Marco Casassa Mont

Marco Casassa Mont
BMT Group Ltd | BMT · Defense and Security

About

118
Publications
10,670
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,847
Citations

Publications

Publications (118)
Article
Full-text available
Nowadays, due to the evolution of information technologies and their adoption in the healthcare domain, new risks to medical data protection and patient privacy are increasingly present. It is therefore important to implement approaches that can prevent rapidly emerging cyber-attacks. Essentially, the adoption of cyber security measures in healthca...
Article
Complying with privacy in multi-jurisdictional health domains is important as well as challenging. The compliance management process will not be efficient unless it manages to show evidences of explicit verification of legal requirements. In order to achieve this goal, privacy compliance should be addressed through “a privacy by design” approach. T...
Chapter
Organisations are witnessing an unprecedented escalation of cyber-crime attacks and struggle to protect against them. Rethinking security is required to cope with numerous new challenges arising today: the sophistication of new attacks, the increasing weakness of traditional security controls, the explosion of data to be collected and analysed to d...
Patent
The present disclosure relates to a network device that determines a persistent network identity for a networked device. Specifically, the network device receives a service request that includes an identifier for a second network device in a sub-network among a plurality of sub-networks. The identifier uniquely corresponds to the second network dev...
Conference Paper
Full-text available
The increasing number of IoT devices raises concerns about the amount of data they generate and-more importantly-their content, having security and privacy implications. The Things are mostly constrained by typical embedded design limitations from non-extensible functionalities to poor or non-existent configuration; adding security features to thes...
Conference Paper
The governance of privacy and personal information on cloud environments is challenging and complex. Usually many regulatory frameworks intervene to reflect diverse privacy wishes from several stakeholders. This includes data owners, data and services providers and also the end users. Focusing mainly on medical domains, this issue is particularly i...
Article
We present an integrated approach for automating service providers' compliance with data protection laws and regulations, business and technical requirements in cloud computing. The techniques we propose in particular include: natural language analysis (of legislative and regulatory texts, and corporate security rulebooks) and extraction of enforce...
Article
Web interactions usually require the exchange of personal and confidential information for a variety of purposes, including enabling business transactions and the provisioning of services. A key issue affecting these interactions is the lack of trust and control on how data are going to be used and processed by the entities that receive it. In the...
Article
The management of privacy and personal information within multi-cultural domain such as clouds and other universal collaborative systems requires intrinsic compliance-checking and assurance modules in order to increase social trust and acceptance. Focusing mainly on medical domains, this issue is particularly important due to the sensitivity of hea...
Patent
Data to be output to a removable storage medium is encrypted for sending to an output device by an encryption process based on encryption parameters comprising public data of a trusted party and an encryption key string comprising a policy for allowing the output of the data. The trusted party provides a decryption key to the output device but only...
Chapter
Full-text available
Increasing reliance on IT and the worsening threat environment mean that organisations are under pressure to invest more in information security. A challenge is that the choices are hard: money is tight, objectives are not clear, and there are many relevant experts and stakeholders. A significant proportion of the research in security economics is...
Patent
Full-text available
A system for analyzing a process, comprising a model engine to generate a model of the environment using multiple components defining adjustable elements of the model and including components representing a process for provisioning and de-provisioning of access credentials for an individual in the environment and a risk analyzer to calculate multip...
Article
This paper describes a data management solution and associated key management approaches to provide accountability within service provision networks. One particular area of interest for the application of this solution would be in the cloud, in order to address privacy issues. The central idea involves machine readable policies that stick to data t...
Conference Paper
Full-text available
We provide an approach for real-time analysis of ongoing events in a controlled network. We propose ReasONets, i.e. Reasoning on Networks, a distributed and lightweight system, able to process and reason about anomalies and incidents observed in closed net- works. To the best of our knowledge this is the first system combining detections and classi...
Article
Full-text available
Web interactions usually require the exchange of personal and confidential information for a variety of purposes, including enabling business transactions and the provisioning of services. A key issue affecting these interactions is the lack of trust and control on how data is going to be used and processed by the entities that receive this data. I...
Article
Full-text available
This document is an official, public delivery of the UK collaborative project EnCoRe (Ensuring Consent and Revocation), coordinated by HP Labs. It describes the final EnCoRe Technical Architecture and solutions to support dynamic consent (whereby data subjects provide or amend informed consent -potentially in a fine-grained way -to govern access an...
Article
This document is an example of the type of report an organisation would receive at the end of a HP Security Analytics engagement. The focus is on the analysis of the security risks and performance of the organisation's Security Incident Management Processes and related Security Operation Centre (SOC)'s activities. HP Labs carried out the underlying...
Article
We present in this paper the novel concept of a policy orchestration service, which is designed to facilitate security and privacy governance in the enterprise, particularly for the case where various services are provided to the enterprise through external suppliers in the cloud. The orchestration service mediates between the enterprises' internal...
Conference Paper
This paper introduces and discusses a data management solution to provide accountability within the cloud as well as addressing privacy issues. The central idea is as follows: Customers allow cloud (service) providers to have access to specific data based on agreed policies and by forcing interactions with interchangeable independent third parties...
Article
Machine-readable policies can stick to data to define allowed usage and obligations as it travels across multiple parties, enabling users to improve control over their personal information. The EnCoRe project has developed such a technical solution for privacy management that is suitable for use in a broad range of domains.
Article
Full-text available
Clinical practitioners and medical researchers often have to share health data with other colleagues across Europe. Privacy compliance in this context is very important but challenging. Automated privacy guidelines are a practical way of increasing users' awareness of privacy obligations and help eliminating unintentional breaches of privacy. In th...
Conference Paper
This paper presents and discusses our work to provide organizations with risk assessment and decision support capabilities when dealing with their strategic security policies. We aim at achieving this by using a rigorous and scientific methodology (and tools) which leverages modeling and simulation techniques. This methodology helps organizations t...
Conference Paper
Full-text available
In this paper we survey existing work on automatically processing legal, regulatory and other policy texts for the extraction and representation of privacy knowledge and rules. Our objective is to link and apply some of these techniques to policy enforcement and compliance, to provide a core means of achieving and maintaining customer privacy in an...
Conference Paper
This paper introduces and discusses a data management solution to provide accountability within the cloud as well as addressing privacy issues. The central idea is as follows. Customers allow cloud (service) providers to have access to specific data based on agreed policies and by forcing interactions with interchangeable independent third parties...
Chapter
An important critical success factor for PRIME technology will be userfriendly and intelligible user interfaces that convey and enhance trust. Such user interfaces have to meet challenges such as: User-friendly representation of complex PET concepts: PRIME and other privacy-enhancing technologies (PETs) are based on technical concepts or construct...
Chapter
Privacy obligation policies define and describe the expected behaviours and constraints to be satisfied by data receiving entities (e.g. enterprises, service providers, e-commerce sites, etc.) when handling confidential and personal data. In this section we will often refer to data receiving entities as enterprises. They dictate a privacy-aware ide...
Chapter
Privacy-aware identity lifecycle management processes must be put in place by enterprises to effectively manage the lifecycle of personal and confidential information according to privacy (law) requirements – over time and across various contexts and solutions. As anticipated, this includes dealing with data retention, data deletion, satisfying not...
Article
An analytic methodology involving modeling and simulation could help decision makers determine how their employees' use of social networks impacts their organization, identify how to mitigate potential risks, and evaluate the financial and organizational implications of doing so.
Article
The adoption of Social Networks by employees poses a new series of threats for organizations, including data leakage. Organizations need to better understand the implications and how to react. We aim at making progress in this area by analyzing some of the key risks that enterprises could face. We explore the suitability of using an analytic approa...
Article
The increasing proportion of elderly people in most industrialised countries introduces new challenges. One of these is the provision of efficient and cost-effective caring. Assistedliving solutions use technological tools to allow medical care to be remotely provided to individuals and to provide monitoring capabilities permitting carers and medic...
