Xavier Titi

Towards mobile/wearable device electrosmog reduction through careful network selection

There is some concern regarding the effect of smart phones and other wearable devices using wireless communication and worn by the users very closely to their body. In this paper, we propose a new network switching selection model and its algorithms that minimize the non-ionizing radiation of these devices during use. We validate the model and its algorithms with a proof-of-concept implementation on the Android platform.

Flexible Communication: A Secure and Trust-Based Free Wi-Fi Password Sharing Service

During the last few years the amount of users with mobile devices (laptops, smart phones, tablets, etc.) with wireless connectivity capabilities has grown at an impressive rate. In the meantime, the number of Wi-Fi networks has also increased a lot, and in addition to this, the emergence and fast growth of applications such as social networking, user generated content, location services, collaborative tools and applications, etc. has fueled the users need for permanent connectivity. This paper introduces Flexible Communication, a secure and trust-based Wi-Fi password sharing service. Our service architecture provides the user with a solution that enables free Wi-Fi network password sharing, which relies on a social-networking oriented trust model approach and which at the same time allows the user to locate and to connect to those Wi-Fi networks at any time. We validate our solution with a qualitative assessment which compares its features against those of the other similar existent solutions and also with a quantitative assessment which measures the performance both of the server and the client.

Design and validation of a trust-based opportunity-enabled risk management system

Purpose The Bring-Your-Own-Device (BYOD) paradigm favors the use of personal and public devices and communication means in corporate environments, thus representing a challenge for the traditional security and risk management systems. In this dynamic and heterogeneous setting, the purpose of this paper is to present a methodology called opportunity-enabled risk management (OPPRIM), which supports the decision-making process in access control to remote corporate assets. Design/methodology/approach OPPRIM relies on a logic-based risk policy model combining estimations of trust, threats and opportunities. Moreover, it is based on a mobile client – server architecture, where the OPPRIM application running on the user device interacts with the company IT security server to manage every access request to corporate assets. Findings As a mandatory requirement in the highly flexible BYOD setting, in the OPPRIM approach, mobile device security risks are identified automatically and dynamically depending on the specific environment in which the access request is issued and on the previous history of events. Originality/value The main novelty of the OPPRIM approach is the combined treatment of threats (resp., opportunities) and costs (resp., benefits) in a trust-based setting. The OPPRIM system is validated with respect to an economic perspective: cost-benefit sensitivity analysis is conducted through formal methods using the PRISM model checker and through agent-based simulations using the Anylogic framework.

On the Road to Privacy- and Data Protection-Friendly Security Technologies in the Workplace – A Case-Study of the MUSES Risk and Trust Analysis Engine

It seems generally accepted that the major threat for company security occurs from within the organisation itself. Given the potential threats for the value attached to information resources, companies are increasing their efforts to counteract these risks, introduced by employees. Many company security technologies are strongly focused on analysing employee behaviour. An example of such a monitoring tool is MUSES (Multiplatform Usable Endpoint Security). MUSES is a user-centric security system that aims to enhance company security by reducing security risks introduced by user behaviour. However, even though the monitoring of employees may be beneficial to secure company data assets, the monitoring of employees is restricted by privacy and data protection regulation. In this paper, we use one MUSES component, namely the Real-Time Risk and Trust Analysis Engine (MUSES RT2AE), as a use case to study in which way privacy and data protection legislation limits the monitoring of employees through company security technologies.

Verifying Hotspot Quality User Rating with Certified QoS Evidence

Wi-Fi networks and its users are increasing more and more. Unfortunately, the risk of using one Wi-Fi or another varies and there is no means of selecting the most trustworthy hotspot. There are different solutions like websites that provide a way for the users to rate the hotspot after they have used it. However, there is no means to verify whether the user rating is trustworthy or not. Our solution allows the users to rate the networks they have used and to check that their rating corresponds to the true network quality they have experienced by measuring and certifying Quality of Service (QoS) evidence such as delay, jitter and packet loss. We validate our solution by proving when this certification is irrefutable and when other means, such as further history-based trust management, are needed.