Int. Workshop on Information Systems for Social Innovation (ISSI) 2013 Session: Systems Resilience
National Institute of Informatics, Tokyo, Japan
February 4, 2014
http://tric.rois.ac.jp/human/ISSI2013/
This document summarizes research on Internet of Things (IoT) malware based on a literature review. It defines IoT and IoT malware, categorizes common types of IoT malware, and discusses platforms and operating systems that are targets for IoT malware. The document analyzes reference models for IoT security and surveys recent studies on malware affecting popular mobile and embedded operating systems like Android, iOS, ARM mbed OS, and TinyOS.
The project sets out to study the level of awareness and perception of IT security amongst university students, paying particular attention to the world of mobile devices. The report analyses the answers given by 1012 students from over 15 Italian universities to a multiple-choice questionnaire. The analysis shows that students’ perception of their knowledge is generally wrong and that they are unaware of the risks arising from their behaviour. In view of these risks, a proposal has been made to implement technical and legal measures to reduce future problems deriving from faulty or lax adoption of security measures on their mobile devices.
Review on mobile threats and detection techniquesijdpsjournal
Since last-decade, smart-phones have gained widespread usage. Mobile devices store personal details
such as contacts and text messages. Due to this extensive growth, smart-phones are attracted towards
cyber-criminals. In this research work, we have done a systematic review of the terms related to malware
detection algorithms and have also summarized behavioral description of some known mobile malwares
in tabular form. After careful solicitation of all the possible methods and algorithms for detection of
mobile-based malwares, we give some recommendations for designing future malware detection algorithm
by considering computational complexity and detection ration of mobile malwares.
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...Maurice Dawson
Mobile devices are becoming a method to provide an efficient and convenient way to access, find and share information; however, the availability of this information has caused an increase in cyber attacks. Currently, cyber threats range from Trojans and viruses to botnets and toolkits. Presently, 96% of mobile devices do not have preinstalled security software while approximately 65% of the vulnerabilities are found within the application layer. This lack in security and policy driven systems is an opportunityfor malicious cyber attackers to hack into the various popular devices. Traditional security software found in desktop computing platforms, such as firewalls, antivirus, and encryption, is widely used by the general public in mobile devices. Moreover, mobile devices are even more vulnerable than personal desktop computers because more people are using mobile devices to do personal tasks. This review attempts to display the importance of developing a national security policy created for mobile devices in order to protect sensitive and confidential data. Results of this review provide methods to address security related issues in mobile devices.
Detecting HTTP Botnet using Artificial Immune System (AIS)sadique_ghitm
This document proposes a new framework for detecting HTTP botnets using an Artificial Immune System (AIS). AIS is a bio-inspired model that applies concepts from the human immune system to solve information security problems. The proposed framework uses AIS techniques to detect malicious activities like spamming and port scanning on networks infected with HTTP bots. Experimental evaluations showed the approach can successfully detect HTTP botnet activities with high efficiency and low false positive rates.
With the rise of Web 2.0, Twitter has become a tool of choice for universities looking to increase their digital footprint. However there is not much guidance given into the protections of these tweets or the secure integration of Twitter into other Web 2.0 applications. As the debate for cyber threat continue to increase, these tweets must be protected and delivered in a manner that protects the sender. Explored in this report are the methods in which Twitter and its data can be exploited for nefarious use.
Malware threat analysis techniques and approaches for IoT applications: a reviewjournalBEEI
Internet of things (IoT) is a concept that has been widely used to improve business efficiency and customer’s experience. It involves resource constrained devices connecting to each other with a capability of sending data, and some with receiving data at the same time. The IoT environment enhances user experience by giving room to a large number of smart devices to connect and share information. However, with the sophistication of technology has resulted in IoT applications facing with malware threat. Therefore, it becomes highly imperative to give an understanding of existing state-of-the-art techniques developed to address malware threat in IoT applications. In this paper, we studied extensively the adoption of static, dynamic and hybrid malware analyses in proffering solution to the security problems plaguing different IoT applications. The success of the reviewed analysis techniques were observed through case studies from smart homes, smart factories, smart gadgets and IoT application protocols. This study gives a better understanding of the holistic approaches to malware threats in IoT applications and the way forward for strengthening the protection defense in IoT applications.
VIRTUAL MACHINES DETECTION METHODS USING IP TIMESTAMPS PATTERN CHARACTERISTICijcsit
Virtual machines (VMs) are underlying technologies of IT solutions such as cloud computing. VMs provide
ease of use through their on-demand characteristics and provide huge benefits in terms of lowering costs and
improving scalability. VMs are also being used as malware detection systems, and with the rapidly expanding
usage of mobile devices, besides of their usage as honeypots, VMs are coming to be used as emulators for
detecting malware in apps. This is due to the limited resources, such as processing power, available in mobile
devices. Currently, the security of applications for mobile devices is checked by running them in VM
environments before they are released to the end user. We argue that such a process may cause or overlook
serious security threats to the end user. In particular, if a piece of malware can detect its current running
environment, it may change its behavior such that it doesn’t perform malicious operations in environments it
suspects to be emulators. In this way, when the malware detects that its running environment is on a VM, it
may be able to hide from the security system on the VM. This is a potential security hazard for end users,
especially users of mobile devices. In this paper, we present a VM detection method that we argue could be
used for remotely detecting VM environments. The detection method works by analyzing the pattern of IP
timestamps in replies sent from the target environment. The method does not require any installation of
software on the target machine which further increase its potential harm if it were to be used by malware to
detect VM environments. In this paper, we also present a technique to disguise a real PC machine such that it
shows the similar IP timestamp patterns as the VM. By using this technique, malware may not be able to
differentiate between a real machine and a VM, thus providing protection to PC end users.
This document summarizes research on Internet of Things (IoT) malware based on a literature review. It defines IoT and IoT malware, categorizes common types of IoT malware, and discusses platforms and operating systems that are targets for IoT malware. The document analyzes reference models for IoT security and surveys recent studies on malware affecting popular mobile and embedded operating systems like Android, iOS, ARM mbed OS, and TinyOS.
The project sets out to study the level of awareness and perception of IT security amongst university students, paying particular attention to the world of mobile devices. The report analyses the answers given by 1012 students from over 15 Italian universities to a multiple-choice questionnaire. The analysis shows that students’ perception of their knowledge is generally wrong and that they are unaware of the risks arising from their behaviour. In view of these risks, a proposal has been made to implement technical and legal measures to reduce future problems deriving from faulty or lax adoption of security measures on their mobile devices.
Review on mobile threats and detection techniquesijdpsjournal
Since last-decade, smart-phones have gained widespread usage. Mobile devices store personal details
such as contacts and text messages. Due to this extensive growth, smart-phones are attracted towards
cyber-criminals. In this research work, we have done a systematic review of the terms related to malware
detection algorithms and have also summarized behavioral description of some known mobile malwares
in tabular form. After careful solicitation of all the possible methods and algorithms for detection of
mobile-based malwares, we give some recommendations for designing future malware detection algorithm
by considering computational complexity and detection ration of mobile malwares.
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...Maurice Dawson
Mobile devices are becoming a method to provide an efficient and convenient way to access, find and share information; however, the availability of this information has caused an increase in cyber attacks. Currently, cyber threats range from Trojans and viruses to botnets and toolkits. Presently, 96% of mobile devices do not have preinstalled security software while approximately 65% of the vulnerabilities are found within the application layer. This lack in security and policy driven systems is an opportunityfor malicious cyber attackers to hack into the various popular devices. Traditional security software found in desktop computing platforms, such as firewalls, antivirus, and encryption, is widely used by the general public in mobile devices. Moreover, mobile devices are even more vulnerable than personal desktop computers because more people are using mobile devices to do personal tasks. This review attempts to display the importance of developing a national security policy created for mobile devices in order to protect sensitive and confidential data. Results of this review provide methods to address security related issues in mobile devices.
Detecting HTTP Botnet using Artificial Immune System (AIS)sadique_ghitm
This document proposes a new framework for detecting HTTP botnets using an Artificial Immune System (AIS). AIS is a bio-inspired model that applies concepts from the human immune system to solve information security problems. The proposed framework uses AIS techniques to detect malicious activities like spamming and port scanning on networks infected with HTTP bots. Experimental evaluations showed the approach can successfully detect HTTP botnet activities with high efficiency and low false positive rates.
With the rise of Web 2.0, Twitter has become a tool of choice for universities looking to increase their digital footprint. However there is not much guidance given into the protections of these tweets or the secure integration of Twitter into other Web 2.0 applications. As the debate for cyber threat continue to increase, these tweets must be protected and delivered in a manner that protects the sender. Explored in this report are the methods in which Twitter and its data can be exploited for nefarious use.
Malware threat analysis techniques and approaches for IoT applications: a reviewjournalBEEI
Internet of things (IoT) is a concept that has been widely used to improve business efficiency and customer’s experience. It involves resource constrained devices connecting to each other with a capability of sending data, and some with receiving data at the same time. The IoT environment enhances user experience by giving room to a large number of smart devices to connect and share information. However, with the sophistication of technology has resulted in IoT applications facing with malware threat. Therefore, it becomes highly imperative to give an understanding of existing state-of-the-art techniques developed to address malware threat in IoT applications. In this paper, we studied extensively the adoption of static, dynamic and hybrid malware analyses in proffering solution to the security problems plaguing different IoT applications. The success of the reviewed analysis techniques were observed through case studies from smart homes, smart factories, smart gadgets and IoT application protocols. This study gives a better understanding of the holistic approaches to malware threats in IoT applications and the way forward for strengthening the protection defense in IoT applications.
VIRTUAL MACHINES DETECTION METHODS USING IP TIMESTAMPS PATTERN CHARACTERISTICijcsit
Virtual machines (VMs) are underlying technologies of IT solutions such as cloud computing. VMs provide
ease of use through their on-demand characteristics and provide huge benefits in terms of lowering costs and
improving scalability. VMs are also being used as malware detection systems, and with the rapidly expanding
usage of mobile devices, besides of their usage as honeypots, VMs are coming to be used as emulators for
detecting malware in apps. This is due to the limited resources, such as processing power, available in mobile
devices. Currently, the security of applications for mobile devices is checked by running them in VM
environments before they are released to the end user. We argue that such a process may cause or overlook
serious security threats to the end user. In particular, if a piece of malware can detect its current running
environment, it may change its behavior such that it doesn’t perform malicious operations in environments it
suspects to be emulators. In this way, when the malware detects that its running environment is on a VM, it
may be able to hide from the security system on the VM. This is a potential security hazard for end users,
especially users of mobile devices. In this paper, we present a VM detection method that we argue could be
used for remotely detecting VM environments. The detection method works by analyzing the pattern of IP
timestamps in replies sent from the target environment. The method does not require any installation of
software on the target machine which further increase its potential harm if it were to be used by malware to
detect VM environments. In this paper, we also present a technique to disguise a real PC machine such that it
shows the similar IP timestamp patterns as the VM. By using this technique, malware may not be able to
differentiate between a real machine and a VM, thus providing protection to PC end users.
