This presentation provides an intro into the need for "measurable security" when envisioning an Internet for each of us ("People"), powered by sensors and devices ("Things"), and providing Services tailored to your needs.
It handles the challenge of information security, postulating that different applications need different security mechanisms: "To inform somebody about a train arrival time" requires less security than "controlling an industrial plant by automated processes, based on input from sensors".
deceptionGUARD by GrayMatter deploys industry-specific decoys and sirens that automatically stop attackers before they hit critical, operational assets. deceptionGUARD works at the network perimeter to divert attacks, not lure them in.
Free Internet Information Access - Activities and Pilots for the Human Right ...Josef Noll
Â
This document summarizes a presentation about providing free internet access in emerging economies. It discusses:
1) The current state of internet access and the digital divide, as well as visions like Internet.org to increase access.
2) Different business models for free information access, including hotspot models in cities and removing barriers to access basic information via browsers.
3) Pilot projects with Opera Software and others to test technical solutions for free access via access points and proxies.
4) The need for collaboration between different partners like education, health and mobile operators to create an ecosystem where everyone can access basic internet information for free.
The Presentation focusses on the development from current mobile networks into the future sensor-driven mobile networks. A special focus is given on security aspects, especially measurable security of systems. The presentation was given at the IDC Mobility Series 2012 in Budapest.
Managing Role Explosion with Attribute-based Access Control - Webinar Series ...NextLabs, Inc.
Â
As companies globalize and consolidate their SAP systems, they face an increasing need to control access to sensitive data based on fine grained user profiles. Traditionally, companies have managed this access by defining fine grained roles, leading to an explosion of roles that are inconsistent and hard to manage.
In this webinar series, attendees will learn:
- The key trends driving role explosion
- The challenges of role explosion
- Example use cases that drive role explosion
- How attribute-based access control (ABAC) can alleviate the problem
Attendees will also see demonstrations of use cases illustrating how role explosion happens, and how ABAC can help reduce role explosion.
This document summarizes a thesis proposal presentation on generalized attribute centric access control. The presentation covered the problem statement of achieving completely mediated access control in dynamic environments where privacy and anonymity are important. It discussed limitations of traditional access control models and reviewed literature on attribute based access control. The proposed solution involved developing a family of attribute centric access control models that are context sensitive, fine-grained, and multi-factor. Potential applications and impact were also discussed.
Enterprise & Web based Federated Identity Management & Data Access Controls Kingsley Uyi Idehen
Â
This presentation breaks down issues associated with federated identity management and protected resource access controls (policies). Specifically, it uses Virtuoso and RDF to demonstrate how this longstanding issue has been addressed using the combination of RDF based entity relationship semantics and Linked Open Data.
This document discusses the evolution of access control models from DAC to ABAC. It provides an overview of Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). ABAC is described as a new model that controls access based on multiple attributes of subjects, objects, and the environment, allowing for more flexible and fine-grained access decisions. The document predicts that by 2020, 70% of businesses will use ABAC due to its scalability and ability to incorporate real-time context into authorization decisions.
deceptionGUARD by GrayMatter deploys industry-specific decoys and sirens that automatically stop attackers before they hit critical, operational assets. deceptionGUARD works at the network perimeter to divert attacks, not lure them in.
Free Internet Information Access - Activities and Pilots for the Human Right ...Josef Noll
Â
This document summarizes a presentation about providing free internet access in emerging economies. It discusses:
1) The current state of internet access and the digital divide, as well as visions like Internet.org to increase access.
2) Different business models for free information access, including hotspot models in cities and removing barriers to access basic information via browsers.
3) Pilot projects with Opera Software and others to test technical solutions for free access via access points and proxies.
4) The need for collaboration between different partners like education, health and mobile operators to create an ecosystem where everyone can access basic internet information for free.
The Presentation focusses on the development from current mobile networks into the future sensor-driven mobile networks. A special focus is given on security aspects, especially measurable security of systems. The presentation was given at the IDC Mobility Series 2012 in Budapest.
Managing Role Explosion with Attribute-based Access Control - Webinar Series ...NextLabs, Inc.
Â
As companies globalize and consolidate their SAP systems, they face an increasing need to control access to sensitive data based on fine grained user profiles. Traditionally, companies have managed this access by defining fine grained roles, leading to an explosion of roles that are inconsistent and hard to manage.
In this webinar series, attendees will learn:
- The key trends driving role explosion
- The challenges of role explosion
- Example use cases that drive role explosion
- How attribute-based access control (ABAC) can alleviate the problem
Attendees will also see demonstrations of use cases illustrating how role explosion happens, and how ABAC can help reduce role explosion.
This document summarizes a thesis proposal presentation on generalized attribute centric access control. The presentation covered the problem statement of achieving completely mediated access control in dynamic environments where privacy and anonymity are important. It discussed limitations of traditional access control models and reviewed literature on attribute based access control. The proposed solution involved developing a family of attribute centric access control models that are context sensitive, fine-grained, and multi-factor. Potential applications and impact were also discussed.
Enterprise & Web based Federated Identity Management & Data Access Controls Kingsley Uyi Idehen
Â
This presentation breaks down issues associated with federated identity management and protected resource access controls (policies). Specifically, it uses Virtuoso and RDF to demonstrate how this longstanding issue has been addressed using the combination of RDF based entity relationship semantics and Linked Open Data.
This document discusses the evolution of access control models from DAC to ABAC. It provides an overview of Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). ABAC is described as a new model that controls access based on multiple attributes of subjects, objects, and the environment, allowing for more flexible and fine-grained access decisions. The document predicts that by 2020, 70% of businesses will use ABAC due to its scalability and ability to incorporate real-time context into authorization decisions.
