Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Information Security and Privacy – Challenges and Outlook

  • Chapter
  • First Online:
Advancing Research in Information and Communication Technology

Part of the book series: IFIP Advances in Information and Communication Technology ((Festschrifts,volume 600))

Abstract

The ongoing demand for new and faster technologies continues to leave consumers and business users to face the constant challenge of updating systems and software. This unrelenting pace of technological evolution has not always been matched with a commensurate focus on security and privacy matters. In particular, the obligatory move to embrace cloud and IoT - that frequently result in the collection and analysis of large data lakes has raised challenges for sovereign data protection and privacy legislation where data at rest can change overnight with mergers and acquisitions of service providers. This chapter examines the role of IFIP Technical Committee 11 (and its 14 underlying Working Groups) in this ever-changing and evolving domain. The discussion provides an outline of key issues in information security when viewed from technical, organisational and human perspectives, which collectively represent the breadth of areas within which TC-11 and its Working Groups are seeking to make contributions. The chapter as a whole gives a clear sense of the challenges involved in achieving and maintaining security and privacy, alongside insights into the ways that they are being tackled within IFIP activities.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 129.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. OECD: The OECD Privacy Framework (2013). https://www.oecd.org/sti/ieconomy/oecd_privacy_framework.pdf. Accessed 16 Dec 2020

  2. IFIP TC11: Aims and Scope (n.d.). https://www.ifiptc11.org/aims-and-scope. Accessed 16 Dec 2020

  3. IFIP TC11: Working Groups (n.d.). https://www.ifiptc11.org/working-groups. Accessed 16 Dec 2020

  4. Connolly, L., Lang, M., Tygar, D.: Managing employee security behaviour in organisations: the role of cultural factors and individual values. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IAICT, vol. 428, pp. 417–430. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55415-5_35

    Chapter  Google Scholar 

  5. Wiefling, S., Lo Iacono, L., Dürmuth, M.: Is this really you? An empirical study on risk-based authentication applied in the wild. In: Dhillon, G., Karlsson, F., Hedström, K., Zúquete, A. (eds.) SEC 2019. IAICT, vol. 562, pp. 134–148. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-22312-0_10

    Chapter  Google Scholar 

  6. Giorgi, G., Martinelli, F., Saracino, A., Sheikhalishahi, M.: Walking through the deep: gait analysis for user authentication through deep learning. In: Janczewski, L.J., Kutyłowski, M. (eds.) SEC 2018. IAICT, vol. 529, pp. 62–76. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99828-2_5

    Chapter  Google Scholar 

  7. Diaz-Tellez, Y.H., Bodanese, E.L., Dimitrakos, T., Turner, M.: Context-aware multifactor authentication based on dynamic pin. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IAICT, vol. 428, pp. 330–338. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55415-5_27

    Chapter  Google Scholar 

  8. Damopoulos, D., Wetzel, S.: Introducing research into the undergraduate curriculum in cybersecurity. In: Drevin, L., Theocharidou, M. (eds.) WISE 2019. IAICT, vol. 557, pp. 30–42. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-23451-5_3

    Chapter  Google Scholar 

  9. von Solms, S., Marnewick, A.: Identifying security requirements body of knowledge for the security systems engineer. In: Drevin, L., Theocharidou, M. (eds.) WISE 2019. IAICT, vol. 557, pp. 59–71. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-23451-5_5

    Chapter  Google Scholar 

  10. Thing, V.L.L., Chua, Z.-L.: Smartphone volatile memory acquisition for security analysis and forensics investigation. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IAICT, vol. 405, pp. 217–230. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39218-4_17

    Chapter  Google Scholar 

  11. Agarwal, M., Puzis, R., Haj-Yahya, J., Zilberman, P., Elovici, Y.: Anti-forensic = suspicious: detection of stealthy malware that hides its network traffic. In: Janczewski, L.J., Kutyłowski, M. (eds.) SEC 2018. IAICT, vol. 529, pp. 216–230. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99828-2_16

    Chapter  Google Scholar 

  12. Dupont, G., dos Santos, D.R., Costante, E., den Hartog, J., Etalle, S.: A matter of life and death: analyzing the security of healthcare networks. In: Hölbl, M., Rannenberg, K., Welzer, T. (eds.) SEC 2020. IAICT, vol. 580, pp. 355–369. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-58201-2_24

    Chapter  Google Scholar 

  13. Yoo, H., Ahmed, I.: Control logic injection attacks on industrial control systems. In: Dhillon, G., Karlsson, F., Hedström, K., Zúquete, A. (eds.) SEC 2019. IAICT, vol. 562, pp. 33–48. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-22312-0_3

    Chapter  Google Scholar 

  14. Vossaert, J., Lapon, J., De Decker, B., Naessens, V.: Trusted computing to increase security and privacy in eID authentication. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IAICT, vol. 428, pp. 485–492. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55415-5_41

