Trust, Privacy and Security in Digital Business

Attribute-based access control (ABAC) and role-based access control (RBAC) are currently the two most popular access control models. Yet, they both have known limitations and offer features complimentary to each other. Due to this fact, integration of RBAC and ABAC has recently emerged as an important area of research. In this paper, we propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that not only takes contextual information into account while making the access control decisions but is also suitable for applications where access to resources is controlled by exploiting contents of the resources in the policy.

Delegation of access control (i.e. transferring access rights on a resource to another tenant) is crucial to efficiently decentralize the access control management in large and dynamic scenarios. Most of the delegation methods available in the literature are based on the RBAC or ABAC models. However, their applicability can be hampered by: (i) the effort required to manage and enforce multiple roles for each delegatee (i.e. access roles and delegated roles) and (ii) the efforts required to specify constraints for the enforcement of the delegated roles or policies. Moreover, the performance of these methods decreases proportionally as the number of users increase. To tackle these issues, we propose an ontology-based delegation framework that enhances the standard XACML delegation profile by modeling the delegation logics in an ontological way. By means of the ontology, the operations of delegation, verification and revocation of access rights can be performed on the workflow generated by instantiating the ontology classes and their interrelations according to the entities involved in the delegation. By exploiting these workflows, we propose a cost-effective algorithm that performs delegation operations without involving any human intervention.

Reviews are a powerful decision-making tool for potential new customers, since they can significantly influence consumer purchase decisions, hence resulting in financial gains or losses for businesses. In striving for trustworthy review systems, validating reviews that could negatively or positively bias new customers is of utmost importance. To this goal, we propose VISIO: a visualization based representation of reviews that enables quick analysis and elicitation of interesting patterns and singularities. In fact, VISIO is meant to amplify cognition, supporting the process of singling out those reviews that require further analysis. VISIO is based on a theoretically sound approach, while its effectiveness and viability is demonstrated applying it to real data extracted from Tripadvisor and Booking.com.

Covert channels pose a significant threat for networking systems. In this paper, we examine the exploitation of Session Description Protocol (SDP) information residing in Session Initiation Protocol (SIP) requests with the aim to hide data in plain sight. While a significant mass of works in the literature cope with covert communication channels, only a very limited number of them rely on SIP to realize its goals. Also, none of them concentrates on SDP data contained in SIP messages to implement and evaluate such a hidden communication channel. Motivated by this fact, the work at hand proposes and demonstrates the feasibility of a simple but very effective in terms of stealthiness and simplicity SIP-based covert channel for botnet Command and Control (C&C). As a side contribution, we assess the soundness and the impact of such a deployment at the victim’s side via the use of two different types of flooding attacks.

Novel trust and reputation models are frequently proposed by the research community to suit the needs of a specific environment. From the plethora of models that are available, it becomes difficult to know which features can be combined in general-purpose models suitable for commercial use. In order to address this problem, the focus of recent research on trust and reputation systems has been on the identification of common features in order to enable reuse. Organizations who need to use a reputation system within their application domain have to custom build it, which may be challenging for novice developers. This paper defines a strategy to develop a configurable SaaS reputation service that has the ability to support common features, but at the same time accommodate the unique requirements of a variety of online communities. A domain analysis reveals common features that can be arranged and re-organized using variability modeling to enable a SaaS providers to support the configuration of a SaaS reputation service.

With the emergence of widely available hardware and software tools for GSM hacking, the security of cellular networks is threatened even by script kiddies. In this paper we present four different attacks in GSM networks, using commodity hardware as well as open source and freely available software tools. All attacks are performed using a common DVB-T TV tuner, which is used as a sniffer for the GSM radio interface, as well as an Arduino combined with a GSM shield that is used as a software programmable mobile phone. The attacks target both mobile users and the network, ranging from sniffing the signaling traffic to tracking and performing denial of service to the subscribers. Despite the script kiddie style of the attacks, their consequences are critical and threaten the normal operation of the cellular networks.

Having about 80 % of the market share, Android is currently the clearly dominating platform for mobile devices. Application theft and repackaging remains a major threat and a cause of significant losses, affecting as much as 97 % of popular paid apps. The ease of decompilation and reverse engineering of high-level bytecode, in contrast to native binary code, is considered one of the main reasons for the high piracy rate. In this paper, we address this problem by proposing four static obfuscation techniques: native opaque predicates, native control flow flattening, native function indirection, and native field access indirection. These techniques provide a simple and yet effective way of reducing the task of bytecode reverse engineering to the much harder task of reverse engineering native code. For this purpose, native function calls are injected into an app’s bytecode, introducing artificial dependencies between the two execution domains. The adversary is forced to analyze the native code in order to be able to comprehend the overall app’s functionality and to successfully launch static and dynamic analyses. Our evaluation results of the proposed protection methods witness an acceptable cost in terms of execution time and application size, while significantly complicating the reverse-engineering process.

Nowadays most Internet users use resources and services belonging to the cloud. Without a doubt elasticity of cloud environments offer a wide range of advantages to users and IT companies through a wide range of pay-as-you-go services, platforms and infrastructure facilities. However, Internet users express great concerns about the sufficient protection of their privacy when accessing cloud services and more specifically over public clouds. The structure of the cloud environment hinders new privacy issues that designers and developers need to consider when realising cloud services in order for the latter to be trusted by the prospective users. This paper presents a number of privacy-oriented technical concepts that analysts need to consider when designing and modeling privacy-aware systems in a cloud environment. Also it extends the PriS method by presenting a new conceptual model and a respective process for assisting in cloud services’ design and implementation.

