Non-Fungible Tokens (NFTs) are becoming increasingly popular as a way to represent and own digital property. However, the usage of NFTs also prompts questions about privacy. In this work, we show that it is possible to use NFTs to retrieve enough information to fingerprint users. By doing so, we can uniquely associate users with blockchain accounts. This would allow linking several blockchain accounts to the same user. This work focuses on the vulnerabilities presented by some popular NFT marketplaces. Since NFTs may have HTML files embedded, they allow the use of fingerprinting techniques if not handled carefully. Finally, we provide recommendations and countermeasures for the different actors in this ecosystem to avoid these kinds of tracking methods and, in doing so, safeguard user privacy.
作为代表和拥有数字财产的一种方式,不可兑换代币(NFT)正变得越来越流行。然而,NFT 的使用也引发了有关隐私的问题。在这项工作中,我们展示了使用 NFT 获取足够信息来对用户进行指纹识别的可能性。通过这种方法,我们可以将用户与区块链账户唯一关联起来。这样就可以将多个区块链账户与同一个用户联系起来。这项工作的重点是一些流行的 NFT 市场带来的漏洞。由于 NFT 可能嵌入了 HTML 文件,因此如果处理不慎,就有可能使用指纹识别技术。最后,我们为该生态系统中的不同参与者提供了建议和对策,以避免此类跟踪方法,并在此过程中保护用户隐私。
{"title":"“Animation” URL in NFT marketplaces considered harmful for privacy","authors":"Patricia Callejo, Ignacio Gómez Fernández, Marcelo Bagnulo","doi":"10.1007/s10207-024-00908-x","DOIUrl":"https://doi.org/10.1007/s10207-024-00908-x","url":null,"abstract":"<p>Non-Fungible Tokens (NFTs) are becoming increasingly popular as a way to represent and own digital property. However, the usage of NFTs also prompts questions about privacy. In this work, we show that it is possible to use NFTs to retrieve enough information to fingerprint users. By doing so, we can uniquely associate users with blockchain accounts. This would allow linking several blockchain accounts to the same user. This work focuses on the vulnerabilities presented by some popular NFT marketplaces. Since NFTs may have HTML files embedded, they allow the use of fingerprinting techniques if not handled carefully. Finally, we provide recommendations and countermeasures for the different actors in this ecosystem to avoid these kinds of tracking methods and, in doing so, safeguard user privacy.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"189 1","pages":""},"PeriodicalIF":3.2,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142264223","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-04DOI: 10.1007/s10207-024-00894-0
Àlex Miranda-Pascual, Patricia Guerra-Balboa, Javier Parra-Arnau, Jordi Forné, Thorsten Strufe
The privacy risks of processing human locations and their trajectories have been demonstrated by a large number of studies and real-world incidents. As a result, many efforts are aimed at making human location trajectories available for processing while protecting the privacy of individuals. A majority of these, however, are based on concepts and evaluation methodologies that do not always provide convincing results or obvious guarantees. The processing of locations and trajectories yields benefits in numerous domains, from municipal development over traffic engineering to personalized navigation and recommendations. It can also enable a variety of promising, entirely new applications, and is, therefore, the focus of many ongoing projects. With this article, we describe common trajectory types and representations and give a classification of meaningful utility measures, describe risks and attacks, and systematize previously published privacy notions. We then survey the field of protection mechanisms, classifying them into approaches of syntactic privacy, masking for differential privacy (DP), and generative approaches with DP for synthetic data. Key insights are that syntactic notions have serious drawbacks, especially in the field of trajectory data, but also that a large part of the literature that claims DP guarantees is considerably flawed. We also gather evidence that there may be hidden potential in the development of synthetic data generators, probably especially using deep learning with DP, since the utility of synthetic data has not been very satisfactory so far.
{"title":"An overview of proposals towards the privacy-preserving publication of trajectory data","authors":"Àlex Miranda-Pascual, Patricia Guerra-Balboa, Javier Parra-Arnau, Jordi Forné, Thorsten Strufe","doi":"10.1007/s10207-024-00894-0","DOIUrl":"https://doi.org/10.1007/s10207-024-00894-0","url":null,"abstract":"<p>The privacy risks of processing human locations and their trajectories have been demonstrated by a large number of studies and real-world incidents. As a result, many efforts are aimed at making human location trajectories available for processing while protecting the privacy of individuals. A majority of these, however, are based on concepts and evaluation methodologies that do not always provide convincing results or obvious guarantees. The processing of locations and trajectories yields benefits in numerous domains, from municipal development over traffic engineering to personalized navigation and recommendations. It can also enable a variety of promising, entirely new applications, and is, therefore, the focus of many ongoing projects. With this article, we describe common trajectory types and representations and give a classification of meaningful utility measures, describe risks and attacks, and systematize previously published privacy notions. We then survey the field of protection mechanisms, classifying them into approaches of syntactic privacy, masking for differential privacy (DP), and generative approaches with DP for synthetic data. Key insights are that syntactic notions have serious drawbacks, especially in the field of trajectory data, but also that a large part of the literature that claims DP guarantees is considerably flawed. We also gather evidence that there may be hidden potential in the development of synthetic data generators, probably especially using deep learning with DP, since the utility of synthetic data has not been very satisfactory so far.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"101 1","pages":""},"PeriodicalIF":3.2,"publicationDate":"2024-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142207448","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Privacy by Design (PbD) is a well-known concept that aims to provide a high level of protection for privacy throughout the entire life cycle of systems development. Despite the considerable attention from stakeholders such as researchers, government agencies, and system suppliers, the widespread adoption of PbD faces obstacles due to a lack of knowledge, insufficient awareness of PbD benefits, and the absence of specific implementation guidelines. In this study, stakeholders are identified primarily as diverse participants from government agencies and system suppliers engaged in National Identification Systems (NIDS). Specifically, government agencies representing regulatory bodies and administrators of NIDS, setting the legal framework that governs the NIDS’s privacy aspects. The NIDS system suppliers includes private companies playing a crucial role in the development and implementation of NIDS with a focus on privacy considerations. Through the perspectives of NIDS stakeholders, this study aimed to examine the Knowledge, Attitudes and Practices (KAP) of PbD principles and its integration in NIDS. A survey involving 203 participants from government agencies and NIDS system suppliers engaged in NIDS development was conducted. Subsequently, a focus group discussion was held with 11 members to provide qualitative insights into the KAP of PbD. The survey results revealed a significant correlation between attitudes and practices but a weak correlation between knowledge and attitudes or practices. The focus group discussion assured these findings, emphasizing the role of positive attitudes in facilitating PbD practices and highlighting knowledge-practice gaps. In conclusion, this study offers tailored recommendations for improving the integration of PbD in NIDS development. The recommendations includes strategies such as developing training programs, establishing clear guidelines and standards and creating awareness campaigns.
{"title":"Enhancing privacy protections in national identification systems: an examination of stakeholders’ knowledge, attitudes, and practices of privacy by design","authors":"Mohamed Abomhara, Livinus Obiora Nweke, Sule Yildirim Yayilgan, Debora Comparin, Kristel Teyras, Stéphanie de Labriolle","doi":"10.1007/s10207-024-00905-0","DOIUrl":"https://doi.org/10.1007/s10207-024-00905-0","url":null,"abstract":"<p>Privacy by Design (PbD) is a well-known concept that aims to provide a high level of protection for privacy throughout the entire life cycle of systems development. Despite the considerable attention from stakeholders such as researchers, government agencies, and system suppliers, the widespread adoption of PbD faces obstacles due to a lack of knowledge, insufficient awareness of PbD benefits, and the absence of specific implementation guidelines. In this study, stakeholders are identified primarily as diverse participants from government agencies and system suppliers engaged in National Identification Systems (NIDS). Specifically, government agencies representing regulatory bodies and administrators of NIDS, setting the legal framework that governs the NIDS’s privacy aspects. The NIDS system suppliers includes private companies playing a crucial role in the development and implementation of NIDS with a focus on privacy considerations. Through the perspectives of NIDS stakeholders, this study aimed to examine the Knowledge, Attitudes and Practices (KAP) of PbD principles and its integration in NIDS. A survey involving 203 participants from government agencies and NIDS system suppliers engaged in NIDS development was conducted. Subsequently, a focus group discussion was held with 11 members to provide qualitative insights into the KAP of PbD. The survey results revealed a significant correlation between attitudes and practices but a weak correlation between knowledge and attitudes or practices. The focus group discussion assured these findings, emphasizing the role of positive attitudes in facilitating PbD practices and highlighting knowledge-practice gaps. In conclusion, this study offers tailored recommendations for improving the integration of PbD in NIDS development. The recommendations includes strategies such as developing training programs, establishing clear guidelines and standards and creating awareness campaigns.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"57 1","pages":""},"PeriodicalIF":3.2,"publicationDate":"2024-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142207449","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-03DOI: 10.1007/s10207-024-00906-z
