54,229 research outputs found

    Link Before You Share: Managing Privacy Policies through Blockchain

    Full text link
    With the advent of numerous online content providers, utilities and applications, each with their own specific version of privacy policies and its associated overhead, it is becoming increasingly difficult for concerned users to manage and track the confidential information that they share with the providers. Users consent to providers to gather and share their Personally Identifiable Information (PII). We have developed a novel framework to automatically track details about how a users' PII data is stored, used and shared by the provider. We have integrated our Data Privacy ontology with the properties of blockchain, to develop an automated access control and audit mechanism that enforces users' data privacy policies when sharing their data across third parties. We have also validated this framework by implementing a working system LinkShare. In this paper, we describe our framework on detail along with the LinkShare system. Our approach can be adopted by Big Data users to automatically apply their privacy policy on data operations and track the flow of that data across various stakeholders.Comment: 10 pages, 6 figures, Published in: 4th International Workshop on Privacy and Security of Big Data (PSBD 2017) in conjunction with 2017 IEEE International Conference on Big Data (IEEE BigData 2017) December 14, 2017, Boston, MA, US

    A flexible architecture for privacy-aware trust management

    Get PDF
    In service-oriented systems a constellation of services cooperate, sharing potentially sensitive information and responsibilities. Cooperation is only possible if the different participants trust each other. As trust may depend on many different factors, in a flexible framework for Trust Management (TM) trust must be computed by combining different types of information. In this paper we describe the TAS3 TM framework which integrates independent TM systems into a single trust decision point. The TM framework supports intricate combinations whilst still remaining easily extensible. It also provides a unified trust evaluation interface to the (authorization framework of the) services. We demonstrate the flexibility of the approach by integrating three distinct TM paradigms: reputation-based TM, credential-based TM, and Key Performance Indicator TM. Finally, we discuss privacy concerns in TM systems and the directions to be taken for the definition of a privacy-friendly TM architecture.\u

    Run-time risk management in adaptive ICT systems

    No full text
    We will present results of the SERSCIS project related to risk management and mitigation strategies in adaptive multi-stakeholder ICT systems. The SERSCIS approach involves using semantic threat models to support automated design-time threat identification and mitigation analysis. The focus of this paper is the use of these models at run-time for automated threat detection and diagnosis. This is based on a combination of semantic reasoning and Bayesian inference applied to run-time system monitoring data. The resulting dynamic risk management approach is compared to a conventional ISO 27000 type approach, and validation test results presented from an Airport Collaborative Decision Making (A-CDM) scenario involving data exchange between multiple airport service providers

    Trusted operational scenarios - Trust building mechanisms and strategies for electronic marketplaces.

    Get PDF
    This document presents and describes the trusted operational scenarios, resulting from the research and work carried out in Seamless project. The report presents identified collaboration habits of small and medium enterprises with low e-skills, trust building mechanisms and issues as main enablers of online business relationships on the electronic marketplace, a questionnaire analysis of the level of trust acceptance and necessity of trust building mechanisms, a proposal for the development of different strategies for the different types of trust mechanisms and recommended actions for the SEAMLESS project or other B2B marketplaces.trust building mechanisms, trust, B2B networks, e-marketplaces

    An active, ontology-driven network service for Internet collaboration

    No full text
    Web portals have emerged as an important means of collaboration on the WWW, and the integration of ontologies promises to make them more accurate in how they serve users’ collaboration and information location requirements. However, web portals are essentially a centralised architecture resulting in difficulties supporting seamless roaming between portals and collaboration between groups supported on different portals. This paper proposes an alternative approach to collaboration over the web using ontologies that is de-centralised and exploits content-based networking. We argue that this approach promises a user-centric, timely, secure and location-independent mechanism, which is potentially more scaleable and universal than existing centralised portals

    Semantic security: specification and enforcement of semantic policies for security-driven collaborations

    Get PDF
    Collaborative research can often have demands on finer-grained security that go beyond the authentication-only paradigm as typified by many e-Infrastructure/Grid based solutions. Supporting finer-grained access control is often essential for domains where the specification and subsequent enforcement of authorization policies is needed. The clinical domain is one area in particular where this is so. However it is the case that existing security authorization solutions are fragile, inflexible and difficult to establish and maintain. As a result they often do not meet the needs of real world collaborations where robustness and flexibility of policy specification and enforcement, and ease of maintenance are essential. In this paper we present results of the JISC funded Advanced Grid Authorisation through Semantic Technologies (AGAST) project (www.nesc.ac.uk/hub/projects/agast) and show how semantic-based approaches to security policy specification and enforcement can address many of the limitations with existing security solutions. These are demonstrated into the clinical trials domain through the MRC funded Virtual Organisations for Trials and Epidemiological Studies (VOTES) project (www.nesc.ac.uk/hub/projects/votes) and the epidemiological domain through the JISC funded SeeGEO project (www.nesc.ac.uk/hub/projects/seegeo)

    Automated ubiquitos delivery of generalised services in a open market

    Full text link
    University of Technology, Sydney. Faculty of Information Technology.Telecommunications networks, and the services delivered over those networks have become an integral part of most people's lives in the developed world. The range and availability of these services is increasing, however the management of services still lags well behind technical capability, providing unnecessary barriers to the adoption of available technology. The work described in this dissertation has a primary goal of enabling flexible, automated delivery of any telecommunication-based service. More specifically, a mechanism to solve the administrative problems in enabling end users to automatically establish service agreements for any available service, from any available provider. The aims of this work are to: 1. enable the description of service level agreements(SLA) for generalised telecommunication-based services, and 2. provide mechanisms by which those service level agreements may be managed. The term “generalised services” means that all service types are managed using a common framework and set of processes. To derive at a suitable service level agreement description language, the characteristics of telecommunication-based services are first analysed, along with considerations in delivering a service, including service quality, resource allocation and configuration, service pricing and service ubiquity. The current art in SLA description is studied and the requirements of an appropriate language are proposed. An ontological approach to SLA description is adopted, and an SLA description language is developed based on semantic web technologies. To develop the mechanisms for SLA management, the current art is first analysed, and a set of requirements for a suitable SLA management framework are proposed. These requirements are used to guide the design of a multi-agent SLA negotiation framework, including a detailed description of the communication model, framework processes, and social behaviour of the agents involved. Finally, the SLA description language and the negotiation framework are compared with the closest art, and are assessed against tightly argued criteria. An experimental framework and use cases are developed to explore an application of the proposed solution, and to validate completeness. The approach taken has led to the following two key contributions: 1. A set of formal ontologies that may be used to semantically describe secure service level agreements for any application domain. 2. A multi-agent system providing an open market where services can be discovered, participants identified, and negotiation performed using context specific mechanisms. The conclusions of the work are that an ontology-based SLA description language is appropriate for describing generalised SLAs, and that a distributed, agent based negotiation platform that is based on an open market and uses a minimal set of core processes with an extensible, ontology based communication mechanism is appropriate for managing service level agreements in a generalised, automated and ubiquitous way
    • 

    corecore