Your search keyword '"access-control"' showing total 5 results

1. Health information systems (HIS) privacy restrictions for GDPR: Assessing initial impacts perceived by patients and healthcare professionals

Author

Marcelo Carvalho, Paulo Bandiera-Paiva, José Machado, Eduardo P. Marques, and Universidade do Minho

Subjects

020205 medical informatics, Health professionals, Information security, RBAC, Leadership and Management, business.industry, Internet privacy, Access-Control, Health Informatics, 02 engineering and technology, Health informatics, Computer Science Applications, Consent, 03 medical and health sciences, Medical Laboratory Technology, 0302 clinical medicine, Health Information Management, Privacy, 0202 electrical engineering, electronic engineering, information engineering, Information systems, 030212 general & internal medicine, Business, GDPR

Abstract

The personal health information (PHI) that a health information system (HIS) stores and processes requires special caution to ensure authorized manipulation by system users. A diverse set of best practices, standards, and regulations are in place nowadays to achieve that purpose. To the access control element in a HIS, general data protection regulation (GDPR) will require explicit authorization and informed consent prior to this manipulation of patient information by healthcare practitioners in a system. The adaptations to cope this type of previous authorization on HIS requires not only a clear understanding of technicalities and modification to the underlying computational infrastructure but also the impact on players that interact with this type of system during healthcare service provision, namely patients and healthcare professionals. This article is an effort to understand this effect by means of collecting opinion from both players in a multicentric survey that presents different questions establishing scenarios that reflect this new control and its consequences., (undefined)

Published

2021

2. Privacy Models in Wireless Sensor Networks: A Survey

Author

J. M. de Fuentes, Lorena González-Manzano, and Omid Mirzaei

Subjects

Source-location privacy, Engineering, Privacy by Design, 02 engineering and technology, Computer security, computer.software_genre, Scheme, Research community, lcsh:Technology (General), Protocol, 0202 electrical engineering, electronic engineering, information engineering, Suitability analysis, Preserving data aggregation, Electrical and Electronic Engineering, Set (psychology), Instrumentation, Access-control, Informática, business.industry, Query, Comparability, Privacy protection, 020206 networking & telecommunications, Work (electrical), Control and Systems Engineering, lcsh:T1-995, 020201 artificial intelligence & image processing, business, Wireless sensor network, computer

Abstract

Wireless Sensor Networks (WSNs) are attracting attention from the research community. One of the key issues is to provide them with privacy protection. In recent years, a huge amount of contributions has been focused on this area. Surveys and literature reviews have also been produced to give a systematic view of the different approaches taken. However, no previous work has focused on privacy models, that is, the set of assumptions made to build the approach. In particular, this paper focuses on this matter by studying 41 papers of the last 5 years. We highlight the great differences appearing among related papers that could make them incompatible to be applied simultaneously. We propose a set of guidelines to build comprehensive privacy models so as to foster their comparability and suitability analysis for different scenarios. This work was supported by the MINECO Grant TIN2013-46469-R (Security and Privacy in the Internet of You (SPINY)) and the CAM Grant S2013/ICE-3095 (Cybersecurity,Data, and Risks (CIBERDINE)), which is cofunded by EuropeanFunds (FEDER). Furthermore, J.M. de Fuentes and L. González-Manzano were also partially supported by the Programa de Ayudas a la Movilidad of Carlos III University of Madrid.

Published

2016

3. BOUNCER: Privacy-aware Query Processing Over Federations of RDF Datasets

Author

Zuhair Almhithawi, Sören Auer, Maria-Esther Vidal, Kemele M. Endris, and Ioanna Lytra

Subjects

Information retrieval, business.industry, Process (engineering), Computer science, Data management, Federated Engine, Access control, 02 engineering and technology, Linked data, computer.file_format, Query plan, Dewey Decimal Classification::000 | Allgemeines, Wissenschaft::000 | Informatik, Wissen, Systeme::004 | Informatik, 020204 information systems, Linked Data, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Privacy law, RDF, ddc:004, business, Semantic Web, computer, Access-control