Jihane Jebrane, Saiida Lazaar
The integration of the Internet of Things into patient monitoring devices has garnered significant attention, especially in response to the COVID-19 pandemic’s increased focus on telecare services. However, Internet of Medical Things (IoMT) devices are constrained by computational power, memory, and bandwidth, making them vulnerable to security risks associated with data transmissions over public networks. Effective authentication is essential for safeguarding patient data and preventing unauthorized control of medical sensors. Existing IoMT authentication protocols frequently fall short, exposing critical vulnerabilities such as replay and impersonation attacks. This paper extends our prior work on the Improved Lightweight Authentication Protocol (ILAPU-Q), which is based on elliptic curves and the U-Quark hash function. We enhance the ILAPU-Q scheme and present a more secure authentication protocol for embedded medical devices. This enhancement relies on Ciphertext Policy-Attribute Based Encryption (CP-ABE), enabling data sources to protect information by cryptographically enforcing access policies. Implementing CP-ABE within the Telemedicine Information System framework eliminates the need for secure data transmission or storage at a dedicated location. Comprehensive security evaluations, conducted using AVISPA and Burrows-Abadi-Needham logic (BAN Logic), confirm the protocol’s resilience against a broad spectrum of attacks. Moreover, performance assessments reveal significant advancements in computational efficiency, communication overhead, and storage requirements. Notably, our protocol demonstrates an efficiency improvement of approximately 95–98% over other protocols. This substantial improvement in security and performance underscores the practical value and potential of our protocol in advancing IoMT security standards.
{"title":"An enhanced and verifiable lightweight authentication protocol for securing the Internet of Medical Things (IoMT) based on CP-ABE encryption","authors":"Jihane Jebrane, Saiida Lazaar","doi":"10.1007/s10207-024-00906-z","DOIUrl":"https://doi.org/10.1007/s10207-024-00906-z","url":null,"abstract":"<p>The integration of the Internet of Things into patient monitoring devices has garnered significant attention, especially in response to the COVID-19 pandemic’s increased focus on telecare services. However, Internet of Medical Things (IoMT) devices are constrained by computational power, memory, and bandwidth, making them vulnerable to security risks associated with data transmissions over public networks. Effective authentication is essential for safeguarding patient data and preventing unauthorized control of medical sensors. Existing IoMT authentication protocols frequently fall short, exposing critical vulnerabilities such as replay and impersonation attacks. This paper extends our prior work on the Improved Lightweight Authentication Protocol (ILAPU-Q), which is based on elliptic curves and the U-Quark hash function. We enhance the ILAPU-Q scheme and present a more secure authentication protocol for embedded medical devices. This enhancement relies on Ciphertext Policy-Attribute Based Encryption (CP-ABE), enabling data sources to protect information by cryptographically enforcing access policies. Implementing CP-ABE within the Telemedicine Information System framework eliminates the need for secure data transmission or storage at a dedicated location. Comprehensive security evaluations, conducted using AVISPA and Burrows-Abadi-Needham logic (BAN Logic), confirm the protocol’s resilience against a broad spectrum of attacks. Moreover, performance assessments reveal significant advancements in computational efficiency, communication overhead, and storage requirements. Notably, our protocol demonstrates an efficiency improvement of approximately 95–98% over other protocols. This substantial improvement in security and performance underscores the practical value and potential of our protocol in advancing IoMT security standards.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"46 1","pages":""},"PeriodicalIF":3.2,"publicationDate":"2024-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142207450","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-29DOI: 10.1007/s10207-024-00898-w
Takeshi Nakai, Kazumasa Shinagawa
Fairness is a security notion of secure computation and cannot always be achieved if an adversary corrupts a majority of parties in standard settings. Lindell (CT-RSA 2008) showed that imposing a monetary penalty on an adversary can circumvent the impossibility. He formalized such a security notion as “legally enforceable fairness" for the two-party setting based on the ideal trusted bank functionality and showed a protocol achieving the requirements. Based on the same framework, we introduce secure multi-party computation with legally enforceable fairness that is applicable for an arbitrary number of parties. Further, we propose two protocols that realize our introduced functionality. The first one achieves O(n) rounds and (O(n alpha )) fees, where n is the number of parties, and (alpha ) is a parameter for the penalty amount. The fee refers to the balance amount in the bank required at the beginning of the protocol, which evaluates the difficulty of participating in the protocol in a financial sense. The second one achieves O(1) rounds and (O(n^2 alpha )) fees.
