În articol sunt analizate soluțiile legislative în materie penală ale statelor străine în ceea ce priveşte protecția datelor confidențiale cu caracter personal în regim juridic de secret profesional. ...În acest scop au fost identificate și sintetizate normele juridico-penale ce se conțin în Codurile penale și în legi speciale penale ale unor state europene (Franța, Germania, Elveția, Italia) și ale unor state din spațiul post-sovietic (Ucraina, Belarus, Kazahstan, Kârgâzstan, Georgia). Pe parcursul cercetării s-a observat că legiuitorii din spațiul european oferă suficiente garanții protecției oricărui secret profesional, iar legislația penală a statelor din spațiul post-sovietic se limitează doar la protecția juridico-penală a secretului profesional medical (cu excepția Georgiei). În baza cercetării intreprinse sunt formulate concluzii și recomandări menite să lichideze lacunele legislative depistate. Confidential Personal data protection in the regime of professional secrecy: comparative penal law approach In the realm of this scientific article there are analyzed legislative approaches in penal matter of foreign countries concerning confidential personal data protection in the regime of professional secrecy. In such a manner there have been identified and synthesized penal norms which are contained in the Criminal code and other special laws of some European countries (France, Germany, Swiss confederation and Italy) as well as several states form the Post-Soviet space (Ukraine, Belarusi, Kazahstan, Kyrgyzstan, Georgia). During the research there have been found, that foreign lawmakers offer sufficient guarantees for penal protection of professional data, while penal legislation from the Post-Soviet space is restricted only to penal protection of the professional medical secret, except for Georgia. As a result of the research there have been formulated conclusions and recommendations which are designed to compensate legislative gaps.
In any field, the security of data is extremely important, and it is even related to national security and personal privacy. Within a mature system framework, the design of data security is the most ...basic and challenging task, and access control is one of the main strategies for Network security prevention. Log as an indispensable part of a secure system can help us to complete traceability after a data breach and to monitor the operation of the application at any time. However, in the existing confidential data management systems, the existing access control methods are not friendly to confidential data, and there are problems of excessive administrator privileges and no confidentiality restrictions. Considering of the fact that the authority and log Module is not well implemented in most confidential data management system, we propose to design a general access control model application. We propose an access control model based on roles and object domains, combined with a security level. Through this model, we can implement three-layer filtering when users access data, thereby ensuring data security and avoiding data leakage problems. At the same time, by implementing the log module, some deficiencies in the log analysis and monitoring of existing confidential data management system can be solved.
This study provides a comprehensive review and comparative analysis of existing Information Flow Tracking (IFT) tools which underscores the imperative for mitigating data leakage in complex cloud ...systems. Traditional methods impose significant overhead on Cloud Service Providers (CSPs) and management activities, prompting the exploration of alternatives such as IFT. By augmenting consumer data subsets with security tags and deploying a network of monitors, IFT facilitates the detection and prevention of data leaks among cloud tenants. The research here has focused on preventing misuse, such as the exfiltration and/or extrusion of sensitive data in the cloud as well as the role of anonymization. The CloudMonitor framework was envisioned and developed to study and design mechanisms for transparent and efficient IFT (eIFT). The framework enables the experimentation, analysis, and validation of innovative methods for providing greater control to cloud service consumers (CSCs) over their data. Moreover, eIFT enables enhanced visibility to assess data conveyances by third-party services toward avoiding security risks (e.g., data exfiltration). Our implementation and validation of the framework uses both a centralized and dynamic IFT approach to achieve these goals. We measured the balance between dynamism and granularity of the data being tracked versus efficiency. To establish a security and performance baseline for better defense in depth, this work focuses primarily on unique Dynamic IFT tracking capabilities using e.g., Infrastructure as a Service (IaaS). Consumers and service providers can negotiate specific security enforcement standards using our framework. Thus, this study orchestrates and assesses, using a series of real-world experiments, how distinct monitoring capabilities combine to provide a comparatively higher level of security. Input/output performance was evaluated for execution time and resource utilization using several experiments. The results show that the performance is unaffected by the magnitude of the input/output data that is tracked. In other words, as the volume of data increases, we notice that the execution time grows linearly. However, this increase occurs at a rate that is notably slower than what would be anticipated in a strictly proportional relationship. The system achieves an average CPU and memory consumption overhead profile of 8% and 37% while completing less than one second for all of the validation test runs. The results establish a performance efficiency baseline for a better measure and understanding of the cost of preserving confidentiality, integrity, and availability (CIA) for cloud Consumers and Providers (C&P). Consumers can scrutinize the benefits (i.e., security) and tradeoffs (memory usage, bandwidth, CPU usage, and throughput) and the cost of ensuring CIA can be established, monitored, and controlled. This work provides the primary use-cases, formula for enforcing the rules of data isolation, data tracking policy framework, and the basis for managing confidential data flow and data leak prevention using the CloudMonitor framework.
One of the challenges in the Internet of Things systems is the security of the critical data, for example, data used for intrusion detection. The paper research construction of an intrusion detection ...system that ensures the confidentiality of critical data at a given level of intrusion detection accuracy. For this goal, federated learning is used to train an intrusion detection model. Federated learning is a computational model for distributed machine learning that allows different collaborating entities to train one global model without sharing data. This paper considers the case when entities have data that are different in attributes. Authors believe that it is a common situation for the critical systems constructed using Internet of Things (IoT) technology, when industrial objects are monitored by different sets of sensors. To evaluate the applicability of the federated learning for this case, the authors developed an approach and an architecture of the intrusion detection system for vertically partitioned data that consider the principles of federated learning and conducted the series of experiments. To model vertically partitioned data, the authors used the Secure Water Treatment (SWaT) data set that describes the functioning of the water treatment facility. The conducted experiments demonstrate that the accuracy of the intrusion detection model trained using federated learning is compared with the accuracy of the intrusion detection model trained using the centralized machine learning model. However, the computational efficiency of the learning and inference process is currently extremely low. It is explained by the application of homomorphic encryption for input data protection from different data owners or data sources. This defines the necessity to elaborate techniques for generating attributes that could model horizontally partitioned data even for the cases when the collaborating entities share datasets that differ in their attributes.
•A lot of young people have problems with control of online information, which were uploaded to websites.•The online risky behavior of children is connected with online sharing of personal ...information.•The sharing of personal data has a correlation with online risky behavior.•Authors present examples of good praxes in area of preventive educational.
The aim of the article is to present research results concerning sharing confidential data and risky behaviors that are derived from it among the young Internet users. The analysis of the topic was depicted on the basis of quantitative research carried out in Poland and Czech Republic. According to the analysis, behaviors connected with sharing the sensitive data on the Internet determine a range of further risky behaviors in the virtual space and the real world. In the article, the type of data shared on the Internet, ways of interpreting risky behaviors by young people were determined and the attempt to distinguish factors that condition dangerous behaviors was made. The research is of comparative character and its aim is to present the specifics of the analyzed phenomenon in the perspective of the two biggest countries of the Visegrad Group. The article includes the examples of educational actions which aim is to improve the awareness of children and youth in the matter of improving their own level of safety on the Internet. These actions serve as good educational practices and are the answer of the education environment to e-threats presented in the paper.
The National PTSD Brain Bank (NPBB) is a brain tissue biorepository established to support research on the causes, progression, and treatment of PTSD. It is a six-part consortium led by VA’s National ...Center for PTSD with participating sites at VA medical centers in Boston, MA; Durham, NC; Miami, FL; West Haven, CT; and White River Junction, VT along with the Uniformed Services University of Health Sciences. It is also well integrated with VA’s Boston-based brain banks that focus on Alzheimer’s disease, ALS, chronic traumatic encephalopathy, and other neurological disorders. This article describes the organization and operations of NPBB with specific attention to: tissue acquisition, tissue processing, diagnostic assessment, maintenance of a confidential data biorepository, adherence to ethical standards, governance, accomplishments to date, and future challenges. Established in 2014, NPBB has already acquired and distributed brain tissue to support research on how PTSD affects brain structure and function.
