Enhancing Cloud Security and Privacy: The Cloud Audit Problem

Postprint

Enhancing Cloud Security and Privacy: The Power and the Weakness of the Audit Trail

Winner of best paper award.

Organic Surveillance: Security and Myth in the Rural

This project looks at the ways Northeastern Ontario citizens in rural communities regulate their private property through traditional and contemporary surveillance means. Through art and objects, this project allows viewers the opportunity to experience surveillance in rural areas through visual and creative ways that encourage interaction and critique. This project defines organic surveillance by looking at the ways ruralists in Markstay Ontario practice surveillance and deterrence which is influenced by characteristics of land, risks and other determining factors such as psychology, resourcefulness, sustainability, technology and private property. Organic surveillance argues that surveillance and deterrence is prevalent far beyond datamining, GPS tracking and social media. Surveillance and deterrence as methods of survival are found everywhere, even in the farthest, most “wild” and forested areas.

Audit report on the Wireless E-911 Emergency Communications Fund of the Iowa Department of Homeland Security and Emergency Management for the year ended June 30, 2015

Audit report on the Wireless E-911 Emergency Communications Fund of the Iowa Department of Homeland Security and Emergency Management for the year ended June 30, 2015

Efficient Security and Privacy Enhancing Solutions in Untrusted Environments

Thesis (Ph.D.)--University of Washington, 2016-08

Ensuring Mobile Device Security and Compliance at the Workplace

End users urgently request using mobile devices at their workplace. They know these devices from their private life and appreciate functionality and usability, and want to benefit from these advantages at work as well. Limitations and restrictions would not be accepted by them. On the contrary, companies are obliged to employ substantial organizational and technical measures to ensure data security and compliance when allowing to use mobile devices at the workplace. So far, only individual arrangements have been presented addressing single issues in ensuring data security and compliance. However, companies need to follow a comprehensive set of measures addressing all relevant aspects of data security and compliance in order to play it safe. Thus, in this paper at first technical architectures for using mobile devices in enterprise IT are reviewed. Thereafter a set of compliance rules is presented and, as major contribution, technical measures are explained that enable a company to integrate mobile devices into enterprise IT while still complying with these rules comprehensively. Depending on the company context, one or more of the technical architectures have to be chosen impacting the specific technical measures for compliance as elaborated in this paper. Altogether this paper, for the first time, correlates technical architectures for using mobile devices at the workplace with technical measures to assure data security and compliance according to a comprehensive set of rules.

Pervasive eHealth services a security and privacy risk awareness survey

The human factor is often recognised as a major aspect of cyber-security research. Risk and situational perception are identified as key factors in the decision making process, often playing a lead role in the adoption of security mechanisms. However, risk awareness and perception have been poorly investigated in the field of eHealth wearables. Whilst end-users often have limited understanding of privacy and security of wearables, assessing the perceived risks and consequences will help shape the usability of future security mechanisms. This paper present a survey of the the risks and situational awareness in eHealth services. An analysis of the lack of security and privacy measures in connected health devices is described with recommendations to circumvent critical situations.

Constructivism, constitutionalism and the EU's area of freedom security and justice post-Lisbon

This essay addresses the fundamental conceptual challenges which face the development of the Area of Freedom Security and Justice (AFSJ) in the post-Lisbon Treaty era. It argues that Onuf style constructivism is a valid lens with which to examine the development of the AFSJ to date, involving as it does the development of a shared understanding by practitioners, predominantly law enforcement and prosecution professionals, within the structures provided for them, in order to develop a completely new area of law and practice. While this approach will continue to need to be deployed in the development of further new operational areas, such as cybercrime, a new approach is now required, that of constitutionalism. A variety of forms of constitutionalism are then examined in order to establish their suitability as a mode of analysis for these developments.