    Chapter  Google Scholar 

  15. Eckel, M., Fuchs, A., Repp, J., Springer, M.: Secure attestation of virtualized environments. In: Hölbl, M., Rannenberg, K., Welzer, T. (eds.) SEC 2020. IAICT, vol. 580, pp. 203–216. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-58201-2_14

    Chapter  Google Scholar 

  16. Kitkowska, A., Shulman, Y., Martucci, L.A., Wästlund, E.: Facilitating privacy attitudes and behaviors with affective visual design. In: Hölbl, M., Rannenberg, K., Welzer, T. (eds.) SEC 2020. IAICT, vol. 580, pp. 109–123. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-58201-2_8

    Chapter  Google Scholar 

  17. Simonet, J., Teufel, S.: The influence of organizational, social and personal factors on cybersecurity awareness and behaviour of home computer users. In: Dhillon, G., Karlsson, F., Hedström, K., Zúquete, A. (eds.) SEC 2019. IAICT, vol. 562, pp. 194–208. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-22312-0_14

    Chapter  Google Scholar 

  18. Rios, R., Nuñez, D., Lopez, J.: Query privacy in sensing-as-a-service platforms. In: De Capitani di Vimercati, S., Martinelli, F. (eds.) SEC 2017. IAICT, vol. 502, pp. 141–154. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-58469-0_10

    Chapter  Google Scholar 

  19. Chen, W., Lin, Y., Galpin, V., Nigam, V., Lee, M., Aspinall, D.: Formal analysis of sneak-peek: a data centre attack and its mitigations. In: Janczewski, L.J., Kutyłowski, M. (eds.) SEC 2018. IAICT, vol. 529, pp. 307–322. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99828-2_22

    Chapter  Google Scholar 

  20. Adepu, S., Mathur, A.: Using process invariants to detect cyber attacks on a water treatment system. In: Hoepman, J.-H., Katzenbeisser, S. (eds.) SEC 2016. IAICT, vol. 471, pp. 91–104. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-33630-5_7

    Chapter  Google Scholar 

  21. Drozd, O., Kirrane, S.: Privacy CURE: consent comprehension made easy. In: Hölbl, M., Rannenberg, K., Welzer, T. (eds.) SEC 2020. IAICT, vol. 580, pp. 124–139. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-58201-2_9

    Chapter  Google Scholar 

  22. Paul, N., Tesfay, W.B., Kipker, D.-K., Stelter, M., Pape, S.: Assessing privacy policies of Internet of Things services. In: Janczewski, L.J., Kutyłowski, M. (eds.) SEC 2018. IAICT, vol. 529, pp. 156–169. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99828-2_12

    Chapter  Google Scholar 

  23. Caelli, W.J., Kwok, L.-F., Longley, D.: Evolving a secure internet. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IAICT, vol. 405, pp. 42–54. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39218-4_4

    Chapter  Google Scholar 

  24. Wheeler J.A.: Top 10 factors for integrated risk management success, Gartner, Inc. (2017). https://www.gartner.com/en/documents/3645368/top-10-factors-for-integrated-risk-management-success. Accessed 16 Dec 2020

  25. World Economic Forum (WEF): Digital transformation of industries: digital enterprise. World Economic Forum White Paper (2016). http://reports.weforum.org/digital-transformation/wp-content/blogs.dir/94/mp/files/pages/files/digital-enterprise-narrative-final-january-2016.pdf. Accessed 16 Dec 2020

  26. Connolly, L., Lang, M., Tygar, J.D.: Investigation of employee security behaviour: a grounded theory approach. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IAICT, vol. 455, pp. 283–296. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-18467-8_19

    Chapter  Google Scholar 

  27. Tolah, A., Furnell, S.M., Papadaki, M.: A comprehensive framework for understanding security culture in organizations. In: Drevin, L., Theocharidou, M. (eds.) WISE 2019. IAICT, vol. 557, pp. 143–156. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-23451-5_11

    Chapter  Google Scholar 

  28. Cybersecurity Ventures: Cybersecurity Talent Crunch to Create 3.5 Million Unfilled Jobs Globally By 2021. https://cybersecurityventures.com/jobs/. Accessed 16 Dec 2020

  29. CSEC: Cybersecurity Curricula 2017 – Curriculum Guidelines for Post-Secondary Degree Programs in Cybersecurity. Version 1.0 Report 31 December 2017. CSEC2017 Joint Task Force - Association for Computing Machinery (ACM), IEEE Computer Society (IEEE-CS), Association for Information Systems Special Interest Group on Information Security and Privacy (AIS SIGSEC) and International Federation for Information Processing Technical Committee on Information Security Education (IFIP WG 11.8). https://cybered.hosting.acm.org/wp-content/uploads/2018/02/newcover_csec2017.pdf. Accessed 16 Dec 2020

  30. Hui, K.L., Vance, A., Zhdanov, D.: Securing Digital Assets. In: Bush, A., Rai, A. (eds.) MIS Quarterly Research Curations (2016). https://doi.org/10.25300/05272016. http://misq.org/research-curations

Download references

Acknowledgments

We would like to acknowledge the contributions from working group officers and members in addition to the named authors of this chapter. Specifically: Raja Naeem Akram, Kam-Pui Chow, Richard George, Konstantinos Markantonakis, Gilbert Peterson, Damien Sauveron and Sujeet Shenoi.

