Secure Semantic Search over Encrypted Big Data in the Cloud

Woodworth, Jason W.

21 December 2017

<p>Cloud storage is a widely used service for both a personal and enterprise demands. However, despite its advantages, many potential users with sensitive data refrain from fully using the service due to valid concerns about data privacy. An established solution to this problem is to perform encryption on the client?s end. This approach, however, restricts data processing capabilities (e.g. searching over the data). In particular, searching semantically with real-time response is of interest to users with big data. To address this, this thesis introduces an architecture for semantically searching encrypted data using cloud services. It presents a method that accomplishes this by extracting and encrypting key phrases from uploaded documents and comparing them to queries that have been expanded with semantic information and then encrypted. It presents an additional method that builds o? of this and uses topic-based clustering to prune the amount of searched data and improve performance times for big-data-scale. Results of experiments carried out on real datasets with fully implemented prototypes show that results are accurate and searching is e?cient.

Information technology|Computer science

Foundations and applications of generalized planning

Srivastava, Siddharth

01 January 2010

Research in the field of Automated Planning is largely focused on the problem of constructing plans or sequences of actions for going from a specific initial state to a goal state. The complexity of this task makes it desirable to find “generalized” plans which can solve multiple problem instances from a class of similar problems. Most approaches for constructing such plans work under two common constraints: (a) problem instances typically do not vary in terms of the number of objects, unless theorem proving is used as a mechanism for applying actions, and, (b) generalized plan representations avoid incorporating loops of actions because of the absence of methods for efficiently evaluating their effects and their utility. Approaches proposed recently address some aspects of these limitations, but these issues are representative of deeper problems in knowledge representation and model checking, and are crucial to the problem of generalized planning. Moreover, the generalized planning problem itself has never been defined in a manner which could unify the wide range of representations and approaches developed for it. This thesis is a study of the fundamental problems behind these issues. We begin with a comprehensive formulation of the generalized planning problem and an identification of the most significant challenges involved in solving it. We use an abstract representation from recent work in model checking to efficiently represent situations with unknown quantities of objects and compute the possible effects of actions on such situations. We study the problem of evaluating loops of actions for termination and utility by grounding it in a powerful model of computation called abacus programs. Although evaluating loops of actions in this manner is undecidable in general, we obtain a suite of algorithms for doing so in a restricted class of abacus programs, and consequently, in the class of plans which can be translated to such abacus programs. In the final sections of this thesis, these components are utilized for developing methods for solving the generalized planning problem by generalizing sample plans and merging them together; by using classical planners to automate this process and thereby solve a given problem from scratch; and also by conducting a direct search in the space of abstract states.

Information Technology|Computer science

Promoting common ground in a clinical setting| The impact of designing for the secondary user experience

Tunnell, Harry D., IV

01 November 2016

<p> Primary users can create a user experience (UX) for others&mdash;secondary users&mdash;when interacting with a system in public. Common ground occurs when people have certain knowledge in common and each knows that they have this shared understanding. This research investigates how designing for a secondary UX improves common ground during a patient-provider first encounter. During formative work, patients and providers participated in telephonic interviews and answered online questionnaires so that their respective information requirements for clinical encounters could be understood. The outcome of the formative work was a smartphone application prototype to be used as the treatment in an experimental study. In a mixed methods study, with a patient role-player using the prototype during a simulated clinical encounter with 12 providers, the impact of the prototype upon secondary user satisfaction and common ground was assessed. The main finding was that the prototype was capable of positively impacting secondary user satisfaction and facilitating common ground in certain instances. Combining the notions of human-computer interaction design, common ground, and smartphone technology improved the efficiency and effectiveness of providers during the simulated face-to-face first encounter with a patient. The investigation substantiated the notion that properly designed interactive systems have the potential to provide a satisfactory secondary UX and facilitate common ground.</p>

The Role and Impact of Cyber Security Mentoring

Ellithorpe, James O.

