Advanced Cloud Privacy Threat Modeling

Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat modeling as a part of requirements engineering in secure software development provides a structured approach for identifying attacks and proposing countermeasures against the exploitation of vulnerabilities in a system . This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in relation to processing sensitive data in cloud computing environments. It describes the modeling methodology that involved applying Method Engineering to specify characteristics of a cloud privacy threat modeling methodology, different steps in the proposed methodology and corresponding products. We believe that the extended methodology facilitates the application of a privacy-preserving cloud software development approach from requirements engineering to design

Using Data Analytics to Predict an Individual Lawyer\u27s Legal Malpractice Risk Profile: Becoming an LPL Precog

The power of data analytics is revolutionizing the way that business is conducted in nearly every industry. The medical industry, the consumer/retail space, and the banking and financial industries are taking their business operations to the next level by leveraging the power of big data. Despite radical transformations in nearly every other aspect of the legal industry, though, the approach to preventing, predicting, assessing, and resolving malpractice claims hasn\u27t really changed. Malpractice insurers and their law firm clients continue to take an old-fashioned approach when it comes to legal professional liability. Unlike the insurers pricing automobile policies, the vast opportunity that LPL insurers could use hasn\u27t been used well--at least not yet. LPL industry experts have confirmed that most legal malpractice insurers aren\u27t leveraging advancements in technology and legal analytics in order to predict risk areas. Instead, LPL carriers primarily are reacting to actual events or using the broad brush of simple demographics to set rates. Consequently, the all-in malpractice costs for insurers and law firms continue to escalate, even though risk and costs should both be decreasing. This is the wrong result for everyone directly or peripherally involved in the legal industry and, more specifically, the wrong result for the LPL industry as a whole. Our paper posits that a progressive, data-driven approach to legal professional liability will reduce the overall cost of malpractice claims, thus helping law firms to recognize potential pressure points before those intimations of problems become full-blown blisters. Part I analyzes the underpinnings of malpractice claims. Part II discusses how malpractice insurers and their law firm clients have historically assessed, underwritten, and resolved malpractice claims. Part III explains why historical malpractice metrics fall short. And Part IV proposes a new data-driven analytic schema by which malpractice claims might be predicted, managed, assessed, and resolved

Data Loss Prevention Management and Control: Inside Activity Incident Monitoring, Identification, and Tracking in Healthcare Enterprise Environments

As healthcare data are pushed online, consumers have raised big concerns on the breach of their personal information. Law and regulations have placed businesses and public organizations under obligations to take actions to prevent data breach. Among various threats, insider threats have been identified to be a major threat on data loss. Thus, effective mechanisms to control insider threats on data loss are urgently needed. The objective of this research is to address data loss prevention challenges in healthcare enterprise environment. First, a novel approach is provided to model internal threat, specifically inside activities. With inside activities modeling, data loss paths and threat vectors are formally described and identified. Then, threat vectors and potential data loss paths have been investigated in a healthcare enterprise environment. Threat vectors have been enumerated and data loss statistics data for some threat vectors have been collected. After that, issues on data loss prevention and inside activity incident identification, tracking, and reconstruction are discussed. Finally, evidences of inside activities are modeled as evidence trees to provide guidance for inside activity identification and reconstruction

Big Data Security (Volume 3)

After a short description of the key concepts of big data the book explores on the secrecy and security threats posed especially by cloud based data storage. It delivers conceptual frameworks and models along with case studies of recent technology

E-Commerce Technology and Some Applications

Latest and dependable way to deliver electronic transactions by computer to computer communication combined with (JIT) ; Just in time manufacturing methods; EDI and email used for many years. e-commerce is a transaction of buying or selling online. Electronic commerce draws on technologies such as mobile commerce, electronic funds transfer, supply chain management, Internet marketing, online transaction processing, electronic data interchange (EDI), inventory management systems, and automated data collection systems