Relevant bibliographies by topics / Security-aware application

Academic literature on the topic 'Security-aware application'

Author: Grafiati
Published: 14 March 2023

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Contents

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Security-aware application.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Security-aware application"

1

Iyer, Ravishankar, Zbigniew Kalbarczyk, Karthik Pattabiraman, William Healey, Wen-mei Hwu, Peter Klemperer, and Reza Farivar. "Toward Application-Aware Security and Reliability." IEEE Security and Privacy Magazine 5, no. 1 (January 2007): 57–62. http://dx.doi.org/10.1109/msp.2007.23.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Lozano-Rizk, Jose E., Jose E. Gonzalez-Trejo, Raul Rivera-Rodriguez, Andrei Tchernykh, Salvador Villarreal-Reyes, and Alejandro Galaviz-Mosqueda. "Application-Aware Flow Forwarding Service for SDN-Based Data Centers." Electronics 11, no. 23 (November 24, 2022): 3882. http://dx.doi.org/10.3390/electronics11233882.

Full text
Abstract:
Security and Quality of Service (QoS) in communication networks are critical factors supporting end-to-end dataflows in data centers. On the other hand, it is essential to provide mechanisms that enable different treatments for applications requiring sensitive data transfer. Both applications’ requirements can vary according to their particular needs. To achieve their goals, it is necessary to provide services so that each application can request both the quality of service and security services dynamically and on demand. This article presents QoSS, an API web service to provide both Quality of Service and Security for applications through software-defined networks. We developed a prototype to conduct a case study to provide QoS and security. QoSS finds the optimal end-to-end path according to four optimization rules: bandwidth-aware, delay-aware, security-aware, and application requirements (considering the bandwidth, delay, packet loss, jitter, and security level of network nodes). Simulation results showed that our proposal improved end-to-end application data transfer by an average of 45%. Besides, it supports the dynamic end-to-end path configuration according to the application requirements. QoSS also logs each application’s data transfer events to enable further analysis.
APA, Harvard, Vancouver, ISO, and other styles
3

Dirin, Amir, Teemu H. Laine, and Ari Alamäki. "Managing Emotional Requirements in a Context-Aware Mobile Application for Tourists." International Journal of Interactive Mobile Technologies (iJIM) 12, no. 2 (March 29, 2018): 177. http://dx.doi.org/10.3991/ijim.v12i2.7933.

Full text
Abstract:
<p class="Abstract">The objective of this study was to unveil the importance of emotions and feelings in developing mobile-based tourism applications. We gathered and analyzed emotional requirements to develop a mobile context-aware application for tourists. Emotional requirements are non-functional requirements affecting users’ emotional experiences around using applications, which are important for sustainable application usage. Many tourism applications exist, but were designed without considering emotional requirements or related UX factors and emotions. We developed a proof-of-concept prototype service-based context-aware tourism application (SCATA), and users participated in the design and evaluation processes. Emotional requirements are key to sustainable usage, especially regarding security. This paper details the application design and evaluation processes, emotional requirements analysis in each design phase, and the emotional effects of content accessibility in the application’s offline mode in unknown environments. The results show that trust, security, adjustability, and reliability are important factors to users, especially in unknown environments.</p>
APA, Harvard, Vancouver, ISO, and other styles
4

Rosendo, Miguel, and Jorge Granjal. "Energy-Aware Security Adaptation for Low-Power IoT Applications." Network 2, no. 1 (January 14, 2022): 36–52. http://dx.doi.org/10.3390/network2010003.

