2,600 research outputs found
User-centric secure cross-site interaction framework for online social networking services
Social networking service is one of major technological phenomena on Web 2.0. Hun- dreds of millions of users are posting message, photos, and videos on their profiles and interacting with other users, but the sharing and interaction are limited within the same social networking site. Although users can share some content on a social networking site with people outside of the social networking sites using a public references to their content, appropriate access control mechanisms are not supported. In this dissertation, we outline a cross-site interaction framework and identity mapping approaches that enable social net- work users to share their content across social networking sites. We propose a cross-site interaction framework x-mngr, allowing users to interact with others on other social net- working sites, with a cross-site access control policy. We also propose identity-mapping approaches that map user’s identities across social networking sites. The partial mapping approach based on a supervised learning mechanism which provides user’s identity map- ping based on a training set composed of a small subset of the profile mappings. We provide mechanisms to enable users to fuse identity-mapping decisions that are provided by their friends or others on the social network. Furthermore, we propose a Game With A Purpose (GWAP) approach that provides identity-mappings using a social network game. The proposed framework and game are implemented on real social networking sites such as Facebook and MySpace. The experiments are performed to evaluate the feasibility of our approaches. A user study is also performed and the result is included as part of our evaluation efforts for the proposed framework
A SEMANTIC BASED POLICY MANAGEMENT FRAMEWORK FOR CLOUD COMPUTING ENVIRONMENTS
Cloud computing paradigm has gained tremendous momentum and generated intensive interest.
Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption.
In this dissertation, we mainly focus on issues related to policy management and access control in the cloud.
Currently, users have to use diverse access control mechanisms to protect their data when stored on the cloud service providers (CSPs).
Access control policies may be specified in different policy languages and heterogeneity of access policies pose significant problems.An ideal policy management system should be able to work with all data regardless of where they are stored.
Semantic Web technologies when used for policy management, can help address the crucial issues of interoperability of heterogeneous CSPs.
In this dissertation, we propose a semantic based policy management framework for cloud computing environments which consists of two main components, namely policy management and specification component and policy evolution component.
In the policy management and specification component, we first introduce policy management as a service (PMaaS), a cloud based policy management framework that give cloud users a unified control point for specifying authorization policies, regardless of where the data is stored. Then, we present semantic based policy management framework which enables users to specify access control policies using semantic web technologies and helps address heterogeneity issues of cloud computing environments.
We also model temporal constraints and restrictions in GTRBAC using OWL and show how ontologies can be used to specify temporal constraints.
We present a proof of concept implementation of the proposed framework and provide some performance evaluation.
In the policy evolution component, we propose to use role mining techniques to deal with policy evolution issues and present StateMiner, a heuristic algorithm to find an RBAC state as close as possible to both the deployed RBAC state and the optimal state. We also implement the proposed algorithm and perform some experiments to demonstrate its effectiveness
DESIGN AND EXPLORATION OF NEW MODELS FOR SECURITY AND PRIVACY-SENSITIVE COLLABORATION SYSTEMS
Collaboration has been an area of interest in many domains including education, research, healthcare supply chain, Internet of things, and music etc. It enhances problem solving through expertise sharing, ideas sharing, learning and resource sharing, and improved decision making.
To address the limitations in the existing literature, this dissertation presents a design science artifact and a conceptual model for collaborative environment. The first artifact is a blockchain based collaborative information exchange system that utilizes blockchain technology and semi-automated ontology mappings to enable secure and interoperable health information exchange among different health care institutions. The conceptual model proposed in this dissertation explores the factors that influences professionals continued use of video- conferencing applications. The conceptual model investigates the role the perceived risks and benefits play in influencing professionals’ attitude towards VC apps and consequently its active and automatic use
Bootstrapping security policies for wearable Apps using attributed structural graphs
We address the problem of bootstrapping security and privacy policies for newly-deployed apps in wireless body area networks (WBAN) composed of smartphones, sensors and other wearable devices. We introduce a framework to model such a WBAN as an undirected graph whose vertices correspond to devices, apps and app resources, while edges model structural relationships among them. This graph is then augmented with attributes capturing the features of each entity together with user-defined tags. We then adapt available graph-based similarity metrics to find the closest app to a new one to be deployed, with the aim of reusing, and possibly adapting, its security policy. We illustrate our approach through a detailed smartphone ecosystem case study. Our results suggest that the scheme can provide users with a reasonably good policy that is consistent with the user’s security preferences implicitly captured by policies already in place.MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You)
Ditto: Towards Decentralised Similarity Search for Web3 Services
The Web has become an integral part of life, and over the past decade, it has become increasingly centralised, leading to a number of challenges such as censorship and control, particularly in search engines. Recently, the paradigm of the decentralised Web (DWeb), or Web3, has emerged, which aims to provide decentralised alternatives to current systems with decentralised control, transparency, and openness. In this paper we introduce Ditto, a decentralised search mechanism for DWeb content, based on similarity search. Ditto uses locality sensitive hashing (LSH) to extract similarity signatures and records from content, which are stored on a decentralised index on top of a distributed hash table (DHT). Ditto uniquely supports numerous underlying content networks and types, and supports various use-cases, including keyword-search. Our evaluation shows that our system is feasible and that our search quality, delay, and overhead are comparable to those currently accepted by users of DWeb and search systems
Cloud technology options towards Free Flow of Data
This whitepaper collects the technology solutions that the projects in the Data Protection, Security and Privacy Cluster propose to address the challenges raised by the working areas of the Free Flow of Data initiative. The document describes the technologies, methodologies, models, and tools researched and developed by the clustered projects mapped to the ten areas of work of the Free Flow of Data initiative. The aim is to facilitate the identification of the state-of-the-art of technology options towards solving the data security and privacy challenges posed by the Free Flow of Data initiative in Europe. The document gives reference to the Cluster, the individual projects and the technologies produced by them
Machine Learning and Big Data Methodologies for Network Traffic Monitoring
Over the past 20 years, the Internet saw an exponential grown of traffic, users, services and applications. Currently, it is estimated that the Internet is used everyday by more than 3.6 billions users, who generate 20 TB of traffic per second. Such a huge amount of data challenge network managers and analysts to understand how the network is performing, how users are accessing resources, how to properly control and manage the infrastructure, and how to detect possible threats. Along with mathematical, statistical, and set theory methodologies machine learning and big data approaches have emerged to build systems that aim at automatically extracting information from the raw data that the network monitoring infrastructures offer.
