P. Drogkaris, S. Gritzalis, C. Kalloniatis, C. Lambrinoudakis, A Hierarchical Multitier Approach for Privacy Policies in e-Government Environments, Future Internet , Vol. 7, No. 4, pp. 500-515, 2015, MDPI, http://www.mdpi.com/1999-5903/7/4/5...
P. Drogkaris, S. Gritzalis, C. Lambrinoudakis, Employing Privacy Policies and Preferences in Modern e-Government Environments, International Journal of Electronic Governance, Vol. 6, No. 2, pp. 101-116, 2013, Inderscience, http://inderscience.metapress.com/c...
The evolvement of e-Government has raised users’ concerns on personal data disclosure and privacy threats as more and more information is released to various governmental service providers. This paper addresses the consideration of users who would wish to retain control over their personal information while using advanced governmental electronic services. Additionally, it proposes a simple, yet effective, architecture which promotes the employment of Privacy Policies and Preferences in modern e-Government environments. The aim is to simplify the provision of electronic services while preserving users’ personal data and information privacy.
P. Drogkaris, A. Gritzalis, A Privacy Preserving Framework for Big Data in e-Government Environments, 12th International Conference on Trust, Privacy & Security in Digital Business (TrustBus 2015), pp. 210-218, 2015, Springer LNCS, http://link.springer.com/chapter/10...
Big data is widely considered as the next big trend in e-Government environments but at the same time one of the most emerging and critical issues due to the challenges it imposes. The large amount of data being retained by governmental Service Providers that can be (potentially) exploited during Data Mining and analytics processes, include personal data and personally identifiable information, raising privacy concerns, mostly regarding data minimization and purpose limitation. This paper addresses the consideration of Central Government to aggregate information without revealing personal identifiers of individuals and proposes a privacy preserving methodology that can be easily incorporated into already deployed electronic services and e-Government frameworks through the adoption of scalable and adaptable salted hashing techniques.
P. Drogkaris, Promoting Intelligent Analysts Training through Serious Gaming: The LEILA Approach, 12th European Mediterranean & Middle Eastern Conference on Information Systems, 2015, EMCIS Conference Proceedings
L. Mitrou, P. Drogkaris, G. Leventakis, Legal and Social Aspects of Surveillance Technologies: CCTV in Greece, International Conference on Citizens’ Perspectives on Surveillance, Security and Privacy: Controversies, Alternatives and Solutions, pp. 39-41, 2014, Conference Proceedings
P. Drogkaris, A. Gritzalis, C. Lambrinoudakis, Empowering Users to Specify and Manage their Privacy Preferences in e-Government Environments, 3rd International Conference on Electronic Government and the Information Systems Perspective (EGOVIS 2014), pp. 237 - 245, 2014, Springer LNCS, http://link.springer.com/chapter/10...
P. Drogkaris, G. Leventakis, A. Sfetsos, Promoting Law Enforcement Capabilities through Asynchronous Training and Serious Games in the Fight against Cybercrime, International Conference, The Rule of Law in a era of change: Security, Social Justice and Inclusive Governance, 2014, Conference Proceedings,
D. Kostopoulos, V. Tsoulkas, G. Leventakis, P. Drogkaris, V. Politopoulou, Real Time Threat Prediction, Identification and Mitigation for Critical Infrastructure Protection using Semantics, Event Processing and Sequential Analysis, 8th International Conference on Critical Information Infrastructures Security (CRITIS 2013), pp. 133-141, 2013, Springer LNCS, http://link.springer.com/chapter/10...
Seamless and faultless operational conditions of multi stakeholder Critical Infrastructures (CIs) are of high importance for today’s societies on a global scale. Due to their population impact, attacks against their interconnected components can create serious damages and performance degradation which eventually can result in a societal crisis. Therefore it is crucial to effectively and timely protect these high performance - critical systems against any type of ma-licious cyber-physical intrusions. This can be realized by protecting CIs against threat consequences or by blocking threats to take place at an early stage and preventing further escalation or predicting threat occurrences and have the ability to rapidly react by eliminating its roots. In this paper a novel architecture is proposed in which these three ways of confronting with cyber – physical threats are combined using a novel semantics based risk methodology that relies on real time behavioral analysis. The final prototype provides the CI operator with a decision tool (DST) that imprints the proposed approach and which is capable of alerting on new unknown threats, generate suggestions of the required counter-actions and alert of probable threat existence. The implemented architecture has been tested and validated in a proof of concept scenario of an airport CI with simulated monitoring data.
