Dissertations / Theses on the topic 'Data and information privacy'
To see the other types of publications on this topic, follow the link: Data and information privacy.
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Data and information privacy.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Aron, Yotam. "Information privacy for linked data." Thesis, Massachusetts Institute of Technology, 2013. http://hdl.handle.net/1721.1/85215.
Full textAbstract:
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2013.This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.
Cataloged from student-submitted PDF version of thesis.
Includes bibliographical references (pages 77-79).
As data mining over massive amounts of linked data becomes more and more prevalent in research applications, information privacy becomes a more important issue. This is especially true in the biological and medical fields, where information sensitivity is high. Previous experience has shown that simple anonymization techniques, such as removing an individual's name from a data set, are inadequate to fully protect the data's participants. While strong privacy guarantees have been studied for relational databases, these are virtually non-existent for graph-structured linked data. This line of research is important, however, since the aggregation of data across different web sources may lead to privacy leaks. The ontological structure of linked data especially aids these attacks on privacy. The purpose of this thesis is two-fold. The first is to investigate differential privacy, a strong privacy guarantee, and how to construct differentially-private mechanisms for linked data. The second involves the design and implementation of the SPARQL Privacy Insurance Module (SPIM). Using a combination of well-studied techniques, such as authentication and access control, and the mechanisms developed to maintain differential privacy over linked data, it attempts to limit privacy hazards for SPARQL queries. By using these privacy-preservation techniques, data owners may be more willing to share their data sets with other researchers without the fear that it will be misused. Consequently, we can expect greater sharing of information, which will foster collaboration and improve the types of data that researchers can have access to.
by Yotam Aron.
M. Eng.
2
El-Sheikh, Mahmoud Mohamed Omar. "Developing a Libyan information privacy framework." Thesis, Queensland University of Technology, 2014. https://eprints.qut.edu.au/65866/1/Mahmoud%20Mohamed%20Omar_El-Sheikh_Thesis.pdf.
Full textAbstract:
This thesis considers how an information privacy system can and should develop in Libya. Currently, no information privacy system exists in Libya to protect individuals when their data is processed. This research reviews the main features of privacy law in several key jurisdictions in light of Libya's social, cultural, and economic context. The thesis identifies the basic principles that a Libyan privacy law must consider, including issues of scope, exceptions, principles, remedies, penalties, and the establishment of a legitimate data protection authority. This thesis concludes that Libya should adopt a strong information privacy law framework and highlights some of the considerations that will be relevant for the Libyan legislature.
3
An, Nan. "Protect Data Privacy in E-Healthcare in Sweden." Thesis, Växjö University, School of Mathematics and Systems Engineering, 2007. http://urn.kb.se/resolve?urn=urn:nbn:se:vxu:diva-1619.
Full textAbstract:
Sweden healthcare adopted much ICT (information and communication technology). It is a highly information intensive place. This thesis gives a brief description of the background of healthcare in Sweden and ICT adoption in healthcare, introduces an Information system security model, describes the technology and law about data privacy and carries out a case through questionnaire and interview.
4
Sang, Lin. "Social Big Data and Privacy Awareness." Thesis, Uppsala universitet, Institutionen för informatik och media, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-242444.
Full textAbstract:
Based on the rapid development of Big Data, the data from the online social network becomea major part of it. Big data make the social networks became data-oriented rather than social-oriented. Taking this into account, this dissertation presents a qualitative study to research howdoes the data-oriented social network affect its users’ privacy management for nowadays. Within this dissertation, an overview of Big Data and privacy issues on the social network waspresented as a background study. We adapted the communication privacy theory as a frameworkfor further analysis how individuals manage their privacy on social networks. We study socialnetworks as an entirety in this dissertation. We selected Facebook as a case study to present theconnection between social network, Big Data and privacy issues. The data that supported the result of this dissertation collected by the face-to-face and in-depthinterview study. As consequence, we found that the people divided the social networks intodifferent level of openness in order to avoid the privacy invasions and violations, according totheir privacy concern. They reduced and transferred their sharing from an open social networkto a more close one. However, the risk of privacy problems actually raised because peopleneglected to understand the data process on social networks. They focused on managed theeveryday sharing but too easily allowed other application accessed their personal data on thesocial network (such like the Facebook profile).