Security and Trust in Distributed Computation

We propose three research problems to explore the relations between trust and security in the setting of distributed computation. In the first problem, we study trust-based adversary detection in distributed consensus computation. The adversaries we consider behave arbitrarily disobeying the consensus protocol. We propose a trust-based consensus algorithm with local and global trust evaluations. The algorithm can be abstracted using a two-layer structure with the top layer running a trust-based consensus algorithm and the bottom layer as a subroutine executing a global trust update scheme. We utilize a set of pre-trusted nodes, headers, to propagate local trust opinions throughout the network. This two-layer framework is flexible in that it can be easily extensible to contain more complicated decision rules, and global trust schemes. The first problem assumes that normal nodes are homogeneous, i.e. it is guaranteed that a normal node always behaves as it is programmed. In the second and third problems however, we assume that nodes are heterogeneous, i.e, given a task, the probability that a node generates a correct answer varies from node to node. The adversaries considered in these two problems are workers from the open crowd who are either investing little efforts in the tasks assigned to them or intentionally give wrong answers to questions. In the second part of the thesis, we consider a typical crowdsourcing task that aggregates input from multiple workers as a problem in information fusion. To cope with the issue of noisy and sometimes malicious input from workers, trust is used to model workers' expertise. In a multi-domain knowledge learning task, however, using scalar-valued trust to model a worker's performance is not sufficient to reflect the worker's trustworthiness in each of the domains. To address this issue, we propose a probabilistic model to jointly infer multi-dimensional trust of workers, multi-domain properties of questions, and true labels of questions. Our model is very flexible and extensible to incorporate metadata associated with questions. To show that, we further propose two extended models, one of which handles input tasks with real-valued features and the other handles tasks with text features by incorporating topic models. Our models can effectively recover trust vectors of workers, which can be very useful in task assignment adaptive to workers' trust in the future. These results can be applied for fusion of information from multiple data sources like sensors, human input, machine learning results, or a hybrid of them. In the second subproblem, we address crowdsourcing with adversaries under logical constraints. We observe that questions are often not independent in real life applications. Instead, there are logical relations between them. Similarly, workers that provide answers are not independent of each other either. Answers given by workers with similar attributes tend to be correlated. Therefore, we propose a novel unified graphical model consisting of two layers. The top layer encodes domain knowledge which allows users to express logical relations using first-order logic rules and the bottom layer encodes a traditional crowdsourcing graphical model. Our model can be seen as a generalized probabilistic soft logic framework that encodes both logical relations and probabilistic dependencies. To solve the collective inference problem efficiently, we have devised a scalable joint inference algorithm based on the alternating direction method of multipliers. The third part of the thesis considers the problem of optimal assignment under budget constraints when workers are unreliable and sometimes malicious. In a real crowdsourcing market, each answer obtained from a worker incurs cost. The cost is associated with both the level of trustworthiness of workers and the difficulty of tasks. Typically, access to expert-level (more trustworthy) workers is more expensive than to average crowd and completion of a challenging task is more costly than a click-away question. In this problem, we address the problem of optimal assignment of heterogeneous tasks to workers of varying trust levels with budget constraints. Specifically, we design a trust-aware task allocation algorithm that takes as inputs the estimated trust of workers and pre-set budget, and outputs the optimal assignment of tasks to workers. We derive the bound of total error probability that relates to budget, trustworthiness of crowds, and costs of obtaining labels from crowds naturally. Higher budget, more trustworthy crowds, and less costly jobs result in a lower theoretical bound. Our allocation scheme does not depend on the specific design of the trust evaluation component. Therefore, it can be combined with generic trust evaluation algorithms.

Children's mental representations of attachment: associations with attachment security and parent-child narrative quality

The goal of this study was to examine the antecedents and correlates of children’s mental representations of attachment at 5 years (Attachment Story Completion Task, Bretherton, Ridgeway, & Cassidy, 1990; MacArthur Story Stem Battery, Bretherton, Oppenheim, Buchsbaum, Emde, & the MacArthur Narrative Group, 1990). Predictors included children’s attachment security with mothers and fathers assessed via the Attachment Q-Set (AQS, Waters, 1987) at 3 years, and parent-child narrative quality regarding positive and negative events at 5 years. Participants included 71 children and their mothers and fathers. Structural equation models (SEM) indicated that children’s attachment security exerted a significant indirect effect on children’s mental representations through parent-child narrative quality. Specifically, children’s attachment security with fathers was related to their mental representations via father-child reminiscing about positive events, and children’s attachment security with mothers was related to their mental representations via mother-child reminiscing about negative events. Results are discussed in terms of the development and implications of attachment relationships within the family context.

Social security and railroad retirement enactments in the 97th Congress within jurisdiction of the Committee on Ways and Means : Omnibus Budget Reconciliation Act and Economic Recovery Tax Act of 1981 /

At head of title: 97th Congress, 1st session. Committee print. WMCP: 97-15.

The relationship between Security and Health: A New Paradigm for the United Nations Security Council?

One of the aspects related to biolaw is that related to security and health. In other words, using the expression of relevant authorities on this subject, “the securitization of health” and, those situations connected with the Security Council labour in the last decades, may constitute an interesting subject. Beginning with the role of the UN blue helmets in many countries where the expansion of HIV/AIDS is usual, followed by the expansion of some diseases in Haiti, together with the Ebola “crisis” in 2014 and connected with the efforts of the World Health Organization to fight against the zika...what is the role played by the United Nations Security Council on this field, trying to establish a relationship between security and health?

A study on situational awareness security and privacy of wearable health monitoring devices

Situational Awareness provides a user centric approach to security and privacy. The human factor is often recognised as the weakest link in security, therefore situational perception and risk awareness play a leading role in the adoption and implementation of security mechanisms. In this study we assess the understanding of security and privacy of users in possession of wearable devices. The findings demonstrate privacy complacency, as the majority of users trust the application and the wearable device manufacturer. Moreover the survey findings demonstrate a lack of understanding of security and privacy by the sample population. Finally the theoretical implications of the findings are discussed.

Iowa Homeland Security and Emergency Management, Enhanced 911 Status Report, January 15, 2014

The Iowa Homeland Security and Emergency Management Department administers the E911 Program per Code of Iowa, Chapter 34A to protect the health, safety, and welfare of the people of Iowa. Iowa has 115 Public Safety Answering Points across 99 counties that handle both landline and wireless 911 calls for the citizens of Iowa.Enhanced 911 (E911) means a service which provides the user of a public telephone system the ability to reach a public safety answering point (PSAP) by dialing the digits 911.

Iowa Homeland Security and Emergency Management 2014 Annual Report

This annual report highlights the many programs and initiatives with which the Iowa Homeland Security and Emergency Management Division is involved.