Design and analysis of a trustworthy, Cross Domain Solution architecture

Daughety, Nathan

23 August 2022

No description available.

Computer Science

Cross Domain Solution

Trustworthiness

Trusted Computing Base

Data Confidentiality

Formal Verification

Security Analysis

Examination of Patient-Physician Relationship Among College Students

Patel, Archi

01 January 2022

The patient-physician relationship is established when a doctor provides care for their patient. This interpersonal interaction consists of perspectives on health issues, treatment plans, confidentiality, and support. Trust is also a component of the patient-physician relationship. Existing findings show that patient-physician trust is critical for achieving compliance and higher satisfaction rates with medical care (Cohen, 2002). Previous studies have investigated the physician's emotional intelligence as a factor in patient-physician trust, as well as the health locus of control on outlook, religious viewpoints on patient outcomes, and vulnerable attachment styles on the patient trust of the patients in determining the patient-physician trust. However, this study addresses the collective role of these variables from the patient's perspective in the patient-physician relationship. Past literature focuses on the physician's perspective and health outcomes. This study aims to understand how college students as patients view their relationship with their physicians. Consistent with existing literature, it was concluded that higher scores on emotional intelligence, internal health locus of control, and ease of vulnerability were associated with higher levels of patient-physician trust. However, a significant association between religious locus of control and patient-physician trust was not found. These findings regarding patients from the population of college students can inform college administrators to develop and implement plans to enhance the quality of care that physicians provide for college students. Further research can then be conducted to optimize these factors and ultimately improve the patient-physician relationship.

physician trust

patient-physician relationship

health

confidentiality

patient care

Health Psychology

Essays on Inter-Organizational Collaborations

Lan, Yingchao

25 September 2018

No description available.

Business Administration

Inter-Organizational Collaborations

healthcare

product development

confidentiality

network analysis

Accountable Care Organizations

Optimizing Programmable Logic Design Security Strategies

Graf, Jonathan Peter

10 June 2019

A wide variety of design security strategies have been developed for programmable logic devices, but less work has been done to determine which are optimal for any given design and any given security goal. To address this, we consider not only metrics related to the performance of the design security practice, but also the likely action of an adversary given their goals. We concern ourselves principally with adversaries attempting to make use of hardware Trojans, although we also show that our work can be generalized to adversaries and defenders using any of a variety of microelectronics exploitation and defense strategies. Trojans are inserted by an adversary in order to accomplish an end. This goal must be considered and quantified in order to predict the adversary's likely action. Our work here builds upon a security economic approach that models the adversary and defender motives and goals in the context of empirically derived countermeasure efficacy metrics. The approach supports formation of a two-player strategic game to determine optimal strategy selection for both adversary and defender. A game may be played in a variety of contexts, including consideration of the entire design lifecycle or only a step in product development. As a demonstration of the practicality of this approach, we present an experiment that derives efficacy metrics from a set of countermeasures (defender strategies) when tested against a taxonomy of Trojans (adversary strategies). We further present a software framework, GameRunner, that automates not only the solution to the game but also enables mathematical and graphical exploration of "what if" scenarios in the context of the game. GameRunner can also issue "prescriptions," sets of commands that allow the defender to automate the application of the optimal defender strategy to their circuit of concern. We also present how this work can be extended to adjacent security domains. Finally, we include a discussion of future work to include additional software, a more advanced experimental framework, and the application of irrationality models to account for players who make subrational decisions. / Doctor of Philosophy / We present a security economic model that informs the optimal selection of programmable logic design security strategies. Our model accurately represents the economics and effectiveness of available design security strategies and accounts for the varieties of available exploits. Paired with game theoretic analysis, this model informs microelectronics designers and associated policy makers of optimal defensive strategies. Treating the adversary and defender as opponents in a two-player game, our security economic model tells us how either player will play if it is known in advance how their opponent plays. The additional use of game theory allows us to determine the optimal play of both players simultaneously without prior knowledge other than models of players beliefs.