{"title":"Secure multi-party computation with legally-enforceable fairness","authors":"Takeshi Nakai, Kazumasa Shinagawa","doi":"10.1007/s10207-024-00898-w","DOIUrl":"https://doi.org/10.1007/s10207-024-00898-w","url":null,"abstract":"<p>Fairness is a security notion of secure computation and cannot always be achieved if an adversary corrupts a majority of parties in standard settings. Lindell (CT-RSA 2008) showed that imposing a monetary penalty on an adversary can circumvent the impossibility. He formalized such a security notion as “legally enforceable fairness\" for the <i>two-party</i> setting based on the ideal trusted bank functionality and showed a protocol achieving the requirements. Based on the same framework, we introduce secure <i>multi-party</i> computation with legally enforceable fairness that is applicable for an arbitrary number of parties. Further, we propose two protocols that realize our introduced functionality. The first one achieves <i>O</i>(<i>n</i>) rounds and <span>(O(n alpha ))</span> fees, where <i>n</i> is the number of parties, and <span>(alpha )</span> is a parameter for the penalty amount. The fee refers to the balance amount in the bank required at the beginning of the protocol, which evaluates the difficulty of participating in the protocol in a financial sense. The second one achieves <i>O</i>(1) rounds and <span>(O(n^2 alpha ))</span> fees.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"5 1","pages":""},"PeriodicalIF":3.2,"publicationDate":"2024-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142207451","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-29DOI: 10.1007/s10207-024-00904-1
Safiullah Khan, Kashif Inayat, Fahad Bin Muslim, Yasir Ali Shah, Muhammad Atif Ur Rehman, Ayesha Khalid, Malik Imran, Akmalbek Abdusalomov
The Internet of Things (IoT) nodes consist of sensors that collect environmental data and then perform data exchange with surrounding nodes and gateways. Cybersecurity attacks pose a threat to the data security that is being transmitted in any IoT network. Cryptographic primitives are widely adopted to address these threats; however, the substantial computation demands limit their applicability in the IoT ecosystem. In addition, each IoT node varies with respect to the area and throughput (TP) requirements, thus demanding flexible implementation for encryption/decryption processes. To solve these issues, this work implements the NIST lightweight cryptography standard, Ascon, on a SAED 32 nm process design kit (PDK) library by employing loop folded, loop unrolled and fully unrolled architectures. The fully unrolled architecture can achieve the highest TP but at the cost of higher area utilisation. Unrolling by a lower factor results in lower area implementations, enabling the exploration of design space to tackle the trade-off between area and TP performance of the design. The implementation results show that, for loop folded architecture, Ascon-128 and Ascon-128a require 36.7k (upmu textrm{m}^{2}) and 38.5k (upmu textrm{m}^{2}) chip area, respectively compared to 277.1k (upmu textrm{m}^{2}) and 306.6k (upmu textrm{m}^{2}) required by their fully unrolled implementations. The proposed implementation strategies can adjust the number of rounds to accommodate the varied requirements of IoT ecosystems. An implementation with an open-source 45 nm PDK library is also undertaken for enhanced generalization and reproducibility of the results.
