41 |
Ethical and quality of care-related challenges of digital health twins in older care settings: Protocol for a scoping reviewMd Shafiqur Rahman, Jabin,, Yaroson, E.V., Ilodibe, A., Eldabi, Tillal 24 February 2024 (has links)
Yes / Digital health twins (DHTs) have been evolving with their diverse applications in medicine, specifically in older care settings, with the increasing demands of older adults. DHTs have already contributed to improving the quality of dementia and trauma care, cardiac treatment, and health care services for older individuals. Despite its many benefits, the optimum implementation of DHTs has faced several challenges associated with ethical issues, quality of care, management and leadership, and design considerations in older care settings. Since the need for such care is continuously rising and there is evident potential for DHTs to meet those needs, this review aims to map key concepts to address the gaps in the research knowledge to improve DHT implementation.
The review aims to compile and synthesize the best available evidence regarding the problems encountered by older adults and care providers associated with the application of DHTs. The synthesis will collate the evidence of the issues associated with quality of care, the ethical implications of DHTs, and the strategies undertaken to overcome those challenges in older care settings.
The review will follow the Joanna Briggs Institute (JBI) methodology. The published studies will be searched through CINAHL, MEDLINE, JBI, and Web of Science, and the unpublished studies through Mednar, Trove, OCLC WorldCat, and Dissertations and Theses. Studies published in English from 2002 will be considered. This review will include studies of older individuals (aged 65 years or older) undergoing care delivery associated with DHTs and their respective care providers. The concept will include the application of the technology, and the context will involve studies based on the older care setting. A broad scope of evidence, including quantitative, qualitative, text and opinion studies, will be considered. A total of 2 independent reviewers will screen the titles and s and then review the full text. Data will be extracted from the included studies using a data extraction tool developed for this study.
The results will be presented in a PRISMA-ScR (Preferred Reporting Items for Systematic Review and Meta-Analysis extension for Scoping Reviews) flow diagram. A draft charting table will be developed as a data extraction tool. The results will be presented as a "map" of the data in a logical, diagrammatic, or tabular form in a descriptive format.
The evidence synthesis is expected to uncover the shreds of evidence required to address the ethical and care quality-related challenges associated with applying DHTs. A synthesis of various strategies used to overcome identified challenges will provide more prospects for adopting them elsewhere and create a resource allocation model for older individuals.
DERR1-10.2196/51153. / A publishing grant has been received from Linnaeus University as part of the University Library’s research support.
|
42 |
GARBLED COMPUTATION: HIDING SOFTWARE, DATAAND COMPUTED VALUESShoaib Amjad Khan (19199497) 27 July 2024 (has links)
<p dir="ltr">This thesis presents an in depth study and evaluation of a class of secure multiparty protocols that enable execution of a confidential software program $\mathcal{P}$ owned by Alice, on confidential data $\mathcal{D}$ owned by Bob, without revealing anything about $\mathcal{P}$ or $\mathcal{D}$ in the process. Our initial adverserial model is an honest-but-curious adversary, which we later extend to a malicious adverarial setting. Depending on the requirements, our protocols can be set up such that the output $\mathcal{P(D)}$ may only be learned by Alice, Bob, both, or neither (in which case an agreed upon third party would learn it). Most of our protocols are run by only two online parties which can be Alice and Bob, or alternatively they could be two commodity cloud servers (in which case neither Alice nor Bob participate in the protocols' execution - they merely initialize the two cloud servers, then go offline). We implemented and evaluated some of these protocols as prototypes that we made available to the open source community via Github. We report our experimental findings that compare and contrast the viability of our various approaches and those that already exist. All our protocols achieve the said goals without revealing anything other than upper bounds on the sizes of program and data.</p><p><br></p>
|
43 |
The right to privacy : how the proposed POPI Bill will impact data security in a cloud computing environmentBasson, Benhardus 04 1900 (has links)
Thesis (MComm)--Stellenbosch University, 2014. / ENGLISH ABSTRACT: The growing popularity and continuing development of cloud computing services is ever evolving and is slowly being integrated into our daily lives through our interactions with electronic devices. Cloud Computing has been heralded as the solution for enterprises to reduce information technology infrastructure cost by buying cloud services as a utility. While this premise is generally correct, in certain industries for example banking, the sensitive nature of the information submitted to the cloud for storage or processing places information security responsibilities on the party using the cloud services as well as the party providing them. Problems associated with cloud computing are loss of control, lack of trust between the contracting parties in the cloud relationship (customer and cloud service provider) and segregating data securely in the virtual environment.