In this thesis I will address different network monitoring solutions, evaluating several methodologies and scenarios. I will show how following a common workflow, it is possible to exploit mathematical, statistical, set theory, and machine learning methodologies to extract meaningful information from the raw data. Particular attention will be given to machine learning and big data methodologies such as DBSCAN, and the Apache Spark big data framework.
The results show that despite being able to take advantage of mathematical, statistical, and set theory tools to characterize a problem, machine learning methodologies are very useful to discover hidden information about the raw data. Using DBSCAN clustering algorithm, I will show how to use YouLighter, an unsupervised methodology to group caches serving YouTube traffic into edge-nodes, and latter by using the notion of Pattern Dissimilarity, how to identify changes in their usage over time. By using YouLighter over 10-month long races, I will pinpoint sudden changes in the YouTube edge-nodes usage, changes that also impair the end users’ Quality of Experience. I will also apply DBSCAN in the deployment of SeLINA, a self-tuning
tool implemented in the Apache Spark big data framework to autonomously extract knowledge from network traffic measurements. By using SeLINA, I will show how to automatically detect the changes of the YouTube CDN previously highlighted by YouLighter.
Along with these machine learning studies, I will show how to use mathematical and set theory methodologies to investigate the browsing habits of Internauts. By using a two weeks dataset, I will show how over this period, the Internauts continue
discovering new websites. Moreover, I will show that by using only DNS information to build a profile, it is hard to build a reliable profiler. Instead, by exploiting mathematical and statistical tools, I will show how to characterize Anycast-enabled CDNs (A-CDNs). I will show that A-CDNs are widely used either for stateless and stateful services. That A-CDNs are quite popular, as, more than 50% of web users contact an A-CDN every day. And that, stateful services, can benefit of A-CDNs, since their paths are very stable over time, as demonstrated by the presence of only a few anomalies in their Round Trip Time.
Finally, I will conclude by showing how I used BGPStream an open-source software framework for the analysis of both historical and real-time Border Gateway Protocol (BGP) measurement data. By using BGPStream in real-time mode I will show how I detected a Multiple Origin AS (MOAS) event, and how I studies the black-holing community propagation, showing the effect of this community in the network. Then, by using BGPStream in historical mode, and the Apache Spark big data framework over 16 years of data, I will show different results such as the continuous growth of IPv4 prefixes, and the growth of MOAS events over time.
All these studies have the aim of showing how monitoring is a fundamental task in different scenarios. In particular, highlighting the importance of machine learning and of big data methodologies
Actions speak louder than words: Semi-supervised learning for browser fingerprinting detection
As online tracking continues to grow, existing anti-tracking and
fingerprinting detection techniques that require significant manual input must
be augmented. Heuristic approaches to fingerprinting detection are precise but
must be carefully curated. Supervised machine learning techniques proposed for
detecting tracking require manually generated label-sets. Seeking to overcome
these challenges, we present a semi-supervised machine learning approach for
detecting fingerprinting scripts. Our approach is based on the core insight
that fingerprinting scripts have similar patterns of API access when generating
their fingerprints, even though their access patterns may not match exactly.
