Collaborative, Trusted and Privacy-Aware e/m-Services

This paper discusses future ways to regulate technology effectively in an ever accelerating speed of technological development. The current rate of response of legislation to technological evolution is unlikely to allow law keeping up pace with and responding to the needs of society for technology regulation. This is likely to create a rift between on one hand the perceived need of society for technology regulation and on the other, the ability of the legislative to deliver in line with expectations. While the demand for more technology regulation in unlikely to subside, self -regulatory means and tools are likely to increase in prominence, especially if combined with technology in terms of automation. Societal value could be developed in a way that allows legislation to retain its important role in meeting the need for greater control of the evolution of technology. The approach proposed in this paper could be of use to those involved in the governance, service provision or use of technology regulation.

Many Internet services rely on consumers disclosing their personal data. Despite heavy usage and wide acceptance of services like Online Social Networks, doubts about sustainability of trusted relationships remain. Surveying consumers about their preferences reveals severe concerns about the fate of their personal data. In stark contrast to privacy concerns (stated preferences), however, consumers generously disclose personal data in exchange for free Internet services (revealed preferences). It has been argued that individuals experience dissonant states in privacy decision making. The tension between stated and revealed preferences is eliminated with the decision made in order to reduce discomfort. This paper proposes a survey design to determine 1) order effects as indicators for dissonant states in privacy decision making, and 2) the degree of experienced tension between stated and revealed preferences. Observations of data valuation and disclosure behavior are dissonant if they do not commute, i.e. disclosing data prior to valuating privacy does not equal privacy valuation before data disclosure. Determining the degree of dissonance in privacy decision making is expected to inform the design of transparency mechanisms to influence experienced dissonance between stated and revealed privacy preferences.

The fact that the data owners outsource their data to external service providers introduces many security and privacy issues. Among them, the most significant research questions relate to data confidentiality and user privacy. Encryption was regarded as a solution for data confidentiality. The privacy of a user is characterized by the query he poses to the server and its result. We explore the techniques to execute the SQL query over the encrypted data without revealing to the server any information about the query such as the query type or the query pattern, and its result. By implementing all the relational operators by using the unique selection operator on the server-side database with a constant number of elements in each time of selection, our proposal can defeat against the statistical attacks of the untrusted server compromising data confidentiality and user privacy. Experimental evaluation demonstrates that our proposal less affects the system’s performance and is applicable in the real world.

This study explores the dynamics of personalized services in online shopping, with regard to emotions, privacy and trust. The basic emotions of happiness and anxiety were chosen. A sample of 182 online shoppers was used to assess the effect of privacy and trust on their emotions through personalized services, and how these emotions ultimately affect their purchase intentions. The findings indicate that privacy affects anxiety while trust affects happiness, while both emotions have significant influence on customers’ intention to buy through personalized services. The study concludes with theoretical and practical implications, limitations, and future research directions.

Trust and privacy have been widely studied as key issues and success factors for e-commerce. The advent of m-commerce calls for revisiting these concepts and re-examining their antecedents in the mobile context. This paper attempts a comparative approach to the issues of trust and privacy in e-commerce and m-commerce. It investigates how trust and privacy are differentiated with the shift from the context of e-commerce to the context of m-commerce. Our analysis is supported by the results of an exploratory qualitative study in m-commerce.

The advent of Cloud computing has created numerous significant challenges with regard to manipulation of data and especially personal data in cases of Clouds and federated Clouds. Existing legislation currently creates constraints and boundaries in the free usage of external Cloud providers. The aim of this paper is to provide a schema definition and usage mechanism (CPDS) that includes various levels of legal information that is necessary for automating the process of Cloud provider selection and data outsourcing. Thus the aforementioned constraints may be checked in an automated and machine understandable fashion and fully harvest the potential that is created by advances in Cloud computing like dynamic federation. In this direction, legal gaps and necessary actions are identified so that the automation avoids manual and bureaucratic steps that are necessary at the moment.

Cloud Computing is without a doubt one of the most significant innovations presented in the global technological map. The number of potential users enrolling and using cloud services increases exponentially on a daily bases. The great demand from online users for cloud services along with the reduced operational costs that the latter offers has motivated many organisations and companies to consider migrating organizational services, data and applications on the Cloud. However, despite the various positive characteristics of all cloud service models like reduced costs, better availability insurance, on demand data storage and computation power, cloud migration may hinder various security and privacy issues that need to be considered before an organization or company decides to move on to the Cloud. This paper aims to reveal the major security and privacy concepts for all three cloud service models and through a systematic analysis to guide the organization’s stakeholders in deciding which service model best fits their needs based on their security and privacy requirements.

