Social and Behavioral Sciences Commons^™

Anopas: Practical Anonymous Transit Pass From Group Signatures With Time-Bound Keys, Rui Shi, Yang Yang, Yingjiu Li, Huamin Feng, Hwee Hwa Pang, Robert H. Deng

Research Collection School Of Computing and Information Systems

An anonymous transit pass system allows passengers to access transport services within fixed time periods, with their privileges automatically deactivating upon time expiration. Although existing transit pass systems are deployable on powerful devices like PCs, their adaptation to more user-friendly devices, such as mobile phones with smart cards, is inefficient due to their reliance on heavy-weight operations like bilinear maps. In this paper, we introduce an innovative anonymous transit pass system, dubbed Anopas, optimized for deployment on mobile phones with smart cards, where the smart card is responsible for crucial lightweight operations and the mobile phone handles key-independent and time-consuming …

Developing Singapore As A Smart Nation, Josephine Teo

Asian Management Insights

Mrs Josephine Teo, Singapore’s Minister for Communications and Information, and Minister-in-charge of Smart Nation and Cybersecurity, speaks about leading the country’s Smart Nation drive.

Privacy-Preserving Arbitrary Geometric Range Query In Mobile Internet Of Vehicles, Yinbin Miao, Lin Song, Xinghua Li, Hongwei Li, Kim-Kwang Raymond Choo, Robert H. Deng

Research Collection School Of Computing and Information Systems

The mobile Internet of Vehicles (IoVs) has great potential for intelligent transportation, and creates spatial data query demands to realize the value of data. Outsourcing spatial data to a cloud server eliminates the need for local computation and storage, but it leads to data security and privacy threats caused by untrusted third-parties. Existing privacy-preserving spatial range query solutions based on Homomorphic Encryption (HE) have been developed to increase security. However, in the single server model, the private key is held by the query user, which incurs high computation and communication burdens on query users due to multiple rounds of interactions. …

Decentralized Multimedia Data Sharing In Iov: A Learning-Based Equilibrium Of Supply And Demand, Jiani Fan, Minrui Xu, Jiale Guo, Lwin Khin Shar, Jiawen Kang, Dusit Niyato, Kwok-Yan Lam

Research Collection School Of Computing and Information Systems

The Internet of Vehicles (IoV) has great potential to transform transportation systems by enhancing road safety, reducing traffic congestion, and improving user experience through onboard infotainment applications. Decentralized data sharing can improve security, privacy, reliability, and facilitate infotainment data sharing in IoVs. However, decentralized data sharing may not achieve the expected efficiency if there are IoV users who only want to consume the shared data but are not willing to contribute their own data to the community, resulting in incomplete information observed by other vehicles and infrastructure, which can introduce additional transmission latency. Therefore, in this paper, by modeling the …

A Lightweight Privacy-Preserving Path Selection Scheme In Vanets, Guojun Wang, Huijie Yang

Research Collection School Of Computing and Information Systems

With the rapid development of edge computing, artificial intelligence and other technologies, intelligent transportation services in the vehicular ad hoc networks (VANETs) such as in-vehicle navigation and distress alert are increasingly being widely used in life. Currently, road navigation is an essential service in the vehicle network. However, when a user employs the road navigation service, his private data maybe exposed to roadside nodes. Meanwhile, when the trusted authorization sends the navigation route data to the user, the user can obtain all the road data. Especially, other unrequested data might be related to the military. Therefore, how to achieve secure …

Predictive Taxonomy Analytics (Lasso): Predicting Outcome Types Of Cyber Breach, Jing Rong Goh, Shaun S. Wang, Yaniv Harel, Gabriel Toh

Research Collection School Of Economics

Cyber breaches are costly for the global economy and extensive efforts have gone into improving the cybersecurity infrastructure. There are numerous types of cyber breaches that vary greatly in terms of cause and impact, resulting in an extensive literature for individual cyber breach type. Our paper seeks to provide a general framework that can be easily applied to analyze different types of cyber breaches. Our framework is inspired by the taxonomy approach in the cybersecurity literature, where it was proposed that an effective set of taxonomy can provide a direction on supporting improved decision-making in cyber risk management and selecting …