Full text
Abstract:
The constant evolution in communication infrastructures will enable new Internet of Things (IoT) applications, particularly in areas that, up to today, have been mostly enabled by closed or proprietary technologies. Such applications will be enabled by a myriad of wireless communication technologies designed for all types of IoT devices, among which are the Long-Range Wide-Area Network (LoRaWAN) or other Low-power and Wide-Area Networks (LPWAN) communication technologies. This applies to many critical environments, such as industrial control and healthcare, where wireless communications are yet to be broadly adopted. Two fundamental requirements to effectively support upcoming critical IoT applications are those of energy management and security. We may note that those are, in fact, contradictory goals. On the one hand, many IoT devices depend on the usage of batteries while, on the other hand, adequate security mechanisms need to be in place to protect devices and communications from threats against their stability and security. With thismotivation in mind, we propose a solution to address the management, in tandem, of security and energy in LoRaWAN IoT communication environments. We propose and evaluate an architecture in the context of which adaptation logic is used to manage security and energy dynamically, with the goal of guaranteeing appropriate security, while promoting the lifetime of constrained sensing devices. The proposed solution was implemented and experimentally evaluated and was observed to successfully manage security and energy. Security and energy are managed in line with the requirements of the application at hand, the characteristics of the constrained sensing devices employed and the detection, as well as the threat, of particular types of attacks.
APA, Harvard, Vancouver, ISO, and other styles
5

Arudkar, Archna, and Vimla Jethani. "RBAC+: Protecting Web Databases With Access Control Mechanism." INTERNATIONAL JOURNAL OF MANAGEMENT & INFORMATION TECHNOLOGY 2, no. 1 (November 27, 2012): 24–30. http://dx.doi.org/10.24297/ijmit.v2i1.1407.

Full text
Abstract:
With the wide adoption of Internet, security of web database is a key issue. In web-based applications, due to the use of n-tier architecture, the database server has no knowledge of the web application user and hence all authorization decisions are based upon execution of specific web application. Application server has full access privileges to delegate to the end user based upon the user requirement. The identity of the end user is hidden , subsequently database server fails to assign proper authorizations to the end user. Hence, current approaches to access control on databases do not fit for web databases because they are mostly based on individual user identities. To fill this security gap, the definition of application aware access control system is needed. In this paper, RBAC+ Model, an extension of NIST RBAC provides a application aware access control system to prevent attacks with the notion of application, application profile and sub-application session.
APA, Harvard, Vancouver, ISO, and other styles
6

Doriguzzi-Corin, Roberto, Sandra Scott-Hayward, Domenico Siracusa, Marco Savi, and Elio Salvadori. "Dynamic and Application-Aware Provisioning of Chained Virtual Security Network Functions." IEEE Transactions on Network and Service Management 17, no. 1 (March 2020): 294–307. http://dx.doi.org/10.1109/tnsm.2019.2941128.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Khan, M. Fahim Ferdous, and Ken Sakamura. "The Context-Security Nexus in Ubiquitous Computing." International Journal of Adaptive, Resilient and Autonomic Systems 5, no. 3 (July 2014): 61–81. http://dx.doi.org/10.4018/ijaras.2014070104.

Full text
Abstract:
Context-awareness is a quintessential feature of ubiquitous computing. Contextual information not only facilitates improved applications, but can also become significant security parameters – which in turn can potentially ensure service delivery not to anyone anytime anywhere, but to the right person at the right time and place. Specially, in determining access control to resources, contextual information can play an important role. Access control models, as studied in traditional computing security, however, have no notion of context-awareness; and the recent works in the nascent field of context-aware access control predominantly focus on spatio-temporal contexts, disregarding a host of other pertinent contexts. In this paper, with a view to exploring the relationship of access control and context-awareness in ubiquitous computing, the authors propose a comprehensive context-aware access control model for ubiquitous healthcare services. They explain the design, implementation and evaluation of the proposed model in detail. They chose healthcare as a representative application domain because healthcare systems pose an array of non-trivial context-sensitive access control requirements, many of which are directly or indirectly applicable to other context-aware ubiquitous computing applications.
APA, Harvard, Vancouver, ISO, and other styles
8

Huang, Binbin, Yuanyuan Xiang, Dongjin Yu, Jiaojiao Wang, Zhongjin Li, and Shangguang Wang. "Reinforcement Learning for Security-Aware Workflow Application Scheduling in Mobile Edge Computing." Security and Communication Networks 2021 (May 25, 2021): 1–13. http://dx.doi.org/10.1155/2021/5532410.