Using this insight, we group scripts by their JavaScript (JS) execution traces
and apply a semi-supervised approach to detect new fingerprinting scripts. We
detail our methodology and demonstrate its ability to identify the majority of
scripts (94.9%) identified by existing heuristic techniques. We also
show that the approach expands beyond detecting known scripts by surfacing
candidate scripts that are likely to include fingerprinting. Through an
analysis of these candidate scripts we discovered fingerprinting scripts that
were missed by heuristics and for which there are no heuristics. In particular,
we identified over one hundred device-class fingerprinting scripts present on
hundreds of domains. To the best of our knowledge, this is the first time
device-class fingerprinting has been measured in the wild. These successes
illustrate the power of a sparse vector representation and semi-supervised
learning to complement and extend existing tracking detection techniques
Virtual assistants in customer interface
This thesis covers use of virtual assistants from a user organization’s perspective, exploring
challenges and opportunities related to introducing virtual assistants to an organization’s
customer interface. Research related to virtual assistants is spread over many distinct fields of
research spanning several decades. However, widespread use of virtual assistants in
organizations customer interface is a relatively new and constantly evolving phenomenon.
Scientific research is lacking when it comes to current use of virtual assistants and user
organization’s considerations related to it.
A qualitative, semi-systematic literature review method is used to analyse progression of
research related to virtual assistants, aiming to identify major trends. Several fields of research
that cover virtual assistants from different perspectives are explored, focusing primarily on
Human-Computer Interaction and Natural Language Processing. Additionally, a case study of a
Finnish insurance company’s use of virtual assistants supports the literature review and helps
understand the user organization’s perspective. This thesis describes how key technologies have
progressed, gives insight on current issues that affect organizations and points out opportunities
related to virtual assistants in the future. Interviews related to the case study give a limited
understanding as to what challenges are currently at the forefront when it comes to using this
new technology in the insurance industry.
The case study and literature review clearly point out that use of virtual assistants is hindered
my various practical challenges. Some practical challenges related to making a virtual assistant
useful for an organization seem to be industry-specific, for example issues related to giving
advice about insurance products. Other challenges are more general, for example unreliability of
customer feedback. Different customer segments have different attitudes towards interacting
with virtual assistants, from positive to negative, making the technology a clearly polarizing
issue. However, customers in general seem to be becoming more accepting towards the
technology in the long term. More research is needed to understand future potential of virtual
assistants in customer interactions and customer relationship management.Tämä tutkielma tutkii virtuaaliassistenttien käyttöä käyttäjäorganisaation perspektiivistä, antaen
käsityksen mitä haasteita ja mahdollisuuksia liittyy virtuaaliassistenttien käyttöönottoon
organisaation asiakasrajapinnassa. Virtuaaliassistentteihin liittyvä tutkimus jakautuu monien eri
tutkimusalojen alaisuuteen ja useiden vuosikymmenien ajalle. Laajamittainen
virtuaaliassistenttien käyttö asiakasrajapinnassa on kuitenkin verrattain uusi ja jatkuvasti
kehittyvä ilmiö. Tieteellinen tutkimus joka liittyy virtuaaliassistenttien nykyiseen käyttöön ja
käyttäjäorganisaation huomioon otetaviin asioihin on puutteellista.
Tämä tutkielma käyttää kvalitatiivista, puolisystemaattista kirjallisuusanalyysimetodia
tutkiakseen virtuaaliassistentteihin liittyviä kehityskulkuja, tarkoituksena tunnistaa merkittäviä
trendejä. Tutkimus kattaa useita tutkimusaloja jotka käsittelevät virtuaaliassistentteja eri
näkökulmista, keskittyen pääasiassa Human-Computer Interaction- sekä Natural Language
Processing -tutkimusaloihin. Lisäksi tutkielmassa on tapaustutkimus suomalaisen
vakuutusyhtiön virtuaaliassistenttien käytöstä, joka tukee kirjallisuusanalyysiä ja auttaa
ymmärtämään käyttäjäorganisaation perspektiiviä. Tutkielma kuvailee kuinka keskeiset
teknologiat ovat kehittyneet, auttaa ymmärtämään tämänhetkisiä ongelmia jotka koskettavat
organisaatioita sekä esittelee virtuaaliassistentteihin liittyviä mahdollisuuksia tulevaisuudessa.
Tapaustutkimukseen liittyvät haastattelut antavat rajoitetun kuvan kyseisen uuden teknologian
käyttöön liittyvistä haasteista vakuutusalalla.
Tapaustutkimus ja kirjallisuusanalyysi osoittavat että virtuaaliassistenttien käyttöönottoon liittyy
erilaisia käytännön haasteita. Jotkut haasteet vaikuttavat olevan toimialakohtaisia, liittyen
esimerkiksi vakuutustuotteita koskeviin neuvoihin. Toiset haasteet taas ovat yleisempiä, liittyen
esimerkiksi asiakaspalautteen epäluotettavuuteen. Eri asiakassegmenteillä on erilaisia asenteita
virtuaaliassistentteja kohtaan, vaihdellen positiivisesta negatiiviseen, joten kyseinen teknologia
on selvästi polarisoiva aihe. Pitkällä aikavälillä asiakkaiden asenteet teknologiaa kohtaan
vaikuttavat kuitenkin muuttuvan hyväksyvämpään suuntaan. Lisää tutkimusta tarvitaan jotta
voidaan ymmärtää virtuaaliassistenttien tulevaisuuden potentiaalia asiakaskohtaamisissa ja
asiakkuudenhallinnassa
- …