Security Framework for Decentralized Shared Calendars

International audienceWe propose a security framework for Decentralized Shared Calendar. The proposed security framework provides confidentiality to replicated shared calendar events and secures the commu- nication between users. It is designed in such a way that DeSCal preserves all of its characteristic features like fault-tolerance, crash recovery, availability and dynamic access control. It has been implemented on iPhone OS.Nous proposons un protocole de sécurité pour des agendas partagés dont la gestion de données est complètement décentralisée. Dans ce protocole, nous assurons à la fois (i) la confidentialité du contenu répliqué et (ii) la sécurité de communication entre les utilisateurs. Comme nous utilisons une réplication complête de données, notre protocole préserve toutes les caractéristiques d'une telle réplication, à savoir : la tolérance aux pannes et la reprise après panne. Pour valider notre solution, nous avons implémenté un prototype sur des mobiles tournant sous le système iPhone OS

MobileAppScrutinator: A Simple yet Efficient Dynamic Analysis Approach for Detecting Privacy Leaks across Mobile OSs

Smartphones, the devices we carry everywhere with us, are being heavily tracked and have undoubtedly become a major threat to our privacy. As "tracking the trackers" has become a necessity, various static and dynamic analysis tools have been developed in the past. However, today, we still lack suitable tools to detect, measure and compare the ongoing tracking across mobile OSs. To this end, we propose MobileAppScrutinator, based on a simple yet efficient dynamic analysis approach, that works on both Android and iOS (the two most popular OSs today). To demonstrate the current trend in tracking, we select 140 most representative Apps available on both Android and iOS AppStores and test them with MobileAppScrutinator. In fact, choosing the same set of apps on both Android and iOS also enables us to compare the ongoing tracking on these two OSs. Finally, we also discuss the effectiveness of privacy safeguards available on Android and iOS. We show that neither Android nor iOS privacy safeguards in their present state are completely satisfying

An assessment of communication skills of the MD/MS students of institute of medicine in Nepal

Introduction The main objective of this study was to assess the level of interpersonal communication skills of MD/MS resident doctors and to provide recommendations for the future. Methods Descriptive, cross sectional, qualitative and quantitative research design was used. 7- point Likert scale (0 to 6) MAAS-Global scoring instrument was used. The subjects of the research were the MD/MS residents from various departments of Maharajgunj Medical Campus (MMC) of Institute of Medicine, Maharajgunj, Kathmandu. Out of 162 MD/MS residents, only 30 (18.5%) MD/MS residents were selected for the sample size for the study from 1st, 2nd and 3rd year. One MD/MS resident was required four video recording to conduct four interviews with patients coming to the outpatient department. Results There was high degree of positive correlation between Information sharing and Management (r=0.746) whereas weak negative correlation on clarification and diagnosis (r=-0.011). Inter-rater correlation was established before hand and was satisfactory (p < 0.05). Conclusions This base line study of MD/MS residents shows that over all MD/MS residents are deficient in almost all the components of interpersonal communication skills. A communication skills training course in postgraduate medical education could improve the existing communication skills of the doctors in Nepal

Estimation of Missing Values in the Data Mining and Comparison of Imputation Methods

Many existing, industrial, and research data sets contain missing values (MVs). There are various reasons for their existence, such as manual data entry procedures, equipment errors, and incorrect measurements. The presence of such imperfections usually requires a preprocessing stage in which the data are prepared and cleaned,in order to be useful and sufficiently clear for the knowledge extraction process. MVs make the performance of data analysis difficult. The presence of MVs can also pose serious problems for researchers. In fact, in the appropriate handling of the MVs in the analysis may introduce bias and can result in misleading conclusions being drawn from a research study and can also limit the generalize ability of the research findings. The various types of problem are usually associated with MVs in data mining are (1) loss of efficiency;(2) complications in handling and analyzing the data; and(3)&nbsp; bias resulting from differences between missing and complete data. We will focus our attention on the use of imputation methods. A fundamental advantage of this approach is that the MV treatment is independent of the learning algorithm used. For this reason, the user can select the most appropriate method for each situation he faces. In this paper, different methods of estimation of missing values are discussed. The comparison of different imputation methods is given by using non-parametric methods.&nbsp

On K-Edge Fine Structure Spectra of Some Cu(I) Complexes

303-30

Characterization of Group Divisible Designs

In this paper, some inequalities of PBIB designs have been given. In this paper, the characterization of all the three types of GD designs, by finding some equalities and inequalities among the parameters of GD designs is obtained

X-Ray K-Absorption Studies of Some Cu(II) Complexes

765-76

K-Absorption Edges of Some Cu(II) Complexes Involving Metal-Metal Exchange Interaction

