Compare commits
2 Commits
aa274da3d2
...
59b91e608b
| Author | SHA1 | Date | |
|---|---|---|---|
| 59b91e608b | |||
| 89e81b122c |
@@ -7,16 +7,18 @@ full-title:: Privacy in the Cashless Society: A Dual Case Study Evaluation of l
|
||||
date-start:: [[16-01-2026]] - 11:08
|
||||
date-submitted::
|
||||
external-links::
|
||||
status:: [[DOING]]
|
||||
status:: [[DONE]]
|
||||
deadline-submission::
|
||||
file::
|
||||
parent::
|
||||
todoist:: https://app.todoist.com/app/task/jssoftware-d-25-01678-6fGCW438gGXcpFRg
|
||||
|
||||
- ### [[Comments]]
|
||||
- Summary: The paper evaluates the LINDDUN privacy threat modeling framework through two distinct case studies: a mobile digital wallet service and an NFC-based festival payment system. To establish a baseline, the authors conducted a transdisciplinary literature review that identified five core privacy concerns prevalent in a cashless society. Subsequently, the LINDDUN methodology was employed to elicit technical privacy threats for both cases, followed by a compatibility assessment to compare these technical findings with the broader concerns found in literature. The study found that while LINDDUN is highly effective at identifying technical architectural "hotspots", its system-centric nature makes it less suited for anticipating consequential societal harms, such as long-term surveillance, or the future repurposing of financial data (function creep).
|
||||
- Summary: The paper evaluates the LINDDUN privacy threat modeling framework through two distinct case studies, i.e., a mobile digital wallet service and an NFC-based festival payment system. To establish a baseline, the authors conducted a transdisciplinary literature review that identified five core privacy concerns prevalent in a cashless society. Subsequently, the LINDDUN methodology was employed to elicit technical privacy threats for both cases, followed by a compatibility assessment to compare these technical findings with the broader concerns found in literature. The study found that while LINDDUN is highly effective at identifying technical architectural "hotspots", its system-centric nature makes it less suited for anticipating consequential societal harms, such as long-term surveillance, or the future repurposing of financial data.
|
||||
- Comments: The paper is about an interesting topic even though it is affected by presentation issues that compromise the quality of the overall work as discussed below:
|
||||
- The authors acknowledge that their threat models are based exclusively on publicly available technical documentation. This reliance introduces a significant threat to construct validity, as proprietary implementation details and internal data-handling practices are often omitted from public manuals. Consequently, the resulting threat models may be incomplete or fail to capture "peculiar" privacy vulnerabilities that only emerge at the implementation level, potentially leading to a superficial assessment of the systems' actual privacy posture.
|
||||
- The authors acknowledge that their threat models are based exclusively on publicly available technical documentation. This reliance introduces a significant threat to construct validity, as proprietary implementation details and internal data-handling practices are often omitted from public manuals. Consequently, the resulting threat models may be incomplete or fail to capture "peculiar" privacy vulnerabilities that only emerge at the implementation level, potentially leading to a superficial assessment of the systems' actual privacy setting.
|
||||
- Although the paper evaluates two distinct technologies, it lacks a rigorous discussion regarding the representativeness of these cases within the broader landscape of digital payments. To strengthen the work, the authors should explicitly map these "paragon examples" against the wider ecosystem of cashless means, such as decentralized cryptocurrencies, or traditional bank-led digital transfers. Without this context, it is difficult to determine if the identified gaps in LINDDUN are universal or specific to the selected technologies.
|
||||
- The paper is not entirely self-contained, which may hinder its accessibility for readers outside the specialized privacy engineering community. From a software engineering perspective, it remains unclear how these findings can be operationalized in practice. The authors should clarify how a development team can employ these results to improve system design in a real-world context. Furthermore, the generalizability of the analysis is questionable; the authors should discuss whether the simplifications made during the DFD modeling phase significantly skewed the assessment results or if the findings remain robust across higher-fidelity system architectures
|
||||
- The paper is not entirely self-contained, which may hinder its accessibility for readers outside the specialized privacy engineering community. From a software engineering perspective, it remains unclear how these findings can be operationalized in practice. The authors should clarify how a development team can employ these results to improve system design in a real-world context.
