共查询到20条相似文献,搜索用时 22 毫秒
1.
Muhammad Usman Tariq Muhammad Babar Mian Ahmad Jan Akmal Saeed Khattak Mohammad Dahman Alshehri Abid Yahya 《计算机、材料和连续体(英文)》2021,67(1):625-639
The world is rapidly changing with the advance of information technology. The expansion of the Internet of Things (IoT) is a huge step in the development of the smart city. The IoT consists of connected devices that transfer information. The IoT architecture permits on-demand services to a public pool of resources. Cloud computing plays a vital role in developing IoT-enabled smart applications. The integration of cloud computing enhances the offering of distributed resources in the smart city. Improper management of security requirements of cloud-assisted IoT systems can bring about risks to availability, security, performance, confidentiality, and privacy. The key reason for cloud- and IoT-enabled smart city application failure is improper security practices at the early stages of development. This article proposes a framework to collect security requirements during the initial development phase of cloud-assisted IoT-enabled smart city applications. Its three-layered architecture includes privacy preserved stakeholder analysis (PPSA), security requirement modeling and validation (SRMV), and secure cloud-assistance (SCA). A case study highlights the applicability and effectiveness of the proposed framework. A hybrid survey enables the identification and evaluation of significant challenges. 相似文献
2.
Data privacy laws require service providers to inform their customers on how user data is gathered, used, protected, and shared. The General Data Protection Regulation (GDPR) is a legal framework that provides guidelines for collecting and processing personal information from individuals. Service providers use privacy policies to outline the ways an organization captures, retains, analyzes, and shares customers’ data with other parties. These policies are complex and written using legal jargon; therefore, users rarely read them before accepting them. There exist a number of approaches to automating the task of summarizing privacy policies and assigning risk levels. Most of the existing approaches are not GDPR compliant and use manual annotation/labeling of the privacy text to assign risk level, which is time-consuming and costly. We present a framework that helps users see not only data practice policy compliance with GDPR but also the risk levels to privacy associated with accepting that policy. The main contribution of our approach is eliminating the overhead cost of manual annotation by using the most frequent words in each category to create word-bags, which are used with Regular Expressions and Pointwise Mutual Information scores to assign risk levels that comply with the GDPR guidelines for data protection. We have also developed a web-based application to graphically display risk level reports for any given online privacy policy. Results show that our approach is not only consistent with GDPR but performs better than existing approaches by successfully assigning risk levels with 95.1% accuracy after assigning data practice categories with an accuracy rate of 79%. 相似文献
3.
为了确保数据发布应用环节中个人敏感隐私数据信息的安全,深入研究了k-匿名技术的机制及性能,针对其不能完全有效地防止敏感属性数据信息泄漏的问题,通过引入真子树的概念和全新的敏感属性值选择手段,在实验探索的基础上,提出了一种基于k-匿名隐私保护模型的新的数据发布隐私保护方法——FVS k-匿名隐私保护方法。这种隐私保护方法继承了k-匿名技术实现简单、处理数据便捷的优点,而且弥补了其保护个人敏感隐私数据信息不完全、不充分的缺点。优化后的FVS k-匿名方法能有效地防止个人敏感隐私数据信息的泄漏,确保个人敏感隐私数据信息的安全。 相似文献
4.
5.
Leilei Li Yansong Wang Dongjie Zhu Xiaofang Li Haiwen Du Yixuan Lu Rongning Qu Russell Higgs 《计算机、材料和连续体(英文)》2023,76(1):771-791
6.
Abdallah Abdallah Ayman A. Aly Bassem F. Felemban Imran Khan Ki-Il Kim 《计算机、材料和连续体(英文)》2022,72(1):157-179
The Internet of Things (IoT) has allowed for significant advancements in applications not only in the home, business, and environment, but also in factory automation. Industrial Internet of Things (IIoT) brings all of the benefits of the IoT to industrial contexts, allowing for a wide range of applications ranging from remote sensing and actuation to decentralization and autonomy. The expansion of the IoT has been set by serious security threats and obstacles, and one of the most pressing security concerns is the secure exchange of IoT data and fine-grained access control. A privacy-preserving multi-dimensional secure query technique for fog-enhanced IIoT was proposed in light of the fact that most existing range query schemes for fog-enhanced IoT cannot provide both multi-dimensional query and privacy protection. The query matrix was then decomposed using auxiliary vectors, and the auxiliary vector was then processed using BGN homomorphic encryption to create a query trapdoor. Finally, the query trapdoor may be matched to its sensor data using the homomorphic computation used by an IoT device terminal. With the application of particular auxiliary vectors, the spatial complexity might be efficiently decreased. The homomorphic encryption property might ensure the security of sensor data and safeguard the privacy of the user's inquiry mode. The results of the experiments reveal that the computing and communication expenses are modest. 相似文献
7.
The selectee rate at an airport, or the fraction of originating passengers at an airport that have not been cleared by the computer-aided passenger prescreening system, may be useful in determining where to deploy certain baggage screening security devices. At hub airports, this rate alone does not capture the selectee rate of outgoing passengers, which consists of both originating passengers and transferring passengers. The impact of transferring passengers on the outgoing selectee rate is needed to optimally deploy baggage screening security devices at airports. This paper introduces a methodology for computing the outgoing selectee rates for a set of (hub and non-hub) airports and to quantify the impact of transferring selectees at airports. Different types of selectee rates are defined and relationships between selectee rates for a set of airports and within an airport are discussed. Based on these relationships, two approaches for computing the outgoing selectee rates are presented. The resulting formulations, the exact formulation and the approximate formulation, are illustrated and compared using several examples, including a real-world example with data from the official airline guide. The methodology introduced in this paper can be used to determine which individual airports pose the greatest threat from selectee passengers to the entire system of airports, hence can be used to aid in the deployment of baggage screening security devices at airports. 相似文献
8.
Paolina Centonze 《计算机、材料和连续体(英文)》2019,59(2):361-374
In the security and privacy fields, Access Control (AC) systems are viewed as the fundamental aspects of networking security mechanisms. Enforcing AC becomes even more challenging when researchers and data analysts have to analyze complex and distributed Big Data (BD) processing cluster frameworks, which are adopted to manage yottabyte of unstructured sensitive data. For instance, Big Data systems’ privacy and security restrictions are most likely to failure due to the malformed AC policy configurations. Furthermore, BD systems were initially developed toped to take care of some of the DB issues to address BD challenges and many of these dealt with the “three Vs” (Velocity, Volume, and Variety) attributes, without planning security consideration, which are considered to be patch work. Some of the BD “three Vs” characteristics, such as distributed computing, fragment, redundant data and node-to node communication, each with its own security challenges, complicate even more the applicability of AC in BD.
This paper gives an overview of the latest security and privacy challenges in BD AC systems. Furthermore, it analyzes and compares some of the latest AC research frameworks to reduce privacy and security issues in distributed BD systems, which very few enforce AC in a cost-effective and in a timely manner. Moreover, this work discusses some of the future research methodologies and improvements for BD AC systems. This study is valuable asset for Artificial Intelligence (AI) researchers, DB developers and DB analysts who need the latest AC security and privacy research perspective before using and/or improving a current BD AC framework. 相似文献
This paper gives an overview of the latest security and privacy challenges in BD AC systems. Furthermore, it analyzes and compares some of the latest AC research frameworks to reduce privacy and security issues in distributed BD systems, which very few enforce AC in a cost-effective and in a timely manner. Moreover, this work discusses some of the future research methodologies and improvements for BD AC systems. This study is valuable asset for Artificial Intelligence (AI) researchers, DB developers and DB analysts who need the latest AC security and privacy research perspective before using and/or improving a current BD AC framework. 相似文献
9.
This paper discusses the dynamics between the pursuit of competitiveness and governance of data security in strengthening the Internet of Things (IoT) readiness in developing economies using Malaysia as a case study. It explores the potential of the IoT regulatory framework in guarding the privacy and interests of IoT users. This paper also reveals the collaborative model of technology push-market pull for technological capabilities development as well as the measures that uphold the principles of good privacy practice. The model incorporates privacy-by-design measures that would result in higher user confidence in this emerging technology, which is vital to a healthy IoT ecosystem. Through the collaborative model of Penang as evidence, our findings indicate that Malaysia seeks to create a structure that fosters technology push-market pull forces for IoT technological capabilities development. While the model paves a co-evolutionary path for diffusion and upgrading of IoT, several issues related to the volatility of online data and databases were identified as well as the lack of responsibility and accountability of corporations in handling the sensitive personal data of customers. We see that it is essential for the regulators to play a (more) significant role in safeguarding the interests of IoT users. In this regard, the privacy-by-design, a citizen-centric regulatory framework should be considered in policy reviews in deploying IoT-based competitive promotion initiatives. This paper breaks new ground by elaborating on the common route of IoT technology capabilities development, which is typical in the developing context. While it highlights the common issues that emerge as technology advances, we propose a regulatory framework that features embedded privacy-by-design to protect the interests of the IoT users. 相似文献
10.
11.
X射线安检设备中探测技术研究 总被引:1,自引:3,他引:1
从70年代开始,对通过重要的出入口的人员所携带的行李物品进行安全检查已成为国际上广泛采用的安全措施.近年来,受到航空安全等需要的驱使,安全检测技术得到迅速发展.在各种检测手段中,低成本、低剂量、非接触式、可成像的X射线安检设备应用最为普遍.本文对X射线探测违禁品的几种方法做了总结,阐述了单能量法、双能量法、双视角、CT及散射法的探测原理及优缺点,最后对安检技术的未来发展趋势进行了预测. 相似文献
12.
For the past few decades, the Internet of Things (IoT) has been one of the main pillars wielding significant impact on various advanced industrial applications, including smart energy, smart manufacturing, and others. These applications are related to industrial plants, automation, and e-healthcare fields. IoT applications have several issues related to developing, planning, and managing the system. Therefore, IoT is transforming into G-IoT (Green Internet of Things), which realizes energy efficiency. It provides high power efficiency, enhances communication and networking. Nonetheless, this paradigm did not resolve all smart applications’ challenges in edge infrastructure, such as communication bandwidth, centralization, security, and privacy. In this paper, we propose the OTS Scheme based Secure Architecture for Energy-Efficient IoT in Edge Infrastructure to resolve these challenges. An OTS-based Blockchain-enabled distributed network is used at the fog layer for security and privacy. We evaluated our proposed architecture’s performance quantitatively as well as security and privacy. We conducted a comparative analysis with existing studies with different measures, including computing cost time and communication cost. As a result of the evaluation, our proposed architecture showed better performance. 相似文献
13.
Lewis Nkenyereye S. M. Riazul Islam Mahmud Hossain M. Abdullah-Al-Wadud Atif Alamri 《计算机、材料和连续体(英文)》2021,67(1):211-221
The Internet of Medical Things (IoMT) offers an infrastructure made of smart medical equipment and software applications for healthcare services. Through the internet, the IoMT is capable of providing remote medical diagnosis and timely health services. The patients can use their smart devices to create, store and share their electronic health records (EHR) with a variety of medical personnel including medical doctors and nurses. However, unless the underlying commination within IoMT is secured, malicious users can intercept, modify and even delete the sensitive EHR data of patients. Patients also lose full control of their EHR since most healthcare services within IoMT are constructed under a centralized platform outsourced in the cloud. Therefore, it is appealing to design a decentralized, auditable and secure EHR system that guarantees absolute access control for the patients while ensuring privacy and security. Using the features of blockchain including decentralization, auditability and immutability, we propose a secure EHR framework which is mainly maintained by the medical centers. In this framework, the patients’ EHR data are encrypted and stored in the servers of medical institutions while the corresponding hash values are kept on the blockchain. We make use of security primitives to offer authentication, integrity and confidentiality of EHR data while access control and immutability is guaranteed by the blockchain technology. The security analysis and performance evaluation of the proposed framework confirms its efficiency. 相似文献
14.
软件测试是软件质量保障的基础,而单元测试是软件测试的重要阶段,单元测试用例的设计是软件测试的重要环节。文章重点结合xx型号嵌入式星载软件的一个模块,详细介绍并论述单元测试的方法。 相似文献
15.
Guangyong Yang Jianqiu Zeng Mengke Yang Yifei Wei Xiangqing Wang Zulfiqar Hussain Pathan 《计算机、材料和连续体(英文)》2020,63(2):769-785
A vast amount of information has been produced in recent years, which brings a huge challenge to information management. The better usage of big data is of important theoretical and practical significance for effectively addressing and managing messages. In this paper, we propose a nine-rectangle-grid information model according to the information value and privacy, and then present information use policies based on the rough set theory. Recurrent neural networks were employed to classify OTT messages. The content of user interest is effectively incorporated into the classification process during the annotation of OTT messages, ending with a reliable trained classification model. Experimental results showed that the proposed method yielded an accurate classification performance and hence can be used for effective distribution and control of OTT messages. 相似文献
16.
Hyun Sook Rhee 《计算机、材料和连续体(英文)》2022,73(1):69-85
As the use of cloud storage for various services increases, the amount of private personal information along with data stored in the cloud storage is also increasing. To remotely use the data stored on the cloud storage, the data to be stored needs to be encrypted for this reason. Since “searchable encryption” is enable to search on the encrypted data without any decryption, it is one of convenient solutions for secure data management. A public key encryption with keyword search (for short, PEKS) is one of searchable encryptions. Abdalla et al. firstly defined IND-CCA security for PEKS to enhance it’s security and proposed consistent IND-CCA secure PEKS based on the “robust” ANO-CCA secure identity-based encryption(IBE). In this paper, we propose two generic constructions of consistent IND-CCA secure PEKS combining (1) a hierarchical identity based encryption (for short, HIBE) and a signature scheme or (2) a HIBE, an encapsulation, and a message authentication code (for short, MAC) scheme. Our generic constructions identify that HIBE requires the security of a signature or a MAC as well as the weaker “ANO-CPA security (resp., IND-CPA security)” of HIBE than “ANO-CCA security (resp., IND-CCA security)” of IBE required in for achieving IND-CCA secure (resp., consistent) PEKS. Finally, we prove that our generic constructions satisfy IND-CCA security and consistency under the security models. 相似文献
17.
Wearable devices are becoming more popular in our daily life. They are usually used to monitor health status, track fitness data, or even do medical tests, etc. Since the wearable devices can obtain a lot of personal data, their security issues are very important. Motivated by the consideration that the current pairing mechanisms of Bluetooth Low Energy (BLE) are commonly impractical or insecure for many BLE based wearable devices nowadays, we design and implement a security framework in order to protect the communication between these devices. The security framework is a supplement to the Bluetooth pairing mechanisms and is compatible with all BLE based wearable devices. The framework is a module between the application layer and the GATT (Generic Attribute Profile) layer in the BLE architecture stack. When the framework starts, a client and a server can automatically and securely establish shared fresh keys following a designed protocol; the services of encrypting and decrypting messages are provided to the applications conveniently by two functions; application data are securely transmitted following another protocol using the generated keys. Prudential principles are followed by the design of the framework for security purposes. It can protect BLE based wearable devices from replay attacks, Man-in-The-Middle attacks, data tampering, and passive eavesdropping. We conduct experiments to show that the framework can be conveniently deployed with practical operational cost of power consumption. The protocols in this framework have been formally verified that the designed security goals are satisfied. 相似文献
18.
基于并行协同设计环境的技术机构管理系统 总被引:1,自引:1,他引:0
基于并行工程的协同设计环境中工作流的设计方法运用于质量技术机构的管理系统中,采用公文流转形式实现异地、异步工作组内多人协同工作,使信息的收集、存储、处理、流转、发布相分离,既保证了系统的可靠性,又保证了工作的及时性,从而提高办公效率,真正实现无纸办公. 相似文献
19.
In order to effectively detect the privacy that may be leaked through socialnetworks and avoid unnecessary harm to users, this paper takes microblog as the researchobject to study the detection of privacy disclosure in social networks. First, we performfast privacy leak detection on the currently published text based on the fastText model. Inthe case that the text to be published contains certain private information, we fullyconsider the aggregation effect of the private information leaked by different channels,and establish a convolution neural network model based on multi-dimensional features(MF-CNN) to detect privacy disclosure comprehensively and accurately. Theexperimental results show that the proposed method has a higher accuracy of privacydisclosure detection and can meet the real-time requirements of detection. 相似文献
20.
高性能安全路由器BW7000的设计与实现 总被引:4,自引:0,他引:4
高性能和安全是计算机网络研究的两个主要问题。路由器在保证转发性能的前提下提供网络安全保护已经成为当前的研究热点。文章介绍了在完成国家\"八六三\"计划重大课题\"高性能安全路由器\"的过程中解决的若干关键技术问题。高性能安全路由器BW7000基于自主设计的高性能路由器操作系统HEROS。为保证高性能的路由转发,设计实现了基于RAM的高性能路由查找算法;为支持服务质量控制和安全管理,设计实现了基于无冲突HashTrie树的分组分类算法和基于反馈的分布式分组调度算法;为保证网络安全,提出了基于分布式密钥管理的路由器安 相似文献
