The survey on Near Field Communication

PubMed ID: 26057043Near Field Communication (NFC) is an emerging short-range wireless communication technology that offers great and varied promise in services such as payment, ticketing, gaming, crowd sourcing, voting, navigation, and many others. NFC technology enables the integration of services from a wide range of applications into one single smartphone. NFC technology has emerged recently, and consequently not much academic data are available yet, although the number of academic research studies carried out in the past two years has already surpassed the total number of the prior works combined. This paper presents the concept of NFC technology in a holistic approach from different perspectives, including hardware improvement and optimization, communication essentials and standards, applications, secure elements, privacy and security, usability analysis, and ecosystem and business issues. Further research opportunities in terms of the academic and business points of view are also explored and discussed at the end of each section. This comprehensive survey will be a valuable guide for researchers and academicians, as well as for business in the NFC technology and ecosystem.Publisher's Versio

Privacy-Preserving Protocols for Vehicular Transport Systems

La present tesi es centra en la privadesa dels ciutadans com a usuaris de mitjans de transport vehiculars dins del marc d'una e-society. En concret, les contribucions de la tesi es focalitzen en les subcategories d'estacionament de vehicles privats en zones públiques regulades i en la realització de transbordaments entre línies intercomunicades en l'àmbit del transport públic. Una anàlisi acurada de les dades recopilades pels proveedors d'aquests serveis, sobre un determinat usuari, pot proporcionar informació personal sensible com per exemple: horari laboral, professió, hobbies, problemes de salut, tendències polítiques, inclinacions sexuals, etc. Tot i que existeixin lleis, com l'europea GDPR, que obliguin a utilitzar les dades recollides de forma correcta per part dels proveedors de serveis, ja sigui a causa d'un atac informàtic o per una filtració interna, aquestes dades poden ser utilitzades per finalitats il·legals. Per tant, el disseny protocols que garanteixin la privadesa dels ciutadans que formen part d'una e-society esdevé una tasca de gran importància.La presente tesis se centra en la privacidad de los ciudadanos en el transporte vehicular dentro del marco de una e-society. En concreto, las contribuciones de la tesis se centran en las subcategorías de estacionamiento de vehículos privados en zonas públicas reguladas y en la realización de transbordos entre líneas interconectadas en el ámbito del transporte público. Una análisi acurada de los datos recopilados por los proveedores de los servicios, sobre un determinado usuario, puede proporcionar información personal sensible como por ejemplo: horario laboral, profesión, hobbies, problemas de salud, tendencias políticas, inclinaciones sexuales, etc. A pesar que hay leyes, como la europea GDPR, que obligan a usar de forma correcta los datos recopilados por parte de los proveedores de servicios, ya sea por un ataque informático o por una filtración interna, estos datos pueden utilizarse para fines ilegales. Por lo tanto, es vital diseñar protocolos que garanticen la privacidad de los ciudadanos que forman parte de una e-society.This thesis is focused on the privacy of citizens while using vehicular transport systems within an e-society frame. Specifically, the thesis contributes to two subcategories. The first one refers to pay-by-phone systems for parking vehicles in regulated public areas. The second one is about the use of e-tickets in public transport systems allowing transfers between connecting lines. A careful analysis of data collected by service providers can provide sensitive personal information such as: work schedule, profession, hobbies, health problems, political tendencies, sexual inclinations, etc. Although the law, like the European GDPR, requires the correct use of the data collected by service providers, data can be used for illegal purposes after being stolen as a result of a cyber-attack or after being leaked by an internal dishonest employee. Therefore, the design of privacy-preserving solutions for mobility-based services is mandatory in the e-society

Security and Privacy of Radio Frequency Identification

Tanenbaum, A.S. [Promotor]Crispo, B. [Copromotor

Analysis and Design of Privacy-Enhancing Information Sharing Systems

Recent technological advancements have enabled the collection of large amounts of personal data of individuals at an ever-increasing rate. Service providers, organisations and governments can collect or otherwise acquire rich information about individuals’ everyday lives and habits from big data-silos, enabling profiling and micro-targeting such as in political elections. Therefore, it is important to analyse systems that allow the collection and information sharing between users and to design secure and privacy enhancing solutions. This thesis contains two parts. The aim of the first part is to investigate in detail the effects of the collateral information collection of third-party applications on Facebook. The aim of the second part is to analyse in detail the security and privacy issues of car sharing systems and to design a secure and privacy-preserving solution. In the first part, we present a detailed multi-faceted study on the collateral information collection privacy issues of Facebook applications; providers of third-party applications on Facebook exploit the interdependency between users and their friends. The goal is to (i) study the existence of the problem, (ii) investigate whether Facebook users are concerned about the issue, quantify its (iii) likelihood and (iv) impact of collateral information collection affecting users, (v) identify whether collateral information collection is an issue for the protection of the personal data of Facebook users under the legal framework, and (vi) we propose solutions that aim to solve the problem of collateral information collection. In order to investigate the views of the users, we designed a questionnaire and collected the responses of participants. Employing real data from the Facebook third-party applications ecosystem, we compute the likelihood of collateral information collection affecting users and quantify its significance evaluating the amount of attributes collected by such applications. To investigate whether collateral information collection is an issue in terms of users’ privacy we analysed the legal framework in light of the General Data Protection Regulation. To provide countermeasures, we propose a privacy dashboard extension that implements privacy scoring computations to enhance transparency towards collateral information collection