A course in database systems offers the opportunity to help students understand, in a coherent way, the complete context of designing, implementing, and using a database. this presentation explores a module in an onli...
详细信息
ISBN:
(纸本)9781450344524
A course in database systems offers the opportunity to help students understand, in a coherent way, the complete context of designing, implementing, and using a database. this presentation explores a module in an online database Systems course covering privacy, ethics, data use, and maintenance, all in the context of a sequence of case study assignments that focuses on data modeling and database implementation.
When customers purchase a product or sign up for service from a company, they often are required to agree to a privacy Policy or Terms of Service agreement. Many of these policies are lengthy, and a typical customer a...
详细信息
ISBN:
(纸本)9781450339353
When customers purchase a product or sign up for service from a company, they often are required to agree to a privacy Policy or Terms of Service agreement. Many of these policies are lengthy, and a typical customer agrees to them without reading them carefully if at all. To address this problem, we have developed a prototype automatic text summarization system which is specifically designed for privacy policies. Our system generates a summary of a policy statement by identifying important sentences from the statement, categorizing these sentences by which of 5 "statement categories" the sentence addresses, and displaying to a user a list of the sentences which match each category. Our system incorporates keywords identified by a human domain expert and rules that were obtained by machine learning, and they are combined in an ensemble architecture. We have tested our system on a sample corpus of privacy statements, and preliminary results are promising.
In international military coalitions, situation awareness is achieved by gathering critical intel from different authorities. Authorities want to retain control over their data, as they are sensitive by nature, and, t...
详细信息
ISBN:
(纸本)9781450339353
In international military coalitions, situation awareness is achieved by gathering critical intel from different authorities. Authorities want to retain control over their data, as they are sensitive by nature, and, thus, usually employ their own authorization solutions to regulate access to them. In this paper, we highlight that harmonizing authorization solutions at the coalition level raises many challenges. We demonstrate how we address authorization challenges in the context of a scenario defined by military experts using a prototype implementation of SAFAX, an XacmL-based architectural framework tailored to the development of authorization services for distributed systems.
System primitives allow formalisms, reasoning, simulations, and reliability and security risk-tradeoffs to be formulated and argued. In this work, six core primitives belonging to most distributed systems are presente...
详细信息
ISBN:
(纸本)9781450339353
System primitives allow formalisms, reasoning, simulations, and reliability and security risk-tradeoffs to be formulated and argued. In this work, six core primitives belonging to most distributed systems are presented. these primitives apply well to systems with large amounts of data, scalability concerns, heterogeneity concerns, temporal concerns, and elements of unknown pedigree with possible nefarious intent. these primitives form the basic building blocks for a Network of 'things' (NoT), including the Internet of things (IoT). this keynote offers an underlying and foundational science to IoT. To my knowledge, the ideas and the manner in which the science underlying IoT is presented here is unique. Further, this talk reflects my personal viewpoints and not those of NIST.
Using data about individuals without revealing sensitive information about them is important. In recently years, a new privacy protection concept is called k-anonymity has been introduced. On the other hand, applicati...
详细信息
ISBN:
(纸本)9781450350846
Using data about individuals without revealing sensitive information about them is important. In recently years, a new privacy protection concept is called k-anonymity has been introduced. On the other hand, application of person trip data analysis is demanded for public policy making such as tourism and *** this research, TTPP and Kn-Query method is introduced to solved a conflict between privacy protection and utilization of person trip data. TTPP method is proposed as a data structure which describes person trip using the paired entries of fixed point observed personal location with track ID, time window and place. Kn-Query is a query summarizing the number of samples under given conditions satisfying *** an ordinal method, validation of k-anonymity and person trip analysis have been considered separately. the proposed method solved a conflict between privacy and utilization of personal data.
Resource discovery in unstructured peer-to-peer networks causes a search query to be flooded throughout the network via random nodes, leading to security and privacy issues. the owner of the search query does not have...
详细信息
ISBN:
(纸本)9781450339353
Resource discovery in unstructured peer-to-peer networks causes a search query to be flooded throughout the network via random nodes, leading to security and privacy issues. the owner of the search query does not have control over the transmission of its query through the network. Although algorithms have been proposed for policy-compliant query or data routing in a network, these algorithms mainly deal with authentic route computation and do not provide mechanisms to actually verify the network paths taken by the query. In this work, we propose an approach to deal withthe problem of verifying network paths taken by a search query during resource discovery, and detection of malicious forwarding of search query. Our approach aims at being secure and yet very scalable, even in the presence of huge number of nodes in the network.
Fog computing is one of the most important paradigms used in modern world as an extension to cloud computing. Like Cloud Computing, it provides data storage, manipulation and computation of data, but to the edge of th...
详细信息
ISBN:
(纸本)9781509035434
Fog computing is one of the most important paradigms used in modern world as an extension to cloud computing. Like Cloud Computing, it provides data storage, manipulation and computation of data, but to the edge of the network, i.e. to the user end. this research paper deals withthe threat to security issues, especially with location privacy and data confidentiality. the way service providers as well as government can access users data is covered. Furthermore the misconceptions about the rights of users are discussed. Finally the concept of decoy technique with some modification for location and dataprivacy is also covered.
the proceedings contain 24 papers. the topics discussed include: a comparative s-index in factoring RSA modulus via Lucas sequences;families of cyclotomic cosets withapplication to secret sharing scheme;families of c...
ISBN:
(纸本)9789834406950
the proceedings contain 24 papers. the topics discussed include: a comparative s-index in factoring RSA modulus via Lucas sequences;families of cyclotomic cosets withapplication to secret sharing scheme;families of cyclotomic cosets withapplication to secret sharing scheme;fingerprint minutiae template protection for privacy preserving;generating non-invertible iris template for privacy preserving;a new improved attack on RSA;securing outsourced storage;S-box optimization using heuristic methods;high capacity data embedding method with LSB and PVD shift;critical analysis on steganography technique in text domain;and oblivious memory trace in graphics hardware with constant blowup.
Workflows and role-based access control models need to be suitably merged, in order to allow users to perform processes in a correct way, according to the given data access policies and the temporal constraints. Given...
详细信息
ISBN:
(纸本)9781450339353
Workflows and role-based access control models need to be suitably merged, in order to allow users to perform processes in a correct way, according to the given data access policies and the temporal constraints. Given a mapping between workflow models and simple temporal networks with uncertainty, we discuss a mapping between role temporalities and simple temporal networks, and how to connect the two resulting networks to make explicit who can do what, when. If the connected network is still executable, we show how to compute the set of authorized users for each task. Finally, we define security constraints (to prevent users from doing unauthorized actions) and security constraint propagation rules (to propagate security constraints at runtime). We also provide an algorithm to check whether a set of propagation rules is safe, and we extend an existing execution algorithm to take into account these new security aspects.
暂无评论