Conference Paper
Full-text available
This paper proposes a conceptual model for privacy policies that takes into account privacy requirements arising from different stakeholders, with legal, business and technical backgrounds. Current approaches to privacy management are either high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or low-l...
Article
We argue in favour of a set of particular tools and approaches to achieve accountability in cloud computing. Our concern is helping cloud providers achieve their security goals and meeting their customers? security and privacy requirements. The techniques we propose in particular include: natural-language analysis (of legislative and regulatory tex...
Article
Full-text available
The sharing of medical data between different healthcare organizations in Europe must comply with the legislation of the Member State where the data were originally collected. These legal requirements may differ from one state to another. Privacy requirements such as patient consent may be subject to conflicting conditions between different nationa...
Conference Paper
European data protection regulation states that or ganisations must have data subjects' consent to use their personally identifiable information (PII) for a variety of purposes. Solutions have been propose d which generally handle consent in a coarse-grained way, by means of opt in/out choices. However, we believe that consent's representation shou...
Conference Paper
Full-text available
We make the case for an integrated approach to privacy management within organisations. Current approaches to privacy management are either too high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or too low-level, focusing only on the technical implementation of access controls to personal data held b...
Article
Full-text available
Federated Identity Management is an emerging paradigm that is rightly getting a lot of standardization and research attention. One aspect that is not receiving enough attention is assurance. Given the challenges enterprises faced trying to demonstrate appropriate control of their internal and monolithic identity management systems, the problem of h...
Conference Paper
Identity and Access Management (IAM) is a key enabler of enterprise businesses: it supports automation, security enforcement, and compliance. However, most enterprises struggle with their Identity and Access Management strategy. Discussions on IAM primarily focus at the IT operational level, rather than targeting strategic decision-makers' issues,...
Article
Managing the information stewardship lifecycle is a chal-lenge. In the context of cloud computing, the stakeholders in cloud ecosystems must also take account of the demands of the information stewardship lifecycles of other participants in the ecosystem. We de-scribe a modelling framework — incorporating tools from mathematical systems modelling,...
Article
Identity and Access Management (IAM) is a key enabler of enterprise businesses: It supports automation, security enforcement and compliance. However, most enterprises struggle with their Identity and Access Management strategy. Discussions on IAM primarily focus at the IT operational level, rather than targeting strategic decision makers' issues, a...
Article
Full-text available
This paper proposes a conceptual model for privacy policies that takes into account privacy requirements arising from different stakeholders, with legal, business and technical backgrounds. Current approaches to privacy management are either high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or low-l...
Article
To be processed within a healthgrid environment, medical data goes through a complete lifecycle and several stages until it is finally used for the primary reason it has been collected for. This stage is not always the final occurrence of when the data would have been manipulated. The data could rather continue to be needed for secondary purposes o...
Conference Paper
It is hard for security practitioners and decision-makers to know what level of protection they are getting from their investments in security, especially when they have invested in a number of technologies and processes which interact and combine together. It is even harder to estimate how well these investments can be expected to protect their or...
Conference Paper
The integration of different European medical systems by means of grid technologies will continue to be challenging if technology does not intervene to enhance interoperability between national regulatory frameworks on data protection. Achieving compliance in European healthgrid domains is crucial but challenging because of the diversity and comple...
Conference Paper
Full-text available
The process of making IT (security) policy decisions, within organizations, is complex: it involves reaching consensus between a set of stakeholders (key decision makers, e.g. CISOs/CIOs, domain experts, etc.) who might have different views, opinions and biased perceptions of how policies need to be shaped. This involves multiple negotiations and i...
Article
Full-text available
The harmonization of data protection law in Europe has been theoretically achieved by means of the EU directive on data protection [1]. In practice the harmonization is not absolute and conflicts continue to exist on the ways member states are implementing the directive. The integration of different European medical systems by means of grid technol...
