وبلاگ بلیان

Trust, Privacy and Security in Digital Business: 17th International Conference, TrustBus 2020, Bratislava, Slovakia, September 14–17, 2020, Proceedings (Security and Cryptology Book 12395)

معرفی کتاب «Trust, Privacy and Security in Digital Business: 17th International Conference, TrustBus 2020, Bratislava, Slovakia, September 14–17, 2020, Proceedings (Security and Cryptology Book 12395)» نوشتهٔ Stefanos Gritzalis, Edgar R. Weippl, Gabriele Kotsis, A. Min Tjoa, Ismail Khalil، منتشرشده توسط نشر Springer International Publishing : Imprint : Springer در سال 1239. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

This book constitutes the refereed proceedings of the 17th International Conference on Trust, Privacy and Security in Digital Business, TrustBus 2020, held in Bratislava, Slovakia, in September 2020. The conference was held virtually due to the COVID-19 pandemic. The 11 full and 4 short papers presented were carefully reviewed and selected from 28 submissions. The papers are organized in the following topical sections: blockchain, cloud security/hardware; economics/privacy; human aspects; privacy; privacy and machine learning; trust. Preface 6 Organization 7 Contents 9 Blockchain 11 Analysis of uPort Open, an Identity Management Blockchain-Based Solution 12 1 Introduction 12 2 Background 13 3 Results and Discussion 15 3.1 Risk Responsibility 15 3.2 Code Analysis 15 3.3 Advanced Usage and Transactions Analytics 17 4 Conclusions 20 References 21 Cloud Security/Hardware 23 Cloud Computing Framework for e-Health Security Requirements and Security Policy Rules Case Study: A European Cloud-Based Health System 24 1 Introduction - Information Privacy in Health Informatics 24 2 Case Study of Europe: e-Health Cloud-Based System 26 2.1 Background of the Information Systems in Europe 26 3 e-Health Cloud Computing Implementations Issues 27 4 Major Security Requirements in Cloud-Based Health Systems 28 5 Security Policy Rules for Every Category of Threats 32 6 Conclusions 34 References 36 On the Suitability of Using SGX for Secure Key Storage in the Cloud 39 1 Introduction 39 1.1 Contribution 40 2 Related Work 41 3 Background 41 3.1 Hardware Security Modules 41 3.2 Software Guard Extensions 42 3.3 FIPS 140–3 42 4 Evaluation Using FIPS 140–3 44 4.1 Scenario and Threat Model 44 4.2 Identifying FIPS 140–3 Requirements 45 4.3 Evaluating FIPS 140–3 Requirements 46 4.4 FIPS 140–3 Evaluation Results 48 5 A Threat Based Security Model 48 5.1 Motivation 48 5.2 Model Description 49 6 Mapping Our Security Model to FIPS 140–3 50 6.1 Methodology 50 6.2 Mapping the Threat Model 51 7 Conclusions 52 References 52 Employment of Secure Enclaves in Cheat Detection Hardening 55 1 Introduction 55 1.1 Contributions 56 1.2 Scope and Outline 56 2 Related Work 57 2.1 Background 57 2.2 State-of-the-Art Anti-cheats 59 3 Implementation 60 3.1 Enclave Creation 60 3.2 Runtime Protection 61 4 Security Analysis 63 5 Evaluation 65 5.1 Methodology 65 5.2 Results 66 6 Conclusions and Future Work 67 References 68 Economics/Privacy 70 SECONDO: A Platform for Cybersecurity Investments and Cyber Insurance Decisions 71 1 Introduction 71 1.1 Motivation 72 1.2 Limitations 72 2 SECONDO Architecture and Components 73 2.1 Quantitative Risk Assessment and Data Analytics 73 2.2 Cyber Security Investments and Blockchain 74 2.3 Cyber Insurance and Smart Contracts 75 3 Use Case: Cyber-Physical Risk Transfer in Maritime 76 3.1 Cyber-Insurance in Maritime 76 3.2 SECONDO Application 77 3.3 Attack Scenario 78 4 Conclusion and Future Work 79 References 80 Are Sensor-Based Business Models a Threat to Privacy? The Case of Pay-How-You-Drive Insurance Models 81 1 Introduction 81 2 Analysis of