5
Zheng, Yao. "Privacy Preservation for Cloud-Based Data Sharing and Data Analytics." Diss., Virginia Tech, 2016. http://hdl.handle.net/10919/73796.
Full textAbstract:
Data privacy is a globally recognized human right for individuals to control the access to their personal information, and bar the negative consequences from the use of this information. As communication technologies progress, the means to protect data privacy must also evolve to address new challenges come into view. Our research goal in this dissertation is to develop privacy protection frameworks and techniques suitable for the emerging cloud-based data services, in particular privacy-preserving algorithms and protocols for the cloud-based data sharing and data analytics services.
Cloud computing has enabled users to store, process, and communicate their personal information through third-party services. It has also raised privacy issues regarding losing control over data, mass harvesting of information, and un-consented disclosure of personal content. Above all, the main concern is the lack of understanding about data privacy in cloud environments. Currently, the cloud service providers either advocate the principle of third-party doctrine and deny users' rights to protect their data stored in the cloud; or rely the notice-and-choice framework and present users with ambiguous, incomprehensible privacy statements without any meaningful privacy guarantee.
In this regard, our research has three main contributions. First, to capture users' privacy expectations in cloud environments, we conceptually divide personal data into two categories, i.e., visible data and invisible data. The visible data refer to information users intentionally create, upload to, and share through the cloud; the invisible data refer to users' information retained in the cloud that is aggregated, analyzed, and repurposed without their knowledge or understanding.
Second, to address users' privacy concerns raised by cloud computing, we propose two privacy protection frameworks, namely individual control and use limitation. The individual control framework emphasizes users' capability to govern the access to the visible data stored in the cloud. The use limitation framework emphasizes users' expectation to remain anonymous when the invisible data are aggregated and analyzed by cloud-based data services.
Finally, we investigate various techniques to accommodate the new privacy protection frameworks, in the context of four cloud-based data services: personal health record sharing, location-based proximity test, link recommendation for social networks, and face tagging in photo management applications. For the first case, we develop a key-based protection technique to enforce fine-grained access control to users' digital health records. For the second case, we develop a key-less protection technique to achieve location-specific user selection. For latter two cases, we develop distributed learning algorithms to prevent large scale data harvesting. We further combine these algorithms with query regulation techniques to achieve user anonymity.
The picture that is emerging from the above works is a bleak one. Regarding to personal data, the reality is we can no longer control them all. As communication technologies evolve, the scope of personal data has expanded beyond local, discrete silos, and integrated into the Internet. The traditional understanding of privacy must be updated to reflect these changes. In addition, because privacy is a particularly nuanced problem that is governed by context, there is no one-size-fit-all solution. While some cases can be salvaged either by cryptography or by other means, in others a rethinking of the trade-offs between utility and privacy appears to be necessary.Ph. D.
6
Sivakumar, Anusha. "Enhancing Privacy Of Data Through Anonymization." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-177349.
Full textAbstract:
A steep rise in availability of personal data has resulted in endless opportunities for data scientists who utilize this open data for research. However, such easy availability of complex personal data challenges privacy of individuals represented in the data. To protect privacy, traditional methods such as using pseudonyms or blurring identity of individuals are followed before releasing data. These traditional methods alone are not sufficient to enhance privacy because combining released data with other publicly available data or background knowledge identifies individuals. A potential solution to this privacy loss problem is to anonymize data so that it cannot be linked to individuals represented in the data. In case of researches involving personal data, anonymization becomes more important than ever. If we alter data to preserve privacy of research participants, the resultant data becomes almost useless for many researches. Therefore, preserving privacy of individuals represented in the data and minimizing data loss caused by privacy preservation is very vital. In this project, we first study the different cases in which attacks take place, different forms of attacks and existing solutions to prevent the attacks. After carefully examining the literature and the undertaken problem, we propose a solution to preserve privacy of research participants as much as possible and to make data useful to the researchers. To support our solution, we consider the case of Digital Footprints which collects and publishes Facebook data with the consent of the users.En