A key issue in electronic health systems is the underlying security and privacy risk. For example, confidential patient information or medical records ending up hands of a person not privy to could have far-reaching consequences. With trend toward cloud computing use healthcare industry continuing grow (for using platforms digitally manage health-related data including records), concerns must be adequately addressed, regulations on protections made compliance. This column examines several...

Abstract The evolution of Cloud Computing into a service utility, along with the pervasive adoption IoT paradigm, has promoted significant growth in need computational and storage services. traditional use cloud services, focused on consumption one provider, is not valid anymore due to different shortcomings being risk vendor lock-in critical. We are assisting change from usage single provider combination multiple types, affecting way which applications designed, developed, deployed operated...

This paper presents a web tool for the unsupervised retrieval of Earth’s surface deformation from Synthetic Aperture Radar (SAR) satellite data. The system is based on implementation Differential SAR Interferometry (DInSAR) algorithm referred to as Parallel Small BAseline Subset (P-SBAS) approach, within Grid Processing Demand (G-POD) environment that part ESA’s Geohazards Exploitation Platform (GEP). developed on-demand tool, which specifically addressed scientists are non-expert in DInSAR...

The cloud offers attractive options to migrate corporate applications, without any implication for the security manager manage or secure physical resources. While this ease of migration is appealing, several issues arise: can validity legal compliance regulations still be ensured remote data storage? How it possible assess Cloud Service Provider (CSP) ability meet requirements? Can one monitor and enforce agreed levels? Unfortunately, no comprehensive solutions exist these issues. In...

Techniques aimed at continuously changing a system's attack surface, usually referred to as Moving Target Defense (MTD), are emerging powerful tools for thwarting cyber attacks. Such mechanisms increase the uncertainty, complexity, and cost attackers, limit exposure of vulnerabilities, ultimately overall resiliency. In this paper, we propose an MTD approach protecting resource-constrained distributed devices through fine-grained reconfiguration different architectural layers. order show...

We present a case study on the migration to Cloud Computing environment of advanced differential synthetic aperture radar interferometry (DInSAR) technique, referred as Small BAseline Subset (SBAS), which is widely used for investigation Earth surface deformation phenomena. In particular, we focus SBAS parallel algorithmic solution, namely P-SBAS, that allows production mean velocity maps and corresponding displacement time-series from temporal sequence images by exploiting distributed...

Dealing with the provisioning of cloud services granted by Security SLAs is a very challenging research topic. At state art, main related issues involve: (i) representing security features so that they are understandable both customers and providers measurable (by means verifiable security-related Service Level Objectives (SLOs)), (ii) automating mechanisms able to grant desired security-driven resource allocation process), (iii) continuously monitoring in order verify fulfillment specified...

In the last years, need to de-identify privacy-sensitive information within Electronic Health Records (EHRs) has become increasingly felt and extremely relevant encourage sharing publication of their content in accordance with restrictions imposed by both national supranational privacy authorities. field Natural Language Processing (NLP), several deep learning techniques for Named Entity Recognition (NER) have been applied face this issue, significantly improving effectiveness identifying...

Modern industries widely rely upon software and IT services, in a context where cybercrime is rapidly spreading more sectors. Unfortunately, despite greater general awareness of security risks the availability tools that can help to cope with those risks, many organizations (especially medium/small-size ones) still lag when it comes building into their services. This mainly due limited skills common developers/IT project managers typically high costs procedures. In fact, while automated...

Cyber attacks are typically preceded by a reconnaissance phase in which attackers aim at collecting valuable information about the target system, including network topology, service dependencies, and unpatched vulnerabilities. Unfortunately, when system configurations static, will always be able, given enough time, to acquire accurate knowledge engineer effective exploits. To address this important problem, many adaptive techniques have been devised dynamically change some aspects of...

This paper presents a security-by-design methodology for the development of cloud applications, which relies on Security SLAs as means to express their security requirements. The process followed build such entails application risk analysis procedure aimed at identifying main vulnerabilities affecting and allows determine countermeasures consider design time in order thwart existing threats. illustrates proof-of-concept that founds standard assessment tools adopts state-of-art Control...

The growing convergence among information and operation technology worlds in modern Industrial Internet of Things (IIoT) systems is posing new security challenges, requiring the adoption novel mechanisms involving light architectures protocols to cope with IIoT devices resource constraints. In this article, we investigate physically unclonable functions (PUFs) context, propose design a PUF-based architecture (Pseudo-PUF), obtained by suitably combining weak PUF an encryption module, that can...

The security of complex infrastructures depends on many technical and organizational issues that need to be properly addressed by a policy. For purpose our discussion, we define policy as document states what is not allowed in system during normal operati on; it consists set rules could expressed formal, semi-formal or very informal language. In contexts, can considered secure trustworthy if the enforced its administrator too; from this standpoint possible evaluate evaluating paper present...