768-77

Traçage en ligne : démystification et contrôle

It is no surprise, given smartphones convenience and utility, to see their wide adoption worldwide. Smartphones are naturally gathering a lot of personal information as the user communicates, browses the web and runs various Apps. They are equipped with GPS, NFC and digital camera facilities and therefore smartphones generate new personal information as they are used. Since they are almost always connected to the Internet, and are barely turned off, they can potentially reveal a lot of information about the activities of their owners. The close arrival of smart-­‐watches and smart-­‐glasses will just increase the amount of personal information available and the privacy leakage risks. This subject is closely related to the Mobilitics project that is currently conducted by Inria/Privatics and CNIL, the French data protection authority [1][2][3]. Therefore, the candidate will benefit from the investigations that are on progress in this context, in order to understand the situation and the trends. The candidate will also benefit from all the logging and analysis tools we developed for the iOS and Android Mobile OSes, as well as the experienced gained on the subject. Another question is the arrival of HTML5 based Mobile OSes, like Firefox OS: it clearly opens new directions as it "uses completely open standards and there’s no proprietary software or technology involved" (Andreas Gal, Mozilla). But what are the implications from a Mobile OS privacy point of view? That's an important topic to analyze. Beyond understanding the situation, the candidate will also explore several directions in order to improve the privacy control of mobile devices. First of all, a privacy-­‐by-­‐design approach, when feasible, is an excellent way to tackle the problem. For instance the current trend is to rely more and more on cloud-­‐based services, either directly (e.g., via Dropbox, Instagram, Social Networks, or similar services), or indirectly (e.g., when a backup of the contact, calendar, accounts databases is needed). But pushing data on cloud-­‐based systems, somewhere on the Internet, is in total contradiction with our privacy considerations. Therefore, an idea is to analyze and experiment with personal cloud services (e.g., ownCLoud, diaspora) that are fully managed by the user. Here the goal is to understand the possibilities, the opportunities, and the usability of such systems, either as a replacement or in association with commercial cloud services. Another direction is to carry out behavioral analyses. Indeed, in order to precisely control the privacy aspects, at one extreme, the user may have to deeply interact with the device (e.g., through pop-ups each time a potential privacy leak is identified), which negatively impacts the usability of the device. At the other extreme, the privacy control may be oversimplified, in the hope not to interfere too much with the user, as is the case with the Android static authorizations or the one-­‐time pop-­‐ups of iOS6. This is not appropriate either, since using private information once is not comparable to using it every minute. A better approach could be to perform, with the help of a machine learning system for instance, a dynamic analysis of the Mobile OS or App behavior from a privacy perspective and to interfere with the user only when it is deemed appropriate. This could enable a good tradeoff between privacy control and usability, with user actions only when meaningful. How far such a behavioral analysis can go and what are the limitations of the approach (e.g., either from a CPU/battery drain perspective, or in front of programming tricks to escape the analysis) are open questions. Tainting techniques applied to Mobile OSes (e.g., Taint-­Droid) can be used as a basic bloc to build a behavioral analysis tool, but they have limited accuracy are unable to analyze native code and have poor performances.Il n'est pas surprenant , compte tenu de smartphones commodité et l'utilité, pour voir leur adoption à grande échelle dans le monde entier . Les smartphones sont naturellement rassemblent un grand nombre de renseignements personnels que l'utilisateur communique , navigue sur le Web et fonctionne diverses applications . Ils sont équipés de GPS , NFC et les installations d'appareils photo numériques et les smartphones génèrent donc de nouvelles informations personnelles telles qu'elles sont utilisées . Comme ils sont presque toujours connectés à Internet , et sont à peine éteints, ils peuvent potentiellement révéler beaucoup d'informations sur les activités de leurs propriétaires. L'arrivée à proximité de la puce - montres et intelligents - lunettes va juste augmenter la quantité de renseignements personnels disponibles et les risques de fuite de confidentialité . Ce sujet est étroitement lié au projet Mobilitics qui est actuellement menée par l'Inria / Privatics et CNIL , l'autorité française de protection des données [ 1] [2 ] [3] . Par conséquent , le candidat bénéficiera des enquêtes qui sont en cours dans ce contexte, afin de comprendre la situation et les tendances. Le candidat devra également bénéficier de tous les outils de diagraphie et l'analyse que nous avons développées pour l'iOS et Android OS mobiles , ainsi que l' expérience acquise sur le sujet. Une autre question est l'arrivée de HTML5 base de systèmes d'exploitation mobiles , comme Firefox OS: il ouvre clairement de nouvelles directives qu'elle " utilise des normes ouvertes complètement et il n'y a pas de logiciel propriétaire ou technologie impliquée " ( Andreas Gal, Mozilla) . Mais quelles sont les implications d'un point de vie privée OS mobile de vue? C'est un sujet important à analyser. Au-delà de la compréhension de la situation , le candidat devra aussi explorer plusieurs directions afin d' améliorer le contrôle des appareils mobiles de la vie privée . Tout d'abord, une vie privée - par - approche de conception , lorsque cela est possible , est une excellente façon d'aborder le problème . Par exemple, la tendance actuelle est de plus en plus compter sur un nuage - Services basés , soit directement (par exemple , via Dropbox, Instagram , les réseaux sociaux ou services similaires ) , ou indirectement (par exemple , lorsqu'une sauvegarde du contact , calendrier, bases de données des comptes sont nécessaires ) . Mais en poussant des données sur les nuages ​​- systèmes basés , quelque part sur Internet , est en totale contradiction avec nos considérations de confidentialité. Par conséquent, l'idée est d'analyser et d'expérimenter avec les services de cloud personnel (par exemple , owncloud , diaspora ) qui sont entièrement gérés par l'utilisateur. Ici, le but est de comprendre les possibilités, les opportunités et la facilité d'utilisation de ces systèmes , que ce soit en remplacement ou en association avec les services de cloud commerciales. Une autre direction est d' effectuer des analyses comportementales . En effet, afin de contrôler précisément les aspects de la vie privée , à un extrême , l'utilisateur peut avoir à interagir fortement avec l'appareil (par exemple , par le biais des pop-ups chaque fois une fuite potentielle de la vie privée est identifié ) , qui a un impact négatif sur la facilité d'utilisation de l'appareil . À l'autre extrême , le contrôle de la vie privée peut être simplifiée à l'extrême , dans l'espoir de ne pas trop interférer avec l'utilisateur, comme c'est le cas avec les autorisations statiques Android ou celui - Temps pop - up de iOS6 . Ce n'est pas non plus approprié , puisque l'utilisation de renseignements personnels une fois n'est pas comparable à l'utiliser chaque minute