Level of Assurance Management Automation for Dynamic Identity Federations based on Vectors of Trust

2016 ◽  
Vol 39 (3-4) ◽  
Author(s):  
Wolfgang Hommel ◽  
Michael Grabatin ◽  
Stefan Metzger ◽  
Daniela Pöhn
Keyword(s):  
User Authentication ◽  
Management Approach ◽  
Markup Language ◽  
It Services ◽  
Organizational Challenges ◽  
Authentication And Authorization ◽  
User Data ◽  
Dynamic Identity ◽  
Set Up ◽  
High Degree

AbstractAccessing remote IT services through identity federations (IFs) is based on solid technical protocols such as the Security Assertion Markup Language (SAML) and OpenID Connect. However, reliable delegated user authentication and authorization also pose organizational challenges regarding the quality management of user data. Level of Assurance (LoA) concepts have been adapted and applied to IFs, but their inhomogeneous proliferation bears the risk of aggravating instead of simplifying the manual work steps. This is increased by the providing IT services for multiple or dynamically set up IFs. This article presents a novel LoA management approach that has been designed for a high degree of automation, adopts the approach for the dynamic metadata exchange by GÉANT-TrustBroker and exemplifies its usage.

scholarly journals Access Management of User and Cyber-Physical Device in DBaaS according to Indian IT Laws using Blockchain

2020 ◽  
Vol 21 (3) ◽  
pp. 407-424
Author(s):  
Gaurav Deep ◽  
Jagpreet Sidhu ◽  
Rajni Mohana
Keyword(s):  
User Authentication ◽  
Physical Space ◽  
Cloud Data ◽  
Related Data ◽  
Insider Attack ◽  
Share Data ◽  
Authentication And Authorization ◽  
User Data ◽  
Access To Data ◽  
Access Data

Computing on the cloud has changed the working of mankind in every manner, from storing to fetching every information on the cloud. To protect data on the cloud various access procedures and policies are used such as authentication and authorization. Authentication means the intended user is access data on the cloud and authorization means the user is accessing only that data for which he is allowed. The intended user now also includes Cyber-Physical Devices. Cyber-Physical Devices share data between them, fetch data from cloud. Cloud data is managed by employees of cloud Companies. Persons sitting on the cloud managing companies data is always doubtful as so many insider attacks have happened in the past affecting the company Image in the market. Data Related to Cyber-Physical Space may come under Insider attack. Companies managing user data are also liable to protect user data from any type of attack under various sections of the Indian IT act. Work in this paper has proposed blockchain as a possible solution to track the activities of employees managing cloud. Employee authentication and authorization are managed through the blockchain server. User authentication related data is stored in blockchain. Authorization rules are written in any Role/Attribute-based access language. These authorization rules stores the data related to user requests allowed access to data in blockchain. Proposed work will help cloud companies to have better control over their employee’s activities, thus help in preventing insider attack on User and Cyber-Physical Devices.

A study on secure user authentication and authorization in OAuth protocol

2017 ◽  
Vol 22 (S1) ◽  
pp. 1991-1999 ◽  
Author(s):  
Cheol-Joo Chae ◽  
Ki-Bong Kim ◽  
Han-Jin Cho
Keyword(s):  
User Authentication ◽  
Authentication And Authorization

scholarly journals Investigation and Development of Post-Season Modelling of Arrow Squid in the Snares and Auckland Islands

2021 ◽  
Author(s):  
◽  
Vidette Louise McGregor
Keyword(s):  
Automatic Differentiation ◽  
Integrated Model ◽  
Current Data ◽  
Management Approach ◽  
Frequency Data ◽  
Catch Per Unit Effort ◽  
Length Frequency ◽  
Model Builder ◽  
Set Up ◽  
Length Frequency Data

<p>Squid fisheries require a different management approach to most fish species which are much longer living. Most squid live for around one year, spawn and then die. The result of this is an entirely new stock each year with little or no relationship of stock sizes between the years. Hence, it is difficult to set appropriate catch limits prior to the season. Currently, there is nothing set up for modelling the New Zealand squid fishery in-season or post-season. In-season management would allow for adjustments of catch limits during a season. Post-season management would provide information on how much the stock was exploited during a season (described as the escapement). I have produced an integrated model using ADMB (Automatic Differentiation Model Builder) (Fournier et al., 2011) which models length frequency data, CPUE (Catch Per Unit Effort) indices and catch weights from a season. It calculates escapement which indicates how much the fishery is currently being exploited. In running the model against data from four area and year combinations, I found the escapement calculation to be stable. The results suggest this modelling approach could be used with the current data collected for post-season modelling of the fishery. I am less confident about in-season modelling with the current data collected. The integrated model fits quite poorly to the CPUE data, suggesting some discrepancy either between the data or the assumptions made of them. Sampling from a greater number of tows is recommended to improve the length frequency data and this may also improve the ability of the model to fit both to these and the CPUE.</p>

scholarly journals Investigation and Development of Post-Season Modelling of Arrow Squid in the Snares and Auckland Islands

