Haris Mouratidis

Haris Mouratidis
University of Brighton · School of Computing, Engineering and Mathematics

About

241
Publications
67,398
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
4,048
Citations
Introduction

Publications

Publications (241)
Article
Cyber-physical systems (CPSs) are smart systems that include engineered interacting networks of physical and computational components. CPSs have an increasingly presence on critical infrastructures and an impact in almost every aspect of our daily life, including transportation, healthcare, electric power, and advanced manufacturing. However, CPSs...
Article
Full-text available
Cyber security risk management plays an important role for today’s businesses due to the rapidly changing threat landscape and the existence of evolving sophisticated cyber attacks. It is necessary for organisations, of any size, but in particular those that are associated with a critical infrastructure, to understand the risks, so that suitable co...
Article
Healthcare organisations are constantly facing sophisticated cyberattacks due to the sensitivity and criticality of patient health care information and wide connectivity of medical devices. Such attacks can pose potential disruptions to critical services delivery. There are number of existing works that focus on using Machine Learning (ML) models f...
Article
Full-text available
Worldwide, vulnerabilities and weak security strategies are exploited everyday by adversaries in healthcare organizations. Healthcare is targeted because these crimes are high-reward and low-risk. The attacks differ every time, from hacking medical devices, such as sensors, to stealing patients' data from electronic health records databases. The ef...
Chapter
Cyber Supply Chain (CSC) security requires a secure integrated network among the sub-systems of the inbound and outbound chains. Adversaries are deploying various penetration and manipulation attacks on an CSC integrated network’s node. The different levels of integrations and inherent system complexities pose potential vulnerabilities and attacks...
Chapter
Learner Management Systems (LMSs) are widely deployed across the industry as they provide a cost-saving approach that can support flexible learning opportunities. Despite their benefits, LMSs fail to cater for individual learning behavior and needs and support individualised prediction and progression. Learning Analytics (LAs) support these gaps by...
Conference Paper
Full-text available
Digital technology provides unique opportunities to revolutionize the healthcare ecosystem and health research. However, this comes with serious security, safety, and privacy threats. The healthcare sector has been proven unequipped and unready to face cyberattacks while its vulnerabilities are being systematically exploited by attackers. The growi...
Article
Full-text available
In order to empower user data protection and user rights, the European General Data Protection Regulation (GDPR) has been enforced. On the positive side, the user is obtaining advantages from GDPR. However, organisations are facing many difficulties in interpreting GDPR, and to properly applying it, and, in the meanwhile, due to their lack of compl...
Conference Paper
Full-text available
Privacy and security requirements, and their potential conflicts, are increasingly having more and more importance. It is becoming a necessary part to be considered, starting from the very early stages of requirements engineering, and in the entire software engineering cycle, for the design of any software system. In the last few years, this has be...
Article
Full-text available
In recent years, the use of information technologies in Critical Infrastructures is gradually increasing. Although this brings benefits, it also increases the possibility of security attacks. Despite the availability of various advanced incident handling techniques and tools, there is still no easy, structured, standardized and trusted way to manag...
Chapter
In the original version of this book, the name of the second editor was not correct. This has now been rectified.
Chapter
In this chapter, we focus on the privacy and the security analyses of public administration (PA) systems regarding the privacy concerns and requirements. As it has been described in the architecture of VisiOn, the VisiOn Privacy Platform is composed of two frameworks and a common back-end that provides internal functionalities, data storage, etc.
Chapter
The VisiOn Privacy Platform consists of a set of components and tools, which will work and collaborate in a single platform.
Chapter
Although considerable effort is made to secure organisational infrastructures and to protect organizational assets, it is widely acknowledged that it is equally important to ensure that organisations need to define appropriate ways to harden their overall resilience including recovery from security incidents. In this exploratory paper we outline re...
Chapter
Full-text available
Privacy is becoming more and more a prominent concern for most countries, particularly for those of them that are moving toward the implementation of e-government [18] where software systems dealing with personal information (i.e., citizens, customers, etc.) have to be compliant with national and international privacy laws [26].
Conference Paper
The introduction of the European General Data Protection Regulation (GDPR) has brought significant benefits to citizens, but it has also created challenges for organisations, which are facing with difficulties interpreting it and properly applying it. An important challenge is compliance with the Privacy by Design and by default (PbD) principles, w...
Article
Full-text available
Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access...
Chapter
The introduction of the European General Data Protection Regulation (GDPR) has brought significant benefits to citizens, but it has also created challenges for organisations, which are facing with difficulties interpreting it and properly applying it. An important challenge is compliance with the Privacy by Design and by default (PbD) principles, w...
Article
Full-text available
Confidence in information and communication technology services and systems is crucial for the digital society which we live in, but this confidence is not possible without privacy-enhancing tools and technologies, nor without risks management frameworks that guarantee privacy, data protection, and secure digital identities. This paper provides inf...
Article
Full-text available
Business process definition and analysis are an important activity for any organisation. As research has demonstrated, well-defined business processes can reduce cost, improve productivity and provide organisations with competitive advantages. In the last few years, the need to ensure the security of business processes has been identified as a majo...
Article
Purpose General data protection regulation (GDPR) entered into force in May 2018 for enhancing personal data protection. Even though GDPR leads toward many advantages for the data subjects it turned out to be a significant challenge. Organizations need to implement long and complex changes to become GDPR compliant. Data subjects are empowered with...
Preprint
This paper aims to enhance the security and resilience of Critical Information Infrastructures (CIIs) by providing a dynamic collaborative, warning and response system (CyberSANE system) supporting and guiding security officers and operators (e.g. Incident Response professionals) to recognize, identify, dynamically analyse, forecast, treat and resp...
Article
Full-text available
Personal data have become a central asset for multiple enterprise applications and online services offered by private companies, public organisations or a combination of both. The sensitivity of such data and the continuously growing legislation that accompanies their management dictate the development of methods that allow the development of more...
Article
Full-text available
This paper presents a novel security modelling language and a set of original analysis techniques, for capturing and analysing security requirements for cloud computing environments. The novelty of the language lies in the integration of concepts from cloud computing, with concepts from security and goal-oriented requirements engineering to elicit,...
Chapter
Security constraints that enforce security requirements characterize healthcare systems. These constraints have a substantial impact on the resiliency of the final system. Security requirements modelling approaches allow the prevention of cyber incidents; however, the focus to date has been on prevention rather than resiliency. Resiliency extends i...
Chapter
GDPR entered into force in May 2018 for enhancing user data protection. Even though GDPR leads towards a radical change with many advantages for the data subjects it turned out to be a significant challenge. Organizations need to make long and complex changes for the personal data processing activities to become GDPR compliant. Citizens as data sub...
Book
Privacy is a burden for most organizations, the more complex and wider an organization is, the harder to manage and enforce privacy is. GDPR and other regulations on privacy impose strict constraints that must be coherently enforced, considering also privacy needs of organization and their users. Furthermore, organizations should allow their users...
Article
Full-text available
This systematic literature review intends to determine the extent to which contribution is available to assist organisations and interested parties to understand better or comply with the requirements of the ISO/IEC 27001 international standard, known as Information Security Management Systems (ISMS). The primary aim of this paper is to explore the...
Conference Paper
Full-text available
The advent of the European General Data Protection Regulation (GDPR) imposes organizations to cope with radical changes concerning user data protection paradigms. GDPR, by promoting a Privacy by Design approach, obliges organizations to drastically change their methods regarding user data acquisition, management, processing, as well as data breache...
Article
Purpose The enforcement of the General Data Protection Regulation imposes specific privacy- and -security related requirements that any organisation that processes European Union citizens’ personal data must comply with. The application of privacy- and security-by-design principles are assisting organisation in achieving compliance with the Regulat...
Chapter
Full-text available
The advent of the European General Data Protection Regulation (GDPR) imposes organizations to cope with radical changes concerning user data protection paradigms. GDPR, by promoting a Privacy by Design approach, obliges organizations to drastically change their methods regarding user data acquisition, management, processing, as well as data breache...
Conference Paper
Full-text available
requirement engineering live in a world were contradiction is the norm. Hence, development of software engineering is usually an adjustable and upgrading cyclical process. We found in the literature that some requirements conflict with other requirements. We will focus in this study on identification and resolution of conflicts between security and...
Article
Full-text available
The spelling of author name Haralambous Mouratidis was incorrect and has now been corrected to Haralambos Mouratidis. The original article has been corrected. © 2018, Springer Science+Business Media, LLC, part of Springer Nature.
Chapter
This paper aims to enhance the security and resilience of Critical Information Infrastructures (CIIs) by providing a dynamic collaborative, warning and response system (CyberSANE system) supporting and guiding security officers and operators (e.g. Incident Response professionals) to recognize, identify, dynamically analyse, forecast, treat and resp...
Conference Paper
Full-text available
Security standards help organisations to continually review and refine the information security procedures to remain safe and secure, however, organisations face difficulties and are concerned about understanding the requirements of the standards. The research to date from the industry and academia tended to focus on the overall description of the...
Article
Purpose The selection of security configurations for complex information systems is a cumbersome process. Decision-making regarding the choice of security countermeasures has to take into consideration a multitude of, often conflicting,functional and non-functional system goals. Therefore, a structured method to support crucial security decisions...
Article
Full-text available
Purpose The purpose of this study is the analysis of a security and privacy requirements engineering methodology. Such methodologies are considered an important part of systems’ development process when they contain and process a large amount of critical information, and thus need to remain secure and ensure privacy. Design/methodology/approach Th...
Article
Full-text available
In recent years maritime logistics infrastructures are the global links among societies and economies. This challenges adversaries to intrude on the cyber-dependent ICTs by performing high-level intelligent techniques. A potential cyber-attack on such infrastructures can cause tremendous damages starting from supply chain service disruption ending...
Article
Full-text available
This article identifies the factors that have an impact on mobile recommender systems. Recommender systems have become a technology that has been widely used by various online applications in situations where there is an information overload problem. Numerous applications such as e-Commerce, video platforms and social networks provide personalised...
Article
Full-text available
Internet of Things (IoT) systems are ubiquitous, highly complex and dynamic event-based systems. These characteristics make their security analysis challenging. Security in IoT requires domain-specific methodologies and tools. The proposed methodologies need to be able to capture information from software and hardware constructs to security and soc...
Preprint
Full-text available
This paper identifies the factors that have an impact on mobile recommender systems. Recommender systems have become a technology that has been widely used by various online applications in situations where there is an information overload problem. Numerous applications such as e-Commerce, video platforms and social networks provide personalized re...
Article
Full-text available
The Industrial Internet of Things (IIoT) provide an opportunity for industries to build large interconnected systems that utilise various technologies such as personal computers, wireless devices, and sensor devices and bring together the cyber and the physical world. Such systems provide us with huge advantages but they also introduce major securi...
Preprint
Full-text available
Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access...
Article
Full-text available
Maritime port infrastructures rely on the use of information systems for collaboration, while a vital part of collaborating is to provide protection to these systems. Attack graph analysis and risk assessment provide information that can be used to protect the assets of a network from cyber-attacks. Furthermore, attack graphs provide functionality...
Conference Paper
Improving e-government services by using data more effectively is a major focus globally. It requires Public Administrations to be transparent, accountable and provide trustworthy services that improve citizen confidence. However, despite all the technological advantages on developing such services and analysing security and privacy concerns, the l...
Conference Paper
Full-text available
Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access...
Conference Paper
Although 5G promises advanced features such as low latency, high data rates and reliability as well as high socio-economic value, the business opportunities of the proposed solutions have not yet been examined. In this paper, the SESAME approach along with spectrum sharing options and indicative use cases are initially described. The incentives for...
Conference Paper
Full-text available
As security is a growing concern for modern information systems, Security Requirements Engineering has been developed as a very active area of research. A large body of work deals with elicitation, modelling, analysis, and reasoning about security requirements. However, there is little evidence of efforts to align security requirements with securit...
Conference Paper
Security is an important non-functional characteristic of the business processes used by organisations for the coordination of their activities. Nevertheless, the implementation of security at the operational level can be challenging due to the limited security expertise of process designers and the delayed consideration of security during process...
Article
Full-text available
This paper proposes a conceptual model to support decision makers during security analysis of Internet of Things (IoT) systems. The world is entering an era of ubiquitous computing with IoT being the main driver. Taking into account the scale of IoT, the number of security issues that are arising are unprecedented. Both academia and industry requir...
Conference Paper
Full-text available
Development of Information Systems that ensure privacy is a challenging task that spans various fields such as technology, law and policy. Reports of recent privacy infringements indicate that we are far from not only achieving privacy but also from applying Privacy by Design principles. This is due to lack of holistic methods and tools which shoul...
Conference Paper
This paper presents a cloud-enhanced modelling language for capturing and describing cloud computing environments, enabling developers to model and reason about security issues in cloud systems from a security requirements engineering perspective. Our work builds upon concepts from the Secure Tropos methodology, where in this paper we introduce nov...
Conference Paper
Full-text available
Advances in Information and Communication Technology (ICT) have had significant impact on every-day life and have allowed us to share, store and manipulate information easily and at any time. On the other hand, such situation also raises important privacy concerns. To deal with such concerns, the literature has identified the need to introduce a Pr...
Conference Paper
Full-text available
It is well acknowledged that one of the key enabling factors for the realization of future 5G networks will be the small cell (SC) technology. Furthermore, recent advances in the fields of network functions virtualization (NFV) and software-defined networking (SDN) open up the possibility of deploying advanced services at the network edge. In the c...
Article
Collaborative recommender systems offer a solution to the information overload problem found in online environments such as e-commerce. The use of collaborative filtering, the most widely used recommendation method, gives rise to potential privacy issues. In addition, the user ratings utilized in collaborative filtering systems to recommend product...
Article
Full-text available
With the continuous growth of the Internet and the progress of electronic commerce the issues of product recommendation and privacy protection are becoming increasingly important. Recommender Systems aim to solve the information overload problem by providing accurate recommendations of items to users. Collaborative filtering is considered the most...
Conference Paper
Full-text available
Cloud computing provides a wide range of services to organisations in a flexible and cost efficient manner. Nevertheless , inherent cloud security issues make organisations hesitant towards the migration of their services to cloud. In parallel, the cloud service-oriented nature requires a specific and more demanding description of the business func...