Security Issues in Heterogeneous Data Federations

Leighton, Gregory

Unknown Date

No description available.

data security

XML

database theory

access control

data privacy

Secure Cloud Storage

Luo, Jeff Yucong

23 May 2014

The rapid growth of Cloud based services on the Internet invited many critical security attacks. Consumers and corporations who use the Cloud to store their data encounter a difficult trade-off of accepting and bearing the security, reliability, and privacy risks as well as costs in order to reap the benefits of Cloud storage. The primary goal of this thesis is to resolve this trade-off while minimizing total costs. This thesis presents a system framework that solves this problem by using erasure codes to add redundancy and security to users’ data, and by optimally choosing Cloud storage providers to minimize risks and total storage costs. Detailed comparative analysis of the security and algorithmic properties of 7 different erasure codes is presented, showing codes with better data security comes with a higher cost in computational time complexity. The codes which granted the highest configuration flexibility bested their peers, as the flexibility directly corresponded to the level of customizability for data security and storage costs. In-depth analysis of the risks, benefits, and costs of Cloud storage is presented, and analyzed to provide cost-based and security-based optimal selection criteria for choosing appropriate Cloud storage providers. A brief historical introduction to Cloud Computing and security principles is provided as well for those unfamiliar with the field. The analysis results show that the framework can resolve the trade-off problem by mitigating and eliminating the risks while preserving and enhancing the benefits of using Cloud storage. However, it requires higher total storage space due to the redundancy added by the erasure codes. The storage provider selection criteria will minimize the total storage costs even with the added redundancies, and minimize risks.

Cloud Computing

Cloud Storage

Data Security

Cost Optimization

Erasure Code

Návrh dílčí části informačního systému / Design of an Information System Part

Kaššák, Marián

January 2019

The diploma thesis deals with the analysis of the company and the focus on data security. Based on the company analysis and requirements is designed a new system of employee authorization in CMS systems of the company. The design of the employee authorization API solution is based on the OAuth 2.0 protocol.

Mining Security Risks from Massive Datasets

Liu, Fang

09 August 2017

Cyber security risk has been a problem ever since the appearance of telecommunication and electronic computers. In the recent 30 years, researchers have developed various tools to protect the confidentiality, integrity, and availability of data and programs. However, new challenges are emerging as the amount of data grows rapidly in the big data era. On one hand, attacks are becoming stealthier by concealing their behaviors in massive datasets. One the other hand, it is becoming more and more difficult for existing tools to handle massive datasets with various data types. This thesis presents the attempts to address the challenges and solve different security problems by mining security risks from massive datasets. The attempts are in three aspects: detecting security risks in the enterprise environment, prioritizing security risks of mobile apps and measuring the impact of security risks between websites and mobile apps. First, the thesis presents a framework to detect data leakage in very large content. The framework can be deployed on cloud for enterprise and preserve the privacy of sensitive data. Second, the thesis prioritizes the inter-app communication risks in large-scale Android apps by designing new distributed inter-app communication linking algorithm and performing nearest-neighbor risk analysis. Third, the thesis measures the impact of deep link hijacking risk, which is one type of inter-app communication risks, on 1 million websites and 160 thousand mobile apps. The measurement reveals the failure of Google's attempts to improve the security of deep links. / Ph. D.

Cyber Security

Big Data Security

Mobile Security

Data Leakage Detection

A Survey of Existing Technologies to Build Next Generation Data Security.

Yekkuluri, Damodar Reddy

29 August 2019

No description available.

Computer Science

Systems Design

Data Security, Minifilters, Sandboxing,

Analyzing and Improving Security-Enhanced Communication Protocols

Weicheng Wang (17349748)

08 November 2023

<p dir="ltr">Security and privacy are one of the top concerns when experts select for communication protocols. When a protocol is confirmed with problems, such as leaking users’ privacy, the protocol developers will upgrade it to an advanced version to cover those concerns in a short interval, or the protocol will be discarded or replaced by other secured ones. </p><p dir="ltr">There are always communication protocols failing to protect users’ privacy or exposing users’ accounts under attack. A malicious user or an attacker can utilize the vulnerabilities in the protocol to gain private information, or even take control of the users’ devices. Hence, it is important to expose those protocols and improve them to enhance the security properties. Some protocols protect users’ privacy but in a less efficient way. Due to the new cryptography technique or the modern hardware support, the protocols can be improved with less overhead and enhanced security protection. </p><p dir="ltr">In this dissertation, we focus on analyzing and improving security-enhanced communication protocols in three aspects: </p><p dir="ltr">(1) We systematically analyzed an existing and widely used communication protocol: Zigbee. We identified the vulnerabilities of the existing Zigbee protocols during the new device joining process and proposed a security-enhanced Zigbee protocol. The new protocol utilized public-key primitives with little extra overhead with capabilities to protect against the outsourced attackers. The new protocol is formally verified and implemented with a prototype. </p><p dir="ltr">(2) We explored one type of communication detection system: Keyword-based deep packet inspection. The system has several protocols, such as BlindBox, PrivDPI, PE-DPI, mbTLS, and so on. We analyzed those protocols and identified their vulnerabilities or inefficiencies. To address those issues, we proposed three enhanced protocols: MT-DPI, BH-DPI, and CE-DPI which work readily with AES-based encryption schemes deployed and well-supported by AES-NI. Specifically, MT-DPI utilized multiplicative triples to support multi-party computation. </p><p dir="ltr">(3) We developed a technique to support Distributed confidential computing with the use of a trusted execution environment. We found that the existing confidential computing cannot handle multiple-stakeholder scenarios well and did not give reasonable control over derived data after computation. We analyzed six real use cases and pointed out what is missing in the existing solutions. To bridge the gap, we developed a language SeDS policy that was built on top of the trusted execution environment. It works well for specific privacy needs during the collaboration and gives protection over the derived data. We examined the language in the use cases and showed the benefits of applying the new policies.</p>

