1,721,006 research outputs found
Towards a Privacy Resilient Mobility-as-a-Service (MaaS): A Threat-driven Approach
No full textMobility-as-a-Service (MaaS) is transforming smart cities by promoting affordability, inclusivity, multimodal efficiency, and environmental sustainability. This platform collects, uses, and shares sensitive user information, such as geolocation, payment, and personal data, to enable its service offerings. These information are valuable targets for attackers; thus, securing them requires a holistic approach that addresses the platform's security and privacy requirements. However, despite the growing adoption of MaaS, their privacy risk assessment is still an open issue. In this study, we present a threat-driven approach that leverages LINDDUN privacy threat analysis to support the Threat, Vulnerability, and Risk Assessment (TVRA) methodology. We demonstrate the utility of our approach through a simple case study of the trip booking fulfillment process. The main result of this study, alongside the threat-driven approach, is the identification of twenty soft privacy threats in MaaS and their corresponding controls. Additionally, leveraging the NIST 800-53 framework, our study extends privacy risk assessment literature by addressing specific privacy risks in MaaS
A Secure Architecture for Re-Taskable Sensing Systems
No full textSensor Networks are considered a high-innovation potential branch in the field of network computing and are widely used in several application domains thanks to their cost effectiveness, flexibility and ease of deployment. They are well suited to a multitude of monitoring and surveillance applications and are often involved in mission-critical tasks, thus making security a primary concern. Many architectures and protocols have been proposed to address this issue, mainly based on cryptographic operations, but it still represents an open research area: in fact, in order to be effective, such techniques often require complex computations and a large amount of dedicated resources, which are not available on sensor platforms according to the existing technology. Nevertheless, if considering tiered sensor networks, where tiny motes coexist with more powerful nodes, it is possible to perform some complex and efficient security schemes by exploiting the different capabilities of nodes. In this paper we present a secure architectural proposal based on the Tenet system, a tiered re-taskable sensor network architecture. Specifically, we have integrated security features into the Tenet architecture in order to implement a hybrid cryptosystem. Such a cryptosystem combines symmetric and asymmetric cryptographic schemes to benefit of the security provided by asymmetric protocols and the better performance of symmetric ones
The convergence of Digital Twins and Distributed Ledger Technologies: A systematic literature review and an architectural proposal
Full text linkA Digital Twin Architecture for Intelligent Public Transportation Systems: A FIWARE-Based Solution
No full textPublic transportation systems play a vital role for society, but they often fall short in addressing the dynamic needs of commuters. Intelligent Public Transportation Systems (IPTS) hold promise for enhancing efficiency and adapting to these evolving requirements. Digital twins (DT), virtual representations of real-world systems, can be leveraged to create dynamic replicas that guide real-time decision-making and optimization for IPTS. This paper examines the concept of digital twins and their potential for IPTS, highlighting the challenges and opportunities that must be addressed to fully capitalize on this technology. Moreover, a DT-based IPTS architecture is proposed leveraging on FIWARE Smart Data Models for data interoperability. Finally, a small real-world instance of the proposed architecture and data model is illustrated involving a bus-based IPTS where the DT technology is adopted to enable bus passenger demand prediction and bus scheduling update
Cloud security: From per-provider to per-service security SLAs
No full textCloud Security is still considered one of the main factors inhibiting the diffusion of the Cloud Computing paradigm. Potential Cloud Service Customers (CSCs) do not trust delegating every kind of resources and data to external Cloud Service Providers (CSPs). The problem grows in complexity due to the increasing adoption of complex supply chains: CSPs that offer Sofware-as-a-Service (SaaS) cloud services often do not have their own data centers, but just acquire resources and services from other CSPs. This makes ithard, if not impossible, to ascribe the responsibility of a securityincident. A possible solution is the adoption of Security ServiceLevel Agreements (SLAs): CSPs should deliver services withan SLA that details each guarantee offered in terms of security, and CSCs should be able to compare offerings from differentCSPs and verify that SLAs are respected during service lifecycle. This paper shows how it is possible to build up a per-serviceSecurity SLA in a chain of cloud services, proposing asolution based on a security evaluation technique to comparedifferent cloud service supply chains based on their SecuritySLAs
Secure software development and testing: A model-based methodology
Full text linkModern industries widely rely upon software and IT services, in a context where cybercrime is rapidly spreading
in more and more sectors. Unfortunately, despite greater general awareness of security risks and the availability
of security tools that can help to cope with those risks, many organizations (especially medium/small-size ones)
still lag when it comes to building security into their services. This is mainly due to the limited security skills
of common developers/IT project managers and to the typically high costs of security procedures. In fact,
while automated tools exist to perform code analysis, vulnerability scanning, or security testing, the manual
intervention of security experts is still required not only for security analysis and design, but also to configure
and elaborate the output of the security testing tools.
In this paper, we propose a novel secure software development methodology aimed at supporting developers
from security design to security testing, suitable for integration within modern DevOps pipelines according
to a DevSecOps (or SecDevOps) approach. The proposed methodology leverages a model-based process that
enables identifying existing threats, selecting appropriate countermeasures to enforce, and verify their mitigation
effectiveness through both static assessment procedures and targeted security tests. To demonstrate our
approach’s feasibility and concretely illustrate the devised activities, we provide a step-by-step description of
the whole process concerning a containerized microservice-based application case study. In addition, we discuss
the application of the proposed methodology, in its threat modeling and security testing phases, to a well-known
vulnerable web application widely used for security training purposes, to illustrate that we can identify most of
the existing vulnerabilities and determine appropriate test plans to assess and mitigate such vulnerabilities
Digital Twins in Healthcare: an architectural proposal and its application in a social distancing case study
Full text linkThe digital transformation process fostered by the development of Industry 4.0 technologies has largely affected the health sector, increasing diagnostic capabilities and improving drug effectiveness and treatment delivery. The Digital Twin (DT) technology, based on the virtualization of physical assets/processes and on a bidirectional communication between the digital and physical space for data exchange, is considered a game changer in modern health systems. Digital Twin applications in healthcare are various, ranging from virtualization of hospitals' physical spaces/organizational processes to individuals' physiological/genetic/lifestyle characteristics replication, and include the modeling of public health-related processes for monitoring, optimization and planning purposes. In this paper, motivated by the current COVID-19 pandemic, we focus on the application of the Digital Twin technology for virus containment on the workplace through social distancing. The contribution of this paper is three-fold: i) we review the existing literature on the adoption of the Digital Twin technology in the healthcare domain, and propose a classification of DT applications into four categories; ii) we propose a generalized Digital Twin architecture that can be used as reference to identify the main functional components of a Digital Twin system; iii) we present CanTwin, a real-life industrial case study developed by Hitachi and representing the Digital Twin of a canteen service serving 1100 workers, set up for social distancing monitoring, queue inspection, people counting and tracking, table occupancy supervision
- …
