195,344 research outputs found
Web services security evaluation considerations
Web services development is a key theme in utilisation of the
commercial exploitation of the semantic web. Paramount to the development
and offering of such services is the issue of security features and the way these
are applied in instituting trust amongst participants and recipients of
the service. Implementing such security features is a major challenge to
developers as they need to balance these with performance and interoperability
requirements. Being able to evaluate the level of security offered is a desirable
feature for any prospective participant. The authors attempt to address the
issues of security requirements and evaluation criteria, while they discuss the
challenges of security implementation through a simple web service application
case
BOF4WSS : a business-oriented framework for enhancing web services security for e-business
When considering Web services' (WS) use for online business-to-business (B2B) collaboration between companies, security is a complicated and very topical issue. This is especially true with regard to reaching a level of security beyond the technological layer, that is supported and trusted by all businesses involved. With appreciation of this fact, our research draws from established development methodologies to develop a new, business-oriented framework (BOF4WSS) to guide e-businesses in defining, and achieving agreed security levels across these collaborating enterprises. The approach envisioned is such that it can be used by businesses-in a joint manner-to manage the comprehensive concern that security in the WS environment has become
CamFlow: Managed Data-sharing for Cloud Services
A model of cloud services is emerging whereby a few trusted providers manage
the underlying hardware and communications whereas many companies build on this
infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS
applications. From the start, strong isolation between cloud tenants was seen
to be of paramount importance, provided first by virtual machines (VM) and
later by containers, which share the operating system (OS) kernel. Increasingly
it is the case that applications also require facilities to effect isolation
and protection of data managed by those applications. They also require
flexible data sharing with other applications, often across the traditional
cloud-isolation boundaries; for example, when government provides many related
services for its citizens on a common platform. Similar considerations apply to
the end-users of applications. But in particular, the incorporation of cloud
services within `Internet of Things' architectures is driving the requirements
for both protection and cross-application data sharing.
These concerns relate to the management of data. Traditional access control
is application and principal/role specific, applied at policy enforcement
points, after which there is no subsequent control over where data flows; a
crucial issue once data has left its owner's control by cloud-hosted
applications and within cloud-services. Information Flow Control (IFC), in
addition, offers system-wide, end-to-end, flow control based on the properties
of the data. We discuss the potential of cloud-deployed IFC for enforcing
owners' dataflow policy with regard to protection and sharing, as well as
safeguarding against malicious or buggy software. In addition, the audit log
associated with IFC provides transparency, giving configurable system-wide
visibility over data flows. [...]Comment: 14 pages, 8 figure
Distributed Access Control for Web and Business Processes
Middleware influenced the research community in developing a number of systems for controlling access to distributed resources. Nowadays a new paradigm for the lightweight integration of business resources from different partners is starting to take hold – Web Services and Business Processes for Web Services. Security and access control policies for Web Services protocols and distributed systems are well studied and almost standardized, but there is not yet a comprehensive proposal for an access control architecture for business processes. So, it is worth looking at the available approaches to distributed authorization as a starting point for a better understanding of what they already have and what they still need to address the security challenges for business processes
Technical considerations towards mobile user QoE enhancement via Cloud interaction
This paper discusses technical considerations of a Cloud infrastructure which interacts with mobile devices in order to migrate part of the computational overhead from the mobile device to the Cloud. The aim of the interaction between the mobile device and the Cloud is the enhancement of parameters that affect the Quality of Experience (QoE) of the mobile end user through the offloading of computational aspects of demanding applications. This paper shows that mobile user’s QoE can be potentially enhanced by offloading computational tasks to the Cloud which incorporates a predictive context-aware mechanism to schedule delivery of content to the mobile end-user using a low-cost interaction model between the Cloud and the mobile user. With respect to the proposed enhancements, both the technical considerations of the cloud infrastructure are examined, as well as the interaction between the mobile device and the Cloud
Alcuni abstract di articoli che trattano argomenti relativi all'eHealth
Non utile per esam
Developing a Framework for Creating mHealth Surveys
Various issues in the design of surveys for mobile health (mHealth) research projects yet exist. As mHealth solutions become more popular, new issues are brought into consideration. Researchers need to collect some critical information from participants in these mHealth studies. These mHealth studies require a specialized framework to create surveys, track progress and analyze user data. In these procedures, mHealth’s needs differ from other studies. Therefore, there has to be a new framework that satisfies needs of mHealth research studies. Although there are studies for creating efficient, robust and user-friendly surveys, there is no solution or study, which is specialized in mHealth area and solves specific problems of mHealth research studies. mHealth research studies sometimes require real-time access to user data. Reward systems may play a key role in their study. Most importantly, storing user information securely plays a key role in these studies. There is no such solution or study, which covers all these areas. In this thesis, we present guidelines for developing a framework for creating mHealth surveys. In doing this, we hope that we propose a solution for problems of creating and using of surveys in mHealth studies
- …