Resilience is introduced as the new security goal supported with security/safety-related information by data-centric services for predictive risk management in real-time. Secondary use of personal information is of essential importance. The problem is that data-centric services threaten resilience. Although privacy as a state of equilibrium and its enforcement with usable security by identity management aims actually at decreasing users’ own risk, its use by data-centric services for unilateral information flow control threatens privacy and resilience. Users lose control on their identity while at the same time competitiveness of in particular small and medium service providers is endangered due to reliable statements on authentication of derived information. Self-protection, however, depends on opposite security interests. This talk claims that Multilateral Security improves privacy and resilience by a multilateral secondary use of personal security-related information for distributed usage control. This kind of privacy is understood as informational self-determination whereas the key concept is non-linkable delegation of rights on secondary use of personal information.
presented at the workshop "Usable Security and Privacy" an event of "Mittelstand-Digital" of the Federal Ministry for Economic Affairs and Energy (BMWi) and HCI conference "Mensch und Computer 2015" in Stuttgart, Germany http://www.mittelstand-digital.de/DE/Service/suche,did=717526.html
Int. Workshop on Information Systems for Social Innovation (ISSI) 2013 Session: Systems Resilience
National Institute of Informatics, Tokyo, Japan
February 4, 2014
http://tric.rois.ac.jp/human/ISSI2013/
Privacy with Secondary Use of Personal InformationSven Wohlgemuth
Secondary use of personal information is of essential importance for the Internet of Things. The main application is resilience. Biometrics is an example for support of resilience in times of a natural disaster. The primary use of biometrics is to identify people; a secondary use is to improve healthcare services for affected people. This requires information sharing with third parties. The challenge faced for reliable support of the Internet of Things is safety. Special cases of security systems achieve safety for information flow, but they don’t scale for secondary use. Their users lose control on their identity. With the aim of improving usability of security, this research-in-progress proposes a multilateral information flow control. This is privacy as understood with informational self-determination. The key is usage control with secure delegation of rights and a secondary use of personal security-related information as Open Data.
PersoApp - Secure and User-Friendly Internet ApplicationsSven Wohlgemuth
The document discusses secure and user-friendly internet applications. It describes how identity theft and data breaches currently occur through malicious authentication and a lack of privacy controls. The document proposes extending identity infrastructure to enable mobility, identity control, privacy control, and privacy forensics in order to provide transparency and detect any misuse of personal data or identities.
Resilience as a new Enforcement Model for IT Security based on Usage ControlSven Wohlgemuth
Security and privacy are not only general requirements of a society but also indispensable enablers for innovative IT infrastructure applications aiming at increased, sustainable welfare and safety of a society. A critical activity of these IT applications is spontaneous information exchange. This information exchange, however, creates inevitable, unknown dependencies between the participating IT systems, which, in turn threaten security and privacy. With the current approach to IT security, security and privacy follow changes and incidents rather than anticipating them. By sticking to a given threat model, the current approach fails to consider vulnerabilities which arise during a spontaneous information exchange. With the goal of improving security and privacy, this work proposes adapting an IT security model and its enforcement to current and most probable incidents before they result in an unacceptable risk for the participating parties or failure of IT applications. Usage control is the suitable security policy model, since it allows changes during run-time without conceptually raising additional incidents.
Privacy-Enhancing Trust Infrastructure for Process MiningSven Wohlgemuth
Presented at SCIS 2017 Symposium on Cryptography and Information Security, Okinawa, Japan
Threats to a society and its social infrastructure are inevitable and endanger human life and welfare. Resilience is a core concept to cope with such threats in strengthening risk management in spite of incidents of any kind. This paper discusses the secondary use of personal information as a key element in such conditions and the relevant process mining. It realizes a completeness in an acceptable manner to mitigate a usability problem by secondary use of personal information. Even though, acceptable soundness is still realized in our scheme for a fundamental privacy-enhancing trust infrastructure. Our work approaches the Ground Truth for a personal predictive IT risk management by process mining with the block chain technology and privacy-enhancing mechanisms.
Tagging Disclosure of Personal Data to Third Parties to Preserve PrivacySven Wohlgemuth
Honored as one of the best papers of IFIP SEC 2010 Security & Privacy - Silver Linings in the Cloud
Privacy in cloud computing is at the moment simply a promise to be kept by the software service providers. Users are neither able to control the disclosure of personal data to third parties nor to check if the software service providers have followed the agreed-upon privacy policy. Therefore, disclosure of the users‘ data to the software service providers of the cloud raises privacy risks. In this article, we show a privacy risk by the example of using electronic health records abroad. As a countermeasure by an ex post enforcement of privacy policies, we propose to observe disclosures of personal data to third parties by using data provenance history and digital watermarking.
Int. Workshop on Information Systems for Social Innovation (ISSI) 2013 Session: Systems Resilience
National Institute of Informatics, Tokyo, Japan
February 4, 2014
http://tric.rois.ac.jp/human/ISSI2013/
Privacy with Secondary Use of Personal InformationSven Wohlgemuth
Secondary use of personal information is of essential importance for the Internet of Things. The main application is resilience. Biometrics is an example for support of resilience in times of a natural disaster. The primary use of biometrics is to identify people; a secondary use is to improve healthcare services for affected people. This requires information sharing with third parties. The challenge faced for reliable support of the Internet of Things is safety. Special cases of security systems achieve safety for information flow, but they don’t scale for secondary use. Their users lose control on their identity. With the aim of improving usability of security, this research-in-progress proposes a multilateral information flow control. This is privacy as understood with informational self-determination. The key is usage control with secure delegation of rights and a secondary use of personal security-related information as Open Data.
PersoApp - Secure and User-Friendly Internet ApplicationsSven Wohlgemuth
The document discusses secure and user-friendly internet applications. It describes how identity theft and data breaches currently occur through malicious authentication and a lack of privacy controls. The document proposes extending identity infrastructure to enable mobility, identity control, privacy control, and privacy forensics in order to provide transparency and detect any misuse of personal data or identities.
Resilience as a new Enforcement Model for IT Security based on Usage ControlSven Wohlgemuth
Security and privacy are not only general requirements of a society but also indispensable enablers for innovative IT infrastructure applications aiming at increased, sustainable welfare and safety of a society. A critical activity of these IT applications is spontaneous information exchange. This information exchange, however, creates inevitable, unknown dependencies between the participating IT systems, which, in turn threaten security and privacy. With the current approach to IT security, security and privacy follow changes and incidents rather than anticipating them. By sticking to a given threat model, the current approach fails to consider vulnerabilities which arise during a spontaneous information exchange. With the goal of improving security and privacy, this work proposes adapting an IT security model and its enforcement to current and most probable incidents before they result in an unacceptable risk for the participating parties or failure of IT applications. Usage control is the suitable security policy model, since it allows changes during run-time without conceptually raising additional incidents.
