Topic: Contact tracing
Published:
2023
- DetailsBobbio, A., Campanile, L., Gribaudo, M., Iacono, M., Marulli, F., & Mastroianni, M. (2023). A cyber warfare perspective on risks related to health IoT devices and contact tracing [Article]. Neural Computing and Applications, 35(19), 13823–13837. https://doi.org/10.1007/s00521-021-06720-1
Abstract
The wide use of IT resources to assess and manage the recent COVID-19 pandemic allows to increase the effectiveness of the countermeasures and the pervasiveness of monitoring and prevention. Unfortunately, the literature reports that IoT devices, a widely adopted technology for these applications, are characterized by security vulnerabilities that are difficult to manage at the state level. Comparable problems exist for related technologies that leverage smartphones, such as contact tracing applications, and non-medical health monitoring devices. In analogous situations, these vulnerabilities may be exploited in the cyber domain to overload the crisis management systems with false alarms and to interfere with the interests of target countries, with consequences on their economy and their political equilibria. In this paper we analyze the potential threat to an example subsystem to show how these influences may impact it and evaluate a possible consequence. © 2021, The Author(s), under exclusive licence to Springer-Verlag London Ltd., part of Springer Nature.
2022
- DetailsCampanile, L., Cesarano, M., Palmiero, G., & Sanghez, C. (2022). Break the Fake: A Technical Report on Browsing Behavior During the Pandemic [Conference paper]. Smart Innovation, Systems and Technologies, 309, 573–586. https://doi.org/10.1007/978-981-19-3444-5_49
Abstract
The widespread use of the internet as the main source of information for many users has led to the spread of fake news and misleading information as a side effect. The pandemic that in the last 2 years has forced us to change our lifestyle and to increase the time spent at home, has further increased the time spent surfing the Internet. In this work we analyze the navigation logs of a sample of users, in compliance with the current privacy regulation, comparing and dividing between the different categories of target sites, also identifying some well-known sites that spread fake news. The results of the report show that during the most acute periods of the pandemic there was an increase in surfing on untrusted sites. The report also shows the tendency to use such sites in the evening and night hours and highlights the differences between the different years considered. © 2022, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
2021
- DetailsCampanile, L., Iacono, M., Marulli, F., & Mastroianni, M. (2021). Designing a GDPR compliant blockchain-based IoV distributed information tracking system [Article]. Information Processing and Management, 58(3). https://doi.org/10.1016/j.ipm.2021.102511
Abstract
Blockchain technologies and distributed ledgers enable the design and implementation of trustable data logging systems that can be used by multiple parties to produce a non-repudiable database. The case of Internet of Vehicles may greatly benefit of such a possibility to track the chain of responsibility in case of accidents or damages due to bad or omitted maintenance, improving the safety of circulation and helping granting a correct handling of related legal issues. However, there are privacy issues that have to be considered, as tracked information potentially include data about private persons (position, personal habits), commercially relevant information (state of the fleet of a company, freight movement and related planning, logistic strategies), or even more critical knowledge (e.g., considering vehicles belonging to police, public authorities, governments or officers in sensible positions). In the European Union, all this information is covered by the General Data Protection Regulation (GDPR). In this paper we propose a reference model for a system that manages relevant information to show how blockchain can support GDPR compliant solutions for Internet of Vehicles, taking as a reference an integrated scenario based on Italy, and analyze a subset of its use cases to show its viability with reference to privacy issues. © 2021 Elsevier Ltd - DetailsCampanile, L., Cantiello, P., Iacono, M., Marulli, F., & Mastroianni, M. (2021). Risk Analysis of a GDPR-Compliant Deletion Technique for Consortium Blockchains Based on Pseudonymization [Conference paper]. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 12956 LNCS, 3–14. https://doi.org/10.1007/978-3-030-87010-2_1
Abstract
Blockchains provide a valid and profitable support for the implementation of trustable and secure distributed ledgers, in support to groups of subjects that are potentially competitors in conflict of interest but need to share progressive information recording processes. Blockchains prevent data stored in blocks from being altered or deleted, but there are situations in which stored information must be deleted or made inaccessible on request or periodically, such as the ones in which GDPR is applicable. In this paper we present literature solutions and design an implementation in the context of a traffic management system for the Internet of Vehicles based on the Pseudonymization/Cryptography solution, evaluating its viability, its GDPR compliance and its level of risk. © 2021, Springer Nature Switzerland AG.
