Privacy Intelligence: A Survey on Image Sharing on Online Social Networks

Image sharing on online social networks (OSNs) has become an indispensable part of daily social activities, but it has also led to an increased risk of privacy invasion. The recent image leaks from popular OSN services and the abuse of personal photos using advanced algorithms (e.g. DeepFake) have prompted the public to rethink individual privacy needs when sharing images on OSNs. However, OSN image sharing itself is relatively complicated, and systems currently in place to manage privacy in practice are labor-intensive yet fail to provide personalized, accurate and flexible privacy protection. As a result, an more intelligent environment for privacy-friendly OSN image sharing is in demand. To fill the gap, we contribute a systematic survey of 'privacy intelligence' solutions that target modern privacy issues related to OSN image sharing. Specifically, we present a high-level analysis framework based on the entire lifecycle of OSN image sharing to address the various privacy issues and solutions facing this interdisciplinary field. The framework is divided into three main stages: local management, online management and social experience. At each stage, we identify typical sharing-related user behaviors, the privacy issues generated by those behaviors, and review representative intelligent solutions. The resulting analysis describes an intelligent privacy-enhancing chain for closed-loop privacy management. We also discuss the challenges and future directions existing at each stage, as well as in publicly available datasets.Comment: 32 pages, 9 figures. Under revie

Electronic Identity in Europe: Legal challenges and future perspectives (e-ID 2020)

This deliverable presents the work developed by the IPTS eID Team in 2012 on the large-encompassing topic of electronic identity. It is structured in four different parts: 1) eID: Relevance, Le-gal State-of-the-Art and Future Perspectives; 2) Digital Natives and the Analysis of the Emerging Be-havioral Trends Regarding Privacy, Identity and Their Legal Implications; 3) The "prospective" use of social networking services for government eID in Europe; and 4) Facial Recognition, Privacy and Iden-tity in Online Social Networks.JRC.J.3-Information Societ

The State of the Electronic Identity Market: Technologies, Infrastructure, Services and Policies

Authenticating onto systems, connecting to mobile networks and providing identity data to access services is common ground for most EU citizens, however what is disruptive is that digital technologies fundamentally alter and upset the ways identity is managed, by people, companies and governments. Technological progress in cryptography, identity systems design, smart card design and mobile phone authentication have been developed as a convenient and reliable answer to the need for authentication. Yet, these advances ar enot sufficient to satisfy the needs across people's many spheres of activity: work, leisure, health, social activities nor have they been used to enable cross-border service implementation in the Single Digital Market, or to ensure trust in cross border eCommerce. The study findings assert that the potentially great added value of eID technologies in enabling the Digital Economy has not yet been fulfilled, and fresh efforts are needed to build identification and authentication systems that people can live with, trust and use. The study finds that usability, minimum disclosure and portability, essential features of future systems, are at the margin of the market and cross-country, cross-sector eID systems for business and public service are only in their infancy. This report joins up the dots, and provides significant exploratory evidence of the potential of eID for the Single Digital Market. A clear understanding of this market is crucial for policy action on identification and authentication, eSignature and interoperability.JRC.DDG.J.4-Information Societ

A Survey of the European Security Market

This document synthesizes the results of the research made on the European security market. It deals with questions of interest regarding the provision of security goods and services for protecting society from terrorism and organised crime. It explores issues such as market revenues, demand and supply, industrial capabilities, technology, research and development, innovation, business strategies, competition as well as market structure, agents' conduct and economic performance. The research has been based upon desk analysis of open source information related to the security market. Economic theory and critical analysis has been applied to understand the gathered information, derive knowledge, point out key issues and assess trends and drivers that will likely shape the sector's future. The study is the outcome of the working package number 5 included in the research project A new Agenda for European Security Economics (EUSECON). This project with code number 218195 has been financed by the European Commission within the 7th European Research Framework Programme. The task has been performed by the company ISDEFE according to the scope and work plan described in the EUSECON proposal. The author wishes to express his appreciation to all the individuals that have provided input and valuable comments to this study, including anonymous referees. Any flaws or omissions contained in this document are solely the responsibility of the author.

