Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
7.3
3.4
Journals
Sensors
Special Issues
Security and Privacy in Software Based Critical Contexts
sensors-logo
Submit to Sensors Review for Sensors Propose a Special Issue

Journal Menu

Journal Menu

Journal Browser

Journal Browser
share announcement

Security and Privacy in Software Based Critical Contexts

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: closed (10 February 2023) | Viewed by 11615

Special Issue Editors

Dr. Xabier Larrucea

E-Mail Website
Guest Editor
Tecnalia, Basque Research and Technology Alliance (BRTA), Spain
Interests: software engineering; cybersecurity aspects
Dr. Juan José Unzilla

E-Mail Website
Guest Editor
University of the Basque Country (UPV/EHU), Department of Communications Engineering, Faculty of Engineering in Bilbao, Spain
Interests: computer networks; cybersecurity; software defined networking

Special Issue Information

Dear Colleagues,

Nowadays, software is a central piece in any advanced system/product development. This is mainly due to added value provided by the software within these environments, especially in critical contexts such as health, bank, automotive and so forth. In fact, the role of software is becoming more relevant than before from a security and privacy points of views. Data and security breaches are in the news almost every day. Several improvements are under way to tackle and to overcome the issues rising from these systems. For example, security by design-based approaches are being considered as the main approach for dealing with security in any development. However, there are still some improvements in terms of methods and tools to be integrated within the traditional systems. At the same time, privacy is also considered as a cornerstone because most of the times these systems are disclosing sensitive data to third parties. Therefore, data disclosure is considered and integrated within these systems. From a standardisation point of view, critical contexts are usually considered high regulated environments, and the role of the standards and reference models are being studied. Finally, regulations such as GDPR are compromising these systems and products’ developments by including new methods and tools for guaranteeing and complying the different laws applicable to specific products.

Topics to be considered:

  • access control
  • anonymity
  • applied cryptography
  • authentication
  • cyber warfare and security
  • complex systems security
  • critical infrastructure protection
  • data and application security
  • data protection
  • formal methods for security and privacy
  • human factors in security and privacy
  • identity management
  • insider threats
  • intrusion detection and prevention
  • legal and ethical issues
  • security and privacy metrics
  • security and privacy policies
  • security and privacy in cloud computing
  • security and privacy in grid computing
  • security and privacy in industrial systems
  • security and privacy in sensor networks
  • security and privacy in smart grid and distributed generation systems
  • security architectures
  • security management in complex scenarios
  • surveillance systems
  • threats, vulnerabilities, and risk management

Dr. Xabier Larrucea
Dr. Juan José Unzilla
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (3 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

16 pages, 6332 KiB  
Article
Digital Forensic Analysis to Improve User Privacy on Android
by Hyungchan Kim, Yeonghun Shin, Sungbum Kim, Wooyeon Jo, Minju Kim and Taeshik Shon
Sensors 2022, 22(11), 3971; https://doi.org/10.3390/s22113971 - 24 May 2022
Cited by 7 | Viewed by 3375
Abstract
The Android platform accounts for 85% of the global smartphone operating-system market share, and recently, it has also been installed on Internet-of-Things (IoT) devices such as wearable devices and vehicles. These Android-based devices store various personal information such as user IDs, addresses, and [...] Read more.
The Android platform accounts for 85% of the global smartphone operating-system market share, and recently, it has also been installed on Internet-of-Things (IoT) devices such as wearable devices and vehicles. These Android-based devices store various personal information such as user IDs, addresses, and payment information and device usage data when providing convenient functions to users. Insufficient security for the management and deletion of data stored in the device can lead to various cyber security threats such as personal information leakage and identity theft. Therefore, research on the protection of personal information stored in the device is very important. However, there is a limitation that the current research for protection of personal information on the existing Android platform was only conducted on Android platform 6 or lower. In this paper, we analyze the deleted data remaining on the device and the possibility of recovery to improve user privacy for smartphones using Android platforms 9 and 10. The deleted data analysis is performed based on three data deletion scenarios: data deletion using the app’s own function, data deletion using the system app’s data and cache deletion function, and uninstallation of installed apps. It demonstrates the potential user privacy problems that can occur when using Android platforms 9 and 10 due to the leakage of recovered data. It also highlights the need for improving the security of personal user information by erasing the traces of deleted data that remain in the journal area and directory entry area of the filesystem used in Android platforms 9 and 10. Full article
(This article belongs to the Special Issue Security and Privacy in Software Based Critical Contexts)
Show Figures