{"title":"Securing the IoT ecosystem: ASIC-based hardware realization of Ascon lightweight cipher","authors":"Safiullah Khan, Kashif Inayat, Fahad Bin Muslim, Yasir Ali Shah, Muhammad Atif Ur Rehman, Ayesha Khalid, Malik Imran, Akmalbek Abdusalomov","doi":"10.1007/s10207-024-00904-1","DOIUrl":"https://doi.org/10.1007/s10207-024-00904-1","url":null,"abstract":"<p>The Internet of Things (IoT) nodes consist of sensors that collect environmental data and then perform data exchange with surrounding nodes and gateways. Cybersecurity attacks pose a threat to the data security that is being transmitted in any IoT network. Cryptographic primitives are widely adopted to address these threats; however, the substantial computation demands limit their applicability in the IoT ecosystem. In addition, each IoT node varies with respect to the area and throughput (TP) requirements, thus demanding flexible implementation for encryption/decryption processes. To solve these issues, this work implements the NIST lightweight cryptography standard, Ascon, on a SAED 32 nm process design kit (PDK) library by employing loop folded, loop unrolled and fully unrolled architectures. The fully unrolled architecture can achieve the highest TP but at the cost of higher area utilisation. Unrolling by a lower factor results in lower area implementations, enabling the exploration of design space to tackle the trade-off between area and TP performance of the design. The implementation results show that, for loop folded architecture, Ascon-128 and Ascon-128a require 36.7k <span>(upmu textrm{m}^{2})</span> and 38.5k <span>(upmu textrm{m}^{2})</span> chip area, respectively compared to 277.1k <span>(upmu textrm{m}^{2})</span> and 306.6k <span>(upmu textrm{m}^{2})</span> required by their fully unrolled implementations. The proposed implementation strategies can adjust the number of rounds to accommodate the varied requirements of IoT ecosystems. An implementation with an open-source 45 nm PDK library is also undertaken for enhanced generalization and reproducibility of the results.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"10 1","pages":""},"PeriodicalIF":3.2,"publicationDate":"2024-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142207452","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-29DOI: 10.1007/s10207-024-00903-2
Mohamed Amine Merzouk, Christopher Neal, Joséphine Delas, Reda Yaich, Nora Boulahia-Cuppens, Frédéric Cuppens
Machine learning techniques, including Deep Reinforcement Learning (DRL), enhance intrusion detection systems by adapting to new threats. However, DRL’s reliance on vulnerable deep neural networks leads to susceptibility to adversarial examples-perturbations designed to evade detection. While adversarial examples are well-studied in deep learning, their impact on DRL-based intrusion detection remains underexplored, particularly in critical domains. This article conducts a thorough analysis of DRL-based intrusion detection’s vulnerability to adversarial examples. It systematically evaluates key hyperparameters such as DRL algorithms, neural network depth, and width, impacting agents’ robustness. The study extends to black-box attacks, demonstrating adversarial transferability across DRL algorithms. Findings emphasize neural network architecture’s critical role in DRL agent robustness, addressing underfitting and overfitting challenges. Practical implications include insights for optimizing DRL-based intrusion detection agents to enhance performance and resilience. Experiments encompass multiple DRL algorithms tested on three datasets: NSL-KDD, UNSW-NB15, and CICIoV2024, against gradient-based adversarial attacks, with publicly available implementation code.�
{"title":"Adversarial robustness of deep reinforcement learning-based intrusion detection","authors":"Mohamed Amine Merzouk, Christopher Neal, Joséphine Delas, Reda Yaich, Nora Boulahia-Cuppens, Frédéric Cuppens","doi":"10.1007/s10207-024-00903-2","DOIUrl":"https://doi.org/10.1007/s10207-024-00903-2","url":null,"abstract":"<p>Machine learning techniques, including Deep Reinforcement Learning (DRL), enhance intrusion detection systems by adapting to new threats. However, DRL’s reliance on vulnerable deep neural networks leads to susceptibility to adversarial examples-perturbations designed to evade detection. While adversarial examples are well-studied in deep learning, their impact on DRL-based intrusion detection remains underexplored, particularly in critical domains. This article conducts a thorough analysis of DRL-based intrusion detection’s vulnerability to adversarial examples. It systematically evaluates key hyperparameters such as DRL algorithms, neural network depth, and width, impacting agents’ robustness. The study extends to black-box attacks, demonstrating adversarial transferability across DRL algorithms. Findings emphasize neural network architecture’s critical role in DRL agent robustness, addressing underfitting and overfitting challenges. Practical implications include insights for optimizing DRL-based intrusion detection agents to enhance performance and resilience. Experiments encompass multiple DRL algorithms tested on three datasets: NSL-KDD, UNSW-NB15, and CICIoV2024, against gradient-based adversarial attacks, with publicly available implementation code.\u0000</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"19 1","pages":""},"PeriodicalIF":3.2,"publicationDate":"2024-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142207453","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-23DOI: 10.1007/s10207-024-00907-y