Full text
Abstract:
Mobile edge computing as a novel computing paradigm brings remote cloud resource to the edge servers nearby mobile users. Within one-hop communication range of mobile users, a number of edge servers equipped with enormous computation and storage resources are deployed. Mobile users can offload their partial or all computation tasks of a workflow application to the edge servers, thereby significantly reducing the completion time of the workflow application. However, due to the open nature of mobile edge computing environment, these tasks, offloaded to the edge servers, are susceptible to be intentionally overheard or tampered by malicious attackers. In addition, the edge computing environment is dynamical and time-variant, which results in the fact that the existing quasistatic workflow application scheduling scheme cannot be applied to the workflow scheduling problem in dynamical mobile edge computing with malicious attacks. To address these two problems, this paper formulates the workflow scheduling problem with risk probability constraint in the dynamic edge computing environment with malicious attacks to be a Markov Decision Process (MDP). To solve this problem, this paper designs a reinforcement learning-based security-aware workflow scheduling (SAWS) scheme. To demonstrate the effectiveness of our proposed SAWS scheme, this paper compares SAWS with MSAWS, AWM, Greedy, and HEFT baseline algorithms in terms of different performance parameters including risk probability, security service, and risk coefficient. The extensive experiments results show that, compared with the four baseline algorithms in workflows of different scales, the SAWS strategy can achieve better execution efficiency while satisfying the risk probability constraints.
APA, Harvard, Vancouver, ISO, and other styles
9

Asuncion, Vernon, Khaled M. khan, Abdelkarim Erradi, and Saleh Alhazbi. "Reasoning About Policies in Security-Aware Service Discovery Using Answer Set Programming." International Journal of Cooperative Information Systems 25, no. 01 (March 2016): 1650003. http://dx.doi.org/10.1142/s0218843016500039.

Full text
Abstract:
In order to enable a secure interaction between dynamically discovered software services and the client’s application in a cooperative information system such as service oriented system, one of the pre-requisites is the reconciliation of service-specific security policies of all stakeholders. Existing service discovery research does not address the issue of enormous search space in finding security-aware services based on preferred security policy alternatives of the client of software services. In this paper, we propose an answer set programming (ASP) approach, drawn from the field of artificial intelligence (AI), to explore a viable solution of finding security-aware services for the client. We argue that the ASP approach can significantly reduce the search space and achieve great performance gains. We use ASP to: (i) specify security policies including expressing service-specific security preference weighting and importance scoring in quantifiable terms; and (ii) reason about the compliance between the security policies of the client and the software service.
APA, Harvard, Vancouver, ISO, and other styles
10

Singh, Shubham, Pranju Mishra, Samruddhi Kshirsagar, Shubham Bharadia, and Narendra Joshi. "SQL Injection and Areas of Security Concern." International Journal of Computer Science and Mobile Computing 10, no. 5 (May 30, 2021): 60–66. http://dx.doi.org/10.47760/ijcsmc.2021.v10i05.006.

Full text
Abstract:
Cyber-crimes are growing rapidly and to prevent these crimes one should share all the knowledge he/she has to make people aware of these attacks. In the field of Application Security there is a very well-known vulnerability ―SQL INJECTION‖. In this paper, we have focused on what are the type of SQL Injection attacks and where it can be found in any application.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Security-aware application"

1

Preda, Stere. "Reliable context aware security policy deployment - applications to IPv6 environments." Télécom Bretagne, 2010. http://www.theses.fr/2010TELB0145.

