A method for privacy-preserving collaborative filtering recommendations

With the continuous growth of the Internet and the progress of electronic commerce the issues of product recommendation and privacy protection are becoming increasingly important. Recommender Systems aim to solve the information overload problem by providing accurate recommendations of items to users. Collaborative filtering is considered the most widely used recommendation method for providing recommendations of items or users to other users in online environments. Additionally, collaborative filtering methods can be used with a trust network, thus delivering to the user recommendations from both a database of ratings and from users who the person who made the request knows and trusts. On the other hand, the users are having privacy concerns and are not willing to submit the required information (e.g., ratings for products), thus making the recommender system unusable. In this paper, we propose (a) an approach to product recommendation that is based on collaborative filtering and uses a combination of a ratings network with a trust network of the user to provide recommendations and (b) “neighbourhood privacy” that employs a modified privacy-aware role-based access control model that can be applied to databases that utilize recommender systems. Our proposed approach (1) protects user privacy with a small decrease in the accuracy of the recommendations and (2) uses information from the trust network to increase the accuracy of the recommendations, while, (3) providing privacy-preserving recommendations, as accurate as the recommendations provided without the privacy-preserving approach or the method that increased the accuracy applied

Progressive Fracture of [0/90/ + or - Theta]s Composite Structure Under Uniform Pressure Load

S-Glass/epoxy [0/90/plus or minus theta]s for theta =45 deg., 60 deg., and 75 deg. laminated fiber-reinforced composite stiffened plate was simulated to investigated for damage and fracture progression under uniform pressure. An integrated computer code was augmented for the simulation of the damage initiation, growth, accumulation, and propagation to fracture and to structural collapse. Results show in detail the damage progression sequence and structural fracture resistance during different degradation stages. Damage through the thickness of the laminate initiated first at [0/90/plus or minus 45]s at 15.168 MPa (2200 psi), followed by [0/90/plus or minus 60]s at 16.96 MPa (2460 psi) and finally by [0/90/plus or minus 75]s at 19.3 MPa (2800 psi). After damage initiation happened the cracks propagate rapidly to structural fracture

A framework to support selection of cloud providers based on security and privacy requirements

Cloud computing is an evolving paradigm that is radically changing the way humans store, share and access their digital files. Despite the many benefits, such as the introduction of a rapid elastic resource pool, and on-demand service, the paradigm also creates challenges for both users and providers. In particular, there are issues related to security and privacy, such as unauthorised access, loss of privacy, data replication and regulatory violation that require adequate attention. Nevertheless, and despite the recent research interest in developing software engineering techniques to support systems based on the cloud, the literature fails to provide a systematic and structured approach that enables software engineers to identify security and privacy requirements and select a suitable cloud service provider based on such requirements. This paper presents a novel framework that fills this gap. Our framework incorporates a modelling language and it provides a structured process that supports elicitation of security and privacy requirements and the selection of a cloud provider based on the satisfiability of the service provider to the relevant security and privacy requirements. To illustrate our work, we present results from a real case study

Assurance of security and privacy requirements for cloud deployment models

Despite of the several benefits of migrating enterprise critical assets to the Cloud, there are challenges specifically related to security and privacy. It is important that Cloud Users understand their security and privacy needs, based on their specific context and select cloud model best fit to support these needs. The literature provides works that focus on discussing security and privacy issues for cloud systems but such works do not provide a detailed methodological approach to elicit security and privacy requirements neither methods to select cloud deployment models based on satisfaction of these requirements by Cloud Service Providers. This work advances the current state of the art towards this direction. In particular, we consider requirements engineering concepts to elicit and analyze security and privacy requirements and their associated mechanisms using a conceptual framework and a systematic process. The work introduces assurance as evidence for satisfying the security and privacy requirements in terms of completeness and reportable of security incident through audit. This allows perspective cloud users to define their assurance requirements so that appropriate cloud models can be selected for a given context. To demonstrate our work, we present results from a real case study based on the Greek National Gazette

Privacy as an Integral Part of the Implementation of Cloud Solutions

Bridging the gap between design and implementation stages has been a major concern of designers, analysts and developers of information systems (ISs) and a major aspiration of a number of IS engineering approaches. Cloud computing exacerbates the strain on traditional IS engineering approaches that service-oriented computing has started. At the same time, recent research has argued about the importance of security and privacy in a cloud environment and highlighted a number of security and privacy challenges that are not present in traditional environments and need special attention when implementing or migrating ISs into a cloud environment. This paper contributes to this direction. Specifically, it presents a number of privacy-related cloud properties that analysts need to consider when designing privacy-aware systems in a cloud environment. Also it indicates a number of implementation techniques that can assist developers in assuring the respective properties

A Semi-Automatic Approach for Eliciting Cloud Security and Privacy Requirements

Cloud computing provides a wide range of services to organisations in a flexible and cost efficient manner. Nevertheless, inherent cloud security issues make organisations hesitant towards the migration of their services to cloud. In parallel, the cloud service-oriented nature requires a specific and more demanding description of the business functional requirements intended for migration. Organisations need to transform their functional requirements based on a specific language, taking into account the respective non-functional requirements of the migrating services. Thus, the need for an approach that will holistically capture organisations\u27 security and privacy requirements and transform them to cloud service requirements is immense. To this end, this paper presents an approach that takes as input abstract security and privacy requirements and produces through a semi-automatic process various alternative implementation options for cloud services. To achieve that a series of model transformations are utilised in order to create a mapping between the organisational and the operational level of the system\u27s analysis