Cloud computing is an emergent technology that has generated significant interest in the marketplace and is forecasted for high growth. Moreover, Cloud computing has a great impact on different type of users from individual consumers and businesses to small and medium size (SMBs) and enterprise businesses. Although there are many benefits to adopting Cloud computing, there are significant barriers to adoption, viz. security and privacy. In this paper, we focus on carefully planning security aspects regarding access control of Cloud computing solutions before implementing them and, furthermore, on ensuring they satisfy particular organizational security requirements. Specifically, we propose a methodology for the development of access control systems. The methodology is capable of utilizing existing security requirements engineering approaches for the definition and evaluation of access control models, and verification of access control systems against organizational security requirements using techniques that are based on formal methods. A proof of concept example is provided that demonstrates the application of the proposed methodology on Cloud computing systems.

In this paper we propose a user based architecture for the email system, where the recipient of an email message manage its receipt in conjunction with both origin and destination email servers. Messages are kept to the origin email server until a confirmation from the recipient is issued though the destination email server. Therefore, spam email doesn’t travel the Internet and doesn’t overload the destination email server and recipient’s mailbox. White and black lists for (sender, email_server) pairs are built automatically following user evaluation. With our proposal, full control is delegated to the recipient over the email activity. On the server side, Simple Mail Delivery Protocol (SMDP) manages email delivery and options. SMDP server acts as a gateway for sending emails, a repository for the users’ mailboxes and a central point for managing user options related to email filtering and spam handling. The solution is suitable for group/business email handling.

Motivated by the fact that social media are continuously gaining in popularity, firms are piloting different approaches of promoting their products and services. However, there is much debate in the academic and business community about the effectiveness of social media as a platform for marketing. Specifically, practitioners are concerned with how Word-of-Mouth (WOM) is spread through these sites, and what aspects facilitate users in doing so. The aim of this research is to elucidate the motivations for WOM over social media based on utilitarian and hedonic theories. Partial Least Squares (PLS) analysis is performed on data obtained from 169 social media users to test our research model. Outcomes indicate that both, utilitarian and hedonic motivations impact WOM. Utilitarian motives are triggered through customized advertisements, while hedonic motives through the ability to socialize during product browsing.

The understanding and modeling of social dynamics in a complex and unpredictable world, emerges as a research target of particular importance. Success in this direction can yield valuable knowledge as to how social phenomena form and evolve in varying socioeconomic contexts comprising economic crises, societal disasters, cultural differences and security threats among others. The study of social dynamics occurring in the aforementioned contexts with the methodological tools originating from the complexity theory, is the research approach we propose in this paper. Furthermore, considering the fact that online social media serve as platforms of individual expression and public dialogue, we anticipate that their study as complex adaptive systems, will significantly contribute to understanding, predicting and monitoring social phenomena taking place on both online and offline social networks.

The paper explores the valuation of radio spectrum granted by the State to radio operators for radio program broadcasting. Radio spectrum may be one of the most tightly regulated resources of all time, since every wireless device, from mobile phones to traditional radio devices, depends on access to the radio frequency wireless spectrum. Due to the scarcity of radio spectrum, the available number of radio broadcasting licenses is limited, therefore the State usually offers the licenses through open tender procedures following several tendering options such as auctions and beauty contests. One of the most crucial factor in the licensing procedures, is the valuation of the offered spectrum. The valuation of the spectrum determines the amount of money that radio operators should pay to the State, in order to hold the spectrum license for a fixed period of time. In this paper a cost model for radio spectrum evaluation is applied in order to identify the most crucial parameters that affect the determination of the spectrum price. The dynamic structure of the model allows a sensitivity analysis study in relation to the assessment of the variation effect of several parameters to the determined spectrum price. The appropriate determination of the examined parameters allow the State to maximize the government revenues but most important to grant the spectrum with the most efficient way.

Many countries, European and worldwide, have increasingly issued during the last decade electronically readable identity documents to their citizens, for different purposes and applications. However, a major characteristic of all these systems is that they are basically available in a national context. For example, European citizens that move freely through the Member-States face the problem that their eIDs from their home state do not allow access to services of another Member-State in which they are temporarily present. Public Administrations are also unable to provide services to European citizens from other Member-States with the same ease and efficiency as they do to their national citizens. In order to avoid such confusing situations, cross-border services should be fully integrated in the national/regional and local information systems. It is, therefore, an important task to improve the cross-border interoperability of electronic identification and authentication systems. ENISA, the European agency for the security of computer systems and networks, recently published a report dealing with an important aspect of this problem: the security issues in cross-border electronic authentication. The report assesses the risks of electronic authentication in cross-border solutions and provides a generic implementation model. This paper describes an implementation methodology for addressing the cross-border interoperability of electronic authentication problem, based on the ENISA generic model. The proposed implementation methodology has been based on the successful NETC@RDS project approach and experience, described herein. This methodology can provide a suitable secure cross-border, multi-purpose authentication implementation based on the aforementioned generic model that can be used in various sectors.

