Change search
Refine search result
12 51 - 59 of 59
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 51.
    Reuben, Jenni
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013). Karlstad University.
    Martucci, Leonardo A
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013). Karlstad University.
    Fischer-Hübner, Simone
    Karlstad University, Division for Information Technology.
    Automated Log Audits for Privacy Compliance Validation: A Literature Survey2016In: Privacy and Identity Management. Time for a Revolution?: 10th IFIP WG 9.2, 9.5, 9.6/11.7, 11.4, 11.6/SIG 9.2.2 International Summer School, Edinburgh, UK, August 16-21, 2015, Revised Selected Papers, Springer, 2016, Vol. 476, p. 13p. 312-326Conference paper (Refereed)
    Abstract [en]

    Log audits are the technical means to retrospectively reconstruct and analyze system activities for determining if the system events are in accordance with the rules. In the case of privacy compliance, compliance by detection approaches are promoted for achieving data protection obligations such as accountability and transparency. However significant challenges remain to fulfill privacy requirements through these approaches. This paper presents a systematic literature review that reveals the theoretical foundations of the state-of-art detective approaches for privacy compliance. We developed a taxonomy based on the technical design describing the contextual relationships of the existing solutions. The technical designs of the existing privacy detection solutions are primarily classified into privacy misuse detection and privacy anomaly detection. However, the design principles of these solutions are, to validate need-to-know and access control obligations hence the state-of-art privacy compliance validation mechanisms focus on usage limitations and accountability. The privacy compliance guarantee they provide is subtle when compared to the requirements arising from privacy regulations and data protection obligations.

  • 52.
    Reuben, Jenni
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Martucci, Leonardo A
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Fischer-Hübner, Simone
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Packer, Heather
    University of Southampton, England.
    Hedbom, Hans
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Moreau, Luc
    University of Southampton, England.
    Privacy Impact Assessment Template for Provenance2016In: Proceedings of 2016 11th International Conference on Availability, Reliability and Security, (Ares 2016), IEEE, 2016, p. 653-660Conference paper (Refereed)
  • 53.
    Ries, Sebastian
    et al.
    Technische Universität Darmstadt, Germany.
    Fischlin, Marc
    Technische Universität Darmstadt, Germany.
    Martucci, Leonardo
    Technische Universität Darmstadt, Germany.
    Mühlhäuser, Max
    Technische Universität Darmstadt, Germany.
    Learning whom to trust in a privacy-friendly way2011In: Trustcom 2011: 2011 International Joint Conference of IEEE Trustcom-11/IEEE ICESS-11/FCST-11 / [ed] G. Wang, S.R. Tate, J.J. Chen & K. Sakurai, IEEE Press, 2011, p. 214-225Conference paper (Refereed)
    Abstract [en]

    The topics of trust and privacy are morerelevant to users of online communities than ever before. Trust models provide excellent means for supporting users in their decision making process. However, those models require an exchange of informationbetween users, which can pose a threat to the users' privacy. In this paper, we present a novel approach fora privacy preserving computation of trust. Besides preserving the privacy of the recommenders by exchanging and aggregating recommendations under encryption, the proposed approach is the first that enables the trusting entities to learn about the trustworthiness oftheir recommenders at the same time. This is achievedby linking the minimum amount of information thatis required for the learning process to the actual recommendation and by using zero-knowledge proofs forassuring the correctness of this additional information.

  • 54.
    Voronkov, Artem
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Iwaya, Leonardo H
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Martucci, Leonardo
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Lindskog, Stefan
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Systematic Literature Review on Usability of Firewall Configuration2018In: ACM Computing Surveys, ISSN 0360-0300, E-ISSN 1557-7341, Vol. 50, no 6, article id 87Article in journal (Refereed)
    Abstract [en]

    Firewalls are network security components that handle incoming and outgoing network traffic based on a set of rules. The process of correctly configuring a firewall is complicated and prone to error, and it worsens as the network complexity grows. A poorly configured firewall may result in major security threats; in the case of a network firewall, an organization’s security could be endangered, and in the case of a personal firewall, an individual computer’s security is threatened. A major reason for poorly configured firewalls, as pointed out in the literature, is usability issues. Our aim is to identify existing solutions that help professional and non-professional users to create and manage firewall configuration files, and to analyze the proposals in respect of usability. A systematic literature review with a focus on the usability of firewall configuration is presented in the article. Its main goal is to explore what has already been done in this field. In the primary selection procedure, 1,202 articles were retrieved and then screened. The secondary selection led us to 35 articles carefully chosen for further investigation, of which 14 articles were selected and summarized. As main contributions, we propose a taxonomy of existing solutions as well as a synthesis and in-depth discussion about the state of the art in firewall usability. Among the main findings, we perceived that there is a lack (or even an absence) of usability evaluation or user studies to validate the proposed models. Although all articles are related to the topic of usability, none of them clearly defines it, and only a few actually employ usability design principles and/or guidelines.