Privacy-Enhancing Trust Infrastructure for Process MiningSven Wohlgemuth
Presented at SCIS 2017 Symposium on Cryptography and Information Security, Okinawa, Japan
Threats to a society and its social infrastructure are inevitable and endanger human life and welfare. Resilience is a core concept to cope with such threats in strengthening risk management in spite of incidents of any kind. This paper discusses the secondary use of personal information as a key element in such conditions and the relevant process mining. It realizes a completeness in an acceptable manner to mitigate a usability problem by secondary use of personal information. Even though, acceptable soundness is still realized in our scheme for a fundamental privacy-enhancing trust infrastructure. Our work approaches the Ground Truth for a personal predictive IT risk management by process mining with the block chain technology and privacy-enhancing mechanisms.
Tagging Disclosure of Personal Data to Third Parties to Preserve PrivacySven Wohlgemuth
Honored as one of the best papers of IFIP SEC 2010 Security & Privacy - Silver Linings in the Cloud
Privacy in cloud computing is at the moment simply a promise to be kept by the software service providers. Users are neither able to control the disclosure of personal data to third parties nor to check if the software service providers have followed the agreed-upon privacy policy. Therefore, disclosure of the users‘ data to the software service providers of the cloud raises privacy risks. In this article, we show a privacy risk by the example of using electronic health records abroad. As a countermeasure by an ex post enforcement of privacy policies, we propose to observe disclosures of personal data to third parties by using data provenance history and digital watermarking.
Privacy-Preserving Data Analysis, Adria GasconUlrik Lyngs
This document discusses privacy-preserving data analysis and multi-party machine learning. It introduces the challenges of jointly learning models on private data from multiple parties without sharing the raw data. Secure multi-party computation techniques allow parties to engage in online secure communications to compute functions while learning only the output and nothing else. The document presents work on a system for privacy-preserving distributed linear regression on vertically partitioned data with formal privacy guarantees. It also discusses other applications like private document classification in federated databases and privacy-preserving distributed hypothesis testing.
Microlearning in crowdsourcing and crowdtasking applicaitonsDenis Havlik
A presentation given by Denis Havlik (AIT) on "Microlearning 7.0" conference (26-27 09 2013, Krems)
It presents the challenges of the crowdsourcing/crowdtasking applications and proposes the way to improve them by integrating the microlearning approaches in the applications.
This document provides an overview of proactive database forensics in the Bring Your Own Device (BYOD) era. It discusses the importance of digital forensics for investigating security incidents, particularly challenges for database forensics. Both reactive and proactive approaches to database forensics are described, with proactive being preferable. A threat model is introduced that analyzes security threats posed by BYOD using the STRIDE framework, including threats of information disclosure and contamination from insider actions. Future work is needed to develop proactive forensic techniques that can effectively monitor insider actions and generate trusted digital evidence in the BYOD environment.
post hoc to the implementation of the app; (2) a Unity toolkit that includes five additional tools requiring simple inputs from developers
post hoc to the implementation of the app; (2) a
Unity toolkit that includes five additional tools requiring
simple inputs from developers
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
The document summarizes a research paper on applying wavelet transforms to differentially private data publishing. It discusses how traditional differentially private methods add noise proportional to query sensitivity, reducing accuracy. The proposed Privelet framework applies wavelet transforms before adding noise. This improves accuracy of range count queries by reducing noise variance to polylogarithmic in the number of tuples. It provides the theoretical underpinnings of Privelet and evaluates its empirical performance on real and synthetic datasets.
VOLUME-7 ISSUE-8, AUGUST 2019 , International Journal of Research in Advent Technology (IJRAT) , ISSN: 2321-9637 (Online) Published By: MG Aricent Pvt Ltd
This document proposes a refinement of the slicing anonymization technique for privacy-preserving data mining. Slicing anonymization has been shown to effectively preserve data quality while achieving high data privacy. The proposed refinement aims to achieve even higher data utility and more secure data publishing through probabilistic non-homogeneous suppression and consideration of attribute correlations. The results of applying the technique to election data are analyzed using standard classification metrics to validate that the refined approach maintains high data quality and strong privacy preservation.
Everything you always wanted to know about Synthetic DataMOSTLY AI
Dr. Michael Platzer gave a guest lecture at Imperial College London on synthetic data. He discussed how synthetic data is more useful than real data due to being statistically representative while maintaining privacy. He evaluated the accuracy of synthetic data by comparing machine learning models trained on synthetic versus real data, as well as measuring deviations in marginal distributions. To evaluate privacy, he analyzed whether synthetic data prevents attribute disclosure and membership inference attacks by training "shadow models" and comparing distance measures between synthetic and real records. The presentation provided an overview of evaluating and ensuring the quality and privacy of synthetic data.
This document discusses the challenges and opportunities biology faces with increasing data generation. It outlines four key points:
1) Research approaches for analyzing infinite genomic data streams, such as digital normalization which compresses data while retaining information.
2) The need for usable software and decentralized infrastructure to perform real-time, streaming data analysis.
3) The importance of open science and reproducibility given most researchers cannot replicate their own computational analyses.
4) The lack of data analysis training in biology and efforts at UC Davis to address this through workshops and community building.
Images Steganography using Pixel Value Difference and Histogram AnalysisNortheastern University
A new data hiding method is proposed in this project , which can increase the steganographic security of a data hiding scheme .In this method a cover image is first mapped into a 1D pixels sequence by Hilbert filling curve and then it has been divided into non-overlapping embedding units .The division is made such that it gives two consecutive pixel values .As human eye has limited tolerance when it comes to texture and edge areas than in smooth areas , and as the difference between the pixel pairs in those areas are larger , therefore the method exploites pixel value difference (PVD) to solve out overflow underflow problem .
David Montaner is a statistician who works in computational genomics, focusing on massive data analysis and gene set analysis. He has developed methods for multi-dimensional gene set analysis and improving gene set analysis for next generation sequencing data. His ongoing work includes improving software implementation, adjusting methods for NGS data, extending the approach to other genomic features, and investigating topological pathway analysis and metagenomics.
The document discusses various topics related to IT security and risk mitigation. It begins with an overview of basic IT security principles such as confidentiality, integrity, availability, authenticity, non-repudiation and accountability. It also discusses banking security standards and the importance of having policies, procedures, and standards to ensure security. Finally, it covers the different types of risk mitigation controls including administrative, logical, and physical controls that can be implemented to minimize security risks.