Forensic Tools Performance Analysis on Android-based Blackberry Messenger usi...IJECEIAES
Blackberry Messenger is one of the popularly used instant messaging applications on Android with user’s amount that increase significantly each year. The increase off Blackberry Messenger users might lead to application misuse, such as for commiting digital crimes. To conduct investigation involving smartphone devices, the investigators need to use forensic tools. Therefore, a research on current forensic tool’s performance in order to handle digital crime cases involving Android smartphones and Blackberry Messenger in particular need to be done. This research focuses on evaluating and comparing three forensic tools to obtain digital evidence from Blackberry Messenger on Android smartphones using parameter from National Institute of Standard Technology and Blackberry Messenger’s acquired digital evidences. The result shows that from comparative analysis conducted, Andriller gives 25% performance value, Oxygen Forensic Suite gives 100% performance value, and Autopsy 4.1.1 gives 0% performance value. Related to National Institute of Standard Technology parameter criterias, Andriller has performance value of 47.61%. Oxygen Forensic Suite has performance value of 61.90%. Autopsy 4.1.1 has performance value of 9.52%.
Mobile devices have been playing vital roles in modern dayeducation delivery as students can access or
download learning materials on their smartphones and tablets, they can also install educational apps and
study anytime, anywhere. The need to provide adequate security forportable devices being used for
learning cannot be underestimated. In this paper, we present a mobile security enhancement app,
designed and developedfor Android smart mobile devices in order to promote security awareness among
students. The app can alsoidentify major and the most significant security weaknesses, scan or check for
vulnerabilities in m-learning devices and report any security threat.
Mobile devices have been playing vital roles in modern dayeducation delivery as students can access or
download learning materials on their smartphones and tablets, they can also install educational apps and
study anytime, anywhere. The need to provide adequate security forportable devices being used for
learning cannot be underestimated. In this paper, we present a mobile security enhancement app,
designed and developedfor Android smart mobile devices in order to promote security awareness among
students. The app can alsoidentify major and the most significant security weaknesses, scan or check for
vulnerabilities in m-learning devices and report any security threat
Blockchain framework for detecting the infected cases of covid 19 pandemicAboul Ella Hassanien
This document proposes a blockchain-based framework to help combat COVID-19. It would use existing security cameras and computer vision to detect people without masks or not social distancing. confirmed COVID-19 cases' recent interactions and locations would be tracked. This data would be sent to a blockchain network to map infected people and places. A mobile app would allow users to self-estimate infection probability and detect unknown infected cases within social clusters. The system aims to automatically detect infected cases and alert authorities and potential exposures to help slow the virus's spread.
Common protocol to support disparate communication types within industrial Et...Maurice Dawson
Owing to the increasing demand for reliable products built globally, and through the evolution of machine design, the need for improved and a common communications protocol in different geographical regions has intensified. In this paper, the goal is to reveal that the current protocols used to support disparate communication types in manufacturing have caused complexity in configurations and an increase in monetary overhead for industrial system designers and the end users. Through the simulation of an industrial network, the packet timing, and packet loss between peer-to-peer systems, similar protocol systems will be compared with two dissimilar protocols systems to establish the thesis. The internal validation research method used in this study will reveal the need for an all-inclusive protocol to eliminate the timing and packet loss issues, the systems’ configuration complexities, and the need to reduce the monetary overhead currently associated with the machine communications.
Internet service providers responsibilities in botnet mitigation: a Nigerian ...IJECEIAES
Botnet-based attack is dangerous and extremely difficult to overcome as all the primary mitigation methods are passive and limited in focus. A combine efforts of internet service providers (ISPs) are better guides since they can monitor the traffic that traverse through their networks. However, ISPs are not legally banded to this role and may not view security as a primary concern. Towards understudying the involvement of ISPs in Botnet mitigation in Nigeria, this study elicited and summarized mitigation measures from scientific literatures to create a reference model which was validated by structured interview. Although, ISPs role is seen to be voluntary and poorly incentivized, the providers still take customers security very serious but concentrate more on the preventive and notification measures.
A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...IJECEIAES
‘Internet of Things (IoT)’emerged as an intelligent collaborative computation and communication between a set of objects capable of providing on-demand services to other objects anytime anywhere. A large-scale deployment of data-driven cloud applications as well as automated physical things such as embed electronics, software, sensors and network connectivity enables a joint ubiquitous and pervasive internet-based computing systems well capable of interacting with each other in an IoT. IoT, a well-known term and a growing trend in IT arena certainly bring a highly connected global network structure providing a lot of beneficial aspects to a user regarding business productivity, lifestyle improvement, government efficiency, etc. It also generates enormous heterogeneous and homogeneous data needed to be analyzed properly to get insight into valuable information. However, adoption of this new reality (i.e., IoT) by integrating it with the internet invites a certain challenges from security and privacy perspective. At present, a much effort has been put towards strengthening the security system in IoT still not yet found optimal solutions towards current security flaws. Therefore, the prime aim of this study is to investigate the qualitative aspects of the conventional security solution approaches in IoT. It also extracts some open research problems that could affect the future research track of IoT arena.
A Survey on Mobile Forensic for Android SmartphonesIOSR Journals
This document summarizes a survey on mobile forensic tools and techniques for investigating Android smartphones. It begins with an introduction to digital forensics and its application to mobile devices. The typical digital forensic investigation process is outlined as identification, data acquisition/preservation, data recovery, forensic analysis, and presentation of evidence. Android smartphones are described as having risen significantly in the global market. The main components of the Android platform are applications, application framework, libraries, Android runtime, and the Linux kernel. Tools and techniques for Android mobile forensics are compared according to their roles in the investigation process.
Resilience is introduced as the new security goal supported with security/safety-related information by data-centric services for predictive risk management in real-time. Secondary use of personal information is of essential importance. The problem is that data-centric services threaten resilience. Although privacy as a state of equilibrium and its enforcement with usable security by identity management aims actually at decreasing users’ own risk, its use by data-centric services for unilateral information flow control threatens privacy and resilience. Users lose control on their identity while at the same time competitiveness of in particular small and medium service providers is endangered due to reliable statements on authentication of derived information. Self-protection, however, depends on opposite security interests. This talk claims that Multilateral Security improves privacy and resilience by a multilateral secondary use of personal security-related information for distributed usage control. This kind of privacy is understood as informational self-determination whereas the key concept is non-linkable delegation of rights on secondary use of personal information.
presented at the workshop "Usable Security and Privacy" an event of "Mittelstand-Digital" of the Federal Ministry for Economic Affairs and Energy (BMWi) and HCI conference "Mensch und Computer 2015" in Stuttgart, Germany http://www.mittelstand-digital.de/DE/Service/suche,did=717526.html
Privacy with Secondary Use of Personal InformationSven Wohlgemuth
Secondary use of personal information is of essential importance for the Internet of Things. The main application is resilience. Biometrics is an example for support of resilience in times of a natural disaster. The primary use of biometrics is to identify people; a secondary use is to improve healthcare services for affected people. This requires information sharing with third parties. The challenge faced for reliable support of the Internet of Things is safety. Special cases of security systems achieve safety for information flow, but they don’t scale for secondary use. Their users lose control on their identity. With the aim of improving usability of security, this research-in-progress proposes a multilateral information flow control. This is privacy as understood with informational self-determination. The key is usage control with secure delegation of rights and a secondary use of personal security-related information as Open Data.
PersoApp - Secure and User-Friendly Internet ApplicationsSven Wohlgemuth
The document discusses secure and user-friendly internet applications. It describes how identity theft and data breaches currently occur through malicious authentication and a lack of privacy controls. The document proposes extending identity infrastructure to enable mobility, identity control, privacy control, and privacy forensics in order to provide transparency and detect any misuse of personal data or identities.
Resilience as a new Enforcement Model for IT Security based on Usage ControlSven Wohlgemuth
Security and privacy are not only general requirements of a society but also indispensable enablers for innovative IT infrastructure applications aiming at increased, sustainable welfare and safety of a society. A critical activity of these IT applications is spontaneous information exchange. This information exchange, however, creates inevitable, unknown dependencies between the participating IT systems, which, in turn threaten security and privacy. With the current approach to IT security, security and privacy follow changes and incidents rather than anticipating them. By sticking to a given threat model, the current approach fails to consider vulnerabilities which arise during a spontaneous information exchange. With the goal of improving security and privacy, this work proposes adapting an IT security model and its enforcement to current and most probable incidents before they result in an unacceptable risk for the participating parties or failure of IT applications. Usage control is the suitable security policy model, since it allows changes during run-time without conceptually raising additional incidents.
Privacy-Enhancing Trust Infrastructure for Process MiningSven Wohlgemuth
Presented at SCIS 2017 Symposium on Cryptography and Information Security, Okinawa, Japan
Threats to a society and its social infrastructure are inevitable and endanger human life and welfare. Resilience is a core concept to cope with such threats in strengthening risk management in spite of incidents of any kind. This paper discusses the secondary use of personal information as a key element in such conditions and the relevant process mining. It realizes a completeness in an acceptable manner to mitigate a usability problem by secondary use of personal information. Even though, acceptable soundness is still realized in our scheme for a fundamental privacy-enhancing trust infrastructure. Our work approaches the Ground Truth for a personal predictive IT risk management by process mining with the block chain technology and privacy-enhancing mechanisms.
Tagging Disclosure of Personal Data to Third Parties to Preserve PrivacySven Wohlgemuth
Honored as one of the best papers of IFIP SEC 2010 Security & Privacy - Silver Linings in the Cloud
Privacy in cloud computing is at the moment simply a promise to be kept by the software service providers. Users are neither able to control the disclosure of personal data to third parties nor to check if the software service providers have followed the agreed-upon privacy policy. Therefore, disclosure of the users‘ data to the software service providers of the cloud raises privacy risks. In this article, we show a privacy risk by the example of using electronic health records abroad. As a countermeasure by an ex post enforcement of privacy policies, we propose to observe disclosures of personal data to third parties by using data provenance history and digital watermarking.
