Privacy Design in Online Social Networks: Learning from Privacy Breaches and Community Feedback

The objective of this paper is to systematically develop privacy heuristics for Online Social Network Services (SNS). In order to achieve this, we provide an analytical framework in which we characterize privacy breaches that have occurred in SNS and distinguish different stakeholders’ perspectives. Although SNS have been criticized for numerous grave privacy breaches, they have also proven to be an interesting space in which privacy design is implemented and critically taken up by users. Community involvement in the discovery of privacy breaches as well as in articulating privacy demands points to possibilities in user-driven privacy design. In our analysis we take a multilateral security analysis approach and identify conflicts in privacy interests and list points of intervention and negotiation. In our future research, we plan to validate the usefulness as well as the usability of these heuristics and to develop a framework for privacy design in SNS

Tutorial: Identity Management Systems and Secured Access Control

Identity Management has been a serious problem since the establishment of the Internet. Yet little progress has been made toward an acceptable solution. Early Identity Management Systems (IdMS) were designed to control access to resources and match capabilities with people in well-defined situations, Today’s computing environment involves a variety of user and machine centric forms of digital identities and fuzzy organizational boundaries. With the advent of inter-organizational systems, social networks, e-commerce, m-commerce, service oriented computing, and automated agents, the characteristics of IdMS face a large number of technical and social challenges. The first part of the tutorial describes the history and conceptualization of IdMS, current trends and proposed paradigms, identity lifecycle, implementation challenges and social issues. The second part addresses standards, industry initia-tives, and vendor solutions. We conclude that there is disconnect between the need for a universal, seamless, trans-parent IdMS and current proposed standards and vendor solutions

Privacy Preserving Cryptographic Protocols for Secure Heterogeneous Networks

Disertační práce se zabývá kryptografickými protokoly poskytující ochranu soukromí, které jsou určeny pro zabezpečení komunikačních a informačních systémů tvořících heterogenní sítě. Práce se zaměřuje především na možnosti využití nekonvenčních kryptografických prostředků, které poskytují rozšířené bezpečnostní požadavky, jako je například ochrana soukromí uživatelů komunikačního systému. V práci je stanovena výpočetní náročnost kryptografických a matematických primitiv na různých zařízeních, které se podílí na zabezpečení heterogenní sítě. Hlavní cíle práce se zaměřují na návrh pokročilých kryptografických protokolů poskytujících ochranu soukromí. V práci jsou navrženy celkově tři protokoly, které využívají skupinových podpisů založených na bilineárním párování pro zajištění ochrany soukromí uživatelů. Tyto navržené protokoly zajišťují ochranu soukromí a nepopiratelnost po celou dobu datové komunikace spolu s autentizací a integritou přenášených zpráv. Pro navýšení výkonnosti navržených protokolů je využito optimalizačních technik, např. dávkového ověřování, tak aby protokoly byly praktické i pro heterogenní sítě.The dissertation thesis deals with privacy-preserving cryptographic protocols for secure communication and information systems forming heterogeneous networks. The thesis focuses on the possibilities of using non-conventional cryptographic primitives that provide enhanced security features, such as the protection of user privacy in communication systems. In the dissertation, the performance of cryptographic and mathematic primitives on various devices that participate in the security of heterogeneous networks is evaluated. The main objectives of the thesis focus on the design of advanced privacy-preserving cryptographic protocols. There are three designed protocols which use pairing-based group signatures to ensure user privacy. These proposals ensure the protection of user privacy together with the authentication, integrity and non-repudiation of transmitted messages during communication. The protocols employ the optimization techniques such as batch verification to increase their performance and become more practical in heterogeneous networks.