The risk and responsibilities associated with data loss was previously mainly reputational in nature but with the promulgation and signing by the South African Parliament of the Protection of Personal Information Bill (POPI) in August 2013 these responsibilities to protect information are in the process to be legislated in South Africa. The impact of the new legislation on the cloud computing environment needs to be investigated as the requirements imposed by the Bill might render the use of cloud computing in regard to sensitive data nonviable without replacing some of the IT infrastructure cost benefits that cloud computing allows with increased data security costs.
In order to investigate the impact of the new POPI legislation on cloud computing, the components and characteristics of the cloud will be studied and differentiated from other forms of computing.
The characteristics of cloud computing are the unique identifiers that differentiate it from Grid and Cluster computing. The component study is focused on the service and deployment models that can be associated with cloud computing. The understanding obtained will be used to compile a new definition of cloud computing. By utilizing the cloud definition of what components and processes constitute cloud computing the different types of data security processes and technical security measures can be implemented are studied. This will include information management and governance policies as well as technical security measures such as encryption and virtualisation security. The last part of the study will be focussed on the Bill and the legislated requirements and how these can be complied with using the security processes identified in the rest of the study. The new legislation still has to be signed by the State President after which businesses will have one year to comply and due to the short grace period businesses need to align their business practices with the proposed requirements. The impact is wide ranging from implementing technical information security processes to possible re-drafting of service level agreements with business partners that share sensitive information. The study will highlight the major areas where the Bill will impact businesses as well as identifying possible solutions that could be implemented by cloud computing users when storing or processing data in the cloud. / AFRIKAANSE OPSOMMING: Die groei in gewildheid en die ontwikkeling van wolkbewerking dienste is besig om te verander en is stadig besig om in ons daaglikse lewens geintegreer te word deur ons interaksie met elektroniese toestelle. Wolkbewerking word voorgehou as ‘n oplossing vir besighede om hul inligtings tegnologie infrastruktuur kostes te verminder deur dienste te koop soos hulle dit benodig. Alhoewel die stelling algemeen as korrek aanvaar word, kan spesifieke industrië soos byvoorbeeld die bankwese se inligting so sensitief wees dat om die inligting aan wolkbewerking bloot te stel vir berging en prosesseering dat addisionele verantwoodelikhede geplaas op die verantwoordelike partye wat die wolk dienste gebruik sowel as die persone wat dit voorsien. Probleme geassosieër met wolk- bewerking is die verlies aan beheer, gebrekkige vertroue tussen kontakteurende partye in die wolk verhouding (verbruiker en wolk dienste verskaffer) en die beveiliging van verdeelde inligting in die virtuele omgewing.
Die risiko’s en verantwoordelikhede geassosieër met inligtings verlies was voorheen grootliks gebasseer op die skade wat aan die besigheid se reputasie aangedoen kan word, maar met die publiseering en ondertekening deur die Suid-Afrikaans Parliament van die Beskerming van Persoonlike Inligting Wet (BVPI) in Augustus 2013 is hierdie verantwoordelikhede in die proses om in wetgewing in Suid Afrika vas gelê te word. Die impak van die nuwe wetgewing op die wolkbewering omgewing moet ondersoek word omdat die vereistes van die Wet die gebruik van wolkbewerking in terme van sensitiewe inligting so kan beinvloed dat dit nie die moeite werd kan wees om te gebruik nie, en veroorsaak dat addisionele verminderde IT infrastruktuur koste voordele vervang moet word met addisionele inligting beveiligings kostes.
