Skip to main content
SpringerLink
Log in

Securing National e-ID Infrastructures: Tor Networks as a Source of Threats

  • Conference paper
  • First Online:
Organizing for the Digital World

Part of the book series: Lecture Notes in Information Systems and Organisation ((LNISO,volume 28))

Abstract

Securing national electronic identification (e-ID) systems requires an in depth understanding of the associated threats. The trade of identity related artefacts in the darknet facilitates illegal activities such as identity theft in both physical and virtual worlds. This paper reports the findings of an exploratory analysis of identity trading in the darknet. We capture the key features of three major markets of fake IDs in Tor networks, and apply attack-defense trees to show how the security of an e-ID infrastructure is affected by this phenomenon.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Scrapy: A Fast and Powerful Scraping and Web Crawling Framework http://scrapy.org.

  2. 2.

    SecureITree, http://www.amenaza.com/documents.php.

References

  1. Kubicek, H., Noack, T.: Different countries-different paths extended comparison of the introduction of eIDs in eight European countries. Identity Inf. Soc. 235–245 (2010)

    Google Scholar 

  2. D’Atri, A., Spagnoletti, P., Za, S.: Institutional trust and security, new boundaries for virtual enterprises. In: Proceedings of 2nd International Workshop on Interoperability Solutions to Trust, Security, Policies and QoS for Enhanced Enterprise Systems, IS-TSPQ2007, March 26th, Funchal (Madeira Island), Portugal (2007)

    Google Scholar 

  3. Ondrus, J., Gannamaneni, A., Lyytinen, K.: The impact of openness on the market potential of multi-sided platforms: a case study of mobile payment platforms. J. Inf. Technol. 30, 260–275 (2015)

    Article  Google Scholar 

  4. Melin, U., Axelsson, K., Söderström, F.: Managing the development of e-ID in a public e-service context: challenges and path dependencies from a life-cycle perspective. Transform. Gov. People Process Policy 10, 72–98 (2016)

    Google Scholar 

  5. Åhlfeldt, R.M., Spagnoletti, P., Sindre, G.: Improving the information security model by using TFI. In: New Approaches for Security, Privacy and Trust in Complex Environments, pp. 73–84 (2007)

    Google Scholar 

  6. Baskerville, R., Spagnoletti, P., Kim, J.: Incident-centered information security: managing a strategic balance between prevention and response. Inf. Manag. 51, 138–151 (2014)

    Article  Google Scholar 

  7. Cavelty, M.D.: Cyber-security. In: Collins, A. (ed.) Contemporary Security Studies. pp. 362–377. Oxford University Press (2015)

    Google Scholar 

  8. Hanseth, O., Ciborra, C.: Risk, complexity and ICT. Edward Elgar Publishing Limited, Cheltenham, UK (2007)

    Book  Google Scholar 

  9. Obreja, A.R., Hart, P., Bednar, P.: Potential benefits of the deep web for SMEs Andreea-Roxanna. In: Caporarello, L. (ed.) Digitally Supported Innovation. pp. 63–80. Springer International Publishing (2016)

    Google Scholar 

  10. Kraemer-Mbula, E., Tang, P., Rush, H.: The cybercrime ecosystem: online innovation in the shadows? Technol. Forecast. Soc. Change 80, 541–555 (2013)

    Article  Google Scholar 

  11. Soska, K., Christin, N.: Measuring the longitudinal evolution of the online anonymous marketplace ecosystem. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 33–48 (2015)

    Google Scholar 

  12. Christin, N.: Traveling the silk road: a measurement analysis of a large anonymous online marketplace. In: Proceedings of 22nd International Conference on World Wide Web, pp. 213–224 (2013)

    Google Scholar 

  13. Bok, S.: Secrets: on the ethics of concealment and revelation. Vintage (1989)

    Google Scholar 

  14. Bakker, R.M., Raab, J., Milward, H.B.: A preliminary theory of dark network resilience. J. policy Anal. Manag. 31, 33–62 (2012)

    Article  Google Scholar 

  15. Brinton Milward, H., Raab, J.: Dark networks as organizational problems: elements of a theory 1. Int. Public Manag. J. 9, 333–360 (2006)

    Article  Google Scholar 

  16. Hollenbaugh, E.E., Everett, M.K.: The effects of anonymity on self-disclosure in blogs: an application of the online disinhibition effect. J. Comput. Commun. 18, 283–302 (2013)

