Global ETD Search

1	Harpocrates: Privacy-Preserving and Immutable Audit Log for Sensitive Data Operations Thazhath, Mohit Bhasi 10 June 2022 (has links) The immutability, validity and confidentiality of an audit log is crucial when operating over sensitive data to comply to standard data regulations (e.g., HIPAA). Despite its critical needs, state-of-the-art privacy-preserving audit log schemes (e.g., Ghostor (NSDI '20), Calypso (VLDB '19)) do not fully obtain a high level of privacy, integrity, and immutability simultaneously, in which certain information (e.g., user identities) is still leaked in the log. In this work, we propose Harpocrates, a new privacy-preserving and immutable audit log scheme. Harpocrates permits data store, share, and access operations to be recorded in the audit log without leaking sensitive information (e.g., data identifier, user identity), while permitting the validity of data operations to be publicly verifiable. Harpocrates makes use of blockchain techniques to achieve immutability and avoid a single point of failure, while cryptographic zero-knowledge proofs are harnessed for confidentiality and public verifiability. We analyze the security of our proposed technique and prove that it achieves non-malleability and indistinguishability. We fully implemented Harpocrates and evaluated its performance on a real blockchain system (i.e., Hyperledger Fabric) deployed on a commodity platform (i.e., Amazon EC2). Experimental results demonstrated that Harpocrates is highly scalable and achieves practical performance. / Master of Science / Audit logs are an essential part of data storage systems as they allow to check if the system is working as intended. They are usually maintained on a server, a server with ill intentions can easily modify records of the log and make it appear that the system is working correctly. To store these records in an un-modifiable manner, prior works have leveraged special audit log storing mechanisms for e.g., blockchain due to its immutable nature. However, these works do not focus on the privacy of the records which is a crucial aspect for conforming to certain data regulations like HIPAA. In our work, we propose Harpocrates, an immutable and privacy-preserving audit log platform that supports recording operations (share/access) on sensitive data. Harpocrates leverages blockchain to achieve immutability of the audit log. Harpocrates use specific cryptographic primitives to achieve public verifiability and confidentiality of the audit log. Real world deployment of Harpocrates shows that it is practical and achieves strong security guarantees. Blockchain Zero-Knowledge Proofs Immutable Logging Record Anonymity
2	Constraining future extensions of immutable classes / Begränsning av framtida arv från omuterbara klasser Blomstrand, Mikael January 2018 (has links) Immutable data and persistent data structures are seeing more and more use. Many common programming errors can be solved by simply using immutable data, and in concurrent and parallel programming, they remove the need for data synchronization. There are many benefits of immutable data, but few modern languages provide a way to declare or control immutability. By analyzing a class, it is possible to know whether creating an object of that specific class will make an immutable object. This means that for final classes, which can't be extended, immutability can be inferred from the type. The same is not true for non-final classes. A mutable subclass can be made without recompiling the original, immutable superclass, making it possible to make mutable objects of the previously immutable class. This makes all non-final classes potentially mutable, ruling out many interesting class hierarchies. This thesis explores how the use of such unwanted class extensions could be detected. The solution introduces \emph{phantom classes}, synthetic final classes that are used in place of the original classes. These classes are essentially empty class extensions, behaving exactly the same as the original classes, but since they are final, can not be extended. An object can be verified by downcasting. If the cast fails, the object have been created in foreign code.A proof-of-concept is implemented as a fork of Dotty, what will become version 3 of the Scala compiler. The implementation is called Mållgan.Mållgan is able to compile real code, and produces executable JVM bytecode.Tests show that the code compiled with Mållgan can still be used normally by code compiled with regular Dotty, indicating that the solution is transparent to any code not aware of it. Overall the study shows that the solution is feasible, but a formal proof would be needed to provide definite proof for the correctness. / Omuterbar data och beständiga datastrukturer används mer och mer. Många vanliga programmeringsfel kan undvikas genom att använda