Electronic security - risk mitigation in financial transactions : public policy issues

This paper builds on a previous series of papers (see Claessens, Glaessner, and Klingebiel, 2001, 2002) that identified electronic security as a key component to the delivery of electronic finance benefits. This paper and its technical annexes (available separately at http://www1.worldbank.org/finance/) identify and discuss seven key pillars necessary to fostering a secure electronic environment. Hence, it is intended for those formulating broad policies in the area of electronic security and those working with financial services providers (for example, executives and management). The detailed annexes of this paper are especially relevant for chief information and security officers responsible for establishing layered security. First, this paper provides definitions of electronic finance and electronic security and explains why these issues deserve attention. Next, it presents a picture of the burgeoning global electronic security industry. Then it develops a risk-management framework for understanding the risks and tradeoffs inherent in the electronic security infrastructure. It also provides examples of tradeoffs that may arise with respect to technological innovation, privacy, quality of service, and security in designing an electronic security policy framework. Finally, it outlines issues in seven interrelated areas that often need attention in building an adequate electronic security infrastructure. These are: 1) The legal framework and enforcement. 2) Electronic security of payment systems. 3) Supervision and prevention challenges. 4) The role of private insurance as an essential monitoring mechanism. 5) Certification, standards, and the role of the public and private sectors. 6) Improving the accuracy of information on electronic security incidents and creating better arrangements for sharing this information. 7) Improving overall education on these issues as a key to enhancing prevention.Knowledge Economy,Labor Policies,International Terrorism&Counterterrorism,Payment Systems&Infrastructure,Banks&Banking Reform,Education for the Knowledge Economy,Knowledge Economy,Banks&Banking Reform,International Terrorism&Counterterrorism,Governance Indicators

An investigation of issues of privacy, anonymity and multi-factor authentication in an open environment

This thesis performs an investigation into issues concerning the broad area ofIdentity and Access Management, with a focus on open environments. Through literature research the issues of privacy, anonymity and access control are identified. The issue of privacy is an inherent problem due to the nature of the digital network environment. Information can be duplicated and modified regardless of the wishes and intentions ofthe owner of that information unless proper measures are taken to secure the environment. Once information is published or divulged on the network, there is very little way of controlling the subsequent usage of that information. To address this issue a model for privacy is presented that follows the user centric paradigm of meta-identity. The lack of anonymity, where security measures can be thwarted through the observation of the environment, is a concern for users and systems. By an attacker observing the communication channel and monitoring the interactions between users and systems over a long enough period of time, it is possible to infer knowledge about the users and systems. This knowledge is used to build an identity profile of potential victims to be used in subsequent attacks. To address the problem, mechanisms for providing an acceptable level of anonymity while maintaining adequate accountability (from a legal standpoint) are explored. In terms of access control, the inherent weakness of single factor authentication mechanisms is discussed. The typical mechanism is the user-name and password pair, which provides a single point of failure. By increasing the factors used in authentication, the amount of work required to compromise the system increases non-linearly. Within an open network, several aspects hinder wide scale adoption and use of multi-factor authentication schemes, such as token management and the impact on usability. The framework is developed from a Utopian point of view, with the aim of being applicable to many situations as opposed to a single specific domain. The framework incorporates multi-factor authentication over multiple paths using mobile phones and GSM networks, and explores the usefulness of such an approach. The models are in tum analysed, providing a discussion into the assumptions made and the problems faced by each model.Adobe Acrobat Pro 9.5.1Adobe Acrobat 9.51 Paper Capture Plug-i

Large-scale Biometrics Deployment in Europe: Identifying Challenges and Threats

With large-scale biometrics deployment in the EU still in its infancy and with stakeholders racing to position themselves in view of the lucrative market that is forecasted, a study to identify challenges and threats that need to be dealt with was launched. This is the result: a report on Biometrics large-scale Deployment in Europe. The report tackles three main issues namely, the status, security / privacy and testing / certification processes. A survey was launched so as to help reveal the actual status of Biometrics large-scale Deployment initiatives in EU. The main outcome of the survey was that an open dissemination of implementation results policy is needed mainly on deployment plans, strategies, barriers and best practices. The security/ privacy challenges study identified a number of issues, the most important of which were related to proportionality and compliance to the existing regulatory framework while at the same time it revealed an important number of related actions aiming at ensuring both data security and privacy. The aim of the Bio Testing Europe study was double: to identify and collect comparable and certified results under different technologies, vendors and environments situations and to feed in this information to animate discussion among the members of a European network which would enhance the European testing and certification capacity. The study presents an integrated picture of the identified issues as well as a number of recommendations. With some of the systems that are being implemented involving millions of individuals as target users it is important for policy makers to adopt some of the options presented so as to address the identified through the study challengesJRC.J.4-Information Societ