|
||||
- The generalizability of the analysis is questionable; the authors should discuss whether the simplifications made during the DFD modeling phase significantly skewed the assessment results or if the findings remain robust across different system architectures
|
||||
- Please give a frank account of the strengths and weaknesses of the article: This paper provides a critical, transdisciplinary evaluation of a leading privacy framework (LINDDUN) applied to a high-impact societal shift. However, as a practical guide for software engineers, its utility is limited by its abstraction from implementation details and its heavy reliance on external framework knowledge.
|
||||
-
|
||||
@@ -204,11 +204,11 @@ progress:: {{renderer :todomaster}}
|
||||
- TODO [[Deliverable D3.2]]
|
||||
todoist-desc:: [MOSAICO D3.2 - Online LaTeX Editor Overleaf](https://www.overleaf.com/project/693c083f94f20a5d73e1824c)
|
||||
todoist-id:: [9822333606](https://app.todoist.com/app/task/9822333606)
|
||||
SCHEDULED: <2026-01-16 Fri>
|
||||
SCHEDULED: <2026-01-19 Mon>
|
||||
- TODO [#B] [[TOOL DEMO TRACK - MODELS 2026 Organizing Committee]]
|
||||
todoist-desc:: From: lolaburgueno@uma.es
|
||||
todoist-id:: [9789940282](https://app.todoist.com/app/task/9789940282)
|
||||
SCHEDULED: <2026-01-16 Fri>
|
||||
SCHEDULED: <2026-01-17 Sat>
|
||||
- DONE [#B] [[PAPERS/J-2026-JSS-RAGGuard]]
|
||||
todoist-desc:: *Paper rifiutato a SANER 2026 (I commenti sono* [Document shared with you: ‘SANER2026-RAGGuard-Reviews’ - davide.diruscio@gmail.com - Gmail](https://mail.google.com/mail/u/0/#all/FMfcgzQdzmXLPrtWwckTPvVSQhrHDXGf))
|
||||
todoist-id:: [9892059786](https://app.todoist.com/app/task/9892059786)
|
||||
|
||||
@@ -89,13 +89,6 @@
|
||||
todoist-desc:: [Web Link](https://outlook.office365.com/owa/?ItemID=AAkALgAAAAAAHYQDEapmEc2byACqAC%2FEWg0AjoVpQvBez0Ss5ZY2WGWEJgAIl%2Bn3sQAA&exvsurl=1&viewmodel=ReadMessageItem) Okay, here’s a task description based on the email content "R: proposta per Univaq On Air - dottorandi di ricerca," crafted to be actionable and clearly defined. **Task Title:** Draft and Submit Proposal for Univaq On Air Doctoral Student Position **Description:** This task involves drafting and submitting a formal proposal to Univaq On Air for the recruitment of Doctoral Student positions within the “On Air” initiative. The goal is to showcase the applicant’s qualifications and research interests to align with the organization’s objectives. **Actionable Steps:** 1. **Review the Proposal Guidelines:** (Immediately – within the next 24 hours) Thoroughly review the official Univaq On Air proposal guidelines and requirements, specifically focusing on the detail of the “doctoral student” category. Ensure the proposal adheres to all formatting and content specifications. (This requires access to the official guidelines document.) 2. **Identify Candidate Profiles:** Based on the email content, identify specific research areas and skills that are most relevant to Univaq On Air’s priorities (likely related to data analysis, AI, or related fields). Create a shortlist of potential candidates. (Requires preliminary research – look for clues in the email regarding the types of research they’re interested in). 3. **Draft Proposal Sections:** Begin drafting the key sections of the proposal, including: * **Executive Summary:** Briefly outline the proposal's purpose and key qualifications. * **Research Background:** Highlight relevant academic experience and previous research (demonstrating understanding of the field). * **Proposed Research Project:** Clearly define the research project (topic, methodology, expected outcomes). * **Fit with Univaq On Air:** Explain why this project aligns with Univaq On Air's priorities and initiatives. * **Timeline & Resources:** Provide a realistic timeline for completion and outline required resources (funding, equipment, software, etc.). 4. **Review and Refine:** Have a colleague (ideally someone familiar with similar research projects) review the draft proposal for clarity, accuracy, and adherence to the guidelines. (Schedule a brief review meeting – 6-8 hours) 5. **Submit Proposal:** Submit the final, approved proposal to Univaq On Air via [Specify Submission Method – e.g., online portal, email]. Ensure all required attachments are included. **Deliverables:** A complete, formatted proposal document ready for submission. **Priority:** High - This task is crucial for securing the Doctoral Student positions. --- **To help me refine this task further, could you tell me:** * Are there any specific aspects of the "On Air" initiative you want to emphasize in the proposal? * What is the deadline for submitting the proposal?
|
||||
todoist-labels:: #outlook365
|
||||
todoist-status:: ◼️
|
||||
- [[2026-01-16]] JSSOFTWARE-D-25-01678
|
||||
todoist-id:: [6fGCW438gGXcpFRg](https://todoist.com/showTask?id=6fGCW438gGXcpFRg)
|
||||
todoist-project:: #📜 REVIEWS
|
||||
todoist-due:: 2026-01-16
|
||||
todoist-desc:: From: em@editorialmanager.com Received: 2025-11-11T13:29:02Z ✉: [Web Link](https://outlook.office365.com/owa/?ItemID=AAMkADM1NGNiNjk0LTY0ZGUtNDgzOC04MDM5LWNhODNkYWNjNjU4YwBGAAAAAACT6qp78kRgRKuUMBdWEga%2FBwCOhWlC8F7PRKzlljZYZYQmAAAAAAEMAACOhWlC8F7PRKzlljZYZYQmAAhtthIxAAA%3D&exvsurl=1&viewmodel=ReadMessageItem) --- The article is asking Dr. Davide Di Ruscio to review a manuscript for The Journal of Systems & Software. The manuscript is titled "Privacy in the Cashless Society: A Dual Case Study Evaluation of LINDDUN". The email includes the following information: * Thanking Dr. Di Ruscio for agreeing to review the manuscript * Providing details on how to access the manuscript, including the login credentials and the deadline for submitting comments * Highlighting the importance of confidentiality and the need to keep the review process confidential * Informing Dr. Di Ruscio that he is entitled to complimentary access to ScienceDirect and Scopus as a reviewer * Providing links to the Reviewer Guidelines and the Journal's Guide for Authors Overall, the email is professional and provides all the necessary information for Dr. Di Russo to review the manuscript. --- Ms. Ref. No.: JSSOFTWARE-D-25-01678 Title: Privacy in the Cashless Society: A Dual Case Study Evaluation of LINDDUN The Journal of Systems & Software Dear Dr. Davide Di Ruscio, Thank you for agreeing to review manuscript number JSSOFTWARE-D-25-016
|
||||
todoist-labels:: #S3
|
||||
todoist-status:: ◼️
|
||||
- [[2026-01-16]] Request for Coordination of Erasmus+ Credit Mobility Visit KA131-KA171-2025
|
||||
todoist-id:: [6fhmv6WmXqMGW2j6](https://todoist.com/showTask?id=6fhmv6WmXqMGW2j6)
|
||||
todoist-project:: #📧EmailsToAnswer
|
||||
@@ -116,4 +109,9 @@
|
||||
todoist-id:: [6fmgQ86Xg6PfjRrm](https://todoist.com/showTask?id=6fmgQ86Xg6PfjRrm)
|
||||
todoist-project:: #📗 Personal
|
||||
todoist-due:: 2026-01-16
|
||||
todoist-status:: ◼️
|
||||
todoist-status:: ◼️
|
||||
- [[2026-01-16]] JSSOFTWARE-D-25-01678 @📅 S3
|
||||
todoist-id:: [9724132225](https://todoist.com/showTask?id=9724132225)
|
||||
todoist-project:: #Inbox
|
||||
todoist-completed:: [[2026-01-16]]
|
||||
todoist-status:: ✅
|
||||
Reference in New Issue
Block a user