Abigail Goldsteen

Application-Screen Masking: A Hybrid Approach

Large organizations often face difficult tradeoffs in balancing the need to share information with the need to safeguard sensitive data. A prominent way to deal with this tradeoff is on-the-fly screen masking of sensitive data in applications. A proposed hybrid approach for masking Web application screens combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer. This solution can identify sensitive information in the visual context of the application screen and then automatically generate the masking rules to enforce at run time. This approach supports the creation of highly expressive masking rules, while keeping rule authoring easy and intuitive, resulting in an easy to use, effective system. This article is part of a special issue on Security and Privacy on the Web. The Web extra at https://youtu.be/4u2FLqjaIiI is a short demonstration of a proposed hybrid approach for masking Web application screens that combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer. The second Web extra at https://youtu.be/-Hz3P_H0UnU is a full-length demonstration of a proposed hybrid approach for masking Web application screens that combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer.

Supporting Coordinated Maintenance of System Trustworthiness and User Trust at Runtime

In addition to design-time considerations, user trust and the trustworthiness of software-intensive socio-technical systems (STS) need to be maintained during runtime. Especially trust can only be monitored based on the actual usage of the system in operation. Service providers should be able to make informed decisions about runtime adaptation based on trust and trustworthiness, as well as respective essential relations. In this paper we present a unified approach to support the coordination of trust and trustworthiness maintenance. Trustworthiness maintenance is based on measuring objective system qualities, while trust maintenance considers two complementary measures of trust, i.e., the user behavior, and an estimation of the perceived system trustworthiness. A prototype tool demonstrates the feasibility of our approach. Furthermore, we illustrate specific functionalities of the tool by means of an application example.

Evicase: an evidence-based case structuring approach for personalized healthcare.

The personalized medicine era stresses a growing need to combine evidence-based medicine with case based reasoning in order to improve the care process. To address this need we suggest a framework to generate multi-tiered statistical structures we call Evicases. Evicase integrates established medical evidence together with patient cases from the bedside. It then uses machine learning algorithms to produce statistical results and aggregators, weighted predictions, and appropriate recommendations. Designed as a stand-alone structure, Evicase can be used for a range of decision support applications including guideline adherence monitoring and personalized prognostic predictions.

Trust and trustworthiness maintenance: From architecture to evaluation

Embedded systems, by their nature, often run unattended with opportunistic rather then scheduled software upgrades and, perhaps most significantly, have long operational lifetimes, and, hence, provide excellent targets for massive and remote exploitation. Thus, such systems mandate higher assurances of trust and cyber-security compared to those presently available in State-of-the-Art ICT systems. In this poster we present some techniques we utilize in the SHARCS project to ensure a higher level of security for embedded systems.In recent years, low-end embedded devices have been used increasingly in various scenarios, ranging from consumer electronics to industrial equipment. However, this evolution made embedded devices profitable targets for software piracy and software manipulation. Aggravating this situation, low-end embedded devices typically lack secure hardware to effectively protect against such attacks. In this work, we present a novel software protection scheme, which is particularly suited for already deployed low-end embedded devices without secure hardware. Our approach combines techniques based on self-checksumming code with Physically Unclonable Functions (PUFs) to establish a hardwareassisted software protection. In this way, we can tie the execution of a software instance to a specific device and protect its program code against manipulations. We show that our software protection scheme offers a high level of security against static adversaries and demonstrate that dynamic adversaries require considerable resources to perform a successful attack. To explore the feasibility of our solution, we implemented the protection scheme on an ARM-based low-end commodity microcontroller. A further performance evaluation shows that the implemented solution exhibits a fair overhead of ten percent.

Brief Announcement: A Consent Management Solution for Enterprises

Technologies such as cloud, mobile and the Internet of Things (IoT) are resulting in the collection of more and more personal data. While this sensitive data can be a gold mine for enterprises, it can also constitute a major risk for them. Legislation and privacy norms are becoming stricter when it comes to collecting and processing personal data, requiring the informed consent of individuals to process their data for specific purposes. However, IT solutions that can address these privacy issues are still lacking. We briefly outline our solution and its main component called “Consent Manager”, for the management, automatic enforcement and auditing of user consent. We then describe how the Consent Manager was adopted as part of the European FP7 project COSMOS.