Tools and techniques for security and privacy of big data: Healthcare system as a case study

As a case study, this Master thesis will also review the state-of-the-art of security and privacy issues in big data as applied to healthcare industry

An architecture for secure data management in medical research and aided diagnosis

Programa Oficial de Doutoramento en Tecnoloxías da Información e as Comunicacións. 5032V01[Resumo] O Regulamento Xeral de Proteccion de Datos (GDPR) implantouse o 25 de maio de 2018 e considerase o desenvolvemento mais importante na regulacion da privacidade de datos dos ultimos 20 anos. As multas fortes definense por violar esas regras e non e algo que os centros sanitarios poidan permitirse ignorar. O obxectivo principal desta tese e estudar e proponer unha capa segura/integracion para os curadores de datos sanitarios, onde: a conectividade entre sistemas illados (localizacions), a unificacion de rexistros nunha vision centrada no paciente e a comparticion de datos coa aprobacion do consentimento sexan as pedras angulares de a arquitectura controlar a sua identidade, os perfis de privacidade e as subvencions de acceso. Ten como obxectivo minimizar o medo a responsabilidade legal ao compartir os rexistros medicos mediante o uso da anonimizacion e facendo que os pacientes sexan responsables de protexer os seus propios rexistros medicos, pero preservando a calidade do tratamento do paciente. A nosa hipotese principal e: os conceptos Distributed Ledger e Self-Sovereign Identity son unha simbiose natural para resolver os retos do GDPR no contexto da saude? Requirense solucions para que os medicos e investigadores poidan manter os seus fluxos de traballo de colaboracion sen comprometer as regulacions. A arquitectura proposta logra eses obxectivos nun ambiente descentralizado adoptando perfis de privacidade de datos illados.[Resumen] El Reglamento General de Proteccion de Datos (GDPR) se implemento el 25 de mayo de 2018 y se considera el desarrollo mas importante en la regulacion de privacidad de datos en los ultimos 20 anos. Las fuertes multas estan definidas por violar esas reglas y no es algo que los centros de salud puedan darse el lujo de ignorar. El objetivo principal de esta tesis es estudiar y proponer una capa segura/de integración para curadores de datos de atencion medica, donde: la conectividad entre sistemas aislados (ubicaciones), la unificacion de registros en una vista centrada en el paciente y el intercambio de datos con la aprobacion del consentimiento son los pilares de la arquitectura propuesta. Esta propuesta otorga al titular de los datos un rol central, que le permite controlar su identidad, perfiles de privacidad y permisos de acceso. Su objetivo es minimizar el temor a la responsabilidad legal al compartir registros medicos utilizando el anonimato y haciendo que los pacientes sean responsables de proteger sus propios registros medicos, preservando al mismo tiempo la calidad del tratamiento del paciente. Nuestra hipotesis principal es: .son los conceptos de libro mayor distribuido e identidad autosuficiente una simbiosis natural para resolver los desafios del RGPD en el contexto de la atencion medica? Se requieren soluciones para que los medicos y los investigadores puedan mantener sus flujos de trabajo de colaboracion sin comprometer las regulaciones. La arquitectura propuesta logra esos objetivos en un entorno descentralizado mediante la adopcion de perfiles de privacidad de datos aislados.[Abstract] The General Data Protection Regulation (GDPR) was implemented on 25 May 2018 and is considered the most important development in data privacy regulation in the last 20 years. Heavy fines are defined for violating those rules and is not something that healthcare centers can afford to ignore. The main goal of this thesis is to study and propose a secure/integration layer for healthcare data curators, where: connectivity between isolated systems (locations), unification of records in a patientcentric view and data sharing with consent approval are the cornerstones of the proposed architecture. This proposal empowers the data subject with a central role, which allows to control their identity, privacy profiles and access grants. It aims to minimize the fear of legal liability when sharing medical records by using anonymisation and making patients responsible for securing their own medical records, yet preserving the patient’s quality of treatment. Our main hypothesis is: are the Distributed Ledger and Self-Sovereign Identity concepts a natural symbiosis to solve the GDPR challenges in the context of healthcare? Solutions are required so that clinicians and researchers can maintain their collaboration workflows without compromising regulations. The proposed architecture accomplishes those objectives in a decentralized environment by adopting isolated data privacy profiles

Evaluation of Efficiency of Cybersecurity

Uurimistöö eesmärgiks on uurida, kuidas tõhus küberjulgeolek on olnud edukas. Uurimistöö kasutab parima võimaliku tulemuse saamiseks mitmesuguseid uurimismeetodeid ja kirjanduse ülevaade on süstemaatiline. Kuid uurimistöö järeldus on see, et uuring ei suuda kinnitada või tagasi lükata peamist töö hüpoteesi. Uuring ei õnnestunud, sest puuduvad korralikud teooriad, mis näitavad ohutuse ja küberjulgeoleku nähtusi ning puuduvad head näitajad, mis annaksid küberohutuse tõhususe kohta kehtivaid ja ratsionaalseid tulemusi, kui hästi on küberkuritegevuse abil õnnestunud küberkuritegevuse tõhusaks võitmiseks ja küberkuritegude tõhusaks vähendamiseks. Seepärast on küberjulgeoleku teadusteooria ja julgeoleku teadusteooria vähearenenud 2018. aastal. Uuringud on teinud küberjulgeoleku ja turvalisuse arendamise põhilisi avastusi. Edasiste põhiuuringute suund on luua üldine turbeteooria, mis kirjeldab ohtlike muutujate ohtlike muutujate kavatsust, ressursse, pädevust ja edusamme ohtlike muutujate ja aksioomide puhul, kus ohtlike muutujate mõõtmisel saab teha selle sisse loodetavas ja teooria kirjeldab, millised on tõhusad meetmed, et vältida ja leevendada ning millised ei ole ja lõpuks kehtestada nõuetekohased mõõdikud, et mõõta turvalisuse ja küberjulgeoleku tõhusust loodetavus ja kehtivusega.The purpose of the thesis is to research how effectively cybersecurity has succeeded on its mission. The thesis used multiple research methods to get best possible answer and the literature review has been systematic. However, the conclusion of the research was that the study is unable to either confirm or reject the main working hypothesis. The study is unable to do it because of the lack of proper theories to describe what are the phenomena in secu-rity and cybersecurity and the lack of proper metrics to give valid and sound conclusion about the effective of cybersecurity and how well have cybersecurity succeed on its mis-sion to effectively prevent and mitigate cybercrime. Therefore, the science of security and science of cybersecurity are underdeveloped in 2018. The research has made basic discov-eries of development of cybersecurity and security. A direction of further basic research is to establish a general theory of security which describes threat variables, threat variables intention, resources, competence and progress of the threat variables and axioms where measurement of threat variables can be made with reliability and the theory would describe which are effective measures to prevent and mitigate and which are not and finally, estab-lish proper metrics to measure efficiency of security and cybersecurity with reliability and validity

Analyzing and Applying Cryptographic Mechanisms to Protect Privacy in Applications