The document discusses trends and challenges related to critical infrastructure and cyber security. It summarizes GCSEC's involvement in several national and international initiatives in 2013 related to critical infrastructure protection. These initiatives include projects co-funded by the EU on topics like online fraud information sharing, smart grid security, and energy sector cyber threat information sharing. The document also discusses emerging threats to critical infrastructure from trends like greater internet usage and connectivity of devices. Critical infrastructure is defined as those facilities necessary for essential service delivery. The new trend in critical infrastructure protection is to have proper knowledge of perimeter and critical services, prioritize patch management, and conduct regular risk assessments.
Encountering social engineering activities with a novel honeypot mechanismIJECEIAES
Communication and conducting businesses have eventually transformed to be performed through information and communication technology (ICT). While computer network security challenges have become increasingly significant, the world is facing a new era of crimes that can be conducted easily, quickly, and, on top of all, anonymously. Because system penetration is primarily dependent on human psychology and awareness, 80% of network cyberattacks use some form of social engineering tactics to deceive the target, exposing systems at risk, regardless of the security system's robustness. This study highlights the significance of technological solutions in making users more safe and secure. Throughout this paper, a novel approach to detecting and preventing social engineering attacks will be proposed, combining multiple security systems, and utilizing the concept of Honeypots to provide an automated prevention mechanism employing artificial intelligence (AI). This study aims to merge AI and honeypot with intrusion prevention system (IPS) to detect social engineering attacks, threaten the attacker, and restrict his session to keep users away from these manipulation tactics.
Network security is one of the foremost anxieties of the modern time. Over
the previous years, numerous studies have been accompanied on the
intrusion detection system. However, network security is one of the foremost
apprehensions of the modern era this is due to the speedy development and
substantial usage of altered technologies over the past period. The
vulnerabilities of these technologies security have become a main dispute
intrusion detection system is used to classify unapproved access and unusual
attacks over the secured networks. For the implementation of intrusion
detection system different approaches are used machine learning technique
is one of them. In order to comprehend the present station of application of
machine learning techniques for solving the intrusion discovery anomalies in
internet of thing (IoT) based big data this review paper conducted. Total 55
papers are summarized from 2010 and 2021 which were centering on the
manner of the single, hybrid and collaborative classifier design. This review
paper also includes some of the basic information like IoT, big data, and
machine learning approaches are discussed.
Whitepaper | Network Security - How to defend your Plant against the threats ...Yokogawa
Yokogawa offers a range of cyber-security solutions for control systems, including network security assessment, network and firewall design, PC/server and network device hardening, antivirus and patch management, backup and recovery systems, and network management systems. By seamlessly integrating these solutions with its proven control system solutions, Yokogawa is also aiming to meet its customers' needs for control system security management. Read more about Yokogawa’s approach to cyber security in this whitepaper.
IRJET- Windows Log Investigator System for Faster Root Cause Detection of a D...IRJET Journal
This document describes a Windows Log Investigator System that was created to help developers more easily detect the root cause of defects. The system uses a log analysis algorithm and backtracking to determine the type of defect and possible solutions. It has a graphical user interface built with C# and WPF to provide an interactive experience for analyzing logs. The system aims to significantly reduce the difficulties faced by developers in solving defects.
Forensic Tools Performance Analysis on Android-based Blackberry Messenger usi...IJECEIAES
Blackberry Messenger is one of the popularly used instant messaging applications on Android with user’s amount that increase significantly each year. The increase off Blackberry Messenger users might lead to application misuse, such as for commiting digital crimes. To conduct investigation involving smartphone devices, the investigators need to use forensic tools. Therefore, a research on current forensic tool’s performance in order to handle digital crime cases involving Android smartphones and Blackberry Messenger in particular need to be done. This research focuses on evaluating and comparing three forensic tools to obtain digital evidence from Blackberry Messenger on Android smartphones using parameter from National Institute of Standard Technology and Blackberry Messenger’s acquired digital evidences. The result shows that from comparative analysis conducted, Andriller gives 25% performance value, Oxygen Forensic Suite gives 100% performance value, and Autopsy 4.1.1 gives 0% performance value. Related to National Institute of Standard Technology parameter criterias, Andriller has performance value of 47.61%. Oxygen Forensic Suite has performance value of 61.90%. Autopsy 4.1.1 has performance value of 9.52%.
Mobile devices have been playing vital roles in modern dayeducation delivery as students can access or
download learning materials on their smartphones and tablets, they can also install educational apps and
study anytime, anywhere. The need to provide adequate security forportable devices being used for
learning cannot be underestimated. In this paper, we present a mobile security enhancement app,
designed and developedfor Android smart mobile devices in order to promote security awareness among
students. The app can alsoidentify major and the most significant security weaknesses, scan or check for
vulnerabilities in m-learning devices and report any security threat.
Mobile devices have been playing vital roles in modern dayeducation delivery as students can access or
download learning materials on their smartphones and tablets, they can also install educational apps and
study anytime, anywhere. The need to provide adequate security forportable devices being used for
learning cannot be underestimated. In this paper, we present a mobile security enhancement app,
designed and developedfor Android smart mobile devices in order to promote security awareness among
students. The app can alsoidentify major and the most significant security weaknesses, scan or check for
vulnerabilities in m-learning devices and report any security threat
Blockchain framework for detecting the infected cases of covid 19 pandemicAboul Ella Hassanien
This document proposes a blockchain-based framework to help combat COVID-19. It would use existing security cameras and computer vision to detect people without masks or not social distancing. confirmed COVID-19 cases' recent interactions and locations would be tracked. This data would be sent to a blockchain network to map infected people and places. A mobile app would allow users to self-estimate infection probability and detect unknown infected cases within social clusters. The system aims to automatically detect infected cases and alert authorities and potential exposures to help slow the virus's spread.
Common protocol to support disparate communication types within industrial Et...Maurice Dawson
Owing to the increasing demand for reliable products built globally, and through the evolution of machine design, the need for improved and a common communications protocol in different geographical regions has intensified. In this paper, the goal is to reveal that the current protocols used to support disparate communication types in manufacturing have caused complexity in configurations and an increase in monetary overhead for industrial system designers and the end users. Through the simulation of an industrial network, the packet timing, and packet loss between peer-to-peer systems, similar protocol systems will be compared with two dissimilar protocols systems to establish the thesis. The internal validation research method used in this study will reveal the need for an all-inclusive protocol to eliminate the timing and packet loss issues, the systems’ configuration complexities, and the need to reduce the monetary overhead currently associated with the machine communications.
Internet service providers responsibilities in botnet mitigation: a Nigerian ...IJECEIAES
Botnet-based attack is dangerous and extremely difficult to overcome as all the primary mitigation methods are passive and limited in focus. A combine efforts of internet service providers (ISPs) are better guides since they can monitor the traffic that traverse through their networks. However, ISPs are not legally banded to this role and may not view security as a primary concern. Towards understudying the involvement of ISPs in Botnet mitigation in Nigeria, this study elicited and summarized mitigation measures from scientific literatures to create a reference model which was validated by structured interview. Although, ISPs role is seen to be voluntary and poorly incentivized, the providers still take customers security very serious but concentrate more on the preventive and notification measures.
A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...IJECEIAES
‘Internet of Things (IoT)’emerged as an intelligent collaborative computation and communication between a set of objects capable of providing on-demand services to other objects anytime anywhere. A large-scale deployment of data-driven cloud applications as well as automated physical things such as embed electronics, software, sensors and network connectivity enables a joint ubiquitous and pervasive internet-based computing systems well capable of interacting with each other in an IoT. IoT, a well-known term and a growing trend in IT arena certainly bring a highly connected global network structure providing a lot of beneficial aspects to a user regarding business productivity, lifestyle improvement, government efficiency, etc. It also generates enormous heterogeneous and homogeneous data needed to be analyzed properly to get insight into valuable information. However, adoption of this new reality (i.e., IoT) by integrating it with the internet invites a certain challenges from security and privacy perspective. At present, a much effort has been put towards strengthening the security system in IoT still not yet found optimal solutions towards current security flaws. Therefore, the prime aim of this study is to investigate the qualitative aspects of the conventional security solution approaches in IoT. It also extracts some open research problems that could affect the future research track of IoT arena.
A Survey on Mobile Forensic for Android SmartphonesIOSR Journals
This document summarizes a survey on mobile forensic tools and techniques for investigating Android smartphones. It begins with an introduction to digital forensics and its application to mobile devices. The typical digital forensic investigation process is outlined as identification, data acquisition/preservation, data recovery, forensic analysis, and presentation of evidence. Android smartphones are described as having risen significantly in the global market. The main components of the Android platform are applications, application framework, libraries, Android runtime, and the Linux kernel. Tools and techniques for Android mobile forensics are compared according to their roles in the investigation process.
Resilience is introduced as the new security goal supported with security/safety-related information by data-centric services for predictive risk management in real-time. Secondary use of personal information is of essential importance. The problem is that data-centric services threaten resilience. Although privacy as a state of equilibrium and its enforcement with usable security by identity management aims actually at decreasing users’ own risk, its use by data-centric services for unilateral information flow control threatens privacy and resilience. Users lose control on their identity while at the same time competitiveness of in particular small and medium service providers is endangered due to reliable statements on authentication of derived information. Self-protection, however, depends on opposite security interests. This talk claims that Multilateral Security improves privacy and resilience by a multilateral secondary use of personal security-related information for distributed usage control. This kind of privacy is understood as informational self-determination whereas the key concept is non-linkable delegation of rights on secondary use of personal information.
presented at the workshop "Usable Security and Privacy" an event of "Mittelstand-Digital" of the Federal Ministry for Economic Affairs and Energy (BMWi) and HCI conference "Mensch und Computer 2015" in Stuttgart, Germany http://www.mittelstand-digital.de/DE/Service/suche,did=717526.html
Privacy with Secondary Use of Personal InformationSven Wohlgemuth
Secondary use of personal information is of essential importance for the Internet of Things. The main application is resilience. Biometrics is an example for support of resilience in times of a natural disaster. The primary use of biometrics is to identify people; a secondary use is to improve healthcare services for affected people. This requires information sharing with third parties. The challenge faced for reliable support of the Internet of Things is safety. Special cases of security systems achieve safety for information flow, but they don’t scale for secondary use. Their users lose control on their identity. With the aim of improving usability of security, this research-in-progress proposes a multilateral information flow control. This is privacy as understood with informational self-determination. The key is usage control with secure delegation of rights and a secondary use of personal security-related information as Open Data.
PersoApp - Secure and User-Friendly Internet ApplicationsSven Wohlgemuth
The document discusses secure and user-friendly internet applications. It describes how identity theft and data breaches currently occur through malicious authentication and a lack of privacy controls. The document proposes extending identity infrastructure to enable mobility, identity control, privacy control, and privacy forensics in order to provide transparency and detect any misuse of personal data or identities.