Pedro Antunes, Nuno Guimarães
Privacy by design is nowadays recognized as essential in bringing data privacy into software systems. However, developers still face many challenges in reconciling privacy and software requirements and implementing privacy protections in software systems. One emerging trend is the adoption of microservices architectures—they bring in some qualities that can benefit privacy by design. The main goal of this study is to adapt privacy by design to the qualities brought by microservices. The main focus is at the architectural level, where the main structural decisions are made. A systematic literature review is adopted to identify a set of privacy models that underscore significant differences in software systems’ protection using microservices. From the literature review, a decision framework is developed. The decision framework provides guidance and supports design decisions in implementing data privacy using microservices. The framework helps select and integrate different privacy models. An illustration of using the framework, which considers the design of an electronic voting system, is provided. This study contributes to closing the gap between regulation and implementation through design, where decisions related to data privacy are integrated with decisions on architecting systems using microservices.
{"title":"Guiding the implementation of data privacy with microservices","authors":"Pedro Antunes, Nuno Guimarães","doi":"10.1007/s10207-024-00907-y","DOIUrl":"https://doi.org/10.1007/s10207-024-00907-y","url":null,"abstract":"<p>Privacy by design is nowadays recognized as essential in bringing data privacy into software systems. However, developers still face many challenges in reconciling privacy and software requirements and implementing privacy protections in software systems. One emerging trend is the adoption of microservices architectures—they bring in some qualities that can benefit privacy by design. The main goal of this study is to adapt privacy by design to the qualities brought by microservices. The main focus is at the architectural level, where the main structural decisions are made. A systematic literature review is adopted to identify a set of privacy models that underscore significant differences in software systems’ protection using microservices. From the literature review, a decision framework is developed. The decision framework provides guidance and supports design decisions in implementing data privacy using microservices. The framework helps select and integrate different privacy models. An illustration of using the framework, which considers the design of an electronic voting system, is provided. This study contributes to closing the gap between regulation and implementation through design, where decisions related to data privacy are integrated with decisions on architecting systems using microservices.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"15 1","pages":""},"PeriodicalIF":3.2,"publicationDate":"2024-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142207470","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-20DOI: 10.1007/s10207-024-00900-5
Abdulrahman K. Alnaim
5G, the current generation of communication networks is based on the standards defined by 3GPP and other organizations (ETSI, ENISA, NGMN). These standards define virtual networks supported by three basic technologies, SDN, NFV, and Network Slicing. Virtual networks are primarily built using software and have clear advantages that appear to be reduced because of the corresponding loss in security due to the larger attack surface of this type of network. On the other hand, virtual networks can be made even more secure than hardware-based networks by leveraging the flexibility and adaptability of virtual functions and numerous articles have studied different aspects of their security. Current work goes from proposals for specific mechanisms to general studies of threats and defenses. Some of these are systematic literature reviews considering everything published on a specific theme. We prefer to analyze carefully selected papers considered significant and produce from them an overview of the status of the security of the network technologies used by 5G. After this analysis, we have found that although there are many studies of threats, they are not systematic and have confusions about concepts that may mislead implementers; we also found that the large variety of defenses can be confusing to designers. We have therefore conducted a critical analysis of threats and defenses to provide a clear perspective of how to secure these networks. Based on this perspective, we propose directions for research to improve or extend current defenses. We note that although virtual networks have special characteristics, they are examples of systems and much of the theory of systems security applies to them.
