36,462 research outputs found
Recommended from our members
Cyber insurance of information systems: Security and privacy cyber insurance contracts for ICT and helathcare organizations
Nowadays, more-and-more aspects of our daily activities are digitalized. Data and assets in the cyber-space, both for individuals and organizations, must be safeguarded. Thus, the insurance sector must face the challenge of digital transformation in the 5G era with the right set of tools. In this paper, we present CyberSure-an insurance framework for information systems. CyberSure investigates the interplay between certification, risk management, and insurance of cyber processes. It promotes continuous monitoring as the new building block for cyber insurance in order to overcome the current obstacles of identifying in real-time contractual violations by the insured party and receiving early warning notifications prior the violation. Lightweight monitoring modules capture the status of the operating components and send data to the CyberSure backend system which performs the core decision making. Therefore, an insured system is certified dynamically, with the risk and insurance perspectives being evaluated at runtime as the system operation evolves. As new data become available, the risk management and the insurance policies are adjusted and fine-tuned. When an incident occurs, the insurance company possesses adequate information to assess the situation fast, estimate accurately the level of a potential loss, and decrease the required period for compensating the insured customer. The framework is applied in the ICT and healthcare domains, assessing the system of medium-size organizations. GDPR implications are also considered with the overall setting being effective and scalable
Management and Service-aware Networking Architectures (MANA) for Future Internet Position Paper: System Functions, Capabilities and Requirements
Future Internet (FI) research and development threads have recently been gaining momentum all over the world and as such the international race to create a new generation Internet is in full swing: GENI, Asia Future Internet, Future Internet Forum Korea, European Union Future Internet Assembly (FIA). This is a position paper identifying the research orientation with a time horizon of 10 years, together with the key challenges for the capabilities in the Management and Service-aware Networking Architectures (MANA) part of the Future Internet (FI) allowing for parallel and federated Internet(s)
Viewpoint | Personal Data and the Internet of Things: It is time to care about digital provenance
The Internet of Things promises a connected environment reacting to and
addressing our every need, but based on the assumption that all of our
movements and words can be recorded and analysed to achieve this end.
Ubiquitous surveillance is also a precondition for most dystopian societies,
both real and fictional. How our personal data is processed and consumed in an
ever more connected world must imperatively be made transparent, and more
effective technical solutions than those currently on offer, to manage personal
data must urgently be investigated.Comment: 3 pages, 0 figures, preprint for Communication of the AC
Towards A Well-Secured Electronic Health Record in the Health Cloud
The major concerns for most cloud implementers particularly in the health care industry have remained data security
and privacy. A prominent and major threat that constitutes a hurdle for practitioners within the health industry from exploiting and
benefiting from the gains of cloud computing is the fear of theft of patients health data in the cloud. Investigations and surveys
have revealed that most practitioners in the health care industry are concerned about the risk of health data mix-up amongst the
various cloud providers, hacking to comprise the cloud platform and theft of vital patients’ health data.An overview of the
diverse issues relating to health data privacy and overall security in the cloud are presented in this technical report. Based on
identifed secure access requirements, an encryption-based eHR security model for securing and enforcing authorised access to
electronic health data (records), eHR is also presented. It highlights three core functionalities for managing issues relating to
health data privacy and security of eHR in health care cloud
The case for cloud service trustmarks and assurance-as-a-service
Cloud computing represents a significant economic opportunity for Europe. However, this growth is threatened by adoption barriers largely related to trust. This position paper examines trust and confidence issues in cloud computing and advances a case for addressing them through the implementation of a novel trustmark scheme for cloud service providers. The proposed trustmark would be both active and dynamic featuring multi-modal information about the performance of the underlying cloud service. The trustmarks would be informed by live performance data from the cloud service provider, or ideally an independent third-party accountability and assurance service that would communicate up-to-date information relating to service performance and dependability. By combining assurance measures with a remediation scheme, cloud service providers could both signal dependability to customers and the wider marketplace and provide customers, auditors and regulators with a mechanism for determining accountability in the event of failure or non-compliance. As a result, the trustmarks would convey to consumers of cloud services and other stakeholders that strong assurance and accountability measures are in place for the service in question and thereby address trust and confidence issues in cloud computing
SAMI: Service-Based Arbitrated Multi-Tier Infrastructure for Mobile Cloud Computing
Mobile Cloud Computing (MCC) is the state-ofthe- art mobile computing
technology aims to alleviate resource poverty of mobile devices. Recently,
several approaches and techniques have been proposed to augment mobile devices
by leveraging cloud computing. However, long-WAN latency and trust are still
two major issues in MCC that hinder its vision. In this paper, we analyze MCC
and discuss its issues. We leverage Service Oriented Architecture (SOA) to
propose an arbitrated multi-tier infrastructure model named SAMI for MCC. Our
architecture consists of three major layers, namely SOA, arbitrator, and
infrastructure. The main strength of this architecture is in its multi-tier
infrastructure layer which leverages infrastructures from three main sources of
Clouds, Mobile Network Operators (MNOs), and MNOs' authorized dealers. On top
of the infrastructure layer, an arbitrator layer is designed to classify
Services and allocate them the suitable resources based on several metrics such
as resource requirement, latency and security. Utilizing SAMI facilitate
development and deployment of service-based platform-neutral mobile
applications.Comment: 6 full pages, accepted for publication in IEEE MobiCC'12 conference,
MobiCC 2012:IEEE Workshop on Mobile Cloud Computing, Beijing, Chin
- …