Data protection in Cloud scenarios

We present a brief overview of the main challenges related to data protection that need to be addressed when data are stored, processed, or managed in the cloud. We also discuss emerging approaches and directions to address such challenges

A two-phase approach for real-world train unit scheduling

A two-phase approach for the train unit scheduling problem is proposed. The first phase assigns and sequences train trips to train units temporarily ignoring some station infrastructure details. Real-world scenarios such as compatibility among traction types and banned/restricted locations and time allowances for coupling/ decoupling are considered. Its solutions would be near-operable. The second phase focuses on satisfying the remaining station detail requirements, such that the solutions would be fully operable. The first phase is modeled as an integer fixed-charge multicommodity flow (FCMF) problem. A branch-and-price approach is proposed to solve it. Experiments have shown that it is only capable of handling problem instances within about 500 train trips. The train company collaborating in this research operates over 2400 train trips on a typical weekday. Hence, a heuristic has been designed for compacting the problem instance to a much smaller size before the branch-and-price solver is applied. The process is iterative with evolving compaction based on the results from the previous iteration, thereby converging to near-optimal results. The second phase is modeled as a multidimensional matching problem with a mixed integer linear programming (MILP) formulation. A column-and-dependentrow generation method for it is under development

De-identifying a public use microdata file from the Canadian national discharge abstract database

<p>Abstract</p> <p>Background</p> <p>The Canadian Institute for Health Information (CIHI) collects hospital discharge abstract data (DAD) from Canadian provinces and territories. There are many demands for the disclosure of this data for research and analysis to inform policy making. To expedite the disclosure of data for some of these purposes, the construction of a DAD public use microdata file (PUMF) was considered. Such purposes include: confirming some published results, providing broader feedback to CIHI to improve data quality, training students and fellows, providing an easily accessible data set for researchers to prepare for analyses on the full DAD data set, and serve as a large health data set for computer scientists and statisticians to evaluate analysis and data mining techniques. The objective of this study was to measure the probability of re-identification for records in a PUMF, and to de-identify a national DAD PUMF consisting of 10% of records.</p> <p>Methods</p> <p>Plausible attacks on a PUMF were evaluated. Based on these attacks, the 2008-2009 national DAD was de-identified. A new algorithm was developed to minimize the amount of suppression while maximizing the precision of the data. The acceptable threshold for the probability of correct re-identification of a record was set at between 0.04 and 0.05. Information loss was measured in terms of the extent of suppression and entropy.</p> <p>Results</p> <p>Two different PUMF files were produced, one with geographic information, and one with no geographic information but more clinical information. At a threshold of 0.05, the maximum proportion of records with the diagnosis code suppressed was 20%, but these suppressions represented only 8-9% of all values in the DAD. Our suppression algorithm has less information loss than a more traditional approach to suppression. Smaller regions, patients with longer stays, and age groups that are infrequently admitted to hospitals tend to be the ones with the highest rates of suppression.</p> <p>Conclusions</p> <p>The strategies we used to maximize data utility and minimize information loss can result in a PUMF that would be useful for the specific purposes noted earlier. However, to create a more detailed file with less information loss suitable for more complex health services research, the risk would need to be mitigated by requiring the data recipient to commit to a data sharing agreement.</p

Specification and Deployment of Integrated Security Policies for Outsourced Data

International audienceThis paper presents a well-founded language allowing in one hand data owners to easily specify their security and utility requirements over the data to be outsourced and in an another hand to formalize the set of security mechanisms that can be used for the protection of out-sourced data. Based on the formalization of security and utility require-ments and security mechanisms properties, we formally identify the best mechanisms, and the best way to combine them to get the best trade-off between utility and security

Enforcing confidentiality constraints on sensitive databases with lightweight trusted clients

Existing approaches for protecting sensitive information stored (outsourced) at external "honest-but-curious" servers are typically based on an overlying layer of encryption that is applied on the whole information, or use a combination of fragmentation and encryption. The computational load imposed by encryption makes such approaches not suitable for scenarios with lightweight clients. In this paper, we address this issue and propose a novel model for enforcing privacy requirements on the outsourced information which departs from encryption. The basic idea of our approach is to store a small portion of the data (just enough to break sensitive associations) on the client, which is trusted being under the data owner control, while storing the remaining information in clear form at the external (honest-but-curious) server. We model the problem and provide a solution for it aiming at minimizing the data stored at the client. We also illustrate the execution of queries on the fragmented information