2021 ◽  
Author(s):  
◽  
Vidette Louise McGregor
Keyword(s):  
Automatic Differentiation ◽  
Integrated Model ◽  
Current Data ◽  
Management Approach ◽  
Frequency Data ◽  
Catch Per Unit Effort ◽  
Length Frequency ◽  
Model Builder ◽  
Set Up ◽  
Length Frequency Data

<p>Squid fisheries require a different management approach to most fish species which are much longer living. Most squid live for around one year, spawn and then die. The result of this is an entirely new stock each year with little or no relationship of stock sizes between the years. Hence, it is difficult to set appropriate catch limits prior to the season. Currently, there is nothing set up for modelling the New Zealand squid fishery in-season or post-season. In-season management would allow for adjustments of catch limits during a season. Post-season management would provide information on how much the stock was exploited during a season (described as the escapement). I have produced an integrated model using ADMB (Automatic Differentiation Model Builder) (Fournier et al., 2011) which models length frequency data, CPUE (Catch Per Unit Effort) indices and catch weights from a season. It calculates escapement which indicates how much the fishery is currently being exploited. In running the model against data from four area and year combinations, I found the escapement calculation to be stable. The results suggest this modelling approach could be used with the current data collected for post-season modelling of the fishery. I am less confident about in-season modelling with the current data collected. The integrated model fits quite poorly to the CPUE data, suggesting some discrepancy either between the data or the assumptions made of them. Sampling from a greater number of tows is recommended to improve the length frequency data and this may also improve the ability of the model to fit both to these and the CPUE.</p>

scholarly journals Freestyle Markup Language

2010 ◽  
Author(s):  
Denis Pondorf ◽  
Andreas Witt
Keyword(s):  
Markup Language ◽  
Object Graph ◽  
Set Up ◽  
Definition Of ◽  
New Generation ◽  
Current Standards

This paper provides a new generation of a markup language by introducing the Freestyle Markup Language (FML). Demands placed on the language are elaborated, considering current standards and discussions. Conception, a grammatical definition, a corresponding object graph and the bi-directional unambiguous transformation between these two congruent representation forms are set up. The result of this paper is a fundamental definition of a completely new markup language, consolidating many deficiency-discourses and experiences into one particular implementation concept, encouraging the evolution of markup.

scholarly journals From ‘ontological metaphor’ to semiotic make-believe: giving shape and substance to fictive objects of conception with the ‘globe gesture’

Signo ◽  
2016 ◽  
Vol 41 (70) ◽  
pp. 29 ◽  
Author(s):  
Jean-Remi Lapaire
Keyword(s):  
Mental Representations ◽  
Controlled Environment ◽  
Cognitive Artifact ◽  
Emotional Appeal ◽  
Physical Presence ◽  
Sense Of Reality ◽  
Suspension Of Disbelief ◽  
Set Up ◽  
High Degree

Speakers are moving cognizers who engage in bodily acts of conceptualization. The “globe gesture” is among the most spectacular forms of “manual thinking” (Streeck 2009) used in formal talk. A characterization of the kinesic action typical of the “globe gesture” is first provided that shows how “the image of a bounded, supportable object” is created (McNeill 1992) and set up in gesture space. As conceptual objects are created and masses of semantic substance fashioned, visible shape is given to shapeless mental representations. A powerful semiotic trick is performed with a simple cognitive artifact. Interestingly, a willing suspension of disbelief is required of speakers and listeners who must temporarily give up their rational conceptions of visibility, materiality and palpability to watch the symbolic manipulation of invisible objects. The basic expressive properties of the “globe gesture” are next characterized: outlining and isolating objects of conception; neutralizing semantic specification; establishing a joint focus of attention and imagination; shaping, displaying and unifying content; creating a sense of reality and existence through physical presence. Iconic modifications of the standard metaphoric hand configuration, virtuosic elaborations and creative blends are finally examined before reporting the results of an experimental study of the globe gesture’s heuristic properties in a controlled environment. 14 students attending a multimodal “kineflective” seminar used the hand configuration to engage in “choreographic thinking” (Forsythe 2009) and develop a haptic understanding of derivation, nominalization, substantivation, conceptual reification. The globe gesture acted as a facilitator so long as a high degree of generality was maintained but was promptly discarded when words with a strong emotional appeal were introduced (e.g. sadness, madness). Emblems and iconic gestures were spontaneously performed instead.

Colonization of depopulated crinoids by symbionts: who comes from the bottom and who from the water column?