kraftig ökning av tillgång på personligt relaterat data, har lett till oändliga möjligheter för dataforskare att utnyttja dessa data för forskning. En konsekvens är att det blir svårt att bevara personers integritet på grund av den enorma mängd uppgifter som är tillgängliga. För att skydda den personliga integriteten finns möjligheten att med traditionella metoder använda pseudonymer och alias, innan personen publicerar personligt data. Att enbart använda dessa traditionella metoder är inte tillräckligt för att skydda privatlivet, det finns alltid möjligheter att koppla data till verkliga individer. En potentiell lösning på detta problem är att använda anonymiseringstekniker, för att förändra data om individen på att anpassat sätt och på det viset försvåra att data sammankopplas med en individ. Vid undersökningar som innehåller personuppgifter blir anonymisering allt viktigare. Om vi försöker att ändra uppgifter för att bevara integriteten av forskningsdeltagare innan data publiceras, blir den resulterande uppgifter nästan oanvändbar för många undersökningar. För att bevara integriteten av individer representerade i underlaget och att minimera dataförlust orsakad av privatlivet bevarande är mycket viktigt. I denna avhandling har vi studerat de olika fall där attackerna kan ske, olika former av attacker och befintliga lösningar för att förhindra attackerna. Efter att noggrant granskat litteraturen och problemet, föreslår vi en teoretisk lösning för att bevara integriteten av forskningsdeltagarna så mycket som möjligt och att uppgifterna ska vara till nytta för forskning. Som stöd för vår lösning, gällande digitala fotspår som lagrar Facebook uppgifter med samtycke av användarna och släpper den lagrade informationen via olika användargränssnitt.
7
Smith, Tanshanika Turner. "Examining Data Privacy Breaches in Healthcare." ScholarWorks, 2016. https://scholarworks.waldenu.edu/dissertations/2623.
Full textAbstract:
Healthcare data can contain sensitive, personal, and confidential information that should remain secure. Despite the efforts to protect patient data, security breaches occur and may result in fraud, identity theft, and other damages. Grounded in the theoretical backdrop of integrated system theory, the purpose of this study was to determine the association between data privacy breaches, data storage locations, business associates, covered entities, and number of individuals affected. Study data consisted of secondary breach information retrieved from the Department of Health and Human Services Office of Civil Rights. Loglinear analytical procedures were used to examine U.S. healthcare breach incidents and to derive a 4-way loglinear model. Loglinear analysis procedures included in the model yielded a significance value of 0.000, p > .05 for the both the likelihood ratio and Pearson chi-square statistics indicating that an association among the variables existed. Results showed that over 70% of breaches involve healthcare providers and revealed that security incidents often consist of electronic or other digital information. Findings revealed that threats are evolving and showed that likely factors other than data loss and theft contribute to security events, unwanted exposure, and breach incidents. Research results may impact social change by providing security professionals with a broader understanding of data breaches required to design and implement more secure and effective information security prevention programs. Healthcare leaders might affect social change by utilizing findings to further the security dialogue needed to minimize security risk factors, protect sensitive healthcare data, and reduce breach mitigation and incident response costs.
8
Katsikouli, Panagiota. "Distributed and privacy preserving algorithms for mobility information processing." Thesis, University of Edinburgh, 2018. http://hdl.handle.net/1842/31110.
Full textAbstract:
Smart-phones, wearables and mobile devices in general are the sensors of our modern world. Their sensing capabilities offer the means to analyze and interpret our behaviour and surroundings. When it comes to human behaviour, perhaps the most informative feature is our location and mobility habits. Insights from human mobility are useful in a number of everyday practical applications, such as the improvement of transportation and road network infrastructure, ride-sharing services, activity recognition, mobile data pre-fetching, analysis of the social behaviour of humans, etc. In this dissertation, we develop algorithms for processing mobility data. The analysis of mobility data is a non trivial task as it involves managing large quantities of location information, usually spread out spatially and temporally across many tracking sensors. An additional challenge in processing mobility information is to publish the data and the results of its analysis without jeopardizing the privacy of the involved individuals or the quality of the data. We look into a series of problems on processing mobility data from individuals and from a population. Our mission is to design algorithms with provable properties that allow for the fast and reliable extraction of insights. We present efficient solutions - in terms of storage and computation requirements - , with a focus on distributed computation, online processing and privacy preservation.
9
Gonçalves, João Miguel Ribeiro. "Context-awareness privacy in data communications." Doctoral thesis, Universidade de Aveiro, 2015. http://hdl.handle.net/10773/15760.