The document discusses industrial safety and security research in Horizon 2020. It provides an overview of the European Technology Platform for Industrial Safety (ETPIS), which aims to strengthen EU research investment in industrial safety. ETPIS acts as an open forum and platform to coordinate safety experts and prepare future research. The presentation outlines ETPIS's role in Horizon 2020 and its vision of "Safety for sustainable and competitive future" through various cross-ETP initiatives and projects focused on issues like risk management, aging infrastructure, and safety/security synergies. Examples of past and potential future projects developed through ETPIS that address industrial and critical infrastructure safety are also mentioned.
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk
Â
This document discusses Splunk's security vision, strategy, and platform. It outlines Splunk's positioning as a leader in security information and event management. It describes Splunk's security portfolio and how the platform can be used to prevent, detect, respond to and predict security threats. It also provides examples of how Splunk has helped customers in various industries improve their security operations and gain insights from security and other machine data.
The WITDOM first project presentation has been updated to include a summary of the results corresponding to the first 18 months of the project. The presentation includes a high-level overview of the project scenarios, methodologies to elicit requirements and to formalize them into technical requirements, as well as the initial architecture.
Implications of GDPR for IoT Big Data Security and Privacy FabricMark Underwood
Â
Discussion of ways in which GDPR has, and will continue to influence the SDLC and deployment of IoT, especially as it impacts the privacy and security fabric.
Managing Cloud Security Risks in Your OrganizationCharles Lim
Â
Any Organization in the World need to prepare themselves before they move to the cloud, i.e. cloud security risk assessment. It is all about managing your risks if you accept to move to the cloud and understanding the risks and benefits should be essential part of any organization thinking to move to cloud infrastructure.
TAROT2013 Testing School - Antonia Bertolino presentationHenry Muccini
Â
TAROT 2013 9th International Summer School on Training And Research On Testing, Volterra, Italy, 9-13 July, 2013
These slides summarize Paolo Tonella's presentation about "Academic developments in search based testing for the Future Internet."
Security in the Context of Business Processes: Thoughts from a System Vendor'...Achim D. Brucker
Â
Enterprise systems in general and process aware systems in particular are storing and processing the most critical assets of a company. To protect these assets, such systems need to implement a multitude of security properties. Moreover, such systems need often to comply to various compliance regulations.
In this keynote, we present process-level security requirements as well as discuss the gap between the ideal world of process-aware information systems and the real world. We conclude our presentation by discussing several research challenges in the area of verifiable secure process aware information systems.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Cloud ERP Security: Guidelines for evaluationNazli Sahin
Â
This document provides guidelines for evaluating security issues related to cloud ERP systems. It begins with an introduction that discusses the background of ERP systems, cloud computing, and the emergence of cloud ERP. It then reviews literature on the security issues associated with traditional ERP systems, cloud computing, and cloud ERP. The document describes the qualitative research methodology used, which involved interviews with ERP, cloud computing, and cloud ERP professionals. Key security issues identified include data security, authentication and authorization, architectural issues, ERP implementation, and compliance. Guidelines are then provided to help users evaluate these security issues when considering cloud ERP.
Security Redefined - Prevention is the future!!Daniel L. Cruz
Â
NewSky Security positions itself as a change agent in the security industry by focusing on preventative and proactive security approaches through automated security testing during the software development lifecycle (SDLC). Their AppRisk product performs automated static application security testing (SAST) and dynamic application security testing (DAST) scanning of Android mobile applications to identify vulnerabilities early in the development process. The document discusses NewSky's approach of incorporating security into the SDLC, compares it to shifts in healthcare from reactive to preventative medicine, and outlines AppRisk's capabilities such as rapid scanning times and a large vulnerability repository.
Efficient Solutions For The Automotive & Parts Supplier IndustriesThorne & Derrick UK
Â
This document discusses sensor solutions from SICK for various applications in automotive press shops, including:
1. Using an absolute encoder to record the position of a crane gripper and inductive safety switches to monitor end positions for coil and body part storage.
2. Equipping a blanking line with vision sensors to guide storage and retrieval systems using pre-defined markers and laser sensors to check storage space occupancy.
3. Applying distance sensors, optical data transmission, and safety switches on a press line for high-precision positioning of storage and retrieval systems and end position monitoring.
This curriculum vitae outlines the professional experience and education of Marco Caselli. He received his PhD from the University of Twente in 2016, where he researched network security for industrial control systems. His work experience includes positions as a researcher focusing on cybersecurity, a visiting researcher at UC Berkeley, and security consultant roles. He has strong skills in programming, modeling languages, and operating systems relevant to cybersecurity.
Security and Privacy Big Challenges in Internet of thingsIRJET Journal
Â
This document discusses security and privacy challenges with Internet of Things (IoT) systems. It notes that IoT provides broad functionality but also raises important challenges regarding privacy and security. Some key issues discussed include insufficient authentication, lack of transport encryption, insecure interfaces, default credentials, lack of secure coding practices, and privacy concerns regarding personal data collection. The document recommends approaches to address these challenges, such as base device analysis, network traffic verification, secure code reviews, and end-to-end penetration testing.
Grid Analytics Europe 2016: "Defend the Grid", April 2016OMNETRIC
Â
Presentation by Jon Longstaff at Grid Analytics Europe 2016: Cyber-Secure Analytics â identifying and overcoming the security vulnerabilities of next generation grid analytics infrastructures that integrate multiple systems and data sources.
The document discusses integrating CodeMeter security with industrial flash memory. It notes that combining security and memory in one device is ideal for IoT and embedded systems as it saves space, power and costs. CodeMeter provides encryption, licensing and tamper protection for software and data, while flash memory provides reliable long-term storage. Together this provides optimal protection for intellectual property and allows for new business models in industrial applications and embedded systems.
