A Probabilistic Model for Evaluating the Operational Cost of PKI-based Financial Transactions

Abstract. The use of PKI in large scale environments suffers some inherent problems concerning the options to adopt for the optimal cost-centered operation of the system. In this paper a Markov based probability model has been applied and a performability indicator has been introduced for assisting the evaluation of the operational cost of the system in a decision support process. Considering the unavailability of the Certification Authority server, three different strategies have been evaluated for determining the optimal one

A NIS Directive compliant Cybersecurity Maturity Model

The EU NIS Directive introduces obligations related to the security of the network and information systems for Operators of Essential Services and for Digital Service Providers. Moreover, National Competent Authorities for cybersecurity are required to assess compliance with these obligations. This paper describes a novel Cybersecurity Maturity Assessment Framework (CMAF) that is tailored to the NIS Directive requirements. CMAF can be used either as a self-assessment tool from Operators of Essential Services and Digital Service Providers or as an audit tool from the National Competent Authorities for cybersecurity

If you want to know about a hunter, study his prey: detection of network based attacks on KVM based cloud environments

Computational systems are gradually moving towards Cloud Computing Infrastructures, using the several advantages they have to offer and especially the economic advantages in the era of an economic crisis. In addition to this revolution, several security matters emerged and especially the confrontation of malicious insiders. This paper proposes a methodology for detecting the co-residency and network stressing attacks in the kernel layer of a Kvm-based cloud environment, using an implementation of the Smith-Waterman genetic algorithm. The proposed approach has been explored in a test bed environment, producing results that verify its effectiveness

Data Protection Impact Assessment (DPIA) for Cloud-Based Health Organizations

The General Data Protection Regulation (GDPR) harmonizes personal data protection laws across the European Union, affecting all sectors including the healthcare industry. For processing operations that pose a high risk for data subjects, a Data Protection Impact Assessment (DPIA) is mandatory from May 2018. Taking into account the criticality of the process and the importance of its results, for the protection of the patients’ health data, as well as the complexity involved and the lack of past experience in applying such methodologies in healthcare environments, this paper presents the main steps of a DPIA study and provides guidelines on how to carry them out effectively. To this respect, the Privacy Impact Assessment, Commission Nationale de l’Informatique et des Libertés (PIA-CNIL) methodology has been employed, which is also compliant with the privacy impact assessment tasks described in ISO/IEC 29134:2017. The work presented in this paper focuses on the first two steps of the DPIA methodology and more specifically on the identification of the Purposes of Processing and of the data categories involved in each of them, as well as on the evaluation of the organization’s GDPR compliance level and of the gaps (Gap Analysis) that must be filled-in. The main contribution of this work is the identification of the main organizational and legal requirements that must be fulfilled by the health care organization. This research sets the legal grounds for data processing, according to the GDPR and is highly relevant to any processing of personal data, as it helps to structure the process, as well as be aware of data protection issues and the relevant legislation

Outsourcing Digital Signatures: A solution to key management burden

Outsourcing Digital Signatures: A solution to key management burden This is an HTML working draft that led to an article publication. A reference to this work should always be done using the following citation

Attacks in a SIP-Based VoIP Environment

The advent of Voice over IP (VoIP) has offered numerous advantages but, at the same time, it has introduced security threats not previously encountered in networks with a closed architecture like the Public Switch Telephone Networks (PSTN). One of these threats is that of signaling attacks. This paper examines the signaling attacks in VoIP environments based on the Session Initiation Protocol (SIP), focusing on the design of a robust lightweight protection mechanism against them. The proposed scheme introduces a new SIP header, namely the Integrity-Auth header, which is utilized for protecting the SIP-based VoIP services from signaling attacks while ensuring authenticity and integrity