{"title":"Securing 5G virtual networks: a critical analysis of SDN, NFV, and network slicing security","authors":"Abdulrahman K. Alnaim","doi":"10.1007/s10207-024-00900-5","DOIUrl":"https://doi.org/10.1007/s10207-024-00900-5","url":null,"abstract":"<p>5G, the current generation of communication networks is based on the standards defined by 3GPP and other organizations (ETSI, ENISA, NGMN). These standards define virtual networks supported by three basic technologies, SDN, NFV, and Network Slicing. Virtual networks are primarily built using software and have clear advantages that appear to be reduced because of the corresponding loss in security due to the larger attack surface of this type of network. On the other hand, virtual networks can be made even more secure than hardware-based networks by leveraging the flexibility and adaptability of virtual functions and numerous articles have studied different aspects of their security. Current work goes from proposals for specific mechanisms to general studies of threats and defenses. Some of these are systematic literature reviews considering everything published on a specific theme. We prefer to analyze carefully selected papers considered significant and produce from them an overview of the status of the security of the network technologies used by 5G. After this analysis, we have found that although there are many studies of threats, they are not systematic and have confusions about concepts that may mislead implementers; we also found that the large variety of defenses can be confusing to designers. We have therefore conducted a critical analysis of threats and defenses to provide a clear perspective of how to secure these networks. Based on this perspective, we propose directions for research to improve or extend current defenses. We note that although virtual networks have special characteristics, they are examples of systems and much of the theory of systems security applies to them.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"7 1","pages":""},"PeriodicalIF":3.2,"publicationDate":"2024-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142207471","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-16DOI: 10.1007/s10207-024-00883-3
Stephen Cook, Maryam Mehrnezhad, Ehsan Toreini
The number of digital health products is increasing faster than ever. These technologies (e.g. mobile apps and connected devices) collect massive amounts of data about their users, including health, medical, sex life, and other intimate data. In this paper, we study a set of 21 Internet of Things (IoT) devices advertised for general and intimate health purposes of female bodies (aka female-oriented technologies or FemTech). We focus on the security of the Bluetooth connection and communications between the IoT device and the mobile app. Our results highlight serious security issues in the current off-the-shelf FemTech devices. These include unencrypted Bluetooth traffic, unknown Bluetooth services and insecure Bluetooth authentication when connecting to the app. We implement Bluetooth attacks on the communication between these devices and apps, resulting in malfunctioning of the device and app. We discuss our results and provide recommendations for different stakeholders to improve the security practices of Bluetooth-enabled IoT devices in such a sensitive and intimate domain.�
{"title":"Bluetooth security analysis of general and intimate health IoT devices and apps: the case of FemTech","authors":"Stephen Cook, Maryam Mehrnezhad, Ehsan Toreini","doi":"10.1007/s10207-024-00883-3","DOIUrl":"https://doi.org/10.1007/s10207-024-00883-3","url":null,"abstract":"<p>The number of digital health products is increasing faster than ever. These technologies (e.g. mobile apps and connected devices) collect massive amounts of data about their users, including health, medical, sex life, and other intimate data. In this paper, we study a set of 21 Internet of Things (IoT) devices advertised for general and intimate health purposes of female bodies (aka female-oriented technologies or FemTech). We focus on the security of the Bluetooth connection and communications between the IoT device and the mobile app. Our results highlight serious security issues in the current off-the-shelf FemTech devices. These include unencrypted Bluetooth traffic, unknown Bluetooth services and insecure Bluetooth authentication when connecting to the app. We implement Bluetooth attacks on the communication between these devices and apps, resulting in malfunctioning of the device and app. We discuss our results and provide recommendations for different stakeholders to improve the security practices of Bluetooth-enabled IoT devices in such a sensitive and intimate domain.\u0000</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"6 1","pages":""},"PeriodicalIF":3.2,"publicationDate":"2024-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142207472","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号