Search results for: Karin Bernsmed
chapter
In order to be responsible stewards of other people’s data, cloud providers must be accountable for their data handling practices. The potential long provider chains in cloud computing introduces additional accountability challenges, and this paper examines requirements which must be fulfilled to achieve an accountability-based approach.
chapter
Aircraft equipped with satellite communication (SATCOM) systems will enable advanced Air Traffic Management (ATM) operations over datalink on a global basis. A key concept of future ATM is 4D trajectory management, which aims to ensure an optimal path and designated arrival time for the flight by integrating time as a fourth dimension into the aircraft trajectory. However, the increase reliance on...
chapter
Networked medical devices and health information services are becoming increasingly widespread. The requirements for assuring the system's suitability, safety and security are discussed and an example is presented for a networked medical sensor application and the assurance aspects it illustrates. In a workshop that was based on the example, key issues such as distribution of responsibilities, multiple...
chapter
Cloud computing has received a great deal of attention during the past few years. However, processing data remotely in unknown systems creates a number of challenges related to data privacy and security, which may hinder the adoption of cloud technology in, for example, the health care domain. This paper presents results from the ongoing EU FP7 research project, which aims to provide mechanism and...
chapter
Cloud computing has been receiving a great deal of attention during the past few years. A major feature of public cloud services is that data are processed remotely in unknown systems that the users do not own or operate. This context creates a number of challenges related to data privacy and security and may hinder the adoption of cloud technology in, for example, the healthcare domain. This paper...
chapter
The right to data protection is a highly developed area of law in Europe. At the same time cloud technology has become a routine part of the European citizens' digital life. One relevant development is medical sensor networks, which are seeing increased use for monitoring health and well-being for e.g. of elderly people living at home. The large amount of data generated by such sensors indicates that...
chapter
This paper presents a case study on current practice of information security incident management in three large organizations. Qualitative interviews, document studies, and a survey have been performed. Our analysis shows that the organizations have plans and procedures in place, however, not all of these are well established throughout the organizations. Some challenges were prominent in all three...
chapter
This paper presents an ontology for Cloud security obligations, which is based on a number of industry accepted standards and guidelines. The ontology terms and relationships have been defined in the W3C ontology language OWL and includes a number of technical security controls that can be implemented by public Cloud providers. This paper outlines the ontology and demonstrates how it can be used in...
chapter
This paper presents a method for evaluating an organization's ability to manage security incidents. The method is based on resilient thinking, and describes how to identify, select and implement early-warning indicators for information security incident management.
chapter
Cloud federation brings together different service providers and their offered services, so that many Cloud variants can be tailored to match different sets of customer requirements. To mitigate security risks and convince hesitant customers, security must be an integrated part of the federated Cloud concept. This paper surveys the state of the art in Cloud computing security, identifies unsolved...
chapter
This paper presents Privacy Advisor; a software which uses machine-learning techniques to help the users make online privacy decisions. Privacy Advisor is based on Case Based Reasoning (CBR), which relies on the ability to identify similar situations from the past and use these to provide recommendations in new situations. This paper focuses on the algorithms necessary to calculate the similarity...
chapter
The federated Cloud paradigm aims to provide flexible and reliable services composed of a mixture of internal and external mini-clouds, but this heterogeneous nature is also fuelling the security concerns of the customers. To allay the fears and deal with the threats associated with outsourcing data and applications to the Cloud, new methods for security assurance are urgently needed. This paper presents...
chapter
This paper suggests a machine learning approach to preference generation in the context of privacy agents. With this solution, users are relieved from the complex task of specifying their preferences beforehand, disconnected from actual situations. Instead, historical privacy decisions are used as a basis for providing privacy recommendations to users in new situations. The solution also takes into...
chapter
With the increasing use of online services that require sharing of information there is a need for Privacy Enhancing Technology tailored for personal information control. Commonly, web privacy is handled through matching of privacy policies and user preferences using software agents on the client side. In this paper, we propose a new approach to privacy policy matching we denote server-side matching...
