Secure data sharing and processing in heterogeneous clouds

The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors

Semantic security: specification and enforcement of semantic policies for security-driven collaborations

Collaborative research can often have demands on finer-grained security that go beyond the authentication-only paradigm as typified by many e-Infrastructure/Grid based solutions. Supporting finer-grained access control is often essential for domains where the specification and subsequent enforcement of authorization policies is needed. The clinical domain is one area in particular where this is so. However it is the case that existing security authorization solutions are fragile, inflexible and difficult to establish and maintain. As a result they often do not meet the needs of real world collaborations where robustness and flexibility of policy specification and enforcement, and ease of maintenance are essential. In this paper we present results of the JISC funded Advanced Grid Authorisation through Semantic Technologies (AGAST) project (www.nesc.ac.uk/hub/projects/agast) and show how semantic-based approaches to security policy specification and enforcement can address many of the limitations with existing security solutions. These are demonstrated into the clinical trials domain through the MRC funded Virtual Organisations for Trials and Epidemiological Studies (VOTES) project (www.nesc.ac.uk/hub/projects/votes) and the epidemiological domain through the JISC funded SeeGEO project (www.nesc.ac.uk/hub/projects/seegeo)

Analysis of Security and Performance Service in Service Oriented Architecture (SOA) and Data Integration

Nowdays, the use of web services in the world of education is very much particular services and information provided in the form of the transaction until the payment - the payment and security in a system that is built in the form of a website. This system does not yet have a system that is integrated with each other and the security that is necessary to develop a system that leads towards it. Services provided requires an integrated system of all related system, the Service Oriented Architecture (SOA) to be used as an efficient solution for integrating distributed applications. In SOA-based environment that focuses on quality of service called WSARCH (Web Services Architecture). With this paper can then propose a system that uses a Service Oriented Architecture (SOA) with Web Services Architecture to resolve accurately than techniques that have a lower negative impact in terms of service performance and security

Analysis of Security Service Oriented Architecture (SOA) With Access Control Models Dynamic Level

Now we are moving towards the "Internet of Things" (IOT) in millions of devices will be interconnected with each other, giving and taking information provided within a network that can work together. Because of computing and information processing itself IOT core supporters, So in this paper introduces "Service-Oriented Computing" (SOA) as one of the models that can be used. Where's it at each device can offer functionality as a standard service [4]. In SOA, we can make the resources available to each other in the IOT together. However, a major challenge in these service-oriented environment is the design of effective access control schemes. In SOA, the service will be invoked by a large number, and at the same time authentication and authorization need to cross several security domains are always used. In this paper, we present the analysis of data safety suatua WorkflowBased Access Control Model associated oriented (WABAC) to troubleshoot problems that occur within a system integration. The analysis showed that the point system function model based integration system that is lower than the legacy model of SOA-based systems, by designing several services using WOA approach. In addition, we have observed that the integrated model can guarantee the quality of service, security and reliability main, by applying SOA approach when needed. Finally, experimental results have proved that the service can be run side by side seamlessly without performance degradation and additional complexity

Analysis of Security Service Oriented Architecture (SOA) with Access Control Models Dynamic Level

Now we are moving towards the "Internet of Things" (IOT) in millions of devices will be interconnected with each other, giving and taking information provided within a network that can work together. Because of computing and information processing itself IOT core supporters, So in this paper introduces "Service-Oriented Computing" (SOA) as one of the models that can be used. Where's it at each device can offer functionality as a standard service [4]. In SOA, we can make the resources available to each other in the IOT together. However, a major challenge in these service-oriented environment is the design of effective access control schemes. In SOA, the service will be invoked by a large number, and at the same time authentication and authorization need to cross several security domains are always used. In this paper, we present the analysis of data safety suatua WorkflowBased Access Control Model associated oriented (WABAC) to troubleshoot problems that occur within a system integration. The analysis showed that the point system function model based integration system that is lower than the legacy model of SOA-based systems, by designing several services using WOA approach. In addition, we have observed that the integrated model can guarantee the quality of service, security and reliability main, by applying SOA approach when needed. Finally, experimental results have proved that the service can be run side by side seamlessly without performance degradation and additional complexity

Analysis of Security and Performance Service in Service Oriented Architecture (SOA) and Data Integration

Nowdays, the use of web services in the world of education is very much particular services and information provided in the form of the transaction until the payment - the payment and security in a system that is built in the form of a website. This system does not yet have a system that is integrated with each other and the security that is necessary to develop a system that leads towards it. Services provided requires an integrated system of all related system, the Service Oriented Architecture (SOA) to be used as an efficient solution for integrating distributed applications. In SOA-based environment that focuses on quality of service called WSARCH (Web Services Architecture). With this paper can then propose a system that uses a Service Oriented Architecture (SOA) with Web Services Architecture to resolve accurately than techniques that have a lower negative impact in terms of service performance and security

Authorization schema for electronic health-care records: for Uganda

This thesis discusses how to design an authorization schema focused on ensuring each patient's data privacy within a hospital information system

Semantic privacy-preserving framework for electronic health record linkage

The combination of digitized health information and web-based technologies offers many possibilities for data analysis and business intelligence. In the healthcare and biomedical research domain, applications depending on electronic health records (EHRs) identify privacy preservation as a major concern. Existing solutions cannot always satisfy the evolving research demands such as linking patient records across organizational boundaries due to the potential for patient re-identification. In this work, we show how semantic methods can be applied to support the formulation and enforcement of access control policy whilst ensuring that privacy leakage can be detected and prevented. The work is illustrated through a case study associated with the Australasian Diabetes Data Network (ADDN – www.addn.org.au), the national paediatric type-1 diabetes data registry, and the Australian Urban Research Infrastructure Network (AURIN – www.aurin.org.au) platform that supports Australia-wide access to urban and built environment data sets. We demonstrate that through extending the eXtensible Access Control Markup Language (XACML) with semantic capabilities, finer-grained access control encompassing data risk disclosure mechanisms can be supported. We discuss the contributions that can be made using this approach to socio-economic development and political management within business systems, and especially those situations where secure data access and data linkage is required