Data and information privacy

Data security and protection

security

privacy

communication protocol

AN UPDATE ON NETWORK-BASED SECURITY TECHNOLOGIES APPLICABLE TO TELEMETRY POST-PROCESSING AND ANALYSIS ACTIVITIES

Kalibjian, Jeff

10 1900

ITC/USA 2007 Conference Proceedings / The Forty-Third Annual International Telemetering Conference and Technical Exhibition / October 22-25, 2007 / Riviera Hotel & Convention Center, Las Vegas, Nevada / Networked based technologies (i.e. TCP/IP) have come to play an important role in the evolution of telemetry post processing services. A paramount issue when using networking to access/move telemetry data is security. In past years papers have focused on individual security technologies and how they could be used to secure telemetry data. This paper will review currently available network based security technologies, update readers on enhancements, and discuss their appropriate uses in the various phases of telemetry post-processing and analysis activities.

Network based computing

data security

security protocols

key management

telemetry post processing

cryptography

identity services

Cloud Computing Adoption in Iran as a Developing Country : A Tentative Framework Based on Experiences from Iran.

Mousavi Shoshtari, Seyed Farid

January 2013

The employment of the right technology in an organisation can provide major competitiveadvantages. Not only in organisations, but at a higher level, governments are seeking for newtechnologies to enhance their services while minimising the costs. Although, there might beno precise definition for cloud computing, the tremendous advantages and benefits of this newtechnology has turn cloud computing to the hottest topic in Information Technology.The remarkable effects of cloud computing in economy have already stimulated thedeveloped countries to deploy this technology in national level. Nonetheless, the adoption ofcloud computing could transform the workflow in the organisations. Therefore, in order toensure the smooth transition with minimal casualties, preparations needs to be done and aclear road map has to be followed.However, the approach to cloud adoption process in developing countries can be entirelydifferent. While it has been pointed out that cloud computing can bring more advantages todeveloping countries, it adoption can be profoundly challenging. Consequently, a set offundamental and yet vital preparation are required to facilitate the process of cloud adoption.Moreover, a definite framework that is formed based on the current state of the country isabsolutely necessary.In this research, we focus on the process of cloud adoption in Iran as a developing country.We start by providing a comprehensive background on cloud computing by studying itsaspects, features, advantages and disadvantages and continue to identify the vital cloudreadiness criteria. Next, we conduct an empirical study in order to assess the state of cloudreadiness in Iran by performing interviews, observations and discussions. Finally, after weanalyse our data from the empirical study, we present our results by presenting a clear and definitive framework for cloud adoption in Iran. / Program: Masterutbildning i Informatik

Cloud computing

grid computing

data security

ICT infrastructure

Engineering and Technology

Teknik och teknologier

Best Practices to Minimize Data Security Breaches for Increased Business Performance

Kongnso, Fedinand Jaiventume

01 January 2015

In the United States, businesses have reported over 2,800 data compromises of an estimated 543 million records, with security breaches costing firms approximately $7.2 million annually. Scholars and industry practitioners have indicated a significant impact of security breaches on consumers and organizations. However, there are limited data on the best practices for minimizing the impact of security breaches on organizational performance. The purpose of this qualitative multicase study was to explore best practices technology leaders use to minimize data security breaches for increased business performance. Systems theory served as the conceptual framework for this study. Fourteen participants were interviewed, including 2 technology executives and 5 technical staff, each from a banking firm in the Northcentral United States and a local government agency in the Southcentral United States. Data from semistructured interviews, in addition to security and privacy policy statements, were analyzed for methodological triangulation. Four major themes emerged: a need for implementation of security awareness education and training to mitigate insider threats, the necessity of consistent organization security policies and procedures, an organizational culture promoting data security awareness, and an organizational commitment to adopt new technologies and innovative processes. The findings may contribute to the body of knowledge regarding best practices technology leaders can use for securing organizational data and contribute to social change since secure organizational data might reduce consumer identity theft.

data breaches

data compromise

data security

information security

security awareness

security breach

Business

Databases and Information Systems

Strategies for Improving Data Protection to Reduce Data Loss from Cyberattacks

Cannon, Jennifer Elizabeth

01 January 2019

Accidental and targeted data breaches threaten sustainable business practices and personal privacy, exposing all types of businesses to increased data loss and financial impacts. This single case study was conducted in a medium-sized enterprise located in Brevard County, Florida, to explore the successful data protection strategies employed by the information system and information technology business leaders. Actor-network theory was the conceptual framework for the study with a graphical syntax to model data protection strategies. Data were collected from semistructured interviews of 3 business leaders, archival documents, and field notes. Data were analyzed using thematic, analytic, and software analysis, and methodological triangulation. Three themes materialized from the data analyses: people--inferring security personnel, network engineers, system engineers, and qualified personnel to know how to monitor data; processes--inferring the activities required to protect data from data loss; and technology--inferring scientific knowledge used by people to protect data from data loss. The findings are indicative of successful application of data protection strategies and may be modeled to assess vulnerabilities from technical and nontechnical threats impacting risk and loss of sensitive data. The implications of this study for positive social change include the potential to alter attitudes toward data protection, creating a better environment for people to live and work; reduce recovery costs resulting from Internet crimes, improving social well-being; and enhance methods for the protection of sensitive, proprietary, and personally identifiable information, which advances the privacy rights for society.

actor-network theory

data protection

data security

GDPR

insider threat

outsider threat

Business