Om die impak van die nuwe BVPI wetgewing op wolkbewerking te ondersoek moet die komponente en karakter eienskappe van die wolk ondersoek word om vas te stel wat dit uniek maak van ander tipes rekenaar bewerking. Die karakter eienskappe van wolkbewerking is die unieke aspekte wat dit apart identifiseer van Rooster en Groep rekenaar bewerking. Die komponente studie sal fokus op die dienste en implimenterings modelle wat geassosieer word met wolkbewerking. Die verstandhouding wat deur voorsafgaande studie verkry is sal dan gebruik word om ‘n nuwe definisie vir wolkbewerking op te stel. Deur nou van die definisie gebruik te maak kan die inligtings sekuriteit prosesse en tegniese sekuriteits maatreëls wat deur die verantwoordelike party en die wolkbewerkings dienste verskaffer gebruik kan word om die komponente en prosesse te beveilig bestudeer word. Die studie sal insluit, inligtings bestuur prosesse en korporatiewe bestuur asook tegniese beveiligings maatreels soos kodering en virtualisasie sekuriteit. Die laaste deel van die studie sal fokus op die BVPI wetgewing en die vereistes en hoe om daaraan te voldoen deur die sekuritiets maatreëls geidentifiseer in die res van die studie te implimenteer. Die nuwe wetgewing moet nog deur die Staats President onderteken word waarna besighede ‘n jaar sal he om aan die vereistes te voldoen en omdat die periode so kort is moet besighede hulself voorberei en besigheid prosesse aanpas. Die impak van die wetgewing strek baie wyd en beinvloed van tegnise inligtings beveiligings prosesse tot kontrakte aangaande diens lewering wat dalk oor opgestel moet word tussen partye wat sensitiewe inligting uitruil. Die studie sal die prominente areas van impak uitlig asook die moontlike oplossings wat gebruik kan word deur partye wat wolkbewerking gebruik om inligting te stoor of te bewerk.
|
44 |
Acreditação legal do prontuário odontológico digital, sua aplicabilidade na certificação digital e a responsabilidade civilMendes, Tamirys Fernandes 14 December 2018 (has links)
Diante dos recursos e avanços tecnológicos na área da saúde, a certificação digital vem ganhando espaço na área médica e odontológica, sendo utilizados e aplicados por clínicas de grande porte, hospitais, centros de saúde. Devido ao conhecimento público sobre as questões ética e legais que envolvem os cuidados com a saúde, os processos judiciais contra os cirurgiões-dentistas, aumentaram consideravelmente, e o seu único meio de prova é a correta e adequada confecção do prontuário odontológico e no caso do prontuário digital os cuidados e atenção devem ser redobrados. Para tanto, o presente estudo examinou os aspectos éticos e legais do prontuário odontológico digital perante a Justiça, relacionando a segurança, a privacidade e a validade jurídica enquanto meio de prova, nos termos do novo Código de Processo Civil, e a importância e aplicabilidade da certificação digital na Odontologia. A análise da literatura permitiu verificar que a certificação digital é realidade em outras áreas profissionais e está sendo cada vez mais aceita e aplicada como identidade pessoal dentro do ambiente virtual, garantindo integridade e inviolabilidade aos que se beneficiam desse tipo de segurança. Para que o prontuário digital possa ser considerado seguro, ele deve apresentar mecanismos capazes de assegurar autenticidade, confidencialidade e integridade dos documentos. Adicionalmente, deve ser digitalizado com emprego de certificado digital emitido no âmbito da Infraestrutura de Chaves Públicas Brasileiras. As tecnologias empregadas devem proteger os princípios e fundamentos do nosso ordenamento jurídico pátrio, bem como a dignidade humana dos indivíduos e sua intimidade, garantindo as ferramentas necessárias para a sua fiscalização. / Having in mind the massive information in advanced technology envolving health matters, the digital prontuaries happen to be more oftenlly used in Hospitals, Dental clinics and other health institutions. Due to the globalization, the cityzens themselves, developed more a know ledgement about their legal rigths, concerning dental and medical procedures. In the other hand, the health professionals have in their majority, only paper prontuaries, whitch can be easilly adulterated. The aim of this work is to analise the digital dental and medical prontuaries avaiable and determinate their security for both, patients and professionals, by the scope of the Justice and ethical matters. All the study was based on the \"New Brazilian Civil Law Code. The recall of the studyied literature, allowed us to verify that the digital certification, has been used to pervente any kind of frauds. In deed, this softwares have to be developed by informatic personel, but always following the Structured Brazilian Public Keys, in order to the rigths of the envolved parts can be assured.