Blue Coat announced three acquisitions to expand its product portfolio: 1) Solera Networks for its security analytics and forensic capabilities, 2) Netronome for its SSL Visibility Appliance to intercept SSL traffic, and 3) Crossbeam Systems for its X-Series solution to provide scalability. The document discusses how these acquisitions will enhance Blue Coat's offerings in security analytics, SSL inspection, and consolidation/scalability. It also outlines Blue Coat's solutions in web security, traffic control, cloud caching, and key customer initiatives in mobility, guest WiFi, and web threat protection.
The document discusses several IoT security and privacy considerations, including using privacy by design principles to embed privacy into systems from the start, establishing accountability standards and open technology standards to build trust, and addressing common problems like lack of developer security experience, insecure communication protocols, and ensuring secure firmware updates throughout the lifecycle of IoT devices.
Splunk live nyc_2017_sec_buildinganalyticsdrivensocRene Aguero
Â
The document is a presentation by Rene Aguero on building an analytics-driven security operations center (SOC) using Splunk solutions. It discusses challenges with traditional SOCs, emerging trends like threat hunting and automation, and the key components of a SOC technology stack including log management, asset tracking, threat intelligence, and case management. It then outlines how Splunk solutions can help address these issues by providing a platform for centralized data collection, correlation with threat intelligence, and advanced analytics including machine learning.
Make things come alive in a secure way - SigfoxSigfox
Â
Trustworthiness, which encompasses security, privacy, reliability and reliance, is a key challenge for the IoT. Firstly, this is because the IoT is intimately linked to business-critical processes, and secondly because the IoT significantly broadens the surface of attack of business intelligence systems. Sigfox addresses this challenge through a systematic process that assumes that security is relative and will be adapted to the level of threat faced by the application at hand.
Sigfox has gathered a team with lengthy experience in the security industry that deals with all relevant aspects, from security by design to active operational measures. This addresses data protection in motion via measures built in to the protocol (authentication, integrity, encryption, anti-replay, anti-jamming), data protection at rest via cryptographic storage of data and credentials in devices, base stations, and Sigfox Core Network. Reliability and reliance are both native in Sigfox data centers and intrinsic to the Sigfox network architecture to protect against attacks such as DDoS or massive device cloning.
In an effort to support its ecosystem, Sigfox has developed partnerships with internationally recognized security experts to facilitate the introduction of hardware security in devices and provide security assessment schemes for the IoT.
The presentation provides an overview on areas for Master Thesis work at UNIK in the areas of Wireless Networks and Information Security (WNIS). Students from UiO, NTNU or any of our collaboration partners are invited to take contact to define a study in one of these areas. Some of these areas include:
* Radio communication, including
- Communication in the high North, advancing propagation models
- models and protocols for industrial sensor networks
- heterogeneous and adaptive networks
- Internet access and provision for emerging economies
* The 3rd wave of Internet: the Internet of People, Things and Services
- providing context-awareness for mobile and business services
- Socialtainment, integrating your social network into future (electrical) mobility
* Information Security
- establish measurable security for the sensor networks
- adaptable security for sensor-driven applications in traffic, eHealth
* Mobile Applications
- Monitoring Air Quality through mobile devices
- using mobile phones for health monitoring (and fun)
* Light-weight solutions for autonomous operations
- distributed logic for decentralised decision making
- light-weight software for autonomous operations
- semantic systems for advanced information handling in shipping
- in Norwegian
Disse foilene inneholder omrüder for masteroppgaver som kan gjennomføres ved UNIK, forskningsinstitutter ved Kjeller eller samarbeidene industri. Vi tilbyr masteroppgaver i omrüdet adaptive nett og informasjonssikkerhet.
Security, Privacy and Dependability in Mobile NetworksJosef Noll
Â
This document summarizes a presentation given by Josef Noll at the International Conference on Mobility in Venice in October 2012. The presentation discusses security, privacy, and dependability issues in mobile networks. It provides an overview of how security mechanisms have evolved with each generation of mobile networks from 1G to 4G. It highlights key challenges regarding privacy of personal data, reliability of infrastructure systems, and the growth of the Internet of Things connecting billions of sensors to mobile networks.
More Related Content
Similar to Semantic technologies for attribute based access: measurable security for the Internet of People, Things and Services
The document discusses industrial safety and security research in Horizon 2020. It provides an overview of the European Technology Platform for Industrial Safety (ETPIS), which aims to strengthen EU research investment in industrial safety. ETPIS acts as an open forum and platform to coordinate safety experts and prepare future research. The presentation outlines ETPIS's role in Horizon 2020 and its vision of "Safety for sustainable and competitive future" through various cross-ETP initiatives and projects focused on issues like risk management, aging infrastructure, and safety/security synergies. Examples of past and potential future projects developed through ETPIS that address industrial and critical infrastructure safety are also mentioned.
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk
Â
This document discusses Splunk's security vision, strategy, and platform. It outlines Splunk's positioning as a leader in security information and event management. It describes Splunk's security portfolio and how the platform can be used to prevent, detect, respond to and predict security threats. It also provides examples of how Splunk has helped customers in various industries improve their security operations and gain insights from security and other machine data.
The WITDOM first project presentation has been updated to include a summary of the results corresponding to the first 18 months of the project. The presentation includes a high-level overview of the project scenarios, methodologies to elicit requirements and to formalize them into technical requirements, as well as the initial architecture.
Implications of GDPR for IoT Big Data Security and Privacy FabricMark Underwood
Â
Discussion of ways in which GDPR has, and will continue to influence the SDLC and deployment of IoT, especially as it impacts the privacy and security fabric.
Managing Cloud Security Risks in Your OrganizationCharles Lim
Â
Any Organization in the World need to prepare themselves before they move to the cloud, i.e. cloud security risk assessment. It is all about managing your risks if you accept to move to the cloud and understanding the risks and benefits should be essential part of any organization thinking to move to cloud infrastructure.
TAROT2013 Testing School - Antonia Bertolino presentationHenry Muccini
Â
TAROT 2013 9th International Summer School on Training And Research On Testing, Volterra, Italy, 9-13 July, 2013
These slides summarize Paolo Tonella's presentation about "Academic developments in search based testing for the Future Internet."
Security in the Context of Business Processes: Thoughts from a System Vendor'...Achim D. Brucker
Â
Enterprise systems in general and process aware systems in particular are storing and processing the most critical assets of a company. To protect these assets, such systems need to implement a multitude of security properties. Moreover, such systems need often to comply to various compliance regulations.
In this keynote, we present process-level security requirements as well as discuss the gap between the ideal world of process-aware information systems and the real world. We conclude our presentation by discussing several research challenges in the area of verifiable secure process aware information systems.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Cloud ERP Security: Guidelines for evaluationNazli Sahin
Â
This document provides guidelines for evaluating security issues related to cloud ERP systems. It begins with an introduction that discusses the background of ERP systems, cloud computing, and the emergence of cloud ERP. It then reviews literature on the security issues associated with traditional ERP systems, cloud computing, and cloud ERP. The document describes the qualitative research methodology used, which involved interviews with ERP, cloud computing, and cloud ERP professionals. Key security issues identified include data security, authentication and authorization, architectural issues, ERP implementation, and compliance. Guidelines are then provided to help users evaluate these security issues when considering cloud ERP.
Security Redefined - Prevention is the future!!Daniel L. Cruz
Â
NewSky Security positions itself as a change agent in the security industry by focusing on preventative and proactive security approaches through automated security testing during the software development lifecycle (SDLC). Their AppRisk product performs automated static application security testing (SAST) and dynamic application security testing (DAST) scanning of Android mobile applications to identify vulnerabilities early in the development process. The document discusses NewSky's approach of incorporating security into the SDLC, compares it to shifts in healthcare from reactive to preventative medicine, and outlines AppRisk's capabilities such as rapid scanning times and a large vulnerability repository.
Efficient Solutions For The Automotive & Parts Supplier IndustriesThorne & Derrick UK
Â
This document discusses sensor solutions from SICK for various applications in automotive press shops, including:
1. Using an absolute encoder to record the position of a crane gripper and inductive safety switches to monitor end positions for coil and body part storage.
2. Equipping a blanking line with vision sensors to guide storage and retrieval systems using pre-defined markers and laser sensors to check storage space occupancy.
3. Applying distance sensors, optical data transmission, and safety switches on a press line for high-precision positioning of storage and retrieval systems and end position monitoring.
This curriculum vitae outlines the professional experience and education of Marco Caselli. He received his PhD from the University of Twente in 2016, where he researched network security for industrial control systems. His work experience includes positions as a researcher focusing on cybersecurity, a visiting researcher at UC Berkeley, and security consultant roles. He has strong skills in programming, modeling languages, and operating systems relevant to cybersecurity.
Security and Privacy Big Challenges in Internet of thingsIRJET Journal
Â
This document discusses security and privacy challenges with Internet of Things (IoT) systems. It notes that IoT provides broad functionality but also raises important challenges regarding privacy and security. Some key issues discussed include insufficient authentication, lack of transport encryption, insecure interfaces, default credentials, lack of secure coding practices, and privacy concerns regarding personal data collection. The document recommends approaches to address these challenges, such as base device analysis, network traffic verification, secure code reviews, and end-to-end penetration testing.
Grid Analytics Europe 2016: "Defend the Grid", April 2016OMNETRIC
Â
Presentation by Jon Longstaff at Grid Analytics Europe 2016: Cyber-Secure Analytics â identifying and overcoming the security vulnerabilities of next generation grid analytics infrastructures that integrate multiple systems and data sources.
The document discusses integrating CodeMeter security with industrial flash memory. It notes that combining security and memory in one device is ideal for IoT and embedded systems as it saves space, power and costs. CodeMeter provides encryption, licensing and tamper protection for software and data, while flash memory provides reliable long-term storage. Together this provides optimal protection for intellectual property and allows for new business models in industrial applications and embedded systems.
Blue Coat announced three acquisitions to expand its product portfolio: 1) Solera Networks for its security analytics and forensic capabilities, 2) Netronome for its SSL Visibility Appliance to intercept SSL traffic, and 3) Crossbeam Systems for its X-Series solution to provide scalability. The document discusses how these acquisitions will enhance Blue Coat's offerings in security analytics, SSL inspection, and consolidation/scalability. It also outlines Blue Coat's solutions in web security, traffic control, cloud caching, and key customer initiatives in mobility, guest WiFi, and web threat protection.
The document discusses several IoT security and privacy considerations, including using privacy by design principles to embed privacy into systems from the start, establishing accountability standards and open technology standards to build trust, and addressing common problems like lack of developer security experience, insecure communication protocols, and ensuring secure firmware updates throughout the lifecycle of IoT devices.
Splunk live nyc_2017_sec_buildinganalyticsdrivensocRene Aguero
Â
The document is a presentation by Rene Aguero on building an analytics-driven security operations center (SOC) using Splunk solutions. It discusses challenges with traditional SOCs, emerging trends like threat hunting and automation, and the key components of a SOC technology stack including log management, asset tracking, threat intelligence, and case management. It then outlines how Splunk solutions can help address these issues by providing a platform for centralized data collection, correlation with threat intelligence, and advanced analytics including machine learning.
Make things come alive in a secure way - SigfoxSigfox
Â
Trustworthiness, which encompasses security, privacy, reliability and reliance, is a key challenge for the IoT. Firstly, this is because the IoT is intimately linked to business-critical processes, and secondly because the IoT significantly broadens the surface of attack of business intelligence systems. Sigfox addresses this challenge through a systematic process that assumes that security is relative and will be adapted to the level of threat faced by the application at hand.
Sigfox has gathered a team with lengthy experience in the security industry that deals with all relevant aspects, from security by design to active operational measures. This addresses data protection in motion via measures built in to the protocol (authentication, integrity, encryption, anti-replay, anti-jamming), data protection at rest via cryptographic storage of data and credentials in devices, base stations, and Sigfox Core Network. Reliability and reliance are both native in Sigfox data centers and intrinsic to the Sigfox network architecture to protect against attacks such as DDoS or massive device cloning.
In an effort to support its ecosystem, Sigfox has developed partnerships with internationally recognized security experts to facilitate the introduction of hardware security in devices and provide security assessment schemes for the IoT.
Similar to Semantic technologies for attribute based access: measurable security for the Internet of People, Things and Services (20)
The presentation provides an overview on areas for Master Thesis work at UNIK in the areas of Wireless Networks and Information Security (WNIS). Students from UiO, NTNU or any of our collaboration partners are invited to take contact to define a study in one of these areas. Some of these areas include:
* Radio communication, including
- Communication in the high North, advancing propagation models
- models and protocols for industrial sensor networks
- heterogeneous and adaptive networks
- Internet access and provision for emerging economies
* The 3rd wave of Internet: the Internet of People, Things and Services
- providing context-awareness for mobile and business services
- Socialtainment, integrating your social network into future (electrical) mobility
* Information Security
- establish measurable security for the sensor networks
- adaptable security for sensor-driven applications in traffic, eHealth
* Mobile Applications
- Monitoring Air Quality through mobile devices
- using mobile phones for health monitoring (and fun)
* Light-weight solutions for autonomous operations
- distributed logic for decentralised decision making
- light-weight software for autonomous operations
- semantic systems for advanced information handling in shipping
- in Norwegian
Disse foilene inneholder omrüder for masteroppgaver som kan gjennomføres ved UNIK, forskningsinstitutter ved Kjeller eller samarbeidene industri. Vi tilbyr masteroppgaver i omrüdet adaptive nett og informasjonssikkerhet.
Security, Privacy and Dependability in Mobile NetworksJosef Noll
Â
This document summarizes a presentation given by Josef Noll at the International Conference on Mobility in Venice in October 2012. The presentation discusses security, privacy, and dependability issues in mobile networks. It provides an overview of how security mechanisms have evolved with each generation of mobile networks from 1G to 4G. It highlights key challenges regarding privacy of personal data, reliability of infrastructure systems, and the growth of the Internet of Things connecting billions of sensors to mobile networks.
Internet of Things in Scandinavia - society and ecosystem for early adaptationJosef Noll
Â
Scandinavia (including Finland) is an early adopter of technology. The Arpanet was first connected to Scandinavia (Kjeller, June 1973), and only later to England. Scandinavian researchers contributed to the TCP/IP protocol, and software developers have contributes with Linux, php, Qt.
The people of Scandinavia are demanding, and require the newest services being available.
This presentation shows why Scandinavia is on a good way to let IoT-based services become a success.
The Future Network: Users will own the access in a collaborative radio enviro...Josef Noll
Â
The challenge of providing enough capacity for mobile users in future networks asks for innovative networks. The paper presents home base stations owned by the user as an alternative to femtocells owned by the network operators.
Coverage aspects are linked to business perspectives, and show that network costs can be reduced by more than 70% through the introduction of prosumer base stations.
"Potentials and Challenges for Mobile Commerce - a Nordic PerspectiveJosef Noll
Â
The presentation provides service examples for mobile commerce in the Norwegian/Nordic market. It shows the fantastic increase of easy mCommerce services. Easy still means SMS-based services, as applications (applets) are still too specialised for many people. Even through trends from iPhone, Android and S60 applications show an increased usage, this increase is small as compared to the uptake of SMS-based banking services.
And we are all waiting for NFC, to give a real boost to mobile-initiated payment and access solutions.
This presentation was given at the Tamoco workshop in Merida in September 2009.
Near field communication and RFID - opening for new businessJosef Noll
Â
This document provides an agenda and slides for an RFID and NFC tutorial given by Josef Noll. The agenda covers RFID basics like frequencies and applications. It also discusses NFC technology and scenarios. The slides define RFID and its components like tags and readers. They describe communication modes and provide examples of RFID applications in areas like sports, payment systems, and supply chain management. Potential security issues with RFID like cloning and uncontrolled surveillance are also addressed.
The document discusses trends towards global mobility in wireless services. It outlines key trends such as the need for personalized, context-aware services that provide users with exactly what they want, when they want it. It also discusses challenges around optimizing limited radio capacity and the evolution of technologies like UMTS, WLAN, and approaches to enabling seamless global mobility. Emerging concepts for beyond 3G networks are also summarized, including the era of personalization through personalized broadband wireless services.
This document summarizes a presentation about semantic service provisioning. It discusses moving from traditional web services to semantic web services by adding semantics. This allows for more flexible, easily composed services that can support alternative service provisioning and global, dynamic services. The presentation describes how semantic web services bring more potential to the web by making it more dynamic and enabling discovery, invocation, and monitoring through semantic descriptions of web services.
Semantic Service Creation for Mobile UsersJosef Noll
Â
The document discusses semantic service creation for mobile users. It covers several key topics:
- The elements needed for service delivery to "Beyond 3G" users and whether current technologies can address the challenges.
- How semantic technologies like ontologies can help by describing services semantically and enabling dynamic service composition.
- Examples of how semantics can support personalization and context awareness to better link user preferences to available services.
This document discusses mobile-based authentication and payment using near field communication (NFC) technology. It provides an overview of NFC, including how it works using RFID at 13.56 MHz, typical operating distances of 10 cm, and compatibility with existing RFID standards. Examples of potential NFC uses discussed include mobile payment and ticketing applications.
The document discusses various factors that influence privacy such as cultural sensitivity, personal dignity, and safety concerns. It examines different types of privacy including physical, informational, and organizational privacy. Additionally, it explores related concepts like identity, reputation, and trust in the digital world and how information about individuals is exposed through electronic traces online.
The document discusses personalization and context-aware services. It describes how personalization involves linking user preferences, devices, services and context to provide a customized experience. Personalization requires an expandable user profile that captures preferences and restrictions for different applications and services. The use of semantics and ontologies is proposed to conceptualize profiles and contexts in order to better integrate and adapt services to user needs. The challenges of usability, infrastructure variability and technology complexity are also addressed to ensure personalization enhances rather than hampers the user experience.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Â
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Dive into the realm of operating systems (OS) with Pravash Chandra Das, a seasoned Digital Forensic Analyst, as your guide. đ This comprehensive presentation illuminates the core concepts, types, and evolution of OS, essential for understanding modern computing landscapes.
Beginning with the foundational definition, Das clarifies the pivotal role of OS as system software orchestrating hardware resources, software applications, and user interactions. Through succinct descriptions, he delineates the diverse types of OS, from single-user, single-task environments like early MS-DOS iterations, to multi-user, multi-tasking systems exemplified by modern Linux distributions.
Crucial components like the kernel and shell are dissected, highlighting their indispensable functions in resource management and user interface interaction. Das elucidates how the kernel acts as the central nervous system, orchestrating process scheduling, memory allocation, and device management. Meanwhile, the shell serves as the gateway for user commands, bridging the gap between human input and machine execution. đť
The narrative then shifts to a captivating exploration of prominent desktop OSs, Windows, macOS, and Linux. Windows, with its globally ubiquitous presence and user-friendly interface, emerges as a cornerstone in personal computing history. macOS, lauded for its sleek design and seamless integration with Apple's ecosystem, stands as a beacon of stability and creativity. Linux, an open-source marvel, offers unparalleled flexibility and security, revolutionizing the computing landscape. đĽď¸
Moving to the realm of mobile devices, Das unravels the dominance of Android and iOS. Android's open-source ethos fosters a vibrant ecosystem of customization and innovation, while iOS boasts a seamless user experience and robust security infrastructure. Meanwhile, discontinued platforms like Symbian and Palm OS evoke nostalgia for their pioneering roles in the smartphone revolution.
The journey concludes with a reflection on the ever-evolving landscape of OS, underscored by the emergence of real-time operating systems (RTOS) and the persistent quest for innovation and efficiency. As technology continues to shape our world, understanding the foundations and evolution of operating systems remains paramount. Join Pravash Chandra Das on this illuminating journey through the heart of computing. đ
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
Â
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Tatiana Kojar
Â
Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI.
With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfflufftailshop
Â
When it comes to unit testing in the .NET ecosystem, developers have a wide range of options available. Among the most popular choices are NUnit, XUnit, and MSTest. These unit testing frameworks provide essential tools and features to help ensure the quality and reliability of code. However, understanding the differences between these frameworks is crucial for selecting the most suitable one for your projects.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether youâre at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. Weâll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Â
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Â
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Â
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind fĂźr viele in der HCL-Community seit letztem Jahr ein heiĂes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und LizenzgebĂźhren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer mĂśglich. Das verstehen wir und wir mĂśchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lÜsen kÜnnen, die dazu fßhren kÜnnen, dass mehr Benutzer gezählt werden als nÜtig, und wie Sie ßberflßssige oder ungenutzte Konten identifizieren und entfernen kÜnnen, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnÜtigen Ausgaben fßhren kÜnnen, z. B. wenn ein Personendokument anstelle eines Mail-Ins fßr geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren LÜsungen. Und natßrlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Ăberblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und ĂźberflĂźssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps fßr häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
Â
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
Â
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Â
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Â
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Â
Semantic technologies for attribute based access: measurable security for the Internet of People, Things and Services
1. Center for Wireless
Innovation Norway
cwin.no
CWINorway ISO 15926 and Semantic Technologies
Sogndal, 5.-6.Sep2013
Attribute based access to industrial
life-cycle data, the semantic
dimension
Josef Noll, Martin Follestad, Zahid Iqbal
fredag 6. september 13
2. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Outline
lďŹ Industrial Lifecycle
â Planning, Execution, Extension
â Information analysis & information flow control
lďŹ Security for industrial products
lďŹ Measurable security
â Application in the IoT
â Access, Authentication,... for People, Things And Services (IoPTS)
lďŹ Semantic Approach
â Ontologies for security, system, component functionality
â Metrics based assessment
â Semantic attribute based access
lďŹ Attribute-based access
â context-aware security - for people, things and services
lďŹ Experiences and Conclusions
2
fredag 6. september 13
3. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Industrial Lifecycle
lďŹ Planning
â based on âhidden knowledgeâ
lďŹ Execution
â ongoing control of inventory
lďŹ Extension
â Information analysis
â Information flow control
lďŹ Semantic Approach
â who has access?
â Identity/Roles
3
Service
provider
Trust
fredag 6. september 13
4. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Security for industrial products
lďŹ Designed for an application in mind
â security considerations?
lďŹ Novel application area
â Used âsomewhere elseâ
lďŹ New attack scenario
â Increased customer demands
â New regulations
lďŹ Retro-fit versus New Sensors
â existing infrastructure
â âremote operationâ
4
[source: Living on purpose, telus.net]
fredag 6. september 13
5. Sep 2013, Josef NollSecurity in Industrial LifeCycle
The Semantic Dimension of
the Internet of Things (IoT)
5
Source: L. Atzori et al., The
Internet of Things: A survey,
Comput. Netw. (2010), doi:
10.1016/ j.comnet.2010.05.010
Text
* security
* privacy
* dependability
- context
- content
* personalised
fredag 6. september 13
6. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Information âtruthâ
lďŹ Measurable Security
lďŹ Retro-fit versus Cognitive Computing
lďŹ Information handling
6
[source: Christopher Conradi, IBM]
fredag 6. september 13
7. Sep 2013, Josef NollSecurity in Industrial LifeCycle
IoT application in Oil and Gas
7
âLicense to shareâ? - 0/1 - true/false
fredag 6. september 13
8. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Measurable Security
lďŹ Insecure <-> Secure
â IETF better-than-nothing-security (btns)
lďŹ Information distribution along 0/1 (false/true)?
â âsomeone has stolen my identityâ -> access granted
â behaviour monitoring
â change in partners/companies/hierarchies
lďŹ Data integration and weighting
â integration of heterogeneous data: seismic, drilling,
transportation
â used across systems, disciplines, and organisations
lďŹ Automated processes
â who contributes
â value and impact of contribution
â reasoning 8
fredag 6. september 13
9. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Security areas in IoPTS
9
connection
monitoring
security
control
Abstraction and
Virtualization
fredag 6. september 13
10. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Security areas in IoPTS
9
connection
monitoring
security
control
Abstraction and
Virtualization
fredag 6. september 13
11. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Security challenges
lďŹ heterogeneous infrastructures
â sensors, devices
â networks, cloud
â services, app stores
lďŹ BYOD - bring your own device
⥠you canât control
⥠concentrate on the core values
lďŹ Internet of People, Things and Service (IoPTS)
â content aware: value to alarm
â context aware: who has access - âwe are not all friendsâ
â attributes for security assessment
⥠Measure your values
10
fredag 6. september 13
13. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Sensor Network Architecture
lďŹ Semantic dimension
â Application
â Services
â Security, QoS,
â Policies
â mapping
lďŹ System
â sensor networks
â gateway
â base station
12
Source: Compton et al., A
survey of semantic
speciďŹcation of sensors, 2009
fredag 6. september 13
14. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Security assessment:
Traditional approach
13
[source: http://securityontology.sba-research.org/]
Vulnerability
Threat
Asset/
System
Security
attribute
Control
Organisation
Control
type
Severity
scale
fredag 6. september 13
15. Sep 2013, Josef NollSecurity in Industrial LifeCycle
The nSHIELD approach
lďŹ JU Artemis nSHIELD project
lďŹ focus on âmeasurable securityâ for
embedded systems
Core concept
lďŹ Threat analysis
lďŹ Goal definition
lďŹ Semantic security description
lďŹ Semantic system description
lďŹ Security composability
14
Environment
and threat
analysis
Security
assessment
Metrics
Implementation
Security
Definition
ontologies
Overlay for
security
composability
http://newSHIELD.eu
fredag 6. september 13
16. Sep 2013, Josef NollSecurity in Industrial LifeCycle
newSHIELD.eu approach
lďŹ Security, here
â security (S)
â privacy (P)
â dependability (D)
lďŹ across the value chain
â from sensors to
services
lďŹ measurable security
15
Intelligence
Overlay
Sensors,
Embedded Systems
Network
Cloud services
Is made by
Could be
can be
composed
System
Components and
functionalities
SPD Components, SPD
functionalities
fredag 6. september 13
17. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Limitations of the traditional
approach
lďŹ Scalability
â Threats
â System
â Vulnerability
lďŹ System of Systems
â sensors
â gateway
â middleware
â business processes
16
Vulnerability
Threat
Asset/
System
Security
attribute
Control
Organisation
Control
type
Severity
scale
fredag 6. september 13
18. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Limitations of the traditional
approach
lďŹ Scalability
â Threats
â System
â Vulnerability
lďŹ System of Systems
â sensors
â gateway
â middleware
â business processes
16
Vulnerability
Threat
Asset/
System
Security
attribute
Control
Organisation
Control
type
Severity
scale
Recommendation:
fredag 6. september 13
19. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Limitations of the traditional
approach
lďŹ Scalability
â Threats
â System
â Vulnerability
lďŹ System of Systems
â sensors
â gateway
â middleware
â business processes
16
Vulnerability
Threat
Asset/
System
Security
attribute
Control
Organisation
Control
type
Severity
scale
One ontology per aspect:
- security
- system
- threats
...
Recommendation:
fredag 6. september 13
20. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Security description
17
Security
attributes
availability
confidentiality
integrity
safety
reliability
maintainability
System
components
memory
sensor
network
connection
... ...
Security
functionality
authentication
identity
encryption
error
control
...
fredag 6. september 13
21. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Security description
17
Security
attributes
availability
confidentiality
integrity
safety
reliability
maintainability
System
components
memory
sensor
network
connection
... ...
Security
functionality
authentication
identity
encryption
error
control
...
Recommendation: One ontology per aspect
fredag 6. september 13
22. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Goal description
lďŹ Specific parameters for
each application?
â availability = 0.8
â confidentiality = 0.7
â reliability = 0.5
â ...
lďŹ more specific
lďŹ easier to understand(?)
18
lďŹ Common approach?
â SPD = level 4
lďŹ universal approach
â code âredâ
lďŹ based on application specific goal, e.g. high reliability
this way? that way?
fredag 6. september 13
23. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Goal description
lďŹ Specific parameters for
each application?
â availability = 0.8
â confidentiality = 0.7
â reliability = 0.5
â ...
lďŹ more specific
lďŹ easier to understand(?)
18
lďŹ Common approach?
â SPD = level 4
lďŹ universal approach
â code âredâ
lďŹ based on application specific goal, e.g. high reliability
this way? that way?
Open Issue - way on how to describe the security goal
fredag 6. september 13
24. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Base of knowledge
Threat description through Metrics
Factors to be
considered
â˘Elapsed Time
â˘Expertise
â˘Knowledge of
functionality
â˘Window of opportunity
â˘Equipmentwith
Essential to build
Factor Value
Elapsed Time
<= one day 0
<= one week 1
<= one month 4
<= two months 7
<= three months 10
<= four months 13
<= five months 15
<= six months 17
> six months 19
Expertise
Layman 0
Proficient 3*(1)
Expert 6
Multiple experts 8
Knowledge of
functionality
Public 0
Restricted 3
Sensitive 7
Critical 11
Window of
Unnecessary / unlimited
access
0
Easy 1
Moderate 4
Difficult 10
Unfeasible 25**(2)
Equipment
Standard 0
Specialised 4(3)
Bespoke 7
Multiple bespoke 9
where
19
System
Functio
nality
SPD
system
Attack scenarios
SPD
level
SPD
attributes
SPD
threats
Calculated attack
potential
Minimum attack potential value to
exploit a vulnerability
= SPD value
SPD = security, privacy, dependability
fredag 6. september 13
25. Sep 2013, Josef NollSecurity in Industrial LifeCycle
From security assessment to
Attribute-based access
lďŹ Security assessment of the Internet of Things
â Apply SHIELD methodology for SecPrivDep (SPD)
â Describe functionalities in terms of security (ontologies)
â Assess threats through Metrics
â achieve a mean for SPD
lďŹ Access to information
â who,
â what kind of information
â from where
lďŹ Attribute-based access
â role (in project, company)
â device, network
â security tokens 20
fredag 6. september 13
26. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Semantic attribute based (S-ABAC)
lďŹ Access to information
â Sensor, Person, Service
lďŹ Attributes
â roles
â type of access
â device
â reputation
â behaviour
â ...
21
Oil and Gas
knowledge
drilling
production
transport
market
request
price
calculation
fredag 6. september 13
27. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Semantic attribute based (S-ABAC)
lďŹ Access to information
â Sensor, Person, Service
lďŹ Attributes
â roles
â type of access
â device
â reputation
â behaviour
â ...
21
Oil and Gas
knowledge
drilling
production
transport
market
request
price
calculation
finance
fredag 6. september 13
28. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Semantic attribute based (S-ABAC)
lďŹ Access to information
â Sensor, Person, Service
lďŹ Attributes
â roles
â type of access
â device
â reputation
â behaviour
â ...
21
Oil and Gas
knowledge
drilling
production
transport
market
request
price
calculation
finance
production
fredag 6. september 13
29. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Bringing attributes to IoPTS
22
connection
monitoring
security
control
Abstraction and
Virtualization
lďŹ Ontology-representation of access
lďŹ needs: âSPD access = 0.7â
lďŹ based on attributes
fredag 6. september 13
30. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Example - Smart Energy Grid
lďŹ who has control to what?
23
fredag 6. september 13
31. Sep 2013, Josef NollSecurity in Industrial LifeCycle
ODATA - based ABAC
lďŹ ODATA,
â released Feb2009
â Entity Data Model (EDM)
â Common Schema Definition
Language (CSDL)
â Entity Framework to infer the
conceptual model
â Query language LINQ
â is a query language
lďŹ Used by: StackOverflow, eBay,
TechEd, Netflix,...
lďŹ Microsoftâs approach for
interworking
24
fredag 6. september 13
32. Sep 2013, Josef NollSecurity in Industrial LifeCycle
S-ABAC based access
lďŹ OWL & SWRL implementation
lďŹ Rules inferring security tokens
25
canOwn(?person,?attributes) ⊠withHold(?token,?attributes) âŠ
(Person(?person) -> SecurityTokenIssueTo(?token, ?person)
fredag 6. september 13
33. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Application - Smart-grid
26
lďŹ Access
criteria
â Security
token
â role
â context
lďŹ Policies
â service
requirements
â service
tokens
â user tokens
fredag 6. september 13
34. Sep 2013, Josef NollSecurity in Industrial LifeCycle
Conclusions & Recommendations
lďŹ Recommendations
â one ontology per aspects
â semantic attribute based
access control
lďŹ Open Issues
â description of security
goals
â metrics description of threat
â sensor description
lďŹ Require âlogicâ in purchase
process
27
Security
functionality
authentication
identity
encryption
error
control
...
availability = 0.8,
confidentiality=0.9, integrity=0.6
universal threat metrics?
SenML
SensorML
Semantic Sensor
Network (SSN)
fredag 6. september 13
35. CWI
May 2012, Josef Noll
My special thanks to
⢠JU Artemis and the Research
Councils of the participating
countries (IT, HE, PT, SL, NO,
ES)
⢠Andrea Fiaschetti for the
semantic middleware and ideas
⢠Inaki Eguia Elejabarrieta,Andrea
Morgagni, Francesco Flammini,
Renato Baldelli, Vincenzo Suraci
for the Metrices
⢠Przemyslaw Osocha for running
the pSHIELD project
⢠Cecilia Coveri (SelexElsag) for
running the nSHIELD project
⢠Sarfraz Alam (UNIK) and Geir
Harald Ingvaldsen (JBV) for the
train demo
⢠Zahid Iqbal and Mushfiq
Chowdhury for the semantics
⢠Hans Christian Haugli and Juan
Carlos Lopez Calvet for the
Shepherd ÂŽ interfaces
⢠and all those I have forgotten to
mention
28
fredag 6. september 13