99 resultados para pacs: data security
Resumo:
This chapter will focus upon the impact of Generation F - the Facebook Generation - and their attitudes to security. The chapter is based around discussing the loss of data, the prevention approaches and enforcement policies that are currently being investigated, and the implications that this has upon the modern, working environment. The changing landscape of work presents the issue of the Need to Know against the modern, working practises of Need to Share, a conflict that needs to be resolved as a matter of urgency. Many hold the view that it would be wrong to return to the Cold War scenario, however the modern position of Need to Share leads to a steadily rising fear of Information Insecurity. Accepting this situation means that working practises within large organisations need to be reviewed without ignoring the benefits of the new and emerging technologies and yet still be vigilant with regards to Information security.
Resumo:
Radio Frequency Identification (RFID) is an emerging wireless object identification technology with many potential applications such as supply chain management, personnel tracking and healthcare. However, security vulnerabilities of the RFID system have been a serious concern for its wide adoption in many applications. Although much work has been done to provide privacy and anonymity, little focus has been given to ensure RFID data confidentiality, integrity and to address the tampered data recovery problem. To this end, we propose a lightweight stenographic-based approach to ensure RFID data confidentiality and integrity as well as the recovery of tampered RFID data.
Resumo:
Sharing data that contains personally identifiable or sensitive information, such as medical records, always has privacy and security implications. The issues can become rather complex when the methods of access can vary, and accurate individual data needs to be provided whilst mass data release for specific purposes (for example for medical research) also has to be catered for. Although various solutions have been proposed to address the different aspects individually, a comprehensive approach is highly desirable. This paper presents a solution for maintaining the privacy of data released en masse in a controlled manner, and for providing secure access to the original data for authorized users. The results show that the solution is provably secure and maintains privacy in a more efficient manner than previous solutions.
Resumo:
Recent investigations have determined that many Android applications in both official and non-official online markets expose details of the user's mobile phone without user consent. In this paper, for the first time in the research literature, we provide a full investigation of why such applications leak, how they leak and where the data is leaked to. In order to achieve this, we employ a combination of static and dynamic analysis based on examination of Java classes and application behaviour for a data set of 123 samples, all pre-determined as being free from malicious software. Despite the fact that anti-virus vendor software did not flag any of these samples as malware, approximately 10% of them are shown to leak data about the mobile phone to a third-party; applications from the official market appear to be just as susceptible to such leaks as applications from the non-official markets.
Resumo:
In this thesis we propose and present a number of methods by which the performance and security of networked RFID systems can be improved. These include a networked P2P RFID architecture, a comprehensive RFID security framework, a RFID security protocol and an RFID malware detection and Prevention technique.
Resumo:
Cloud computing is an emerging technology and it utilizes the cloud power to many technical solutions. The e-learning solution is one of those technologies where it implements the cloud power in its existing system to enhance the functionality providing to e-learners. Cloud technology has numerous advantages over the existing traditional e-learning systems. However security is a major concern in cloud based e-learning. Therefore security measures are unavoidable to prevent the loss of users’ valuable data from the security vulnerabilities. This paper investigates various security issues involved in cloud based e-learning technology with an aim to suggest remedial in the form of security measures and security management standards. These will help to overcome the security threats in cloud based e-learning technology. Solving the key problems will also encourage the widespread adoption of cloud computing in educational institutes.
Resumo:
With the arrival of Big Data Era, properly utilizing the power of big data is becoming increasingly essential for the strength and competitiveness of businesses and organizations. We are facing grand challenges from big data from different perspectives, such as processing, communication, security, and privacy. In this talk, we discuss the big data challenges in network traffic classification and our solutions to the challenges. The significance of the research lies in the fact that each year the network traffic increase exponentially on the current Internet. Traffic classification has wide applications in network management, from security monitoring to quality of service measurements. Recent research tends to apply machine-learning techniques to flow statistical feature based classification methods. In this talk, we propose a series of novel approaches for traffic classification, which can improve the classification performance effectively by incorporating correlated information into the classification process. We analyze the new classification approaches and their performance benefit from both theoretical and empirical perspectives. A large number of experiments are carried out on two real-world traffic datasets to validate the proposed approach. The results show the traffic classification performance can be improved significantly even under the extreme difficult circumstance of very few training samples. Our work has significant impact on security applications.