This document discusses various techniques for improving security automation and visibility, including discovering and inventorying assets, prioritizing risks, performing multi-layer security testing, monitoring configurations, discovering and handling security intelligence, and refining security signals and response. Key recommendations include tailoring discovery to the rate of change, considering data normalization, using risk prioritization as an input not a law, avoiding certain conversations, leveraging security testing pyramids, recognizing a continuum of configuration safety, developing an intelligence taxonomy, and starting small with signal refinement and response automation.
Open Government Data - Security Risk or mean for Threat PreventionJohann Höchtl
This document discusses open government data and its associated security risks and future prospects. It begins by outlining the political mindset of transparency that drives open data initiatives. It then defines open government data and provides examples. Reasons for open data include increased transparency, efficiency and trust in government. However, publicly releasing certain data sets could enable threats like targeting critical infrastructure or planning attacks. Future research is needed to assess security risks and how to select and release data to maximize benefits while mitigating risks. The document concludes by discussing a model for evaluating open data initiatives based on their overall security and welfare impacts.
1) The document reviews various techniques for hiding information in digital images, known as image steganography. It discusses techniques like LSB insertion, PVD, edge-based, and PIT methods.
2) It provides an overview of each technique, outlining their advantages and disadvantages. For example, it notes that LSB insertion is simple but vulnerable, while PVD provides higher capacity with better imperceptibility.
3) The document also covers applications of steganography like copyright control, secret communication, tamper proofing, and digital watermarks. It analyzes how steganographic techniques can be evaluated based on metrics like capacity, security, and robustness against modifications.
People Committed to Solving our Information Security Language ProblemSecurityStudio
The talk given at the ISSA Phoenix Q4 2019 Chapter Meeting on 12/5/19. Four parts to the talk; housekeeping (where we establish some credibility), meat (where we discuss our information security language problem, the dream (where we talk about security America), and the call to action (get involved and get stuff done).
ISSA-OC and Webster University Cybersecurity Seminar Series PresentationSecurityStudio
The slide deck used on 11/21/19. There are four parts to this talk; housekeeping (establishing credibility with the audience), the meat (our information security language problem and our solution), the dream (securing America), and the call to action (get your free S2Org and S2Me risk assessments).
A Secure Decision-Support Scheme for Self-Sovereign Identity ManagementSven Wohlgemuth
This document discusses self-sovereign identity management using zero-knowledge proofs and blockchain technology. It proposes a scheme where individuals own and control their personal data through a decentralized identity system. Intermediaries could verify relationships and attributes about an identity through zero-knowledge proofs without learning the underlying data. Blockchain consensus protocols and smart contracts would enforce accountability and transparency around data access and usage according to individuals' preferences. This framework aims to give individuals sovereignty over their digital identities and personal data.
This document proposes a blockchain-based system called SK4SC (Secure Kernel for Supply Chains) to address security and privacy issues in supply chain management. SK4SC uses anonymous attribute-based credentials, zero-knowledge proofs, and digital signatures to enable the verifiable and auditable sharing of information while preserving privacy. It aims to establish accountability and enforce compliance through the recording of data provenance and rights management on an open distributed ledger. This would help detect supply chain attacks and unauthorized data access in a transparent yet private manner.
Privacy-Preserving Data Analysis, Adria GasconUlrik Lyngs
This document discusses privacy-preserving data analysis and multi-party machine learning. It introduces the challenges of jointly learning models on private data from multiple parties without sharing the raw data. Secure multi-party computation techniques allow parties to engage in online secure communications to compute functions while learning only the output and nothing else. The document presents work on a system for privacy-preserving distributed linear regression on vertically partitioned data with formal privacy guarantees. It also discusses other applications like private document classification in federated databases and privacy-preserving distributed hypothesis testing.
Microlearning in crowdsourcing and crowdtasking applicaitonsDenis Havlik
A presentation given by Denis Havlik (AIT) on "Microlearning 7.0" conference (26-27 09 2013, Krems)
It presents the challenges of the crowdsourcing/crowdtasking applications and proposes the way to improve them by integrating the microlearning approaches in the applications.
This document provides an overview of proactive database forensics in the Bring Your Own Device (BYOD) era. It discusses the importance of digital forensics for investigating security incidents, particularly challenges for database forensics. Both reactive and proactive approaches to database forensics are described, with proactive being preferable. A threat model is introduced that analyzes security threats posed by BYOD using the STRIDE framework, including threats of information disclosure and contamination from insider actions. Future work is needed to develop proactive forensic techniques that can effectively monitor insider actions and generate trusted digital evidence in the BYOD environment.
post hoc to the implementation of the app; (2) a Unity toolkit that includes five additional tools requiring simple inputs from developers
post hoc to the implementation of the app; (2) a
Unity toolkit that includes five additional tools requiring
simple inputs from developers
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
The document summarizes a research paper on applying wavelet transforms to differentially private data publishing. It discusses how traditional differentially private methods add noise proportional to query sensitivity, reducing accuracy. The proposed Privelet framework applies wavelet transforms before adding noise. This improves accuracy of range count queries by reducing noise variance to polylogarithmic in the number of tuples. It provides the theoretical underpinnings of Privelet and evaluates its empirical performance on real and synthetic datasets.
VOLUME-7 ISSUE-8, AUGUST 2019 , International Journal of Research in Advent Technology (IJRAT) , ISSN: 2321-9637 (Online) Published By: MG Aricent Pvt Ltd
This document proposes a refinement of the slicing anonymization technique for privacy-preserving data mining. Slicing anonymization has been shown to effectively preserve data quality while achieving high data privacy. The proposed refinement aims to achieve even higher data utility and more secure data publishing through probabilistic non-homogeneous suppression and consideration of attribute correlations. The results of applying the technique to election data are analyzed using standard classification metrics to validate that the refined approach maintains high data quality and strong privacy preservation.
Everything you always wanted to know about Synthetic DataMOSTLY AI
Dr. Michael Platzer gave a guest lecture at Imperial College London on synthetic data. He discussed how synthetic data is more useful than real data due to being statistically representative while maintaining privacy. He evaluated the accuracy of synthetic data by comparing machine learning models trained on synthetic versus real data, as well as measuring deviations in marginal distributions. To evaluate privacy, he analyzed whether synthetic data prevents attribute disclosure and membership inference attacks by training "shadow models" and comparing distance measures between synthetic and real records. The presentation provided an overview of evaluating and ensuring the quality and privacy of synthetic data.
This document discusses the challenges and opportunities biology faces with increasing data generation. It outlines four key points:
1) Research approaches for analyzing infinite genomic data streams, such as digital normalization which compresses data while retaining information.
2) The need for usable software and decentralized infrastructure to perform real-time, streaming data analysis.