Field programmable gate arrays

trust

design security

design integrity

design confidentiality

trustworthy computing

game theory

An energy-efficient and scalable slot-based privacy homomorphic encryption scheme for WSN-integrated networks

Verma, Suraj, Pillai, Prashant, Hu, Yim Fun

04 1900

Yes / With the advent of Wireless Sensor Networks (WSN) and its immense popularity in a wide range of applications, security has been a major concern for these resource-constraint systems. Alongside security, WSNs are currently being integrated with existing technologies such as the Internet, satellite, Wi-Max, Wi-Fi, etc. in order to transmit data over long distances and hand-over network load to more powerful devices. With the focus currently being on the integration of WSNs with existing technologies, security becomes a major concern. The main security requirement for WSN-integrated networks is providing end-to-end security along with the implementation of in-processing techniques of data aggregation. This can be achieved with the implementation of Homomorphic encryption schemes which prove to be computationally inexpensive since they have considerable overheads. This paper addresses the ID-issue of the commonly used Castelluccia Mykletun Tsudik (CMT) [12] homomorphic scheme by proposing an ID slotting mechanism which carries information pertaining to the security keys responsible for the encryption of individual sensor data. The proposed scheme proves to be 93.5% lighter in terms of induced overheads and 11.86% more energy efficient along with providing efficient WSN scalability compared to the existing scheme. The paper provides analytical results comparing the proposed scheme with the existing scheme thus justifying that the modification to the existing scheme can prove highly efficient for resource-constrained WSNs.

A obtenção e o emprego de informações pela administração tributária em face das normas de sigilo