Full text
Abstract:
Les réseaux sont aujourd'hui en continue évolution dû aux nouvelles exigences et activités organisationnelles. En parallèle, la protection des ressources doit changer et toute cette gestion devient une tâche difficile pour l'administrateur sécurité. Dans cette thèse, nous adressons plusieurs aspects clés dans le domaine de la sécurité réseaux et proposons des solutions conséquentes : 1. Déploiement des politiques basé sur des modèles de contrôle d'accès. Les diverses données inutiles dans la spécification de la politique seront ainsi éliminées avant le déploiement automatique de la politique abstraite. Les tâches de l'administrateur sont considérablement simplifiées. 2. Développement formel des algorithmes de déploiement. Ces algorithmes doivent être formellement prouvés pour que l'administrateur ait confiance dans le processus de déploiement. 3. La gestion des exigences contextuelles et des fonctionnalités de sécurité insuffisantes. Le modèle de contrôle d'accès doit être assez robuste afin de couvrir les exigences contextuelles. Le problème reste au niveau des composants de sécurité qui ne sont pas toujours capables d'interpréter ces contextes. 4. Nouveaux mécanismes de sécurité IPv6. Nous avons adressé la conception d'un nouveau mécanisme de sécurité IPv6 qui devrait interpréter certains contextes spécifique aux réseaux IPv6. Nos travaux de recherche constituent une approche cohérente et apportent des contributions claires pour garantir une gestion fiable des politiques de sécurité réseaux
Organization networks are continuously growing so as to sustain the newly created organizational requirements and activities. In parallel, concerns for assets protection are also increasing and security management becomes an ever-changing task for the security officer. In this dissertation we address several key aspects of network security management providing solutions for each aspect:1. Policy deployment based on access control models. Invalid or unusable data of the security policy will have been removed before deploying the abstract policy through a set of algorithms; in this manner, the security officer’s tasks are greatly simplified. 2. Formal algorithm development. The correctness of the algorithms involved in the policy deployment process is of undeniable importance. These algorithms should be proved so that the security officers trust the automatic policy deployment process. 3. Management of contextual requirements and of limited security functionalities. The access control model should be robust enough to cover contextual requirements. The issue is that the security devices are not always able to interpret the contexts. And sometimes, there are security requirements which cannot be deployed given the existing limited security functionalities in the IS. 4. New IPv6 security mechanisms. We have naturally come to consider the design of new IPv6 security mechanisms when dealing with the lack of functionalities in an information system. Our research outlines a comprehensive approach to deploy access control security policies. Actually, it constitutes a step further towards an automatic and reliable management of network security
APA, Harvard, Vancouver, ISO, and other styles
2

Holford, John William. "The concept of self-defending objects and the development of security aware applications." Thesis, Queensland University of Technology, 2006. https://eprints.qut.edu.au/16227/1/John_Holford_Thesis.pdf.

Full text
Abstract:
The self-defending object (SDO) concept is an extension to the object-oriented programming paradigm, whereby those objects that encapsulate the protected resources of a security aware application (SAA), are made aware of, and responsible for, the defence of those resources. That defence takes two forms, the enforcement of mandatory access control on protected resources and the generation of the corresponding portion of the SAA's audit trail. The SDO concept acts as the philosophy that guides the application level mandatory access control within SAAs which ensures that the provided access control is both complete and non bypassable. Although SDOs accept responsibility for controlling access to the protected data and functionality that they encapsulate, an SDO delegates the responsibility for making authorisation decisions to an associated authorisation object. Thus, SDOs fulfill their access control obligations by initiating the authorisation check and then enforcing the decision made on their behalf. A simple, yet effective mechanism for enforcing that access control at the object level involves controlling the ability to invoke those SDO methods that access protected resources. In the absence of previous research on this approach to the enforcement of application level access control, the primary aim of this research was to demonstrate that the SDO concept is a viable paradigm for developing SAAs. That aim was achieved in two stages. The first stage targeted the provision of a 'proof of concept', that demonstrated that the SDO concept could be applied to the development of non-distributed SAAs. The second stage demonstrated its applicability to the development of distributed SAAs. In the second stage, two versions of a distributed prototype were developed, one based on a traditional (proprietary) distributed computing model, (Java RMI), and the second using the currently popular Web services model, to demonstrate the general applicability of the SDO concept. Having already demonstrated that the SDO concept could be applied to SAAs executing on a single machine, the major focus of that research was to devise a mechanism by which SDOs could be transferred between machines. The research then concentrated on determining what impacts the adoption of the SDO concept would have on SAA development. Experimentation carried out using the distributed prototypes demonstrated that (1) the adoption of the SDO does not restrict the use of inheritance hierarchies that include SDOs, (2) the restriction of the lifetime of SDOs can be supported, (3) usage rights enforcement can be employed, and (4) the use of cryptographic techniques to provide additional security guarantees is not affected. A key feature of the SDO concept, is that no major changes need to be made to current development tools or methodologies, so its adoption is not hampered by significant financial or training impediments. This research demonstrated that the SDO concept is practical and constitutes a valuable extension to the object oriented paradigm that will help address the current lack of security in information systems. The SDO approach warrants additional research and adoption.
APA, Harvard, Vancouver, ISO, and other styles
3

Holford, John William. "The concept of self-defending objects and the development of security aware applications." Queensland University of Technology, 2006. http://eprints.qut.edu.au/16227/.