omuterbar data, och i parallell och flertrådig programmering slipper man datasynkronisering. Det finns många fördelar med omuterbar data, men få moderna programmeringsspråk stödjer ett sätt att deklarera eller kontrollera omuterbarhet. Genom att analysera en klass är det möjligt att ta reda på om ett objekt som skapats från klassen är omuterbar. För klasser som inte går att ärva går det alltså att härleda om ett objekt är omuterbart eller inte från typen. För klasser som går att ärva finns inga garantier för att subklasserna är omuterbara, och subklasser kan skapas utan att orginalklassen måste kompileras om. Det här gör att alla klasser som går att ärva är potentiellt muterbara, vilket omöjliggör många intressanta klasshierarkier. Den här uppsatsen utforskar hur sådana oönskade subklasser kan upptäckas. Lösningen heter \emph{fantomklasser} (phantom classes), syntetiska klasser som inte går att ärva. Dessa är i grund och botten tomma subklasser som beter sig exakt likadant som orginalklasserna. Ett objekt kan verifieras genom att verifiera typen. Om de inte kan göras till fantomklassen måste de ha gjorts av främmande kod. Som proof-of-concept implementerades lösningen som en fork av Dotty, det som kommer att bli version 3 av Scala-kompilatorn. Implementationen heter Mållgan. Mållgan klarar att kompilera verklig kod och producerar exekverbar JVM bytekod. Tester visar att kod kompilerad med Mållgan fortfarande kan användas som vanligt med vanlig Dotty. Det här indikerar att lösningen är transparent för kod som inte är medveten om implementationen. Studien visar att lösningen är genomförbar, men ett mer formellt bevis krävs för att visa att lösningen är korrekt. scala dotty compiler jvm mållgan final immutable Computer Sciences Datavetenskap (datalogi)
3	Do Widget Libraries Need Mutable Data? Arumugasamy, Akshay Kumar 11 1900 (has links) This thesis examines trends in the academic and professional literature around immutable data and its relationship with declarative User Interfaces (UIs). Immutable data types are preferred by academic authors due to their increased safety, and commercial languages are increasing their support for them over time. More recently, declarative UIs are an exploding topic in industry, and these are related, although not as closely as one would expect. Declarative programming tries to focus on highlevel requirements, not low-level details. It is easier to do this if functions have no side effects, and immutable data is a guaranteed way of achieving this. To highlight this property, the declarative UI framework Flutter advertises “stateless widgets”, but their existence puts in highlights the lack of this property in most widgets. Consequently, we ask whether it is feasible to build a Graphical User Interface (GUI) toolkit using purely immutable data structures. To accomplish this objective, a purely immutable GUI toolkit is sketched and partially developed using Elm, a purely functional language in which all data structures are immutable. To understand the requirements of a GUI toolkit, we categorize and put in historical context, different design paradigms for UIs and relate them to core software-design principles. Leading toolkits allow developers to visualize and manage multiple views of their interfaces, including the view hierarchy, layout, interface to business logic, and focus management. By creating a concrete example, the research aims to provide insight into the limitations of utilizing purely immutable data within a GUI framework and suggests future work to mitigate these. / Thesis / Master of Science (MSc) Immutability Immutable data Separation of concerns Elm programming Widgets Widget libraries Declarative programming Declarative UI GUI programming Purely immutable data Functional programming Stateless widgets History of GUI programming Model-view-update Architectural paradigms Structural sharing
4	Controle jurisdicional preventivo : possibilidades de preservação da Constituição / Leme, Geraldo Luiz Cabreira Paes January 2019 (has links) Orientador: Alexandre Walmott Borges / Resumo: A dissertação se dedica a investigar as possibilidades de realização de controle jurisdicional de constitucionalidade abstrato e preventivo no sistema jurídico brasileiro. Elabora-se a presente temática a partir da observação das recorrentes vezes em que o Supremo Tribunal Federal (STF) é provocado a se posicionar sobre procedimentos legislativos que afrontam, em tese, a Constituição federal de 1988 (CF/88). As alegações de inconstitucionalidade originam-se principalmente a partir das Propostas de Emenda à Constituição (PEC) que ameaçam às cláusulas pétreas previstas no art. 60, § 4º, incisos I, II, III e IV da CF/88. Para tanto, realiza-se no presente trabalho uma análise bibliográfica e teórica dos elementos da teoria constitucional que estão relacionados com o controle de