Penerapan Midtrans sebagai Sistem Verifikasi Pembayaran pada Website iPanda

E-commerce erat kaitannya dengan pembelian dan pembayaran yang mudah serta praktis. Pada website penjualan hosting dan domain iPanda, pembayaran adalah hal yang sangat penting dalam menunjang kegiatan transaksi penjualan hosting serta domain. Terdapat 2 (dua) permasalahan dalam penelitian ini diantaranya transaksi yang berjalan saat ini masih menggunakan uang tunai atau konvensional serta laporan yang belum terdata dengan baik. Namun, sistem pembayaran pada iPanda yang berjalan pada Perguruan Tinggi tidak mudah dan fleksibel, selain itu untuk pendataan transaksi masih semi komputerisasi. Sehingga cara ini tidak efisien karena menyulitkan pembeli dalam melakukan pembayaran serta pendataan pembelian dapat tidak sesuai. Dalam menyelesaikan masalah tersebut, peneliti menggunakan payment gateway Midtrans. Dengan menggunakan metode SWOT, penelitian payment gateway pada e-commerce dan 5 (lima) studi pustaka peneliti dapat mengatasi persoalan tersebut. Peneliti mengharapkan dari penelitian tersebut dengan adanya sistem pembayaran dengan payment gateway berbasis Midtrans bagi website penjualan hosting dan domain iPanda dapat menjadikan sistem pembayaran yang lebih mudah, efisien dan terdokumentasikan dengan baik. Serta kemudahan bagi mahasiswa, dosen dan pihak lain dalam melakukan proses transaksi hosting dan domain

DevOps for Trustworthy Smart IoT Systems

ENACT is a research project funded by the European Commission under its H2020 program. The project consortium consists of twelve industry and research member organisations spread across the whole EU. The overall goal of the ENACT project was to provide a novel set of solutions to enable DevOps in the realm of trustworthy Smart IoT Systems. Smart IoT Systems (SIS) are complex systems involving not only sensors but also actuators with control loops distributed all across the IoT, Edge and Cloud infrastructure. Since smart IoT systems typically operate in a changing and often unpredictable environment, the ability of these systems to continuously evolve and adapt to their new environment is decisive to ensure and increase their trustworthiness, quality and user experience. DevOps has established itself as a software development life-cycle model that encourages developers to continuously bring new features to the system under operation without sacrificing quality. This book reports on the ENACT work to empower the development and operation as well as the continuous and agile evolution of SIS, which is necessary to adapt the system to changes in its environment, such as newly appearing trustworthiness threats

State-of-the-Art in Data Integrity and Privacy-Preserving in Cloud Computing

Cloud computing (CC) is a fast-growing technology that offers computers, networking, and storage services that can be accessed and used over the internet. Cloud services save users money because they are pay-per-use, and they save time because they are on-demand and elastic, a unique aspect of cloud computing. However, several security issues must be addressed before users store data in the cloud. Because the user will have no direct control over the data that has been outsourced to the cloud, particularly personal and sensitive data (health, finance, military, etc.), and will not know where the data is stored, the user must ensure that the cloud stores and maintains the outsourced data appropriately. The study's primary goals are to make the cloud and data security challenges more understandable, to briefly explain the techniques used to achieve privacy and data integrity, to compare various recent studies in both pre-quantum and post-quantum, and to focus on current gaps in solving privacy and data integrity issues

Privacy of the Internet of Things: A Systematic Literature Review

The Internet of Things’ potential for major privacy invasion is a concern. This paper reports on a systematic literature review of privacy-preserving solutions appearing in the research literature and in the media. We analysed proposed solutions in terms of the techniques they deployed and the extent to which they satisfied core privacy principles. We found that very few solutions satisfied all core privacy principles. We also identified a number of key knowledge gaps in the course of the analysis. In particular, we found that most solution providers assumed that end users would be willing to expend effort to preserve their privacy; that they would be motivated to take action to ensure that their privacy was respected. The validity of this assumption needs to be proved, since it cannot simply be assumed that people would necessarily be willing to engage with privacy-preserving solutions. We suggest this as a topic for future research

Security in Context-aware Mobile Business Applications

The support of location computation on mobile devices (e.g. mobile phones, PDAs) has enabled the development of context-aware and especially location-aware applications (e.g. Restaurant Finder, Friend Finder) which are becoming the new trend for future software applications. However, fears regarding security and privacy are the biggest barriers against their success. Especially, mobile users are afraid of the possible threats against their private identity and personal data. Within the M-Business research group at the University of Mannheim, various security and privacy aspects of context-aware mobile business applications are examined in this thesis. After providing a detailed introduction to context-aware applications, the security challenges of context-aware applications from the perspectives of different principals (i.e. mobile users, the broker, service providers) are analyzed. The privacy aspects, the challenges, the threats and legal directives regarding user privacy are explained and illustrated by real-life examples. The user-centric security architectures integrated within context-aware applications are introduced as anonymity and mobile identity management solutions. The M-Business security architecture providing security components for communication security, dynamic policy-based anonymity, secure storage on mobile devices, identity management for mobile users and cryptography libraries is explained in detail. The LaCoDa compiler which automatically generates final Java code from high level specifications of security protocols is introduced as a software-centric solution for preventing developer-specific security bugs in applications