2015 ◽  
Vol 95 (8) ◽  
pp. 1607-1612 ◽  
Author(s):  
E.S. Mekhova ◽  
P.Y. Dgebuadze ◽  
V.N. Mikheev ◽  
T.A. Britayev
Keyword(s):  
Water Column ◽  
Field Experiments ◽  
Dispersal Ability ◽  
Long Distance ◽  
Sandy Substrate ◽  
Limited Dispersal ◽  
Set Up ◽  
Almost All ◽  
High Degree

Previous experiments with the comatulid Himerometra robustipinna (Carpenter, 1881) demonstrated intensive host-to-host migration processes for almost all symbiotic species both within host aggregations and among hosts separated by several metres. The aim of this study was to check the ability of symbionts to complete long-distance migrations, by means of two in situ experiments which depopulated the crinoid host. Two different sets of field experiments were set up: exposure of depopulated crinoids (set 1) on stony ‘islands’ isolated from native crinoid assemblages by sandy substrate, and (set 2) in cages suspended in the water column. Hosts from set 1 were exposed for 1, 2, 3 and 4 weeks to assess whether substrate has an influence on the symbionts' long-distance migrations. In set 2 cages were exposed for 10–11 days, aiming to check whether symbionts were able to disperse through the water column with currents. These experiments allow the conclusion that post-settled symbionts can actively migrate among their hosts. Symbionts are able to reach their hosts by employing two different ‘transport corridors’, by drifting or swimming in water column, and by moving on the bottom. Comparison of experimental results allows the division of symbionts into two conventional groups according to the dispersal ability of their post-settled stages: (1) species able to complete long-distance migrations, (2) species unable to migrate or having limited dispersal ability. The finding of the free-living shrimp Periclimenes diversipes Kemp, 1922 in set 2 raises the question about the factors that affect such a high degree of specialization of crinoid assemblages.

Secure Data Validation and Transmission In Cloud and IoT Through Ban Logic And KP-ABE

2021 ◽  
Vol 11 ◽  
Author(s):  
Narander Kumar ◽  
Jitendra Kumar Samriya
Keyword(s):  
Privacy Preservation ◽  
Data Science ◽  
User Authentication ◽  
Ban Logic ◽  
Data Validation ◽  
Security Measures ◽  
Privacy And Security ◽  
Cloud Data ◽  
Control Approach ◽  
User Data

Background: Cloud computing is a service that is being accelerating its growth in the field of information technology in recent years. Privacy and security are challenging issues for cloud users and providers. Obective: This work aims at ensuring secured validation of user and protects data during transmission for users in a public IoT-cloud environment. Existing security measures however fails by their single level of security, adaptability for large amount of data and reliability. Therefore, to overcome these issues and to achieve a better solution for vulnerable data. Method: The suggested method utilizes a secure transmission in cloud using key policy attribute based encryption (KPABE). Initially, user authentication is verified. Then the user data is encrypted with the help of KP-ABE algorithm. Finally, data validation and privacy preservation are done by Burrows-Abadi-Needham (BAN) logic. This verified, and shows that the proposed encryption is correct, secure and efficient to prevent unauthorized access and prevention of data leakage so that less chances of data/identity, theft of a user is the analysis and performed by KP-ABE, that is access control approach. Results: Here the method attains the maximum of 88.35% of validation accuracy with a minimum 8.78ms encryption time, which is better when, compared to the existing methods. The proposed mechanism is done by MATLAB. The performance of the implemented method is calculated based on the time of encryption and decryption, execution time and validation accuracy. Conclusion: Thus the proposed approach attains the high IoT-cloud data security and increases the speed for validation and transmission with high accuracy and used for cyber data science processing.

Securing the Infrastructure for Service-Based E-Learning Environments

2011 ◽  
pp. 1-24
Author(s):  
Simon Schwingel ◽  
Gottfried Vossen ◽  
Peter Westerkamp
Keyword(s):  
Web Services ◽  
Learning Environment ◽  
Learning Environments ◽  
User Authentication ◽  
Learning Objects ◽  
Learning System ◽  
Learning Material ◽  
Single Sign On ◽  
User Data ◽  
E Learning

E-learning environments and their system functionalities resemble one another to a large extent. Recent standardization efforts in e-learning concentrate on the reuse of learning material only, but not on the reuse of application or system functionalities. The LearnServe system, under development at the University of Muenster, builds on the assumption that a typical learning system is a collection of activities or processes that interact with learners and suitably chosen content, the latter in the form of learning objects. This enables us to divide the main functionality of an e-learning system into a number of stand-alone applications or services. The realization of these applications based on the emerging technical paradigm of Web services then renders a wide reuse of functionality possible, thereby giving learners a higher flexibility of choosing content and functionalities to be included in their learning environment. In such a scenario, it must be possible to maintain user identity and data across service and server boundaries. This chapter presents an architecture for implementing user authentication and the manipulation of user data across several Web services. In particular, it demonstrates how to exploit the SPML and SAML standards so that cross-domain single sign-on can be offered to the users of a service-based learning environment. The chapter also discusses how this is being integrated into LearnServe.

Sign in / Sign up

Export Citation Format

Share Document