Your search keyword '"Information flow"' showing total 19 results

1. Information sharing for cost-effective risk mitigation in supply chains: A methodological framework

Author

Vedant, Shivam, Kakodkar, Rahul, Chrisandina, Natasha J., Nkoutche, Catherine, Iakovou, Eleftherios, El-Halwagi, Mahmoud M., and Pistikopoulos, Efstratios N.

Published

2024

2. Context, Causality, and Information Flow: Implications for Privacy Engineering, Security, and Data Economics

Author

Benthall, Sebastian

Subjects

security, privacy engineering, data economics, contextual integrity, information flow

Abstract

The creators of technical infrastructure are under social and legal pressure to comply with expectations that can be difficult to translate into computational and business logics. This dissertation bridges this gap through three projects that focus on privacy engineering, information security, and data economics, respectively. These projects culminate in a new formal method for evaluating the strategic and tactical value of data: data games. This method relies on a core theoretical contribution building on the work of Shannon, Dretske, Pearl, Koller, and Nissenbaum: a definition of situated information flow as causal flow in the context of other causal relations and strategic choices. The first project studies privacy engineering's use of Contextual Integrity theory (CI), which defines privacy as appropriate information flow according to norms specific to social contexts or spheres. Computer scientists using CI have innovated as they have implemented the theory and blended it with other traditions, such as context-aware computing. This survey examines computer science literature using Contextual Integrity and discovers, among other results, that technical and social platforms that span social contexts challenge CI's current commitment to normative social spheres. Sociotechnical situations can and do defy social expectations with cross-context clashes, and privacy engineering needs its normative theories to acknowledge and address this fact.  This concern inspires the second project, which addresses the problem of building computational systems that comply with data flow and security restrictions such as those required by law. Many privacy and data protection policies stipulate restrictions on the flow of information based on that information's original source. We formalize this concept of privacy as Origin Privacy. This formalization shows how information flow security can be represented using causal modeling. Causal modeling of information security leads to general theorems about the limits of privacy by design as well as a shared language for representing specific privacy concepts such as noninterference, differential privacy, and authorized disclosure. The third project uses the causal modeling of information flow to address gaps in current theory of data economics. Like CI, privacy economics has focused on individual economic contexts and so has been unable to comprehend an information economy that relies on the flow of information across contexts. Data games, an adaptation of Multi-Agent Influence Diagrams for mechanism design, are used to model the well known economic contexts of principal-agent contracts and price differentiation as well as new contexts such as personalized expert services and data reuse. This work reveals that information flows are not goods but rather strategic resources, and that trade in information therefore involves market externalities.

Published

2018

3. Umsetzung des datenschutzrechtlichen Auskunftsanspruchs auf Grundlage von Usage-Control und Data-Provenance-Technologien

Author

Bier, Philipp Christoph Sebastian

Subjects

Datenschutz, Auskunft, Provenance, Nutzungskontrolle, Unverkettbarkeit, Privacy, Information Flow, Usage Control, Unlinkability, bic Book Industry Communication::U Computing & information technology::UY Computer science::UYA Mathematical theory of computation::UYAM Maths for computer scientists

Abstract

The ever-growing levels of complexity of modern information systems complicate the traceability of processed and stored personal data. The individual citizen is at the mercy of the systems. Data protection law tries to counteract this. The right to information is one instrument of data protection to establish transparency. This work critically evaluates the right to information and creates comprehensive technical preconditions for its exercise.

Published

2021

4. Modelling Information Flow for Collaboration.

Author

Durugbo, Christopher, Tiwari, Ashutosh, and Alcock, Jeffrey R.