    Google Scholar 

  17. Hudson, B.A., Okhuysen, G.A.: Not with a ten-foot pole: core stigma, stigma transfer, and improbable persistence of men’s bathhouses. Organ. Sci. 20, 134–153 (2009)

    Article  Google Scholar 

  18. Baker, W.E., Faulkner, R.R.: The social organization of conspiracy: illegal networks in the heavy electrical equipment industry. Am. Sociol. Rev. 837–860 (1993)

    Google Scholar 

  19. Stohl, C., Stohl, M.: Secret agencies: the communicative constitution of a clandestine organization. Organ. Stud. 32, 1197–1215 (2011)

    Article  Google Scholar 

  20. Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system (2008)

    Google Scholar 

  21. Ron, D., Shamir, A.: Quantitative analysis of the full bitcoin transaction graph. In: International Conference on Financial Cryptography and Data Security, pp. 6–24. Springer (2013)

    Google Scholar 

  22. Dierksmeier, C., Seele, P.: Crypto currencies and business ethics. J. Bus. Ethics. 1–14 (2016)

    Google Scholar 

  23. Batabyal, A.A.: Human actions, the survival of keystone species, and the resilience of ecological–economic systems. Resour. Policy. 28, 153–157 (2002)

    Article  Google Scholar 

  24. Sutcliffe, K.M., Vogus, T.J.: Organizing for resilience. In: Positive Organizational Scholarship: Foundations of a New Discipline, vol. 94, pp. 110 (2003)

    Google Scholar 

  25. Han, W., Cao, Y., Bertino, E., Yong, J.: Using automated individual white-list to protect web digital identities. Expert Syst. Appl. 39, 11861–11869 (2012)

    Article  Google Scholar 

  26. Maler, E., Reed, D.: The Venn of identity. IEEE Secur. Priv. 6, 16–23 (2008)

    Article  Google Scholar 

  27. Mont, M.C., Pearson, S., Bramhall, P.: Towards accountable management of identity and privacy: sticky policies and enforceable tracing services. In: Proceedings of 14th International Workshop on Database and Expert Systems Applications, 2003, pp. 377–382. IEEE (2003)

    Google Scholar 

  28. Halperin, R., Backhouse, J.: A roadmap for research on identity in the information society. Identity Inf. Soc. 1, 14–15 (2008)

    Google Scholar 

  29. Schneier, B.: Attack Trees. Dr. Dobb’s J. Softw. Tools 24, 21–29 (1999)

    Google Scholar 

  30. Fraile, M., Ford, M., Gadyatskaya, O., Kumar, R.: Using attack-defense trees to analyze threats and countermeasures in an ATM : a case study. In: Horkoff, J., Jeusfeld, M., Persson, A. (eds.) The Practice of Enterprise Modeling, PoEM, pp. 326–334. Springer, Cham (2016)

    Google Scholar 

  31. Willison, R.: Understanding the offender/environment dynamic for computer crimes. Inf. Technol. People. 19, 170–187 (2006)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LUISS University, Rome, Italy

    Paolo Spagnoletti, Gianluigi Me & Andrea Prencipe

  2. G. d’Annunzio University, Pescara, Italy

    Federica Ceci

Authors
  1. Paolo Spagnoletti
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gianluigi Me
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Federica Ceci
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Andrea Prencipe
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Paolo Spagnoletti .

Editor information

Editors and Affiliations

  1. Department of Informatics, Systems and Communication, University of Milano-Bicocca, Milan, Italy

    Federico Cabitza

  2. Department of Informatics, Systems and Communication, University of Milano-Bicocca, Milan, Italy

    Carlo Batini

  3. Department of Management and Technology, Bocconi University, Milan, Italy

    Massimo Magni

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Spagnoletti, P., Me, G., Ceci, F., Prencipe, A. (2019). Securing National e-ID Infrastructures: Tor Networks as a Source of Threats. In: Cabitza, F., Batini, C., Magni, M. (eds) Organizing for the Digital World. Lecture Notes in Information Systems and Organisation, vol 28. Springer, Cham. https://doi.org/10.1007/978-3-319-90503-7_9

Download citation

Publish with us

Policies and ethics

Search

Navigation