Full text
Abstract:
The self-defending object (SDO) concept is an extension to the object-oriented programming paradigm, whereby those objects that encapsulate the protected resources of a security aware application (SAA), are made aware of, and responsible for, the defence of those resources. That defence takes two forms, the enforcement of mandatory access control on protected resources and the generation of the corresponding portion of the SAA's audit trail. The SDO concept acts as the philosophy that guides the application level mandatory access control within SAAs which ensures that the provided access control is both complete and non bypassable. Although SDOs accept responsibility for controlling access to the protected data and functionality that they encapsulate, an SDO delegates the responsibility for making authorisation decisions to an associated authorisation object. Thus, SDOs fulfill their access control obligations by initiating the authorisation check and then enforcing the decision made on their behalf. A simple, yet effective mechanism for enforcing that access control at the object level involves controlling the ability to invoke those SDO methods that access protected resources. In the absence of previous research on this approach to the enforcement of application level access control, the primary aim of this research was to demonstrate that the SDO concept is a viable paradigm for developing SAAs. That aim was achieved in two stages. The first stage targeted the provision of a 'proof of concept', that demonstrated that the SDO concept could be applied to the development of non-distributed SAAs. The second stage demonstrated its applicability to the development of distributed SAAs. In the second stage, two versions of a distributed prototype were developed, one based on a traditional (proprietary) distributed computing model, (Java RMI), and the second using the currently popular Web services model, to demonstrate the general applicability of the SDO concept. Having already demonstrated that the SDO concept could be applied to SAAs executing on a single machine, the major focus of that research was to devise a mechanism by which SDOs could be transferred between machines. The research then concentrated on determining what impacts the adoption of the SDO concept would have on SAA development. Experimentation carried out using the distributed prototypes demonstrated that (1) the adoption of the SDO does not restrict the use of inheritance hierarchies that include SDOs, (2) the restriction of the lifetime of SDOs can be supported, (3) usage rights enforcement can be employed, and (4) the use of cryptographic techniques to provide additional security guarantees is not affected. A key feature of the SDO concept, is that no major changes need to be made to current development tools or methodologies, so its adoption is not hampered by significant financial or training impediments. This research demonstrated that the SDO concept is practical and constitutes a valuable extension to the object oriented paradigm that will help address the current lack of security in information systems. The SDO approach warrants additional research and adoption.
APA, Harvard, Vancouver, ISO, and other styles
4

Nakka, Nithin Manikyam. "Reliability and security engine : a processor-level framework for application-aware detection and recovery /." 2006. http://gateway.proquest.com/openurl?url_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:dissertation&res_dat=xri:pqdiss&rft_dat=xri:pqdiss:3242950.

Full text
Abstract:
Thesis (Ph.D.)--University of Illinois at Urbana-Champaign, 2006.
Source: Dissertation Abstracts International, Volume: 67-11, Section: B, page: 6626. Adviser: Ravishanker K. Iyer. Includes bibliographical references (leaves 209-223) Available on microfilm from Pro Quest Information and Learning.
APA, Harvard, Vancouver, ISO, and other styles
5

Tatlı, Emin Islam [Verfasser]. "Security in context-aware mobile business applications / vorgelegt von Emin Islam Tatlı." 2009. http://d-nb.info/993514243/34.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Books on the topic "Security-aware application"

1

Khan, Khaled M. Security-aware systems applications and software development methods. Hershey, PA: Information Science Reference, 2012.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Iyengar, S. S. (Sundararaja S.) and Phoha Vir V, eds. Introduction to contextual processing: Theory and applications. Boca Raton, FL: Chapman and Hall/CRC, 2011.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

Yin, Heng, and Mu Zhang. Android Application Security: A Semantics and Context-Aware Approach. Springer, 2016.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