Usage Based Insurance Models 82 2.1 Metamodell of UBI Schemes 82 2.2 Overview of Rates 83 2.3 The Formulated Privacy Problem 84 3 Scenario 84 3.1 Data Set 85 3.2 Attacker Model 85 4 Method for Driver Identification a 85 4.1 Manoeuvre 85 4.2 Conversion and Interpretation 86 4.3 Detection 86 5 Anonymisation Function f 86 5.1 Requirements 87 5.2 Process 87 6 Evaluation 87 6.1 Identification 88 6.2 Anonymisation 89 7 Related Work 89 8 Conclusion 89 References 90 Human Aspects 92 Microtargeting or Microphishing? Phishing Unveiled 93 1 Introduction 93 2 Related Literature 95 3 Experimental Design and Results 98 4 Evaluation and Discussion 102 5 Conclusions and Future Work 106 References 107 Privacy 110 Privacy-Preserving Service Composition with Enhanced Flexibility and Efficiency 111 1 Introduction 111 2 Related Work 113 3 Background 114 3.1 Attribute-Based Encryption 114 3.2 Outsourced Decryption and Collaborative Key Management 116 4 System Model 117 4.1 Actors and Data Flow 117 4.2 Security Objectives 118 5 Composition Architecture and Protocol 119 5.1 Components 119 5.2 Protocol for Privacy-Preserving Service Composition 120 6 Evaluation 121 6.1 Case Study 121 6.2 Implementation and Performance 122 6.3 Discussion 124 7 Conclusion 125 References 125 An Empirical Investigation of the Right to Explanation Under GDPR in Insurance 127 1 Introduction 127 2 Related Work 129 3 Legal Background 130 4 Method 132 5 Results 133 5.1 Descriptive Statistics 133 5.2 Pricing Information 134 5.3 Procedural Information 136 6 Discussion 136 6.1 Validity and Reliability 136 6.2 Alignment with GDPR 138 6.3 Generalization to Other Contexts 138 7 Conclusion and Future Work 139 References 140 Measuring Users’ Socio-contextual Attributes for Self-adaptive Privacy Within Cloud-Computing Environments 142 1 Introduction 142 2 Self-adaptive Privacy Preserving Schemes 144 3 Exploring Users’ Socio-contextual Attributes 145 4 An Interdisciplinary Scale for Self-adaptive Privacy 147 4.1 Previous Privacy Management Metrics 147 4.2 Scale Development 149 5 Conclusions 152 References 154 Empowering Users Through a Privacy Middleware Watchdog 158 1 Introduction 158 2 Related Work 159 3 Conceptual Design 160 4 Architecture 161 4.1 White-Box Devices 161 4.2 Black-Box Devices 162 4.3 Permissions Controller 162 4.4 Router 164 5 Evaluation 164 5.1 Setup 165 5.2 Implementation 165 5.3 Results 168 6 Security Analysis 168 6.1 Threat Model 168 6.2 Attack Scenarios 169 7 Conclusions and Future Work 170 References 170 Utility Requirement Description for Utility-Preserving and Privacy-Respecting Data Pseudonymization 173 1 Introduction 173 2 Background 175 3 Related Work 176 4 Utility and Privacy Requirements 177 4.1 Utility Requirements 177 4.2 Privacy Requirements 178 5 Utility Policy Language Util 180 6 Pseudonym Construction and Transformation Rules 181 7 Conclusions and Future Work 186 References 186 DEFeND DSM: A Data Scope Management Service for Model-Based Privacy by Design GDPR Compliance 188 1 Introduction 189 2 PbD Activities and Strategies for GDPR Compliance 190 2.1 Identified Activities and Strategies for PbD 191 3 DEFeND Data Scope Management (DSM) Service, Case Study and Evaluation 192 3.1 DSM Components, Integrated Tools and Data Models 193 3.2 Case Study, Storyline and DSM PbD Flow 193 3.3 Evaluation 199 4 Related Work 200 4.1 Industry Comparison 200 4.2 Research Novelty 201 5 Conclusions 202 References 202 Privacy and Machine Learning 204 A Distributed Trust Framework for Privacy-Preserving Machine Learning 205 1 Introduction 205 2 Background and Related Work 207 2.1 Trust and the Data Industry 207 2.2 Decentralised Identifiers (DIDs) 208 2.3 DID Communication (DIDComm) 208 2.4 