ARIS2 - Advanced Research on Information Systems Security <p>Welcome, fellow colleague</p> <p>The <em><strong>ARIS<sup>2</sup> - Advanced Research on Information Systems Security, an</strong></em><em><strong> International Journal,</strong> </em>focuses on the original research and practice-driven applications with relevance to Information Security and Data Protection, sponsored by <strong>IPGT - Polytechnic Institute of Management and Technology</strong>, based in Vila Nova de Gaia, Porto, Portugal, owned and Edited by Professor Nuno Mateus-Coelho.</p> <p><strong><em>ARIS<sup>2</sup></em></strong> provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions.</p> <p><strong><em>ARIS<sup>2</sup></em></strong> issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.</p> <p>We have the pleasure to extend a warm welcome to everyone planning to submit to <strong>ARIS<sup>2</sup> – Advanced Research on Information Systems Security.</strong></p> <p><strong>Online ISSN: 2795-4560</strong></p> <p><strong>Print ISSN: </strong><strong>2795-4609</strong></p> <p>Best Regards,</p> <p>Editorial Team</p> en-US (Dr. Prof. Nuno Mateus-Coelho) (Dr. André Costa) Fri, 31 Dec 2021 00:00:00 +0000 OJS 60 The Editorial of ARIS2 - Advanced Research on Information Systems Security, an International Journal <p>Securing information, actors, and their systems have become a paramount challenge in recent years.</p> <p>In the first regular issue of 2021 of the <u>ARIS<sup>2</sup> - Advanced Research on Information Systems Security, an International Journal</u>, in four of the five articles, problems of information security are addressed with a practical and theoretical view, with origin in academic centers and research from masters and doctoral students.</p> Nuno Mateus-Coelho Copyright (c) 2021 Nuno Mateus-Coelho Thu, 30 Dec 2021 00:00:00 +0000 GDPR Compliance Made Easier: the BPR4GDPR Project <p>With the aim to facilitate compliance with the GDPR, particularly for SMEs, this paper summarises the results of the H2020 BPR4GDPR project. With a focus on business processes, the project has proposed a holistic approach able to support compliant processes, while fulfilling requirements covering diverse application domains. The main pillars of the solution are: i) a policy-based access and usage control system, for setting the operational rules; ii) a framework for automatically re-engineering processes, so that they become compliant by design; iii) a run-time environment for the enforcement of privacy constraints and data subjects’ rights; iv) a process mining framework, devised for ex post compliance analysis and conformance checking leveraging the process execution traces.</p> Georgios Lioudakis, Eugenia Papagiannakopoulou, Maria Koukovini, Nikolaos Dellas, Kostas Kalaboukas, Lorenzo Bracciale, Emanuele Raso, Giuseppe Bianchi, Pierpaolo Loreti, Paolo Barracano, Spiros Alexakis, Renata Medeiros de Carvalho, Marwan Hassani Copyright (c) 2021 Georgios Lioudakis, Eugenia Papagiannakopoulou, Maria Koukovini, Nikolaos Dellas, Kostas Kalaboukas, Lorenzo Bracciale, Emanuele Raso, Giuseppe Bianchi, Pierpaolo Loreti, Paolo Barracano, Spiros Alexakis, Renata Medeiros de Carvalho, Marwan Hassani Thu, 30 Dec 2021 00:00:00 +0000 Paranoid OS: Wearable Trackers <p><span data-contrast="auto">Throughout human evolution, communication has always played a central role in favor of the development and approximation of the species.&nbsp;</span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:1,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:0,&quot;335559740&quot;:360}">&nbsp;</span></p> <p><span data-contrast="auto">Within this project, the main objective is to analyze different wearable devices (more specifically fitness tracking devices) with the intention of presenting the strengths and weaknesses related to the security and privacy frameworks that these devices make use of.</span><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:1,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:0,&quot;335559740&quot;:360}">&nbsp;</span></p> <p><span data-contrast="auto">To&nbsp;reach&nbsp;these objectives some devices will be acquired for testing, starting from the earliest point of the communication (Bluetooth&nbsp;connection) until the latter states (communications through the Internet).</span><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:200,&quot;335559740&quot;:276}">&nbsp;</span></p> <p><span data-contrast="auto">“Paranoid” operating systems and methodologies have been developed and studied over the years, both for mobile and desktop systems in order to maintain the security and anonymity of their users, and although related studies have been in existence for some time, this proposal aims to develop an answer to a theme not very distinct, but more specific and modern “Paranoid OS: Wearable Trackers”.