Phoha, Vir V., S. Sitharama Iyengar, and Gregory Vert. Introduction to Contextual Processing: Theory and Applications. Taylor & Francis Group, 2016.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Phoha, Vir V., S. Sitharama Iyengar, and Gregory Vert. Introduction to Contextual Processing: Theory and Applications. Taylor & Francis Group, 2017.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Phoha, Vir V., S. Sitharama Iyengar, and Gregory Vert. Introduction to Contextual Processing: Theory and Applications. Taylor & Francis Group, 2016.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

(Editor), Thomas Strang, and Claudia Linnhoff-Popien (Editor), eds. Location- and Context-Awareness: First International Workshop, LoCA 2005, Oberpfaffenhofen, Germany, May 12-13, 2005, Proceedings (Lecture Notes in Computer Science). Springer, 2005.

Find full text
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Security-aware application"

1

Pattabiraman, Karthik. "Application-Aware Reliability and Security: The Trusted Illiac Experience." In Springer Series in Reliability Engineering, 207–19. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-031-02063-6_11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Mann, Zoltán Ádám. "Security- and Privacy-Aware IoT Application Placement and User Assignment." In Computer Security. ESORICS 2021 International Workshops, 296–316. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-030-95484-0_18.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Holderer, Julius. "Why the Automation of Regulation Can Obstruct Business Processes." In Obstructions in Security-Aware Business Processes, 1–30. Wiesbaden: Springer Fachmedien Wiesbaden, 2022. http://dx.doi.org/10.1007/978-3-658-38154-7_1.

Full text
Abstract:
AbstractThe growing regulatory pressure on increasingly digitized businesses, for example to combat the growing number of corporate fraud cases, can have an obstructive effect on the execution of automated business processes. Such security-related obstructions occur when the implementation of regulations, that is, the enforcement of so-called safety properties, blocks the execution of business processes – in particular, the so-called liveness property of process completion. Those obstructions exemplify the conflicting goals between business processes and classic IT security.Automation is no panacea against regulation acting obstructive. Adequate and effective application of regulation builds the basis against fraud. However, there is no way to avoid automation when IT methods are used to generate competitive advantages. An obstruction results from introducing IT security on business processes, particularly authorization and further security policies such as separation of duties. This chapter leads to this problem and describes how to widen this restricted behavior of business processes resulting from security controls to the broader scope that compliance provides as part of corporate governance. By handling obstructions, security in business processes is supposed to be improved. For this purpose, an indicator-based view of security that extends the classic IT security controls will be introduced.
APA, Harvard, Vancouver, ISO, and other styles
4

Burbank, Jack L., and William T. M. Kasch. "The Application of Human and Social Behavioral-Inspired Security Models for Self-aware Collaborative Cognitive Radio Networks." In Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 472–84. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. http://dx.doi.org/10.1007/978-3-642-03354-4_36.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Temdee, Punnarumol, and Ramjee Prasad. "Security for Context-Aware Applications." In Context-Aware Communication and Computing: Applications for Smart Environment, 97–125. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-59035-6_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Hernandez, Julio, Lucy McKenna, and Rob Brennan. "TIKD: A Trusted Integrated Knowledge Dataspace for Sensitive Data Sharing and Collaboration." In Data Spaces, 265–91. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-030-98636-0_13.

Full text
Abstract:
AbstractThis chapter presents the Trusted Integrated Knowledge Dataspace (TIKD)—a trusted data sharing approach, based on Linked Data technologies, that supports compliance with the General Data Privacy Regulation (GDPR) for personal data handling as part of data security infrastructure for sensitive application environments such as healthcare. State-of-the-art shared dataspaces typically do not consider sensitive data and privacy-aware log records as part of their solutions, defining only how to access data. TIKD complements existing dataspace security approaches through trusted data sharing that includes personal data handling, data privileges, pseudonymization of user activity logging, and privacy-aware data interlinking services. TIKD was implemented on the Access Risk Knowledge (ARK) Platform, a socio-technical risk governance system, and deployed as part of the ARK-Virus Project which aims to govern the risk management of personal protection equipment (PPE) across a group of collaborating healthcare institutions. The ARK Platform was evaluated, both before and after implementing the TIKD, using both the ISO 27001 Gap Analysis Tool (GAT), which determines information security standard compliance, and the ISO 27701 standard for privacy information. The results of the security and privacy evaluations indicated that compliance with ISO 27001 increased from 50% to 85% and compliance with ISO 27701 increased from 64% to 90%. This shows that implementing TIKD provides a trusted data security dataspace with significantly improved compliance with ISO 27001 and ISO 27701 standards to share data in a collaborative environment.
APA, Harvard, Vancouver, ISO, and other styles
7

