Privacy, Space and Time: a Survey on Privacy-Preserving Continuous Data Publishing

Sensors, portable devices, and location-based services, generate massive amounts of geo-tagged, and/or location- and user-related data on a daily basis. The manipulation of such data is useful in numerous application domains, e.g., healthcare, intelligent buildings, and traffic monitoring, to name a few. A high percentage of these data carry information of users\u27 activities and other personal details, and thus their manipulation and sharing arise concerns about the privacy of the individuals involved. To enable the secure—from the users\u27 privacy perspective—data sharing, researchers have already proposed various seminal techniques for the protection of users\u27 privacy. However, the continuous fashion in which data are generated nowadays, and the high availability of external sources of information, pose more threats and add extra challenges to the problem. In this survey, we visit the works done on data privacy for continuous data publishing, and report on the proposed solutions, with a special focus on solutions concerning location or geo-referenced data

Posljedice lažnih vijesti i dezinformacija za sigurnost zemalja članica i partnerskih zemalja NATO-a

Misuse of digital platforms for the dissemination of fake news and disinformation online is becoming an increasingly serious problem both for individual states and multilateral organizations. Alternative facts presented under the veil of awakening critical thinking, or false and purported information placed in the social media environment by state and non-state actors for their own purposes, have been disturbing the credibility of traditional fact-checking media outlets to present actual information to the public. Grasping the notion of parrhesia as part of the democratic free expression in a liberal society via social networks is now seriously questioning the common objective standards of truth. Deliberate interference with fake news and disinformation in contemporary democracies, especially during election campaigns, the use of anti-NATO narrative, particularly in countries with former communist regimes, and recent promotion of a false sense of security or insecurity about the Covid-19 pandemic, became an issue of major concern for the entire Alliance and its field work. Although in essence being a military organization with the aim to secure peace and stability in its wider area and promote its values globally, what the NATO has witnessed in the last decade is that peace and security in the traditional sense cannot be taken for granted. The emergence of modern non-military tactics by adversaries to destabilize member and partner countries require specific methods and approaches for deterrence and defense. This paper will analyze how these alternative facts affect both state and overall Alliance stability, possible implications on the diminishing public trust in state institutions, and actions needed to mitigate their effects.Zloupotreba digitalnih platformi za širenje lažnih vijesti i dezinformacija online postaje sve ozbiljniji problem i za pojedine države i za multilateralne organizacije. Alternativne činjenice predstavljene pod krinkom buđenja kritičkog mišljenja ili lažne i navodne informacije plasirane u društvene medije od strane državnih i nedržavnih aktera za vlastite potrebe, narušavaju vjerodostojnost tradicionalnih medija koji provjeravaju činjenice kako bi javnosti prezentirali stvarne informacije. Shvaćanje parezije kao dijela demokratskog slobodnog izražavanja u liberalnom društvu putem društvenih mreža ozbiljno dovodi u pitanje uobičajene objektivne standarde istine. Namjerno zadiranje u lažne vijesti i dezinformacije u suvremenim demokracijama, posebice tijekom izbornih kampanja, korištenje anti-NATO narativa, osobito u zemljama s bivšim komunističkim režimima, te promicanje lažnog osjećaja sigurnosti ili nesigurnosti, vrlo nedavno, u vezi s pandemijom Covida-19, postaju zabrinjavajuće pitanje za cijeli Savez i njihov terenski rad. Iako je u biti vojna organizacija s ciljem osiguranja mira i stabilnosti na svom širem području i promicanja svojih vrijednosti na globalnoj razini, ono čemu je NATO svjedočio u posljednjem desetljeću jest to da se mir i sigurnost u tradicionalnom smislu ne mogu uzeti zdravo za gotovo. Pojava suvremenih ne-vojnih taktika koje protivnici koriste za destabilizaciju zemalja članica i partnerskih zemalja zahtijeva specifične pristupe i mjere odvraćanja i obrane. Ovaj rad analizira kako te alternativne činjenice utječu na državnu stabilnost, kao i stabilnost čitavog Saveza, moguće implikacije na smanjenje povjerenja javnosti u državne institucije te radnje potrebne za ublažavanje takvih učinaka

An Integrated Framework for the Methodological Assurance of Security and Privacy in the Development and Operation of MultiCloud Applications

x, 169 p.This Thesis studies research questions about how to design multiCloud applications taking into account security and privacy requirements to protect the system from potential risks and about how to decide which security and privacy protections to include in the system. In addition, solutions are needed to overcome the difficulties in assuring security and privacy properties defined at design time still hold all along the system life-cycle, from development to operation.In this Thesis an innovative DevOps integrated methodology and framework are presented, which help to rationalise and systematise security and privacy analyses in multiCloud to enable an informed decision-process for risk-cost balanced selection of the protections of the system components and the protections to request from Cloud Service Providers used. The focus of the work is on the Development phase of the analysis and creation of multiCloud applications.The main contributions of this Thesis for multiCloud applications are four: i) The integrated DevOps methodology for security and privacy assurance; and its integrating parts: ii) a security and privacy requirements modelling language, iii) a continuous risk assessment methodology and its complementary risk-based optimisation of defences, and iv) a Security and Privacy Service Level AgreementComposition method.The integrated DevOps methodology and its integrating Development methods have been validated in the case study of a real multiCloud application in the eHealth domain. The validation confirmed the feasibility and benefits of the solution with regards to the rationalisation and systematisation of security and privacy assurance in multiCloud systems