InShopnito: an advanced yet privacy-friendly mobile shopping application

Mobile Shopping Applications (MSAs) are rapidly gaining popularity. They enhance the shopping experience, by offering customized recommendations or incorporating customer loyalty programs. Although MSAs are quite effective at attracting new customers and binding existing ones to a retailer's services, existing MSAs have several shortcomings. The data collection practices involved in MSAs and the lack of transparency thereof are important concerns for many customers. This paper presents inShopnito, a privacy-preserving mobile shopping application. All transactions made in inShopnito are unlinkable and anonymous. However, the system still offers the expected features from a modern MSA. Customers can take part in loyalty programs and earn or spend loyalty points and electronic vouchers. Furthermore, the MSA can suggest personalized recommendations even though the retailer cannot construct rich customer profiles. These profiles are managed on the smartphone and can be partially disclosed in order to get better, customized recommendations. Finally, we present an implementation called inShopnito, of which the security and performance is analyzed. In doing so, we show that it is possible to have a privacy-preserving MSA without having to sacrifice practicality

TCG based approach for secure management of virtualized platforms: state-of-the-art

There is a strong trend shift in the favor of adopting virtualization to get business benefits. The provisioning of virtualized enterprise resources is one kind of many possible scenarios. Where virtualization promises clear advantages it also poses new security challenges which need to be addressed to gain stakeholders confidence in the dynamics of new environment. One important facet of these challenges is establishing 'Trust' which is a basic primitive for any viable business model. The Trusted computing group (TCG) offers technologies and mechanisms required to establish this trust in the target platforms. Moreover, TCG technologies enable protecting of sensitive data in rest and transit. This report explores the applicability of relevant TCG concepts to virtualize enterprise resources securely for provisioning, establish trust in the target platforms and securely manage these virtualized Trusted Platforms

Challenges for Trusted Computing

This article identifies and discusses some of the key challenges that need to be addressed if the vision of Trusted Computing is to become reality. Topics addressed include issues with setting up and maintaining the PKI required to support the full set of Trusted Computing functionality, the practical use and verification of attestation evidence, and backwards compatibility, usability and compliance issues

Cloud technology options towards Free Flow of Data

This whitepaper collects the technology solutions that the projects in the Data Protection, Security and Privacy Cluster propose to address the challenges raised by the working areas of the Free Flow of Data initiative. The document describes the technologies, methodologies, models, and tools researched and developed by the clustered projects mapped to the ten areas of work of the Free Flow of Data initiative. The aim is to facilitate the identification of the state-of-the-art of technology options towards solving the data security and privacy challenges posed by the Free Flow of Data initiative in Europe. The document gives reference to the Cluster, the individual projects and the technologies produced by them

Shaping Governance in Self-Sovereign Identity Ecosystems: Towards a Cooperative Business Model

The Internet has undoubtedly created great opportunities for consumers. With the digitalization wave breaking, Single Sign-On services emerged that satisfy the desire for seamless online journeys and provide users with their digital identities. On a global scale, oligopoly structures evolved where tech giants primarily manage digital identities and personal data. Conversely, recent developments stemmed from the desire for data privacy, digital sovereignty, and self-determination, both from the user perspective and legislature. In line with recent discussions, this study focuses on Self-Sovereign Identity, a new paradigm that promises independence from intermediary identity providers. We follow an appeal for further research on business aspects and strategic alliances and adopt an exploratory research approach with semi-structured interviews. We identify cooperatives as suitable to govern Self-Sovereign Identity Ecosystems, shape their business model along Al-Debei and Avison’s V4 Business Model dimensions, and outline paths for future inquiries

Scaling Distributed Ledgers and Privacy-Preserving Applications

This thesis proposes techniques aiming to make blockchain technologies and smart contract platforms practical by improving their scalability, latency, and privacy. This thesis starts by presenting the design and implementation of Chainspace, a distributed ledger that supports user defined smart contracts and execute user-supplied transactions on their objects. The correct execution of smart contract transactions is publicly verifiable. Chainspace is scalable by sharding state; it is secure against subsets of nodes trying to compromise its integrity or availability properties through Byzantine Fault Tolerance (BFT). This thesis also introduces a family of replay attacks against sharded distributed ledgers targeting cross-shard consensus protocols; they allow an attacker, with network access only, to double-spend resources with minimal efforts. We then build Byzcuit, a new cross-shard consensus protocol that is immune to those attacks and that is tailored to run at the heart of Chainspace. Next, we propose FastPay, a high-integrity settlement system for pre-funded payments that can be used as a financial side-infrastructure for Chainspace to support low-latency retail payments. This settlement system is based on Byzantine Consistent Broadcast as its core primitive, foregoing the expenses of full atomic commit channels (consensus). The resulting system has extremely low-latency for both confirmation and payment finality. Finally, this thesis proposes Coconut, a selective disclosure credential scheme supporting distributed threshold issuance, public and private attributes, re-randomization, and multiple unlinkable selective attribute revelations. It ensures authenticity and availability even when a subset of credential issuing authorities are malicious or offline, and natively integrates with Chainspace to enable a number of scalable privacy-preserving applications

A System Proposal for Information Management in Building Sector Based on BIM, SSI, IoT and Blockchain

This work presents a Self Sovereign Identity based system proposal to show how Blockchain, Building Information Modeling, Internet of Thing devices, and Self Sovereign Identity concepts can support the process of building digitalization, guaranteeing the compliance standards and technical regulations. The proposal ensures eligibility, transparency and traceability of all information produced by stakeholders, or generated by IoT devices appropriately placed, during the entire life cycle of a building artifact. By exploiting the concepts of the Self Sovereign Identity, our proposal allows the identification of all involved stakeholders, the storage off-chain of all information, and that on-chain of the sole data necessary for the information notarization and certification, adopting multi-signature approval mechanisms where appropriate. In addition it allows the eligibility verification of the certificated information, providing also useful information for facility management. It is proposed as an innovative system and companies that adopt the Open Innovation paradigm might want to pursue it. The model proposal is designed exploiting the Veramo platform, hence the Ethereum Blockchain, and all the recommendations about Self Sovereign Identity systems given by the European Blockchain Partnership, and by the World Wide Web Consortium