</span><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:200,&quot;335559740&quot;:276}">&nbsp;</span></p> <p><span data-contrast="auto">It is with this purpose in mind that the path taken by this technology will be presented in this document, considering what are the communication protocols, what data goes through these communication channels and finally where is the user’s data.</span><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:200,&quot;335559740&quot;:276}">&nbsp;</span></p> Afonso Almeida, Nuno Coelho, Nuno Lopes Copyright (c) 2021 Afonso Almeida, Nuno Coelho, Nuno Lopes Thu, 30 Dec 2021 00:00:00 +0000 Detection and Handling of Threats in Pre-Established Networks Through a Junior Perspective in Internship Scenario <p>In this paper, there are two questions that we seek to answer, what are the tools used in the industry nowadays regarding its cybersecurity? How is cybersecurity being approached and dealt with by the companies and their greatest difficulties? Along the way it’s observed how the entire interaction with clients is made as also how the investigation on possible threats is conducted and handled, passing through how to detect, analyze and interact with the client team in the mitigation of it, this taking into consideration their infrastructure and capabilities. This paper is taken from the point of view of a junior utilizing free tools to analyze threats and dealing with attempts of infiltrating the network utilizing social engineering tactics as well as more technical skills.</p> Carlos Barros, Nuno Mateus-Coelho Copyright (c) 2021 Carlos Barros, Nuno Mateus-Coelho Thu, 30 Dec 2021 00:00:00 +0000 Hackers Cybercrime - Computer Security: Ethical Hacking <p class="p1">Today cybercrime is at a record high, costing businesses and individuals billions of dollars every year. What is even more frightening is that this figure represents just the last five years with no hope of it ever ending. The evolution of technology and&nbsp;the increasing accessibility of smart technologies means that there are many access points to users' homes to exploit.&nbsp;Cybercrime is on the rise in the world of technology today. Criminals using the technologies of the World Wide Web exploit&nbsp;the personal information of Internet users to their advantage. They happily use the dark web to buy and sell illegal products&nbsp;and services. They even manage to gain access to classified government information. While law enforcement tries to address&nbsp;the growing problem, the number of criminals continues to grow, taking advantage of the anonymity of the Internet.</p> Dr. Roberto Arnone Copyright (c) 2022 Dr. Roberto Arnone Thu, 30 Dec 2021 00:00:00 +0000 Secure Services Integration and Edge Computing for Effective Beekeeping <p>Many of the issues that require resolution are not easy to mitigate just from the technology perspective. The ancestral learned logic of processes, the people traditions, and many other variants define inner contexts that make the adhesion and efficient use of information technologies a delicate process. The enormous geographical dispersion of the beekeeping economic activity, the mostly amateur profile of beekeepers, and the specificity in the traditional way as the activity is managed, compromises the applicability of integrative measures based on ICTE. Efficient and integrated management of a no-professionalized economic activity depends on two basic principles: i) the existence of effective tools capable of managing that activity and its synergies with other related activities, and ii) an infrastructure (technological, procedural, legal) that supports services properly profiled for any actor in that activity. This paper describes the work-in-process sBee - Smart Beekeeping, an applied research project that sought to integrate emerging technologies on the innovative management of critical issues that beekeeping needs to overcome. Electronic devices, Internet-of-things, advanced management algorithms, and innovative visualization services were explored. The global system architecture, its supporting services, and the communication infrastructure are here described. The integration of both internet-of-things and communications services, with the common beekeeping’s management tasks, levered a proposal for improving this activity to become more effective. Furthermore, an advanced technological supporting platform was created and experimented, prepared for further developments, on mitigating emergent challenges that the digitization promotes, namely the security and traceability on food and related agriculture value-chains, as well as on the predictive and intelligent perception of current and future scenarios.</p> Luis Ferreira, Hugo Lopes, Carlos Abreu, Manuela Cruz-Cunha, Nuno Mateus-Coelho Copyright (c) 2021 Luis Ferreira, Hugo Lopes, Carlos Abreu, Manuela Cruz-Cunha, Nuno Mateus-Coelho Thu, 30 Dec 2021 00:00:00 +0000