Safe H-KaaS: uma estratégia para proteção contra violação de conhecimento em kaas no domínio da e-saúde
Ano de defesa: | 2020 |
---|---|
Autor(a) principal: | |
Orientador(a): | |
Banca de defesa: | |
Tipo de documento: | Dissertação |
Tipo de acesso: | Acesso aberto |
Idioma: | por |
Instituição de defesa: |
Universidade Federal da Paraíba
Brasil Informática Programa de Pós-Graduação em Informática UFPB |
Programa de Pós-Graduação: |
Não Informado pela instituição
|
Departamento: |
Não Informado pela instituição
|
País: |
Não Informado pela instituição
|
Palavras-chave em Português: | |
Link de acesso: | https://repositorio.ufpb.br/jspui/handle/123456789/18188 |
Resumo: | As a way of solving problems related to the proper access and distribution of knowledge in the medical field, the architectures based on Knowledge-as-a-Service paradigm (KaaS) emerged, with growing commercial and research interest. However, behind the large amount of benefits brought by them, such knowledge distribution services have a critical vulnerability to its users and maintainers of knowledge, called knowledge breaching. Considering the above, the development of this research aims to contribute to the creation of a strategy to mitigate centralized knowledge breaching attacks in knowledge providing services, called Safe H-KaaS, based on machine learning and incorporated as proxy, focused on easy use, agnosticism of the solution regarding the service defended and maintenance of the quality of service and user experience. In addition, a guideline is presented and used for the correct configuration of the defense mechanism based on the context and information about the defended service, in search of a tradeoff that guarantees the security of the knowledge provided, while preserving the user's experience quality. Both the existence of the vulnerability and its severity, as well as the proposed methodology and its effectiveness, are evaluated through a case study with a KaaS in the nephrology domain, by that, demonstrating the viability of the method in the protection of knowledge distribution services. |