Resumo:
Radio Frequency Identification (RFID) is an emerging wireless object identification technology with many potential applications such as supply chain management, personnel tracking and healthcare. However, security vulnerabilities of the RFID system have been a serious concern for its wide adoption in many applications. Although there are lots of work to provide privacy and anonymity, little focus has been given to ensure confidentiality and integrity of RFID tag data. To this end, we propose a lightweight hybrid approach based on stenographic and watermarking to ensure data confidentiality, linkability resistance and integrity on the RFID tags data. The proposed technique is capable of tampered data recovering and restoring for RFID tag. It has been validated and tested on EPC class 1 gen2 tags.
Resumo:
Android is a new generation of an open operating system directed at mobile devices that are carried every day. The openness of this architecture is leading to new applications and opportunities including a host of multimedia services, new interfaces and browsers, multitasking including support for wireless local, personal and wide area networking services. Security with mobility and wireless connectivity thus becomes even more important with all these exciting developments. Vital security issues such as leakage of private information, file stealing and spambots abound in networks in practice and Android networks continue to be subject to these same families of vulnerabilities. This paper provides a demonstration of such vulnerabilities in spite of the best efforts of designers and implementers. In particular it describes examples of data leakage and file stealing (address books, contact lists, SMS messages, pictures) as well as demonstrating how Android devices can create spambots. © 2013 IEEE.
Resumo:
Transitioning towards an improved I.T. security culture that fosters desired I.T. security behaviour and attitudes in individuals is pertinent to any organizational I.T. security strategy. To improve the current I.T. security culture of an organization and its members, an initial assessment covering four core questions was necessary to determine how much of an improvement was needed. The assessments and data collection techniques and corresponding results and findings are presented and discussed. The implications of this research will be of great benefit to both practitioners wanting to improve I.T. security culture and awareness in their organization, and will help to fill the lack empirical research within the academic field of I.T. security. ©2009 IEEE.
Resumo:
Mobile agents are expected to run in partially unknown and untrustworthy environments. They transport from one host to another host through insecure channels and may execute on non-trusted hosts. Thus, they are vulnerable to direct security attacks of intruders and non-trusted hosts. The security of information the agents collect is a fundamental requirement for a trusted implementation of electronic business applications and trade negotiations. This chapter discusses the security protocols presented in the literature that aim to secure the data mobile agents gather while searching the Internet, and identifies the security flaws revealed in the protocols. The protocols are analyzed with respect to the security properties, and the security flaws are identified. Two recent promising protocols that fulfill the various security properties are described. The chapter also introduces common notations used in describing security protocols and describes the security properties of the data that mobile agents gather.
Resumo:
Recently, the Big Data paradigm has received considerable attention since it gives a great opportunity to mine knowledge from massive amounts of data. However, the new mined knowledge will be useless if data is fake, or sometimes the massive amounts of data cannot be collected due to the worry on the abuse of data. This situation asks for new security solutions. On the other hand, the biggest feature of Big Data is "massive", which requires that any security solution for Big Data should be "efficient". In this paper, we propose a new identity-based generalized signcryption scheme to solve the above problems. In particular, it has the following two properties to fit the efficiency requirement. (1) It can work as an encryption scheme, a signature scheme or a signcryption scheme as per need. (2) It does not have the heavy burden on the complicated certificate management as the traditional cryptographic schemes. Furthermore, our proposed scheme can be proven-secure in the standard model. © 2014 Elsevier Inc. All rights reserved.
Resumo:
This thesis analyses and examines the challenges of aggregation of sensitive data and data querying on aggregated data at cloud server. This thesis also delineates applications of aggregation of sensitive medical data in several application scenarios, and tests privatization techniques to assist in improving the strength of privacy and utility.
Resumo:
In 2003, the Shanghai Bureau of Labour and Social Security launched the zhenbao (town insurance) programme, now widely known as 25 plus X. This scheme is regarded as an important experiment in social security reform and has been lauded for extending social security to areas where previously only segments of the population had mandatory coverage. Using data from 103,000 individuals enrolled in 25 plus X, we examine the extent to which the scheme represents an extension in social security coverage. Our analysis suggests that while it does represent an extension of benefits for some, for many it represents a considerable dilution in benefits. © 2009 The author(s). Journal compilation © 2009 International Social Security Association.
