROACH TO PRIVACY ON THE CLOUD
The increasing adoption of Cloud-based data processing and storage poses a number of privacy issues. Users wish to preserve full control over their sensitive data and cannot accept it to be fully accessible to an external storage provider. Previous research in this area was mostly addressed at techniques to protect data stored on untrusted database servers; however, I argue that the Cloud architecture presents a number of specific problems and issues. This dissertation contains a detailed analysis of open issues. To handle them, I present a novel approach where confidential data is stored in a highly distributed partitioned database, partly located on the Cloud and partly on the clients.
In my approach, data can be either private or shared; the latter is shared in a secure manner by means of simple grant-and-revoke permissions. I have developed a proof-of-concept implementation using an in\u2011memory RDBMS with row-level data encryption in order to achieve fine-grained data access control. This type of approach is rarely adopted in conventional outsourced RDBMSs because it requires several complex steps. Benchmarks of my proof-of-concept implementation show that my approach overcomes most of the problems
Electronic Commerce: A Half-Empty Glass?
This article introduces an electronic commerce paradox by observing that while electronic commerce grows rapidly it is, at the same time, based on unsettled foundations. It describes how 22 constraints for global electronic commerce were identified, and analyzes them in depth. The constraints fall into four themes: 1. Building trust for users and consumers 2. Establishing ground rules for the digital marketplace 3. Enhancing information infrastructure 4. Maximizing benefits. Each of these themes contains a number of critical issues. The first theme--building trust for users and consumers--involves privacy protection, security, consumer protection, authentication and confidentiality, and access blocking. The second theme includes legal framework, acceptance of electronic transactions, taxation, tariffs, intellectual property protection, commercial policy, and payment systems. Enhancing information infrastructure covers the needed infrastructure enhancements and includes Internet infrastructure and governance, interconnectivity and technical convergence, technical standards, bandwidth and accessibility, and the question of how to further the competition. The last theme is about maximizing the benefits of electronic commerce and includes the understanding of digital economy, its measurement, seamless globalization, and involvement of small businesses. At the time that this paper was written (February 2000) none of these 22 issues had been resolved. Yet, they need to be worked out if electronic commerce is to be successful in both the developed and the underdeveloped world
- …