Privacy-Enhancing Technologies (PETs) emerged as a technology-based response to the increased collection and storage of data as well as the associated threats to individuals' privacy in modern applications. They rely on a variety of cryptographic mechanisms that allow to perform some computation without directly obtaining knowledge of plaintext information. However, many challenges have so far prevented effective real-world usage in many existing applications. For one, some mechanisms leak some information or have been proposed outside of security models established within the cryptographic community, leaving open how effective they are at protecting privacy in various applications. Additionally, a major challenge causing PETs to remain largely academic is their practicality-in both efficiency and usability. Cryptographic mechanisms introduce a lot of overhead, which is mostly prohibitive, and due to a lack of high-level tools are very hard to integrate for outsiders. In this thesis, we move towards making PETs more effective and practical in protecting privacy in numerous applications. We take a two-sided approach of first analyzing the effective security (cryptanalysis) of candidate mechanisms and then building constructions and tools (cryptographic engineering) for practical use in specified emerging applications in the domain of machine learning crucial to modern use cases. In the process, we incorporate an interdisciplinary perspective for analyzing mechanisms and by collaboratively building privacy-preserving architectures with requirements from the application domains' experts. Cryptanalysis. While mechanisms like Homomorphic Encryption (HE) or Secure Multi-Party Computation (SMPC) provably leak no additional information, Encrypted Search Algorithms (ESAs) and Randomization-only Two-Party Computation (RoTPC) possess additional properties that require cryptanalysis to determine effective privacy protection. ESAs allow for search on encrypted data, an important functionality in many applications. Most efficient ESAs possess some form of well-defined information leakage, which is cryptanalyzed via a breadth of so-called leakage attacks proposed in the literature. However, it is difficult to assess their practical effectiveness given that previous evaluations were closed-source, used restricted data, and made assumptions about (among others) the query distribution because real-world query data is very hard to find. For these reasons, we re-implement known leakage attacks in an open-source framework and perform a systematic empirical re-evaluation of them using a variety of new data sources that, for the first time, contain real-world query data. We obtain many more complete and novel results where attacks work much better or much worse than what was expected based on previous evaluations. RoTPC mechanisms require cryptanalysis as they do not rely on established techniques and security models, instead obfuscating messages using only randomizations. A prominent protocol is a privacy-preserving scalar product protocol by Lu et al. (IEEE TPDS'13). We show that this protocol is formally insecure and that this translates to practical insecurity by presenting attacks that even allow to test for certain inputs, making the case for more scrutiny of RoTPC protocols used as PETs. This part of the thesis is based on the following two publications: [KKM+22] S. KAMARA, A. KATI, T. MOATAZ, T. SCHNEIDER, A. TREIBER, M. YONLI. “SoK: Cryptanalysis of Encrypted Search with LEAKER - A framework for LEakage AttacK Evaluation on Real-world data”. In: 7th IEEE European Symposium on Security and Privacy (EuroS&P’22). Full version: https://ia.cr/2021/1035. Code: https://encrypto.de/code/LEAKER. IEEE, 2022, pp. 90–108. Appendix A. [ST20] T. SCHNEIDER , A. TREIBER. “A Comment on Privacy-Preserving Scalar Product Protocols as proposed in “SPOC””. In: IEEE Transactions on Parallel and Distributed Systems (TPDS) 31.3 (2020). Full version: https://arxiv.org/abs/1906.04862. Code: https://encrypto.de/code/SPOCattack, pp. 543–546. CORE Rank A*. Appendix B. Cryptographic Engineering. Given the above results about cryptanalysis, we investigate using the leakage-free and provably-secure cryptographic mechanisms of HE and SMPC to protect privacy in machine learning applications. As much of the cryptographic community has focused on PETs for neural network applications, we focus on two other important applications and models: Speaker recognition and sum product networks. We particularly show the efficiency of our solutions in possible real-world scenarios and provide tools usable for non-domain experts. In speaker recognition, a user's voice data is matched with reference data stored at the service provider. Using HE and SMPC, we build the first privacy-preserving speaker recognition system that includes the state-of-the-art technique of cohort score normalization using cohort pruning via SMPC. Then, we build a privacy-preserving speaker recognition system relying solely on SMPC, which we show outperforms previous solutions based on HE by a factor of up to 4000x. We show that both our solutions comply with specific standards for biometric information protection and, thus, are effective and practical PETs for speaker recognition. Sum Product Networks (SPNs) are noteworthy probabilistic graphical models that-like neural networks-also need efficient methods for privacy-preserving inference as a PET. We present CryptoSPN, which uses SMPC for privacy-preserving inference of SPNs that (due to a combination of machine learning and cryptographic techniques and contrary to most works on neural networks) even hides the network structure. Our implementation is integrated into the prominent SPN framework SPFlow and evaluates medium-sized SPNs within seconds. This part of the thesis is based on the following three publications: [NPT+19] A. NAUTSCH, J. PATINO, A. TREIBER, T. STAFYLAKIS, P. MIZERA, M. TODISCO, T. SCHNEIDER, N. EVANS. Privacy-Preserving Speaker Recognition with Cohort Score Normalisation”. In: 20th Conference of the International Speech Communication Association (INTERSPEECH’19). Online: https://arxiv.org/abs/1907.03454. International Speech Communication Association (ISCA), 2019, pp. 2868–2872. CORE Rank A. Appendix C. [TNK+19] A. TREIBER, A. NAUTSCH , J. KOLBERG , T. SCHNEIDER , C. BUSCH. “Privacy-Preserving PLDA Speaker Verification using Outsourced Secure Computation”. In: Speech Communication 114 (2019). Online: https://encrypto.de/papers/TNKSB19.pdf. Code: https://encrypto.de/code/PrivateASV, pp. 60–71. CORE Rank B. Appendix D. [TMW+20] A. TREIBER , A. MOLINA , C. WEINERT , T. SCHNEIDER , K. KERSTING. “CryptoSPN: Privacy-preserving Sum-Product Network Inference”. In: 24th European Conference on Artificial Intelligence (ECAI’20). Full version: https://arxiv.org/abs/2002.00801. Code: https://encrypto.de/code/CryptoSPN. IOS Press, 2020, pp. 1946–1953. CORE Rank A. Appendix E. Overall, this thesis contributes to a broader security analysis of cryptographic mechanisms and new systems and tools to effectively protect privacy in various sought-after applications

