Introduction Horizon 2020 was the most significant EU Research and Innovation programme ever implemented and included the Marie Sklodowska-Curie Actions (MSCA). Proposals submitted to the MSCA ...actions awere subject to the Ethics Appraisal Procedure. In this work we explored the ethics appraisal procedure in MSCA H2020. Methods Using a retrospective analysis of pooled anonymized data, we explored the ethics appraisal procedure on proposals submitted to Marie Sklodowska-Curie Actions (MSCA) during the entire Horizon 2020 program period (N = 79,670). Results Our results showed that one of the most frequently identified ethics categories was Data protection. We also detected slight differences between applicants' and the ethics reviewers' awareness of ethical issues. Trajectory analysis of all ethics screened proposals appearing on main lists showed that a minimal portion of all screened submissions required additional ethics checks in the project implementation phase. Conclusion Personal data protection is one of the most represented ethics categories indicated among MSCA actions which exhaust ethics assessment efforts and may lead to "overkills" in ethics requirements. Excluding the majority of personal data protection assessment from the ethics assessment, except for parts which are directly related to ethics like "Informed consent procedures", might be necessary in the future. A gap in understanding of ethics issues between applicants and reviewers' points to the necessity to further educate researchers on research ethics issues.
Contextualization: This article has as an analyzer pattern the main contours about the construction of the data protection device in the national legal system. Objective: To identify an existing ...relationship between the Brazilian and European data protection provisions. Methodology: research of hypothetical-destructive research methods based on study methods of studies of studies of data studies from the notion of circulation of legal. The research hypothesis is that the structuring of the national data system was, to a large extent, developed from the European structural structures for data protection. Results: The results found show that the Brazilian data protection system has a strong influence of the European data protection normative system. KEYWORDS: Circulation of Legal Systems. Data Protection. ANPD. Contextualizacao do tema: O presente artigo possui como pressuposto central analisar os principais contornos acerca da construcao do aparato de protecao de dados no sistema juridico nacional. Objetivo: Identificar a relacao existente entre o aparato de protecao de dados brasileiro e o europeu. Metodologia: Aplicando-se o metodo de pesquisa hipotetico-dedutivo, baseado em pesquisas e analises bibliograficas, tem-se como objetivo analisar a construcao do sistema de protecao de dados brasileiro a partir da nocao de circulacao de modelos juridicos. A hipotese de pesquisa e a de que a estruturacao do sistema de protecao de dados nacional foi, em grande medida, desenvolvido a partir das construcoes legislativas europeias para protecao de dados. Resultados: Os resultados encontrados evidenciam que o sistema brasileiro de protecao de dados possui forte influencia do sistema normativo de protecao de dados europeu. PALAVRAS-CHAVE: Circulacao de Modelos Juridicos. Protecao de Dados. ANPD. Contextualizacion: Este articulo tiene como patron analizador los principales contornos acerca de la construccion del dispositivo de proteccion de datos en el ordenamiento juridico nacional. Objetivo: Identificar una relacion existente entre las disposiciones de proteccion de datos brasilenas y europeas. Metodologia: investigacion de metodos de investigacion hipoteticos-destructivos basados en metodos de estudio de estudios de estudios de datos a partir de la nocion de circulacion de lo legal. La hipotesis de investigacion es que la estructuracion del sistema nacional de datos se desarrollo, en gran medida, a partir de las estructuras estructurales europeas para la proteccion de datos. Resultados: Los resultados encontrados muestran que el sistema brasileno de proteccion de datos tiene una fuerte influencia del sistema normativo europeo de proteccion de datos. PALABRAS CLAVE: Circulacion de Ordenamientos Juridicos; Proteccion de Datos; ANPD.
•Fail-safe and tamper resistant blockchain framework for healthcare data.•Decentralized storage in IPFS using blockchain for data privacy and security.•Patient-centric access model enabling patients ...to control their health data.
Traditional healthcare systems in the present scenario follow centralized client-server architecture to store and process patient-health related information. Data stored in each of the healthcare institution remain in silos which cannot be easily shared with other institutions due to technical and infrastructural constraints. Hospitals do not have an effective and secure data sharing mechanism leading to monetary and resource loss in the case of a person visiting different hospitals. Blockchain, a disruptive technology with secure and reliable decentralized framework, and can be used to circumvent problems in traditional healthcare architecture for secure storage, sharing and retrieval of Electronic Health Records (EHR). A blockchain-based framework integrated with InterPlanetary File System (IPFS) for EHR in healthcare management has been proposed in this paper. This proposed framework will enable healthcare institutions to maintain fail-safe and tamper-proof healthcare ledgers in a decentralized manner. Hospitals and doctors act as lightweight nodes, whereas patient nodes can be full or lightweight nodes. The model proposes two-factor authentication and multi-factor authentication for preventing fake node attacks. Patient-centric access model allows the patients to act as digital stewards for their health data, allowing access to doctors and hospitals on demand and revoking it after stipulated time. Symmetric key encryption (AES-128) is used for encrypting data before storing into IPFS. Asymmetric encryption (RSA-4096) is used for generating digital envelopes to pass on symmetric key to authorized entities. Digital signatures (RSA-1024) make sure that the transactions are valid and from authorized nodes. Hashing of the encrypted data is done using SHA-256 algorithm. Multiple layers of security implemented in this model makes sure that adversaries cannot obtain data stored in IPFS; even if they retrieve the data, it will not be meaningful since it is encrypted. The proposed framework for off-chain storage of health data using IPFS saves blockchain structure from scalability issues. Further the proposal for blockchain integration with IPFS helps preserve privacy in the healthcare system, making it highly secure, scalable and robust.
