130,629 research outputs found
Authentication and authorisation in entrusted unions
This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two pilot studies in two different domains, viz, Bio-security incident management and Ambient Assisted Living (eHealth). Interim results in terms of security requirements, privacy preserving authentication, and authorisation are reported
Advanced Cloud Privacy Threat Modeling
Privacy-preservation for sensitive data has become a challenging issue in
cloud computing. Threat modeling as a part of requirements engineering in
secure software development provides a structured approach for identifying
attacks and proposing countermeasures against the exploitation of
vulnerabilities in a system . This paper describes an extension of Cloud
Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in
relation to processing sensitive data in cloud computing environments. It
describes the modeling methodology that involved applying Method Engineering to
specify characteristics of a cloud privacy threat modeling methodology,
different steps in the proposed methodology and corresponding products. We
believe that the extended methodology facilitates the application of a
privacy-preserving cloud software development approach from requirements
engineering to design
An Architecture for Provenance Systems
This document covers the logical and process architectures of provenance systems. The logical architecture identifies key roles and their interactions, whereas the process architecture discusses distribution and security. A fundamental aspect of our presentation is its technology-independent nature, which makes it reusable: the principles that are exposed in this document may be applied to different technologies
Software-Defined Networks Supporting Time-Sensitive In-Vehicular Communication
Future in-vehicular networks will be based on Ethernet. The IEEE
Time-Sensitive Networking (TSN) is a promising candidate to satisfy real-time
requirements in future car communication. Software-Defined Networking (SDN)
extends the Ethernet control plane with a programming option that can add much
value to the resilience, security, and adaptivity of the automotive
environment. In this work, we derive a first concept for combining
Software-Defined Networking with Time-Sensitive Networking along with an
initial evaluation. Our measurements are performed via a simulation that
investigates whether an SDN architecture is suitable for time-critical
applications in the car. Our findings indicate that the control overhead of SDN
can be added without a delay penalty for the TSN traffic when protocols are
mapped properly.Comment: To be published at IEEE VTC2019-Sprin
- ā¦