3) The importance of open science and reproducibility given most researchers cannot replicate their own computational analyses.
4) The lack of data analysis training in biology and efforts at UC Davis to address this through workshops and community building.
Images Steganography using Pixel Value Difference and Histogram AnalysisNortheastern University
A new data hiding method is proposed in this project , which can increase the steganographic security of a data hiding scheme .In this method a cover image is first mapped into a 1D pixels sequence by Hilbert filling curve and then it has been divided into non-overlapping embedding units .The division is made such that it gives two consecutive pixel values .As human eye has limited tolerance when it comes to texture and edge areas than in smooth areas , and as the difference between the pixel pairs in those areas are larger , therefore the method exploites pixel value difference (PVD) to solve out overflow underflow problem .
David Montaner is a statistician who works in computational genomics, focusing on massive data analysis and gene set analysis. He has developed methods for multi-dimensional gene set analysis and improving gene set analysis for next generation sequencing data. His ongoing work includes improving software implementation, adjusting methods for NGS data, extending the approach to other genomic features, and investigating topological pathway analysis and metagenomics.
The document discusses various topics related to IT security and risk mitigation. It begins with an overview of basic IT security principles such as confidentiality, integrity, availability, authenticity, non-repudiation and accountability. It also discusses banking security standards and the importance of having policies, procedures, and standards to ensure security. Finally, it covers the different types of risk mitigation controls including administrative, logical, and physical controls that can be implemented to minimize security risks.
This document discusses various techniques for improving security automation and visibility, including discovering and inventorying assets, prioritizing risks, performing multi-layer security testing, monitoring configurations, discovering and handling security intelligence, and refining security signals and response. Key recommendations include tailoring discovery to the rate of change, considering data normalization, using risk prioritization as an input not a law, avoiding certain conversations, leveraging security testing pyramids, recognizing a continuum of configuration safety, developing an intelligence taxonomy, and starting small with signal refinement and response automation.
Open Government Data - Security Risk or mean for Threat PreventionJohann Höchtl
This document discusses open government data and its associated security risks and future prospects. It begins by outlining the political mindset of transparency that drives open data initiatives. It then defines open government data and provides examples. Reasons for open data include increased transparency, efficiency and trust in government. However, publicly releasing certain data sets could enable threats like targeting critical infrastructure or planning attacks. Future research is needed to assess security risks and how to select and release data to maximize benefits while mitigating risks. The document concludes by discussing a model for evaluating open data initiatives based on their overall security and welfare impacts.
1) The document reviews various techniques for hiding information in digital images, known as image steganography. It discusses techniques like LSB insertion, PVD, edge-based, and PIT methods.
2) It provides an overview of each technique, outlining their advantages and disadvantages. For example, it notes that LSB insertion is simple but vulnerable, while PVD provides higher capacity with better imperceptibility.
3) The document also covers applications of steganography like copyright control, secret communication, tamper proofing, and digital watermarks. It analyzes how steganographic techniques can be evaluated based on metrics like capacity, security, and robustness against modifications.
People Committed to Solving our Information Security Language ProblemSecurityStudio
The talk given at the ISSA Phoenix Q4 2019 Chapter Meeting on 12/5/19. Four parts to the talk; housekeeping (where we establish some credibility), meat (where we discuss our information security language problem, the dream (where we talk about security America), and the call to action (get involved and get stuff done).
ISSA-OC and Webster University Cybersecurity Seminar Series PresentationSecurityStudio
The slide deck used on 11/21/19. There are four parts to this talk; housekeeping (establishing credibility with the audience), the meat (our information security language problem and our solution), the dream (securing America), and the call to action (get your free S2Org and S2Me risk assessments).
A Secure Decision-Support Scheme for Self-Sovereign Identity ManagementSven Wohlgemuth
This document discusses self-sovereign identity management using zero-knowledge proofs and blockchain technology. It proposes a scheme where individuals own and control their personal data through a decentralized identity system. Intermediaries could verify relationships and attributes about an identity through zero-knowledge proofs without learning the underlying data. Blockchain consensus protocols and smart contracts would enforce accountability and transparency around data access and usage according to individuals' preferences. This framework aims to give individuals sovereignty over their digital identities and personal data.
This document proposes a blockchain-based system called SK4SC (Secure Kernel for Supply Chains) to address security and privacy issues in supply chain management. SK4SC uses anonymous attribute-based credentials, zero-knowledge proofs, and digital signatures to enable the verifiable and auditable sharing of information while preserving privacy. It aims to establish accountability and enforce compliance through the recording of data provenance and rights management on an open distributed ledger. This would help detect supply chain attacks and unauthorized data access in a transparent yet private manner.
Secure Sharing of Design Information with BlockchainsSven Wohlgemuth
To defend against evolving cyberattacks, defenders alone have limitations to prevent attacks from multiple and powerful attackers. We show a new way for defenders to collaborate closely and to make the necessary security by design. Blockchains are used, and accountability occurs in such a way for incentive so that participants will comply with the rules. Intellectual property rights of individual defenders are protected, and unnecessary leakage of trade secrets and personal information can be avoided. In the mutual interaction between humans and computer, information is shared in such a way that humans correctly benefit from AI-supported machines as intelligent amplifiers.
Talks @ 2018 IEICE Society Conference
個人情報の有効活用を可能にする (Enabling effective use of personal information)Sven Wohlgemuth
Talk @ 「The Future of Blockchain」 on May 13th, 2017
25th Academic Forum of WASEDA University, Tokyo, Japan
About this forum:
http://www.waseda.jp/sanken/forum/academic/img/25th_academic_forum.pdf
http://www.waseda.jp/sanken
Lecture on IT Security and Technical Data Protection
Part 4: Cryptography
Summer term 2016
(in German: 4 Kryptographie
der Vorlesung IT-Sicherheit und Technischer Datenschutz
im Sommersemester 2016)
Lecture on IT Security and Technical Data Protection
Part 3: Security Models
Summer term 2016
(in German: 3 Sicherheitsmodelle
der Vorlesung IT-Sicherheit und Technischer Datenschutz
im Sommersemester 2016)
Privacy in Business Processes by User-Centric Identity ManagementSven Wohlgemuth
This document summarizes a presentation on privacy in business processes through user-centric identity management. It discusses challenges with 1:n and 1:n:m relationships where personal data is disclosed to multiple services. Two approaches are described: single sign-on and anonymous credentials. Neither fully addresses issues like linkability, non-transferability of data, and misuse of credentials. The document then proposes an approach called DREISAM that uses anonymous credentials and proxy credentials to enable delegation of rights over personal data while preserving user privacy. It outlines the work of WP14 in studying privacy requirements for identity management and business processes.