In this paper it is describe a SWOT analysis of an Electronic Heath Record (EHR) implemented in a Portuguese hospital. As the EHR is a core part of a hospital information system, it is extremely important to ensure that it offers the best functionalities and that users are satisfied. With this analysis it is intended to gather information about the system, in order to improve the EHR implemented in the hospital. In the end, and appending to the results of a usability evaluation done in previous works, the evaluation team had enough knowledge about are the strengths and weaknesses of the EHR, as well as what opportunities can be taken and the threats that have to be avoided.

This paper investigates whether authentication credentials in the volatile memory of Android mobile devices can be discovered using freely available tools. The experiments that we carried out for each application included two different sets: In the first set, our goal was to check if we could recover our own submitted credentials from the memory dump of the mobile device. In the second set of experiments, the goal was to find patterns that can indicate where the credentials are located in a memory dump of an Android device. The results revealed that the majority of the Android applications are vulnerable to credentials discovery even in case of applications that their security is critical, such as web banking and password manager applications.

This paper conceptualizes perceived benefit as a combination of eco-consciousness, social prestige, and extra services and proposes a research model for user acceptance of tablet computers. The model was tested among newspaper subscribers (n = 904) in one of the Nordic countries using Structural Equation Modeling (SEM).

The findings suggest that attitude toward tablet devices is predicted by eco-consciousness, ease of use, social prestige, and extra services. In turn, attitude along with intention to use predict intention to buy. Furthermore, ease of use was also found to predict extra services.

The present study aims to identify the potential benefits deriving from the introduction of gamification elements in the consumer shopping process, in order to engage consumers in a more ecologically conscious behavior. Interviews with lead consumers show that the gamification of the shopping process results in increment of the stated intention to participate in the shopping process as well as an increment in the stated intention to purchase and an increase in the price premium consumers are willing to pay for environmentally friendly products.

The relation between energy consumption and its environmental impact is weak or even almost inexistent in the Brazilian scenario due to sociocultural reasons. This work takes advantage of an experimental smart grid deployment scenario to propose the concept of Social Eco-feedback Technology. It aims at establishing this relation by promoting a new social affordance (behavior pattern), favoring a new way of perceiving energy. The concept of affordance and artifacts of the Organizational Semiotics are extended to encompass both the analysis of actual and intended behavior through a new technology design.

Participation of people is the most important factor in providing high quality of service in mobile sensing applications. In this paper we study coupons as incentives in order to stimulate users participation, especially in applications that rely on real-time data. We argue that coupons do not only function as incentives to increase user participation, but they can also direct more people to the targeted sensing area, increasing the overall utility of data for service providers. In this paper we study coupons in combination with multi-attributive auctions, which gives the additional advantage to service providers of not having to determine the coupon value that users would expect in exchange for their data. Instead users have to compete with each other to win the auction, choosing coupons of lower values. Even though the combination of coupons with multi-attributive auctions is very attractive for participatory sensing, we also highlight some of the problems coupons have and especially those connected with user privacy.

Despite (i) the recognized benefits of using ontologies in semantic EAI initiatives, (ii) the benefits of using foundational ontologies for promoting meaning negotiation and common understanding, and (iii) the importance of the semantic integration issue in EAI area, foundational ontologies have not yet become widely adopted in EAI initiatives for dealing with semantic conflicts. This has led us to investigate, through a systematic review of the literature, the adoption of foundational ontologies in EAI initiatives, with the purpose of understanding the current role of these ontologies in EAI and identifying gaps for future research, in which the potential benefits of such ontologies could be explored. We consider: (i) the role of foundational ontologies as part of the integration approach; (ii) the use of ontologies at development time and/or at run time; and (iii) the adoption of systematic approaches for semantic EAI.

Innovative services consist the main point of interest so for academics as for the business world. The basic objective of this paper is to demonstrate the way that innovative services may change the “consumer experience” in the airport environment. In the following lines we describe the procedure of designing innovative services, so for consumers’ and visitors’ needs as for the needs of the firms which are operated in the airport environment. In order to achieve this goal, we used so the qualitative approach (such as focus groups), as the quantitative approach (collection of 1106 questionnaires).