constitucionalidade. O primeiro capítulo da dissertação è destinado à contextualização sobre as origens das Constituições modernas, bem como as principais características do Poder Constituinte (originário e derivado) que se relaciona diretamente com a supremacia da Constituição. Ato contínuo, no segundo capítulo são apresentados os principais modelos de controle de constitucionalidade desenvolvidos por países como Estados Unidos da América, França, Áustria. Apresentam-se, também, as adaptações que demais Estados europeus realizaram, derivadas principalmente do modelo o austríaco, bem como a formação das Cortes Constitucionais. Não obstante, nesse capítulo são, também, elencadas as principais classificaçõe... (Resumo completo, clicar acesso eletrônico abaixo) / Abstract: The aim of this work is to investigate the possibilities of realizing an abstract and preventive judicial control of constitutionality at the brazilian law system. The standing theme is made from the observation of the many times in which the Federal Supreme Court (Supremo Tribunal Federal, STF) is instigated to positionate itself about the law procedures that go aginst, in theory, the 1988 Federal Constitution (CF/88). The explanations of unconstitutionality are originated especially from the Purposes of Amendments to the Constitution (Propostas de Emendas Constitucionais, PEC) that threaten the immutable clauses expected in the article 60, § 4th, subsections I, II, III and IV, from the 1988 Constitution. Therefore, in this work there’s a theoric and bibliograhpic analisys of the elements from the consitutional theory which are related to the consitutionality control. The first chapter is destinated for contextualizing the origins of the modern Constitutions, as well as the main characteristics of the Consituent Power (both ortiginary and derivative) which is directly related with the Constitution’s Supremacy. Second, in the second chapter it’s introduced a wide range of the main models of constitutionality control, developed by countrys such as the United States of America, France and Austria. Also, the further adaptations made by other european States, derivative specially from the Austriac model, and another item that is also introduced is the formation of Consitutional C... (Complete abstract click electronic access below) / Mestre Direito constitucional. Supremo Tribunal Federal Cláusulas pétreas Controle da constitucionalidade. Constitutional Law Federal Supreme Court Immutable clauses Constitutionality control
5	Blockchain, the future opportunity for trading progression? / Blockkedjan, framtiden för digitala överföringssystem? Tran, Tony, Levin, Mats January 2017 (has links) The rapid expansion of computer technology have forced several business sectors to integrate with the continuous development of techniques in order to assist them in various tasks. Many fields have happily embraced the technology implementing it in numerous ways, however the development speed have proven difficult to keep up with. The insurance industry have struggled with ridding themselves of old and monolithic legacy systems with a haphazard construction. These systems are costly, cumbersome and often reliant on a “third party” centered structure creating such flaws as data leaks and monopolisation. Blockchain is a distributed ledger operating over a peer-to-peer basis, with the intention to unshackle contemporary system from their dependence towards central authorities. Additionally, the peer-to-peer architecture introduced a new form of transparency which differs from contemporary solutions used in centralised systems, beyond the peer-to-peer architecture, the blockchain also incorporated consensus algorithms, allowing peers to verify one another to achieve consensus regarding the validity of each block. This resulted in a "trustless system" considering no single party in the community is dependent on the credibility of a central authority. In order for the blockchain technology to be applicable on the market it must overcome obstacles such as privacy and the new EU data protection regulation “General protection data regulation”. However a vague definition of personal data have caused ambiguity which appears to be irreconcilable with the blockchain technology. Research have therefore shifted its focus to explore opportunities for the technology to collaborate with techniques from centralisation in order to overcome its obstacles. / Datorteknologins hastiga expansion har bidragit till att mängder av olika yrkessektorer tvingats integrera teknologin i sin dagliga verksamhet för att bidra med vissa uppgifter. Då teknologin i stor utsträckning har varit till nytta har många yrkesgrupper välkomnat den, dock har teknikens utvecklingshastighet visats vara mycket hög vilket medfört viss problematik. Försäkringsbranschen har visats ha problem med att hantera