791 resultados para Secure and Resilient Infrastructure
Resumo:
Collecting data via a questionnaire and analyzing them while preserving respondents’ privacy may increase the number of respondents and the truthfulness of their responses. It may also reduce the systematic differences between respondents and non-respondents. In this paper, we propose a privacy-preserving method for collecting and analyzing survey responses using secure multi-party computation (SMC). The method is secure under the semi-honest adversarial model. The proposed method computes a wide variety of statistics. Total and stratified statistical counts are computed using the secure protocols developed in this paper. Then, additional statistics, such as a contingency table, a chi-square test, an odds ratio, and logistic regression, are computed within the R statistical environment using the statistical counts as building blocks. The method was evaluated on a questionnaire dataset of 3,158 respondents sampled for a medical study and simulated questionnaire datasets of up to 50,000 respondents. The computation time for the statistical analyses linearly scales as the number of respondents increases. The results show that the method is efficient and scalable for practical use. It can also be used for other applications in which categorical data are collected.
Resumo:
Cloud storage has rapidly become a cornerstone of many businesses and has moved from an early adopters stage to an early majority, where we typically see explosive deployments. As companies rush to join the cloud revolution, it has become vital to create the necessary tools that will effectively protect users' data from unauthorized access. Nevertheless, sharing data between multiple users' under the same domain in a secure and efficient way is not trivial. In this paper, we propose Sharing in the Rain – a protocol that allows cloud users' to securely share their data based on predefined policies. The proposed protocol is based on Attribute-Based Encryption (ABE) and allows users' to encrypt data based on certain policies and attributes. Moreover, we use a Key-Policy Attribute-Based technique through which access revocation is optimized. More precisely, we show how to securely and efficiently remove access to a file, for a certain user that is misbehaving or is no longer part of a user group, without having to decrypt and re-encrypt the original data with a new key or a new policy.
Resumo:
A bi-weekly newsletter for those involved in the fields of homeland security and/or emergency management.
Resumo:
A bi-weekly newsletter for those involved in the fields of homeland security and/or emergency management.
Resumo:
Over the past 15 years, the number of international development projects aimed at combating global poverty has increased significantly. Within the water and sanitation sector however, and despite heightened global attention and an increase in the number of infrastructure projects, over 800 million people remain without access to appropriate water and sanitation facilities. The majority of donor aid in the water supply and sanitation sector of developing countries is delivered through standalone projects. The quality of projects at the design and preparation stage is a critical determinant in meeting project objectives. The quality of projects at early stage of design, widely referred to as quality at entry (QAE), however remains unquantified and largely subjective. This research argues that water and sanitation infrastructure projects in the developing world tend to be designed in the absence of a specific set of actions that ensure high QAE, and consequently have relatively high rates of failure. This research analyzes 32 cases of water and sanitation infrastructure projects implemented with partial or full World Bank financing globally from 2000 – 2010. The research uses categorical data analysis, regression analysis and descriptive analysis to examine perceived linkages between project QAE and project development outcomes and determines which upstream project design factors are likely to impact the QAE of international development projects in water supply and sanitation. The research proposes a number of specific design stage actions that can be incorporated into the formal review process of water and sanitation projects financed by the World Bank or other international development partners.
Resumo:
Healthcare systems have assimilated information and communication technologies in order to improve the quality of healthcare and patient's experience at reduced costs. The increasing digitalization of people's health information raises however new threats regarding information security and privacy. Accidental or deliberate data breaches of health data may lead to societal pressures, embarrassment and discrimination. Information security and privacy are paramount to achieve high quality healthcare services, and further, to not harm individuals when providing care. With that in mind, we give special attention to the category of Mobile Health (mHealth) systems. That is, the use of mobile devices (e.g., mobile phones, sensors, PDAs) to support medical and public health. Such systems, have been particularly successful in developing countries, taking advantage of the flourishing mobile market and the need to expand the coverage of primary healthcare programs. Many mHealth initiatives, however, fail to address security and privacy issues. This, coupled with the lack of specific legislation for privacy and data protection in these countries, increases the risk of harm to individuals. The overall objective of this thesis is to enhance knowledge regarding the design of security and privacy technologies for mHealth systems. In particular, we deal with mHealth Data Collection Systems (MDCSs), which consists of mobile devices for collecting and reporting health-related data, replacing paper-based approaches for health surveys and surveillance. This thesis consists of publications contributing to mHealth security and privacy in various ways: with a comprehensive literature review about mHealth in Brazil; with the design of a security framework for MDCSs (SecourHealth); with the design of a MDCS (GeoHealth); with the design of Privacy Impact Assessment template for MDCSs; and with the study of ontology-based obfuscation and anonymisation functions for health data.
