Quantum surveillance and 'shared secrets'. A biometric step too far? CEPS Liberty and Security in Europe, July 2010

It is no longer sensible to regard biometrics as having neutral socio-economic, legal and political impacts. Newer generation biometrics are fluid and include behavioural and emotional data that can be combined with other data. Therefore, a range of issues needs to be reviewed in light of the increasing privatisation of ‘security’ that escapes effective, democratic parliamentary and regulatory control and oversight at national, international and EU levels, argues Juliet Lodge, Professor and co-Director of the Jean Monnet European Centre of Excellence at the University of Leeds, U

The RFID PIA – developed by industry, agreed by regulators

This chapter discusses the privacy impact assessment (PIA) framework endorsed by the European Commission on February 11th, 2011. This PIA, the first to receive the Commission's endorsement, was developed to deal with privacy challenges associated with the deployment of radio frequency identification (RFID) technology, a key building block of the Internet of Things. The goal of this chapter is to present the methodology and key constructs of the RFID PIA Framework in more detail than was possible in the official text. RFID operators can use this article as a support document when they conduct PIAs and need to interpret the PIA Framework. The chapter begins with a history of why and how the PIA Framework for RFID came about. It then proceeds with a description of the endorsed PIA process for RFID applications and explains in detail how this process is supposed to function. It provides examples discussed during the development of the PIA Framework. These examples reflect the rationale behind and evolution of the text's methods and definitions. The chapter also provides insight into the stakeholder debates and compromises that have important implications for PIAs in general.Series: Working Papers on Information Systems, Information Business and Operation

Payments fraud: perception versus reality - a conference summary

The authors highlight key issues from the presentations, keynote addresses, and open floor discussions at the Federal Reserve Bank of Chicago's eighth annual Payments Conference. The conference's agenda appears at the end of this article.Fraud ; Payment systems

A Scalable Architecture for Electronic Payments

We present a scalable architecture for electronic retail payments via central bank digital currency and offer a solution to the perceived conflict between robust regulatory oversight and consumer affordances such as privacy and control. Our architecture combines existing work in payment systems and digital currency with a new approach to digital asset design for managing unforgeable, stateful, and oblivious assets without relying on either a central authority or a monolithic consensus system. Regulated financial institutions have a role in every transaction, and the consumer affordances are achieved through the use of non-custodial wallets that unlink the sender from the recipient in the transaction channel. This approach is fully compatible with the existing two-tiered banking system and can complement and extend the roles of existing money services businesses and asset custodians.Comment: 24 pages, 7 figures, 2 table

Proceedings of the 4th Student-STAFF Research Conference 2020 School of Computer Science and Engineering SSRC2020

This volume contains the proceedings of the 4th Student-STAFF Research Conference of the School of Computer Science and Engineering (SSRC2020). This is a traditional, annual forum which brings together, for an one-day intensive programme, established and young researchers from different areas of research, doctoral researchers, postgraduate and undergraduate alumni, and covers both traditional and emerging topics, disseminates achieved results or work in progress. During informal discussions at conference sessions, the attendees share their research findings with an open audience of academics, doctoral, postgraduate and undergraduate students. The SSRCS2020 was held on-line. The specifics of this year's conference was the participation of alumni from the Informatics Institute of Technology (IIT Sri Lanka) and Westminster International University in Tashkent (WIUT, Uzbekistan). The event met great interest - it had more than 200 on-line participants, with one session accommodating the audience of 156! The presenters whether they are established researchers or just at the start of their career, not only share their work but also gain invaluable feedback during the conference sessions. Twenty one abstracts of the Proceedings contributed by the speakers at the SSRC2020 are assembled in order of their presentation at the conference. The abstracts cover a wide spectre of topics including the development of on-line knowledge and learning repositories, data analysis, applications of machine learning in fraud detection, bankruptcy prediction, patients mortality, image synthesis, graph DB, image analysis for medical diagnostics, mobile app developments, user experience design, wide area networking, adaptive agent algorithms, plagiarism detection, process mining techniques for behavioural patterns, data mining for reablement, Cloud Computing, Networking and linguistic profiling

Digital Ecosystems: Ecosystem-Oriented Architectures

We view Digital Ecosystems to be the digital counterparts of biological ecosystems. Here, we are concerned with the creation of these Digital Ecosystems, exploiting the self-organising properties of biological ecosystems to evolve high-level software applications. Therefore, we created the Digital Ecosystem, a novel optimisation technique inspired by biological ecosystems, where the optimisation works at two levels: a first optimisation, migration of agents which are distributed in a decentralised peer-to-peer network, operating continuously in time; this process feeds a second optimisation based on evolutionary computing that operates locally on single peers and is aimed at finding solutions to satisfy locally relevant constraints. The Digital Ecosystem was then measured experimentally through simulations, with measures originating from theoretical ecology, evaluating its likeness to biological ecosystems. This included its responsiveness to requests for applications from the user base, as a measure of the ecological succession (ecosystem maturity). Overall, we have advanced the understanding of Digital Ecosystems, creating Ecosystem-Oriented Architectures where the word ecosystem is more than just a metaphor.Comment: 39 pages, 26 figures, journa

Key Requirements for the Detection and Sharing of Behavioral Indicators of Compromise

[EN] Cyber threat intelligence feeds the focus on atomic and computed indicators of compromise. These indicators are the main source of tactical cyber intelligence most organizations benefit from. They are expressed in machine-readable formats, and they are easily loaded into security devices in order to protect infrastructures. However, their usefulness is very limited, specially in terms of time of life. These indicators can be useful when dealing with non-advanced actors, but they are easily avoided by advanced ones. To detect advanced actor¿s activities, an analyst must deal with behavioral indicators of compromise, which represent tactics, techniques and procedures that are not as common as the atomic and computed ones. In this paper, we analyze why these indicators are not widely used, and we identify key requirements for successful behavioral IOC detection, specification and sharing. We follow the intelligence cycle as the arranged sequence of steps for a defensive team to work, thereby providing a common reference for these teams to identify gaps in their capabilities.Villalón-Huerta, A.; Ripoll-Ripoll, I.; Marco-Gisbert, H. (2022). Key Requirements for the Detection and Sharing of Behavioral Indicators of Compromise. Electronics. 11(3):1-20. https://doi.org/10.3390/electronics1103041612011