Secure data sharing and processing in heterogeneous clouds

The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors

Open Government Architecture: The evolution of De Jure Standards, Consortium Standards, and Open Source Software

Conducted for the Treasury Board of Québec, this study seeks to present recent contributions to the evolution, within an enterprise architecture context, of de jure and de facto standards by various actors in the milieu, industrial consortia, and international standardization committees active in open source software. In order to be able to achieve its goals of delivering services to citizens and society, the Government of Québec must integrate its computer systems to create a service oriented open architecture. Following in the footsteps of various other governments and the European Community, such an integration will require elaboration of an interoperability framework, i.e. a structured set of de jure standards, de facto standards, specifications, and policies allowing computer systems to interoperate. Thus, we recommend that the Government of Québec: Pursue its endeavours to elaborate an interoperability framework for its computer systems that is based on open de jure and de facto standards. This framework should not only reflect the criteria enumerated in this study and apply to internal computer systems, but it should also extend to Web services supplied to organizations outside of the government. This framework should explicitly prioritize open source de jure and de facto standards and include a policy covering free software. The interoperability framework should initially draw on that of the state of Massachusetts. In the medium term, is should be as comprehensive as that of the British government. Integrate this interoperability framework into its enterprise architecture. Publish this interoperability framework with its enterprise architecture. Specify this interoperability framework in its calls for tenders. Elaborate a policy of compliance with this framework for all new applications.

Health Participatory Sensing Networks for Mobile Device Public Health Data Collection and Intervention

The pervasive availability and increasingly sophisticated functionalities of smartphones and their connected external sensors or wearable devices can provide new data collection capabilities relevant to public health. Current research and commercial efforts have concentrated on sensor-based collection of health data for personal fitness and personal healthcare feedback purposes. However, to date there has not been a detailed investigation of how such smartphones and sensors can be utilized for public health data collection. Unlike most sensing applications, in the case of public health, capturing comprehensive and detailed data is not a necessity, as aggregate data alone is in many cases sufficient for public health purposes. As such, public health data has the characteristic of being capturable whilst still not infringing privacy, as the detailed data of individuals that may allow re-identification is not needed, but rather only aggregate, de-identified and non-unique data for an individual. These types of public health data collection provide the challenge of the need to be flexible enough to answer a range of public health queries, while ensuring the level of detail returned preserves privacy. Additionally, the distribution of public health data collection request and other information to the participants without identifying the individual is a core requirement. An additional requirement for health participatory sensing networks is the ability to perform public health interventions. As with data collection, this needs to be completed in a non-identifying and privacy preserving manner. This thesis proposes a solution to these challenges, whereby a form of query assurance provides private and secure distribution of data collection requests and public health interventions to participants. While an additional, privacy preserving threshold approach to local processing of data prior to submission is used to provide re-identification protection for the participant. The evaluation finds that with manageable overheads, minimal reduction in the detail of collected data and strict communication privacy; privacy and anonymity can be preserved. This is significant for the field of participatory health sensing as a major concern of participants is most often real or perceived privacy risks of contribution

Beyond relational databases: preserving the data

Relational databases are one of the main technologies supporting information assets in today’s organizations. They are designed to store, organize and retrieve digital information, and are such a fundamental part of information systems that most would not be able to function without them. Very often, the information contained in databases is irreplaceable or prohibitively expensive to reacquire; therefore, steps must be taken to ensure that the information within databases is preserved. This paper describes a methodology for long-term preservation of relational databases based on information extraction and format migration to a preservation format. It also presents a tool that was developed to support this methodology: Database Preservation Toolkit (DBPTK), as well as the processes and formats needed to preserve databases. The DBPTK connects to live relational databases and extracts information into formats more adequate for long-term preservation. Supported preservation formats include the SIARD 2, created by a cooperation between the Swiss Federal Archives and the E-ARK project that is becoming a standard in the area. DBPTK has a flexible plugin-based architecture enabling its use for other purposes like database upgrade and database migration between different systems. Presented real case scenarios demonstrate the usefulness, correctness and performance of the tool.The initial E-ARK project was in part supported by the European Commission within the Competitiveness and Innovation Programme 2007–2013, Grant Agreement no. 620998 under the Policy Support Programme

XML-based approaches for the integration of heterogeneous bio-molecular data

Background: The today's public database infrastructure spans a very large collection of heterogeneous biological data, opening new opportunities for molecular biology, bio-medical and bioinformatics research, but raising also new problems for their integration and computational processing. Results: In this paper we survey the most interesting and novel approaches for the representation, integration and management of different kinds of biological data by exploiting XML and the related recommendations and approaches. Moreover, we present new and interesting cutting edge approaches for the appropriate management of heterogeneous biological data represented through XML. Conclusion: XML has succeeded in the integration of heterogeneous biomolecular information, and has established itself as the syntactic glue for biological data sources. Nevertheless, a large variety of XML-based data formats have been proposed, thus resulting in a difficult effective integration of bioinformatics data schemes. The adoption of a few semantic-rich standard formats is urgent to achieve a seamless integration of the current biological resources. </p