Resumo:
The Division of Professional and Occupational Licensing is an administrative unit within the Department of Labor, Licensing, and Regulation that provides support to 40 professional and occupational regulatory boards. All board members need documents to review during the meeting. Some boards use a fleet of dated laptops during the meetings to give board members the meeting materials in PDF format; however many of boards still print the meeting materials and put them into binders. .In today's age, there has to be a more efficient way to conduct meetings without all of the paper. This paper explores alternatives to paper and laptops for use at these meetings. It was concluded that a tablet with a Windows Operating System would be the best way to go.
Importance of a resilient air services network to Australian remote, rural, and regional communities
Resumo:
Rural, regional, and remote settlements in Australia require resilient infrastructure to remain sustainable in a context characterized by frequent large-scale natural disasters, long distances between urban centers, and the pressures of economic change. A critical aspect of this infrastructure is the air services network, a system of airports, aircraft operators, and related industries that enables the high-speed movement of people, goods, and services to remote locations. A process of deregulation during the 1970s and 1980s resulted in many of these airports passing into local government and private ownership, and the rationalization of the industry saw the closure of a number of airlines and airports. This paper examines the impacts of deregulation on the resilience of air services and the contribution that they make to regional and rural communities. In particular, the robustness, redundancy, resourcefulness, and rapidity of the system are examined. The conclusion is that while the air services network has remained resilient in a situation of considerable change, the pressures of commercialization and the tendency to manage aspects of the system in isolation have contributed to a potential decrease in overall resilience.
Resumo:
Nowadays, most of the infrastructure development projects undertaken are complex in nature. Practically, public clients who do not have a good understanding of the design and management may suffer severe losses, especially for infrastructure projects. There is a need for luring the right consultant to secure client's investment in infrastructure developments. Throughout the project life cycle, consultants play vital role from the inception to completion stage of a project. A few studies in Malaysia show that infrastructure projects involving irrigation and drainage have experience problems such as poor workmanship, delay and cost overrun due to the consultant's inability or the client incompetence of recruiting consultants in time. This highlights the need of aided decision making and an efficient system to select the best consultant by using Decision Support System (DSS). On the other hand, recent trends reveal that most DSS in construction only concentrate on decision model development. These models are impractical and unused as they are complicated or difficult for laymen such as project managers to utilize. Thus, this research attempts to develop an efficient DSS for consultant selection namely consultDeSS. Driven by the motivation and research aims, this study deployed Design Science Research Methodology (DSRM) dominant with a combination of case studies at the Malaysian Department of Irrigation and Drainage (DID). Two real projects involving irrigation and drainage infrastructure were used to design, implement and evaluate the artefact. The 3-tier consultDeSS was revised after the evaluation and the design was significantly improved based on user feedback. By developing desirable tools that fit client's needs will enhance the productivity and minimize conflict within groups and organisations. The tool is more usable and efficient compared to previous studies in construction. Thus, this research has demonstrated a purposeful artefact with a practical and valid structured development approach that is applicable in a variety of problems in construction discipline.
Resumo:
Access to clean water is essential for human life and a critical issue facing much of modern society, especially as a result of the 21st Century triad of challenges – population growth, resource scarcity and pollution – which contribute to the rising complexity of providing adequate access to this essential resource for large parts of society. As such, there is now an increasing need for innovative solutions to source, treat and distribute water to cities across the globe. This position paper explores biomimicry – emulating natural form, function, process and systems – as an alternative and sustainable design approach to traditional water infrastructure systems. The key barriers to innovations such as biomimicry are summarised, indicating that regulatory and economic grounds are some of the major hindrances to integrating alternative design approaches in the water sector in developed countries. This paper examines some of the benefits of moving past these barriers to develop sustainable, efficient and resilient solutions that provide adequate access to water in the face of contemporary challenges.
