Biblio

Many technological cases exploiting data science have been realized in recent years; machine learning, Internet of Things, and stream data processing are examples of this trend. Other advanced applications have focused on capturing the value from streaming data of different objects of transport and traffic management in an Intelligent Transportation System (ITS). In this context, security control and trust level play a decisive role in the sustainable adoption of this trend. However, conceptual work integrating the security approaches of different disciplines into one coherent reference architecture is limited. The contribution of this paper is a reference architecture for ITS security (called SITS). In addition, a classification of Big Data technologies, products, and services to address the ITS trust challenges is presented. We also proposed a novel multi-tier ITS security framework for validating the usability of SITS with business intelligence development in the enterprise domain.

Due to their specific features, blockchains have become popular in recent years. Blockchains are layered systems where security is a critical factor for their success. The main focus of this work is to systematize knowledge about security and privacy issues of blockchains. To this end, we propose a security reference architecture based on models that demonstrate the stacked hierarchy of various threats as well as threat-risk assessment using ISO/IEC 15408. In contrast to the previous surveys [23], [88], [11], we focus on the categorization of security vulnerabilities based on their origins and using the proposed architecture we present existing prevention and mitigation techniques. The scope of our work mainly covers aspects related to the nature of blockchains, while we mention operational security issues and countermeasures only tangentially.

The H2020 European research project GHOST - Safe-Guarding Home IoT Environments with Personalised Real-time Risk Control - aims to deploy a highly effective security framework for IoT smart home residents through a novel reference architecture for user-centric cyber security in smart homes providing an unobtrusive and user-comprehensible solution. The aforementioned security framework leads to a transparent cyber security environment by increasing the effectiveness of the existing cyber security services and enhancing system's self-defence through disruptive software-enabled network security solutions. In this paper, GHOST security framework for IoT-based smart homes is presented. It is aiming to address the security challenges posed by several types of attacks, such as network, device and software. The effective design of the overall multi-layered architecture is analysed, with particular emphasis given to the integration aspects through dynamic and re-configurable solutions and the features provided by each one of the architectural layers. Additionally, real-life trials and the associated use cases are described showcasing the competences and potential of the proposed framework.

Existing security technologies play a significant role in protecting enterprise systems but they are no longer enough on their own given the number of successful cyberattacks against businesses and the sophistication of the tactics used by attackers to bypass the security defences. Security measurement is different to security monitoring in the sense that it provides a means to quantify the security of the systems while security monitoring helps in identifying abnormal events and does not measure the actual state of an infrastructure's security. The goal of enterprise security metrics is to enable understanding of the overall security using measurements to guide decision making. In this paper we present a reference architecture for aggregating the measurement values from the different components of the system in order to enable stakeholders to see the overall security state of their enterprise systems and to assist with decision making. This will provide a newer dimension to security management by shifting from security monitoring to security measurement.

Recent advances in pervasive computing have caused a rapid growth of the Smart Home market, where a number of otherwise mundane pieces of technology are capable of connecting to the Internet and interacting with other similar devices. However, with the lack of a commonly adopted set of guidelines, several IT companies are producing smart devices with their own proprietary standards, leading to highly heterogeneous Smart Home systems in which the interoperability of the present elements is not always implemented in the most straightforward manner. As such, understanding the cyber risk of these cyber-physical systems beyond the individual devices has become an almost intractable problem. This paper tackles this issue by introducing a Smart Home reference architecture which facilitates security analysis. Being composed by three viewpoints, it gives a high-level description of the various functions and components needed in a domestic IoT device and network. Furthermore, this document demonstrates how the architecture can be used to determine the various attack surfaces of a home automation system from which its key vulnerabilities can be determined.

Current technologies to include cloud computing, social networking, mobile applications and crowd and synthetic intelligence, coupled with the explosion in storage and processing power, are evolving massive-scale marketplaces for a wide variety of resources and services. They are also enabling unprecedented forms and levels of collaborations among human and machine entities. In this new era, trust remains the keystone of success in any relationship between two or more parties. A primary challenge is to establish and manage trust in environments where massive numbers of consumers, providers and brokers are largely autonomous with vastly diverse requirements, capabilities, and trust profiles. Most contemporary trust management solutions are oblivious to diversities in trustors' requirements and contexts, utilize direct or indirect experiences as the only form of trust computations, employ hardcoded trust computations and marginally consider collaboration in trust management. We surmise the need for reference architecture for trust management to guide the development of a wide spectrum of trust management systems. In our previous work, we presented a preliminary reference architecture for trust management which provides customizable and reconfigurable trust management operations to accommodate varying levels of diversity and trust personalization. In this paper, we present a comprehensive taxonomy for trust management and extend our reference architecture to feature collaboration as a first-class object. Our goal is to promote the development of new collaborative trust management systems, where various trust management operations would involve collaborating entities. Using the proposed architecture, we implemented a collaborative personalized trust management system. Simulation results demonstrate the effectiveness and efficiency of our system.

The Internet of Things (IoT) represents a diverse technology and usage with unprecedented business opportunities and risks. The Internet of Things is changing the dynamics of security industry & reshaping it. It allows data to be transferred seamlessly among physical devices to the Internet. The growth of number of intelligent devices will create a network rich with information that allows supply chains to assemble and communicate in new ways. The technology research firm Gartner predicts that there will be 26 billion installed units on the Internet of Things (IoT) by 2020[1]. This paper explains the concept of Internet of Things (IoT), its characteristics, explain security challenges, technology adoption trends & suggests a reference architecture for E-commerce enterprise.