Resilience as a new Enforcement Model for IT Security based on Usage ControlSven Wohlgemuth
Security and privacy are not only general requirements of a society but also indispensable enablers for innovative IT infrastructure applications aiming at increased, sustainable welfare and safety of a society. A critical activity of these IT applications is spontaneous information exchange. This information exchange, however, creates inevitable, unknown dependencies between the participating IT systems, which, in turn threaten security and privacy. With the current approach to IT security, security and privacy follow changes and incidents rather than anticipating them. By sticking to a given threat model, the current approach fails to consider vulnerabilities which arise during a spontaneous information exchange. With the goal of improving security and privacy, this work proposes adapting an IT security model and its enforcement to current and most probable incidents before they result in an unacceptable risk for the participating parties or failure of IT applications. Usage control is the suitable security policy model, since it allows changes during run-time without conceptually raising additional incidents.
Privacy-Enhancing Trust Infrastructure for Process MiningSven Wohlgemuth
Presented at SCIS 2017 Symposium on Cryptography and Information Security, Okinawa, Japan
Threats to a society and its social infrastructure are inevitable and endanger human life and welfare. Resilience is a core concept to cope with such threats in strengthening risk management in spite of incidents of any kind. This paper discusses the secondary use of personal information as a key element in such conditions and the relevant process mining. It realizes a completeness in an acceptable manner to mitigate a usability problem by secondary use of personal information. Even though, acceptable soundness is still realized in our scheme for a fundamental privacy-enhancing trust infrastructure. Our work approaches the Ground Truth for a personal predictive IT risk management by process mining with the block chain technology and privacy-enhancing mechanisms.
Tagging Disclosure of Personal Data to Third Parties to Preserve PrivacySven Wohlgemuth
Honored as one of the best papers of IFIP SEC 2010 Security & Privacy - Silver Linings in the Cloud
Privacy in cloud computing is at the moment simply a promise to be kept by the software service providers. Users are neither able to control the disclosure of personal data to third parties nor to check if the software service providers have followed the agreed-upon privacy policy. Therefore, disclosure of the users‘ data to the software service providers of the cloud raises privacy risks. In this article, we show a privacy risk by the example of using electronic health records abroad. As a countermeasure by an ex post enforcement of privacy policies, we propose to observe disclosures of personal data to third parties by using data provenance history and digital watermarking.
The document discusses trends and challenges related to critical infrastructure and cyber security. It summarizes GCSEC's involvement in several national and international initiatives in 2013 related to critical infrastructure protection. These initiatives include projects co-funded by the EU on topics like online fraud information sharing, smart grid security, and energy sector cyber threat information sharing. The document also discusses emerging threats to critical infrastructure from trends like greater internet usage and connectivity of devices. Critical infrastructure is defined as those facilities necessary for essential service delivery. The new trend in critical infrastructure protection is to have proper knowledge of perimeter and critical services, prioritize patch management, and conduct regular risk assessments.
Encountering social engineering activities with a novel honeypot mechanismIJECEIAES
Communication and conducting businesses have eventually transformed to be performed through information and communication technology (ICT). While computer network security challenges have become increasingly significant, the world is facing a new era of crimes that can be conducted easily, quickly, and, on top of all, anonymously. Because system penetration is primarily dependent on human psychology and awareness, 80% of network cyberattacks use some form of social engineering tactics to deceive the target, exposing systems at risk, regardless of the security system's robustness. This study highlights the significance of technological solutions in making users more safe and secure. Throughout this paper, a novel approach to detecting and preventing social engineering attacks will be proposed, combining multiple security systems, and utilizing the concept of Honeypots to provide an automated prevention mechanism employing artificial intelligence (AI). This study aims to merge AI and honeypot with intrusion prevention system (IPS) to detect social engineering attacks, threaten the attacker, and restrict his session to keep users away from these manipulation tactics.
Network security is one of the foremost anxieties of the modern time. Over
the previous years, numerous studies have been accompanied on the
intrusion detection system. However, network security is one of the foremost
apprehensions of the modern era this is due to the speedy development and
substantial usage of altered technologies over the past period. The
vulnerabilities of these technologies security have become a main dispute
intrusion detection system is used to classify unapproved access and unusual
attacks over the secured networks. For the implementation of intrusion
detection system different approaches are used machine learning technique
is one of them. In order to comprehend the present station of application of
machine learning techniques for solving the intrusion discovery anomalies in
internet of thing (IoT) based big data this review paper conducted. Total 55
papers are summarized from 2010 and 2021 which were centering on the
manner of the single, hybrid and collaborative classifier design. This review
paper also includes some of the basic information like IoT, big data, and
machine learning approaches are discussed.
Whitepaper | Network Security - How to defend your Plant against the threats ...Yokogawa
Yokogawa offers a range of cyber-security solutions for control systems, including network security assessment, network and firewall design, PC/server and network device hardening, antivirus and patch management, backup and recovery systems, and network management systems. By seamlessly integrating these solutions with its proven control system solutions, Yokogawa is also aiming to meet its customers' needs for control system security management. Read more about Yokogawa’s approach to cyber security in this whitepaper.
IRJET- Windows Log Investigator System for Faster Root Cause Detection of a D...IRJET Journal
This document describes a Windows Log Investigator System that was created to help developers more easily detect the root cause of defects. The system uses a log analysis algorithm and backtracking to determine the type of defect and possible solutions. It has a graphical user interface built with C# and WPF to provide an interactive experience for analyzing logs. The system aims to significantly reduce the difficulties faced by developers in solving defects.
Patents are a good information resource for obtaining the state of the art of deep learning for cybersecurity technology innovation insights.
I. Deep Learning for Cybersecurity Technology Innovation Status
Patents that specifically describe the major deep learning applications in cybersecurity are a good indicator of the deep learning for cybersecurity innovations in a specific innovation entity. To find the deep learning for cybersecurity technology innovation status, patent applications in the USPTO as of May 31, 2020 that specifically describe the major deep learning applications in cybersecurity are searched and reviewed. 31 published patent applications that are related to the key deep learning for cybersecurity technology innovation are selected for detail analysis.
II. Deep Learning for Cybersecurity Technology Innovation Details
Patent information can provide many valuable insights that can be exploited for developing and implementing new technologies. Patents can also be exploited to identify new product/service development opportunities.
Industrial IoT Cyber-Attack Detection/General Electric
Malicious Code Detection/Royal Bank of Canada
Running Head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY .docxhealdkathaleen
Running Head: ANNOTATED BIBLIOGRAPHY
ANNOTATED BIBLIOGRAPHY 6
Annotated Bibliography on Emerging Cyber Threats
[Name of Institution]
[Name of Writer]
Annotated Bibliography on Emerging Cyber Threats
Source#1
Reference: Kettani, H., & Wainwright, P. (2019, March). On the Top Threats to Cyber Systems. In 2019 IEEE 2nd International Conference on Information and Computer Technologies (ICICT) (pp. 175-179). IEEE.
Summary: This article reveals the threats to the cyber systems even some of them are not known to the common people. The article defines that the latest technology has advanced the cyber systems and these advancements are attractive and beneficial in comparison to the previous systems. However, due to this sophisticated and attractive advancement the individuals, societies, and nations had become dependent on the cyber systems. These systems result in the higher gain and ease of handling since people had relying on the cyber systems. Moreover, the author argues that for the adoption of the proper defense and mitigations to the threats it is necessary to understand cyber threats. The top threats with a brief discussion of threat agents and attack vectors along with the countermeasures are mentioned so that the readers can find knowledge in this regard.
Relevance: This article is of paramount importance because it defines the importance of the topic of research. As the aim of the research is to expose the emerging cyber-attacks and the author of the article “On the Top Threats to Cyber Systems” reveals the importance of the cyber systems which is important for understanding the dependence over the cyber systems. In addition to this, the article is found worth reading because it reveals the emerging cybercrimes and ways of protection too. The study is found relevant because it reveals that cyber systems are important nowadays because they are used in the business systems, control systems, and for accessing the control systems. In other words, the articles provide an overview of the emerging threats and latest trends in the cyber systems.
Source#2
Reference: Parn, E. A., & Edwards, D. (2019). Cyber threats confronting the digital built environment. Engineering, Construction and Architectural Management.
Summary: This article determines the cyber systems attack in the sector of the digital built environment. The study gives the idea of emerging crimes that are made to threat the digital and physical assets that are used to form the digital economies. These threats are often made to affect the critical infrastructure of the smart cities. These smart cities are comprised of the cyber systems which also increase the national wealth, preserve health, and provide safety and welfare to the nation. In this regard, it is important to protect the cyber systems from the critical and emerging threats. Additionally, the article reveals the safe an ...
Ethical hacking, the way to get product & solution confidence and trust in an...Pierre-Jean Verrando
Presentation by Dr. Detlef Houdeau, Eurosmart Vice-President at the 2018 eID Forum
The Performing Ethical Hacking on critical hardware and software, has allowed main critical sectors such as financial transaction, communication transaction, electronic documents, qualified signature devices and HSM to be immune from significant attacks.
Europe is the worldwide leader in Ethical Hacking for Hardware and Embedded Software thanks to the 20 years of expertise created by the SOGIS MRA.
This document provides an overview of using data science techniques for analyzing Internet of Things (IoT) network traffic, using a smart home network as an example. It first discusses IoT systems, including components, communication protocols, and challenges. It then discusses how machine learning approaches like pattern detection, feature selection, and classification can be used to analyze IoT network traffic and behaviors. Specifically, it presents how these techniques could be applied in R and RStudio to a practical smart home network case study to better understand device interactions and identify anomalies.
The document discusses the main cybersecurity challenges faced in social computing. It identifies several key challenges: (1) big data breaches as more personal data is collected and stored; (2) the expansion of AI which could help detect cyberattacks but also poses risks; and (3) limited IT resources making it difficult for organizations to adequately monitor and secure expanding networks and devices. Additional challenges discussed include threats posed by the growing number of internet-connected devices and vulnerabilities in serverless applications. Real-world examples are provided to illustrate incidents and the potential damage from successful cyberattacks.
Today internet security is a serious problem. For every consumer and business that is on the Internet,
viruses, worms and crackers are a few security threats. There are the obvious tools that aid information security
professionals against these problems such as anti-virus software, firewalls and intrusion detection systems, but
these systems can only react to or prevent attacks-they cannot give us information about the attacker, the tools
used or even the methods employed. Given all of these security questions honeypots are a novel approach to
network security and security research alike. It is a resource, which is intended to be attacked and compromised to
gain more information about the attacker and the used tools. It can also be deployed to attract and divert an
attacker from their real targets. Honeypots is an additional layer of security. Honeypots have the big advantage that
they do not generate false alerts as each observed traffic is suspicious, because no productive components are
running on the system. The levels of interaction determines the amount of functionality a honeypots provides that
is low and high interactions.
This document discusses cyber security issues, challenges, and risks. It begins by introducing the topic of cyber security and the importance of securely transferring information online. It then discusses some key challenges facing cyber security like advanced persistent threats, the evolution of ransomware, threats to IoT devices, and risks associated with cloud computing. The document also covers cyber security techniques to help address issues like access control, authentication, malware scanning, and using firewalls and antivirus software. It concludes by discussing systemic cyber risks related to scale, interdependency, and shared resources, as well as the importance of cyber ethics.
This document provides an overview of botnets, including their components, structures, operations cycles, and defense capabilities. It discusses how botnets have advanced over time and describes examples like Mirai and APT28. It also examines the business models of cybercriminals using botnets and characterizes different types of attackers. The document analyzes cooperation within and between criminal organizations and how botnets appear in networks and carry out propagation and attack patterns.
For Image Authentication Problem using Encryption Technique and LDPC Source Coding is necessary in Content
Delivery via unsecure medium, Like Peer-To-Peer (P2P) File Sharing. These transferring Digital Files from one Computer to
another. Images are the Most Important Utility of our life. They are used in many applications. There are Two Main Goals of
Image Security: Image Encryption and Authentication. More different encoded versions of the original image available.In
addition, unsecure medium might tamper with the contents.. We propose an efficient, accurate, reliable process using
encryption and LDPC source coding for the image authentication problem. The key idea is to provide a Slepian-Wolf encoded
as authentication data which is encrypted using cryptography key before ready to send. The key used for encryption is usually
independent of the Plain-Image. This can be decoded with side information of an authentic image.
A new algorithm to enhance security against cyber threats for internet of thi...IJECEIAES
One major problem is detecting the unsuitability of traffic caused by a distributed denial of services (DDoS) attack produced by third party nodes, such as smart phones and other handheld Wi-Fi devices. During the transmission between the devices, there are rising in the number of cyber attacks on systems by using negligible packets, which lead to suspension of the services between source and destination, and can find the vulnerabilities on the network. These vulnerable issues have led to a reduction in the reliability of networks and a reduction in consumer confidence. In this paper, we will introduce a new algorithm called rout attack with detection algorithm (RAWD) to reduce the affect of any attack by checking the packet injection, and to avoid number of cyber attacks being received by the destination and transferred through a determined path or alternative path based on the problem. The proposed algorithm will forward the real time traffic to the required destination from a new alternative backup path which is computed by it before the attacked occurred. The results have showed an improvement when the attack occurred and the alternative path has used to make sure the continuity of receiving the data to the main destination without any affection.
The document discusses the Wireless World Research Forum's (WWRF) Working Group 7 on privacy, security, and trust. The working group aims to address major challenges around integrating privacy, security and trust into applications, platforms, mobile devices, and infrastructure for future wireless technologies. It advocates a multilateral security approach and designing privacy, security and trust into systems from the beginning. Key research questions are around specifying, negotiating, enforcing and monitoring privacy and security contexts between partners in ambient environments.
Open Source Insight: CVE–2017-9805, Equifax Breach & Wacky Open Source LicensesBlack Duck by Synopsys
Our vulnerability of the week is CVE-2017-9805, which resides in Apache Struts’ REST plugin, a must-have in almost all Struts enterprise deployments. Attackers can exploit the bug via HTTP requests or via any other socket connection, with a public exploit published on Thursday. Happily, on Monday the Apache Struts team released Apache Struts v2.5.13, which includes a fix for CVE-2017-9805. As always, the byword of the week is “patch and update.”
Also looming large in this week’s news is the massive cyber-break-in at Equifax, where highly sensitive personal and financial information for around 143 million U.S. consumers (the editor apparently being among those affected) was compromised.
Presentation on iot- Internet of ThingsJIGAR MAKHIJA
This thesis examines security vulnerabilities in IoT networks. It discusses common attacks like node tampering, denial of service attacks, and SQL injection. The document presents an architecture to monitor networks for abnormal activity. It provides two case studies, one on a DDoS attack from compromised IoT devices that took down a major DNS provider, and another on vulnerabilities in a glucose monitoring system that could allow intercepting patient data. The research focuses on analyzing entry points to networks to identify attacks and securing the network portion of IoT systems. In conclusion, the thesis proposes combining device, network, and cloud forensics to investigate security issues in IoT.
A Secure Decision-Support Scheme for Self-Sovereign Identity ManagementSven Wohlgemuth
This document discusses self-sovereign identity management using zero-knowledge proofs and blockchain technology. It proposes a scheme where individuals own and control their personal data through a decentralized identity system. Intermediaries could verify relationships and attributes about an identity through zero-knowledge proofs without learning the underlying data. Blockchain consensus protocols and smart contracts would enforce accountability and transparency around data access and usage according to individuals' preferences. This framework aims to give individuals sovereignty over their digital identities and personal data.
This document proposes a blockchain-based system called SK4SC (Secure Kernel for Supply Chains) to address security and privacy issues in supply chain management. SK4SC uses anonymous attribute-based credentials, zero-knowledge proofs, and digital signatures to enable the verifiable and auditable sharing of information while preserving privacy. It aims to establish accountability and enforce compliance through the recording of data provenance and rights management on an open distributed ledger. This would help detect supply chain attacks and unauthorized data access in a transparent yet private manner.
Secure Sharing of Design Information with BlockchainsSven Wohlgemuth
To defend against evolving cyberattacks, defenders alone have limitations to prevent attacks from multiple and powerful attackers. We show a new way for defenders to collaborate closely and to make the necessary security by design. Blockchains are used, and accountability occurs in such a way for incentive so that participants will comply with the rules. Intellectual property rights of individual defenders are protected, and unnecessary leakage of trade secrets and personal information can be avoided. In the mutual interaction between humans and computer, information is shared in such a way that humans correctly benefit from AI-supported machines as intelligent amplifiers.
Talks @ 2018 IEICE Society Conference
個人情報の有効活用を可能にする (Enabling effective use of personal information)Sven Wohlgemuth
Talk @ 「The Future of Blockchain」 on May 13th, 2017
25th Academic Forum of WASEDA University, Tokyo, Japan
About this forum:
http://www.waseda.jp/sanken/forum/academic/img/25th_academic_forum.pdf
http://www.waseda.jp/sanken
Lecture on IT Security and Technical Data Protection
Part 4: Cryptography
Summer term 2016
(in German: 4 Kryptographie
der Vorlesung IT-Sicherheit und Technischer Datenschutz
im Sommersemester 2016)
Lecture on IT Security and Technical Data Protection
Part 3: Security Models
Summer term 2016
(in German: 3 Sicherheitsmodelle
der Vorlesung IT-Sicherheit und Technischer Datenschutz
im Sommersemester 2016)
Privacy in Business Processes by User-Centric Identity ManagementSven Wohlgemuth
This document summarizes a presentation on privacy in business processes through user-centric identity management. It discusses challenges with 1:n and 1:n:m relationships where personal data is disclosed to multiple services. Two approaches are described: single sign-on and anonymous credentials. Neither fully addresses issues like linkability, non-transferability of data, and misuse of credentials. The document then proposes an approach called DREISAM that uses anonymous credentials and proxy credentials to enable delegation of rights over personal data while preserving user privacy. It outlines the work of WP14 in studying privacy requirements for identity management and business processes.
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...Sven Wohlgemuth
ALU-FR (Freiburg) contribution to FIDIS 2nd Research Event, Athens, Greece, 2007
The objective of WP14 is the identification and description of privacy requirements for identity management relating to the disclosure of identifying personal data and the use of credentials as access rights on services in business processes. Service providers process identifying data of their users for example for individualizing services and to get access to services as a proxy of their users. By the directives 95/46/EC and 2002/58/EC, the European Commission has defined privacy principles in order to regulate the processing of identifying personal data. Identity management empowers users as long as they disclose their identifying personal data and credentials to service providers. For information chains as found in multi-staged business processes, identity management leads to a big-brother phenomenon. Users have to trust service providers to process personal data of their users according to their privacy policy.
Based on privacy as informational self-determination, privacy threats are identified in business processes by the reference scenario “loyalty programme”. The reference scenario is used as an orientation for the partners in WP14. Undesired profiling is in particular investigated by case studies. The investigation of profiling makes a difference between collection of customers’ data by service providers of which customers are not aware and in externally stored customers’ profiles, while delegation access rights to some of these profiles is made possible The starting point of WP14 is the workshop “Privacy in Business Processes” (D14.1).
On Privacy in Medical Services with Electronic Health RecordsSven Wohlgemuth
SiHIS 2009, IMIA WG 4, Hiroshima, Japan
Centralized electronic health records (EHR) accumulate medical data of patients to improve their availability and completeness. This in turn increases the efficiency of business processes for medical services. As EHRs are not tied to a single medical institution they may be offered by enterprises with the capacity and knowledge to maintain this kind of databases. Legislation, e.g. the US American Health Insurance Portability and Accountability Act (HIPAA) and the German Act for the Modernization of the Health Insurance by Law (GMG), usually prohibit any disclosure to third parties without the patient’s explicit consent. Existing systems for EHRs like Microsoft HealthVault and Google Health comply with this by letting the patients decide on the usage and disclosure of their data. But they fail in providing three essential safeguards to privacy. Firstly, they do not offer mechanisms to guarantee the compliance of the EHR system especially regarding the enforcement of patients’ decisions. Secondly, patients cannot express or enforce obligations on further usage and disclosure of their data to third parties. Thirdly, they fail to guarantee confidentiality of the patients’ health data towards the EHR provider organization, which should not be able to access the data since this increases the risk of unauthorized disclosure. Those drawbacks stem from the fact that privacy-enhancing technologies focus on controlling external access to personal data but not on their usage. But even if health data is protected against those threats, EHR providers are able to create profiles about patients by examining the access requests to their data. We propose a privacy-protecting information system for controlled disclosure of personal data to third parties. Firstly, patients should be able to express, enforce, and observe obligations regarding disclosure of health data to third parties. Secondly, an organization providing EHRs should neither be able to gain access to these health data nor establish a profile about patients.