Recently there is a trend to use cloud computing on service deployment, enjoying various advantages that it offers with emphasis on the economy which is achieved in the era of the financial crisis. However, along with the transformation of technology, several security issues are raised and especially the threat of malicious insiders. For instance, insiders can use their privileged position to accomplish an attack against the cloud infrastructure. In this paper we introduce a practical and efficient intrusion detection system solution for cloud based on the advantages of CUDA technology. The proposed solution audits the deployed virtual machines operation, and correlates the collected information to detect uncommon behavior based on Smith-Waterman algorithm. To do so, we collect the system calls of cloud virtual machines and compare them with pre-defined attack signatures. We implement the core of the detection module both sequentially and in parallel on CUDA technology. We evaluate our solution on experimental CUDA enabled cloud system in terms of performance using well known attack patterns. Results indicate that our approach improve highly the efficiency of detection in terms of processing time compared to a sequential implementation.

Users are now in possession of an ever-growing number of advance digital devices with a wide range of capabilities which are used for accessing, storing and processing enormous information. A significant proportion of it is often considered sensitive and confidential. Accordingly, each device has its own associated security requirements and configurations. This paper presents the survey results of 302 digital device users, which aimed at exploring their technology usage and security practices, and at investigating their perceptions and satisfaction of associated current and alternative authentication approaches alongside their usability. Furthermore, it sought to analyse users’ awareness and attitudes towards related privacy issues. It is revealed that an inconsistency between users’ perceptions and real practices exists. Despite the widespread interest in more security, there is a quite low number of respondents using or maintaining the available security measures. However, it is apparent that users do not avoid applying the concept of authentication security but avoid the inconvenience of its current common techniques (biometrics are having growing practical interest). The respondents’ perceptions towards Trusted Third-Party (TTP) enable utilising biometrics for a novel authentication solution managed by a TTP working on multi devices to access multi services. However, it must be developed and implemented considerately.

Organizations apply information security policies to foster secure use of information systems but very often employees fail to comply with them. Employees’ security behavior has been the unit of analysis of research from different theoretical approaches, in an effort to identify the factors that influence security policy compliance. Through a systematic analysis of extant literature this paper identifies and categorizes critical factors that shape employee security behavior and proposes security management practices that can enhance security compliance. Research findings inform theory by identifying research gaps and support security management.

INTER-TRUST is a framework for the specification, negotiation, deployment and dynamic adaptation of interoperable security policies, in the context of pervasive systems where devices are constantly exchanging critical information through the network. The dynamic adaptation of the security policies at runtime is addressed using Aspect-Oriented Programming (AOP) that allows enforcing security requirements by dynamically weaving security aspects into the applications. However, a mechanism to guarantee the correct adaptation of the functionality that enforces the changing security policies is needed. In this paper, we present an approach with monitoring and detection techniques in order to maintain the correlation between the security policies and the associated functionality deployed using AOP, allowing the INTER-TRUST framework automatically reacts when needed.

Privacy is a growing concern during software development. Transparency–in the sense of increasing user’s privacy-awareness–is a privacy goal that is not as deeply studied in the literature as the properties anonymity and unlinkability. To be compliant with legislation and standards, requirements engineers have to identify the requirements on transparency that are relevant for the software to be developed. To assist the identification process, we provide a taxonomy of transparency requirements derived from legislation and standards. This taxonomy is validated using related research which was identified using a systematic literature review. Our proposed taxonomy can be used by requirements engineers as basis to systematically identify the relevant transparency requirements leading to a more complete and coherent set of requirements.

Big data is widely considered as the next big trend in e-Government environments but at the same time one of the most emerging and critical issues due to the challenges it imposes. The large amount of data being retained by governmental Service Providers that can be (potentially) exploited during Data Mining and analytics processes, include personal data and personally identifiable information, raising privacy concerns, mostly regarding data minimization and purpose limitation. This paper addresses the consideration of Central Government to aggregate information without revealing personal identifiers of individuals and proposes a privacy preserving methodology that can be easily incorporated into already deployed electronic services and e-Government frameworks through the adoption of scalable and adaptable salted hashing techniques.

A lot of privacy principles have been proposed in the literature with the aim to preserve users’ privacy through the protection of the personal data collected by service providers. Despite the fact that there were remarkable efforts to gather all privacy principles and use them on a common privacy-by-design system, to the best of our knowledge, there is no published methodology that combines in a clear and structured way the existing privacy principles for supporting the design of a Privacy Preserving System. The absence of a widely accepted structured representation of the privacy principles makes their adoption or/and satisfaction difficult and in some cases inconsistent. Considering that privacy protection on its own is not an easy task for an organisation, the “scattered” privacy principles impose significant additional complexity. Consequently, very frequently organizations fail to effectively protect the privacy of their users. In this paper a structured privacy audit methodology that consists of discrete steps that organizations can follow for deciding or/and auditing the privacy protection measures is proposed. Every step is based on the significance of a privacy principle and on the sequence of the audit procedure.