869 research outputs found
Viewpoint | Personal Data and the Internet of Things: It is time to care about digital provenance
The Internet of Things promises a connected environment reacting to and
addressing our every need, but based on the assumption that all of our
movements and words can be recorded and analysed to achieve this end.
Ubiquitous surveillance is also a precondition for most dystopian societies,
both real and fictional. How our personal data is processed and consumed in an
ever more connected world must imperatively be made transparent, and more
effective technical solutions than those currently on offer, to manage personal
data must urgently be investigated.Comment: 3 pages, 0 figures, preprint for Communication of the AC
CamFlow: Managed Data-sharing for Cloud Services
A model of cloud services is emerging whereby a few trusted providers manage
the underlying hardware and communications whereas many companies build on this
infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS
applications. From the start, strong isolation between cloud tenants was seen
to be of paramount importance, provided first by virtual machines (VM) and
later by containers, which share the operating system (OS) kernel. Increasingly
it is the case that applications also require facilities to effect isolation
and protection of data managed by those applications. They also require
flexible data sharing with other applications, often across the traditional
cloud-isolation boundaries; for example, when government provides many related
services for its citizens on a common platform. Similar considerations apply to
the end-users of applications. But in particular, the incorporation of cloud
services within `Internet of Things' architectures is driving the requirements
for both protection and cross-application data sharing.
These concerns relate to the management of data. Traditional access control
is application and principal/role specific, applied at policy enforcement
points, after which there is no subsequent control over where data flows; a
crucial issue once data has left its owner's control by cloud-hosted
applications and within cloud-services. Information Flow Control (IFC), in
addition, offers system-wide, end-to-end, flow control based on the properties
of the data. We discuss the potential of cloud-deployed IFC for enforcing
owners' dataflow policy with regard to protection and sharing, as well as
safeguarding against malicious or buggy software. In addition, the audit log
associated with IFC provides transparency, giving configurable system-wide
visibility over data flows. [...]Comment: 14 pages, 8 figure
Information Flow Audit for Transparency and Compliance in the Handling of Personal Data
This is the author accepted manuscript. The final version is available from IEEE via http://dx.doi.org/10.1109/IC2EW.2016.29The adoption of cloud computing is increasing and its use is becoming widespread in many sectors. As the proportion of services provided using cloud computing increases, legal and regulatory issues are becoming more significant. In this paper we explore how an Information Flow Audit (IFA) mechanism, that provides key data regarding provenance, can be used to verify compliance with regulatory and contractual duty, and survey potential extensions. We explore the use of IFA for such a purpose through a smart electricity metering use case derived from a French Data Protection Agency recommendation.This work was supported by UK Engineering and Physical Sciences Research Council grant EP/K011510 CloudSafetyNet: End-to-End Application Security in the Cloud. We acknowledge the support of Microsoft through the Microsoft Cloud Computing Research Centre
Boundary Correlators in 2D Quantum Gravity: Liouville versus Discrete Approach
We calculate a class of two-point boundary correlators in 2D quantum gravity
using its microscopic realization as loop gas on a random surface. We find a
perfect agreement with the two-point boundary correlation function in Liouville
theory, obtained by V. Fateev, A. Zamolodchikov and Al. Zamolodchikov. We also
give a geometrical meaning of the functional equation satisfied by this
two-point function.Comment: 21 pages, 5 figures, harvmac, eqs. (2.11) and (5.11) correcte
Facilitating plausible deniability for cloud providers regarding tenants' activities using trusted execution
Twenty security considerations for cloud-supported Internet of Things
To realise the broad vision of pervasive computing,
underpinned by the “Internet of Things” (IoT), it is essential to
break down application and technology-based silos and support
broad connectivity and data sharing; the cloud being a natural
enabler. Work in IoT tends towards the subsystem, often focusing
on particular technical concerns or application domains, before
offloading data to the cloud. As such, there has been little regard
given to the security, privacy and personal safety risks that arise
beyond these subsystems; that is, from the wide-scale, crossplatform
openness that cloud services bring to IoT.
In this paper we focus on security considerations for IoT from
the perspectives of cloud tenants, end-users and cloud providers,
in the context of wide-scale IoT proliferation, working across
the range of IoT technologies (be they things or entire IoT
subsystems). Our contribution is to analyse the current state of
cloud-supported IoT to make explicit the security considerations
that require further work.This work was supported by UK Engineering and Physical Sciences
Research Council grant EP/K011510 CloudSafetyNet:
End-to-End Application Security in the Cloud and Microsoft
through the Microsoft Cloud Computing Research Centre
L’Expert
Le Spécialiste peut être fier de lui.Au terme d’études brillantes, il a choisi le sacerdoce de la recherche. Les austères années passées en bibliothèque et en laboratoire n’ont pas été vaines : ses travaux sont renommés, et la communauté scientifique le reconnaît comme une référence dans son domaine. Ses collègues le respectent, ses étudiants l’admirent. Pourtant il se sent mal à l’aise, à l’étroit dans le segment de savoir devenu son royaume. Non qu’il se déprécie : il aspire au contraire à ..
Recommended from our members
Information Flow Audit for Transparency and Compliance in the Handling of Personal Data
Abstract—The adoption of cloud computing is increasing and its use is becoming widespread in many sectors. As the proportion of services provided using cloud computing increases, legal and regulatory issues are becoming more significant. In this paper we explore how an Information Flow Audit (IFA) mechanism, that provides key data regarding provenance, can be used to verify compliance with regulatory and contractual duty, and survey potential extensions. We explore the use of IFA for such a purpose through a smart electricity metering use case derived from a French Data Protection Agency recommendation.Engineering and Applied Science
De l’interdiscipline à l’indiscipline. Et retour ?
« Can we show a little discipline ? »The National, Cherry Tree, Talitres, 2004 Le projet de Labyrinthe, affiché depuis sa création en 1998, met l’accent sur la volonté « interdisciplinaire » de décloisonner les savoirs, sur un plan à la fois pragmatique et théorique. Dès l’origine, nous n’avons pas voulu nous satisfaire d’un simple geste de révolte ou d’une « refondation » après table rase, réflexe irréfléchi qui ne se préoccuperait pas réellement des conditions et modalités d’une « connaissa..
- …