Verifiable Credentials (VCs) 209 2.5 Federated Machine-Learning (FL) 210 3 Implementation Overview 211 3.1 Establishing Trust 212 3.2 Vanilla Federated Learning 213 4 Threat Model 213 5 Evaluation 214 6 Conclusion and Future Work 216 References 217 Trust 221 A Fuzzy Trust Model for Autonomous Entities Acting in Pervasive Computing 222 1 Introduction 222 2 Related Work 223 3 Preliminaries 225 3.1 Trust 225 3.2 Reputation 225 3.3 Referrals 226 4 The Fuzzy Trust Model 226 4.1 High Level Architecture 226 4.2 The Social Trust Subsystem 227 4.3 The Individual Trust Sub-system 228 4.4 The Final Trust Calculation 228 5 Experimental Evaluation 229 6 Conclusions 230 References 231 Author Index 233 Front Matter ....Pages i-x Front Matter ....Pages 1-1 Analysis of uPort Open, an Identity Management Blockchain-Based Solution (Andreea-Elena Panait, Ruxandra F. Olimid, Alin Stefanescu)....Pages 3-13 Front Matter ....Pages 15-15 Cloud Computing Framework for e-Health Security Requirements and Security Policy Rules Case Study: A European Cloud-Based Health System (Dimitra Georgiou, Costas Lambrinoudakis)....Pages 17-31 On the Suitability of Using SGX for Secure Key Storage in the Cloud (Joakim Brorsson, Pegah Nikbakht Bideh, Alexander Nilsson, Martin Hell)....Pages 32-47 Employment of Secure Enclaves in Cheat Detection Hardening (André Brandão, João S. Resende, Rolando Martins)....Pages 48-62 Front Matter ....Pages 63-63 SECONDO: A Platform for Cybersecurity Investments and Cyber Insurance Decisions (Aristeidis Farao, Sakshyam Panda, Sofia Anna Menesidou, Entso Veliou, Nikolaos Episkopos, George Kalatzantonakis et al.)....Pages 65-74 Are Sensor-Based Business Models a Threat to Privacy? The Case of Pay-How-You-Drive Insurance Models (Christian Roth, Sebastian Aringer, Johannes Petersen, Mirja Nitschke)....Pages 75-85 Front Matter ....Pages 87-87 Microtargeting or Microphishing? Phishing Unveiled (Bridget Khursheed, Nikolaos Pitropakis, Sean McKeown, Costas Lambrinoudakis)....Pages 89-105 Front Matter ....Pages 107-107 Privacy-Preserving Service Composition with Enhanced Flexibility and Efficiency (Kevin Theuermann, Felix Hoerandner, Andreas Abraham, Dominik Ziegler)....Pages 109-124 An Empirical Investigation of the Right to Explanation Under GDPR in Insurance (Jacob Dexe, Jonas Ledendal, Ulrik Franke)....Pages 125-139 Measuring Users’ Socio-contextual Attributes for Self-adaptive Privacy Within Cloud-Computing Environments (Angeliki Kitsiou, Eleni Tzortzaki, Christos Kalloniatis, Stefanos Gritzalis)....Pages 140-155 Empowering Users Through a Privacy Middleware Watchdog (Patrícia R. Sousa, Rolando Martins, Luís Antunes)....Pages 156-170 Utility Requirement Description for Utility-Preserving and Privacy-Respecting Data Pseudonymization (Saffija Kasem-Madani, Michael Meier)....Pages 171-185 DEFeND DSM: A Data Scope Management Service for Model-Based Privacy by Design GDPR Compliance (Luca Piras, Mohammed Ghazi Al-Obeidallah, Michalis Pavlidis, Haralambos Mouratidis, Aggeliki Tsohou, Emmanouil Magkos et al.)....Pages 186-201 Front Matter ....Pages 203-203 A Distributed Trust Framework for Privacy-Preserving Machine Learning (Will Abramson, Adam James Hall, Pavlos Papadopoulos, Nikolaos Pitropakis, William J. Buchanan)....Pages 205-220 Front Matter ....Pages 221-221 A Fuzzy Trust Model for Autonomous Entities Acting in Pervasive Computing (Kostas Kolomvatsos, Maria Kalouda, Panagiota Papadopoulou, Stathes Hadjieftymiades)....Pages 223-233 Back Matter ....Pages 235-235
دانلود کتاب Trust, Privacy and Security in Digital Business: 17th International Conference, TrustBus 2020, Bratislava, Slovakia, September 14–17, 2020, Proceedings (Security and Cryptology Book 12395)