Medical data widely exist in the hospital and personal life, usually across institutions and regions. They have essential diagnostic value and therapeutic significance. The disclosure of patient ...information causes people's panic, therefore, medical data security solution is very crucial for intelligent health care. The emergence of federated learning (FL) provides an effective solution, which only transmits model parameters, breaking through the bottleneck of medical data sharing, protecting data security, and avoiding economic losses. Meanwhile, the neural architecture search (NAS) has become a popular method to automatically search the optimal neural architecture for solving complex practical problems. However, few papers have combined the FL and NAS for simultaneous privacy protection and model architecture selection. Convolutional neural network (CNN) has outstanding performance in the image recognition field. Combining CNN and fuzzy rough sets can effectively improve the interpretability of deep neural networks. This article aims to develop a multiobjective convolutional interval type-2 fuzzy rough FL model based on NAS (CIT2FR-FL-NAS) for medical data security with an improved multiobjective evolutionary algorithm. We test the proposed framework on the LC25000 lung and colon histopathological image dataset. Experimental verification demonstrates that the designed multiobjective CIT2FR-FL-NAS framework can achieve high accuracy superior to state-of-the-art models and reduce network complexity under the condition of protecting medical data security.
Transparantie over cybersecurity neemt toe Eimers, Peter; Shahim, Abbas; Kornelisse, Peter
MAB ('s-Gravenhage. Online),
12/2023, Volume:
97, Issue:
9/10
Journal Article
Peer reviewed
Open access
Cybersecurity is een randvoorwaarde voor organisaties en de samenleving om cyberrisico’s te beheersen. Deze cyberrisico’s kunnen zowel lokaal als wereldwijd stabiliteit en veiligheid in gevaar ...brengen. Het groeiend aantal cyberaanvallen, de toenemende complexiteit en de inzet van steeds meer geavanceerde digitale middelen zijn een punt van grote zorg voor alle belanghebbenden. De publieke transparantie omtrent de wijze waarop de steeds ernstiger wordende cyberrisico’s worden beheerst, is dan ook van groot belang en ook steeds vaker een vereiste. Dit komt onder andere tot uiting in de risicoparagraaf van het bestuursverslag en de ontwikkelende regelgeving, zoals die van de Cybersecurity Act en de SEC over cyber disclosures.
Federated learning has been widely applied as a distributed machine learning method in various fields, allowing a global model to be trained by sharing local gradients instead of raw data. However, ...direct sharing of local gradients still carries the risk of privacy data leakage, and the malicious server might falsify aggregated result to disrupt model updates. To address these issues, a lot of privacy-preserving and verifiable federated learning schemes have been proposed. However, existing schemes suffer from significant computation overhead in either encryption or verification. In this paper, we present ESVFL, an efficient and secure verifiable federated learning scheme with privacy-preserving. This scheme can simultaneously achieve low computation overhead for encryption and verification on the user side. We design an efficient privacy-preserving method to encrypt the users’ local gradients. Using this method, the computation and communication overheads of encryption on the user side is independent of the number of users. Users can efficiently verify the correctness of aggregated results returned by the cloud servers using cross-verification. During the verification process, there is no interaction among users and no additional computation is required. Furthermore, we also construct an efficient method to address the issue of user dropout. When some users drop out, online users do not incur any additional computation and communication overheads, while guaranteeing the correctness of the aggregated result of online users’ encrypted gradients. The security analysis and the performance evaluation demonstrate that ESVFL is secure and can achieve efficient encryption and verification.
•We put forward ESVFL, an efficient and secure verifiable federated learning scheme with privacy-preserving.•We propose an efficient privacy-preserving method to encrypt the users’ local gradients.•We utilize cross-validation to achieve verifiability.•We construct an efficient method to solve the problem of user dropout.
With the advent of smart homes, smart cities, and smart everything, the Internet of Things (IoT) has emerged as an area of incredible impact, potential, and growth, with Cisco Inc. predicting to have ...50 billion connected devices by 2020. However, most of these IoT devices are easy to hack and compromise. Typically, these IoT devices are limited in compute, storage, and network capacity, and therefore they are more vulnerable to attacks than other endpoint devices such as smartphones, tablets, or computers.
In this paper, we present and survey major security issues for IoT. We review and categorize popular security issues with regard to the IoT layered architecture, in addition to protocols used for networking, communication, and management. We outline security requirements for IoT along with the existing attacks, threats, and state-of-the-art solutions. Furthermore, we tabulate and map IoT security problems against existing solutions found in the literature. More importantly, we discuss, how blockchain, which is the underlying technology for bitcoin, can be a key enabler to solve many IoT security problems. The paper also identifies open research problems and challenges for IoT security.
•IoT is a promising disruptive technology with incredible growth, impact and potential.•A review of emerging topics related to Internet of Things (IoT) security and Blockchain is presented.•A mapping of the major security issues for IoT to possible solutions is tabulated.•Blockchain technology and its robust solutions for challenging and critical IoT security problems are reviewed.•A parametric analysis of the state-of-the-art IoT security issues and solutions is described.