10 resultados para Data security
em Aston University Research Archive
Resumo:
Danish companies are especially prevalent in China where they have found opportunities to exploit their niche position in a number of specialised product areas. As a result, their operations are often well advanced in terms of the levels of technology transferred and the extent of transfer. Transferring technology brings with it risks as well as benefits. Its absorption and dissemination can, in the longer term, bring about new competitors unless measures are taken to prevent leakage of know-how or the technology supplier can stay ahead of the technological race. This paper draws on data from three Danish case companies that are transferring technology to China. The cases are examined within a framework that allows the identification of the companies’ motivations for transfer against their awareness of the techno-economic security issues. In this way it is possible to highlight the strategic and operational approaches that can be taken to obviate the risks involved.
Resumo:
The advent of personal communication systems within the last decade has depended upon the utilization of advanced digital schemes for source and channel coding and for modulation. The inherent digital nature of the communications processing has allowed the convenient incorporation of cryptographic techniques to implement security in these communications systems. There are various security requirements, of both the service provider and the mobile subscriber, which may be provided for in a personal communications system. Such security provisions include the privacy of user data, the authentication of communicating parties, the provision for data integrity, and the provision for both location confidentiality and party anonymity. This thesis is concerned with an investigation of the private-key and public-key cryptographic techniques pertinent to the security requirements of personal communication systems and an analysis of the security provisions of Second-Generation personal communication systems is presented. Particular attention has been paid to the properties of the cryptographic protocols which have been employed in current Second-Generation systems. It has been found that certain security-related protocols implemented in the Second-Generation systems have specific weaknesses. A theoretical evaluation of these protocols has been performed using formal analysis techniques and certain assumptions made during the development of the systems are shown to contribute to the security weaknesses. Various attack scenarios which exploit these protocol weaknesses are presented. The Fiat-Sharmir zero-knowledge cryptosystem is presented as an example of how asymmetric algorithm cryptography may be employed as part of an improved security solution. Various modifications to this cryptosystem have been evaluated and their critical parameters are shown to be capable of being optimized to suit a particular applications. The implementation of such a system using current smart card technology has been evaluated.
Resumo:
We have recently proposed the framework of independent blind source separation as an advantageous approach to steganography. Amongst the several characteristics noted was a sensitivity to message reconstruction due to small perturbations in the sources. This characteristic is not common in most other approaches to steganography. In this paper we discuss how this sensitivity relates the joint diagonalisation inside the independent component approach, and reliance on exact knowledge of secret information, and how it can be used as an additional and inherent security mechanism against malicious attack to discovery of the hidden messages. The paper therefore provides an enhanced mechanism that can be used for e-document forensic analysis and can be applied to different dimensionality digital data media. In this paper we use a low dimensional example of biomedical time series as might occur in the electronic patient health record, where protection of the private patient information is paramount.
Resumo:
This thesis addresses the problem of information hiding in low dimensional digital data focussing on issues of privacy and security in Electronic Patient Health Records (EPHRs). The thesis proposes a new security protocol based on data hiding techniques for EPHRs. This thesis contends that embedding of sensitive patient information inside the EPHR is the most appropriate solution currently available to resolve the issues of security in EPHRs. Watermarking techniques are applied to one-dimensional time series data such as the electroencephalogram (EEG) to show that they add a level of confidence (in terms of privacy and security) in an individual’s diverse bio-profile (the digital fingerprint of an individual’s medical history), ensure belief that the data being analysed does indeed belong to the correct person, and also that it is not being accessed by unauthorised personnel. Embedding information inside single channel biomedical time series data is more difficult than the standard application for images due to the reduced redundancy. A data hiding approach which has an in built capability to protect against illegal data snooping is developed. The capability of this secure method is enhanced by embedding not just a single message but multiple messages into an example one-dimensional EEG signal. Embedding multiple messages of similar characteristics, for example identities of clinicians accessing the medical record helps in creating a log of access while embedding multiple messages of dissimilar characteristics into an EPHR enhances confidence in the use of the EPHR. The novel method of embedding multiple messages of both similar and dissimilar characteristics into a single channel EEG demonstrated in this thesis shows how this embedding of data boosts the implementation and use of the EPHR securely.
