Search results for "Tietoturva"
showing 10 items of 184 documents
Using Hypervisors to Overcome Structured Exception Handler Attacks
2019
Microsoft windows is a family of client and server operating systems that needs no introduction. Microsoft windows operating system family has a feature to handle exceptions by storing in the stack the address of an exception handler. This feature of Microsoft Windows operating system family is called SEH (Structured exception handlers). When using SEH the exception handler address is specifically located on the stack like the function return address. When an exception occurs the address acts as a trampoline and the EIP jumps to the SEH address. By overwriting the stack one can create a unique type of return oriented programming (ROP) exploit that force the instruction pointer to jump to a …
Tietojoukkojen anonymisointi ja jälleentunnistaminen
2016
Nykyään ihmisistä kerätään ja tallentuu massiivisia määriä henkilökohtaista dataa, mutta kyseisen datan yksityisyydensuojasta ja turvallisuudesta ei aina voida olla täysin varmoja. Kun ihmisten henkilökohtaisia tietoja, kuten sairaushistoriaa tai hoitotietoja, julkaistaan esimerkiksi tutkimuskäyttöön, tulee tiedot anonymisoida riittävällä tavalla eli käsitellä siten, ettei yksittäisiä henkilöitä kyetä tunnistamaan tiedoista. Vaikka anonymisointitekniikoita on useita ja ne voivat olla tehokkaita, eivät ne ole täydellisiä: joskus anonymisointi voi pettää ja ihmisten mahdollisesti arkaluontoisiakin tietoja voi tulla julki ja päätyä vääriin käsiin. Anonymisoinnin pettäminen voi johtua joko ihmi…
Distributed denial-of-service attacks in the Internet
2005
Beyond economic and financial analyses : A revelatory study of IT security investment decision-making process
2022
Information Technology (IT) security breaches and the extent of damage they may cause to an organization are inherently uncertain. Therefore, managers’ decisions about whether to make IT security investment (ITSI) and how much, depend upon a subjective assessment of the economic value of the investment and the likelihood of the damage to the organization. When managers delay or fail to decide on whether and how much to invest in IT security, it can make organizations vulnerable to operational and strategic perils. Based upon interviews, document reviews, and observations in three organizations in Finland that made ITSI decisions to acquire a secure email application system, we examined the …
An Efficient and Privacy-Preserving Blockchain-Based Authentication Scheme for Low Earth Orbit Satellite Assisted Internet of Things
2022
Recently, integrating satellite networks (e.g. Low-earth-orbit satellite constellation) into the Internet of Things (IoT) ecosystem has emerged as a potential paradigm to provide more reliable, ubiquitous and seamless network services. The LEO satellite networks serves as a key enabler to transform the connectivity across industries and geographical border. Despite the convenience brought from the LEO satellite networks, it arises security concerns, in which the essential one is to secure the communication between the IoT devices and the LEO satellite network. However, some challenges inheriting from the LEO satellite networks need to be considered : 1) the dynamic topology; 2) the resource…
Adopting encryption to protect confidential data in public clouds: A review of solutions, implementation challenges and alternatives
2015
A shift towards use of public cloud services is ongoing and more and more enterprises will start to use them in the near future. As public cloud services certainly promise to deliver many benefits, this new way of delivering services also introduces new types of risks. Due to the NSA’s surveillance programs, non-US enterprises need to reassess the risks of public cloud services provided by US companies and look for available solutions to protect their confidential data transferred and stored in the cloud. Encryption is seen as a solution to help enterprises full fill the requirements related to security and privacy, but is often challenging to implement. Encryption has its own security prob…
Industry 4.0 Intelligence under Attack : From Cognitive Hack to Data Poisoning
2018
Artificial intelligence is an unavoidable asset of Industry 4.0. Artificial actors participate in real-time decision-making and problem solving in various industrial processes, including planning, production, and management. Their efficiency, as well as intelligent and autonomous behavior is highly dependent on the ability to learn from examples, which creates new vulnerabilities exploited by security threats. Today's disruptive attacks of hackers go beyond system's infrastructures targeting not only hard-coded software or hardware, but foremost data and trained decision models, in order to approach system's intelligence and compromise its work. This paper intends to reveal security threats…
ISO/IEC 27001 -standardi yleisen tietosuoja-asetuksen kontekstissa
2017
EU:n tietosuojalainsäädäntö uudistui 24.5.2016, kun yleinen tietosuoja-asetus astui voimaan ja lakia aletaan soveltaa käytännössä kahden vuoden siirtymäajan jälkeen 25.5.2018. Tämä yleinen tietosuoja-asetus on merkittävä uudistus, joka esittelee monia lisäyksiä ja tarkennuksia vanhaan henkilödirektiiviin ja tutkielman kirjoittamisen ajankohtana siirtymäaika on jo käynnissä. Tutkielma toteutettiin kirjallisuuskatsauksena ja tutkielman varsinaisena tarkoituksena oli selvittää, pystyykö tunnettu tietoturvallisuuden hallintajärjestelmä -standardi, ISO/IEC 27001:2013, vastaamaan yleisen tietosuoja-asetuksen moniin vaatimuksiin. Toisin sanoen tarkoituksena oli vertailla standardin ja asetuksen va…
Self-Sovereign Identity Ecosystems : Benefits and Challenges
2021
Verifiable credentials, coupled with decentralized ledger technologies, have been potential providers of trustworthy digital identity for individuals, organizations, and other entities, and thus, potential enablers of trustful digital interactions. The rapid development of this technology—called self-sovereign identity (SSI)—and the ecosystems built around it have been fostered even more by the societal needs stemming from the current pandemic crisis, when governments, non-profit organizations, businesses, and individuals are working together on different aspects of SSI to enable mainstream adoption. In this study, we build on rich qualitative data gathered from SSI practitioners to give a …
On Attacking Future 5G Networks with Adversarial Examples : Survey
2022
The introduction of 5G technology along with the exponential growth in connected devices is expected to cause a challenge for the efficient and reliable network resource allocation. Network providers are now required to dynamically create and deploy multiple services which function under various requirements in different vertical sectors while operating on top of the same physical infrastructure. The recent progress in artificial intelligence and machine learning is theorized to be a potential answer to the arising resource allocation challenges. It is therefore expected that future generation mobile networks will heavily depend on its artificial intelligence components which may result in …