Abstract
Joint Communication and Sensing (JCAS) systems are emerging as a core technology for next-generation wireless systems due to the potential to achieve higher spectral efficiency, energy savings, and new services beyond communications. This paper provides a review of the state-of-the-art in JCAS systems by focusing on obtrusive passive sensing capabilities and inherent security and privacy challenges that arise from the integration of communication and sensing. From this point of view, we discuss existing techniques for mitigating security and privacy issues, as well as important aspects for the designing of secure and privacy-aware JCAS systems. Additionally, we discuss future research directions by emphasizing on new enabling technologies and their integration on JCAS systems along with their role in privacy and security aspects. We also discuss the required modifications to existing systems and the design of new systems with privacy and security awareness, where the challenging trade-offs between security, privacy and performance of the JCAS system must be considered.

Abstract
Location privacy is a major concern in the current digital society, due to the sensitive information that can be inferred from location data. This has led smartphones' Operating Systems (OSs) to strongly tighten access to location information in the last few years. The same tightening has, however, not yet happened when it comes to our second most carried around device: the laptop. In this work, we demonstrate the privacy risks resulting from the fact that major laptop OSs still expose WiFi data to installed software, thus enabling to infer location information from WiFi Access Points (APs). Using data collected in a real-world experiment, we show that laptops are often carried along with smartphones and that a large fraction of our mobility profile can be inferred from WiFi APs accessed on laptops, thus concluding on the need to protect the access to WiFi data on laptops.

Abstract
The pervasiveness of mobile devices has fostered a multitude of services and applications, but also raised serious privacy concerns. In order to avoid users' tracking and/or users' fingerprinting, smartphones have been tightening the access to unique identifiers. Nevertheless, smartphone applications can still collect diverse data from available sensors and smartphone resources. Using real-world data from a field study we performed, this paper demonstrates the possibility of fingerprinting users from Wi-Fi data in mobile devices and the consequent privacy impact. From the performed analysis, we concluded that a single snapshot of a set of scanned Wi-Fi BSSIDs (MAC addresses) per user is enough to uniquely identify about 99% of the users. In addition, the most frequent Wi-Fi BSSID is sufficient to re-identify more than 90% of the users, a percentage that goes up to 97% of the users with the top-2 scanned BSSIDs. The Wi-Fi SSID (network name) also leads to a re-identification risk of about 83% and 97% with 1 and 2 of the strongest Wi-Fi Access Points (APs), respectively.

Abstract
We introduce a novel blockchain-based interledger authorisation scheme, a unique solution designed to support delegated authorisation management in cross-domain cloud environments. This innovative approach enables client applications, acting on behalf of a user, to request access to specific resources owned by a different organization. It benefits cross-domain multi-cloud applications, such as large-scale collaboration projects involving multiple cloud service providers. Multi-cloud presents authorisation challenges because of complex access control operations in multiple distinct domains. OAuth2 is the state-of-the-art choice for delegated authorisation. However, it falls short in handling such complex interactions with multiple authorisation servers and resource servers, and this is our motivation. Compared with OAuth2, our approach overcomes the limitations of a centralized model and achieves coordinated distinct delegations among multiple entities without a thirdparty trusted component. authorisation servers are blockchain participants and designated access token issuers, ensuring minimum client data collection and promoting client privacy. Multiple smart contracts are deployed in our multi-ledger blockchain environment to guarantee the provenance of the authorisation operations and facilitate scalable cross-domain authorisation. Our hybrid interledger model combines security techniques such as blockchain-based device authentication, hashed time-lock contracts (HTLCs), and service discovery. The blockchain-based device authentication ensures secure and trusted interactions, HTLCs enable time-bound transactions, and service discovery simplifies finding and connecting to the required cloud services. Our experimental evaluation provides insights into the scalability of our approach, which achieves decentralized authorisation in a multi-cloud environment with acceptable latencies compared with related works and shows stable throughput against concurrent authorisation requests in a multi-ledger system.

Abstract
Nowadays ransomware attacks have become one of the main problems organizations face. The threat of ransomware attacks, with their capacity to paralyze entire organizations, creates the need to develop a ransomware recovery utility function to help further prepare for the impact of such attacks and enhance the organization's knowledge and perception of risk. This work proposes a ransomware recovery utility function that aims to estimate the impact of a ransomware attack measured in manpower hours till recovery and taking into account different devices and different scenarios.

Abstract
The world economy depends on information systems. Business value resides in the data stored on Information Technology (IT) systems and on the processes run with those data. Malicious actors target these IT systems to extract value out of them using different cyberattacks. Denial of Service (DoS) attacks are a common and harmful method to render IT systems connected to the Internet and, consequently, business processes running on top of them, unavailable. Cybersecurity researchers in the industry and academia are in search of early warning and detection systems to detect and mitigate these DoS attacks. This article proposes a novel early detection strategy for DoS attacks based on the information provided by Horizontal Visibility Graphs (HVG) and Natural Visibility Graphs (VG) obtained out of the network flows monitored at the receiving end of the attack. From the primary results obtained, this strategy can detect a DoS attack under 70ms and 30 packets. These results point out that the application HVGs and VGs is a relevant and promising research direction to prevent or mitigate the impact of a DoS attack.