Wasserman, Rafhael

25 May 2010

Made available in DSpace on 2016-04-26T20:30:29Z (GMT). No. of bitstreams: 1 Rafhael Wasserman.pdf: 2007952 bytes, checksum: 08ef0dea0aaba342671f03cfa8e93d38 (MD5) Previous issue date: 2010-05-25 / Conselho Nacional de Desenvolvimento Científico e Tecnológico / The scope of this study is to look into tax-related information from the moment it is seized to the moment it is used as evidence of fines and taxes levied. This study is justified due to the vulnerableness of the individual s fundamental right to privacy. The right to privacy, especially in terms of protection of financial and tax-related data, is protected by confidentiality provisions violated by amendments to the National Tax Code resulting from Supplementary Laws 104 and 105, both from January 10, 2001. Firstly, we will examine the Brazilian Revenue Service and the myriad of tools it has available to inspect the lives and activities of individuals and legal entities, from the right of scrutinizing accounting books, merchandise, files, and documents, to the right of imposing the duty to provide information on the taxpayer to financial institutions and the like. There is an undeniable tension between the forms of information gathering and the protection of confidential data. Among the kinds of confidentiality related to our topic, financial data confidentiality stands out. According to prevailing case law and scholarly opinions, financial data confidentiality can be moderated as a result of a court order. However, contrariwise, Supplementary Law 105/01 has authorized data to be directly turned over to the Revenue Service. This is a clear non-conformity with the current Brazilian constitutional system. Provided constitutional provisions are taken into account, tax-related information are undeniably subject to being transferred to the tax authorities, which, in turn, have the duty of keeping them from third parties due to the confidentiality clause. This second kind of data confidentiality protection ensures the same right to privacy by preventing said information from being disclosed to third parties. This provision was made more elastic by Supplementary Law 104/01. Likewise and for the same reasons as financial confidentiality, only a court order can break through the confidential nature of tax-related information. Tax-related data, provided they are lawfully obtained, can be employed by the tax authorities in order to produce evidence of taxes and fines levied, and issue deficiency notices. The evidence submitted by the Revenue Service shall be admitted as long as it respects the applicable constitutional and legal provisions, especially provisions related to individual rights and freedoms. We understand, differently from the current and prevailing literature, which seems to passively accept the full disclosure of tax-related information on taxpayers and third parties based on the recent Supplementary Laws , that although tax inspection fulfills the administration s revenue needs, its limits are drawn by constitutional provisions, which no other kind of legislation has the power to disregard / Este trabalho tem como escopo a análise das informações fiscais, do momento de sua apreensão à sua utilização, sobremodo como provas a lastrear a exigência de tributos e multas. Justifica-se a reflexão em razão da vulneração ao direito fundamental à privacidade dos cidadãos, tutelado por normas de sigilo de dados, em especial os sigilos financeiro e fiscal, por força das substanciais alterações ao texto do Código Tributário Nacional oriundas do advento das Leis Complementares nº 104 e 105, ambas de 10 de janeiro de 2001. Parte-se do exame da Administração Tributária e do vasto instrumental à sua disposição para fiscalizar as atividades desenvolvidas pelos particulares, desde o direito de examinar livros, mercadorias, arquivos e documentos dos sujeitos passivos, à imposição de deveres de informar a contribuintes e terceiros, como instituições financeiras e entes assemelhados. Observa-se uma inegável tensão entre essas formas de coleta de informações e o sigilo de dados. Dentre as espécies de sigilo de dados relacionadas à temática, desponta o sigilo financeiro, passível de relativização mediante decisão judicial, ao contrário do insculpido na Lei Complementar nº 105/01, que autoriza a transferência direta de dados à Fazenda Pública, em desconformidade à ordem constitucional vigente. Respeitadas as balizas constitucionais, as informações serão passíveis de comunicação às autoridades fiscais, que têm o dever de mantê-las afastadas do conhecimento alheio, por influxo do sigilo fiscal. Essa outra espécie de sigilo de dados atua na proteção do mesmo direito à privacidade, ao impedir a revelação de tais informações a terceiros, cujo regramento foi flexibilizado com a edição da Lei Complementar nº 104/01. Da mesma forma que o sigilo financeiro e pelas mesmas razões, o sigilo fiscal somente admite afastamento por meio de decisão judicial. Os dados de matiz tributário, quando licitamente produzidos, poderão ser apropriados por agentes fiscais na forma de provas a lastrear a exigência de tributos e multas, por meio da composição de atos administrativos de lançamento ou auto de infração. As provas constituídas pela Administração serão reputadas admissíveis desde que respeitadas as normas constitucionais e legais aplicáveis, mormente os direitos e garantias individuais. Entende-se contrariamente à tendência doutrinária atual, que aceita passivamente a ampla divulgação de informes fiscais relacionados a contribuintes e terceiros em decorrência da nova legislação complementar, pois a fiscalização tributária, embora indispensável à realização do interesse arrecadatório, encontra limites delineados pelo legislador constituinte, os quais não são superáveis por enunciados infraconstitucionais

Deveres instrumentais

Privacidade

Sigilo financeiro

Provas ilícitas

Administracao tributaria -- Brasil

Fiscalizacao tributaria -- Brasil

Direito a privacidade -- Brasil

Sigilo fiscal -- Brasil

Brazilian revenue service

Tax inspection

Instrumental rights

Privacy

Tax confidentiality

Financial data confidentiality

Unlawfully obtained evidence

Limity profesní odpovědnosti ve vztahu k profesím auditora, daňového poradce a účetního pracovníka s ohledem na povinnost mlčenlivosti / Limitations of professional liability in relation to the professions of auditor, tax adviser and accountant with regard to the duty of confidentiality