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...Sven Wohlgemuth
ALU-FR (Freiburg) contribution to FIDIS 2nd Research Event, Athens, Greece, 2007
The objective of WP14 is the identification and description of privacy requirements for identity management relating to the disclosure of identifying personal data and the use of credentials as access rights on services in business processes. Service providers process identifying data of their users for example for individualizing services and to get access to services as a proxy of their users. By the directives 95/46/EC and 2002/58/EC, the European Commission has defined privacy principles in order to regulate the processing of identifying personal data. Identity management empowers users as long as they disclose their identifying personal data and credentials to service providers. For information chains as found in multi-staged business processes, identity management leads to a big-brother phenomenon. Users have to trust service providers to process personal data of their users according to their privacy policy.
Based on privacy as informational self-determination, privacy threats are identified in business processes by the reference scenario “loyalty programme”. The reference scenario is used as an orientation for the partners in WP14. Undesired profiling is in particular investigated by case studies. The investigation of profiling makes a difference between collection of customers’ data by service providers of which customers are not aware and in externally stored customers’ profiles, while delegation access rights to some of these profiles is made possible The starting point of WP14 is the workshop “Privacy in Business Processes” (D14.1).
On Privacy in Medical Services with Electronic Health RecordsSven Wohlgemuth
SiHIS 2009, IMIA WG 4, Hiroshima, Japan
Centralized electronic health records (EHR) accumulate medical data of patients to improve their availability and completeness. This in turn increases the efficiency of business processes for medical services. As EHRs are not tied to a single medical institution they may be offered by enterprises with the capacity and knowledge to maintain this kind of databases. Legislation, e.g. the US American Health Insurance Portability and Accountability Act (HIPAA) and the German Act for the Modernization of the Health Insurance by Law (GMG), usually prohibit any disclosure to third parties without the patient’s explicit consent. Existing systems for EHRs like Microsoft HealthVault and Google Health comply with this by letting the patients decide on the usage and disclosure of their data. But they fail in providing three essential safeguards to privacy. Firstly, they do not offer mechanisms to guarantee the compliance of the EHR system especially regarding the enforcement of patients’ decisions. Secondly, patients cannot express or enforce obligations on further usage and disclosure of their data to third parties. Thirdly, they fail to guarantee confidentiality of the patients’ health data towards the EHR provider organization, which should not be able to access the data since this increases the risk of unauthorized disclosure. Those drawbacks stem from the fact that privacy-enhancing technologies focus on controlling external access to personal data but not on their usage. But even if health data is protected against those threats, EHR providers are able to create profiles about patients by examining the access requests to their data. We propose a privacy-protecting information system for controlled disclosure of personal data to third parties. Firstly, patients should be able to express, enforce, and observe obligations regarding disclosure of health data to third parties. Secondly, an organization providing EHRs should neither be able to gain access to these health data nor establish a profile about patients.
EN 6.3: 2 IT-Compliance und IT-SicherheitsmanagementSven Wohlgemuth
Lecture on IT Security and Technical Data Protection
Part 2: IT Compliance and IT Security Management
Summer term 2016
(in German: 2 IT-Compliance und IT-Sicherheitsmanagement
der Vorlesung IT-Sicherheit und Technischer Datenschutz
im Sommersemester 2016)
EN 6.3: 1 IT-Sicherheit und Technischer DatenschutzSven Wohlgemuth
Lecture on IT Security and Technical Data Protection
Part 1, summer term 2016
(in German: IT-Sicherheit und Technischer Datenschutz (Einführungsveranstaltung)
im Sommersemester 2016)
International Workshop on Information Systems for Social Innovation (ISSI) 2009Sven Wohlgemuth
We need to solve global problems, such as energy, food, education, and economic development in our advanced information and communication technology (ICT) society. These are complicated problems worldwide and only one country, one organization, or one researcher can t solve them all. In this workshop we will pursue issues concerning safety and security to cover difficult ICT society problems, such as compliance privacy, IT risk management, and information security, in cooperation with the MOU organizations NII has partnerships with. For this purpose, we will hold an international workshop on information systems for social innovation.
More @ http://www.nii.ac.jp/issi/en/
Durchsetzung von Privacy Policies in DienstenetzenSven Wohlgemuth
Die Diensteorientierung der zukünftigen Netznutzung erzeugt individualisierte Dienste, die die Privatsphäre und informationelle Selbstbestimmung und damit die Grundlage der gesetzlichen Regelungen aushebeln werden. So sind bei den Kundenkarten europaweit nur wenige Anbieter festzustellen, während aus Nutzersicht scheinbar zahllose, verschiedene Kundenkarten existieren. Trotz aller Vereinbarungen kann die informationelle Selbstbestimmung nicht automatisiert eingefordert werden. Dasselbe gilt in abgewandelter Form für die JobCard und die Gesundheitskarte. Das Projektziel ist die Erweiterung des aktuellen, einseitigen Vertrauensmodells, in dem Nutzer den Diensteanbietern bei einer Erhebung und Weitergabe persönlicher Daten zwingend vertrauen müssen. Es soll ein Identitätsmanagementsystem entwickelt werden, mit dem Nutzer nach der informationellen Selbstbestimmung Profilbildungen bei der Nutzung von Dienstleistungen mit einem Datendienst kontrollieren und Anbieter von Datendiensten das in sie gesetzte Vertrauen rechtfertigen können.
Privacy in Business Processes by User-Centric Identity ManagementSven Wohlgemuth
Privacy is not only a concern of customers. Service providers also fear privacy violations as a main hurdle for the acceptance of personalised services. Furthermore, the protection of privacy is an interest of service providers who take on customer relationship management activities of several service providers. They manage customers’ profiles, e.g. in loyalty programs and e-health scenarios with electronic patient records, and offer the service of aggregation. If it is possible to link profiles of a customer without the need of such service providers, latter would not benefit from their aggregation service. Case studies show privacy threats in business processes with personalised services.
The objective of this FIDIS work package 14 is to identify privacy threats in business processes with personalised services, to suggest process models for modelling privacy-aware business processes and to derive security requirements for user-centric identity management in order to preserve privacy.
The presented scenarios and use cases are recommended for non-technical audicence, whereas the analysis of user-centric identity management protocols and approaches for identity management extensions are recommended for technical audience.
Privacy in Business Processes by Identity ManagementSven Wohlgemuth
Enterprises and governmental agencies process personal data of their clients for, e.g., personalised services and to get access to services as a proxy for them. By the Directives 95/46/EC and 2002/58/EC, the EC has defined data protection and security principles in order to regulate the processing of personal data. User centric identity management empowers clients in controlling the disclosure of their personal data to organisations. For information chains as found in multi-staged processes identity management may lead to a big-brother phenomenon. Clients have to trust organisations that they process personal data according to their privacy and security policies, along the chain of participating parties.
This workshop aims at these challenges and discusses first approaches for privacy enhancing technologies (PET) and their use in current and future business and governmental process models. The workshop itself will be jointly organised by the IST FP6 projects FIDIS and PRIME.
Schlüsselverwaltung - Objektorientierter Entwurf und ImplementierungSven Wohlgemuth
(Abstract of diploma thesis) With the amazingly growing connectivity induced by the internet, the need also rises for an authentication mechanism being general enough to handle the resulting heterogenity and size. Here, cryptographic public-key technology plays a major role. Prominent approaches of practical use for building and verifying trust in networks applying cryptographic keys are PGP and S/MIME. Unfortunately these do have essential weaknesses such that they do not cover all relevant aspects, or at most they do in conjunction. Moreover, the available software solutions and the associated models do not support a cooperation and the user is left with choosing out of a non-optimal set of possibilities.
To cure this defect, we present an integrating design for the management of cryptographic keys which allows a user to manage keys with one software, independent of the actual model context. Besides these and other management tasks resulting from a key’s life cycle, the design emphasizes the integration of modules which support local authenticity decisions employing a policy and public-key infrastructure.
Preceding the design, an analysis of two techniques for determining authenticity of cryptographic keys will be given, being the base for deriving the use-case requirements a system for managing keys must satisfy. The design chapter describes the architecture of the system in terms of modules and their cooperation on processing the use cases. the description is supported by the modelling language UML.
Ein Viertel aller Ausgaben für Forschung und Entwicklung in der Wirtschaft und ein Fünftel aller Patentanmeldungen entfallen auf die Informatik. In Deutschland werden die Informations- und Kommunikationstechnologien im Jahr 2006 ca. 140 Milliarden Euro umsetzen. Die Informatik liegt damit mittlerweile vor dem Fahrzeugbau und Maschinenbau und trägt ein Drittel des erwarteten Wirtschaftswachstums. Arbeitsstellen finden sich für Informatiker vor allem in der Forschung und Entwicklung, in der Unternehmensberatung und in der Entwicklung von Systemen.
Solutions for Coping with Privacy and UsabilitySven Wohlgemuth
After Mainframe and Client-Server computing, Cloud computing is the next computing paradigm. The main difference is that individuals and enterprises make use of services out of the Cloud via a web browser, share computing power and data storage. The data disclosure from users to software service providers of the Cloud raises privacy risks. Users cannot enforce the agreed-upon privacy policy. In this article we propose a privacy system for an ex post enforcement of a privacy policy. Our proposal is to observe disclosures of personal data to third parties by data provenance using digital watermarking.
Location: NII Open House 2010, National Center of Sciences, Tokyo, Japan
Privatsphäre in Geschäftsprozessen mit einer Weitergabe von persönlichen Daten/Information an Dritte ist derzeit nicht möglich. Nutzer müssen personenbezogene Daten an Dritte, bspw. ihre Stellvertreter, weitergeben, wobei dies zur Bildung von mehreren „Big Brother“ führt. Deshalb sind derzeitige Identitätsmanagementsysteme für kritische Anwendungen nicht erfolgreich. Wir schlagen für eine dezentralisierte Vertrauensverwaltung (Decentralized Trust Management) ein allgemeines Protokoll für die zweckgebundene und damit autorisierte Weitergabe personenbezogener Daten in Form eines Ausweises (Credentials) vor, das die Kontrolle eines Nutzers über den Schutz seiner Privatsphäre zu seiner Beobachtbarkeit erweitert. Dieses Delegationsprotokoll erweitert heutige Identitätsmanagementsysteme.
Discovering Digital Process Twins for What-if Analysis: a Process Mining Appr...Marlon Dumas
This webinar discusses the limitations of traditional approaches for business process simulation based on had-crafted model with restrictive assumptions. It shows how process mining techniques can be assembled together to discover high-fidelity digital twins of end-to-end processes from event data.
06-20-2024-AI Camp Meetup-Unstructured Data and Vector DatabasesTimothy Spann
Tech Talk: Unstructured Data and Vector Databases
Speaker: Tim Spann (Zilliz)
Abstract: In this session, I will discuss the unstructured data and the world of vector databases, we will see how they different from traditional databases. In which cases you need one and in which you probably don’t. I will also go over Similarity Search, where do you get vectors from and an example of a Vector Database Architecture. Wrapping up with an overview of Milvus.
Introduction
Unstructured data, vector databases, traditional databases, similarity search
Vectors
Where, What, How, Why Vectors? We’ll cover a Vector Database Architecture
Introducing Milvus
What drives Milvus' Emergence as the most widely adopted vector database
Hi Unstructured Data Friends!
I hope this video had all the unstructured data processing, AI and Vector Database demo you needed for now. If not, there’s a ton more linked below.
My source code is available here
https://github.com/tspannhw/
Let me know in the comments if you liked what you saw, how I can improve and what should I show next? Thanks, hope to see you soon at a Meetup in Princeton, Philadelphia, New York City or here in the Youtube Matrix.
Get Milvused!
https://milvus.io/
Read my Newsletter every week!
https://github.com/tspannhw/FLiPStackWeekly/blob/main/141-10June2024.md
For more cool Unstructured Data, AI and Vector Database videos check out the Milvus vector database videos here
https://www.youtube.com/@MilvusVectorDatabase/videos
Unstructured Data Meetups -
https://www.meetup.com/unstructured-data-meetup-new-york/
https://lu.ma/calendar/manage/cal-VNT79trvj0jS8S7
https://www.meetup.com/pro/unstructureddata/
https://zilliz.com/community/unstructured-data-meetup
https://zilliz.com/event
Twitter/X: https://x.com/milvusio https://x.com/paasdev
LinkedIn: https://www.linkedin.com/company/zilliz/ https://www.linkedin.com/in/timothyspann/
GitHub: https://github.com/milvus-io/milvus https://github.com/tspannhw
Invitation to join Discord: https://discord.com/invite/FjCMmaJng6
Blogs: https://milvusio.medium.com/ https://www.opensourcevectordb.cloud/ https://medium.com/@tspann
https://www.meetup.com/unstructured-data-meetup-new-york/events/301383476/?slug=unstructured-data-meetup-new-york&eventId=301383476
https://www.aicamp.ai/event/eventdetails/W2024062014
PyData London 2024: Mistakes were made (Dr. Rebecca Bilbro)Rebecca Bilbro
To honor ten years of PyData London, join Dr. Rebecca Bilbro as she takes us back in time to reflect on a little over ten years working as a data scientist. One of the many renegade PhDs who joined the fledgling field of data science of the 2010's, Rebecca will share lessons learned the hard way, often from watching data science projects go sideways and learning to fix broken things. Through the lens of these canon events, she'll identify some of the anti-patterns and red flags she's learned to steer around.