Nair, Srijith K., Bruno Crispo, and Andrew S. Tanenbaum. "Towards a Secure Application-Semantic Aware Policy Enforcement Architecture." In Security Protocols, 26–31. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. http://dx.doi.org/10.1007/978-3-642-04904-0_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Nair, Srijith K. "Towards a Secure Application-Semantic Aware Policy Enforcement Architecture." In Security Protocols, 32–39. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. http://dx.doi.org/10.1007/978-3-642-04904-0_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Holderer, Julius. "Towards Intelligent Security- and Process-Aware Information Systems." In Obstructions in Security-Aware Business Processes, 315–22. Wiesbaden: Springer Fachmedien Wiesbaden, 2022. http://dx.doi.org/10.1007/978-3-658-38154-7_6.

Full text
Abstract:
AbstractThis chapter summarizes the work and explains its significance by considering the contributions and its applicability. Because of its practical setting, the approach is applicable to a range of practical applications. For example, it could recommend who shall perform which tasks in a so-called break-glass situation, or act as a delegation assistant to suggest potential best delegates (with fewest violations) to the delegator. A corresponding process-aware information system could automate these delegations and provide additional mitigating techniques to prioritize audits of affected cases. Moreover, the graphical view of obstruction analysis could help policy designers to deepen their understanding of security policies and to improve their own security policies. The chapter concludes with extensions that could be envisaged.
APA, Harvard, Vancouver, ISO, and other styles
10

Ko, KyoungHee, Hwan-Kuk Kim, JeongWook Kim, Chang-Yong Lee, Soo-Gil Cha, and Hyun Cheol Jeong. "Design and Implementation of SIP-aware Security Management System." In Information Security Applications, 10–19. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. http://dx.doi.org/10.1007/978-3-642-10838-9_2.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Security-aware application"

1

Liu, Kaikai, Navjot Warade, Tejas Pai, and Keertikeya Gupta. "Location-aware smart campus security application." In 2017 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI). IEEE, 2017. http://dx.doi.org/10.1109/uic-atc.2017.8397588.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Rocha, Thiago, Eduardo Souto, and Khalil El-Khatib. "Functionality-Based Mobile Application Recommendation System with Security and Privacy Awareness." In Anais Estendidos do Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais. Sociedade Brasileira de Computação - SBC, 2020. http://dx.doi.org/10.5753/sbseg_estendido.2020.19265.

Full text
Abstract:
In this thesis, we propose a functionality-aware system to evaluate and recommend mobile applications with security and privacy awareness. The proposed system has a security layer that evaluates an application and classifies it as being malign or benign. In this way, only applications classified as benign are considered for the functionality-aware recommendation. Also, we employ a technique, called Logical Predicate Mapping (LPM), which allows users to understand the permissions and API calls requested by the app, as well as privacy risks. This information is grouped with other metrics retrieved such as popularity, usability and privacy and shown to users. This way they can decide what to do and understand what can happen.
APA, Harvard, Vancouver, ISO, and other styles
3

