26,220 Hits in 9.7 sec

Can Authoritative Governments Abuse the Right to Access? [article]

Cédric Lauradoux
2022 arXiv   pre-print
Our attacks highlight the need for strong procedures to authenticate subject access requests.  ...  The right to access is a great tool provided by the GDPR to empower data subjects with their data.  ...  They have created dashboard on their websites to let data subjects access their data. To access the dashboard, the data subject needs first to authenticate to the data controller websites.  ... 
arXiv:2203.02068v1 fatcat:x5howrzhnremdlgafhs7n4hmbq

Revisiting Identification Issues in GDPR 'Right Of Access' Policies: A Technical and Longitudinal Analysis

Mariano di Martino, Isaac Meers, Peter Quax, Ken Andries, Wim Lamotte
2022 Proceedings on Privacy Enhancing Technologies  
Several data protection regulations permit individuals to request all personal information that an organization holds about them by utilizing Subject Access Requests (SARs).  ...  Finally, we propose several technical modifications to SAR policies that reduce privacy and security risks of data controllers.  ...  Finally, we thank the reviewers for their feedback and interesting discussions.  ... 
doi:10.2478/popets-2022-0037 fatcat:ml5yzplblbbl5b3qo7oejrn6gi

Comprehensive Survey and Research Directions on Blockchain IoT Access Control

Hafiz Adnan Hussain, Zulkefli Mansor, Zarina Shukur
2021 International Journal of Advanced Computer Science and Applications  
This survey mainly discussed the core problems of Internet of things security and access control to unauthorized users and security requirements for IoT.  ...  The authors also addressed how to use the Blockchain to work with and resolve some of the standards relevant to IoT security issues.  ...  The authors in [16] suggested a new method of Authentication of access control and a user to make IoT secure and safe for illegal users and get open access to information.  ... 
doi:10.14569/ijacsa.2021.0120530 fatcat:kdpnrikixrbuxmg743zjnxk52e

A Secure CDM-Based Data Analysis Platform (SCAP) in Multi-Centered Distributed Setting

Seungho Jeon, Chobyeol Shin, Eunnarae Ko, Jongsub Moon
2021 Applied Sciences  
Hospitals have their own database structures and maintain their data in a closed manner. For this reason, it is difficult for researchers outside of institutions to access multi-center data.  ...  A secure CDM-based data analysis platform (SCAP) consists of a certificate authority (CA), authentication server (AS), code signer (CS), ticket-granting server (TGS), relaying server (RS), and service  ...  While providing an automated CDM data analysis service, SCAP provides end-to-end authentication to users accessing the platform and the integrity of CDM data analysis codes.  ... 
doi:10.3390/app11199072 fatcat:arzgotouorbg7ivl66rmiztne4

Performance Improvement Based Authentication Protocol for Intervessel Traffic Service Data Exchange Format Protocol Based on U-Navigation System in WoT Environment

Byunggil Lee, Namje Park
2014 Journal of Applied Mathematics  
Therefore, this paper suggests the authentication protocol to increase the security of the VTS systems using the main certification server and IVEF.  ...  And IVEF (inter-VTS data exchange format) for inter-VTS network has become a hot research topic of VTS system.  ...  Acknowledgments This paper is extended and improved from accepted paper of CSA 2012 conferences.  ... 
doi:10.1155/2014/734768 fatcat:h2dmv4xlxfcdrljc37eximjiuq

Migrating to Zero Trust Architecture: Reviews and Challenges

Songpon Teerakanok, Tetsutaro Uehara, Atsuo Inomata, Qi Li
2021 Security and Communication Networks  
Zero trust (ZT) is a new concept involving the provisioning of enterprise/organization resources to the subjects without relying on any implicit trust.  ...  Also, challenges, steps, and things to consider when migrating from the legacy architecture to ZTA are presented and discussed.  ...  Enterprises are expected to know what kind of data and resources they are holding, how they are protected, and who and when accessed these resources.  ... 
doi:10.1155/2021/9947347 fatcat:bergzmag5fddzgplxyegnmleke

Identifying Phishing Threats in Government Web Services

Yunsang Oh, Takashi Obi
2012 International Journal of Information and Network Security (IJINS)  
The governmental use of Web technologies, including e-Government, has many advantages for citizens, but progress in this relationship has highlighted information security as an important issue in preserving  ...  Unfortunately, unique governmental characteristics lead users to authenticate its service unwillingly; users may investigate service's possible and likely vulnerabilities carelessly when perceiving trustworthiness  ...  Some subjects asked how we obtained their resident registration number and were surprised that they were fooled by the date of birth data only.  ... 
doi:10.11591/ijins.v2i1.844 fatcat:fezn6mzcpjhkbmzzzwn43gksfy

Secure Development - Web Application Security

Sayyad Arif Ulla
2013 IOSR Journal of Computer Engineering  
This paper provides analysis of requirement of Secure Development and Web application security assessment mechanisms in order to identify poor coding practices that render Web applications vulnerable to  ...  In addition, some risk can be avoided at the very beginning of the project life cycle when the requirements for the system are defined.  ...  This causes the value to be sent in the body of the HTTP request, avoiding its inclusion in the URL, which is subject to exposure. 2.  ... 
doi:10.9790/0661-1461422 fatcat:rzvxmvyd7nbb3iiqqmgzv2bk6q

How do app vendors respond to subject access requests?

Jacob Leon Kröger, Jens Lindemann, Dominik Herrmann
2020 Proceedings of the 15th International Conference on Availability, Reliability and Security  
In a first-of-itskind longitudinal study, we examine how service providers have complied with subject access requests over four years.  ...  In three iterations between 2015 and 2019, we sent subject access requests to vendors of 225 mobile apps popular in Germany.  ...  This includes, in particular, guidance on how to authenticate data subjects safely [4, 7, 25] , how to transfer personal data [42] , and how to facilitate the submission of requests [2, 10, 17] .  ... 
doi:10.1145/3407023.3407057 dblp:conf/IEEEares/KrogerLH20 fatcat:cfu7me54wzh3rfo6kkmxzbvwti

Text/Conference Paper

Venesa Watson, Jochen Sassmannshausen, Karl Waedt
2019 Jahrestagung der Gesellschaft für Informatik  
to ascertain how a more granular security structure with ABAC could provide additional security advantages for industry.  ...  Of particular interest is the security services offered by OPC UA, as they are expected to strengthen the security posture of industrial automation systems, which have so far suffered a number of sophisticated  ...  Acknowledgements Some of the addressed topics are being elaborated as part of Framatome GmbH's participation in the WIPANO R&D (2018-2020) with Universität Siegen.  ... 
doi:10.18420/inf2019_ws34 dblp:conf/gi/WatsonSW19 fatcat:p242fwmt6jhgrdjcv5wl2pgpda

An Empirical Study of a Trustworthy Cloud Common Data Model Using Decentralized Identifiers

Yunhee Kang, Jaehyuk Cho, Young B. Park
2021 Applied Sciences  
In this paper, we propose a DID (Decentralized Identifier)-based cloud CDM that allows researchers to securely store medical research information by authenticating their identity and to access the CDM  ...  Prototypes built for agent-based proof of concept (PoC) are leveraged to enhance security for researcher use of ophthalmic CDM data.  ...  RE202101551, the development of IoT-based technology for collecting and managing big data on environmental hazards and health effects.  ... 
doi:10.3390/app11198984 fatcat:aaktlzjypvgwxmbbnrrotbmyju

DB-SECaaS: a cloud-based protection system for document-oriented NoSQL databases

Yumna Ghazi, Rahat Masood, Abid Rauf, Muhammad Awais Shibli, Osman Hassan
2016 EURASIP Journal on Information Security  
The trend of cloud databases is leaning towards Not Only SQL (NoSQL) databases as they provide better support for scalable storage and quick retrieval of exponentially voluminous data.  ...  However, there are inherent security issues in cloud, including remote data residency along with the non-existent control of owners over their own data.  ...  Using the DB-SECaaS system, enterprises can host their critical data in document-based NoSQL databases on the cloud securely, where the owner of the data would be able to control access to their data.  ... 
doi:10.1186/s13635-016-0040-5 fatcat:ove7mr5rrrhotjlw2n752msp3y

A Security Analysis of the Emerging P2P-Based Personal Cloud Platform MaidSafe

Florian Jacob, Jens Mittag, Hannes Hartenstein
2015 2015 IEEE Trustcom/BigDataSE/ISPA  
This paper provides a condensed description of MaidSafe's key protocol mechanisms, derives the underlying identity and access management architecture, and evaluates it with respect to security and privacy  ...  trust are on their rise.  ...  MAIDSAFE The SAFE network (or MaidSafe) refers to Secure Access For Everyone and is described by their authors as a fully distributed data management service that offers secure data storage and secure  ... 
doi:10.1109/trustcom.2015.538 dblp:conf/trustcom/JacobMH15 fatcat:wxwsnltq4zbuhchupndlhbrwx4

Corbel Report On Models And Pilot Designs For Sustainable Scalable Cloud-Based Provision Of Data Access And Compute Across Infrastructures

Morris Swertz, Fleur Kelpin, David van Enckevort, Ilkka Lappalainen, Mikael Linden, Tommi Nyrönen, Petr Holub, Jan-Willem Boiten, Anna Leida Molder, Helen Parkinson
2017 Zenodo  
Task 3 in Work Package 6 addresses the secure data management and compute needs of service providers dealing with data that needs to be access controlled, for example human identifiable data such as genome  ...  Therefore we have first surveyed use cases and needs of BMS infrastructures and their users. Subsequently we surveyed existing models for the provisioning of data access and compute.  ...  Or alternatively, when multiple BMS data providers want to pool their data they also need to sent their data to IT services hosted by a third party.  ... 
doi:10.5281/zenodo.376279 fatcat:qrwc2azvjzgl5iqt6swa65bo2m

A Study on Distributed Processing of Big Data and User Authentication for Human-friendly Robot Service on Smartphone
인간 친화적 로봇 서비스를 위한 대용량 분산 처리 기술 및 사용자 인증에 관한 연구

Okkyung Choi, Wooyeol Jung, Bong Gyou Lee, Seungbin Moon
2014 Journal of Internet Computing and services  
The enterprises and nations are actively underway of the business process using mobile cloud computing and they are aware of need for implementing mobile cloud computing to their business practice, but  ...  We will also be able to study how to process and analyze unstructured data in parallel to this model, so that in the future, providing customized information for individuals may be possible using unstructured  ...  Step by step procedure for granting authority to access public document and real-time event processing is as follows. ① Access of public document (source data): Authority to access public document is set  ... 
doi:10.7472/jksii.2014.15.1.55 fatcat:3vox7d7mt5ddfp26t6tpqvbgm4
« Previous Showing results 1 — 15 out of 26,220 results