|
45 |
Spectrum Sharing, Latency, and Security in 5G Networks with Application to IoT and Smart GridParvez, Imtiaz 22 October 2018 (has links)
The surge of mobile devices, such as smartphones, and tables, demands additional capacity. On the other hand, Internet-of-Things (IoT) and smart grid, which connects numerous sensors, devices, and machines require ubiquitous connectivity and data security. Additionally, some use cases, such as automated manufacturing process, automated transportation, and smart grid, require latency as low as 1 ms, and reliability as high as 99.99\%. To enhance throughput and support massive connectivity, sharing of the unlicensed spectrum (3.5 GHz, 5GHz, and mmWave) is a potential solution. On the other hand, to address the latency, drastic changes in the network architecture is required. The fifth generation (5G) cellular networks will embrace the spectrum sharing and network architecture modifications to address the throughput enhancement, massive connectivity, and low latency.
To utilize the unlicensed spectrum, we propose a fixed duty cycle based coexistence of LTE and WiFi, in which the duty cycle of LTE transmission can be adjusted based on the amount of data. In the second approach, a multi-arm bandit learning based coexistence of LTE and WiFi has been developed. The duty cycle of transmission and downlink power are adapted through the exploration and exploitation. This approach improves the aggregated capacity by 33\%, along with cell edge and energy efficiency enhancement. We also investigate the performance of LTE and ZigBee coexistence using smart grid as a scenario.
In case of low latency, we summarize the existing works into three domains in the context of 5G networks: core, radio and caching networks. Along with this, fundamental constraints for achieving low latency are identified followed by a general overview of exemplary 5G networks. Besides that, a loop-free, low latency and local-decision based routing protocol is derived in the context of smart grid. This approach ensures low latency and reliable data communication for stationary devices.
To address data security in wireless communication, we introduce a geo-location based data encryption, along with node authentication by k-nearest neighbor algorithm. In the second approach, node authentication by the support vector machine, along with public-private key management, is proposed. Both approaches ensure data security without increasing the packet overhead compared to the existing approaches.
|
46 |
Exploring the Critical Factors for the adoption of Enterprise Cloud ComputingHsu, Chen-hou 12 August 2011 (has links)
With advances in information technology, various cloud computing related research and development has become a hot trend. Except the vast amount of studies and reports appearing in local magazines and newspapers, government agencies have also set up corresponding R & D projects. However, most of these studies focus on the infrastructure or platform level of the cloud. For example, the projects for Infrastructure as a Service (IaaS) include the Cloud Computing Center for Mobile Application at Industrial Technology Research Institute (ITRI), the Cloud Service and Technology Center at Information Industry Institute (III) and the already launched ¡§hiCloud¡¨ at Chunghwa Telecom Corporation. In the business side, there is TCloud Computing that does the development of both "Infrastructure" and "Platform as a Service" (PaaS). As to Software as a Service (SaaS) related research, III has gathered 10 domestic companies to participate the co-operation plans for education cloud, manufacture cloud, ¡K and practice cloud, a total of nine cloud services. However, they are all in the early stages without much success stories or usages.
The study of this thesis is angled toward business needs, from the point of resource-based analysis to see how a firm will be affected if introduction of SaaS to business. In particular, we will study this subject from four dimensions, which are the competitiveness of enterprises, IT outsourcing strategy, cost structure analysis and data security technology, to identify the possible critical factors for the introduction for cloud computing services. As most people are perceived, cloud computing has a comparative advantage of cost saving over traditional approach.