Resumo:
Over the past several years, a number of design approaches in wireless mesh networks have been introduced to support the deployment of wireless mesh networks (WMNs). We introduce a novel wireless mesh architecture that supports authentication and authorisation functionalities, giving the possibility of a seamless WMN integration into the home's organization authentication and authorisation infrastructure. First, we introduce a novel authentication and authorisation mechanism for wireless mesh nodes. The mechanism is designed upon an existing federated access control approach, i.e. the AAI infrastructure that is using just the credentials at the user's home organization in a federation. Second, we demonstrate how authentication and authorisation for end users is implemented by using an existing web-based captive portal approach. Finally, we observe the difference between the two and explain in detail the process flow of authorized access to network resources in wireless mesh networks. The goal of our wireless mesh architecture is to enable easy broadband network access to researchers at remote locations, giving them additional advantage of a secure access to their measurements, irrespective of their location. It also provides an important basis for the real-life deployment of wireless mesh networks for the support of environmental research.
Resumo:
Executive summary
Digital systems have transformed, and will continue to transform, our world. Supportive government policy, a strong research base and a history of industrial success make the UK particularly well-placed to realise the benefits of the emerging digital society. These benefits have already been substantial, but they remain at risk. Protecting the benefits and minimising the risks requires reliable and robust cybersecurity, underpinned by a strong research and translation system.
Trust is essential for growing and maintaining participation in the digital society. Organisations earn trust by acting in a trustworthy manner: building systems that are reliable and secure, treating people, their privacy and their data with respect, and providing credible and comprehensible information to help people understand how secure they are.
Resilience, the ability to function, adapt, grow, learn and transform under stress or in the face of shocks, will help organisations deliver systems that are reliable and secure. Resilient organisations can better protect their customers, provide more useful products and services, and earn people’s trust.
Research and innovation in industry and academia will continue to make important contributions to creating this resilient and trusted digital environment. Research can illuminate how best to build, assess and improve digital systems, integrating insights from different disciplines, sectors and around the globe. It can also generate advances to help cybersecurity keep up with the continued evolution of cyber risks.
Translation of innovative ideas and approaches from research will create a strong supply of reliable, proven solutions to difficult to predict cybersecurity risks. This is best achieved by maximising the diversity and number of innovations that see the light of day as products.
Policy, practice and research will all need to adapt. The recommendations made in this report seek to set up a trustworthy, self-improving and resilient digital environment that can thrive in the face of unanticipated threats, and earn the trust people place in it.
Innovation and research will be particularly important to the UK’s economy as it establishes a new relationship with the EU. Cybersecurity delivers important economic benefits, both by underpinning the digital foundations of UK business and trade and also through innovation that feeds directly into growth. The findings of this report will be relevant regardless of how the UK’s relationship to the EU changes.
Headline recommendations
● Trust: Governments must commit to preserving the robustness of encryption, including end-to-end encryption, and promoting its widespread use. Encryption is a foundational security technology that is needed to build user trust, improve security standards and fully realise the benefits of digital systems.
● Resilience: Government should commission an independent review of the UK’s future cybersecurity needs, focused on the institutional structures needed to support resilient and trustworthy digital systems in the medium and longer term. A self-improving, resilient digital environment will need to be guided and governed by institutions that are transparent, expert and have a clear and widely-understood remit.
● Research: A step change in cybersecurity research and practice should be pursued; it will require a new approach to research, focused on identifying ambitious high-level goals and enabling excellent researchers to pursue those ambitions. This would build on the UK's existing strengths in many aspects of cybersecurity research and ultimately help build a resilient and trusted digital sector based on excellent research and world-class expertise.
● Translation: The UK should promote a free and unencumbered flow of cybersecurity ideas from research to practical use and support approaches that have public benefits beyond their short term financial return. The unanticipated nature of future cyber threats means that a diverse set of cybersecurity ideas and approaches will be needed to build resilience and adaptivity. Many of the most valuable ideas will have broad security benefits for the public, beyond any direct financial returns.
Resumo:
Monitoring urban growth and land-use change is an important issue for sustainable infrastructure planning. Rapid urban development, sprawl and increasing population pressure, particularly in developing nations, are resulting in deterioration of infrastructure facilities, loss of productive agricultural lands and open spaces, pollution, health hazards and micro-climatic changes. In addressing these issues effectively, it is crucial to collect up-to-date and accurate data and monitor the changing environment at regular intervals. This chapter discusses the role of geospatial technologies for mapping and monitoring the changing environment and urban structure, where such technologies are highly useful for sustainable infrastructure planning and provision.