Abstract

This paper describes a case study involving the use of a proposed model of information flow, based on complex network theory, to study delivery information flow within a microsystem technology (MST) company. The structure of the company is captured through decision making, teamwork, and coordination networks. These networks were then aggregated and analysed from a sociological and an organisational perspective through measures that reflect connections, interconnectedness, and activity of individuals. [ABSTRACT FROM AUTHOR]

Published

2011

5. Match It or Die: Proving Integrity by Equality.

Author

Centenaro, Matteo and Focardi, Riccardo

Abstract

Cryptographic hash functions are commonly used as modification detection codes. The goal is to provide message integrity assurance by comparing the digest of the original message with the hash of what is thought to be the intended message. This paper generalizes this idea by applying it to general expressions instead of just digests: success of an equality test between a tainted data and a trusted one can be seen as a proof of high-integrity for the first item. Secure usage of hash functions is also studied with respect to the confidentiality of digests by extending secret-sensitive noninterference of Demange and Sands. [ABSTRACT FROM AUTHOR]

Published

2011

6. Benefits of RFID for the Production of hybrid Micro Systems in flexible Production Networks of SMEs.

Author

Jänen, Verena, Tummel, Christian, and Henning, Klaus

Abstract

Today, the information flow within flexible production networks of small and medium enterprises for the production of hybrid micro systems is characterized by a lack of coordination and concepts as well a high portion of manual procedures. A new concept for an information system uses RFID-tags as data carriers, fixed at the load carriers, as a performance driver for these kinds of networks. As a basis for the development of a suitable information system we will present an appropriate data storage concept and an adapted modeling concept that is adjusted to the coupling of the entire information and the material flow. [ABSTRACT FROM AUTHOR]

Published

2011

7. The Research of the Command and Control Model for the Naval Battle Groups with Multi-agent Theory.

Author

Tong, Ji-Jin, Liu, Zhong, Duan, Li, and Xu, Li-Mei

Abstract

How to effectively disseminate the information flow and command instruction among the platforms of naval battle groups (BG) is one of the key-problems for the cooperative engagement. In order to evaluate and analyze the command and control model quantitatively, a multi-agent model about command and control system is proposed firstly. Then the typical constitution of the BG and topology of the BG organization are presented. Finally, a simulation example is given, which analyze the method of how to distribute the information flow and command instruction in detail. The simulation results show that the method is reasonable and effective. This paper has some reference value to the assessment and evaluate of the command and control model for the naval battle groups. [ABSTRACT FROM AUTHOR]

Published

2011

8. On Modelling User Observations in the UTP.

Author

Banks, Michael J. and Jacob, Jeremy L.

Abstract

This paper presents an approach for modelling interactions between users and systems in the Unifying Theories of Programming. Working in the predicate calculus, we outline generic techniques for calculating a user΄s observations of a system and, in turn, for identifying the information that a user can deduce about the system΄s behaviour from those observations. To demonstrate how this approach can be applied in practical software development, we propose some alternative refinement relations that offer greater flexibility than classical refinement by utilising knowledge of the observational abilities of users. [ABSTRACT FROM AUTHOR]

Published

2010

9. Unifying Theories of Confidentiality.

Author

Banks, Michael J. and Jacob, Jeremy L.

Abstract

This paper presents a framework for reasoning about the security of confidential data within software systems. A novelty is that we use Hoare and He΄s Unifying Theories of Programming (UTP) to do so and derive advantage from this choice. We identify how information flow between users can be modelled in the UTP and devise conditions for verifying that system designs may not leak secret information to untrusted users. We also investigate how these conditions can be combined with existing notions of refinement to produce refinement relations suitable for deriving secure implementations of systems. [ABSTRACT FROM AUTHOR]

Published

2010

10. Survey of Media Forms and Information Flow Models in Microsystems Companies.

Author

Durugbo, Christopher, Tiwari, Ashutosh, and Alcock, Jeffery R.

Abstract

The paper presents the findings of a survey of 40 microsystems companies that was carried out to determine the use and the purpose of use of media forms and information flow models within these companies. These companies as ΄product-service systems΄ delivered integrated products and services to realise customer solutions. Data collection was carried out by means of an online survey over 3 months. The survey revealed that 42.5% of respondents made use of data flow diagrams and 10% made use of design structure matrices. The survey also suggests that a majority of companies (75%) made use of textual and diagrammatic media forms for communication, analysis, documentation and representation during design and development processes. The paper also discusses the implications of the survey findings to product-service systems. [ABSTRACT FROM AUTHOR]

Published

2010

11. Revisiting Volume vs. GARCH Effects Using Univariate and Bivariate GARCH Models: Evidence from U.S. Stock Markets.

Author

Qiao, Zhuo and Wong, Wing-Keung

Abstract

This paper tests for the generalized autoregressive conditional heteroscedasticity (GARCH) effect on U.S. stock markets for different periods and reexamines the findings in Lamoureux and Lastrapes (Journal of Finance 45(1):221–229, 1990) by using alternative proxies for information flow, which are included in the conditional variance equation of a GARCH model. We also examine the spillover effects of volume and turnover on the conditional volatility using a bivariate GARCH approach. Our findings show that volume and turnover have effects on conditional volatility and that the introduction of volume/turnover as exogenous variable(s) in the conditional variance equation reduces the persistence of GARCH effects as measured by the sum of the GARCH parameters. Our results confirm the existence of the volume effect on volatility, consistent with the findings by Lamoureux and Lastrapes (Journal of Finance 45(1):221–229, 1990) and others, suggesting that the earlier findings were not a statistical fluke. Our findings also suggest that, unlike other anomalies, the volume effect on volatility is not likely to be eliminated after discovery. In addition, our study rejects the pure random walk hypothesis for stock returns. Our bivariate analysis also indicates that there are no volume or turnover spillover effects on conditional volatility among the companies, suggesting that the volatility of a company΄s stock return may not necessarily be influenced by the volume and turnover of other companies. [ABSTRACT FROM AUTHOR]

Published

2010

12. The Institutional Approach.

Author

Kent, Robert E.

Abstract

This chapter discusses the institutional approach for organizing and maintaining ontologies. The theory of institutions was named and initially developed by Joseph Goguen and Rod Burstall. This theory, a metatheory based on category theory, regards ontologies as logical theories or local logics. The theory of institutions uses the category-theoretic ideas of fibrations and indexed categories to develop logical theories. Institutions unite the lattice approach of Formal Concept Analysis of Ganter and Wille with the distributed logic of Information Flow of Barwise and Seligman. The institutional approach incorporates locally the lattice of theories idea of Sowa from the theory of knowledge representation. The Information Flow Framework, which was initiated within the IEEE Standard Upper Ontology project, uses the institutional approach in its applied aspect for the comparison, semantic integration and maintenance of ontologies. This chapter explains the central ideas of the institutional approach to ontologies in a careful and detailed manner. [ABSTRACT FROM AUTHOR]

Published

2010

13. Using Emergent Information Flow Patterns of Organization Ecosystem for Information System Management.

Author

Sousa, José

Abstract

Ecosystems are complex associations of entities integrated in an abiotic environment. In this environment emergence arises from intra and inters specific relationships between entities, with interaction along the levels and interactions with an abiotic environment, throughout space and time. Ecosystem and complexity theory is used to support a meta-model that relies on the patterns emergence based approach. The purpose of this paper is presenting pattern΄s emergence approach as a way for designing a meta-model that makes possible dynamical adjust between information systems architectures and organization needs. From this approach, a key ecosystem characteristics, adaptation, emerges as the key factor for dynamical development of information system architecture. [ABSTRACT FROM AUTHOR]

Published

2010

14. DeCore: Detecting Content Repurposing Attacks on Clients΄ Systems.

Author

Sundareswaran, Smitha and Squicciarini, Anna C.

Abstract

Web 2.0 platforms are ubiquitously used to share content and personal information, which makes them an inviting and vulnerable target of hackers and phishers alike. In this paper, we discuss an emerging class of attacks, namely content repurposing attacks, which specifically targets sites that host user uploaded content on Web 2.0 sites. This latent threat is poorly addressed, if at all, by current protection systems, both at the remote sites and at the client ends. We design and develop an approach that protects from content repurposing attacks at the client end. As we show through a detailed evaluation, our solution promptly detects and stops various types of attacks and adds no overhead to the user΄s local machine or browser where it resides. Further, our approach is light-weight and does not invasively monitor all the user interactions with the browser, providing an effective protection against these new and powerful attacks. [ABSTRACT FROM AUTHOR]

Published

2010

15. System Consequence.

Author

Kent, Robert E.

Abstract

This paper discusses system consequence, a central idea in the project to lift the theory of information flow to the abstract level of universal logic and the theory of institutions. The theory of information flow is a theory of distributed logic. The theory of institutions is abstract model theory. A system is a collection of interconnected parts, where the whole may have properties that cannot be known from an analysis of the constituent parts in isolation. In an information system, the parts represent information resources and the interconnections represent constraints between the parts. System consequence, which is the extension of the consequence operator from theories to systems, models the available regularities represented by an information system as a whole. System consequence (without part-to-part constraints) is defined for a specific logical system (institution) in the theory of information flow. This paper generalizes the idea of system consequence to arbitrary logical systems. [ABSTRACT FROM AUTHOR]

Published

2009

16. Remote Attestation of Attribute Updates and Information Flows in a UCON System.

Author

Nauman, Mohammad, Alam, Masoom, Zhang, Xinwen, and Ali, Tamleek

Abstract

UCON is a highly flexible and expressive usage control model which allows an object owner to specify detailed usage control policies to be evaluated on a remote platform. Assurance of correct enforcement is mandatory for the establishment of trust on the remote platform claiming to implement UCON. Without such an assurance, there is no way of knowing whether the policies attached to the objects will be enforced as expected. Remote attestation, an important component of Trusted Computing, is highly suitable for establishing such an assurance. Existing approaches towards remote attestation work at a very coarse-grained level and mostly only measure binary hashes of the applications on the remote platform. Solutions at this level of abstraction cannot provide assurance to a challenger regarding behavior of a remote platform concerning enforcement of the owner΄s policies. In this paper, we provide a new remote attestation technique which allows a challenger to verify two important behaviors of a UCON system enforcing its policies. These two behaviors are the attribute update behavior and information flow behavior. Measuring, storing and reporting these behaviors in a trusted manner is described in detail and a mechanism for the verification of these behaviors against the original UCON policies is provided. The end result is a flexible and scalable technique for establishing trust on attribute updates and information flow behaviors of a remote UCON system. [ABSTRACT FROM AUTHOR]

Published

2009

17. Information Flow in Coupled Nonlinear Systems: Application to the Epileptic Human Brain.

Author

Sabesan, S., Narayanan, K., Prasad, A., Iasemidis, L. D., Spanias, A., and Tsakalis, K.

Abstract

A recently proposed measure, namely Transfer Entropy (TE), is used to estimate the direction of information flow between coupled linear and nonlinear systems. In this study, we suggest improvements in the selection of parameters for the estimation of TE that significantly enhance its accuracy and robustness in identifying the direction of information flow and quantifying the level of interaction between observed data series from coupled systems. We demonstrate the potential usefulness of the improved method through simulation examples with coupled nonlinear chaotic systems. The statistical significance of the results is shown through the use of surrogate data. The improved TE method is then used for the study of information flow in the epileptic human brain. We illustrate the application of TE to electroencephalographic (EEG) signals for the study of localization of the epileptogenic focus and the dynamics of its interaction with other brain sites in two patients with Temporal Lobe Epilepsy (TLE). [ABSTRACT FROM AUTHOR]

Published

2007

18. A Practical Alternative to Domain and Type Enforcement Integrity Formal Models.

Author

Tang, Liuying and Qing, Sihan

Abstract

Much secure system policy development uses the DTE (Domain and Type Enforcement) model, but the DTE model cannot explicitly provide the security goals of the policy. The invariants of the only based-DTE integrity protection formal model are too complex and make the model impractical. A DTE-Biba integrity formal model is proposed, in which DTE is the underlying component and the Biba integrity is the security goal. The DTE-Biba formal model describes direct Biba control relationships, and ignores the integrity level of objects. The aim is to provide the foundation for supporting effective policy configuration, policy integrity analysis and integrity verification of the DTE secure systems. [ABSTRACT FROM AUTHOR]

Published

2006

19. The Global Flow of Information: Legal, Social, and Cultural Perspectives

Author

Subramanian, Ramesh, editor and Katz, Eddan, editor

Published

2011