Belšánová, Ivana

January 2017

The thesis "Limitations of professional liability in relation to the professions of auditor, tax adviser and accountant with regard to the duty of confidentiality" focuses on a more detailed elaboration of the selected specific segment of professional liability of the given professions, on the legal and ethical obligations in the field of confidentiality and the possibility of its breaking. The introductory part of the thesis deals with confidentiality in terms of historical development and its importance in the present. Further, it outlines the area of moral and ethical responsibility, legal liability in general, and confidentiality as a specific duty. The concept of confidentiality of the professions of auditors, tax advisers and accountants represents the core of the presented work. The duty of confidentiality of the profession of auditors is significantly influenced by the public interest in the presented information in the form of opinion on the financial statements of the audited entities, and thus the possibilities of the legally supported breaking of this obligation are the most extensive, as evidenced by the amendment to the Act on Auditors, effective from 1 October 2016. The duty of confidentiality of the tax adviser has until recently been strictly defined on a legal basis. The change was brought by the Supreme Court's case law in November 2015, which by comparing the principally equivalent conditions for the exercise of legal liability in the area of confidentiality of the tax adviser and attorney, also deduces the similarities of competencies of both professions in cases of breaking the confidentiality. The accounting profession is not regulated by law, and therefore the confidentiality obligation is also not legally enforceable. However, professional certified accountants are required to comply with the Code of Conduct issued by the Professional Chamber. The final part of the thesis focuses on comparing the duty of confidentiality of the selected professions of auditors, tax advisers and professional accountants with the attorney-at-law profession.

Towards Data and Model Confidentiality in Outsourced Machine Learning

Sharma, Sagar

05 September 2019

No description available.

Computer Science

Computer Engineering

outsource storage

machine learning computations

public cloud providers

cloud outsourcing

Cloud

privacy concerns

privacy attacks

data confidentiality

model confidentiality

confidential machine learning

CML frameworks

semantic security

會計師與律師對職業道德之認知差異 / The study of the perception gaps of professional ethics between certified public accountants and lawyers

劉子珈, Liu, Tze Chia

Unknown Date

本研究旨在探討會計師與律師二種專門職業人員對職業道德的認知程度及差異情形。本研究採用多元道德量表作為道德判斷之衡量工具，配合四個道德情境故事，以問卷調查方式向會計師事務所及律師事務所蒐集樣本資料，回收194份問卷，有效問卷173份，並以敘述性統計、t 檢定、Spearman相關分析等方法進行資料分析。實證結果發現，會計師對獨立性與律師對避免利益衝突的認知上有顯著差異，而二者對保密的認知則無顯著差異，可能係此二種專門職業之職業特性不同所致。根據研究結果，本研究提出相關建議，供實務界、教育界及後續研究者作為參考。 / The main purposes of this study were to explore the ethical perception gaps of professional ethics between Certified Public Accountants and Lawyers. This research uses multidimensional ethics scale as a measurement of moral judgments with four dilemmas, then uses the method of questionnaire survey with participants in some accounting firms and law firms. There are 194 samples retrieved, and 174 effective samples. The data is analyzed by using the method of descriptive statistics, t-test, Spearman’s correlation. The findings of the study revealed that the perception gaps of independence for accountants and avoiding the conflicts of interests for lawyers are significant, and the perception gaps of confidentiality are insignificant. This might be resulted from the particularity of these two professions. As a result, this study is recommendable for practicing field, educators, and future researcher as reference materials.

職業道德

獨立性

利益衝突

保密

professional ethics

independence

conflicts of interests

confidentiality

Entreprenör eller Byråkrat? : En studie om revisorers agerande vid ett misstänkt ekobrott / Contractor or bureaucrat? : A study of the auditors’ actions at a suspected economic crime

