Six protection goals provide a common scheme for addressing the legal, technical, economic, and societal dimensions of privacy and data protection in complex IT systems. In this paper, each of these is analyzed for state of the art in implementation, existing techniques and technologies, and future research indications.
Being regarded as the new paradigm for Internet communication, Web Services have introduced a large number of new standards and technologies. Though founding on decades of networking experience, Web Services are not more resistant to security attacks than other open network systems. Quite the opposite is true: Web Services are exposed to attacks well-known from common Internet protocols and additionally to new kinds of attacks targeting Web Services in particular. Along with their severe impact, most of these attacks can be performed with minimum effort from the attacker's side.This article gives a survey of vulnerabilities in the context of Web Services. As a proof of the practical relevance of the threats, exemplary attacks on widespread Web Service implementations were performed. Further, general countermeasures for prevention and mitigation of such attacks are discussed.This work was done while the authors were at the
Big data has become a great asset for many organizations, promising improved operations and new business opportunities. However, big data has increased access to sensitive information that when processed can directly jeopardize the privacy of individuals and violate data protection laws. As a consequence, data controllers and data processors may be imposed tough penalties for non-compliance that can result even to bankruptcy. In this paper, we discuss the current state of the legal regulations and analyse different data protection and privacy-preserving techniques in the context of big data analysis. In addition, we present and analyse two real-life research projects as case studies dealing with sensitive data and actions for complying with the data regulation laws. We show which types of information might become a privacy risk, the employed privacypreserving techniques in accordance with the legal requirements, and the influence of these techniques on the data processing phase and the research results.
The endocytic pathway is a complex network of highly dynamic organelles, which has been traditionally studied by quantitative fluorescence microscopy. The data generated by this method can be overwhelming and its analysis, even for the skilled microscopist, is tedious and error-prone. We developed SpatTrack, an open source, platform-independent program collecting a variety of methods for analysis of vesicle dynamics and distribution in living cells. SpatTrack performs Endocytosis of proteins from the cell surface and subsequent sorting of internalized cargo in endosomes is a complex and highly dynamic process. Traditionally, endocytosis has been studied by subcellular fractionation and by transmission electron microscopy after suitable labeling of endocytic ligands (1,2). In parallel, fluorescence microscopy has evolved as a major tool to study the endocytic pathway. This is a consequence of the high specificity and sensitivity of fluorescence and the relative ease of labeling endocytic cargo with small fluorescent probes.Moreover, only fluorescence studies of the endocytic pathway bear the potential of measuring biophysical properties of the endosome, like pH or concentration of ions like calcium and chloride (3,4). Ligands of endocytic receptors have several fates once arrived in the endosome; they can recycle to the cell surface from early sorting or recycling endosomes, like transferrin after releasing iron into the endosomal lumen (5). They can become targeted to the trans-Golgi network in a retrograde trafficking route, as furin or several plant toxins (5,6). Ligands can be also 1406 www.traffic.dk
In recent research it turned out that Boolean verification of digital signatures in the context of WSSecurity is likely to fail: If parts of a SOAP message are signed and the signature verification applied to the whole document returns true, then nevertheless the document may have been significantly altered.In this paper, we provide a detailed analysis on the possible scenarios that enable these signature wrapping attacks. Derived from this analysis, we propose a new solution that uses a subset of XPath instead of ID attributes to point to the signed subtree, and show that this solution is both efficient and secure.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.