Information security | EPFL Graph Search

Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorized or inappropriate access to data or the unlawful use, disclosure, disruption, deletion, corruption, modification, inspection, recording, or devaluation of information. It also involves actions intended to reduce the adverse impacts of such incidents. Protected information may take any form, e.g., electronic or physical, tangible (e.g., paperwork), or intangible (e.g., knowledge). Information security's primary focus is the balanced protection of data confidentiality, integrity, and availability (also known as the CIA triad) while maintaining a focus on efficient policy implementation, all without hampering organization productivity. This is largely achieved through a structured risk management process that involves:

Identifying information

Gaussian channel transmission of images and audio files using cryptcoding

Vladimir Ilievski

Random codes based on quasigroups (RCBQ) are cryptcodes, i.e. they are error-correcting codes, which provide information security. Cut-Decoding and 4-Sets-Cut-Decoding algorithms for these codes are defined elsewhere. Also, the performance of these codes for the transmission of text messages is investigated elsewhere. In this study, the authors investigate the RCBQ's performance with Cut-Decoding and 4-Sets-Cut-Decoding algorithms for transmission of images and audio files through a Gaussian channel. They compare experimental results for both coding/decoding algorithms and for different values of signal-to-noise ratio. In all experiments, the differences between the transmitted and decoded image or audio file are considered. Experimentally obtained values for bit-error rate and packet error rate and the decoding speed of both algorithms are compared. Also, two filters for enhancing the quality of the images decoded using RCBQ are proposed.

2019

Scalable intelligent electronic catalogs

Marc Torrens Arnal

The world today is full of information systems which make huge quantities of information available. This incredible amount of information is clearly overwhelming Internet endusers. As a consequence, intelligent tools to identify worthwhile information are needed, in order to fully assist people in finding the right information. Moreover, most systems are ultimately used, not just to provide information, but also to solve problems. Encouraged by the growing popular success of Internet and the enormous business potential of electronic commerce, e-catalogs have been consolidated as one of the most relevant types of information systems. Nearly all currently available electronic catalogs are offering tools for extracting product information based on key-attribute filtering methods. The most advanced electronic catalogs are implemented as recommender systems using collaborative filtering techniques. This dissertation focuses on strategies for coping with the difficulty of building intelligent catalogs which fully support the user in his purchase decision-making process, while maintaining the scalability of the whole system. The contributions of this thesis lie on a mixed-initiative system which is inspired by observations on traditional commerce activities. Such a conversational model consists basically of a dialog between the customer and the system, where the user criticizes proposed products and the catalog suggests new products accordingly. Constraint satisfaction techniques are analyzed in order to provide a uniform framework for modeling electronic catalogs for configurable products. Within the same framework, user preferences and optimization constraints are also easily modeled. Searching strategies for proposing the adequate products according to criteria are described in detail. Another dimension of this dissertation faces the problem of scalability, i.e., the problem of supporting hundreds, or thousands of users simultaneously using intelligent electronic catalogs. Traditional wisdom would presume that in order to provide full assistance to users in complex tasks, the business logic of the system must be complex, thus preventing scalability. SmartClient is a software architectural model that uses constraint satisfaction problems for representing solution spaces, instead of traditional models which represent solution spaces by collections of single solutions. This main idea is supported by the fact that constraint solvers are extreme in their compactness and simplicity, while providing sophisticated business logic. Different SmartClient architecture configurations are provided for different uses and architectural requirements. In order to illustrate the use of constraint satisfaction techniques for complex electronic catalogs with the SmartClient architecture, a commercial Internet-based application for travel planning, called reality, has been successfully developed. Travel planning is a particularly appropriate domain for validating the results of this research, since travel information is dynamic, travel planning problems are combinatorial, and moreover, complex user preferences and optimization constraints must be taken into consideration.

EPFL2003

Three Essays on Corporate Disclosure

Evgeny Petrov

Corporate disclosure is the most important source of information about the firm for the outside investors. While some disclosure of public firms is mandated by regulation, firm managers can provide extra information at their discretion by making voluntary disclosures. On the other hand, even the reports required by regulation can be disclosed untruthfully. This thesis is structured in three chapters, each addressing a specific issue in voluntary disclosure and misreporting. In the first chapter, titled

Voluntary Disclosure and Informed Trading'', I study the impact of informed trading on voluntary corporate disclosure in the presence of two frictions: cost of disclosure and value of manager's information. In the absence of both frictions, informed trading has no impact on disclosure even when traders are not certain whether the manager has information. If disclosure is costly, then informed trading reduces disclosure. Since traders can discover favorable information about the firm, additional disclosure of the information is not necessary. If manager's information is valuable for the firm, then informed trading increases disclosure. Since traders can discover unfavorable information about the firm, the manager with such information has less incentives to pool with uninformed managers and discloses to show that he is informed. I also show that informed trading can have both a positive and a negative real effect on the firm value by crowding in or crowding out information production in the firm. These results hold for general information structures and are robust if traders can choose how much information to acquire. The second chapter, titled

Misreporting and Feedback Effect'' and co-authored with Prof. Hui Chen of the University of Zurich, studies the incentives of firms to misreport information in the presence of feedback effect from financial markets. Stock price often provides firms with new information, which can be used in the firms' subsequent real decisions. We examine how this informational feedback from the financial market affects a myopic firm manager's incentive to misreport, and how the misreporting further affects the firm's price and value. We find that the manager overstates his report more in the presence of feedback, but this misreporting brings forth both positive price and real effects for the firm. Intuitively, overstating the report encourages information production in the market because (a) it renders accounting reports less reliable as a source of information, and (b) investors expect higher trading profits from larger capital investment. The new incremental information improves investment efficiency when it is revealed to the firm manager through trading and used in the firm's subsequent investment decisions. As a consequence, the capital investment is higher when there is feedback effect. In the third chapter, titled ``Voluntary Disclosure and Margin Constraints'', I develop a dynamic model of voluntary corporate disclosure that explains clustering of negative announcements observed in practice. A manager may receive a signal about the firm's asset value and can disclose it to traders with margin constraints. I show that the manager postpones delivery of a negative signal until the margin constraints tighten. In contrast to previous studies, the clustering of announcements happens even if there are no negative updates in traders' beliefs about the firm value.

EPFL2017