Figure 1

29 pages, 9470 KiB  
Article
HEAD Metamodel: Hierarchical, Extensible, Advanced, and Dynamic Access Control Metamodel for Dynamic and Heterogeneous Structures
by Nadine Kashmar, Mehdi Adda and Hussein Ibrahim
Sensors 2021, 21(19), 6507; https://doi.org/10.3390/s21196507 - 29 Sep 2021
Cited by 3 | Viewed by 2807
Abstract
The substantial advancements in information technologies have brought unprecedented concepts and challenges to provide solutions and integrate advanced and self-ruling systems in critical and heterogeneous structures. The new generation of networking environments (e.g., the Internet of Things (IoT), cloud computing, etc.) are dynamic [...] Read more.
The substantial advancements in information technologies have brought unprecedented concepts and challenges to provide solutions and integrate advanced and self-ruling systems in critical and heterogeneous structures. The new generation of networking environments (e.g., the Internet of Things (IoT), cloud computing, etc.) are dynamic and ever-evolving environments. They are composed of various private and public networks, where all resources are distributed and accessed from everywhere. Protecting resources by controlling access to them is a complicated task, especially with the presence of cybercriminals and cyberattacks. What makes this reality also challenging is the diversity and the heterogeneity of access control (AC) models, which are implemented and integrated with a countless number of information systems. The evolution of ubiquitous computing, especially the concept of Industry 4.0 and IoT applications, imposes the need to enhance AC methods since the traditional methods are not able to answer the increasing demand for privacy and security standards. To address this issue, we propose a Hierarchical, Extensible, Advanced, and Dynamic (HEAD) AC metamodel for dynamic and heterogeneous structures that is able to encompass the heterogeneity of the existing AC models. Various AC models can be derived, and different static and dynamic AC policies can be generated using its components. We use Eclipse (xtext) to define the grammar of our AC metamodel. We illustrate our approach with several successful instantiations for various models and hybrid models. Additionally, we provide some examples to show how some of the derived models can be implemented to generate AC policies. Full article
(This article belongs to the Special Issue Security and Privacy in Software Based Critical Contexts)
Show Figures

Figure 1

26 pages, 1464 KiB  
Article
Efficient Feature Selection for Static Analysis Vulnerability Prediction
by Katarzyna Filus, Paweł Boryszko, Joanna Domańska, Miltiadis Siavvas and Erol Gelenbe
Sensors 2021, 21(4), 1133; https://doi.org/10.3390/s21041133 - 6 Feb 2021
Cited by 22 | Viewed by 4061
Abstract
Common software vulnerabilities can result in severe security breaches, financial losses, and reputation deterioration and require research effort to improve software security. The acceleration of the software production cycle, limited testing resources, and the lack of security expertise among programmers require the identification [...] Read more.
Common software vulnerabilities can result in severe security breaches, financial losses, and reputation deterioration and require research effort to improve software security. The acceleration of the software production cycle, limited testing resources, and the lack of security expertise among programmers require the identification of efficient software vulnerability predictors to highlight the system components on which testing should be focused. Although static code analyzers are often used to improve software quality together with machine learning and data mining for software vulnerability prediction, the work regarding the selection and evaluation of different types of relevant vulnerability features is still limited. Thus, in this paper, we examine features generated by SonarQube and CCCC tools, to identify those that can be used for software vulnerability prediction. We investigate the suitability of thirty-three different features to train thirteen distinct machine learning algorithms to design vulnerability predictors and identify the most relevant features that should be used for training. Our evaluation is based on a comprehensive feature selection process based on the correlation analysis of the features, together with four well-known feature selection techniques. Our experiments, using a large publicly available dataset, facilitate the evaluation and result in the identification of small, but efficient sets of features for software vulnerability prediction. Full article
(This article belongs to the Special Issue Security and Privacy in Software Based Critical Contexts)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-3
Back to TopTop