Doriguzzi-Corin, Roberto, Silvio Cretti, Tiziana Catena, Simone Magnani, and Domenico Siracusa. "Towards Application-Aware Provisioning of Security Services with Kubernetes." In 2022 IEEE 8th International Conference on Network Softwarization (NetSoft). IEEE, 2022. http://dx.doi.org/10.1109/netsoft54395.2022.9844023.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Xu, Hui, Debao Xiao, and Zheng Wu. "Application of Security Ontology to Context-Aware Alert Analysis." In 2009 Eighth IEEE/ACIS International Conference on Computer and Information Science. IEEE, 2009. http://dx.doi.org/10.1109/icis.2009.199.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Iyer, R. K. "Application-Aware Reliability and Security: The Trusted ILLIAC Approach." In 5th IEEE International Symposium on Network Computing and Applications. IEEE, 2006. http://dx.doi.org/10.1109/nca.2006.15.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Karjoth, Günter. "Aligning Security and Business Objectives for Process-Aware Information Systems." In CODASPY'15: Fifth ACM Conference on Data and Application Security and Privacy. New York, NY, USA: ACM, 2015. http://dx.doi.org/10.1145/2699026.2699028.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Wu, Mei-Yu, Chih-Kun Ke, and Wen-Ling Tzeng. "Applying Context-Aware RBAC to RFID Security Management for Application in Retail Business." In 2008 IEEE Asia-Pacific Services Computing Conference (APSCC). IEEE, 2008. http://dx.doi.org/10.1109/apscc.2008.25.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Antonoaie, Cristina. "ASPECTS REGARDING ICT TRUST, SECURITY AND PRIVACY IN EU COUNTRIES." In eLSE 2020. University Publishing House, 2020. http://dx.doi.org/10.12753/2066-026x-20-156.

Full text
Abstract:
In today's world, using modern technology and especially the smartphone can ease a lot our work and other activities. But also the risk is very high. We can talk about several security concerns related to Internet usage. Many individuals are not aware of the threats that this usage is creating. Having installed an IT security software it is not mandatory for the moment, but it is more than necessary in protecting our personal information, documents, pictures and any other data. Security concerns already are limiting or preventing the individuals from ordering or buying goods or services from the Internet, or from carrying out internet banking, or from providing personal information to social or professional networking services, or from communicating with public services or administrations, downloading and submitting official forms, or from downloading software or apps, music, video files, games or other data files. The routine day-to-day activities on the Internet like sending or receiving e-mails, telephoning or video calls, posting messages to social media sites or instant messaging, participating in social networks, finding information about goods and services, reading or downloading online newspaper or news, downloading software, internet banking, travel and accommodation services, job search or sending an application, communication, finding different information that we don't' usually use or downloading /listening to/ watching / playing music, films and/or games it is something that people will always do. With the help of the data provided by EUROSTAT, we analyzed the main risks concerning ICT trust, security and privacy in EU Countries.
APA, Harvard, Vancouver, ISO, and other styles
9

Moreira, Rodrigo, Larissa Rodrigues, Pedro Rosa, and Flávio Silva. "Improving the network traffic classification using the Packet Vision approach." In Workshop de Visão Computacional. Sociedade Brasileira de Computação - SBC, 2020. http://dx.doi.org/10.5753/wvc.2020.13496.

Full text
Abstract:
The network traffic classification allows improving the management, and the network services offer taking into account the kind of application. The future network architectures, mainly mobile networks, foresee intelligent mechanisms in their architectural frameworks to deliver application-aware network requirements. The potential of convolutional neural networks capabilities, widely exploited in several contexts, can be used in network traffic classification. Thus, it is necessary to develop methods based on the content of packets transforming it into a suitable input for CNN technologies. Hence, we implemented and evaluated the Packet Vision, a method capable of building images from packets raw-data, considering both header and payload. Our approach excels those found in state-of-the-art by delivering security and privacy by transforming the raw-data packet into images. Therefore, we built a dataset with four traffic classes evaluating the performance of three CNNs architectures: AlexNet, ResNet-18, and SqueezeNet. Experiments showcase the Packet Vision combined with CNNs applicability and suitability as a promising approach to deliver outstanding performance in classifying network traffic.
APA, Harvard, Vancouver, ISO, and other styles
10

Rawat, Sanjay, Vivek Jain, Ashish Kumar, Lucian Cojocar, Cristiano Giuffrida, and Herbert Bos. "VUzzer: Application-aware Evolutionary Fuzzing." In Network and Distributed System Security Symposium. Reston, VA: Internet Society, 2017. http://dx.doi.org/10.14722/ndss.2017.23404.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Security-aware application' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography