15 research outputs found

    Open source intelligence, open social intelligence and privacy by design

    Get PDF
    PonĂšncia presentada a European Conference on Social Intelligence (ECSI-2014)OSINT stands for Open Source Intelligence, (O)SI for (Open) Social Intelligence, PbD for Privacy by Design. The CAPER project has built an OSINT solution oriented to the prevention of organized crime. How to balance freedom and security? This position paper describes a way to embed the legal and ethical issues raised by the General Data Reform Package (GDRP) in Europe into this kind of surveillance platforms. It focuses on the indirect strategy to flesh out Privacy by Design principles (PbD) through Semantic Web Regulatory Models (SWRM). Institutional design, self-regulatory systems, and the possibility to build up a meta-level rule of law are discussed

    Security and Privacy of IP-ICN Coexistence: A Comprehensive Survey

    Full text link
    Internet usage has changed from its first design. Hence, the current Internet must cope with some limitations, including performance degradation, availability of IP addresses, and multiple security and privacy issues. Nevertheless, to unsettle the current Internet's network layer i.e., Internet Protocol with ICN is a challenging, expensive task. It also requires worldwide coordination among Internet Service Providers , backbone, and Autonomous Services. Additionally, history showed that technology changes e.g., from 3G to 4G, from IPv4 to IPv6 are not immediate, and usually, the replacement includes a long coexistence period between the old and new technology. Similarly, we believe that the process of replacement of the current Internet will surely transition through the coexistence of IP and ICN. Although the tremendous amount of security and privacy issues of the current Internet taught us the importance of securely designing the architectures, only a few of the proposed architectures place the security-by-design. Therefore, this article aims to provide the first comprehensive Security and Privacy analysis of the state-of-the-art coexistence architectures. Additionally, it yields a horizontal comparison of security and privacy among three deployment approaches of IP and ICN protocol i.e., overlay, underlay, and hybrid and a vertical comparison among ten considered security and privacy features. As a result of our analysis, emerges that most of the architectures utterly fail to provide several SP features including data and traffic flow confidentiality, availability and communication anonymity. We believe this article draws a picture of the secure combination of current and future protocol stacks during the coexistence phase that the Internet will definitely walk across

    Lower-Cost ∈-Private Information Retrieval

    Get PDF
    Private Information Retrieval (PIR), despite being well studied, is computationally costly and arduous to scale. We explore lower-cost relaxations of information-theoretic PIR, based on dummy queries, sparse vectors, and compositions with an anonymity system. We prove the security of each scheme using a flexible differentially private definition for private queries that can capture notions of imperfect privacy. We show that basic schemes are weak, but some of them can be made arbitrarily safe by composing them with large anonymity systems

    Assessment of attribute-based credentials for privacy-preserving road traffic services in smart cities

    Get PDF
    Smart cities involve the provision of advanced services for road traffic users. Vehicular ad hoc networks (VANETs) are a promising communication technology in this regard. Preservation of privacy is crucial in these services to foster their acceptance. Previous approaches have mainly focused on PKI-based or ID-based cryptography. However, these works have not fully addressed the minimum information disclosure principle. Thus, questions such as how to prove that a driver is a neighbour of a given zone, without actually disclosing his identity or real address, remain unaddressed. A set of techniques, referred to as Attribute-Based Credentials (ABCs), have been proposed to address this need in traditional computation scenarios. In this paper, we explore the use of ABCs in the vehicular context. For this purpose, we focus on a set of use cases from European Telecommunications Standards Institute (ETSI) Basic Set of Applications, specially appropriate for the early development of smart cities. We assess which ABC techniques are suitable for this scenario, focusing on three representative ones—Idemix, U-Prove and VANET-updated Persiano systems. Our experimental results show that they are feasible in VANETs considering state-of-the-art technologies, and that Idemix is the most promising technique for most of the considered use cases.This work was supported by the MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You); the CAM grant S2013/ICE-3095 (CIBERDINE: Cybersecurity, Data, and Risks) and by the MINECO grant TIN2016-79095-C2-2-R (SMOG-DEV - Security mechanisms for fog computing: advanced security for devices). Jose Maria de Fuentes and Lorena Gonzalez were also supported by the Programa de Ayudas para la Movilidad of Carlos III University of Madrid

