Information and Computer Security: Volume 27 Issue 5

Sealed computation: a mechanism to support privacy-aware trustworthy cloud service

Lamya Abdullah, Juan Quintero

The purpose of this study is to propose an approach to avoid having to trust a single entity in cloud-based applications. In cloud computing, data processing is delegated to a…

Keep on rating – on the systematic rating and comparison of authentication schemes

Verena Zimmermann, Nina Gerber, Peter Mayer, Marius Kleboth, Alexandra von Preuschen, Konstantin Schmidt

Six years ago, Bonneau et al. (2012) proposed a framework to compare authentication schemes to the ubiquitous text password. Even though their work did not reveal an alternative…

A normative decision-making model for cyber security

Andrew M’manga, Shamal Faily, John McAlaney, Chris Williams, Youki Kadobayashi, Daisuke Miyamoto

The purpose of this paper is to investigate security decision-making during risk and uncertain conditions and to propose a normative model capable of tracing the decision…

Making secret sharing based cloud storage usable

Erik Framner, Simone Fischer-Hübner, Thomas Lorünser, Ala Sarah Alaqra, John Sören Pettersson

The purpose of this paper is to develop a usable configuration management for Archistar, which utilizes secret sharing for redundantly storing data over multiple independent…

Developing and validating a common body of knowledge for information privacy

Rena Lavranou, Aggeliki Tsohou

This paper aims to present a common body of knowledge (CBK) for the field of information privacy, titled InfoPrivacy CBK. The purpose of the proposed CBK is to guide internet…

A scheme for the sticky policy representation supporting secure cyber-threat intelligence analysis and sharing

Oleksii Osliak, Andrea Saracino, Fabio Martinelli

This paper aims to propose a structured threat information expression (STIX)-based data representation for privacy-preserving data analysis to report format and semantics of…

Practical evaluation of a reference architecture for the management of privacy level agreements

Vasiliki Diamantopoulou, Haralambos Mouratidis

The enforcement of the General Data Protection Regulation imposes specific privacy- and -security related requirements that any organisation that processes European Union…