|
47 |
Implementando segurança e controle em redes de computadores / Implementing security and control in computer networksBertholdo, Leandro Márcio January 1997 (has links)
O crescimento e proliferação da Internet nos últimos anos tem trazido à tona vários problemas relativos à segurança e operacionabilidade das máquinas de universidades e empresas. Inúmeras invasões são realizadas anualmente. Entretanto, a grande maioria delas não possui registro algum, sendo muitas vezes de total desconhecimento do administrador local. Para prover soluções para estes problemas foi realizado um estudo, aqui apresentado, que tem como principal objetivo propor uma filosofia de gerência de segurança. São utilizados para isso conceitos de gerenciamento de redes como SNMPv2, aliado à implementação de um conjunto de ferramentas que garantam a integridade dos vários sistemas envolvidos. O resultado foi um sistema denominado CUCO1, que alerta sobre tentativas de ataque e situações de risco. CUCO foi projetado para permitir a um administrador, protegido ou não por uma firewall, dispor de um controle maior e melhor sobre acessos e tentativas de acessos indevidos à sua rede. O sistema usa uma estratégia de monitoração de eventos em diferentes níveis e aplicações, tentando com isto detectar e alertar a ocorrência de ataques tradicionais. Também está incorporado um bloco de funções que visam identificar um agressor situado em algum lugar da Internet, e obter maiores informações sobre ele e o domínio onde esta localizado. / The Internet increase and proliferation in the last years has brought a lot of problems related to the security and handling of hosts in universities and corporations. Many break-ins are done each year, without any record or knowledge by the site’s administrator. To give solutions to this problems was made up a study, here presented, has as the main goal the proposal of a security management philosophy. Are used network management concepts, joined with a toolkit to ensure the integrity of many systems envolved. The result was a system named CUCO2, that alerts about attacks and risks situations. CUCO was designed to allow an administrator, protected or not by firewall, to have a bigger and better access control in his network. The system uses an event monitor strategy in different levels and applications, trying to detect and alert the occurrence of common attacks. Moreover, it is also incorporated by a set of functions that attempt to identify aggressor’s location in any place in the Internet, and get information about him and the domain where he is located.
|
48 |
Distributed trust management mechanism for the internet of things using a multi-service approachMendoza, Carolina Veronica Lezama January 2014 (has links)
Orientador: Prof. Dr. João Henrique Kleinschmidt / Dissertação (mestrado) - Universidade Federal do ABC, Programa de Pós-Graduação em Engenharia da Informação, 2015. / Na Internet das Coisas os objetos físicos têm um componente virtual capaz de prover ou requisitar determinados serviços. É uma tendência que trará vantagens sem precedentes para a automação de processos e diversas aplicações. A análise de modelos de gerenciamento de confiança para IoT para detectar comportamentos maliciosos tem recebido poucas contribuições da comunidade científica. Alguns pesquisadores trataram desta questão, mas poucos trabalhos analisam os requisitos para a correta implementação da IoT. O objetivo desta dissertação é identificar o comportamento malicioso de nós e prevenir possíveis ataques que interrompam os serviços da rede. Neste trabalho são feitas diferentes abordagens para pesquisar um modelo de gerenciamento de confiança capaz de caracterizar o comportamento dos nós. O modelo proposto usa informações diretas geradas pelas comunicações entre os nós e recomendações de outros nós para calcular a confiança. Usa uma abordagem multi-serviço em que cada nó provê diversos serviços para os outros nós da rede. A habilidade de um nó em prover um serviço é recompensada, enquanto que um nó que não forneça um serviço corretamente é punido. Cada nó tem uma tabela de confiança dos seus vizinhos, que pode ser compartilhada com os outros nós como recomendações. A abordagem distribuída permite que os nós sejam completamente autônomos em tomar decisões sobre o comportamento dos nós. A avaliação de confiança dos nós é um meio efetivo de encorajar a colaboração na rede e ao mesmo tempo melhorar a segurança em redes distribuídas. Três ataques são testados para verificar a validade do modelo de confiança: ataque On-Off, ataque Seletivo e Bad mouthing. O modelo de gerenciamento de confiança foi implementado no Contiki, um sistema operacional desenvolvido para IoT e redes de sensores. Extensivas simulações foram feitas no simulador Cooja-Contiki para ilustrar os ataques e avaliar o desempenho do modelo proposto. Os resultados de simulação mostram que o modelo tem um bom desempenho em detectar os nós maliciosos. / In Internet of Things (IoT), the physical objects have a virtual component able to provide or require determined services. It is a trend that will bring unprecedented advantages to the process automation. The analysis of the trust management models for IoT to detect the malicious behavior on the network, has been undervalued and with little scientific contribution in the academic field. In spite of researchers has already addressed the issue, only few give a theoretic analysis on the requirements for the proper implementation of IoT. The purpose of this thesis work is to identify the malicious behavior of the nodes and prevent possible attacks that disrupt entire network to IoT context. In this thesis different approaches are followed to investigate a lightweight model of trust management able to characterize the behavior of the nodes with little effort. Our model use direct information generated from direct communication of nodes and recommendations of the others nodes to evaluate the trust. We use a multi-service approach where each node provides several services to others node. The ability to provide a service is rewarded and, punished when it is not provided. In our trust model each node has a trust table of their neighbors in the same radio coverage, which will be shared to others nodes as recommendations. This distributed approach allows nodes to be completely autonomous in making decisions about the behavior of other nodes. The trust evaluation of nodes is an effective method to encourage the collaboration on the network and at the same time to improve network security in distributed networks. In this thesis work, we present three attacks that can undermine the accuracy of trust evaluation. Based on our investigation on attacks and defense, we designed and implemented a trust management model based on the construction of Contiki, an operating system developed for IoT and sensor networks. Extensive simulations were performed using COOJA-Contiki to illustrate On-OFF attack, Selective attack and Bad mouthing attack, the effectiveness of the techniques used, and the overall performance of the proposed trust model. Simulation results shows effectiveness against these attacks and also a good performance to recognize the malicious nodes especially to the Bad mouthing attack when are used direct information and recommendations wherein is obtained a reduction time compared when is used only the direct information.
