The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Many research efforts are in progress for developing unified standards for Electronic Health Records. Such records can be shared for provisions of health care and research. Significant benefits can be realized when the proposed systems are used widely. Additional security requirements are crucial for their wide adoption. Patients want privacy and confidentiality. These systems will be deployed in...
The development of web 2.0 increases the call for agile and simple Business process support. SOA (Service oriented Architecture) provides companies with a new model to build their IT applications around their business processes and combine them dynamically and flexibly with the services of partner companies. In this open and distributed context, it is required to implement an appropriate security...
The ever increasing diversity and mobility of devices have originated a marked rise in ubiquitous resources; a great number of collaborative applications could be exploited just by employing an efficient ubiquitous resource management mechanism. The CARM (Composable-Adaptive Resource Management) middleware-based architecture provides a flexible infrastructure where personal devices create seamlessly...
Mashups are a new breed of interactive web applications that aggregate and stitch together data retrieved from one or more sources to create an entirely new and innovative set of services. The paradigm is not limited to social networks and many enterprises are redesigning their business processes to create interactive systems in the form of mashups. However, protecting users' private data from unauthorized...
With the widespread use of electronic health record (EHR), building a secure EHR sharing environment has attracted a lot of attention in both healthcare industry and academic community. Cloud computing paradigm is one of the popular healthIT infrastructure for facilitating EHR sharing and EHR integration. In this paper we discuss important concepts related to EHR sharing and integration in healthcare...
In a virtual cluster based Cloud Computing environment, the sharing of infrastructure introduces two problems on user management: usability and security. Meanwhile, we observe that most conventional user management frameworks in the network environment are not fit for the scale expansion and interconnection of dynamic virtualization environment. In this paper, we propose VegaWarden, a uniform user...
In a clear contrast with the phenomenal growth of Web database applications, access control issues related to data stored in the back-end databases have largely been neglected. Current approaches to access control on databases do not fit web databases because they are mostly based on individual user identities. In this paper, we propose (RBAC+), a dynamic access control model to enforce fine-grained...
Wireless sensor networks (WSNs) have many applications in home and industrial automation, and the management and integration of WSNs into Internet and IP-based networks is still getting tremendous interesting. This paper presents a micro SOA-model as part of a 4-layered, SOA-based architecture targeting resource-constrained devices with 48 KB of ROM and 10 KB of RAM. The key idea in this model is...
Since the number of server providing the facilities for users is usually more than one, remote user authentication schemes used for multi-server architectures, rather than single server circumstance, is considered. In 2007, Liao and Wang proposed a “secure dynamic ID based remote user authentication scheme for multi-server environment” that uses dynamic ID instead of static ID to achieve user's anonymity...
The rapidly developing Web environment provides users with a wide set of rich services as varied and complex as desktop applications. Those services are collectively referred to as ``Web 2.0'', with examples such as Google Docs, Flickr, or Wordpress, that allow users to create, manage and share their content online. By switching from desktop applications to their cloud-based Web equivalents users...
Network Security represents a continuously moving target, which has to be reached in order to assure the desired level of confidentiality, integrity and availability for the network systems and services. In this case, one of the most important steps in setting up a new (WiMAX) network is the definition of the security plan. At the end of the paper, after taking it step by step, we will have an interdependent...
Security is an integral part of the modern software systems and applications in which a client program can access different functional aspects (views) of the same domain. These views (View-Oriented Programming-VOP), as a separation of concerns approach, enable us to manage the complexity of the software systems and to accomplish greater reuse and maintainability. In VOP, an object's response to a...
Secure access to information for any business is a fundamental need. In the service-oriented environment due to loose coupling of services and applications, and their functions across enterprise boundaries, provisioning security becomes more critical. Therefore required authorization by an authenticated identity and applying confidentiality techniques which ordinarily are gained via encryption, are...
Access control has become an important topic for many software systems. It is an aspect of security which is concerned with preventing unauthorized accesses to shared resources. Several access control models have been proposed to use in software development process. This paper provides a survey on access control models and compares them by access control criteria.
With the Web Services widely used in the distributed systems, the demand for cross-domain authentication is increasing day by day, its security issues become more and more prominent. Aiming at disadvantages of the cross-domain authentication, this article presents a dynamic authentication mechanism crossing domains for Web Services based on SAML. It can achieve single sign-on and improve the interoperability...
Due to its large penetration and ease of use, the web environment provides a platform that enables collaboration among people working on a joint topic. Regardless of the actual focus of collaborating groups, security is very often a key aspect of such an environment. Provision of the proper level of authentication and access control is a necessity in almost any real world deployment of collaborative...
This paper first introduces a possible evolution of secure personal identification devices, based on RFID technology in the mobiles phones (NFC). Given the characteristics of the mobile phone market, this trend could grow quickly and importantly. This paper considers the possible impact of this evolution in term of privacy, focusing on a typical and important case: payment transactions. This paper...
Currently, most workflow management systems in Grid environments provide push-oriented job distribution strategies, where jobs are explicitly delegated to resources. In those scenarios the dedicated resources execute submitted jobs according to the request of a workflow engine or Grid wide scheduler. This approach has various limitations, particularly if human interactions should be integrated in...
Information security has gained tremendous importance for energy distribution and energy automation systems over the last years. Standards like IEC61850 offer standardized communication services and standardized data models for communication in energy automation. IEC 61850 is flanked by the standard IEC 62351 that especially addresses security and specifies technical requirements which have to be...
Usage control model (UCON) is based on the idea that attributes required for decision-making can be changed over a period of usage. Since it is not always possible to get a fresh and trustworthy value of attributes, a decision has to be done with some uncertainties in mind. Moreover, modern systems become more distributed and dynamic and this evolution aggravates the problem. Such trend demands for...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.