Abstract

Data provides the basis for emerging scientific and interdisciplinary data-centric applications with the potential of improving the quality of life for the citizens. However, effective data-centric applications demand data management techniques able to process a large volume of data which may include sensitive data, e.g., financial transactions, medical procedures, or personal data. Managing sensitive data requires the enforcement of privacy and access control regulations, particularly, during the execution of queries against datasets that include sensitive and non-sensitive data. In this paper, we tackle the problem of enforcing privacy regulations during query processing, and propose BOUNCER, a privacy-aware query engine over federations of RDF datasets. BOUNCER allows for the description of RDF datasets in terms of RDF molecule templates, i.e., abstract descriptions of the properties of the entities in an RDF dataset and their privacy regulations. Furthermore, BOUNCER implements query decomposition and optimization techniques able to identify query plans over RDF datasets that not only contain the relevant entities to answer a query, but that are also regulated by policies that allow for accessing these relevant entities. We empirically evaluate the effectiveness of the BOUNCER privacy-aware techniques over state-of-the-art benchmarks of RDF datasets. The observed results suggest that BOUNCER can effectively enforce access control regulations at different granularity without impacting the performance of query processing.

Published

2018

4. ase-PoW: a proof of ownership mechanism for cloud deduplication in hierarchical environments

Author

Lorena González-Manzano, Kim-Kwang Raymond Choo, and José María de Fuentes

Subjects

Informática, business.industry, Computer science, 020206 networking & telecommunications, Access control, Cloud computing, Hardware_PERFORMANCEANDRELIABILITY, 02 engineering and technology, Privilege (computing), Computer security, computer.software_genre, Proof of ownership, Symmetric Encryption, Upload, Symmetric-key algorithm, Server, 0202 electrical engineering, electronic engineering, information engineering, Data deduplication, 020201 artificial intelligence & image processing, business, computer, Cloud storage, Deduplication technique, Access-control, Computer network

Abstract

Proof-of-Ownership (PoW) can be an efective deduplication technique to reduce storage requirements, by providing cloud storage servers the capability to guarantee that clients only upload and download files that they are in possession of. In this paper, we propose an attribute symmetric encryption PoW scheme (ase-PoW) for hierarchical environments such as corporations, in which (1) the external cloud service provider is honest-but-curious and (2) there is a exible access control in place to ensure only users with the right privilege can access sensitive files. This is, to the best of our knowledge, the first such scheme and it is built upon the ce-PoW scheme of Gonzalez-Manzano and Orfila (2015). Ase-PoW outperforms ce-PoW in that it does not suffer from content-guessing attacks, it reduces client storage needs and computational workload. This work was partially supported by the MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You) and the CAM grant S2013/ICE-3095 CIBERDINE-CM (CIBERDINE: Cybersecurity, Data, and Risks) funded by Madrid Autonomous Community and co-funded by European funds. L. Gonzalez and J. M. de Fuentes were also supported by the Programa de Ayudas para la Movilidad of Carlos III University of Madrid, Spain.

Published

2016

5. Model-based Analysis of Java EE Web Security Configurations

Author

Salvador Martínez, Valerio Cosentino, Jordi Cabot, IMT Atlantique (IMT Atlantique), Institut Mines-Télécom [Paris] (IMT), Laboratoire d'Informatique de Nantes Atlantique (LINA), Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS), Modeling Technologies for Software Production, Operation, and Evolution (ATLANMOD), Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS)-Département informatique - EMN, Mines Nantes (Mines Nantes)-Inria Rennes – Bretagne Atlantique, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), IMT Atlantique Bretagne-Pays de la Loire (IMT Atlantique), Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN), and Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Département informatique - EMN

Subjects

Cloud computing security, Computer science, business.industry, 020207 software engineering, 02 engineering and technology, Reverse-engineering, [INFO.INFO-SE]Computer Science [cs]/Software Engineering [cs.SE], Computer security model, Computer security, computer.software_genre, Web application security, Security testing, Security information and event management, Security service, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Security through obscurity, Security, Network security policy, business, computer, Access-control

Abstract

International audience; The widespread use of Java EE web applications as a means to provide distributed services to remote clients imposes strong security requirements, so that the resources managed by these applications remain protected from unauthorized disclosures and manipulations. For this purpose, the Java EE framework provides developers with mechanisms to define access-control policies. Unfortunately , the variety and complexity of the provided security configuration mechanisms cause the definition and manipulation of a security policy to be complex and error prone. As security requirements are not static, and thus, implemented policies must be changed and reviewed often, discovering and representing the policy at an appropriate abstraction level to enable their understanding and reenginering appears as a critical requirement. To tackle this problem, this paper presents a (model-based) approach aimed to help security experts to visualize, (automatically) analyse and manipulate web security policies.

Published

2016