|
49 |
Analysis of the cryptography security and steganography in images sequences / Análise de segurança em criptografia e esteganografia em sequências de imagensFábio Borges de Oliveira 14 February 2007 (has links)
Information security is being considered of great importance to the private and governamental institutions. For this reason, we opted to conduct a study of security in this dissertation. We started with an introduction to the information theory, and then we proposed a new kind of Perfect Secrecy cryptographic and finally made a study of steganography in an image sequence, in which we suggest a more aggressive steganography in coefficients of the discrete cosine transform. / A segurança da informação vem sendo considerada de grande importância para as instituições privadas e governamentais. Por este motivo, optamos em realizar um estudo sobre segurança nesta dissertação. Iniciamos com uma introdução à teoria da informação, partimos para métodos de criptografia onde propomos um novo tipo de Segredo Perfeito e finalmente fazemos um estudo de esteganografia em uma sequência de imagens, onde propomos uma esteganografia mais agressiva nos coeficientes da transformada discreta de cosseno.
|
50 |
Implementando segurança e controle em redes de computadores / Implementing security and control in computer networksBertholdo, Leandro Márcio January 1997 (has links)
O crescimento e proliferação da Internet nos últimos anos tem trazido à tona vários problemas relativos à segurança e operacionabilidade das máquinas de universidades e empresas. Inúmeras invasões são realizadas anualmente. Entretanto, a grande maioria delas não possui registro algum, sendo muitas vezes de total desconhecimento do administrador local. Para prover soluções para estes problemas foi realizado um estudo, aqui apresentado, que tem como principal objetivo propor uma filosofia de gerência de segurança. São utilizados para isso conceitos de gerenciamento de redes como SNMPv2, aliado à implementação de um conjunto de ferramentas que garantam a integridade dos vários sistemas envolvidos. O resultado foi um sistema denominado CUCO1, que alerta sobre tentativas de ataque e situações de risco. CUCO foi projetado para permitir a um administrador, protegido ou não por uma firewall, dispor de um controle maior e melhor sobre acessos e tentativas de acessos indevidos à sua rede. O sistema usa uma estratégia de monitoração de eventos em diferentes níveis e aplicações, tentando com isto detectar e alertar a ocorrência de ataques tradicionais. Também está incorporado um bloco de funções que visam identificar um agressor situado em algum lugar da Internet, e obter maiores informações sobre ele e o domínio onde esta localizado. / The Internet increase and proliferation in the last years has brought a lot of problems related to the security and handling of hosts in universities and corporations. Many break-ins are done each year, without any record or knowledge by the site’s administrator. To give solutions to this problems was made up a study, here presented, has as the main goal the proposal of a security management philosophy. Are used network management concepts, joined with a toolkit to ensure the integrity of many systems envolved. The result was a system named CUCO2, that alerts about attacks and risks situations. CUCO was designed to allow an administrator, protected or not by firewall, to have a bigger and better access control in his network. The system uses an event monitor strategy in different levels and applications, trying to detect and alert the occurrence of common attacks. Moreover, it is also incorporated by a set of functions that attempt to identify aggressor’s location in any place in the Internet, and get information about him and the domain where he is located.
|
Page generated in 0.0426 seconds