Full textAbstract:
Doutoramento em InformáticaInternet users consume online targeted advertising based on information collected about them and voluntarily share personal information in social networks. Sensor information and data from smart-phones is collected and used by applications, sometimes in unclear ways. As it happens today with smartphones, in the near future sensors will be shipped in all types of connected devices, enabling ubiquitous information gathering from the physical environment, enabling the vision of Ambient Intelligence. The value of gathered data, if not obvious, can be harnessed through data mining techniques and put to use by enabling personalized and tailored services as well as business intelligence practices, fueling the digital economy. However, the ever-expanding information gathering and use undermines the privacy conceptions of the past. Natural social practices of managing privacy in daily relations are overridden by socially-awkward communication tools, service providers struggle with security issues resulting in harmful data leaks, governments use mass surveillance techniques, the incentives of the digital economy threaten consumer privacy, and the advancement of consumergrade data-gathering technology enables new inter-personal abuses. A wide range of fields attempts to address technology-related privacy problems, however they vary immensely in terms of assumptions, scope and approach. Privacy of future use cases is typically handled vertically, instead of building upon previous work that can be re-contextualized, while current privacy problems are typically addressed per type in a more focused way. Because significant effort was required to make sense of the relations and structure of privacy-related work, this thesis attempts to transmit a structured view of it. It is multi-disciplinary - from cryptography to economics, including distributed systems and information theory - and addresses privacy issues of different natures. As existing work is framed and discussed, the contributions to the state-of-theart done in the scope of this thesis are presented. The contributions add to five distinct areas: 1) identity in distributed systems; 2) future context-aware services; 3) event-based context management; 4) low-latency information flow control; 5) high-dimensional dataset anonymity. Finally, having laid out such landscape of the privacy-preserving work, the current and future privacy challenges are discussed, considering not only technical but also socio-economic perspectives.
Quem usa a Internet vê publicidade direccionada com base nos seus hábitos de navegação, e provavelmente partilha voluntariamente informação pessoal em redes sociais. A informação disponível nos novos telemóveis é amplamente acedida e utilizada por aplicações móveis, por vezes sem razões claras para isso. Tal como acontece hoje com os telemóveis, no futuro muitos tipos de dispositivos elecónicos incluirão sensores que permitirão captar dados do ambiente, possibilitando o surgimento de ambientes inteligentes. O valor dos dados captados, se não for óbvio, pode ser derivado através de técnicas de análise de dados e usado para fornecer serviços personalizados e definir estratégias de negócio, fomentando a economia digital. No entanto estas práticas de recolha de informação criam novas questões de privacidade. As práticas naturais de relações inter-pessoais são dificultadas por novos meios de comunicação que não as contemplam, os problemas de segurança de informação sucedem-se, os estados vigiam os seus cidadãos, a economia digital leva á monitorização dos consumidores, e as capacidades de captação e gravação dos novos dispositivos eletrónicos podem ser usadas abusivamente pelos próprios utilizadores contra outras pessoas. Um grande número de áreas científicas focam problemas de privacidade relacionados com tecnologia, no entanto fazem-no de maneiras diferentes e assumindo pontos de partida distintos. A privacidade de novos cenários é tipicamente tratada verticalmente, em vez de re-contextualizar trabalho existente, enquanto os problemas actuais são tratados de uma forma mais focada. Devido a este fraccionamento no trabalho existente, um exercício muito relevante foi a sua estruturação no âmbito desta tese. O trabalho identificado é multi-disciplinar - da criptografia à economia, incluindo sistemas distribuídos e teoria da informação - e trata de problemas de privacidade de naturezas diferentes. À medida que o trabalho existente é apresentado, as contribuições feitas por esta tese são discutidas. Estas enquadram-se em cinco áreas distintas: 1) identidade em sistemas distribuídos; 2) serviços contextualizados; 3) gestão orientada a eventos de informação de contexto; 4) controlo de fluxo de informação com latência baixa; 5) bases de dados de recomendação anónimas. Tendo descrito o trabalho existente em privacidade, os desafios actuais e futuros da privacidade são discutidos considerando também perspectivas socio-económicas.
10
Dayarathna, Rasika. "Discovering Constructs and Dimensions for Information Privacy Metrics." Doctoral thesis, Stockholms universitet, Institutionen för data- och systemvetenskap, 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:su:diva-89336.
Full textAbstract:
Privacy is a fundamental human right. During the last decades, in the information age, information privacy has become one of the most essential aspects of privacy. Information privacy is concerned with protecting personal information pertaining to individuals. Organizations, which frequently process the personal information, and individuals, who are the subjects of the information, have different needs, rights and obligations. Organizations need to utilize personal information as a basis to develop tailored services and products to their customers in order to gain advantage over their competitors. Individuals need assurance from the organizations that their personal information is not changed, disclosed, deleted or misused in any other way. Without this guarantee from the organizations, individuals will be more unwilling to share their personal information. Information privacy metrics is a set of parameters used for the quantitative assessment and benchmark of an organization’s measures to protect personal information. These metrics can be used by organizations to demonstrate, and by individuals to evaluate, the type and level of protection given to personal information. Currently, there are no systematically developed, established or widely used information privacy metrics. Hence, the purpose of this study is to establish a solid foundation for building information privacy metrics by discovering some of the most critical constructs and dimensions of these metrics. The research was conducted within the general research strategy of design science and by applying research methods such as data collection and analysis informed by grounded theory as well as surveys using interviews and questionnaires in Sweden and in Sri Lanka. The result is a conceptual model for information privacy metrics including its basic foundation; the constructs and dimensions of the metrics.At the time of the doctoral defense, the following paper was unpublished and had a status as follows: Paper 6: Accepted.
11
Rohunen, A. (Anna). "Advancing information privacy concerns evaluation in personal data intensive services." Doctoral thesis, Oulun yliopisto, 2019. http://urn.fi/urn:isbn:9789526224688.
Full textAbstract:
Abstract When personal data are collected and utilised to produce personal data intensive services, users of these services are exposed to the possibility of privacy losses. Users’ information privacy concerns may lead to non-adoption of new services and technologies, affecting the quality and the completeness of the collected data. These issues make it challenging to fully reap the benefits brought by the services. The evaluation of information privacy concerns makes it possible to address these concerns in the design and the development of personal data intensive services. This research investigated how privacy concerns evaluations should be developed to make them valid in the evolving data collection contexts. The research was conducted in two phases: employing a mixed-method research design and using a literature review methodology. In Phase 1, two empirical studies were conducted, following a mixed-method exploratory sequential design. In both studies, the data subjects’ privacy behaviour and privacy concerns that were associated with mobility data collection were first explored qualitatively, and quantitative instruments were then developed based on the qualitative results to generalise the findings. Phase 2 was planned to provide an extensive view on privacy behaviour and some possibilities to develop privacy concerns evaluation in new data collection contexts. Phase 2 consisted of two review studies: a systematic literature review of privacy behaviour models and a review of the EU data privacy legislation changes. The results show that in evolving data collection contexts, privacy behaviour and concerns have characteristics that differ from earlier ones. Privacy concerns have aspects specific to these contexts, and their multifaceted nature appears emphasised. Because privacy concerns are related to other privacy behaviour antecedents, it may be reasonable to incorporate some of these antecedents into evaluations. The existing privacy concerns evaluation instruments serve as valid starting points for evaluations in evolving personal data collection contexts. However, these instruments need to be revised and adapted to the new contexts. The development of privacy concerns evaluation may be challenging due to the incoherence of the existing privacy behaviour research. More overarching research is called for to facilitate the application of the existing knowledgeTiivistelmä Kun henkilötietoja kerätään ja hyödynnetään dataintensiivisten palveluiden tuottamiseen, palveluiden käyttäjien tietosuoja saattaa heikentyä. Käyttäjien tietosuojahuolet voivat hidastaa uusien palveluiden ja teknologioiden käyttöönottoa sekä vaikuttaa kerättävän tiedon laatuun ja kattavuuteen. Tämä hankaloittaa palveluiden täysimittaista hyödyntämistä. Tietosuojahuolten