vidareutvecklingen av sina gamla monolitiska “legacy” system då de är både utdaterade och konstruerade på ett ostrukturerat sätt. Dessa gamla system är kostsamma, svårhanterliga och baseras ofta på en systemarkitektur centrerad kring “tredje parter” detta medför problem som dataläckor och monopolisation. Blockkedjan är ett distribuerat journalsystem som struktureras med ett peer-to-peer nät som bas. Detta görs med förhoppningen att kunna frigöra existerande system från centrala autentiseringsparter. Dessutom har blockkedjan introducerat en ny sorts transparens som skiljer sig från de nuvarande centrala systemen. Blockkedjan inkluderar också consensus algoritmer som medför att alla deltagare kan verifiera varrandra och därmed nå ett uniformt beslut om blocks validitet. Dessa egenskaper resulterar i ett system som inte är beroende av att dess användare behöver lita på en centraliserad tredje part. För att blockkedjan ska vara användbar och framgångsrik på en öppen marknad finns vissa funktionskrav som måste uppfyllas. Ett av de främsta av dessa är EU förordningen “General protection data regulation”. Problem har uppstått då “General protection data regulation” innefattar vaga definitioner av “personlig data”, dessutom är de existerande tolkningar av konceptet svår applicerade för blockkedje tekniker. Detta har bidragit till att utvecklingen av rena blockkedje lösningar har stagnerat och utvecklingen dirigerats om till forskning inom hybrid teknologier som inkluderar tekniker från centraliserade system. Blockchain Immutable data GDPR Insurance Bitcoin Ethereum Blockkedja Oföränderlig data GDPR Försäkring Bitcoin Ethereum Information Systems
6	Development of an API for creating and editing openEHR archetypes Klasson, Filip, Väyrynen, Patrik January 2009 (has links) <p>Archetypes are used to standardize a way of creating, presenting and distributing health care data. In this master thesis project the open specifications of openEHR was followed. The objective of this master thesis project has been to develop a Java based API for creating and editing openEHR archetypes. The API is a programming toolbox that can be used when developing archetype editors. Another purpose has been to implement validation functionality for archetypes. An important aspect is that the functionality of the API is well documented, this is important to ease the understanding of the system for future developers. The result was a Java based API that is a platform for future archetype editors. The API-kernel has optional immutability so developed archetypes can be locked for modification by making them immutable. The API is compatible with the openEHR specifications 1.0.1, it can load and save archetypes in ADL (Archetype Definition Language) format. There is also a validation feature that verifies that the archetype follows the right structure with respect to predefined reference models. This master thesis report also presents a basic GUI proposal.</p> openEHR archetype archetypes API validation immutability mutability mutable immutable ADL AOM LinkEHR AM IM RM dADL cADL Information technology Informationsteknik Bioinformatics Bioinformatik Computer engineering Datorteknik Software engineering Programvaruteknik
7	Development of an API for creating and editing openEHR archetypes Klasson, Filip, Väyrynen, Patrik January 2009 (has links) Archetypes are used to standardize a way of creating, presenting and distributing health care data. In this master thesis project the open specifications of openEHR was followed. The objective of this master thesis project has been to develop a Java based API for creating and editing openEHR archetypes. The API is a programming toolbox that can be used when developing archetype editors. Another purpose has been to implement validation functionality for archetypes. An important aspect is that the functionality of the API is well documented, this is important to ease the understanding of the system for future developers. The result was a Java based API that is a platform for future archetype editors. The API-kernel has optional immutability so developed archetypes can be locked for modification by making them immutable. The API is compatible with the openEHR specifications 1.0.1, it can load and save archetypes in ADL (Archetype Definition Language) format. There is also a validation feature that verifies that the archetype follows the right structure with respect to predefined reference models. This master thesis report also presents a basic GUI proposal. openEHR archetype archetypes API validation immutability mutability mutable immutable ADL AOM LinkEHR AM IM RM dADL cADL Computer and Information Sciences Data- och informationsvetenskap Bioinformatics and Systems Biology Bioinformatik och systembiologi Computer Engineering Datorteknik Software Engineering Programvaruteknik

1

Page generated in 0.037 seconds