ICST Transactions on Security and Safety

Editor(s)-in-Chief: Peng Liu
Guest Editor(s): Heng Xu and Chuan-Hoo Tan

Growing threats and increasingly also failures due to complexity may compromise the security and resilience of network and service infrastructures. Applications and services require security of data handling and we need new security architectures and scalable and interoperable security policies for…

Growing threats and increasingly also failures due to complexity may compromise the security and resilience of network and service infrastructures. Applications and services require security of data handling and we need new security architectures and scalable and interoperable security policies for this. There is a need to guarantee end-to-end security in data communications and storage, including identity management and authentication. Moreover, we need technology to enable network security monitoring and tracing and to assess the trustworthiness of infrastructures and services. It must ensure the protection of personal data and privacy and to properly assign liability and risks, together with the appropriate governance models needed to do so. Furthermore this is applied to the settings of Public Safety in general.

more »
Submission Instructions
Publisher
ICST
ISSN
2032-9393

  • Welcome message from the Editor-in-Chief

    Editorial in ICST Transactions on Security and Safety 11(7–9): e1

    Peng Liu

    Abstract
    more »

  • Introduction to special issue on information privacy and trust in social media

    Editorial in ICST Transactions on Security and Safety 11(7–9): e2

    Heng Xu, Chuan-Hoo Tan

    Abstract
    more »

  • How did you know that about me? Protecting users against unwanted inferences

    Research Article in ICST Transactions on Security and Safety 11(7–9): e3

    Sara Motahari, Julia Mayer, Quentin Jones

    Abstract
    The widespread adoption of social computing applications is transforming our world. It has changed the way we routinely communicate and navigate our environment and enabled political revolutions. How…The widespread adoption of social computing applications is transforming our world. It has changed the way we routinely communicate and navigate our environment and enabled political revolutions. However, despite these applications’ ability to support social action, their use puts individual privacy at considerable risk. This is in large part due to the fact that the public sharing of personal information through social computing applications enables potentially unwanted inferences about users’ identity, location, or other related personal information. This paper provides a systematic overview of the social inference problem. It highlights the public’s and research community’s general lack of awareness of the problem and associated risks to user privacy. A social inference risk prediction framework is presented and associated empirical studies that attest to its validity. This framework is then used to outline the major research and practical challenges that need to be addressed if we are to deploy effective social inference protection systems. Challenges examined include how to address the computational complexity of social inference risk modeling and designing user interfaces that inform users about social inference opportunities.
     more »

  • A framework for usable end-user privacy control in social software systems

    Research Article in ICST Transactions on Security and Safety 11(7–9): e4

    Maryam Najafian Razavi, Denis Gillet

    Abstract
    Recent studies have shown that many users struggle to properly manage selective sharing of the diverse information artefacts they deposit in social software tools. Most tools define privacy based on …Recent studies have shown that many users struggle to properly manage selective sharing of the diverse information artefacts they deposit in social software tools. Most tools define privacy based on the ‘network of friends’ model, in which all ‘friends’ are created equal and all relationships are reciprocal. This model fails to support the privacy expectations that non-technical users bring from their real-life experiences, such as enabling different degrees of intimacy within one’s network and providing flexible, natural means of managing the volatile social relationships that social software systems confront. Furthermore, the model suffers from lack of empirical grounding and systematic evaluation. This paper presents a framework for building privacy management mechanisms for social software systems that is intuitive and easy to use for the average, non-technical user population of these systems. The framework is based on a grounded theory study of users’ information sharing behaviour in a social software tool. Results inform the design of OpnTag, a social software prototype that facilitates personal and social information management and sharing. Preliminary empirical data suggest that our proposed privacy framework is flexible enough to meet users’ varying information sharing needs in different contexts while maintaining adequate support for usability.
     more »

  • Trust in social computing. The case of peer-to-peer file sharing networks

    Research Article in ICST Transactions on Security and Safety 11(7–9): e5

    Heng Xu, Tamara Dinev, Han Li

    Abstract
    Social computing and online communities are changing the fundamental way people share information and communicate with each other. Social computing focuses on how users may have more autonomy to expr…Social computing and online communities are changing the fundamental way people share information and communicate with each other. Social computing focuses on how users may have more autonomy to express their ideas and participate in social exchanges in various ways, one of which may be peer-to-peer (P2P) file sharing. Given the greater risk of opportunistic behavior by malicious or criminal communities in P2P networks, it is crucial to understand the factors that affect individual’s use of P2P file sharing software. In this paper, we develop and empirically test a research model that includes trust beliefs and perceived risks as two major antecedent beliefs to the usage intention. Six trust antecedents are assessed including knowledge-based trust, cognitive trust, and both organizational and peer-network factors of institutional trust. Our preliminary results show general support for the model and offer some important implications for software vendors in P2P sharing industry and regulatory bodies.
     more »