Nettsider med emneord «security»
Within January 2019 all electricity customers in Norway will have to use smart meters. These smart meters will become part of the ”Avanserte Måle- og Styringssystemer” (Automatic Meter Systems - AMS), and include that users can have a better information on their electricity usage, a more accurate billing of their consumption and the opportunity for automatic controlling of the power consumption. Pilots have already been running at several places in Norway. Academia, Grid distributors, Industry, and Consumer Organisations have joined through the IoTSec.no initiative to discuss security and privacy related to the services and infrastructures in an AMS.
The future electricity network is based on components, which are state-of-the-art from some years back in time. As an example, the SCADA system consists of network interfaces, browser sessions..., which all can be hacked using standard vulnerabilities.
Embedded Systems (ES) becomes increasingly popular in modern times. This popularity increases the importance of the security for these systems. The reliable evaluation of the ES`s security is considered as a crucial requirement for the enhancement of its security.
We have seen a variety of cities providing free wifi for their inhabitants. However, when providing the full Internet without authentication, you run the risk of criminal activities to happen using that free Wifi. When you run authentication, it makes access cumbersome. Thus, the idea is to provide free low-capacity Internet without authentication, which would allow you to only consume information (no file download, no gaming, no streaming/video). With the knowledge of risk assessment, the candidate should be able to evaluate the security of such an open access.
The Consumer Services of Norway (Forbrukerrådet) have established a report on privacy in Apps "App-Fail". In there they have found breach of privacy by apps. They identified a lack of "understandable privacy" as the main challenge.
The electric grid is undergoing changes. Natural resources like sun and wind contribute to the production of energy.
Previous work has established a Multi-Metrics (MM) Method for the analysis of measurable security and privacy. This MM approach is used in a.o. UNIK4750, and described more in IoTSec:T1.2. Some challenges of the method are related to the choice of metrics describing security functionality and their impact of the system. A further potential weakness is the dependency of system components, called "interconnection".
In this thesis, we are interested in the human aspect in security and privacy concerns in Internet of Things for smart grids. More precise, we will use case studies to find out exactly how humans can influence the security of the smart grid, and how humans perceive the privacy aspects.
Dat Tien Le is a PhD student in the ConSeRNS group under the supervision of Audun Jøsang, Einar Broch Johnsen, and Frank Eliassen.
In this talk, we will about the concept of design patterns but applied to security problems. Just think of how popular the concept of design pattern has become, i.e., look at the classic GOF book that won the Dahl-Nygaard prize. Now we see this applied to security problems. (See Abstrat in the long description.)
In this thesis, the author attempt to design a process that will help web application development companies produce more secure services. This is achieved by using a security standard relevant to the services these applications provide. Throughout the course of this thesis, the author attempts to highlight why this is needed, and how it will be achieved.
Semantic Attribute Based Access Control (SABAC) – Developing an Access Control solution for IoT Gateways applied to Smart Home Care
![Image may contain: text, font.](https://www.mn.uio.no/ifi/english/research/groups/psy/news/images/bestpaper-ifipsummerschool19.jpg?alt=listing)
The paper "Language-based mechanisms for Security-by-Design'' by Shukun Tokas, Olaf Owe, and Toktam Ramenzanifarkhani got the award for the "Best Paper" of the IFIP IFIP Summer School on Privacy and Identity Management.
This project aims at developing models and tools for automated or semi-automated classification and discovery of cyberthreats based on ontologies and semantic reasoning.
This projects involves a cases study and analysis of human users of a security ceremony; i.e., security protocol or procedure where the human is part of the protocol. The current on-line banking is an example, or the recent electronic voting procedure used in Norway. This topic is at the border of security and psychology. Your work will start from a recent paper [28] originating from the group of Ann Blandford.
See project link. Ask for discussions with one of the supervisors, for more information or variations of the project. See also general concerns.
This projects involves a cases study and analysis of human users of a modern information system, like IoT. This topic is at the border of computer science, psychology, cognitive sciences, and AI.
Ask for discussions with one of the supervisors, for more information or variations of the project. See also general concerns.