Mohammadi, Aram, Said, Sayyed Mohammad

January 2013

Bakgrund: År 1999 infördes lagen om revisorns anmälningsskyldighet och lagen innebär att revisorn ska anmäla vid misstanke av ett ekonomiskt brott, jämfört med tidigare då revisorn endast hade tystnadsplikten att förhålla sig till. Lagen infördes på grund av den höga ekonomiska brottsligheten där de vanligaste ekobrotten i Sverige är bokföringsbrott och skattebrott. Denna lag skulle underlätta revisorers arbete vid brottssituationer. I stort sett står anmälningsskyldigheten i motsatsen mot tystnadsplikten vilket har lett till att intressenternas förväntningar på revisorers arbete har ökat. Revisorerna har anmälningsskyldighet till myndigheterna samtidigt som de har tystnadsplikt gentemot sina klienter. Syfte: Studiens syfte är att öka förståelsen, sett från revisorers perspektiv, för hur revisorer ser på anmälningsskyldigheten samt att undersöka om hur revisorers erfarenheter kan påverka deras agerande, när det gäller ett misstänkt ekobrott. Metod: Vi har genom en kvalitativ undersökningsmetod utfört studien med utgångspunkt från den induktiva forskningsansatsen. Våra primärdata har samlats in genom semistrukturerade intervjuer som sedan jämförts med sekundärdata i form av tidigare undersökningar samt litteratur. Slutsats: Studiens slutsats är att de äldre revisorerna har en osäker och mindre klar inställning till anmälningsskyldigheten jämfört med de yngre revisorerna som har en mer positiv och stabil syn på anmälningsskyldigheten. Anledningen är att de äldre revisorer alltid har haft tystnadsplikten i baktanke och ser detta som grundantagandet för revisionsyrket. De yngre revisorerna har alltid haft en klar bild över båda plikterna då dessa har funnits sedan de började sitt arbete som revisorer. Resultatet blir att de äldre revisorerna ser sig själva som entreprenörer. De vill bygga sin verksamhet på välgrundade och pålitliga förhållanden genom att hjälpa och ge råd till sina klienter, istället för att anmäla dem och skada relationen däremellan. De yngre revisorerna ser vi som byråkrater som vill basera sina handlingar endast i enlighet med statens lagar och regler och tar mindre hänsyn till etik och moral gentemot sina klienter. Nyckelord: Anmälningsskyldighet, tystnadsplikt, ekobrott, revisor, revision, svårigheter / Background: In 1999, the legislation on the auditor’s reporting obligation were introduced and the law means that the auditor has to report a suspected economic crime, compared to earlier in which  the auditor had only the confidentiality to relate to. The law was introduced because of the high economic crimes where the most common crimes, in Sweden, are accounting fraud and tax evasion. This law would help the auditors at crime situations. The auditors’ reporting obligation stands, overall, in the opposite of their confidentiality, which has led to increase the expectations of the stakeholders, on auditors’ work.  The auditors have a duty to notify the authorities at the same time as they have confidentiality towards their clients. Purpose: The purpose of this study is to increase the understanding on auditors’ attitude towards the reporting obligation, seen from their own perspective, and to examine how auditors’ experiences can affect their behavior in the case of a suspected economic crime.  Method: We have performed this study through a qualitative method based on an inductive research approach. Our primary data were collected through semi-structured interviews which then were compared with our secondary data, in form of previous studies and literature. Results and conclusion: This study concludes that older auditors have an uncertain and less clear approach to the reporting obligation as compared to the younger auditors, who have a more positive and stable attitude towards the reporting obligation. The reason is that older auditors have always had the confidentiality in ulterior motive, as this is the basic assumption for the audit profession. The younger auditors have always had a clear view of both the reporting obligation and the confidentiality since the duties have existed since the auditors started their carriers. The result is that the older auditors see themselves as entrepreneurs. They want to build their business on well-founded and reliable relationships by helping and advising their clients, instead of reporting them and damage the relationship between them.   We see the younger auditors as bureaucrats who want to base their actions only in accordance with state laws and regulations and they pay less attention to ethics and morality in relation to their clients. Keywords: Reporting obligation, confidentiality, economic crime, auditor, audit, difficulties

Reporting obligation

confidentiality

economic crime

auditor

audit

difficulties

ethic

moral

Anmälningsskyldighet

tystnadsplikt

ekobrott

revisor

revision

svårigheter

etik

moral