Privacy-Respecting Smart Video Surveillance Based on Usage Control Enforcement

This research introduces a conceptual framework for enforcing privacy-related restrictions in smart video surveillance systems based on danger levels and incident types to be handled. It increases the selectivity of surveillance by restricting data processing to individuals associated to incidents under investigation. Constraints are enforced by usage control, which is instantiated for video surveillance for the first time and enables tailoring such systems to comply with data protection law

Access Control for Binary Integrity Protection using Ethereum

The integrity of executable binaries is essential to the security of any device that runs them. At best, a manipulated binary can leave the system in question open to attack, and at worst, it can compromise the entire system by itself. In recent years, supply-chain attacks have demonstrated that binaries can even be compromised unbeknownst to their creators. This, in turn, leads to the dissemination of supposedly valid binaries that need to be revoked later. In this paper, we present and evaluate a concept for publishing and revoking integrity protecting information for binaries, based on the Ethereum Blockchain and its underlying peer-to-peer network. Smart Contracts are used to enforce access control over the publication and revocation of integrity preserving information, whereas the peer-to-peer network serves as a fast, global communication service to keep user clients informed. The Ethereum Blockchain serves as a tamper-evident, publicly-verifiable log of published and revoked binaries. Our implementation incurs costs comparable to registration fees for centralised software distribution platforms but allows publication and revocation of individual binaries within minutes. The proposed concept can be integrated incrementally into existing software distribution platforms, such as package repositories or various app stores

Optimal human labelling for anomaly detection in industrial inspection

Anomaly detection with machine learning in industrial inspection systems for manufactured products relies on labelleddata. This rises the question how the labelling by humans should be conducted. We consider the case where we want to optimise the cost of the combined inspection process done by humans and an algorithm. This also influences the combined performance of the trained model as well as the knowledge of the performance of this model. We focus on so called one-class classification problem models which produce a continuous outlier score. We establish some cost model for human and machine combined inspection of samples. We then discuss in this cost model how to select two optimal boundaries of the outlier score where in between these two boundaries human inspection takes place. We also frame this established knowledge into an applicable algorithm

IT-Sicherheit im Wettstreit um die erste autonome Fahrzeugflotte: Ein Diffusionsmodell

In der Fahrzeugindustrie halten aktuell eine Reihe von Neuerungen Ein‑ zug. So sorgen neben dem Umstieg auf E‑Mobilität hochtechnologische Assistenzsysteme in Fahrzeugen für einschneidende Veränderungen. Eine weitere mit diesen neuen Systemen einhergehende Neuerung ist, dass Autos nun wie Smartphones mit regelmäßigen Updates versorgt werden. Der Hersteller Tesla behauptet sogar, seine Autos in Zukunft per Softwareupdate zum vollautonomen Fahrzeug upgraden zu können. Diese Entwicklung kann zu einer nicht nachhaltigen und risikoreichen Entwicklung der IT‑Security und der Umweltbilanz des Fahrzeugsektors führen. IT security and competition in the automotive industry A diffusion model Today’s automotive industry is changing rapidly. The slow movement toward electric mobility and highly technical assistant systems chal- lenge old hierarchies. Another innovation associated with the latter is that cars now receive regular software updates, just like smartphones. Tesla even claims to be able to upgrade their cars to fully autonomous driving in the future. This could lead to an unsustainable and risky development of IT security and the environmental performance of the vehicle sector

Identity Management and Protection Motivated by the General Data Protection Regulation of the European Union-A Conceptual Framework Based on State-of-the-Art Software Technologies

In times of strongly (personal) data-driven economy, the inception of the European General Data Protection Regulation (GDPR) recently reinforced the call for transparency and informational self-determination—not only due to the penalties for data protection violations becoming significantly more severe. This paper recaps the GDPR articles that should be noticed by software designers and developers and explains how, from the perspective of computer scientists, the summarized requirements can be implemented based on state-of-the-art technologies, such as data provenance tracking, distributed usage control, and remote attestation protocols. For this, the challenges for data controllers, i.e., the service providers, as well as for the data subjects, i.e., the users whose personal data are being processed by the services, are worked out. As a result, this paper proposes the ideal functionality of a next-generation privacy dashboard interacting with data provenance and usage control infrastructure implemented at the service providers to operationalize the legal rights of the data subject granted by the GDPR. Finally, it briefly outlines the options for establishing trust in data provenance tracking and usage control infrastructures operated by the service providers themselves

IT-Sicherheit im Wettstreit um die erste autonome Fahrzeugflotte

In der Fahrzeugindustrie halten aktuell eine Reihe von Neuerungen Einzug. So sorgen neben dem Umstieg auf E‑Mobilität hochtechnologische Assistenzsysteme in Fahrzeugen für einschneidende Veränderungen. Eine weitere mit diesen neuen Systemen einhergehende Neuerung ist, dass Autos nun wie Smartphones mit regelmäßigen Updates versorgt werden. Der Hersteller Tesla behauptet sogar, seine Autos in Zukunft per Softwareupdate zum vollautonomen Fahrzeug upgraden zu können. Diese Entwicklung kann zu einer nicht nachhaltigen und risikoreichen Entwicklung der IT‑Security und der Umweltbilanz des Fahrzeugsektors führe

Secure and privacy-respecting documentation for interactive manufacturing and quality assurance

The automated documentation of work steps is a requirement of many modern manufacturing processes. Especially when it comes to important procedures such as safety critical screw connections or weld seams, the correct and complete execution of certain manufacturing steps needs to be properly supervised, e.g., by capturing video snippets of the worker to be checked in hindsight. Without proper technical and organizational safeguards, such documentation data carries the potential for covert performance monitoring to the disadvantage of employees. Naïve documentation architectures interfere with data protection requirements, and thus cannot expect acceptance of employees. In this paper we outline use cases for automated documentation and describe an exemplary system architecture of a workflow recognition and documentation system. We derive privacy protection goals that we address with a suitable security architecture based on hybrid encryption, secret-sharing among multiple parties and remote attestation of the system to prevent manipulation. We finally contribute an outlook towards problems and possible solutions with regards to information that can leak through accessible metadata and with regard to more modular system architectures, where more sophisticated remote attestation approaches are needed to ensure the integrity of distributed components

Privacy-Respecting Smart Video Surveillance Based on Usage Control Enforcement

This research introduces a conceptual framework for enforcing privacy-related restrictions in smart video surveillance systems based on danger levels and incident types to be handled. It increases the selectivity of surveillance by restricting data processing to individuals associated to incidents under investigation. Constraints are enforced by usage control, which is instantiated for video surveillance for the first time and enables tailoring such systems to comply with data protection law

A privacy-aware fall detection system for hospitals and nursing facilities

Hospitals and nursing facilities are confronted with a critical shortage of qualified nursing staff. At the same time, patient safety must not fall by the wayside. Therefore, we are facing a growing demand for assistance technologies that free up time for the medical responsibilities. We introduce a prototype of a fall detection system based on cameras and computer vision algorithms, which satisfies the high privacy demands of hospitals and nursing facilities. Our system explains its operations to patients and staff in order to establish transparency. Whenever we show video data to a nurse, it is either anonymized using image processing techniques or protected against misuse through usage control enforcement