Callegati, FrancoGiallorenzo, SaverioMelis, AndreaPrandini, Marco2016-12-292016-12-292017-01-04978-0-9981331-0-2http://hdl.handle.net/10125/41477Mobility as a Service (MaaS) applies the everything-as- \ a-service paradigm of Cloud Computing to transportation: a MaaS \ provider offers to its users the dynamic composition of solutions of \ different travel agencies into a single, consistent interface. \ Traditionally, transits and data on mobility belong to a scattered \ plethora of operators. Thus, we argue that the economic model of \ MaaS is that of federations of providers, each trading its resources to \ coordinate multi-modal solutions for mobility. Such flexibility comes \ with many security and privacy concerns, of which insider threat is \ one of the most prominent. In this paper, we follow a tiered structure \ — from individual operators to markets of federated MaaS providers \ — to classify the potential threats of each tier and propose the \ appropriate countermeasures, in an effort to mitigate the problems.10 pagesengAttribution-NonCommercial-NoDerivatives 4.0 InternationalMaaSMicroservicesIntegrityAuthenticationProvenanceConference Paper10.24251/HICSS.2017.321