  • 55.
    Voronkov, Artem
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Lindskog, Stefan
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Martucci, Leonardo
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Challenges in Managing Firewalls2015In: Secure IT Systems: 20th Nordic Conference, NordSec 2015, Stockholm, Sweden, October 19–21, 2015, Proceedings, Springer, 2015, Vol. 9417, p. 191-196Conference paper (Refereed)
    Abstract [en]

    Firewalls are essential security devices that can provide protection against network attacks. To be effective, a firewall must be properly configured to ensure consistency with the security policy. However, configuring is a complex and error-prone process. This work tries to identify the reasons behind firewall misconfigurations. To achieve our goal, we conducted a series of semi-structured interviews with system administrators that manage access control lists in networks of different sizes. The paper discusses our interview results and describes future work.

  • 56.
    Voronkov, Artem
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Martucci, Leonardo
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013). Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science.
    Natural vs. Technical Language Preference and its Impact on Firewall Configuration2020Conference paper (Refereed)
    Abstract [en]

    Firewalls are network security components designed to regulate incoming and outgoing traffic to protect computers and networks. The behavior of firewalls is dictated by its configuration file, which is a written sequence of rules expressed by a set of keys and parameters. In this paper, we investigate whether certain representations of firewall rule sets can affect understandability. To collect data for our investigation, we designed an online survey for an audience who are familiar with firewalls, in which we aimed to compare two different rule set representations: iptables and English. We collected data from 56 participants. Our results show that participants’ perception of a certain rule set representation depends on their firewall expertise. Participants with basic or intermediate knowledge of firewalls consider rule sets expressed in English to be 40% easier to understand, whereas advanced or expert firewall users deemed it to be 27% more difficult. We will discuss the reasons for these results and describe their possible implications.

  • 57.
    Voronkov, Artem
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Martucci, Leonardo
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Lindskog, Stefan
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Measuring the Usability of Firewall Rule Sets2020In: IEEE Access, E-ISSN 2169-3536, p. 27106-27121Article in journal (Refereed)
    Abstract [en]

    Firewalls are computer systems that assess the network traffic using an ideally coherentand manageable set of rules. This study aims to provide means to measure the usability of firewall rulesets in terms of how easily IT professionals can understand and manage them. First, we conductedsemi-structured interviews with system administrators wherein we obtained the usability challenges relatedto the management of firewall rule sets. This was followed by the analysis of related work. The interviewresults were combined with the findings from the related work. Accordingly, we acquired four usabilityattributes related to the manageability of firewalls; these were formally defined. We tested and measured thecognitive aspects related to the structure and ordering of the rules through a user study. A third user studywith system administrators validated our metrics. It exhibited a very strong correlation between the metricsand how the administrators characterized usability.

  • 58. Weber, Stefan G.
    et al.
    Martucci, Leonardo
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Ries, Sebastian
    Mühlhäuser, Max
    Technische Universität Darmstadt.
    Towards trustworthy identity and access management for the future internet2010In: Proceedings of the 4th International Workshop on Trustworthy Internet ofPeople, Things & Services (Trustworthy IoPTS 2010), 2010Conference paper (Refereed)
    Abstract [en]

    The Future Internet, in its different variants, promises a global connectivity of people, things and services.However, in order to develop its full potential and to achieve an accepted, seamless integration of Internet use into daily lives, severe security issues have to be addressed. In this paper, we propose to establish security and trustworthiness by means of an integrated identity and access management. Especially, we sketch the foundations of a novel identity and access management approach that is tailored for the Future Internet. We provide mechanisms for flexible modeling and description of digital user identities with support to transaction-based privacy protection, access to personal data, flexible third party accountability and end-to-end secure communication. The mechanisms are tailored for the use on a trusted personaldevice called Minimal Entity, which provides a trustworthy gateway to benefit from the offerings of the Future Internet.

  • 59.
    Zhang, Ge
    et al.
    Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science.
    Fischer-Hübner, Simone
    Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science.
    Martucci, Leonardo A.
    Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science.
    Ehlert, Sven
    Fraunhofer FOKUS, Berlin, Germany.
    Revealing the calling history on SIP VoIP systems by timing attacks2009In: Proceedings of the 4th International Conference on Availability, Reliability and Security (ARES 2009), IEEE Press, IEEE Computer Society, 2009, p. 135-142Conference paper (Refereed)
    Abstract [en]

    Many emergent security threats which did not exist in the traditional telephony network are introduced in SIP VoIP services. To provide high-level security assurance to SIP VoIP services, an inter-domain authentication mechanism is defined in RFC 4474. However, this mechanism introduces another vulnerability: a timing attack which can be used for effectively revealing the calling history of a group of VoIP users. The idea here is to exploit the certificate cache mechanisms supported by SIP VoIP infrastructures, in which the certificate from a caller's domain will be cached by the callee's proxy to accelerate subsequent requests. Therefore, SIP processing time varies depending whether the two domains had been into contact beforehand or not. The attacker can thus profile the calling history of a SIP domain by sending probing requests and observing the time required for processing. The result of our experiments demonstrates that this attack can be easily launched. We also discuss countermeasures to prevent such attacks

12 51 - 59 of 59
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf