EAI Endorsed Transactions on Security and Safety https://publications.eai.eu/index.php/sesa <div class="abstract"> <p>Growing threats and increasingly also failures due to complexity may compromise the security and resilience of network and service infrastructures. Applications and services require the security of data handling and we need new security architectures and scalable and interoperable security policies for this. There is a need to guarantee end-to-end security in data communications and storage, including identity management and authentication.</p> <p><strong>INDEXING</strong>: DOAJ, CrossRef, Google Scholar, ProQuest, EBSCO, CNKI, Dimensions</p> <p> </p> </div> European Alliance for Innovation (EAI) en-US EAI Endorsed Transactions on Security and Safety 2032-9393 <p>This is an open-access article distributed under the terms of the Creative Commons Attribution <a href="https://creativecommons.org/licenses/by/3.0/" target="_blank" rel="noopener">CC BY 4.0</a> license, which permits unlimited use, distribution, and reproduction in any medium so long as the original work is properly cited.</p> SeFS: A Secure and Efficient File Sharing Framework based on the Trusted Execution Environment https://publications.eai.eu/index.php/sesa/article/view/2854 <p>As the cloud-based file sharing becomes increasingly popular, it is crucial to protect the outsourced data against unauthorized access. Existing cryptography-based approach suffers from expensive re-encryption upon permission revocation. Other solutions that utilize Trusted Execution Environment (TEE) to enforce access control either expose the plaintext keys to users or turn out incapable of handling concurrent requests. In this paper, we propose SeFS, a secure and practical file sharing framework that leverages cooperation of server-side and client-side enclaves to enforce access control, with the former responsible for registration, authentication and access control enforcement and the latter performing file decryption. Such design significantly reduces the computation workload of server-side enclave, thus capable of handling concurrent requests. Meanwhile, it also supports immediate permission revocation, since the file decryption keys inside the client-side enclaves are destroyed immediately after use. We implement a prototype of SeFS and the evaluation demonstrates it enforces access control securely with high throughput and low latency.</p> Yun He Xiaoqi Jia Shengzhi Zhang Lou Chitkushev Copyright (c) 2025 EAI Endorsed Transactions on Security and Safety https://creativecommons.org/licenses/by/4.0/ 2025-07-18 2025-07-18 9 1 10.4108/eetss.v9i1.2854 SoK: The Psychology of Insider Threats https://publications.eai.eu/index.php/sesa/article/view/9298 <p>This paper presents a systematic literature review on the psychology of insider threats—security risks originating from individuals within organizations. While this is a well-established research area, psychological perspectives remain underdeveloped. The extended version adds background to better contextualize the role of personality traits, psychological states, and situational factors in insider threats. The paper also highlights research gaps and the need for stronger theoretical foundations in this domain.</p> Mubashrah Saddiqa Jukka Ruohonen Copyright (c) 2025 EAI Endorsed Transactions on Security and Safety https://creativecommons.org/licenses/by/4.0/ 2025-06-19 2025-06-19 9 1 10.4108/eetss.v9i1.9298