2023
- DetailsBobbio, A., Campanile, L., Gribaudo, M., Iacono, M., Marulli, F., & Mastroianni, M. (2023). A cyber warfare perspective on risks related to health IoT devices and contact tracing [Article]. Neural Computing and Applications, 35(19), 13823–13837. https://doi.org/10.1007/s00521-021-06720-1
Abstract
The wide use of IT resources to assess and manage the recent COVID-19 pandemic allows to increase the effectiveness of the countermeasures and the pervasiveness of monitoring and prevention. Unfortunately, the literature reports that IoT devices, a widely adopted technology for these applications, are characterized by security vulnerabilities that are difficult to manage at the state level. Comparable problems exist for related technologies that leverage smartphones, such as contact tracing applications, and non-medical health monitoring devices. In analogous situations, these vulnerabilities may be exploited in the cyber domain to overload the crisis management systems with false alarms and to interfere with the interests of target countries, with consequences on their economy and their political equilibria. In this paper we analyze the potential threat to an example subsystem to show how these influences may impact it and evaluate a possible consequence. © 2021, The Author(s), under exclusive licence to Springer-Verlag London Ltd., part of Springer Nature.
2022
- DetailsCampanile, L., Cesarano, M., Palmiero, G., & Sanghez, C. (2022). Break the Fake: A Technical Report on Browsing Behavior During the Pandemic [Conference paper]. Smart Innovation, Systems and Technologies, 309, 573–586. https://doi.org/10.1007/978-981-19-3444-5_49
Abstract
The widespread use of the internet as the main source of information for many users has led to the spread of fake news and misleading information as a side effect. The pandemic that in the last 2 years has forced us to change our lifestyle and to increase the time spent at home, has further increased the time spent surfing the Internet. In this work we analyze the navigation logs of a sample of users, in compliance with the current privacy regulation, comparing and dividing between the different categories of target sites, also identifying some well-known sites that spread fake news. The results of the report show that during the most acute periods of the pandemic there was an increase in surfing on untrusted sites. The report also shows the tendency to use such sites in the evening and night hours and highlights the differences between the different years considered. © 2022, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
2021
- DetailsCampanile, L., Iacono, M., Marulli, F., & Mastroianni, M. (2021). Designing a GDPR compliant blockchain-based IoV distributed information tracking system [Article]. Information Processing and Management, 58(3). https://doi.org/10.1016/j.ipm.2021.102511
Abstract
Blockchain technologies and distributed ledgers enable the design and implementation of trustable data logging systems that can be used by multiple parties to produce a non-repudiable database. The case of Internet of Vehicles may greatly benefit of such a possibility to track the chain of responsibility in case of accidents or damages due to bad or omitted maintenance, improving the safety of circulation and helping granting a correct handling of related legal issues. However, there are privacy issues that have to be considered, as tracked information potentially include data about private persons (position, personal habits), commercially relevant information (state of the fleet of a company, freight movement and related planning, logistic strategies), or even more critical knowledge (e.g., considering vehicles belonging to police, public authorities, governments or officers in sensible positions). In the European Union, all this information is covered by the General Data Protection Regulation (GDPR). In this paper we propose a reference model for a system that manages relevant information to show how blockchain can support GDPR compliant solutions for Internet of Vehicles, taking as a reference an integrated scenario based on Italy, and analyze a subset of its use cases to show its viability with reference to privacy issues. © 2021 Elsevier Ltd - DetailsCampanile, L., Cantiello, P., Iacono, M., Marulli, F., & Mastroianni, M. (2021). Risk Analysis of a GDPR-Compliant Deletion Technique for Consortium Blockchains Based on Pseudonymization [Conference paper]. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 12956 LNCS, 3–14. https://doi.org/10.1007/978-3-030-87010-2_1
Abstract
Blockchains provide a valid and profitable support for the implementation of trustable and secure distributed ledgers, in support to groups of subjects that are potentially competitors in conflict of interest but need to share progressive information recording processes. Blockchains prevent data stored in blocks from being altered or deleted, but there are situations in which stored information must be deleted or made inaccessible on request or periodically, such as the ones in which GDPR is applicable. In this paper we present literature solutions and design an implementation in the context of a traffic management system for the Internet of Vehicles based on the Pseudonymization/Cryptography solution, evaluating its viability, its GDPR compliance and its level of risk. © 2021, Springer Nature Switzerland AG.