Abstract
Securing national electronic identification (e-ID) systems requires an in depth understanding of the associated threats. The trade of identity related artefacts in the darknet facilitates illegal activities such as identity theft in both physical and virtual worlds. This paper reports the findings of an exploratory analysis of identity trading in the darknet. We capture the key features of three major markets of fake IDs in Tor networks, and apply attack-defense trees to show how the security of an e-ID infrastructure is affected by this phenomenon.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Scrapy: A Fast and Powerful Scraping and Web Crawling Framework http://scrapy.org.
- 2.
SecureITree, http://www.amenaza.com/documents.php.
References
Kubicek, H., Noack, T.: Different countries-different paths extended comparison of the introduction of eIDs in eight European countries. Identity Inf. Soc. 235–245 (2010)
D’Atri, A., Spagnoletti, P., Za, S.: Institutional trust and security, new boundaries for virtual enterprises. In: Proceedings of 2nd International Workshop on Interoperability Solutions to Trust, Security, Policies and QoS for Enhanced Enterprise Systems, IS-TSPQ2007, March 26th, Funchal (Madeira Island), Portugal (2007)
Ondrus, J., Gannamaneni, A., Lyytinen, K.: The impact of openness on the market potential of multi-sided platforms: a case study of mobile payment platforms. J. Inf. Technol. 30, 260–275 (2015)
Melin, U., Axelsson, K., Söderström, F.: Managing the development of e-ID in a public e-service context: challenges and path dependencies from a life-cycle perspective. Transform. Gov. People Process Policy 10, 72–98 (2016)
Åhlfeldt, R.M., Spagnoletti, P., Sindre, G.: Improving the information security model by using TFI. In: New Approaches for Security, Privacy and Trust in Complex Environments, pp. 73–84 (2007)
Baskerville, R., Spagnoletti, P., Kim, J.: Incident-centered information security: managing a strategic balance between prevention and response. Inf. Manag. 51, 138–151 (2014)
Cavelty, M.D.: Cyber-security. In: Collins, A. (ed.) Contemporary Security Studies. pp. 362–377. Oxford University Press (2015)
Hanseth, O., Ciborra, C.: Risk, complexity and ICT. Edward Elgar Publishing Limited, Cheltenham, UK (2007)
Obreja, A.R., Hart, P., Bednar, P.: Potential benefits of the deep web for SMEs Andreea-Roxanna. In: Caporarello, L. (ed.) Digitally Supported Innovation. pp. 63–80. Springer International Publishing (2016)
Kraemer-Mbula, E., Tang, P., Rush, H.: The cybercrime ecosystem: online innovation in the shadows? Technol. Forecast. Soc. Change 80, 541–555 (2013)
Soska, K., Christin, N.: Measuring the longitudinal evolution of the online anonymous marketplace ecosystem. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 33–48 (2015)
Christin, N.: Traveling the silk road: a measurement analysis of a large anonymous online marketplace. In: Proceedings of 22nd International Conference on World Wide Web, pp. 213–224 (2013)
Bok, S.: Secrets: on the ethics of concealment and revelation. Vintage (1989)
Bakker, R.M., Raab, J., Milward, H.B.: A preliminary theory of dark network resilience. J. policy Anal. Manag. 31, 33–62 (2012)
Brinton Milward, H., Raab, J.: Dark networks as organizational problems: elements of a theory 1. Int. Public Manag. J. 9, 333–360 (2006)
Hollenbaugh, E.E., Everett, M.K.: The effects of anonymity on self-disclosure in blogs: an application of the online disinhibition effect. J. Comput. Commun. 18, 283–302 (2013)
Hudson, B.A., Okhuysen, G.A.: Not with a ten-foot pole: core stigma, stigma transfer, and improbable persistence of men’s bathhouses. Organ. Sci. 20, 134–153 (2009)
Baker, W.E., Faulkner, R.R.: The social organization of conspiracy: illegal networks in the heavy electrical equipment industry. Am. Sociol. Rev. 837–860 (1993)
Stohl, C., Stohl, M.: Secret agencies: the communicative constitution of a clandestine organization. Organ. Stud. 32, 1197–1215 (2011)
Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system (2008)
Ron, D., Shamir, A.: Quantitative analysis of the full bitcoin transaction graph. In: International Conference on Financial Cryptography and Data Security, pp. 6–24. Springer (2013)
Dierksmeier, C., Seele, P.: Crypto currencies and business ethics. J. Bus. Ethics. 1–14 (2016)
Batabyal, A.A.: Human actions, the survival of keystone species, and the resilience of ecological–economic systems. Resour. Policy. 28, 153–157 (2002)
Sutcliffe, K.M., Vogus, T.J.: Organizing for resilience. In: Positive Organizational Scholarship: Foundations of a New Discipline, vol. 94, pp. 110 (2003)
Han, W., Cao, Y., Bertino, E., Yong, J.: Using automated individual white-list to protect web digital identities. Expert Syst. Appl. 39, 11861–11869 (2012)
Maler, E., Reed, D.: The Venn of identity. IEEE Secur. Priv. 6, 16–23 (2008)
Mont, M.C., Pearson, S., Bramhall, P.: Towards accountable management of identity and privacy: sticky policies and enforceable tracing services. In: Proceedings of 14th International Workshop on Database and Expert Systems Applications, 2003, pp. 377–382. IEEE (2003)
Halperin, R., Backhouse, J.: A roadmap for research on identity in the information society. Identity Inf. Soc. 1, 14–15 (2008)
Schneier, B.: Attack Trees. Dr. Dobb’s J. Softw. Tools 24, 21–29 (1999)
Fraile, M., Ford, M., Gadyatskaya, O., Kumar, R.: Using attack-defense trees to analyze threats and countermeasures in an ATM : a case study. In: Horkoff, J., Jeusfeld, M., Persson, A. (eds.) The Practice of Enterprise Modeling, PoEM, pp. 326–334. Springer, Cham (2016)
Willison, R.: Understanding the offender/environment dynamic for computer crimes. Inf. Technol. People. 19, 170–187 (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Spagnoletti, P., Me, G., Ceci, F., Prencipe, A. (2019). Securing National e-ID Infrastructures: Tor Networks as a Source of Threats. In: Cabitza, F., Batini, C., Magni, M. (eds) Organizing for the Digital World. Lecture Notes in Information Systems and Organisation, vol 28. Springer, Cham. https://doi.org/10.1007/978-3-319-90503-7_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-90503-7_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-90502-0
Online ISBN: 978-3-319-90503-7
eBook Packages: Business and ManagementBusiness and Management (R0)