Article
Full-text available
The harmonization of data protection legislation in Europe has been theoretically achieved by means of the EU directive on data protection. In practice the harmonization is not absolute and conflicts and inconsistencies continue to exist in the way Member States are implementing the directive. The integration of different European medical systems b...
Conference Paper
Full-text available
Privacy [4] in the digital world is an important problem which is becoming even more pressing as new collaborative applications are developed. The lack of privacy preserving mechanisms is particularly problematic in federated identity management contexts. In such a context, users can seamlessly interact with a variety of federated web services, thr...
Article
identity management, device, privacy, user control, trust, federated services This paper describes R&D work on "Identity-aware Devices", in the context of federated services. The aim is to put users in control of their credentials and identities and enable simple, secure, trustworthy and transparent access to federated services. Current users' expe...
Article
People are usually asked by enterprises to disclose their personal information to access web services and engage in business interactions. Enterprises need this information to enable their business processes. This is unlikely to change, at least in the foreseeable future. When collecting personal data, enterprises must satisfy privacy laws and poli...
Chapter
In today’s information society, users have lost effective control over their personal spheres. Emerging pervasive computing technologies, where individuals are usually unaware of a constant data collection and processing in their surroundings, will even heighten this problem. It is, however critical, to our society and to democracy to retain and ma...
Conference Paper
This paper focuses on the management of device-based identities within enterprises. This is a key re- quirement in enterprises where the identities of platforms and devices have become as important as the identities of humans to grant access to enterprise resources. In this context, access control systems need to understand which devices with what...
Conference Paper
Identity Management (IdM) comes in two dimensions: First, the secure and efficient creation, use, and administration of personal attributes which make up a digital identifier of a human and used in large scale global networks, such as the Internet. Second, as in-house IdM which is a core component of enterprise security management. In this panel we...
Conference Paper
Full-text available
In this paper we address the appropriate management of risk in federated identity management systems by presenting an identity assurance framework and supporting technologies. We start by discussing the risk mitigation framework that should be part of any identity assurance solution. We then demonstrate how our model based assurance technologies ca...
Conference Paper
Full-text available
Privacy management is important for enterprises that handle personal data: they must deal with privacy laws and people's expectations. Currently much is done by means of manual processes, which make them difficult and expensive to comply. Key enterprises' requirements include: automation, simplification, cost reduction and leveraging of current ide...
Conference Paper
Privacy management is important for enterprises that collect, store, access and disclose personal data. Among other things, the management of privacy includes dealing with privacy obligations that dictate duties and expectations an enterprise has to comply with, in terms of data retention, deletion, notice requirements, etc. This is still a green a...
Conference Paper
The Trusted Computing Group (TCG) has developed specifications for computing platforms that create a foundation of trust for software processes, based on a small amount of extra hardware [1,2]. Several million commercial desktop and laptop products have been shipped based upon this technology, and there is increasing interest in deploying further p...
Conference Paper
People are often required to disclose personal identifying information (PII) in order to achieve their goals, e.g. when accessing services, obtaining information and goods, etc. Being able to say with absolute certainty that another party can be trusted to properly handle personal data with today's technology is probably unrealistic. Feedback solut...
Conference Paper
It is common practice for enterprises and other organisations to ask people to disclose their personal data in order to grant them access to services and engage in transactions. This practice is not going to disappear, at least in the foreseeable future. Most enterprises need personal information to run their businesses and provide the required ser...
Conference Paper
In this paper we describe a system for allocating computational re- sources to distributed applications and services (within distributed data centres and utility computing systems) in order to perform operations on personal or confidential data in a way that is compliant with associated privacy policies. Relevant privacy policies are selected on th...
Conference Paper
People are usually asked by enterprises and other organizations to disclose their personal information to access web services and engage in business interactions. Enterprises need this information to enable their business processes. This is unlikely to change, at least in the foreseeable future. When collecting personal data, enterprises must satis...
Conference Paper
This paper aims at setting the context for privacy-aware information lifecycle management within enterprises, i.e. the process of handling the lifecycle of personal and confidential information in a way that is compliant with privacy laws and people’s expectations (including data retention, deletion, notifications, data transformation, etc.). Despi...
Conference Paper
By 'Obligation Management' we refer to the definition, automated enforcement, and monitoring of privacy obligation policies. Privacy policies are nowadays found on most organisations' web pages, especially when data is directly collected from the user/customer. The paper demonstrates how users can influence rather than merely accept a privacy polic...
Article
This paper explores and analyses the explicit management of privacy obligations in enterprises. Privacy obligations dictate behaviours, tasks and constraints that must be satisfied by enterprises when handling personal and confidential data. it is important for enterprises to satisfy obligations to comply with laws, preserve their reputation and me...
Conference Paper
This paper describes issues and requirements related to privacy management as an aspect of improved governance in enterprises. Most of the existing related technical work is based on auditing and reporting mechanisms. The focus of this paper is on privacy enforcement for personal data: this is still a green field. To enforce the execution of privac...
Conference Paper
are retrieved from standard data repositories, in such a way that parts of these data are obfuscated and associated with privacy policies. Data structures containing confidential data are "first class" objects that can be sent to other parties. Entities that try to access their content can be different from those entities that retrieve these object...
Article
privacy, IT governance, privacy policy enforcement, privacy-aware access control, privacy obligations, regulatory compliance This paper describes issues and requirements related to privacy management as an aspect of improved governance in enterprises. It focuses on the privacy enforcement aspect, in particular related to privacy-aware access contro...
Conference Paper
This paper reviews trust from both a social and technological perspective and proposes a distinction between persistent and dynamic trust. Furthermore, this analysis is applied within the context of trusted computing technology.
Article
This paper draws a distinction between persistent and dynamic trust and analyses this distinction within the context of trusted computing technology. Abstract. This paper draws a distinction between persistent and dynamic trust and analyses this distinction within the context of trusted computing technology.
Article
Full-text available
Being able to say with absolute certainty that another party can be trusted to handle personal information with today's technology is probably unrealistic. In this paper we explain an approach to establishing trust based on the status of a remote platform and an anticipated willingness of the other party to comply with prior negotiated obligations....
Conference Paper
The management and enforcement of privacy obligations is a challenging task: it involves legal, organizational, behavioral and technical aspects. This area is relevant for enterprises and government agencies that deal with personal identity information. Privacy and data protection laws already regulate some of the related aspects. Technical work ha...
Article
This paper focuses on the problem of dealing with privacy obligations in enterprises. Privacy obligations dictate expected behaviours, tasks and constraints that must be satisfied when handling personal and confidential data. This includes being compliant with data retention policies and satisfying constraints dictated by customers’ opt-in and opt-...
Article
Digital identities are fundamental to enable digital interactions and transactions on the web. The current digital identity model, based on the "identity = data" paradigm, starts showing its limitations when addressing people's expectations about their identities (in terms of preferences, privacy, trust, etc.) and providing them with degrees of ass...
Conference Paper
Digital identities and profiles are valuable assets: they are more and more relevant to allow people to access services and information on the Internet. They need to be secured and protected. Unfortunately people have little control over the destiny of this information once it has been disclosed to third parties. People rely on enterprises and orga...
Conference Paper
The management of private and confidential information is a major problem for dynamic organizations. Secure solutions are needed to exchange confidential documents, protect them against unauthorized accesses and cope with changes of people's roles and permissions. Traditional cryptographic systems and PKI show their limitations, in terms of flexibi...
Conference Paper
Digital identities and profiles are precious assets. On one hand they enable users to engage in transactions and interactions on the Internet. On the other hand, abuses and leakages of this information could violate the privacy of their owners, sometimes with serious consequences. Nowadays most of the people have limited understanding of security a...
Article
This paper presents a distributed authorisation model suitable for use in a web service framework where multiple parties are involved in performing a particular transaction. The authorisation model uses a third party authorisation service that checks users or services' credentials against a set of authorisation policies. A traditional service provi...
Article
This paper describes our approach to the evolution of enterprise privacy policies and related privacy management ecosystems. We argue that it is important to be able to express enforceable privacy policies, to explicitly manage accountability and to develop the whole privacy infrastructure, rather than just one part of this. In this paper we briefl...
Article
Full-text available
This document describes an innovative approach and related mechanisms to enforce users' privacy by putting users in control and making organizations more accountable
Conference Paper
Digital information is increasingly more and more important to enable interactions and transactions on the Internet. On the other hand, leakages of sensitive information can have harmful effects for people, enterprises and governments.This paper focuses on the problems of dealing with timed release of confidential information and simplifying its ac...
Article
Full-text available
privacy policy, privacy language, accountability, enforcement, mobility This paper describes our approach to the evo lution of enterprise privacy policies and related privacy management ecosystems. We argue that it is important to be able to express enforceable privacy policies, to explicitly manage accountability and to develop the whole privacy i...
Article
The management of confidential and sensitive information is a major problem for people and organisations. Dynamic organisations require secure solutions to protect confidential documents against unauthorised access and to cope with changes to people's roles and permissions. Solutions based on traditional cryptographic systems and PKI show their lim...
Article
Full-text available
This paper describes our approach to the long-term evolution of enterprise privacy languages and related privacy management ecosystems. We believe in the importance of privacy languages that express enforceable policies, in the need for an explicit management of accountability and in the development of the whole privacy infrastructure, rather than...
Conference Paper
Digital information is increasingly more and more important to enable interactions and transactions on the Internet. On the other hand, leakages of sensitive information can have harmful effects for people, enterprises and governments.This paper focuses on the problems of dealing with timed release of confidential information and simplifying its ac...
Article
This paper focuses on the problem of protecting confidential information from unauthorized disclosures, subject to time-based criteria: it is a common issue in the industry, government and day-to-day life. We introduce an innovative service, the Time Vault Service, that leverages the emerging Identity-based Encryption (IBE) cryptography schema to e...
Article
Full-text available
In this paper we briefly describe some current techniques and mechanisms used to ensure diversity in software applications. We then introduce and discuss an alternative approach to software diversity aiming at the reduction of widespread software attacks and faults. This approach takes advantage of the componentisation of modern software solutions...
Article
Full-text available
This paper analyses the role identity services play in supporting business-to-business (B2B) e-commerce. There are many good reasons for outsourcing identity management, and current solutions address some of these such as convenience or access control at the time of a transaction
Article
In this paper we address the problem of providing up-to-date certified information in dynamic contexts without the burden of heavy management processes. We introduce and discuss the concept of active digital credential, based on a novel mechanism to provide up-to-date certified identity and profile information along with a fine-grained assessment o...
Article
Full-text available
Digital identities, profiles and their management are increasingly required to enable interactions and transactions on the Internet among people, enterprises, service providers and government institutions.
Conference Paper
The rise of e-marketplaces on the Internet is going to bring a broad new set of business opportunities to enterprises and customers at a fraction of the physical-world costs. However, to be really successful, these e-marketplaces must be open, trusted, fair and transparent. They must be able to convey on-line the same feeling of trust, security and...
Conference Paper
Full-text available
It is well understood that using a software component methodology can simplify the development and maintenance of systems. Web services allow this vision to be extended allowing components to be made available on the Internet. This paper proposes the use of trust services as third party Web services that allow trust operations to be extracted from...
Conference Paper
Full-text available
Recent IT attacks demonstrated how vulnerable consumers and enterprises are when adopting commercial and widely deployed operating systems, software applications and solutions. Diversity in software applications is fundamental to increase chances of survivability to faults and attacks. Current approaches to diversity are mainly based on the develop...
Conference Paper
Identities and profiles are important to enable e-commerce transactions. Recent initiatives, like Microsoft .MyServices and Liberty Alliance Project, aim at the provision of identity and profile management solutions along with mechanisms to simplify users’ experience. These solutions must be trusted and accountable. Current PKI solutions can be use...