An Integrative Analytical Framework for Internet of Things Security, Forensics and Intelligence

The Internet of things (IoT) has recently become an important research topic because it revolutionises our everyday life through integrating various sensors and objects to communicate directly without human intervention. IoT technology is expected to offer very promising solutions for many areas. In this thesis we focused on the crime investigation and crime prevention, which may significantly contribute to human well-being and safety. Our primary goals are to reduce the time of crime investigation, minimise the time of incident response and to prevent future crimes using collected data from smart devices. This PhD thesis consists of three distinct but related projects to reach the research goal. The main contributions can be summarised as: • A multi-level access control framework, presented in Chapter 3. This could be used to secure any collected and shared data. We decided to have this as our first contribution as it is not realistic to use data that could be altered in our prediction model or as evidence. We chose healthcare data collected from ambient sensors and uploaded to cloud storage as an example for our framework as this data is collected from multiple sources and is used by different parties. The access control system regulates access to data by defining policy attributes over healthcare professional groups and data classes classifications. The proposed access control system contains policy model, architecture model and a methodology to classify data classes and healthcare professional groups. • An investigative framework, that was discussed in Chapter 4, which contains a multi-phased process flow that coordinates different roles and tasks in IoT related-crime investigation. The framework identifies digital information sources and captures all potential evidence from smart devices in a way that guarantee potential evidence is not altered so it can be admissible in a court of law. • A deep learning multi-view model, which we demonstrated in Chapter 5, that explores the relationship between tweets, weather (a type of sensory data) and crime rate, for effective crime prediction. This contribution is motivated by the need to utilise police force deployment correctly to be present at the right times. Both the proposed investigative framework and the predictive model were evaluated and tested, and the results of these evaluations are presented in the thesis. The proposed framework and model contribute significantly to the field of crime investigation and crime prediction. We believe their application would provide higher admissibility evidence, more efficient investigations, and optimum ways to utilise law enforcement deployment based on crime rate prediction using collected sensory data

Social, Private, and Trusted Wearable Technology under Cloud-Aided Intermittent Wireless Connectivity

There has been an unprecedented increase in the use of smart devices globally, together with novel forms of communication, computing, and control technologies that have paved the way for a new category of devices, known as high-end wearables. While massive deployments of these objects may improve the lives of people, unauthorized access to the said private equipment and its connectivity is potentially dangerous. Hence, communication enablers together with highly-secure human authentication mechanisms have to be designed.In addition, it is important to understand how human beings, as the primary users, interact with wearable devices on a day-to-day basis; usage should be comfortable, seamless, user-friendly, and mindful of urban dynamics. Usually the connectivity between wearables and the cloud is executed through the user’s more power independent gateway: this will usually be a smartphone, which may have potentially unreliable infrastructure connectivity. In response to these unique challenges, this thesis advocates for the adoption of direct, secure, proximity-based communication enablers enhanced with multi-factor authentication (hereafter refereed to MFA) that can integrate/interact with wearable technology. Their intelligent combination together with the connection establishment automation relying on the device/user social relations would allow to reliably grant or deny access in cases of both stable and intermittent connectivity to the trusted authority running in the cloud.The introduction will list the main communication paradigms, applications, conventional network architectures, and any relevant wearable-specific challenges. Next, the work examines the improved architecture and security enablers for clusterization between wearable gateways with a proximity-based communication as a baseline. Relying on this architecture, the author then elaborates on the social ties potentially overlaying the direct connectivity management in cases of both reliable and unreliable connection to the trusted cloud. The author discusses that social-aware cooperation and trust relations between users and/or the devices themselves are beneficial for the architecture under proposal. Next, the author introduces a protocol suite that enables temporary delegation of personal device use dependent on different connectivity conditions to the cloud.After these discussions, the wearable technology is analyzed as a biometric and behavior data provider for enabling MFA. The conventional approaches of the authentication factor combination strategies are compared with the ‘intelligent’ method proposed further. The assessment finds significant advantages to the developed solution over existing ones.On the practical side, the performance evaluation of existing cryptographic primitives, as part of the experimental work, shows the possibility of developing the experimental methods further on modern wearable devices.In summary, the set of enablers developed here for wearable technology connectivity is aimed at enriching people’s everyday lives in a secure and usable way, in cases when communication to the cloud is not consistently available