Serwis Infona wykorzystuje pliki cookies (ciasteczka). Są to wartości tekstowe, zapamiętywane przez przeglądarkę na urządzeniu użytkownika. Nasz serwis ma dostęp do tych wartości oraz wykorzystuje je do zapamiętania danych dotyczących użytkownika, takich jak np. ustawienia (typu widok ekranu, wybór języka interfejsu), zapamiętanie zalogowania. Korzystanie z serwisu Infona oznacza zgodę na zapis informacji i ich wykorzystanie dla celów korzytania z serwisu. Więcej informacji można znaleźć w Polityce prywatności oraz Regulaminie serwisu. Zamknięcie tego okienka potwierdza zapoznanie się z informacją o plikach cookies, akceptację polityki prywatności i regulaminu oraz sposobu wykorzystywania plików cookies w serwisie. Możesz zmienić ustawienia obsługi cookies w swojej przeglądarce.
Information technology is increasingly being used in healthcare paramedic sector with the goal to improve management of resources and enhance medical services to save lives. In this paper, we introduce EMTriage, a distributed Android application with the ability to access patients EHR's, and depending on the data and inputs, assess and distribute an acuity level to patients in need of resources. We...
Network attack graphs are a type of analysis tool that can be used to determine the impact that security vulnerabilities have on the network. It is important, then, for attack graphs to be able to represent enough information to aid this analysis. Moreover, they must be able to handle and integrate new vulnerabilities that are being discovered by the security community. We developed a prototype tool...
The number of software vulnerabilities discovered and publicly disclosed is increasing every year; however, only a small fraction of them is exploited in real-world attacks. With limitations on time and skilled resources, organizations often look at ways to identify threatened vulnerabilities for patch prioritization. In this paper, we present an exploit prediction model that predicts whether a vulnerability...
In this paper, we present a novel model and visualization approach for heterogeneous sources of data. We represent our data by using a model inspired by STIX. Then, we use clustering algorithms to select interesting information to explore in a visualization panel. The visualization is based on a 3D graph representation that highlights the link between malicious event and allows to focus on relevant...
With he rapid development of the mobile Internet industry, information security based on trusted computing is also becoming increasingly serious. Considering that most of the existing research is based on the static security measure, and based on the server and PC side, a security operation environment measurement framework based on mobile terminal is proposed in this paper to alleviate the information...
We show that it is possible to achieve information theoretic location privacy for secondary users (SUs) in database-driven cognitive radio networks (CRNs) with an end-to-end delay less than a second, which is significantly better than that of the existing alternatives offering only a computational privacy. This is achieved based on a keen observation that, by the requirement of Federal Communications...
eHealth is a technology that is growing in importance over time, varying from remote access to Medical Records, such as Electronic Health Records (EHR), or Electronic Medical Records (EMR), to real-time data exchange from different on-body sensors coming from different patients. With this huge amount of critical data being exchanged, problems and challenges arise. Privacy and confidentiality of this...
We study the secure storage of the output of a data source on a public database. We consider a rather large class of data sources. In order to prevent unauthorized users from learning the output of the data source we make use of the output of a biometric source or a physical unclonable function (PUF). As we regard the output of the PUF source as a resource, we are interested in the smallest possible...
The database-driven CRN has emerged as a promising solution for the spectrum scarcity issue. However, it also raises severe privacy concerns. Although there are some existing works on this topic, they are far from practical due to their restrict on particular database structures or extremely heavy computation and communication overhead. To address these issues, in this paper we develop two practical...
This experience report analyses security problems of modern computer systems caused by vulnerabilities in their operating systems. An aggregated vulnerability database has been developed by joining vulnerability records from two publicly available vulnerability databases: the Common Vulnerabilities and Exposures system (CVE) and the National Vulnerabilities database (NVD). The aggregated data allow...
Security is a major challenge in Cloud Computing. Attacks exploiting resource virtualization vulnerabilities such as cross-VM side-channel, VM escape, and VM hopping constitute significant threats. Hosted VMs may act as a potential attack-source against neighboring VMs or cloud infrastructure. Inspired by the sea-chameleons camouflaging process to evade predators, in this paper we propose an Online...
Biometric R&D has to deal with personal data. From the Universal Declaration of Human Rights, privacy of a human being shall be protected, and this is addressed in different forms in each region of the world. In the case of the European Union, Data Protection Directives, Laws and Regulation have been established, and interpreted in different ways by each European Member State. Such a diversity...
Web applications can leak confidential user information due to the presence of unintended side-channel vulnerabilities in code. One particularly subtle class of side-channel vulnerabilities arises due to resource usage imbalances along different execution paths of a program. Such side-channel vulnerabilities are especially severe if the resource usage imbalance is asymptotic. This paper formalizes...
The iKaaS platform has been developed as a Horizon 2020 project to construct a multi-cloud environment in order to share data and knowledge. In this paper, we add a framework for knowledge sharing/reuse in the iKaaS platform. Furthermore, we design a revenue-sharing mechanism for knowledge sharing, which uses a blockchain for registration and use of data processing services.
A novel secure architecture for sensor networks that make use of the LoRaWAN (Long-Range Wide Area Network) protocol specification is proposed in this paper. The paper analyses potential security threats and provides the protection mechanisms and security recommendations to enable protected data transmission and to prevent unauthorized access and data loss in LoRaWAN sensor networks.
Abstract-Cyber-bullying has recently been reported as one that causes tremendous damage to society and economy. Advances in technology related to web-document annotation and the multiplicity of the online communities renders the detection and monitoring of such cases rather difficult and very challenging. This paper describes an online system for automatic detection and monitoring of Cyber-bullying...
The software supply chain is a source of cybersecurity risk for many commercial and government organizations. Public data may be used to inform automated tools for detecting software supply chain risk during continuous integration and deployment. We link data from the National Vulnerability Database (NVD) with open version control data for the open source project OpenSSL, a widely used secure networking...
Designing usable and secure software is hard without tool-support. Given the importance of requirements, CAIRIS was designed to illustrate the form tool-support for specifying usable and secure systems might take. While CAIRIS supports a broad range of security and usability engineering activities, its architecture needs to evolve to meet the workflows of these stakeholders. To this end, this paper...
Security Risk Assessments (SRA) play a key role in the Security Development Lifecycle (SDL). At an early stage of the project, the SRA helps allocate security resources and identifies SDL requirements and activities. In this paper, we present key findings from a machine learning approach toward the SRA that seeks to learn from a database of previous product security risk assessments and associated...
Nowadays, providing a security system for houses has become a vital research in which the latest technologies are being adopted to serve this purpose. Wireless network is one of the technologies that have been used to provide remote monitor and control for the home appliances. This paper aims to propose a security door lock system based on Raspberry pi technology where cameras, keypad and pi-lids...
Podaj zakres dat dla filtrowania wyświetlonych wyników. Możesz podać datę początkową, końcową lub obie daty. Daty możesz wpisać ręcznie lub wybrać za pomocą kalendarza.