Recent advances of virtual networking technologies are gradually forcing companies to focus their knowledge management efforts to external knowledge resources, in order to complement their existing knowledge bases, find expertise, but also harness collective intelligence that is dynamically produced in the virtual environment. Access, exchange and co-creation of customer knowledge is of central importance for companies in this context, as customers who take advantage of Web 2.0 connectivity and social networking tools are gaining importance as competitive and cooperative knowledge actors in companies’ C-Business value networks. In this paper the authors attempt to cover important issues concerning customer knowledge flows between companies and customers through virtual interaction and the important factors that determine value-adding relationships of cooperation with customers for effective knowledge co-creation. They emphasize the need for the formation of a strategic co-opetition perspective for managing these relationships. In this direction, the authors present a theoretical framework that describes Customer Knowledge Management within a C-Business context.

This paper proposes a methodological approach that supports Collective Intelligence towards the design and development of a Business Continuity Plan (BCP), in order to minimize the potential of a disaster in the organization. In this framework, Collective Intelligence (CI) is supported by Web2.0 technologies that act as a diagnostic tool, providing the ability to the community of an organization to contribute with their collective experience and their intelligence, in the resolution of factors affecting the success of the Business Continuity Plan (BCP). E-BCP, the platform developed for the BCP and it is supported by CI, is also presented. Some open research issues have been outlined.

Mobile games in the past years have become a new, growing channel for advertisers to reach their customers. The wide spread use of mobile devices, such as smart phones, tablets and PDAs, facilitates the delivery of a variety of highly targeted interactive advertising messages including the use of mobile games as a media. As the phenomenon is new, the literature on mobile in-game advertising is very scarce. The objective of this research is to bridge this gap by studying the consumers’ general attitudes towards mobile in-game banner advertising (IGBA) as an advertising format and how effective is reward incentives affects the game players’ attitude towards banner advertisements and consequent actions in the mobile game context. A survey research was completed in October 2012, with 426 responses from Finland. The results show that tangible and flexible reward scheme with a link to location based rewards where mobile gamers can redeem physically by converting the points achieved from their game plays, are effective to positively affect their attitudes and intention to take actions.

Adapting to and complying with frequently changing policy against low costs requires flexible business processes. Yet, existing systems are unrelated, consist of operating silos, involve many human translation tasks and policies are hardcoded in business processes. From a technology perspective, both Semantic Web Service (SWS) and Business Rule (BR) can be used to create flexible business processes that can adapt to changes in policy. Despite their potential these technologies are seldom integrated or used in administrative organizations. SWS can be adopted to present functionality needed in processes, whereas the elicitation of BR is an important ingredient for process creation. In this paper, we derive and test guidelines for creating administrative processes that are dynamical created using SWSs and BRs that are derived from policies. A case study is used to demonstrate and evaluate the guidelines. The guidelines can serve as a foundation for developing agile and compliant architectures.

This paper presents the design issues in the visualization of five distinct store layout types in the context of 3D online retailing and discusses appropriate design decisions. The development of the stores is based on the requirements (layout characteristics) elicited from a three-round Delphi method with 3D expert users and designers which served as the qualitative empirical research vehicle. Along with the visualization of the characteristics of each layout type, the theoretical and practical implications, limitations, and the future research avenues of the study are discussed.

The pressing need to deploy the information and communications technology in the public sector effectively and efficiently along with the complexity of the decision making process have thrust research towards the development of public services prioritization models. The purpose of this paper is to outline a general multicriteria decision support method in order to identify the services that, if transformed to electronic ones, would act as ambassadors of the new era. Various technological, social, political and economic criteria have been taken under consideration. The proposed model is based on the Analytic Network Process (ANP), which takes into account both tangible and intangible criteria with interdependencies and feedback among them. A real case scenario concerning a Public Services selection process in Greece has been used to validate the presented model.

E-government benchmarking is being conducted by various organizations but its assessment is based on a limited number of indicators and does not highlight the multidimensional nature of the electronically provided services. This paper outlines a multicriteria evaluation system based on four points of view: (1) infrastructures, (2) investments, (3) e-processes, and (4) users’ attitude in order to evaluate European Union countries. In this paper, twenty one European Union countries are evaluated and ranked over their e-government progress. Their ranking is obtained through an additive value model which is assessed by an ordinal regression method and the use of the decision support system MIIDAS. In order to obtain robust evaluations, given the incomplete determination of inter-criteria model parameters, the extreme ranking analysis method, based on powerful mathematical programming techniques, has been applied to estimate each country’s best and worst possible ranking position.