17 August 2016

<p> Business organizations are faced with an enormous challenge to improve cyber security, as breeches and lapses through firewalls are increasingly commonplace. The Chief Information Security Officer (CISO) and Information Technology (IT) staff are constantly challenged to identify and purge online and network structural weaknesses. The goal is to reduce overall business risk because unresolved risks are a constant concern to consumers who are uneasy about cyber security failures. The purpose of this general qualitative study was to examine the role and impact of Cyber Security Mentoring (CSM) from the perspectives of the workplace CISO, mentors, and prot&eacute;g&eacute;s, who were randomly polled from various workplace settings across the United States. Mentoring allows IT staff members to learn from their CISOs and from workplace mentor mistakes and successes. Workplace IT staff are also closest to the various attack methodologies used by cyber hackers, and cohort and dyadic mentoring may provide insight into and responding to cyber-attacks and improving cyber defenses. Sixty-eight sets of respondent data relating to field experience, formal education, professional industry cyber security certifications, and mentoring were compared and examined between respondents. The goal was to determine where respondents agreed and disagreed on issues pertaining to cyber security and CSM. The findings suggested that CSM with a qualified mentor could improve cyber security in the workplace; in addition, more time must be devoted to continued professional education. Implications for positive social change included the use of CSM to enhance cyber security through the sharing of incidents, mindsets, procedures and expertise, and improvement of customer-consumer security confidence.</p>

Evaluating Electronic Health Records Interoperability Symbiotic Relationship to Information Management Governance Security Risks

Thomas, Maurice A.

03 April 2019

<p> A major initiative in the U.S. healthcare care industry is to establish a nationwide health information network securing the sharing of information between all involved U.S. healthcare stakeholders. However, implementing an interoperability solution is a massive, complex, and enduring effort with significant challenges such as inconsistent technology and data standards, as well as complex privacy and security issues. The purpose of this qualitative, case study is to examine the impacts of interoperability initiatives involving the U.S. government and to provide an understanding of the information governance and security risk as standards that are vendor-neutral and trustworthy. This qualitative case study was conducted using federal participants who are health information management (HIM) and health information technology (HIT) professionals working in the Washington DC metropolitan area. The participants' interview data revealed nine major themes; patient identification matching, payment claims and auditing, information sharing, data stewardship, regulatory compliance, technology enhancements, training and certification, standards optimization, and value-based care. The implication of the study's themes showed interoperability is beneficial to the healthcare industry, but there is a greater need for technology and data standardization, information governance, data stewardship, and a greater understanding of federal and state data privacy and security laws. Future recommendation for practices discussed; policy and regulatory adjustments to enhance auditing and compliance, establish a healthcare data ecosystem to improve data and information governance, and technology alternatives such as master data management and white space data. Recommendation for further research included expanding the sample population to compare other federal organizations or the United Kingdom's HIT interoperability project initiative. </p><p>

Efficiently managing the computer engineering and Computer Science labs

Pickrell, Nathan

03 May 2013

<p> University lab environments are handled differently than corporate, government, and commercial Information Technology (IT) environments. While all environments have the common issues of scalability and cross-platform interoperability, educational lab environments must additionally handle student permissions, student files, student printing, and special education labs. The emphasis is on uniformity across lab machines for a uniform course curriculum.</p><p> This thesis construes how a specific set of Computer Science labs are maintained. It describes how documentation is maintained, how the lab infrastructure is setup, how the technicians managing the lab build master lab images, how all of the workstations in the lab are cloned, and how a portion of the maintenance is handled. Additionally, this paper also describes some of the specialty labs provided for courses with functional topics.</p>

Information and Communications Technology Based Solution to Rank Emergency Hospitals