Gauging The Acceptance Of Contact Tracing Technology: An Empirical Study Of Singapore Residents’ Concerns With Sharing Their Information And Willingness To Trust, Ee-Ing Ong, Wee Ling Loo

Research Collection Yong Pung How School Of Law

In response to the COVID-19 pandemic, governments began implementing various forms of contact tracing technology. Singapore’s implementation of its contact tracing technology, TraceTogether, however, was met with significant concern by its population, with regard to privacy and data security. This concern did not fit with the general perception that Singaporeans have a high level of trust in its government. We explore this disconnect, using responses to our survey (conducted pre-COVID-19) in which we asked participants about their level of concern with the government and business collecting certain categories of personal data. The results show that respondents had less concern with …

Covid-19 One Year On: Security And Privacy Review Of Contact Tracing Mobile Apps, Wei Yang Ang, Lwin Khin Shar

Research Collection School Of Computing and Information Systems

The ongoing COVID-19 pandemic caused 3.8 million deaths since December 2019. At the current vaccination pace, this global pandemic could persist for several years. Throughout the world, contact tracing (CT) apps were developed, which play a significant role in mitigating the spread of COVID-19. This work examines the current state of security and privacy landscape of mobile CT apps. Our work is the first attempt, to our knowledge, which provides a comprehensive analysis of 70 CT apps used worldwide as of year Q1 2021. Among other findings, we observed that 80% of them may have handled sensitive data without adequate …

Secure Self-Checkout Kiosks Using Alma Api With Two-Factor Authentication, Ron Bulaon

Research Collection Library

Self-checkout kiosks have become a staple feature of many modern and digitized libraries. These devices are used by library patrons for self-service item loans. Most implementations are not new, in fact many of these systems are simple, straight forward and work as intended. But behind this useful technology, there is a security concern on authentication that has to be addressed.

In my proposed presentation, I will discuss the risk factors of self-checkout kiosks and propose a solution using Alma APIs. I will address the technical shortcomings of the current implementations, compared to the proposed solution, and where the weakest link …

Driving Cybersecurity Policy Insights From Information On The Internet, Qiu-Hong Wang, Steven Mark Miller, Robert H. Deng

Research Collection School Of Computing and Information Systems

Cybersecurity policy analytics quantitatively evaluates the effectiveness of cybersecurity protection measures consisting of both technical and managerial countermeasures and is inherently interdisciplinary work, drawing on the concepts and methods from economics, business, social science, and law.

A Tripartite Model Of Trust In Facebook: Acceptance Of Information Personalization, Privacy Concern, And Privacy Literacy, Sonny Rosenthal, Ole-Christian Wasenden, Gorm-Andreas Gronnevet, Rich Ling

Research Collection College of Integrative Studies

This study draws on the mental accounting perspective and a tripartite model of trust to explain why users trust Facebook. We argue that trust in Facebook is related to (1) trust in companies that collect personal data, (2) acceptance of information personalization, (3) low privacy concern, and (4) low privacy literacy. Further, we argue that privacy literacy amplifies the relationship between privacy concern and the other factors. This is because, among individuals with high privacy literacy, privacy concern is especially diagnostic of the potential harms of a loss of privacy. These arguments align broadly with theorizations about factors influencing privacy-related …

A Secure Flexible And Tampering-Resistant Data Sharing System For Vehicular Social Networks, Jianfei Sun, Hu Xiong, Shufan Zhang, Ximeng Liu, Jiaming Yuan, Robert H. Deng

Research Collection School Of Computing and Information Systems

Vehicular social networks (VSNs) have emerged as the promising paradigm of vehicular networks that can improve traffic safety, relieve traffic congestion and even provide comprehensive social services by sharing vehicular sensory data. To selectively share the sensory data with other vehicles in the vicinity and reduce the local storage burden of vehicles, the vehicular sensory data are usually outsourced to vehicle cloud server for sharing and searching. However, existing data sharing systems for VSNs can neither provide secure selective one-to-many data sharing and verifiable data retrieval over encrypted data nor ensure that the integrity of retrieved data. In this paper, …

Revisiting The Law Of Confidence In Singapore And A Proposal For A New Tort Of Misuse Of Private Information, Cheng Lim Saw, Zheng Wen Samuel Chan, Wen Min Chai

Research Collection Yong Pung How School Of Law

This article critically examines the recent Court of Appeal decision in I-Admin (Singapore) Pte Ltd v Hong Ying Ting [2020] 1 SLR 1130 and its implications for the law of confidence. The article begins by setting out the decision at first instance, and then on appeal. It argues that the Court of Appeal’s “modified approach” fails to meaningfully engage the plaintiff ’s wrongful gain interest and places the law’s emphasis primarily, if not wholly, on the plaintiff ’s wrongful loss interest. The new framework also appears to have been influenced by English jurisprudence, which has had a long but unhelpful …

Appmod: Helping Older Adults Manage Mobile Security With Online Social Help, Zhiyuan Wan, Lingfeng Bao, Debin Gao, Eran Toch, Xin Xia, Tamir Mendel, David Lo

Research Collection School Of Computing and Information Systems

The rapid adoption of Smartphone devices has caused increasing security and privacy risks and breaches. Catching up with ever-evolving contemporary smartphone technology challenges leads older adults (aged 50+) to reduce or to abandon their use of mobile technology. To tackle this problem, we present AppMoD, a community-based approach that allows delegation of security and privacy decisions a trusted social connection, such as a family member or a close friend. The trusted social connection can assist in the appropriate decision or make it on behalf of the user. We implement the approach as an Android app and describe the results of …

Situation-Aware Authenticated Video Broadcasting Over Train-Trackside Wifi Networks, Yongdong Wu, Dengpan Ye, Zhuo Wei, Qian Wang, William Tan, Robert H. Deng

Research Collection School Of Computing and Information Systems

Live video programmes can bring in better travel experience for subway passengers and earn abundant advertisement revenue for subway operators. However, because the train-trackside channels for video dissemination are easily accessible to anyone, the video traffic are vulnerable to attacks which may cause deadly tragedies. This paper presents a situation-aware authenticated video broadcasting scheme in the railway network which consists of train, on-board sensor, trackside GSM-R (Global System for Mobile Communications-Railway) device, WiFi AP (Access Point), and train control center. Specifically, the scheme has four modules: (1) a train uses its on-board sensors to obtain its speed, location, and RSSI …

Policy Analytics For Environmental Sustainability: Household Hazardous Waste And Water Impacts Of Carbon Pollution Standards, Kustini

Dissertations and Theses Collection (Open Access)

Policy analytics are essential in supporting more informed policy-making in environmental management. This dissertation employs a fusion of machine methods and explanatory empiricism that involves data analytics, math programming, optimization, econometrics, geospatial and spatiotemporal analysis, and other approaches for assessing and evaluating current and future environmental policies.
Essay 1 discusses household informedness and its impact on the collection and recycling of household hazardous waste (HHW). Household informedness is the degree to which households have the necessary information to make utility-maximizing decisions about the handling of their waste. Such informedness seems to be influenced by HHW public education and environmental quality …

Personal Data Protection Act 2012: Understanding The Consent Obligation, Man Yip

Research Collection Yong Pung How School Of Law

The Personal Data Protection Act 20121 (“PDPA”) provides the baseline standards of protection of personal data and works in tandem with existing law to provide comprehensive protection. The birth of the legislation clearly signals Singapore’s commitment to protect the collection, use and disclosure of personal data in the age of big data and its awareness of the importance of such protection in strengthening Singapore’s position as a leading commercial hub. Significantly, the PDPA protection model balances “both the rights of individuals to protect their personal data” against “the needs of organisations to collect, use or disclose personal data for legitimate …

Vulnerabilities, Attacks, And Countermeasures In Balise-Based Train Control Systems, Yongdong Wu, Jian Weng, Zhe Tang, Xin Li, Robert H. Deng

Research Collection School Of Computing and Information Systems

In modern rail transport systems, balises are widely used to exchange track-train information via air-gap interface. In this paper, we first present the vulnerabilities on the standard balise air-gap interface, and then conduct vulnerability simulations using the system parameters that were specified in the European Train Control System. The simulation results show that the vulnerabilities can be exploited to launch effective and practical attacks, which could lead to catastrophic consequences, such as train derailment or collision. To mitigate the vulnerabilities and attacks, we propose to implement a challenge-response authentication process in the air-gap interface in the existing transport infrastructure.