Privacidade em redes de próxima geração

Doutoramento em Engenharia InformáticaIn the modern society, communications and digital transactions are becoming the norm rather than the exception. As we allow networked computing devices into our every-day actions, we build a digital lifestyle where networks and devices enrich our interactions. However, as we move our information towards a connected digital environment, privacy becomes extremely important as most of our personal information can be found in the network. This is especially relevant as we design and adopt next generation networks that provide ubiquitous access to services and content, increasing the impact and pervasiveness of existing networks. The environments that provide widespread connectivity and services usually rely on network protocols that have few privacy considerations, compromising user privacy. The presented work focuses on the network aspects of privacy, considering how network protocols threaten user privacy, especially on next generation networks scenarios. We target the identifiers that are present in each network protocol and support its designed function. By studying how the network identifiers can compromise user privacy, we explore how these threats can stem from the identifier itself and from relationships established between several protocol identifiers. Following the study focused on identifiers, we show that privacy in the network can be explored along two dimensions: a vertical dimension that establishes privacy relationships across several layers and protocols, reaching the user, and a horizontal dimension that highlights the threats exposed by individual protocols, usually confined to a single layer. With these concepts, we outline an integrated perspective on privacy in the network, embracing both vertical and horizontal interactions of privacy. This approach enables the discussion of several mechanisms to address privacy threats on individual layers, leading to architectural instantiations focused on user privacy. We also show how the different dimensions of privacy can provide insight into the relationships that exist in a layered network stack, providing a potential path towards designing and implementing future privacy-aware network architectures.Na sociedade moderna, as comunicações e transacções digitais estão a tornar-se a regra e não a excepção. À medida que permitimos a intromissão de dispositivos electrónicos de rede no nosso quotidiano, vamos construíndo um estilo de vida digital onde redes e dispositivos enrirquecem as nossas interacções. Contudo, ao caminharmos para um ambiente digital em rede, a nossa privacidade vai-se revestindo de maior importãncia, pois a nossa informação pessoal passa a encontrar-se cada vez mais na rede. Isto torna-se particularmente relevante ao adoptarmos redes de próxima geração, que permitem acesso ubíquo a redes, serviços e conteúdos, aumentando o impacte e pervasividade das redes actuais. Os ambientes onde a conectividade e os serviços se tornam uma constante, assentam em protocolos de rede que normalmente contemplam poucas considerações sobre privacidade, comprometendo desta forma o utlizador. O presente trabalho centra-se nos aspectos de privacidade que dizem respeito à rede devido à forma como os protocolos são utilizados nas diferentes camadas, e que resultando em ameaças à privacidade do utilizador. Abordamos especificamente os identificadores presentes nos protocolos de rede, e que são essenciais à sua função. Neste contexto exploramos a possibilidade destes identificadores comprometerem a privacidade do utilizador através da informação neles contida, bem como das relações que podem ser estabelecidas entre identificadores de diferentes protocolos. Após este estudo centrado nos identificadores, mostramos como a privacidade em redes pode ser explorada ao longo de duas dimensões: uma dimensão que acentua as relações verticais de privacidade, cruzando vários protocolos até chegar ao utilizador, e uma dimensão horizontal que destaca as ameaças causadas por cada protocolo, de forma individual, normalmente limitadas a uma única camada. Através destes conceitos, mostramos uma visão integrada de privacidade em redes, abrangendo tanto as interacçoes de privacidade verticais como as horizontais. Esta visão permite discutir vários mecanismos para mitigar ameaças específicas a cada camada de rede, resultando em instânciações arquitecturais orientadas à privacidade do utilizador. Finalmente, mostramos como as diferentes dimensões de privacidade podem fornecer uma visão diferente sobre as relações estabelecidas na pilha protocolar que assenta em camadas, mostrando um caminho possível para o desenvolvimento de futuras arquitecturas de rede com suporte para privacidade