Jenkins, Taneaka Anesha

16 November 2013

<p> With the advent of smart phone technologies, the healthcare industry finds it challenging to keep up with technology demands. In the medical domain, patients are experiencing longer wait times for medical treatment. A basis of dissatisfaction with healthcare, often observed by patients, is the amount of time they wait during a visit. The wait times have a greater delay within medical emergency facilities. Current medical wait time applications may encourage patients to be seen quickly but does not necessarily offer quality care or other aspects of their visits. The amount of time a patient experiences in an emergency facility could influence the patient's perspective and could be contingent upon other qualities. We sought to investigate the association between patient perception of the hospital, time to reach the hospital, patient wait time, patient reviews, and average service time of various North Carolina hospitals using product moment correlation analysis. Analyses were performed of the various hospitals based upon each parameter. In this thesis, we propose a smart phone based service to optimize travel time to a medical facility utilizing patient wait time, service time, time to reach the hospital, patient reviews, and patient perception of the facility and Global Positioning System (GPS) data. Various hospitals were compared ranking in according to the parameters individually, relative to other hospitals in neighboring counties and cities. Each constraint is assigned a weight to be used in the overall ranking of the hospital. We have established relationships about correlation parameters. The parameters were assessed to determine correlations between any two given parameters.</p>

Evaluation of security methods for the prevention of malware on mobile devices

Giacalone, Anthony S.

08 August 2014

<p> Since the introduction of the iPhone in 2008, mobile devices have become ubiquitous in our society and have spawned a new area for attackers to steal private information and data. Malware has begun to appear on these devices despite the claims of Google and Apple that their devices are secure. To combat this growing problem, companies have started producing applications which claim to have the ability to scan for malware and protect devices from these threats. Current measures to prevent loss of data from malware and illicit use of mobile devices are first be discussed. This thesis then explores and attempts to analyze the three most popular security application offerings on Android OS and determine if these security suites have any benefits to the user above and beyond the standard malware scans that are performed by Google's servers by conducting four separate benchmark tests on the software. Potential problems with these security programs, which include increased system load and loss of battery life, will be included in the discussion along with the results of the tests. Finally, this thesis will explore and discuss the lack of heuristic scanning in these security applications and the potential threat that boot sector viruses might pose to mobile devices in the future. </p>

Awareness of malicious social engineering among facebook users

Slonka, Kevin J.

18 June 2014

<p> With the rapid growth of Facebook, the social networking website is becoming a lucrative target for malicious activity. Users of Facebook therefore should be aware of various malicious attacks and know how to identify them. This research analyzed Facebook users' level of understanding in the domain of malicious social engineering on Facebook. The research examined differences in awareness among multiple generational groups; secondary research questions focused on how factors such as age, gender, education, Internet usage, and trust affected users' awareness of malicious activity. Results suggest that the Baby Boomer generation is the least aware of malicious social engineering tactics on Facebook, specifically in regard to the Donation scam category. In addition, education level and educational background are significantly associated with awareness. These findings indicate a need for future work to gain a deeper understanding of Facebook users' awareness of malicious social engineering and generate targeted training in order to increase said awareness. </p>

IslaNet| An isolated and secure approach to implementing computer networking laboratories

Cruz-Zendejas, Rogelio

23 April 2014

<p> The SIGITE Computing Curricula suggests that a hands-on laboratory component is essential in teaching networking courses. However there are some drawbacks and limitations including high costs of implementation and maintenance, security risks to the campus network, and a limited number of practical guides that feature both design and implementation. Furthermore, with the advancement of other approaches such as virtualization and simulation it has become increasingly difficult to justify funding a hands-on laboratory.</p><p> IslaNet is an isolated and secure approach to implementing computer networking laboratories which produce a low-cost model, focused on hands-on implementation. IslaNet uses various components from other approaches to mitigate, or in some cases, completely eliminate the risks and deficiencies that traditional hands-on laboratories introduce. The laboratory objectives are derived from the SIGITE Computing Curriculum to provide a solid, well developed foundation. IslaNet offers concept, design, and implementation using a unique multi-layer approach. </p>