EN 6.3: 2 IT-Compliance und IT-SicherheitsmanagementSven Wohlgemuth
Lecture on IT Security and Technical Data Protection
Part 2: IT Compliance and IT Security Management
Summer term 2016
(in German: 2 IT-Compliance und IT-Sicherheitsmanagement
der Vorlesung IT-Sicherheit und Technischer Datenschutz
im Sommersemester 2016)
EN 6.3: 1 IT-Sicherheit und Technischer DatenschutzSven Wohlgemuth
Lecture on IT Security and Technical Data Protection
Part 1, summer term 2016
(in German: IT-Sicherheit und Technischer Datenschutz (Einführungsveranstaltung)
im Sommersemester 2016)
International Workshop on Information Systems for Social Innovation (ISSI) 2009Sven Wohlgemuth
We need to solve global problems, such as energy, food, education, and economic development in our advanced information and communication technology (ICT) society. These are complicated problems worldwide and only one country, one organization, or one researcher can t solve them all. In this workshop we will pursue issues concerning safety and security to cover difficult ICT society problems, such as compliance privacy, IT risk management, and information security, in cooperation with the MOU organizations NII has partnerships with. For this purpose, we will hold an international workshop on information systems for social innovation.
More @ http://www.nii.ac.jp/issi/en/
Durchsetzung von Privacy Policies in DienstenetzenSven Wohlgemuth
Die Diensteorientierung der zukünftigen Netznutzung erzeugt individualisierte Dienste, die die Privatsphäre und informationelle Selbstbestimmung und damit die Grundlage der gesetzlichen Regelungen aushebeln werden. So sind bei den Kundenkarten europaweit nur wenige Anbieter festzustellen, während aus Nutzersicht scheinbar zahllose, verschiedene Kundenkarten existieren. Trotz aller Vereinbarungen kann die informationelle Selbstbestimmung nicht automatisiert eingefordert werden. Dasselbe gilt in abgewandelter Form für die JobCard und die Gesundheitskarte. Das Projektziel ist die Erweiterung des aktuellen, einseitigen Vertrauensmodells, in dem Nutzer den Diensteanbietern bei einer Erhebung und Weitergabe persönlicher Daten zwingend vertrauen müssen. Es soll ein Identitätsmanagementsystem entwickelt werden, mit dem Nutzer nach der informationellen Selbstbestimmung Profilbildungen bei der Nutzung von Dienstleistungen mit einem Datendienst kontrollieren und Anbieter von Datendiensten das in sie gesetzte Vertrauen rechtfertigen können.
Privacy in Business Processes by User-Centric Identity ManagementSven Wohlgemuth
Privacy is not only a concern of customers. Service providers also fear privacy violations as a main hurdle for the acceptance of personalised services. Furthermore, the protection of privacy is an interest of service providers who take on customer relationship management activities of several service providers. They manage customers’ profiles, e.g. in loyalty programs and e-health scenarios with electronic patient records, and offer the service of aggregation. If it is possible to link profiles of a customer without the need of such service providers, latter would not benefit from their aggregation service. Case studies show privacy threats in business processes with personalised services.
The objective of this FIDIS work package 14 is to identify privacy threats in business processes with personalised services, to suggest process models for modelling privacy-aware business processes and to derive security requirements for user-centric identity management in order to preserve privacy.
The presented scenarios and use cases are recommended for non-technical audicence, whereas the analysis of user-centric identity management protocols and approaches for identity management extensions are recommended for technical audience.
Privacy in Business Processes by Identity ManagementSven Wohlgemuth
Enterprises and governmental agencies process personal data of their clients for, e.g., personalised services and to get access to services as a proxy for them. By the Directives 95/46/EC and 2002/58/EC, the EC has defined data protection and security principles in order to regulate the processing of personal data. User centric identity management empowers clients in controlling the disclosure of their personal data to organisations. For information chains as found in multi-staged processes identity management may lead to a big-brother phenomenon. Clients have to trust organisations that they process personal data according to their privacy and security policies, along the chain of participating parties.
This workshop aims at these challenges and discusses first approaches for privacy enhancing technologies (PET) and their use in current and future business and governmental process models. The workshop itself will be jointly organised by the IST FP6 projects FIDIS and PRIME.
Schlüsselverwaltung - Objektorientierter Entwurf und ImplementierungSven Wohlgemuth
(Abstract of diploma thesis) With the amazingly growing connectivity induced by the internet, the need also rises for an authentication mechanism being general enough to handle the resulting heterogenity and size. Here, cryptographic public-key technology plays a major role. Prominent approaches of practical use for building and verifying trust in networks applying cryptographic keys are PGP and S/MIME. Unfortunately these do have essential weaknesses such that they do not cover all relevant aspects, or at most they do in conjunction. Moreover, the available software solutions and the associated models do not support a cooperation and the user is left with choosing out of a non-optimal set of possibilities.
To cure this defect, we present an integrating design for the management of cryptographic keys which allows a user to manage keys with one software, independent of the actual model context. Besides these and other management tasks resulting from a key’s life cycle, the design emphasizes the integration of modules which support local authenticity decisions employing a policy and public-key infrastructure.
Preceding the design, an analysis of two techniques for determining authenticity of cryptographic keys will be given, being the base for deriving the use-case requirements a system for managing keys must satisfy. The design chapter describes the architecture of the system in terms of modules and their cooperation on processing the use cases. the description is supported by the modelling language UML.
Ein Viertel aller Ausgaben für Forschung und Entwicklung in der Wirtschaft und ein Fünftel aller Patentanmeldungen entfallen auf die Informatik. In Deutschland werden die Informations- und Kommunikationstechnologien im Jahr 2006 ca. 140 Milliarden Euro umsetzen. Die Informatik liegt damit mittlerweile vor dem Fahrzeugbau und Maschinenbau und trägt ein Drittel des erwarteten Wirtschaftswachstums. Arbeitsstellen finden sich für Informatiker vor allem in der Forschung und Entwicklung, in der Unternehmensberatung und in der Entwicklung von Systemen.
Solutions for Coping with Privacy and UsabilitySven Wohlgemuth
After Mainframe and Client-Server computing, Cloud computing is the next computing paradigm. The main difference is that individuals and enterprises make use of services out of the Cloud via a web browser, share computing power and data storage. The data disclosure from users to software service providers of the Cloud raises privacy risks. Users cannot enforce the agreed-upon privacy policy. In this article we propose a privacy system for an ex post enforcement of a privacy policy. Our proposal is to observe disclosures of personal data to third parties by data provenance using digital watermarking.
Location: NII Open House 2010, National Center of Sciences, Tokyo, Japan
Privatsphäre in Geschäftsprozessen mit einer Weitergabe von persönlichen Daten/Information an Dritte ist derzeit nicht möglich. Nutzer müssen personenbezogene Daten an Dritte, bspw. ihre Stellvertreter, weitergeben, wobei dies zur Bildung von mehreren „Big Brother“ führt. Deshalb sind derzeitige Identitätsmanagementsysteme für kritische Anwendungen nicht erfolgreich. Wir schlagen für eine dezentralisierte Vertrauensverwaltung (Decentralized Trust Management) ein allgemeines Protokoll für die zweckgebundene und damit autorisierte Weitergabe personenbezogener Daten in Form eines Ausweises (Credentials) vor, das die Kontrolle eines Nutzers über den Schutz seiner Privatsphäre zu seiner Beobachtbarkeit erweitert. Dieses Delegationsprotokoll erweitert heutige Identitätsmanagementsysteme.
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfFlorence Consulting
Quattordicesimo Meetup di Milano, tenutosi a Milano il 23 Maggio 2024 dalle ore 17:00 alle ore 18:30 in presenza e da remoto.
Abbiamo parlato di come Axpo Italia S.p.A. ha ridotto il technical debt migrando le proprie APIs da Mule 3.9 a Mule 4.4 passando anche da on-premises a CloudHub 1.0.
Instagram has become one of the most popular social media platforms, allowing people to share photos, videos, and stories with their followers. Sometimes, though, you might want to view someone's story without them knowing.
Ready to Unlock the Power of Blockchain!Toptal Tech
Imagine a world where data flows freely, yet remains secure. A world where trust is built into the fabric of every transaction. This is the promise of blockchain, a revolutionary technology poised to reshape our digital landscape.
Toptal Tech is at the forefront of this innovation, connecting you with the brightest minds in blockchain development. Together, we can unlock the potential of this transformative technology, building a future of transparency, security, and endless possibilities.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
1. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
ICT Resilience in EU
Int. Workshop on Information Systems for Social Innovation (ISSI) 2013
Session: Systems Resilience
National Institute of Informatics, Tokyo, Japan
February 4, 2014
!
Dr. Sven Wohlgemuth
!
Head of Consortium
Technische Universität Darmstadt, Germany
Center for Advanced Security Research Darmstadt (CASED)
2. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity
Center for Advanced Security Research Darmstadt (CASED)
www.cased.de
!2
Secure Software Engineering
Cryptography
Identity, Privacy,
Trust
Usable Security
Cloud Security
Mobile and Cyber-Physical System Security
Internet and Infrastructure Security
Third-party funding since 07/2008: > € 60 Mio.
• 33 professorships
• 102 PhD students
• 30 Post Docs
• > 80 guest scientists p.a.
• #1 University in Germany for computer science/
security and privacy1
; 31 awards (2011-2013)
1
#publications at TOP25 conferences; Microsoft Academic Search
Some projects and joint institutes
DFG Priority Program "RS3
- Reliable
secure software systems (coordination)"
Internet privacy
+ industry
Security evaluation of
PACE protocol; PersoApp
(coordination)
3. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
Agenda
!3
I. A Digital Agenda for Europe
!
II. Trustworthy Information Exchange
!
III. PersoApp: German national ID card
!
4. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
I. A Digital Agenda for Europe
Objective: ICT support to deliver sustainable economic and social benefits
I: Single digital
market
II: Interoperability &
standards
III: Trust & security
IV: Fast and ultra-fast
internet access
V: Research
and innovation
VI: Enhancing digital literarcy,
skills and inclusion
VII: ICT-enabled benefits
for EU society
Examples: e-ESTONIA The digital society (Estonia), INDUSTRIE 4.0 (Germany), EU data protection
regulatory framework, Security and integrity of electronic communications networks and services (ENISA)
Expectation: Within 8 years increase European GDP by 5% & 3.8 million new jobs
cf. A Digital Agenda for Europe, COM(2010) 245 final/2
5. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
ICT Supported EU Society
Threats:
Interferences due to
• Crime, Terrorism,
• Natural phenomena,
• Human errors, and
• System failures
Security and integrity (resilience):
• Resistance against threats (prevent and
protect) &
• Adapt sectors to deal with incidents
(respond and recover)
Possible impact:
Interference propagates across sectors
via dependencies, e.g. third party failures
• Common ICT information infrastructure
• Internet of Things
• Internet of Services
cf. A Digital Agenda for Europe, COM(2010) 245 final/2, Directive 2009/140/EC as amendments to 2002/21/EC, 2002/19/EC, and 2002/20/EC
6. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
Incidents and their Impact
Natural
phenome
na
Human
errors
Malicious
actions
System
failures
Third
party
failure
Cause in detail
Incidents per
root cause (%) 6 5 8 76 13
1. Hardware failure
2. Software bug
…
6. Cyber attack
Average
duration of
recovery
(hours)
36 26 4 9 13
Average
number of user
connections
557 447 1528 2330 2808
1. Overload
2. Software bug
…
4. Cyber attack
User hours lost 20283 11393 5858 19842 36502
1. Overload
2. Power cut
…
6. Cyber attack
Third-party failure and non-availability of ICT have highest impact
cf. ENISA. Annual Incident Reports 2013
7. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
IT Security Situation in Germany in 2011
Source: BSI
Fig. 1: Development of IT threats as assessed by BSI [7]
Source: BSI
Fig. 1: Development of IT threats as assessed by BSI [7]
Source: BSI
Fig. 2: Risk potential of attack opportunities in selected applications and technologies as a
Source: BSI
Fig. 3: Risk profile of innovative applications and technologies as assessed by BSI [7 ]
Source: BSI
Fig. 2: Risk potential of attack opportunities in selected applications and technologies as
Source: BSI
Fig. 3: Risk profile of innovative applications and technologies as assessed by BSI [7 ]
Trend:
• Direct attack from attacker ➔ attack via compromised IT system
• Propagation via dependency between IT systems
• Focus: Mobile and Cyber-Physical Systems
cf. Federal Office for Information Security (BSI). The IT Security Situation in Germany in 2011.
8. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
ICT Resilience
Real World
(Relevance)
System Spec
Threats
Refined Systems
Spec.
Model
Properties
Refined
Model
Abstract World
(Rigor)
Formal
Methods, Big Data
analytics, …
Environment
Implementation
Abstraction
Interpretation
Dependability,
and,
Security,
A2ributes,
Threats,
Means,
Availability,
Reliability,
Safety,
Confiden=ality,
Integrity,
Maintainability,
Faults,
Errors,
Failures,
Fault,Preven=on,
Fault,Tolerance,
Fault,Removal,
Fault,Forecas=ng,
Avienžies,et,al.,,2004,
Requirements:
• Prevent and protect: Secure IT systems and information about threats
• Respond and recover: Information about incidents and system adaption in “real-time”
ICT Resilience: Ability of an ICT system to provide and maintain an acceptable level of
service in the face of various faults and challenges to normal operation
(Sterbenz et al., 2010)
9. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
Support: Incident Reporting (Article 13)
Commission (EC) about the incidents.
The incident reporting flows are shown in the diagram below. This document analyses th
that have been reported to ENISA and the EC (the black dashed arrow).
Member stateMember state
Incident notification
Incident reporting
National
authority
Network or
service
provider
Network or
service
provider
Network or
service
provider
Member stateMember state
National
authority
Network or
service
provider
Network or
service
provider
Network or
service
provider
ENISA
EC
Figure 1: Incident reporting in Article 13a.
Article 13 requests auditable information flow:
• Providers (public & private) should take measures and report incidents to NRA
• Audit by a qualified independent body
• Safeguarding competition and boosting consumer choice
cf. Directive 2002/21/EC and Directive 2009/140/EC
10. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
Proposal for Extension: Social Network
Requires authentic information according to a given threat0 2 4 6 8
0
0.05
0.1
0.15
0.2
0.25
0.3
% of attack points in training data
0 2 4 6 8
0
0.05
0.1
0.15
0.2
0.25
0.3
0.35
0.4
% of attack points in training data
classification error (9 vs 8)
validation error
testing error
0.1
0.15
0.2
0.25
0.3
0.35
0.4
classification error (4 vs 0)
validation error
testing error
approached with sequential single-point attacks. The
first question is how to optimally perturb a subset of
the training data; that is, instead of individually opti-
mizing each attack point, one could derive simultane-
ous steps for every attack point to better optimize their
overall e↵ect. The second question is how to choose
the best subset of points to use as a starting point
for the attack. Generally, the latter is a subset selec-
tion problem but heuristics may allow for improved ap-
proximations. Regardless, we demonstrate that even
non-optimal multi-point attack strategies significantly
degrade the SVM’s performance.
An important practical limitation of the proposed
method is the assumption that the attacker controls
the labels of the injected points. Such assumptions
may not hold when the labels are only assigned by
trusted sources such as humans. For instance, a spam
filter uses its users’ labeling of messages as its ground
truth. Thus, although an attacker can send arbitrary
messages, he cannot guarantee that they will have the
labels necessary for his attack. This imposes an ad-
ditional requirement that the attack data must satisfy
certain side constraints to fool the labeling oracle. Fur-
ther work is needed to understand these potential side
constraints and to incorporate them into attacks.
The final extension would be to incorporate the real-
world inverse feature-mapping problem; that is, the
problem of finding real-world attack data that can
achieve the desired result in the learner’s input space.
For data like handwritten digits, there is a direct map-
ping between the real-world image data and the input
features used for learning. In many other problems
Supervised ML (e.g. SVM)
Biggio et al. 2012
0.00.20.40.60.81.0
Single Poisoning Period: Evading PCA
Mean chaff volume
Evasionsuccess(FNR)
0% 10% 20% 30% 40% 50%
Uninformed
Locally−informed
Globally−informed
10
0
0.00.20.40.60.81.0
Evasionsuccess(averagetestFNR)
Figure 3: Effect of poisoning attacks on the PCA-based detector [
relative chaff volume under Single-Training Period poisoning attack
(dotted black line) locally-informed (dashed blue line) and globally
success of PCA under Boiling Frog poisoning attacks in terms of th
of locally-informed poisoning for four different poisoning schedules
size of the poisoning by factors 1.01, 1.02, 1.05, and 1.15 respectively)
rates of 1.05 and 1.15) significantly increase the FNR within a few w
many weeks to achieve the same result but are more stealthy in do
sequent DoS attack. When trained on this poisoned data,
the detector learned a distorted set of principal components
that are unable to effectively discern these DoS attacks—a
We call this
soning meth
slowly incre
Unsupervised ML (e.g. PCA)
Huang et al. 2011
Detection of incident for both prevent and protect & response and recover
Extend set of information to improve resilience: Social Network
• Aggregation of (personal) data
• Secondary usage of (personal) data
• Disclosure of (personal) data to third parties
Security and privacy require trustworthy information sharing
11. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
Example: Information Flow with Social Networks in USA
HOW AMERICANS USE
SOCIAL TOOLS IN
EMERGENCIES18% use FB to
get information
about emergencies.
More than 1/3
expect help to arrive
within 1 hour of
posting need to
social site.
It’s BEST to
call 9-1-1
24% would use
social tools to tell
others they’re safe.
“I’m safe”
1 in 5 would try
an online channel
to get help if unable
to reach EMS.
30% in metro
areas would sign
up for alerts.
20% in non-
metro areas
would sign up
for alerts.
Online news is the 3rd
most popular source
for emergency info.
TV
RADIO
ONLINE
80% expect emergency
responders to monitor
social sites.
H21055
1 in 5 experienced
an emergency posted
something about it
on a social site.
12. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
II. Trustworthy Information Exchange
Example: Public Key Exchange
Availability and integrity of pkBob
• Assumption: Authentic pre-sharing exists, e.g. via personal exchange, PKI, …
ICT-supported society:
• No global PKI for humans
• Multilateral IT Security: Accountability and unobservability are explicitly to configure
• Germany: 74% of population want to delegate responsibility to a Third Party
pkBob, pkCA2, pkCA1
“Man in the
middle”
Alice Bob
!12
W. Diffie and M.E. Hellmann. New Directions in Cryptography, 1976; K. Rannenberg. Multilateral Security A Concept and Examples for Balanced Security, 2000; http://www.divsi.de
13. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Unilateral trust: No control on usage of pkBob
Trust Model
pkBob
Alice Bob
Charlie
• Availability and integrity of pkBob via necessary “Man-in-the-Middle”
eIDBobeIDAlice
• Accountability and unobservability by access control of eID infrastructures
!13
pkBob pkBob
14. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Unilateral trust: No control on usage of pkBob
Objective: Multilateral Trust
Trust Model
pkBob
Alice Bob
Charlie
• Availability and integrity of pkBob via necessary “Man-in-the-Middle”
eIDBobeIDAlice
• Accountability and unobservability by access control of eID infrastructures
!13
pkBob pkBob
15. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity !14
Problem: Unknown, inevitable Vulnerabilities
• Modeled dependencies imply vulnerability by undesired ones (covert channels, escalation
of rights, security configuration, human errors, …)
• Impossible to automatically detect all undesired dependencies
Case (a): Passive interference Case (b): Active interference
Adaptive IT system: "Programming at run-time" - Dependencies emerge at run-time
C. Wang and S. Ju. The Dilemma of Covert Channels Searching, 2005.
16. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity !14
Problem: Unknown, inevitable Vulnerabilities
• Modeled dependencies imply vulnerability by undesired ones (covert channels, escalation
of rights, security configuration, human errors, …)
• Impossible to automatically detect all undesired dependencies
Case (a): Passive interference Case (b): Active interference
Adaptive IT system: "Programming at run-time" - Dependencies emerge at run-time
Detecting misuse of identity to (ex post) enforce privacy
C. Wang and S. Ju. The Dilemma of Covert Channels Searching, 2005.
17. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Dr. Sven Wohlgemuth !15
ICT Resilience: Enforcing Multilateral Security
ICT Resilience: Ability of an ICT system to provide and maintain an acceptable level of
service in the face of various faults and challenges to normal operation
(Sterbenz et al., 2010)
Acceptable enforcement of individual security interests for a
spontaneous, trustworthy information exchange of pkBob
Eigene Abbildung nach illustration following (Sheffi, 2005; Günther et al., 2007; McNanus, 2009)
PersoApp – Eine Open-Source-Community zum neuen Personalausweis. Sichere Identitäten schaffen Vertrauen.
18. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Dr. Sven Wohlgemuth PersoApp – Eine Open-Source-Community zum neuen Personalausweis. Sichere Identitäten schaffen Vertrauen. !16
Approach: Control and Transparency
Enhanced trust infrastructure by measuring with Privacy Control and Privacy Forensics
eID client evaluates individually evidences on data usage anomalies and their origin
IT Risk Analysis
Privacy Control
Privacy ForensicsOptimization
Usage Control Policy
Toolbox
X
19. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Dr. Sven Wohlgemuth PersoApp – Eine Open-Source-Community zum neuen Personalausweis. Sichere Identitäten schaffen Vertrauen. !16
Approach: Control and Transparency
Enhanced trust infrastructure by measuring with Privacy Control and Privacy Forensics
eID client evaluates individually evidences on data usage anomalies and their origin
IT Risk Analysis
Privacy Control
Privacy ForensicsOptimization
Usage Control Policy
Toolbox
X
Privacy is an evidence for security and integrity (reliability)"
The German national ID card can be a trust anchor.
20. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Dr. Sven Wohlgemuth !17
Privacy Control
PersoApp – Eine Open-Source-Community zum neuen Personalausweis. Sichere Identitäten schaffen Vertrauen.
Specification of isolation by pseudonymized delegation of rights to third parties
In case of confidentiality breach: Information is linked to pseudonymous identity
Control: Individual pseudonymized eID based on national eID infrastructure
S. Wohlgemuth. Privatsphäre durch die Delegation von Rechten, 2008; N. Sonehara, I. Echizen
und S. Wohlgemuth. Isolation in Cloud Computing and Privacy-Enhancing Technologies, 2011
Control Transparency
Transparency
System 1
DP/DC
System 3
DP/DC
System 2
DP/DC
pkBob pkBob pkBob
Policy
21. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Dr. Sven Wohlgemuth !17
Privacy Control
PersoApp – Eine Open-Source-Community zum neuen Personalausweis. Sichere Identitäten schaffen Vertrauen.
Specification of isolation by pseudonymized delegation of rights to third parties
In case of confidentiality breach: Information is linked to pseudonymous identity
Control: Individual pseudonymized eID based on national eID infrastructure
S. Wohlgemuth. Privatsphäre durch die Delegation von Rechten, 2008; N. Sonehara, I. Echizen
und S. Wohlgemuth. Isolation in Cloud Computing and Privacy-Enhancing Technologies, 2011
Control Transparency
Transparency
System 1
DP/DC
System 3
DP/DC
System 2
DP/DC
pkBob pkBobpkBob
Policy
d
Control
System 4
DP/DC
d
d
Policy
22. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Transparency
& Control
Dr. Sven Wohlgemuth !17
Privacy Control
PersoApp – Eine Open-Source-Community zum neuen Personalausweis. Sichere Identitäten schaffen Vertrauen.
Specification of isolation by pseudonymized delegation of rights to third parties
In case of confidentiality breach: Information is linked to pseudonymous identity
Control: Individual pseudonymized eID based on national eID infrastructure
S. Wohlgemuth. Privatsphäre durch die Delegation von Rechten, 2008; N. Sonehara, I. Echizen
und S. Wohlgemuth. Isolation in Cloud Computing and Privacy-Enhancing Technologies, 2011
Control
Transparency
System 1
DP/DC
System 3
DP/DC
System 2
DP/DC
pkBob pkBobpkBob
Policy
d
Control
System 4
DP/DC
d
d
Policy
23. Dr. Sven Wohlgemuth PersoApp – Eine Open-Source-Community zum neuen Personalausweis. Sichere Identitäten schaffen Vertrauen.
Transparency: Reconstructing usage of pkBob by data provenance
eID client enforces documenting data provenance audit trail
!18
Privacy Forensics
Transparenz
Kontrolle Transparenz
Transparenz
System 1
DP/DC
System 3
DP/DC
System 2
DP/DC
pkBob
System 4
DP/DC
pkBob
pkBob
System 2
pkBob
System 2
System 3
Control: Pseudonymous eID with eID infrastructure of national ID card
D.J. Weitzner, H. Abelson, T. Berners-Lee, J. Feigenbaum, J. Hendler, and G.J. Sussman. Information Accountability, 2008; S.
Wohlgemuth, I. Echizen, N. Sonehara und G. Müller. Tagging Disclosures of Personal Data to Third Parties to Preserve Privacy, 2010.
24. Dr. Sven Wohlgemuth PersoApp – Eine Open-Source-Community zum neuen Personalausweis. Sichere Identitäten schaffen Vertrauen.
Transparency: Reconstructing usage of pkBob by data provenance
eID client enforces documenting data provenance audit trail
!18
Privacy Forensics
Transparenz
Kontrolle Transparenz
Transparenz
System 1
DP/DC
System 3
DP/DC
System 2
DP/DC
pkBob
System 4
DP/DC
pkBob
pkBob
System 2
Control: Pseudonymous eID with eID infrastructure of national ID card
pkBob
System 2
System 3
System 4
pkBob
System 2
System 3
System 4
System 3
D.J. Weitzner, H. Abelson, T. Berners-Lee, J. Feigenbaum, J. Hendler, and G.J. Sussman. Information Accountability, 2008; S.
Wohlgemuth, I. Echizen, N. Sonehara und G. Müller. Tagging Disclosures of Personal Data to Third Parties to Preserve Privacy, 2010.
25. Dr. Sven Wohlgemuth PersoApp – Eine Open-Source-Community zum neuen Personalausweis. Sichere Identitäten schaffen Vertrauen.
Transparency: Reconstructing usage of pkBob by data provenance
eID client enforces documenting data provenance audit trail
!18
Privacy Forensics
Transparenz
Kontrolle Transparenz
Transparenz
System 1
DP/DC
System 3
DP/DC
System 2
DP/DC
pkBob
System 4
DP/DC
pkBob
pkBob
System 2
Control: Pseudonymous eID with eID infrastructure of national ID card
pkBob
System 2
System 3
System 4
pkBob
System 2
System 3
System 4
System 3
Hindering non-authorized re-
identification"
Unobservability
Misuse of pkBob can be detected"
Accountability
D.J. Weitzner, H. Abelson, T. Berners-Lee, J. Feigenbaum, J. Hendler, and G.J. Sussman. Information Accountability, 2008; S.
Wohlgemuth, I. Echizen, N. Sonehara und G. Müller. Tagging Disclosures of Personal Data to Third Parties to Preserve Privacy, 2010.
26. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
!19
Example
Exemplary Privacy
Forensics
• Data Provenance for images
• Derived information are not listed
Identity Forensics
• Overview on data usage with Google ID
• Accountability, availability
and unobservability
• Accountability and availability
but no unobservability
27. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Dr. Sven Wohlgemuth
II. PersoApp – Open Source Community
Citizen, Government, Industry, and Academia
!20PersoApp – Eine Open-Source-Community zum neuen Personalausweis. Sichere Identitäten schaffen Vertrauen.
• Introduced German national ID card with eID in November, 2010
• Project PersoApp: € 684.880,- (without VAT) until Dec. 31, 2015
Federal Ministry of the Interior (BMI):
• Objectives:
Core Team of PersoApp:
• AGETO Service GmbH: Open source library for electronic identification
• Fraunhofer SIT: Guidelines for security engineering
• TUD/CASED: Community building with user survey,
use cases, workshops, …
1. Establishment of an open source community
2. Alternative for eID client of the Government (AusweisApp)
3. Experimental platform for new requirements, services, ...
28. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
Objectives of PersoApp
!21
1. Establishment of an Open Source Community
!
!
!
!
2. Alternative to official eID client (AusweisApp)
!
!
!
!
3. Experiments for new requirements, services, …
!
PersoApp Major Release A1
https://persoapp.googlecode.com
• Internet Milieus in Germany
• A digitalized Campus
• Spontaneous information exchange
• Spontaneous information exchange
• ICT Resilience: Extension of IT Security
• Control and transparency
29. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Dr. Sven Wohlgemuth PersoApp – Sichere und benutzerfreundliche Internet-Anwendungen. Sichere Identitäten schaffen Vertrauen. "22
Advisory Board
Focus:
• Consulting steering committee in requirements and interests
• 43 stakeholders from national and abroad industries, academia, data protection, and
government
• Annual meeting (constitutive meeting on September 2014 at BMI)
D01-QM Organisation und Rollenverteilung; D10-QM Community Building: Konzept, Maßnahmen und Bewertung
30. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Dr. Sven Wohlgemuth PersoApp – Sichere und benutzerfreundliche Internet-Anwendungen. Sichere Identitäten schaffen Vertrauen. "23
Advisory Board: A Network of Networks
Kernteam
31. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity !24
Target Group for Initial Community Building
Internet Milieu in Germany
Digital Outsiders:
• Personal benefit of Internet usage is
not clear
• Strongly uncertain for security and
privacy risks
Digital Immigrants:
• Internet usage for communication
with trusted participants
• Highly aware of security and privacy
risks
Digital Natives:
• “Always on-line” for personal benefit
• High Internet ability but less risk
awareness
https://www.divsi.de/sites/default/files/DIVSI_Milieu_Study_Summary.pdf
• Digital Natives provides orientation as disseminators
• Initial community building at gymnasium and universities
• Digital Natives have largest part on higher education
32. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Dr. Sven Wohlgemuth PersoApp – Sichere und benutzerfreundliche Internet-Anwendungen. Sichere Identiätem schaffen Vertrauen. !25
Call for Apps
• Identity forensics
• Privacy Control"
• Privacy Forensics
eID client and extensions for
• User-centric survey"
• Design of use cases in particular for mobile applications"
• Open source software library for eID functionality (client) of German national ID card"
• Extension by “Feature Requests”"
• Guidelines for integration of security functionality in own application (Security by Design)"
• Publication of results on workshop, talk, education, …
We offer
Partner are welcome!
https://www.persoapp.de
33. Dr. Sven Wohlgemuth PersoApp - An Open Source Community for the new German national ID card. Trust in identity.
• Textebene 1
– Textebene 2
• Textebene 3
– Textebene 4
• Textebene 5
Dr. Sven Wohlgemuth !26
ご清聴ありがとうございました。
Twitter at https://www.twitter.com/persoapp"• Announcement of news and collaboration regarding PersoApp
E-Mail Listing"• Contact: persoapp@trust.cased.de"• Project leader: persoapp-projects@trust.cased.de"• Software engineer: persoapp-devel@trust.cased.de"• Broadcast: persoapp-broadcast@trust.cased.de"• Steering committee: persoapp-steering@trust.cased.de"• Advisory board: persoapp-advisory@trust.cased.de
Code Repository https://persoapp.googlecode.com/"• SVN repository"• Issue tracker
Internet Portal https://www.persoapp.de"• Forum"• Pre-Release"• Demo and test service"• Documentation"• Event calendar
PersoApp – Eine Open-Source-Community zum neuen Personalausweis. Sichere Identitäten schaffen Vertrauen.