Purpose
Electrocardiogram (ECG) signals aid in the clinical assessment of essential body functions by measuring pulse rate, intracranial pressure, respiration rate, and blood pressure. Additionally, ...ECG signals are employed to identify various heart diseases, such as arrhythmias and myocardial damage. This study aims to reduce the data size of ECG signals while preserving their original ECG characteristics and protecting personal privacy during network transmission.
Methods
First, we performed amplitude-quantization steganography on ECG signals to hide confidential patient data. We adopted a threshold-based compression technique to reduce the data size of ECG signals while preserving their characteristics as much as possible. We utilized a cubic spline in the recovery of the compressed ECG signal. In addition, the performance of the proposed amplitude-quantization steganography was enhanced by the particle swarm optimization algorithm.
Results
Experimental results verified the efficiency of the proposed method.
Conclusion
The proposed method not only protect the security of the ECG transmission but also reduce the amount of ECG transmission. Moreover, the proposed method improves the drawback that the quality of each hidden ECG signal is greatly reduced as the quantization size Q is increased.
În cadrul acestui demers științific sunt elaborate unele soluții privind protecția juridico-penală a secretului profesional al jurnalistului. Fundamentarea cadrului conceptual preconizează ...optimizarea cadrului incriminator prin formularea unor sugestii de lege ferenda menite să îmbunătățească substanțial dreptul penal al Republicii Moldova. Astfel, am demonstrat că norma juridico-penală cu privire la încălcarea inviolabilității vieții personale, în conformitate cu alin.(1) art.177 CP RM, nu oferă protecție suficientă informației obținute, păstrate sau prelucrate în regimul secretului profesional, deoarece aceste date confidențiale sunt ocrotite în regimul secretului personal sau familial, care îi aparține deținătorului primar, pe când secretul profesional presupune că acesta este administrat de către deținătorul secund (specialistul care a obținut informații confidențiale în legătură cu exercitarea atribuțiilor sale profesionale). profesional journalist secrecy in criminal law and ECHR caseLawIn the realm of this scientific message are elaborated some solutions concerning criminal law protection of professional journalist secrecy. The conceptual framework envisages optimizing the incriminating construction by formulating some suggestions de lege ferenda aimed to improve substantially Criminal law of the Republic of Moldova. The author demonstrated that the criminal legal norm concerning the violation of inviolability of privacy provided by paragraph (1) article 177 of the Criminal code, doesn’t offer sufficient protection to the data obtained, stored or processed in the professional secrecy regime, because those confidential data are protected in the regime of personal or family secret which belongs to the primary owner, while the professional secrecy assumes that this kind of secrecy is administrated by the secondary owner (the employee who obtained the confidential data in connection with the execution of his/her professional competences).
In cloud computing, data sharing and security are considered as the significant challenging issues in the present era. Until recently, considering secure data sharing in the cloud, several problems ...have been taken into consideration, such as data security, privacy, data integrity, confidentiality and resource scheduling. In this study, the hybridised cryptographic-integrated steganography (HCIS) algorithm has been used with auxiliary data inputs for secured data sharing in an internet of things assisted cloud environment for the urban transportation system. Further, the cryptography or cryptology generates code that provides a high level of privacy to the group or individual who can access cloud data. Furthermore, cryptography converts data into a secure format that is readable by an authorised user and steganography helps to transmit secret data to avoid the detection of information. The confidential data is extracted at its destination, and the encryption key has been utilised for hiding or effectively protecting data. The experimental results show that efficient and secure data sharing with multi-owners in cloud computing has been achieved using the HCIS method.
PDF
