Data leak or data breach is a serious problem of global scale. at the moment it is of increased interest in Ukraine which is caused by unstable political and economic situation. Analysing the most interesting cases of losses, leaks and theft of data can help find the most effective solutions that could be applied to solve the problem of personal data protection in our country
International audience ; Imagine that you have been entrusted with private data, such as corporate product information, sensitive government information, or symptom and treatment information about hospital patients. You may want to issue queries whose result will combine private and public data, but private data must not be revealed. GhostDB is an architecture and system to achieve this. You carry private data in a smart USB key (a large Flash persistent store combined with a tamper and snoop-resistant CPU and small RAM). When the key is plugged in, you can issue queries that link private and public data and be sure that the only information revealed to a potential spy is which queries you pose. Queries linking public and private data entail novel distributed processing techniques on extremely unequal devices (standard computer and smart USB key). This paper presents the basic framework to make this all work intuitively and efficiently.
International audience ; Imagine that you have been entrusted with private data, such as corporate product information, sensitive government information, or symptom and treatment information about hospital patients. You may want to issue queries whose result will combine private and public data, but private data must not be revealed. GhostDB is an architecture and system to achieve this. You carry private data in a smart USB key (a large Flash persistent store combined with a tamper and snoop-resistant CPU and small RAM). When the key is plugged in, you can issue queries that link private and public data and be sure that the only information revealed to a potential spy is which queries you pose. Queries linking public and private data entail novel distributed processing techniques on extremely unequal devices (standard computer and smart USB key). This paper presents the basic framework to make this all work intuitively and efficiently.
Special thanks to David Satter, Raphael Satter, and the Open Society Foundations for cooperating and providing us with materials necessary to conduct the investigation. Thanks to the Citizen Lab team who provided review and assistance, especially Bill Marczak, Masashi Crete-Nishihata, Etienne Maynier, Adam Senft, Irene Poetranto, and Amitpal Singh. We would like to thank additional researchers for comments and feedback including Jen Weedon, Alberto Fittarelli, Exigent Petrel and TNG. ; Documents stolen from a prominent journalist and critic of the Russian government were manipulated and then released as a "leak" to discredit domestic and foreign critics of the government. We call this technique "tainted leaks." ; Support for Citizen Lab's research on targeted threats comes from the John D. and Catherine T. MacArthur Foundation, the Open Society Foundations, the Oak Foundation, Sigrid Rausing Trust, and the Ford Foundation.
Trends in Practical Applications of Heterogeneous Multi-Agent Systems. The PAAMS Collection. ; This paper presents an autonomous agent for gas leak source detec-tion. The main objective of the robot is to estimate the localization of the gas leak source in an indoor environment without any human intervention. The agent implements an SLAM procedure to scan and map the indoor area. The mobile robot samples gas concentrations with a gas and a wind sensor in order to estimate the source of the gas leak. The mobile robot agent will use the in-formation obtained from the onboard sensors in order to define an efficient scanning path. This paper describes the measurement results obtained in a long corridor with a gas leak source placed close to a wall. ; This work was partially funded by the Spanish Ministery of Economy and Competitivity, Plan Nacional de Investigación Científica, Desarrollo e Innovación Tecnológica: TEC2011-26143, and by the Government of Catalonia (Comisionat per a Universitats i Recerca, Departament d'Innovació, Universitats i Empresa) and the European Social Fund.
International audience ; Nowadays, digital communications are pervasive and as such, they carry a huge amount of both professional and private information all around the world. Given the knowledge that can be extracted from such information, its confidentiality is of utmost importance for both companies and individuals. Recent news related to massive breaches of privacy by both external actors such as government agencies, rogue teams, and internal actors such as communication services providers (i.e., Google, Apple, Facebook, Microsoft, Amazon) have exacerbated the need for more secure communication technologies. Although message content can be encrypted end-to-end by so-called off-the-record techniques, message metadata such as sender, recipient, time sent and size can still leak a lot of information about communicating parties. Oblivious RAM (ORAM) systems form a promising new branch of research for hiding such metadata from the hosting servers, but they have not yet been deployed in production environments. Due to their complexity and performance penalty, they can currently be used only for very simple client-server applications such as instant messaging (IM). In this context, we show that accessing metadata on a messaging server can leak information that could be concealed by ORAM systems. More specifically, we show the differences observed in metadata collection between a classic XMPP server and two ORAM-based servers. In order to assess those systems , we have designed a new attack based on live forensic techniques in order to retrieve metadata from the RAM of a running IM server. We have used two datasets of instant messages for carrying out this assessment. Our experimental attack setup can highlight the leak of metadata from a standard messaging server and can also be used for testing the security of an ORAM-based messaging server.
International audience ; Nowadays, digital communications are pervasive and as such, they carry a huge amount of both professional and private information all around the world. Given the knowledge that can be extracted from such information, its confidentiality is of utmost importance for both companies and individuals. Recent news related to massive breaches of privacy by both external actors such as government agencies, rogue teams, and internal actors such as communication services providers (i.e., Google, Apple, Facebook, Microsoft, Amazon) have exacerbated the need for more secure communication technologies. Although message content can be encrypted end-to-end by so-called off-the-record techniques, message metadata such as sender, recipient, time sent and size can still leak a lot of information about communicating parties. Oblivious RAM (ORAM) systems form a promising new branch of research for hiding such metadata from the hosting servers, but they have not yet been deployed in production environments. Due to their complexity and performance penalty, they can currently be used only for very simple client-server applications such as instant messaging (IM). In this context, we show that accessing metadata on a messaging server can leak information that could be concealed by ORAM systems. More specifically, we show the differences observed in metadata collection between a classic XMPP server and two ORAM-based servers. In order to assess those systems , we have designed a new attack based on live forensic techniques in order to retrieve metadata from the RAM of a running IM server. We have used two datasets of instant messages for carrying out this assessment. Our experimental attack setup can highlight the leak of metadata from a standard messaging server and can also be used for testing the security of an ORAM-based messaging server.
Hydrogen is being widely promoted as the future primary energy carrier to replace current hydrocarbon fuels. Governments and industries are investing in research and development programs to develop hydrogen production, transport and storage technologies. In addition, hydrogen gas is currently used in chemical processing and aerospace applications. Hydrogen gas is combustible with a wide flammability range of about 4 to 75 percent, a low ignition energy, and a low gas density. With the expanding application of hydrogen gas coupled with its highly combustible nature, focus must be placed on safety. Detection and monitoring technologies are needed which can provide low limits of detection, high sensitivity, a wide detection range, fast response times and ease of implementation to ensure public safety. Hydrogen sensors are of increasing importance in connection with the development and expanded use of hydrogen gas as an energy carrier and as a chemical reactant. Also they are essential to facilitate the detection of accidental hydrogen releases wherever hydrogen will be produced, distributed, stored, and used. This thesis highlights the importance of hydrogen sensing regarding the safety and reliability. The first chapter describes and classifies the different types of hydrogen sensors and the technology behind them. Characteristic performance parameters of these sensor types, such as measuring range, sensitivity, selectivity and response time are reviewed. In the second chapter the methods of the tests performed on the commercially available hydrogen sensors are described. Parameters such us detection limits and response times are measured and the advantages and disadvantages of those sensors are written down. In the third chapter new hydrogen detecting technologies will be mentioned either available in the market or under development and afterwards we will refer to the improvements of knowledge on hydrogen safety, according to the standards and guidelines of the International Energy Agency's Hydrogen Implementing Agreement. Regulations will be also mentioned. The fourth chapter describes the framework of the Hydrogen Safety Engineering (H2SE) profession which is defined as an application of scientific and engineering principles to the protection of life, property and environment from adverse effects of incidents/accidents involving hydrogen. Finally a reliable and comprehensive safety risk analysis model has been developed. In the fifth chapter of this thesis there is a summary with the conclusions deducted of this work.
In der Nacht vom letzten Sonntag wurde, größtenteils unbemerkt von der deutschen Presseöffentlichkeit, der italienische Softwareanbieter Hacking Team gehackt und über 400gb seiner internen Daten im Netz verteilt. Die Daten umfassen alles: E-Mails der Firmenleitung, der Programmierer und des Verkaufspersonals, interne Dokumente und Verträge und den kompletten Programmcode. Die Reaktion der Netzgemeinde war die umfassender Schadenfreude: Hacking Team stellt Spionage- und Überwachungssoftware her und verkauft diese weltweit an Regierungen – gerne auch solchen der autoritären Art. Diese Software wurde, wie die Leaks nun zeigen, tatsächlich zur Bekämpfung von Oppositionspolitikern und Menschenrechtsaktivisten eingesetzt, etwa in Äthiopien oder Sudan. Nicht umsonst führen Reporter ohne Grenzen Hacking Team in ihrer Liste der Feinde des Internets. Der Leak zeigt, dass die von diversen NGOs und Forschern, allen voran das Citizen Lab, geäußerten Vorwürfe stimmen: Hacking Team unterstützt autoritäre Regimes in Ihrem Kampf gegen Oppositionelle und ignoriert dabei auch Sanktionen, in dem es etwa an den Sudan oder Russland verkauft.
National audience ; Imagine that you have been entrusted with private data, such as corporate product information, sensitive government information, or symptom and treatment information about hospital patients. You may want to issue queries whose result will combine private and public data, but private data must not be revealed. GhostDB is an architecture and system to achieve this. You carry private data in a smart USB key (a large Flash persistent store combined with a tamper and snoop-resistant CPU and small RAM). When the key is plugged in, you can issue queries that link private and public data and be sure that the only information revealed to a potential spy is which queries you pose. Queries linking public and private data entail novel distributed processing techniques on extremely unequal devices (standard computer and smart USB key). This paper presents the basic framework to make this all work intuitively and efficiently.
National audience ; Imagine that you have been entrusted with private data, such as corporate product information, sensitive government information, or symptom and treatment information about hospital patients. You may want to issue queries whose result will combine private and public data, but private data must not be revealed. GhostDB is an architecture and system to achieve this. You carry private data in a smart USB key (a large Flash persistent store combined with a tamper and snoop-resistant CPU and small RAM). When the key is plugged in, you can issue queries that link private and public data and be sure that the only information revealed to a potential spy is which queries you pose. Queries linking public and private data entail novel distributed processing techniques on extremely unequal devices (standard computer and smart USB key). This paper presents the basic framework to make this all work intuitively and efficiently.
Trabajo presentado a la 15th European Control Conference (ECC) celebrada en Aalborg (Dinamarca) del 29 de junio al 1 de julio de 2016. ; This paper presents a new method for leak localization in Water Distribution Networks that uses a model-based approach combined with Bayesian reasoning. Probability density functions in model-based pressure residuals are calibrated off-line for all the possible leak scenarios by using a hydraulic simulator, being leak size uncertainty, demand uncertainty and sensor noise considered. A Bayesian reasoning is applied online to the available residuals to determine the location of leaks present in the Water Distribution Network. A time horizon method combined with the Bayesian reasoning is also proposed to improve the accuracy of the leak localization method. The Hanoi District Metered Area case study is used to illustrate the performance of the proposed approach. ; This work has been partially funded by Spanish Government (Ministerio de Economia y Competitividad) and FEDER through the Project ECOCIS (Ref. DPI2013-48243-C2-1-R) and Project HARCRICS (Ref. DPI2014-58104-R), and by EFFINET grant FP7-ICT-2012-318556 of the European Commission. ; Peer Reviewed
Artigo publicado em revista científica internacional ; On 3 April 2016, Mossack Fonseca provided the historically most significant leak of its shareholder's data for owning offshore companies. Shareholders include many political and influential figures around the globe, which causes a moral hazard. The study analyses the effects of Panama leak events on five stock exchanges to ensure the market efficiency and investor perception related to the Panama leaks. Event study methodology is used on five occasions associated with Panama papers, i.e., the resignation of the Prime Minister of Iceland on 5 April 2016, Jurgen Mossack's resignation on 7 April 2016, the resignation of the Spanish Minister of Industry on 15 April 2016, the 450 personalities of Pakistan that were nominated in Panama papers on 15 April 2016, and the formation of an inquiry commission to inquire into the matter. The market efficiency of five stock exchanges was checked, i.e., the KSE 100 of Pakistan, the OMXIPI exchange of Iceland, the IBEX 35 of Spain, the New York stock exchange (NYSE), and S&P 500. The market remains efficient for most events and investor behaviour changes for one or two days around the event day (this event has concise term significant abnormal returns in all stock exchanges or concise term significant abnormal macroeconomic effects are observed in all stock exchanges). ; info:eu-repo/semantics/publishedVersion
On 3 April 2016, Mossack Fonseca provided the historically most significant leak of its shareholder's data for owning offshore companies. Shareholders include many political and influential figures around the globe, which causes a moral hazard. The study analyses the effects of Panama leak events on five stock exchanges to ensure the market efficiency and investor perception related to the Panama leaks. Event study methodology is used on five occasions associated with Panama papers, i.e., the resignation of the Prime Minister of Iceland on 5 April 2016, Jurgen Mossack's resignation on 7 April 2016, the resignation of the Spanish Minister of Industry on 15 April 2016, the 450 personalities of Pakistan that were nominated in Panama papers on 15 April 2016, and the formation of an inquiry commission to inquire into the matter. The market efficiency of five stock exchanges was checked, i.e., the KSE 100 of Pakistan, the OMXIPI exchange of Iceland, the IBEX 35 of Spain, the New York stock exchange (NYSE), and S&P 500. The market remains efficient for most events and investor behaviour changes for one or two days around the event day (this event has concise term significant abnormal returns in all stock exchanges or concise term significant abnormal macroeconomic effects are observed in all stock exchanges).