    Uncertainty in runtime verification : a survey

    Get PDF
    Runtime Verification can be defined as a collection of formal methods for studying the dynamic evaluation of execution traces against formal specifications. Aside from creating a monitor from specifications and building algorithms for the evaluation of the trace, the process of gathering events and making them available for the monitor and the communication between the system under analysis and the monitor are critical and important steps in the runtime verification process. In many situations and for a variety of reasons, the event trace could be incomplete or could contain imprecise events. When a missing or ambiguous event is detected, the monitor may be unable to deliver a sound verdict. In this survey, we review the literature dealing with the problem of monitoring with incomplete traces. We list the different causes of uncertainty that have been identified, and analyze their effect on the monitoring process. We identify and compare the different methods that have been proposed to perform monitoring on such traces, highlighting the advantages and drawbacks of each method

    Policy-Driven Adaptive Protection Systems.

    Get PDF
    PhDThe increasing number and complexity of security attacks on IT infrastructure demands for the development of protection systems capable of dealing with the security challenges of today’s highly dynamic environments. Several converging trends including mobilisation, externalisation and collaboration, virtualisation, and cloud computing are challenging traditional silo approaches to providing security. IT security policies should be considered as being inherently dynamic and flexible enough to trigger decisions efficiently and effectively taking into account not only the current execution environment of a protection system and its runtime contextual factors, but also dynamically changing the security requirements introduced by external entities in the operational environment. This research is motivated by the increasing need for security systems capable of supporting security decisions in dynamic operational environments and advocates for a policy-driven adaptive security approach. The first main contribution of this thesis is to articulate the property of specialisation in adaptive software systems and propose a novel methodological framework for the realisation of policy-driven adaptive systems capable of specialisation via adaptive policy transformation. Furthermore, this thesis proposes three distinctive novel protection mechanisms, all three mechanisms exhibit adaptation via specialisation, but each one presenting its own research novelty in its respective field. They are: 1. A Secure Execution Context Enforcement based on Activity Detection; 2. Privacy and Security Requirements Enforcement Framework in Internet-Centric Services; 3. A Context-Aware Multifactor Authentication Scheme Based On Dynamic Pin. 3 Along with a comprehensive study of the state of the art in policy based adaptive systems and a comparative analysis of those against the main objectives of the framework this thesis proposes, these three protection mechanisms serve as a foundation and experimental work from which core characteristics, methods, components, and other elements are analysed in detail towards the investigation and the proposition of the methodological framework presented in this thesis

    Analysis of obligatory disclosure regarding individual’s privacy

    Get PDF
    Disclosure of personal information online has raised concerns about individuals’ privacy. In order to protect personal information users undertake measures, such as configuring privacy settings and referring to the privacy policies of the organisation’s website before engaging in a transaction. This demonstrates users’ concerns with the availability of their personal information online. Besides the individuals themselves, organisations are also exposing the personal information of their staff to the general public by publishing it on their official website. The practice of publishing employees’ information on such websites is nominally to offer better services to customers, and it is one of the steps taken to improve governmental transparency. However, there are only limited studies on individuals’ (i.e. employees’) privacy issues in the context of organisational disclosure, and their internal responses to the relevant factors. To date, far too little attention has been paid to the disclosure of personal information by organisational websites. This research addresses this phenomenon, where the issue of third-party disclosure by an entity that has a direct relationship with the individuals is investigated in the Malaysian context. For this purpose, this research introduces ‘obligatory disclosure’ as a conceptual framework for this study and adds to the knowledge of privacy-in-public in the context of public administration. The results of the study indicate that while obligatory disclosure was commonly believed to be a normal phenomenon, it creates a vulnerable environment for individuals. The study also found that employees’ concerns with privacy were influenced by the specific context. In addition, low levels of privacy concern and lack of privacy awareness regarding this phenomenon were identified. The study recommends that there is a need for a regulatory approach to protect employees’ information on organisation websites, and privacy should be incorporated as an important element of obligatory disclosure practice
    corecore