End users activities in social media lead to regular changes in the overall privacy impact because they continually encounter or meddle in all forms of private data associations. Users are exposed to regular changes in risk level as a result of regular updates. To keep an overview over risk exposure, privacy risk assessments, in theory, should be re-done upon every update in a user’s network. E...

Within a multilevel secure (MLS) system, trusted subjects are granted privileges to perform operations that are not possible by ordinary subjects controlled by mandatory access control (MAC) policy enforcement mechanisms. These subjects are trusted not to conduct malicious activity or degrade system security. We present a formal definition for trusted subject behaviors, which depends upon a rep...

A Hybrid Wireless Sensor network (HWSN) with static and mobile nodes is considered. Static sensors monitor the environment and report events occurring in the sensing field. Mobile sensors are then dispatched to visit these event locations to conduct more advanced analysis. Mobile sensor will collect the information about the event and in turn will send it to the base station. As WSN is vulnerab...

The information security risk assessment is investigated from perspectives of most advanced probabilistic risk assessment (PRA) for nuclear power plants. Accident scenario enumeration by initiating events, mitigation systems and event trees are first described and demonstrated. Assets, confidentiality, integrity, availability, threats, vulnerabilities, impacts, likelihoods, and safeguards are r...

Assessment is an integral part of a chief information security officer’s (CISO) daily work. Continuously, the CISO must make security policy decisions, either introducing new policies or technologies in the organisation, or modifying existing policies. Assessment in this environment must inherently go beyond assessment of the policy’s security properties alone. It must include considerations ab...

We present a general framework for efficient, universally composable oblivious transfer (OT) protocols in which a single, global, common reference string (CRS) can be used for multiple invocations of oblivious transfer by arbitrary pairs of parties. In addition: – Our framework is round-efficient. E.g., under the DLIN or SXDH assumptions we achieve round-optimal protocols with static security, ...

This paper addresses the design of the DOK security service allowing the enforcement of both local and federated policies. The former are those policies which relate to local databases, whereas the latter speci es the aggregation rules that govern the access to data aggregates which reside in di erent databases. In this paper we describe the component of the DOK security service which enforces ...

We study the security challenges faced by the mobile agent paradigm, where code travels and performs computations on remote hosts in an autonomous manner. We define universally composable security for mobile agent computation that is geared toward a complex networking environment where arbitrary protocol instances may be executing concurrently. Our definition provides security for all the parti...

To test if a host contains any known security flaws over a network connection a Vulnerability Assessment (VA) could be made. This thesis describes different techniques used by VA tools over a network connection to detect known security flaws. To decrease the risk of flaws not being detected, several VA tools could be used. There is no common way of merging information from different VA tools. T...

With the significant reliance of proactive monitoring of computer networks on security information management systems, a requirement is to provide appropriate and comprehensive countermeasures to perceived threats on the entire network. A security response mechanism is proposed that combines both generic and fuzzy response models to provide automated (static and dynamic) security countermeasure...