Build applications with generative AI on Google CloudMárton Kodok
We will explore Vertex AI - Model Garden powered experiences, we are going to learn more about the integration of these generative AI APIs. We are going to see in action what the Gemini family of generative models are for developers to build and deploy AI-driven applications. Vertex AI includes a suite of foundation models, these are referred to as the PaLM and Gemini family of generative ai models, and they come in different versions. We are going to cover how to use via API to: - execute prompts in text and chat - cover multimodal use cases with image prompts. - finetune and distill to improve knowledge domains - run function calls with foundation models to optimize them for specific tasks. At the end of the session, developers will understand how to innovate with generative AI and develop apps using the generative ai industry trends.
4. Agenda
Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 4
I. Resilienceand Secondary Use
• Dependencies threatencontrol
• Control(bytransparency
II. Multilateral(Security
• Usage control
• PrivacyTEnhanced(AAA(A)
III. Big(Data(and Privacy
• From login to control bytransparency
• Loss(ofcontrol
IV. Usable Security
• Multilateral(secondaryuse
• Byzantine agreement
5. I.#Resilience and Secondary Use
Dr.$Sven$Wohlgemuth Resilience$by$Usable$Security 5
Resilience:)Predictive risk management to remain in$or return to an$equilibrium
by IT)support in)real4time)with secondary use of personal)information
Public>private$cooperation:$
Public$traffic road map
(03/19/2011)
Localization at$Disney$Resort$
Tokyo$(08/02/2011)
User$generated content on$
Google$Maps (08/02/2011)
6. Support2by CyberDPhysical Systems
Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 6
PAN
Wide(Area(Network
ALLTIP(Network
Cyber2World
CPS(data(platform
Real2World
Sensor(
networks
in
Home(
Building(facility
Vehicle(NW
Policy(decision(support(
based(on(information(
processing
Power(Grid(system,
Environment(monitor,
Agriculture,(etc.
Sensing(&(
Actuation((control)
Service(
control
Transport(System
human(state
Collection(
and(sharing(
of(context(
and(data
N.#Sonehara,# 2011
8. d, d*
Information Usage Model
............
Dr. Sven Wohlgemuth Resilience by Usable Security 8
• Problem: Users lose control on their identity
d
Data provider
/consumer
Data consumer
Data consumer
/provider
Data provider
d, d*
Secondary usePrimary use
• Dependencies occur at run‐time and threaten information processing
Data providerData provider
Data consumer
/provider
Data consumer Data provider
9. Dependency:2Users2and IT2System
Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 9
10
48
42
20
0
10
20
30
40
50
60
Problem1Category1I Problem1Category1II Problem1Category1III Problem1Category1IV
Citations
75%(of identified problems are
usability problems with negative(effect
on(user‘s security
• User(has(to(learn(technical(concept
• SigG(digital(signature(client(Signtrust:(
“Maloperation”(raises(security(incident
• 7(Internet(user(groups(in(Germany
People(with less security expertise
(approx.(70%)(want to delegate
privacy to TTP
• Responsibility:(
selfTprotection(or(privacy(by(a(TTP
D.#Gerd# tom Markotten 2004;#G.#Müller#and S.#Wohlgemuth# 2005;#DIVSI#2012
10. Dependency: Third Party
Dr. Sven Wohlgemuth Resilience by Usable Security 10
Case (a): Passive incident Case (b): Active incident
• Inevitable, not‐modelled dependencies during run‐time
K.W. Hamlen, G. Morrisett, and F.B. Schneider 2006; A. Grusho, N. Grebnev, and E. Timonina 2007; BSI 2015
• For Germany: Indirect attacks on Internet of Things and Cloud Computing
Assumption: Each IT system is secure
d, d*
d
Data provider
/consumer
Data consumer
Data consumer
/provider
Data provider
Data consumer
/provder
Data provider
/consumer
d, d*
d
Data provider
/consumer
Data consumer
Data consumer
/provider
Data provider
Data consumer
/provder
Data provider
/consumer
faulty
d, d*
Impossible to TM‐decide on covert dependencies, but statistically
Loss of control by conceptual dependency of
compromised TTP
16. Agenda
Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 16
I. Resilienceand Secondary Use
• Dependencies threatencontrol
• Control(bytransparency
II. Multilateral(Security
• Usage control
• PrivacyTEnhanced(AAA(A)
III. Big(Data(and Privacy
• From login to control bytransparency
• Loss(ofcontrol
IV. Usable Security
• Multilateral(secondaryuse
• Byzantine agreement
17. II.2Multilateral2Security
Combining opposite security interests by an(equilibrium setting
• Accountability:(Authentic(information(on(information(processing
• Unobservability:(NonTlinkability to(impede(reTidentification
G.#Müller,# K.#Rannenberg and A.#Pfitzmann 1996;#I.#Echizen,# G.#Müller,# R.#Sasaki,#and A#Min#Tjoa,# 2013
Dr.(Sven(Wohlgemuth Resilience by Usable Security 17
Accountability
Unobservability
Anonymity
Pseudonymity
Traceability Personal(
information
Privacy
18. II.2Multilateral2Security
Combining opposite security interests by an(equilibrium setting
• Accountability:(Authentic(information(on(information(processing
• Unobservability:(NonTlinkability to(impede(reTidentification
G.#Müller,# K.#Rannenberg and A.#Pfitzmann 1996;#I.#Echizen,# G.#Müller,# R.#Sasaki,#and A#Min#Tjoa,# 2013
Dr.(Sven(Wohlgemuth Resilience by Usable Security 18
Accountability
Unobservability
Usage(control
Control(by(
transparency
Anonymity
Pseudonymity
Traceability
Personal(
information
Personal(
information
Privacy
Privacy
21. Example:2iManager
CeBIT(2003(Scenario:(Buying an(electronic(railway ticket
Current partial(identity Necessary personal
information
Proposed partial(identity
S.#Wohlgemuth,# U.#Jendricke,# D.#Gerd# tom Markotten,# F.#Dorner,# and G.#Müller# 2003
doITTSoftware(Award(2003(of(German(Federal(State(BadenTWürttemberg
Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 21
24. PrivacyDEnhanced2Accountability
Transparency
Transparency
Transparency
System 1
DP/DC
System 3
DP/DC
System 2
DP/DC
d, d*
System 4
DP/DC
d, d*
d, d*
System 2
d, d*
System 2
System 3
d, d*
System 2
System 3
System 4
d, d*
System 2
System 3
System 4
System 3
Control
• Hidden(channels:(Information(leakage and modification
• Accountability:(Data(provenance on(information exchange for audit
Impeding nonTauthorized
reTidentification
Unobservability
Misuse(of(d,#d* can(be(detected
Accountability and availability
Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 24
26. Agenda
Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 26
I. Resilienceand Secondary Use
• Dependencies threatencontrol
• Control(bytransparency
II. Multilateral(Security
• Usage control
• PrivacyTEnhanced(AAA(A)
III. Big(Data(and Privacy
• From login to control bytransparency
• Loss(ofcontrol
IV. Usable Security
• Multilateral(secondaryuse
• Byzantine agreement
28. Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 28
Keyword search
File systems
Groupware Databases
Social networking Wiki
Semantic search
Tagging
Reasoning
Smart personal agents
Natural language search
Mashups
Productivity
Amount(of(data
PC Era
Web 1.0
Web 2.0
Web 3.0
Web 4.0
Desktop
The World Wide Web
The Social Web
The Semantic Web
The Intelligent Web
Own#figure# based#on#Radar# Networks# &#Nova# Spivack 2007,# E.#Brynjolfsson and# A.#McAfee#2011.
From Login2to Control2by Transparency
Human-machine interaction
Machine-machine interaction
Centralized information processing
Ubiquitous P2P information
processing
(Internet of Things)
Decentralized P2P information
processing
(Cloud Computing)
... with automatic
decision support
(Cyber-Physical
Systems)
29. Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 29
Productivity
Amount(of(data
PC Era
Web 1.0
Web 2.0
Web 3.0
Web 4.0
Desktop
The World Wide Web
The Social Web
The Semantic Web
The Intelligent Web
Human-machine interaction
Machine-machine interaction
Centralized information processing
Ubiquitous P2P information
processing
(Internet of Things)
Decentralized P2P information
processing
(Cloud Computing)
... with automatic
decision support
(Cyber-Physical
Systems)
Own#figure# based#on#Radar# Networks# &#Nova# Spivack 2007,# E.#Brynjolfsson and# A.#McAfee#2011.
From Login2to Control2by Transparency
30. Dr.$Sven$Wohlgemuth Resilience$by$Usable$Security 30
Productivity
Amount.of.data
PC Era
Web 1.0
Web 2.0
Web 3.0
Web 4.0
Desktop
The World Wide Web
The Social Web
The Semantic Web
The Intelligent Web
Human-machine interaction
Machine-machine interaction
Centralized information processing
Ubiquitous P2P information
processing
(Internet of Things)
Decentralized P2P information
processing
(Cloud Computing)
... with automatic
decision support
(Cyber-Physical
Systems)
Own$figure$ based$on$Radar$ Networks$ &$Nova$ Spivack 2007,$ E.$Brynjolfsson and$ A.$McAfee$2011.
Accounting
Accountability
One-factor
authentication
Multi-factor
authentication
Authorization
Increasing$entropy$
of$auth.information
From Login)to Control)by Transparency
31. Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 31
Productivity
Amount(of(data
PC Era
Web 1.0
Web 2.0
Web 3.0
Web 4.0
Desktop
The World Wide Web
The Social Web
The Semantic Web
The Intelligent Web
Human-machine interaction
Machine-machine interaction
Centralized information processing
Ubiquitous P2P information
processing
(Internet of Things)
Decentralized P2P information
processing
(Cloud Computing)
... with automatic
decision support
(Cyber-Physical
Systems)
Own#figure# based#on#Radar# Networks# &#Nova# Spivack 2007,# E.#Brynjolfsson and# A.#McAfee#2011.
Accounting
Accountability
One-factor
authentication
Multi-factor
authentication
Authorization
Increasing(entropy(
of(auth.information
From Login2to Control2by Transparency
33. Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 33
W.#Wahlster &#G.#Müller.#Placing# Humand in#the#Feedback#Loop# of#Social# Infrastructures;#
NII#Strategies# on#CyberDPhysical# Systems.#2013
DataDCentric Service
Data(provide
DataTcentric
service
d
Data(consumer
d,#d*
Improving(attractivity
Increasing(market(share
LockTin
Network
Economies(of(scale
Müller,# Eymann,# Kreutzer,# 2003
Who(am(I?
You are a(dog and your
friend sitting close to
you is a(B/W(dog.
Loss(of control by asymmetric distribution of information
Accountability
Unobservability
Usage2control
Control2by2
transparency
Anonymity
Pseudonymity
Traceability Personal3
information
Privacy
35. Agenda
Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 35
I. Resilienceand Secondary Use
• Dependencies threatencontrol
• Control(bytransparency
II. Multilateral(Security
• Usage control
• PrivacyTEnhanced(AAA(A)
III. Big(Data(and Privacy
• From login to control bytransparency
• Loss(ofcontrol
IV. Usable Security
• Multilateral(secondaryuse
• Byzantine Agreement
36. IV.$Usable Security
From loss of control
To informational self-determination:0Byzantine Agreement0on0secondary use
Data$provider/
consumer
Data$consumer/
provider
Data$consumer/
consumer
d*
d*
d*
Dr.-Sven-Wohlgemuth Resilience-by-Usable-Security 36
Data$provider
Data,centric
service
d
Data$consumer
d,#d*
38. Consensus:2SelfDOrganization
• Consensus(on(state transitions within community of distributed,(vulnerable(users
Data(consumer/
provider
Data(consumer/
provider
Data(consumer/
provider
d* … d*
d*
• Users(change(role(during(runTtime((“miner“(checks transactions and gets reward )
S.#Nakamoto 2009
• Provenance by irreversible,(decentralized database with eCoin system
Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 38
39. Decentralized Usage Control
• Secondary use of symmetric distribution of personal(security information
PrivacyTEnhanced(
Authorization
… … …
PrivacyTEnhanced
Accountability
PrivacyTEnhanced
Accounting
A A A
• Trust(anchor:(Registered,(nonTlinkableeID (PrivacyTEnhanced(Authentication)
Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 39
• Acceptable authentic information decreases individual(risk on(loss of control
40. • UserTcontrol on(identity is threatened by use of privacyTenhanced security
• Unilateral(use leads to loss on(control (nonTusable security)
• Multilateral(control(by(secondary(use(of(personal(security(information((reTuse)
• Decentralized(usage(control(supports(usable(security(by(decreasing(individual(risk
V.2Conclusion
Dr.(Sven(Wohlgemuth Resilience(by(Usable(Security 40
Usable(security(is(informational(self+determination(and(supports(resilience
Accountability
Unobservability
Decentralized4
usage4control
Control4by4
transparency
Anonymity
Pseudonymity
Traceability
Personal3
information
Personal3
information
Privacy
Privacy