Resumo:
This paper addresses the security of a specific class of common watermarking methods based on Dither modulation-quantisation index modulation (DM-QIM) and focusing on watermark-only attacks (WOA). The vulnerabilities of and probable attacks on lattice structure based watermark embedding methods have been presented in the literature. DM-QIM is one of the best known lattice structure based watermarking techniques. In this paper, the authors discuss a watermark-only attack scenario (the attacker has access to a single watermarked content only). In the literature it is an assumption that DM-QIM methods are secure to WOA. However, the authors show that the DM-QIM based embedding method is vulnerable against a guided key guessing attack by exploiting subtle statistical regularities in the feature space embeddings for time series and images. Using a distribution-free algorithm, this paper presents an analysis of the attack and numerical results for multiple examples of image and time series data.
Resumo:
This paper addresses the security of a specific class of common watermarking methods based on Dither modulation-quantisation index modulation (DM-QIM) and focusing on watermark-only attacks (WOA). The vulnerabilities of and probable attacks on lattice structure based watermark embedding methods have been presented in the literature. DM-QIM is one of the best known lattice structure based watermarking techniques. In this paper, the authors discuss a watermark-only attack scenario (the attacker has access to a single watermarked content only). In the literature it is an assumption that DM-QIM methods are secure to WOA. However, the authors show that the DM-QIM based embedding method is vulnerable against a guided key guessing attack by exploiting subtle statistical regularities in the feature space embeddings for time series and images. Using a distribution-free algorithm, this paper presents an analysis of the attack and numerical results for multiple examples of image and time series data.
Resumo:
This paper describes an online survey that was conducted to explore typical Internet users' awareness and knowledge of specific technologies that relate to their security and privacy when using a Web browser to access the Internet. The survey was conducted using an anonymous, online questionnaire. Over a four month period, 237 individuals completed the questionnaire. Respondents were predominately Canadian, with substantial numbers from the United Kingdom and the United States. Important findings include evidence that users have tried to educate themselves regarding their online security and privacy, but with limited success; different interpretations of the term "secure Web site" can lead to very different levels of trust in a site; respondents strongly expressed their skepticism about privacy policies, but nevertheless believe that sites can be trusted to respect their stated policies; and users may confuse browser cookies with other types of data stored locally by browsers, leading to inappropriate conclusions about the risks they present.
Resumo:
Purpose—This article considers North Korea and the notion of crisis, by linking historical development over the Korean peninsula to the conflict resolution literature, and investigates why despite a large number of destabilizing events, a war involving Pyongyang has yet to erupt. Design/methodology—This article uses historical data and a framework developed by Aggarwal et al., in order to highlight patterns of interaction between states such as the United States, North Korea and South Korea, organizations such as the United Nations, as well as processes such as the Six- Party Talks and the Agreed Framework. The article then develops a crisis framework based on conflict resolution and negotiation literature, and applies it to three North Korean administrations. Findings—Findings suggest that an open- ended understanding of time (for all parties involved on the peninsula) leads to an impossibility to reach a threshold where full- scale war would be triggered, thus leaving parties in a stable state of crisis for which escalating moves and de- escalating techniques might become irrelevant. Practical implications—It is hoped that this article will help further endeavors linking conflict resolution theoretical frameworks to the Korean peninsula security situation. In the case of the Korean peninsula, time has been understood as open-ended, leading parties to a lingering state of heightened hostilities that oscillates toward war, but that is controlled enough not to reach it. In-depth analysis of particular security sectors such as nuclear energy, food security, or missile testing would prove particularly useful in understanding the complexity of the Korean peninsula situation to a greater extent. It is hoped that this paper will help further endeavours linking conflict resolution theoretical frameworks to the Korean peninsula security situation. Originality/value—This research suggests that regarding the Korean peninsula, time has been understood as open- ended, leading parties to a lingering state of heightened.
Resumo:
This article considers North Korea and the notion of crisis, by linking historical development over the Korean peninsula to the conflict resolution literature, and investigates why despite a large number of destabilising events, a war involving Pyongyang has yet to erupt. The paper considers historical data and uses a framework developed by Aggarwal et al. in order to highlight patterns of interaction between states such as the United States, North Korea and South Korea, organisations such as the United Nations, as well as processes such as the Six-Party Talk and the Agreed Framework. The paper then develops a crisis framework based on conflict resolution and negotiation literature, and applies it to three North Korean administrations. Findings suggests that an elastic understanding of time (for all parties involved on the peninsula) leads to an impossibility to reach a threshold where full-scale war would be triggered, thus leaving parties in a stable state of crisis for which escalating moves and de-escalating techniques might become irrelevant.