Author information

Authors and Affiliations

  1. School of Computer Science, University of Nottingham, Nottingham, UK

    Steven Furnell

  2. School of Science, Edith Cowan University, Joondalup, Australia

    Steven Furnell & Paul Haskell-Dowland

  3. University of South Florida, Tampa, USA

    Manish Agrawal

  4. Georgia State University, Atlanta, USA

    Richard Baskerville

  5. University of Sussex, Brighton, UK

    Anirban Basu

  6. University of California at Davis, Davis, CA, USA

    Matt Bishop & Giovanni Livraga

  7. University of Passau, Passau, Germany

    Jorge Cuellar

  8. Università degli Studi di Milano, Milan, Italy

    Sara Foresti

  9. Nelson Mandela University, Port Elizabeth, South Africa

    Lynn Futcher, Giovanni Livraga & Kerry-Lynn Thomson

  10. Sapir Academic College, Ashkelon, Israel

    Nurit Gal-Oz

  11. Brock University, St. Catharines, Canada

    Teju Herath

  12. Technical University of Denmark (DTU), Kongens Lyngby, Denmark

    Christian Damsgaard Jensen

  13. University of Alabama, Tuscaloosa, USA

    Allen Johnston

  14. KU Leuven, Leuven, Belgium

    Wouter Joosen

  15. University of Malaga, Malaga, Spain

    Javier Lopez

  16. University of Ontario Institute of Technology, Oshawa, Canada

    Stephen Marsh

  17. CNR, Rome, Italy

    Fabio Martinelli

  18. University of Trento, Trento, Italy

    Fabio Massacci

  19. ATOS, Madrid, Spain

    Aljosa Pasic

  20. VU Amsterdam, Amsterdam, Netherlands

    Stef Schinagl & Abbas Shahim

  21. Rutgers University, New Brunswick, USA

    Jaideep Vaidya

  22. Temple University, Philadelphia, USA

    Tony Vance

  23. Mississippi State University, Starkville, USA

    Merrill Warkentin

Authors
  1. Steven Furnell
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Paul Haskell-Dowland
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Manish Agrawal
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Richard Baskerville
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Anirban Basu
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Matt Bishop
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Jorge Cuellar
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Sara Foresti
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. Lynn Futcher
    View author publications

    You can also search for this author in PubMed Google Scholar

  10. Nurit Gal-Oz
    View author publications

    You can also search for this author in PubMed Google Scholar

  11. Teju Herath
    View author publications

    You can also search for this author in PubMed Google Scholar

  12. Christian Damsgaard Jensen
    View author publications

    You can also search for this author in PubMed Google Scholar

  13. Allen Johnston
    View author publications

    You can also search for this author in PubMed Google Scholar

  14. Wouter Joosen
    View author publications

    You can also search for this author in PubMed Google Scholar

  15. Giovanni Livraga
    View author publications

    You can also search for this author in PubMed Google Scholar

  16. Javier Lopez
    View author publications

    You can also search for this author in PubMed Google Scholar

  17. Stephen Marsh
    View author publications

    You can also search for this author in PubMed Google Scholar

  18. Fabio Martinelli
    View author publications

    You can also search for this author in PubMed Google Scholar

  19. Fabio Massacci
    View author publications

    You can also search for this author in PubMed Google Scholar

  20. Aljosa Pasic
    View author publications

    You can also search for this author in PubMed Google Scholar

  21. Stef Schinagl
    View author publications

    You can also search for this author in PubMed Google Scholar

  22. Abbas Shahim
    View author publications

    You can also search for this author in PubMed Google Scholar

  23. Kerry-Lynn Thomson
    View author publications

    You can also search for this author in PubMed Google Scholar

  24. Jaideep Vaidya
    View author publications

    You can also search for this author in PubMed Google Scholar

  25. Tony Vance
    View author publications

    You can also search for this author in PubMed Google Scholar

  26. Merrill Warkentin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Steven Furnell .

Editor information

Editors and Affiliations

  1. University of Duisburg-Essen, Essen, Germany

    Michael Goedicke

  2. University of Vienna, Vienna, Austria

    Erich Neuhold

  3. Goethe University Frankfurt, Frankfurt/Main, Germany

    Kai Rannenberg

Rights and permissions

Reprints and permissions

Copyright information

© 2021 IFIP International Federation for Information Processing

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Furnell, S. et al. (2021). Information Security and Privacy – Challenges and Outlook. In: Goedicke, M., Neuhold, E., Rannenberg, K. (eds) Advancing Research in Information and Communication Technology. IFIP Advances in Information and Communication Technology(), vol 600. Springer, Cham. https://doi.org/10.1007/978-3-030-81701-5_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-81701-5_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-81700-8

  • Online ISBN: 978-3-030-81701-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation