Adaptive User-Centered Security

Abstract : One future challenge in informatics is the integration of humans in an infrastructure of data-centric IT services. A critical activity of this infrastructure is trustworthy information exchange to reduce threats due to misuse of (personal) information. Privacy by Design as the present methodology for developing privacy-preserving and secure IT systems aims to reduce security vulnerabilities already in the early requirement analysis phase of software development. Incident reports show, however, that not only an implementation of a model bears vulnerabilities but also the gap between rigorous view of threat and security model on the world and real view on a run-time environment with its dependencies. Dependencies threaten reliability of information, and in case of personal information, privacy as well. With the aim of improving security and privacy during run-time, this work proposes to extend Privacy by Design by adapting an IT system not only to inevitable security vulnerabilities but in particular to their users’ view on an information exchange and its IT support with different, eventually opposite security interests.
Complete list of metadatas

Cited literature [47 references]  Display  Hide  Download

https://hal.inria.fr/hal-01403988
Contributor : Hal Ifip <>
Submitted on : Monday, November 28, 2016 - 11:23:24 AM
Last modification on : Tuesday, November 29, 2016 - 1:04:51 AM
Long-term archiving on : Tuesday, March 21, 2017 - 4:05:28 AM

File

978-3-319-10975-6_7_Chapter.pd...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Sven Wohlgemuth. Adaptive User-Centered Security. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Sep 2014, Fribourg, Switzerland. pp.94-109, ⟨10.1007/978-3-319-10975-6_7⟩. ⟨hal-01403988⟩

Share

Metrics

Record views

225

Files downloads

156