Flexible authorizations in workflow management systems

Lui, W. C.

January 2002

Thesis (M. Phil.)--University of Hong Kong, 2003. / Includes bibliographical references (leaves 162-168) Also available in print.

Data privacy the non-interactive setting /

Narayanan, Arvind,

January 1900

Thesis (Ph. D.)--University of Texas at Austin, 2009. / Title from PDF title page (University of Texas Digital Repository, viewed on Sept. 17, 2009). Vita. Includes bibliographical references.

"The future is open" for composition studies a new intellectual property model in the digital age /

Lowe, Charles. Fenstermaker, John J.

January 1900

Thesis (Ph. D.)--Florida State University, 2006. / Advisor: John Fenstermaker, Florida State University, College of Arts and Sciences, Dept. of English. Title and description from dissertation home page (viewed Sept. 18, 2006). Document formatted into pages; contains vi, 144 pages. Includes bibliographical references.

Health Insurance Portability and Accountability Act (HIPAA)-compliant privacy access control model for Web services /

Cheng, Sin Ying.

January 2006

Thesis (M.Phil.)--Hong Kong University of Science and Technology, 2006. / Includes bibliographical references (leaves 96-100). Also available in electronic version.

Secure management of networked storage services models and techniques /

Singh, Aameek.

January 2007

Thesis (Ph. D.)--Computing, Georgia Institute of Technology, 2008. / Liu, Ling, Committee Chair ; Aberer, Karl, Committee Member ; Ahamad, Mustaque, Committee Member ; Blough, Douglas, Committee Member ; Pu, Calton, Committee Member ; Voruganti, Kaladhar, Committee Member.

Developing a framework for e-commerce privacy and data protection in developing nations : a case study of Nigeria

Adelola, Tiwalade

January 2017

The emergence of e-commerce has brought about many benefits to a country s economy and individuals, but the openness of the Internet has given rise to misuse of personal data and Internet security issues. Therefore, various countries have developed and implemented cyber-security awareness measures to counter this. However, there is currently a definite lack in this regard in Nigeria, as there are currently, little government-led and sponsored Internet security awareness initiatives. In addition, a security illiterate person will not know of the need to search for these awareness programmes online, particularly in Nigeria s case, where personal information security may not be regarded as an overly important issue for citizens. Therefore, this research attempts to find a means to reduce the privacy and data protection issues. It highlights the privacy and data protection problem in developing countries, using Nigeria as a case study, and seeks to provide a solution focusing on improving Internet security culture rather than focusing on solely technological solutions. The research proves the existence of the privacy and data protection problem in Nigeria by analysing the current privacy practices, Internet users perceptions and awareness knowledge, and by identifying factors specific to Nigeria that influence their current privacy and data protection situation. The research develops a framework for developing countries that consists of recommendations for relevant stakeholders and awareness training. In the case of Nigeria, the stakeholders are the government and organisations responsible for personal information security, and an awareness training method has been created to take into account Nigeria s unique factors. This training method encompasses promoting Internet security awareness through contextual training and promoting awareness programmes. Industry experts and Nigerian Internet users validated the framework. The findings obtained from the validation procedure indicated that the framework is applicable to the current situation in Nigeria and would assist in solving the privacy and Internet problem in Nigeria. This research offers recommendations that will assist the Nigerian government, stakeholders such as banks and e commerce websites, as well as Nigerian Internet users, in resolving the stated problems.

Data Protection over Cloud

January 2016

abstract: Data protection has long been a point of contention and a vastly researched field. With the advent of technology and advances in Internet technologies, securing data has become much more challenging these days. Cloud services have become very popular. Given the ease of access and availability of the systems, it is not easy to not use cloud to store data. This however, pose a significant risk to data security as more of your data is available to a third party. Given the easy transmission and almost infinite storage of data, securing one's sensitive information has become a major challenge. Cloud service providers may not be trusted completely with your data. It is not very uncommon to snoop over the data for finding interesting patterns to generate ad revenue or divulge your information to a third party, e.g. government and law enforcing agencies. For enterprises who use cloud service, it pose a risk for their intellectual property and business secrets. With more and more employees using cloud for their day to day work, business now face a risk of losing or leaking out information. In this thesis, I have focused on ways to protect data and information over cloud- a third party not authorized to use your data, all this while still utilizing cloud services for transfer and availability of data. This research proposes an alternative to an on-premise secure infrastructure giving exibility to user for protecting the data and control over it. The project uses cryptography to protect data and create a secure architecture for secret key migration in order to decrypt the data securely for the intended recipient. It utilizes Intel's technology which gives it an added advantage over other existing solutions. / Dissertation/Thesis / Masters Thesis Computer Science 2016

Computer science

Cloud Computing

Data Protection

Software Security

Trusted Computing

The conflict of interest between data sharing and data privacy : a middleware approach

Molema, Karabo Omphile

January 2016

Thesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2016. / People who are referred to as data owners in this study, use the Internet for various purposes and one of those is using online services like Gmail, Facebook, Twitter and so on. These online services are offered by organizations which are referred to as data controllers. When data owners use these service provided by data controllers they usually have to agree to the terms and conditions which gives data controllers indemnity against any privacy issues that may be raised by the data owner. Data controllers are then free to share that data with any other organizations, referred to as third parties. Though data controllers are protected from lawsuits it does not necessarily mean they are free of any act that may be considered a privacy violation by the data owner. This thesis aims to arrive at a design proposition using the design science research paradigm for a middleware extension, specifically focused on the Tomcat server which is a servlet engine running on the JVM. The design proposition proposes a client side annotation based API to be used by developers to specify classes which will carry data outside the scope of the data controller's system to a third party system, the specified classes will then have code weaved in that will communicate with a Privacy Engine component that will determine based on data owner's preferences if their data should be shared or not. The output of this study is a privacy enhancing platform that comprises of three components the client side annotation based API used by developers, an extension to Tomcat and finally a Privacy Engine.

Computer security

Data protection

Computer networks -- Security measures

Privacy, Right of

Analise de seleção de parametros em criptografia baseada em curvas elipticas / Parameter selection analysis on elliptic curve cryptography

Silva, Rosemberg André da, 1969-

28 July 2006

Orientador: Ricardo Dahab / Dissertação (mestrado profissional) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-11T02:09:49Z (GMT). No. of bitstreams: 1 Silva_RosembergAndreda_M.pdf: 824860 bytes, checksum: 48ed40bc241415f1692ca283d3e1f65b (MD5) Previous issue date: 2006 / Resumo: A escolha dos parâmetros sobre os quais uma dada implementação de Criptografia sobre Curvas Elípticas baseia-se tem influência direta sobre o desempenho das operações associadas bem como sobre seu grau de segurança. Este trabalho visa analisar a forma como os padrões mais usados na atulalidade lidam com este processo de seleção, mostrando as implicações que tais escolhas acarretam / Abstract: The choice of parameters associated with a given implementation of ECC (Elliptic Curve Cryptography) has direct impact on its performance and security leveI. This dissertation aims to compare the most common standards used now-a-days, taking into account their selection criteria and their implications on performance and security / Mestrado / Engenharia de Software / Mestre em Ciência da Computação

Criptografia

Curvas elípticas

Proteção de dados

Cryptography

Elliptic curves

Data protection

Information security in the client/server environment

Botha, Reinhardt A

23 August 2012

M.Sc. (Computer Science) / Client/Server computing is currently one of the buzzwords in the computer industry. The client/server environment can be defined as an open systems environment. This openness of the client/server environment makes it a very popular environment to operate in. As information are exceedingly accessed in a client/server manner certain security issues arise. In order to address this definite need for a secure client/server environment it is necessary to firstly define the client/server environment. This is accomplished through defining three possible ways to partition programs within the client/server environment. Security, or secure systems, have a different meaning for different people. This dissertation defines six attributes of information that should be maintained in order to have secure information. For certain environments some of these attributes may be unnecessary or of lesser importance. Different security techniques and measures are discussed and classified in terms of the client/server partitions and the security attributes that are maintained by them. This is presented in the form of a matrix and provides an easy reference to decide on security measures in the client/server environment in order to protect a specific aspect of the information. The importance of a security policy and more specifically the influence of the client/server environment on such a policy are discussed and it is demonstrated that the framework can assist in drawing up a security policy for a client/server environment. This dissertation furthermore defines an electronic document .management system as a case study. It is shown that the client/server environment is a suitable environment for such a system. The security needs and problems are identified and classified in terms of the security attributes. Solutions to the problems are discussed in order to provide a reasonably secure electronic document management system environment.

Client/server computing

Data protection

Computers - Access control