Sensibilit\ue0 di Stemphylium vesicarium, agente della maculatura bruna del pero, a boscalid

RIASSUNTO Boscalid \ue8 stato recentemente registrato (luglio 2006) in Italia su pero per la difesa dalla maculatura bruna (Stemphylium vesicarium). Visto l\u2019elevato numero di trattamenti necessari per il contenimento di questa malattia, dalla fioritura alla raccolta, l\u2019introduzione di nuovi prodotti a diverso meccanismo d\u2019azione risulta molto interessante, soprattutto nei casi di accertata resistenza a dicarbossimidici e strobilurine, che sono, insieme ai ditiocarbammati, i prodotti chiave nella difesa dalla maculatura. In questo lavoro si \ue8 valutata la sensibilit\ue0 a boscalid di 232 isolati di S. vesicarium, raccolti nelle principali aree pericole della Pianura Padana dal 2007 al 2009, evidenziando come non vi siano variazioni rispetto alla sensibilit\ue0 naturale (baseline) anche in frutteti dove questo prodotto \ue8 stato utilizzato da pi\uf9 di tre anni cio\ue8 subito dopo la sua registrazione in Italia. Non si osservano differenze nella sensibilit\ue0 a boscalid anche in isolati resistenti a dicarbossimidici e strobilurine, confermando in questi casi l\u2019attivit\ue0 di questo prodotto a diverso meccanismo d\u2019azione. SUMMARY SENSITIVITY TO BOSCALID OF STEMPHYLIUM VESICARIUM ISOLATES COLLECTED IN ITALIAN PEAR ORCHARDS Boscalid was recently (July 2006) introduced in pear brown spot control. This disease, caused by Stemphylium vesicarium, requires many treatments from petal fall to fruit ripening, thus new compounds with different mechanisms of action are welcome, especially when dicarboximide and/or strobilurin resistance occurred. This study showed that boscalid sensitivity of 232 S. vasicarium isolates was still comparable with baseline values even after 3 years of its use in the field. No differences were observed also in isolates resistant to dicarboximides and strobilurins, confirming the activity of boscalid, which has a different mechanism of actio

Synthesis and Performance Optimization of a Switching Nano-crossbar Computer

International audienc

Selective and fine-grained access to data in the cloud

This chapter surveys some of the research results related to the protection and efficient access to data stored and managed by external cloud servers. We first provide an overview of the security and privacy problems and challenges that need to be considered, and then illustrate emerging approaches for protecting data externally stored, and for enforcing fine-grained (queries) and selective (access control) accesses on them. Finally, we show how the combined application of the solutions discussed may introduce privacy problems that should be carefully considered

Sofismi, fallacie ed equivoci

Circuit minimization is a useful procedure in the field of logic synthesis. Recently, it was proven that the minimization of ( ∨ , ∧ ,¬) formulae is hard for the second level of the polynomial hierarchy [BU08]. The complexity of minimizing more specialized formula models was left open, however. One model used in logic synthesis is a three-level model in which the third level is composed of parity gates, called SPPs. SPPs allow for small representations of Boolean functions and have efficient heuristics for minimization. However, little was known about the complexity of SPP minimization. Here, we show that SPP minimization is complete for the second level of the Polynomial Hierarchy under Turing reductions

Privacy in the electronic society

Internet provides unprecedented opportunities for the collection and sharing of privacy-sensitive information from and about users. Information about users is collected every day, as they join associations or groups, shop for groceries, or execute most of their common daily activities. Such information is subsequently processed, exchanged and shared between different parties; with users often having users have often little control over their personal information once it has been disclosed to third parties. Privacy is then becoming an increasing concern. In this paper we discuss some problems to be addressed in the protection of information in our electronic society, surveying ongoing work and open issues to be investigated