D. Kostopoulos, V. Tsoulkas, G. Leventakis, P. Drogkaris, V. Politopoulou, A Blend of Semantic Monitoring and Intrusion Detection Systems for the Protection of Critical Infrastructures: Research efforts within the Greek Cybercrime Center, Fifth International Conference on Computanional Intelligence, Communication Systems and Networks (CICSYN 2013), 2013, IEEE CPS,
D. Kostopoulos, V. Tsoulkas, G. Leventakis, P. Drogkaris, V. Politopoulou, Semantic Systems Modeling and Monitoring for Real Time Decision Making: Results and Next Steps within the Greek Cyber Security Center of Excellence, AMSS 15th International Conference on Modelling and Simulation (UK-SIM 2013), 2013, IEEE CPS,
D. Nunez , I. Agudo, P. Drogkaris, S. Gritzalis, Identity Management Challenges for Intercloud Applications, STAVE 2011 1st International Workshop on Security & Trust for Applications in Virtualised Environments, pp. 198-204, 2011, Springer CCIS, http://link.springer.com/content/pd...
Intercloud notion is gaining a lot of attention lately from both enterprise and academia, not only because of its benefits and expected results but also due to the challenges that it introduces regarding interoperability and standardisation. Identity management services are one of the main candidates to be outsourced into the Intercloud, since they are one of the most common services needed by companies and organisations. This paper addresses emerging identity management challenges that arise in intercloud formations, such as naming, identification, interoperability, identity life cycle management and single sign-on.
P. Drogkaris, S. Gritzalis, Attaching Multiple Personal Identifiers in X.509 Digital Certificates, EuroPKI 2010 7th European Workshop on Public Key Services, Applications and Infrastructures, pp. 171-177, 2010, Springer LNCS, http://download.springer.com/static...
The appeals for interoperable and decentralized Electronic Identity Management are rapidly increasing, especially since their contribution towards interoperability across the entire “electronic” public sector, effective information sharing and simplified access to electronic services, is unquestioned. This paper presents an efficient and user-centric method for storing multiple users’ identifiers in X.509 digital certificates while preserving their confidentiality, allowing for interoperable user identification in environments where users cannot be identified by an all embracing unique identifier.
P. Drogkaris, S. Gritzalis, C. Lambrinoudakis, Transforming the Greek e-Government Environment towards the e-Gov 2.0 Era, EGOVIS 2010 International Conference on Electronic Government and the Information Systems Perspective, pp. 142-149, 2010, Springer LNCS, http://link.springer.com/content/pd...
Modern e-Government environments across the public sector have achieved significant interoperability and coherence but are now in front of the next leap forward, which is the adaptation of Web 2.0 technologies. This transition towards e-Government 2.0 will not only improve participation, transparency and integration but it will also speed up the pace of innovation through collaboration and consultation. This paper presents an enhanced Greek e-Government Framework that fully incorporates Web 2.0 technologies along with an identification mechanism that retains compliance with existing authentication sub-framework taking into account the specific needs and requirements of the Greek Governmental Agencies.
P. Drogkaris, C. Lambrinoudakis, S. Gritzalis, Introducing Federated Identities to One-Stop-Shop e-Government Environments: The Greek Case, 19th Conference on eChallenges 2009, pp. 88 - 93, 2009, eChallenges Pub., http://www.icsd.aegean.gr/publicati...
Even though e-Government environments have achieved a certain interoperability level and coherence across public sector, there are several approaches, technologies and mechanisms that could aid these environments towards delivering more user-centric electronic services. This paper focuses on the aspect of identity management. More specifically it presents a framework that incorporates the notion of federation and federated identities in order to overcome the impediment of per-sector identifiers. Moreover, it provides Single Sign-On access to electronic services through the utilization of a linking mechanism. This framework has been based on the Greek Interoperability Framework and its specific requirements and limitations.
P. Drogkaris, S. Gritzalis, C. Lambrinoudakis, Enabling Secure Data Management in e-Government Environments: The Greek Case, EGOV 2009 8th International Conference on Electronic Government, pp. 138 - 144, 2009, Trauner Verlag
Modern e-Government environments adopt technologies that can support interoperability across the entire “electronic” public sector and thus new improved electronic services. At the same time new requirements are raised from the users. This paper presents ongoing research on a secure user data management architecture for e-Government environments. More specifically the utilization of Privacy Preferences and Privacy Policies along with the introduction of two entities responsible for administrating user documents and data management is proposed. The research work presented has been based on the Greek Interoperability Framework and it’s specific requirements and limitations.
P. Drogkaris, D. Geneiatakis, S. Gritzalis, C. Lambrinoudakis, L. Mitrou, Towards an Enhanced Authentication Framework for eGovernment Services: The Greek case, EGOV’08 7th International Conference on Electronic Government, pp. 189-196, 2008, Trauner Verlag, http://www.icsd.aegean.gr/publicati...
It is widely accepted that electronic Government environments have caused a complete transformation of the way individuals, businesses and governmental agencies interact with central government. However, the acceptance and success of e-Government services largely depend on the level of trust and confidence developed by the users to the provided services and the overall system security. Thus the employment of the appropriate authentication framework is a crucial factor. This paper focuses on the way to determine the appropriate trust level of an electronic service. Specifically, it provides guidelines according to the data required for a transaction, as well as to the available authentication and registration mechanisms. Moreover, a Single Sign-On architecture is proposed, supporting a uniform authentication procedure that depends on the level of trust required by the service. In the aforementioned research work specific requirements and limitations for Greece have been taken into account.