arviointi mahdollistaa niiden huomioimisen henkilötietoperusteisten palveluiden suunnittelussa ja kehittämisessä. Tässä tutkimuksessa selvitettiin, kuinka tietosuojahuolten arviointia tulisi kehittää muuttuvissa tiedonkeruuympäristöissä. Kaksivaiheisessa tutkimuksessa toteutettiin aluksi empiirinen monimenetelmällinen tutkimus ja tämän jälkeen systemaattinen kirjallisuustutkimus. Ensimmäisessä vaiheessa tehtiin kaksi empiiristä tutkimusta monimenetelmällisen tutkimuksen tutkivan peräkkäisen asetelman mukaisesti. Näissä tutkimuksissa selvitettiin ensin laadullisin menetelmin tietosuojakäyttäytymistä ja tietosuojahuolia liikkumisen dataa kerättäessä. Laadullisten tulosten pohjalta kehitettiin kvantitatiiviset instrumentit tulosten yleistettävyyden tutkimiseksi. Tutkimuksen toisessa vaiheessa toteutettiin kaksi katsaustyyppistä tutkimusta, jotta saataisiin kattava käsitys tietosuojakäyttäytymisestä sekä mahdollisuuksista kehittää tietosuojahuolten arviointia uusissa tiedonkeruuympäristöissä. Nämä tutkimukset olivat systemaattinen kirjallisuuskatsaus tietosuojakäyttäytymisen malleista sekä katsaus EU:n tietosuojalainsäädännön muutoksista. Tutkimuksen tulokset osoittavat, että kehittyvissä tiedonkeruuympäristöissä tietosuojakäyttäytyminen ja tietosuojahuolet poikkeavat aikaisemmista ympäristöistä. Näissä ympäristöissä esiintyy niille ominaisia tietosuojahuolia ja huolten monitahoisuus korostuu. Koska tietosuojahuolet ovat kytköksissä muihin tietosuojakäyttäytymistä ennustaviin muuttujiin, arviointeihin voi olla aiheellista sisällyttää myös näitä muuttujia. Olemassa olevia tietosuojahuolten arviointi-instrumentteja on perusteltua käyttää arvioinnin lähtökohtana myös kehittyvissä tiedonkeruuympäristöissä, mutta niitä on mukautettava uusiin ympäristöihin soveltuviksi. Arvioinnin kehittäminen voi olla haasteellista, sillä aikaisempi tietosuojatutkimus on epäyhtenäistä. Jotta sitä voidaan soveltaa asianmukaisesti arviointien kehittämisessä, tutkimusta on vietävä kokonaisvaltaisempaan suuntaan
12
Olsson, Mattias. "Klassificeringsalgoritmer vs differential privacy : Effekt på klassificeringsalgoritmer vid användande av numerisk differential privacy." Thesis, Högskolan i Skövde, Institutionen för informationsteknologi, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-15680.
Full textAbstract:
Data mining är ett samlingsnamn för ett antal tekniker som används för att analysera datamängder och finna mönster, exempelvis genom klassificering. Anonymisering innefattar en rad tekniker för att skydda den personliga integriteten. Den här studien undersöker hur stor påverkansgrad anonymisering med tekniken differential privacy har på möjligheten att klassificera en datamängd. Genom ett experiment undersöks ett antal magnituder av anonymisering och vilken effekt de har på möjligheten att klassificera data. Klassificering av den anonymiserade datamängden jämförs mot klassificering av den råa datamängden. Liknande studier har genomförts med k-anonymitet som anonymiseringsteknik där möjligheten att klassificera förbättrades genom generalisering. Resultatet från den här studien å andra sidan visar att möjligheten att klassificera sjunker något, vilket beror på att differential privacy sprider ut informationen i datamängden över ett bredare spektrum. Detta försvårar generellt för klassificeringsalgoritmerna att hitta karakteriserande mönster i datamängden och de lyckas därmed inte få lika hög grad av korrekt klassificering.
13
Mao, Congcong. "Privacy Issues in IoT : Privacy concerns in smart home." Thesis, Linnéuniversitetet, Institutionen för informatik (IK), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-90587.
Full textAbstract:
In a world of the Internet of Things, smart home has shown a great potency and trend. A smart home is a convenient home setup where appliances and devices can be automatically controlled remotely from any internet-connected place in the world using a mobile or other networked device. Smart home has changed the way the residents interacted with their home and realised more convenience. Although this technology also has positive impact on saving energy and resources, privacy issues in it have shown to one of the biggest obstacles to the adaption of this technology. The purpose of this thesis is to study smart home users’ perceptions of smart homes and their privacy awareness and concerns. The research was conducted through interviews and followed an interpretive research paradigm and a qualitative research approach. In this study, 5 smart home owners were interviewed to investigate their reasons for purchasing IoT devices, their perceptions of smart home privacy risks, and actions to protect their privacy, as well as managing IoT devices and/or its data. The research results show that there are privacy risks existing in smart homes. Consumers’ privacy data is collected secretly, which needs to be controlled, and privacy issues have to be addressed in the near future for the smart home to be fully adopted by the society.
14
Mivule, Kato. "An investigation of data privacy and utility using machine learning as a gauge." Thesis, Bowie State University, 2014. http://pqdtopen.proquest.com/#viewpdf?dispub=3619387.
Full textAbstract:
The purpose of this investigation is to study and pursue a user-defined approach in preserving data privacy while maintaining an acceptable level of data utility using machine learning classification techniques as a gauge in the generation of synthetic data sets. This dissertation will deal with data privacy, data utility, machine learning classification, and the generation of synthetic data sets. Hence, data privacy and utility preservation using machine learning classification as a gauge is the central focus of this study. Many organizations that transact in large amounts of data have to comply with state, federal, and international laws to guarantee that the privacy of individuals and other sensitive data is not compromised. Yet at some point during the data privacy process, data loses its utility - a measure of how useful a privatized dataset is to the user of that dataset. Data privacy researchers have documented that attaining an optimal balance between data privacy and utility is an NP-hard challenge, thus an intractable problem. Therefore we propose the classification error gauge (x-CEG) approach, a data utility quantification concept that employs machine learning classification techniques to gauge data utility based on the classification error. In the initial phase of this proposed approach, a data privacy algorithm such as differential privacy, Gaussian noise addition, generalization, and or k-anonymity is applied on a dataset for confidentiality, generating a privatized synthetic data set. The privatized synthetic data set is then passed through a machine learning classifier, after which the classification error is measured. If the classification error is lower or equal to a set threshold, then better utility might be achieved, otherwise, adjustment to the data privacy parameters is made and then the refined synthetic data set is sent to the machine learning classifier; the process repeats until the error threshold is reached. Additionally, this study presents the Comparative x-CEG concept, in which a privatized synthetic data set is passed through a series of classifiers, each of which returns a classification error, and the classifier with the lowest classification error is chosen after parameter adjustments, an indication of better data utility. Preliminary results from this investigation show that fine-tuning parameters in data privacy procedures, for example in the case of differential privacy, and increasing weak learners in the ensemble classifier for instance, might lead to lower classification error, thus better utility. Furthermore, this study explores the application of this approach by employing signal processing techniques in the generation of privatized synthetic data sets and improving data utility. This dissertation presents theoretical and empirical work examining various data privacy and utility methodologies using machine learning classification as a gauge. Similarly this study presents a resourceful approach in the generation of privatized synthetic data sets, and an innovative conceptual framework for the data privacy engineering process.
15
Spiekermann-Hoff, Sarah, and Alexander Novotny. "A vision for global privacy bridges: Technical and legal measures for international data markets." Elsevier, 2015. http://dx.doi.org/10.1016/j.clsr.2015.01.009.
Full textAbstract:
From the early days of the information economy, personal data has been its most valuable asset. Despite data protection laws and an acknowledged right to privacy, trading personal information has become a business equated with "trading oil". Most of this business is done without the knowledge and active informed consent of the people. But as data breaches and abuses are made public through the media, consumers react. They become irritated about companies' data handling practices, lose trust, exercise political pressure and start to protect their privacy with the help of technical tools. As a result, companies' Internet business models that are based on personal data are unsettled. An open conflict is arising between business demands for data and a desire for privacy. As of 2015 no true answer is in sight of how to resolve this conflict. Technologists, economists and regulators are struggling to develop technical solutions and policies that meet businesses' demand for more data while still maintaining privacy. Yet, most of the proposed solutions fail to account for market complexity and provide no pathway to technological and legal implementation. They lack a bigger vision for data use and privacy. To break this vicious cycle, we propose and test such a vision of a personal information market with privacy. We accumulate technical and legal measures that have been proposed by technical and legal scholars over the past two decades. And out of this existing knowledge, we compose something new: a four-space market model for personal data.
16
Ruiz, Nicolas. "Toward a universal privacy and information-preserving framework for individual data exchange." Doctoral thesis, Universitat Rovira i Virgili, 2019. http://hdl.handle.net/10803/666489.
Full textAbstract:
Data on individual subjects, which are increasingly gathered and exchanged, provide a rich amount of information that can inform statistical and policy analysis in a meaningful way. However, due to the legal obligations surrounding such data, this wealth of information is often not fully exploited in order to protect the confidentiality of respondents. The issue is thus the following: how to ensure a sufficient level of data protection to meet releasers’ concerns in terms of legal and ethical requirements, while still offering users a reasonable level of information. This question has raised a range concerns about the privacy/information trade-off and has driven a quest for best practices that can be both useful to users but also respectful of individuals’ privacy. Statistical disclosure control research has historically provided the analytical apparatus through which the privacy/information trade-off can be assessed and implemented. In recent years, the literature has burgeoned in many directions. In particular, techniques applicable to micro data offer a wide variety of tools to protect the confidentiality of respondents while maximizing the information content of the data released, for the benefit of society at large. Such diversity is undoubtedly useful but has several major drawbacks. In fact, there is currently a clear lack of agreement and clarity as to the appropriate choice of tools in a given context, and as a consequence, there is no comprehensive view (or at best an incomplete one) of the relative performances of the techniques available. The practical scope of current micro data protection methods is not fully exploited precisely because there is no overarching framework: all methods generally carry their own analytical environment, underlying approaches and definitions of privacy and information. Moreover, the evaluation of utility and privacy for each method is metric and data-dependent, meaning that comparisons across different methods and datasets is a daunting task.
Against this backdrop, this thesis focuses on establishing some common grounds for individual data anonymization by developing a new, universal approach. Recent contributions to the literature point to the fact that permutations happen to be the essential principle upon which individual data anonymization can be based. In this thesis, we demonstrate that this principle allows for the proposal of a universal analytical environment for data anonymization.
The first contribution of this thesis takes an ex-post approach by proposing some universal measures of disclosure risk and information loss that can be computed in a simple fashion and used for the evaluation of any anonymization method, independently of the context under which they operate. In particular, they exhibit distributional independence. These measures establish a common language for comparing different mechanisms, all with potentially varying parametrizations applied to the same data set or to different data sets.
The second contribution of this thesis takes an ex-ante approach by developing a new approach to data anonymization. Bringing data anonymization closer to cryptography, it formulates a general cipher based on permutation keys which appears to be equivalent to a general form of rank swapping. Beyond all the existing methods that this cipher can universally reproduce, it also offers a new way to practice data anonymization based on the ex-ante exploration of different permutation structures. The subsequent study of the cipher’s properties additionally reveals new insights as to the nature of the task of anonymization taken at a general level of functioning.
The final two contributions of this thesis aim at exploring two specific areas using the above results. The first area is longitudinal data anonymization. Despite the fact that the SDC literature offers a wide variety of tools suited to different contexts and data types, there have been very few attempts to deal with the challenges posed by longitudinal data. This thesis thus develops a general framework and some associated metrics of disclosure risk and information loss, tailored to the specific challenges posed by longitudinal data anonymization. Notably, it builds on a permutation approach where the effect of time on time-variant attributes can be seen as an anonymization method that can be captured by temporal permutations.
The second area considered is synthetic data. By challenging the information and privacy guarantees of synthetic data, it is shown that any synthetic data set can always be expressed as a permutation of the original data, in a way similar to non-synthetic SDC techniques. In fact, releasing synthetic data sets with the same privacy properties but with an improved level of information appears to be invariably possible as the marginal distributions can always be preserved without increasing risk. On the privacy front, this leads to the consequence that the distinction drawn in the literature between non-synthetic and synthetic data is not so clear-cut. Indeed, it is shown that the practice of releasing several synthetic data sets for a single original data set entails privacy issues that do not arise in non-synthetic anonymization.
17
Liu, Lian. "PRIVACY PRESERVING DATA MINING FOR NUMERICAL MATRICES, SOCIAL NETWORKS, AND BIG DATA." UKnowledge, 2015. http://uknowledge.uky.edu/cs_etds/31.
Full textAbstract:
Motivated by increasing public awareness of possible abuse of confidential information, which is considered as a significant hindrance to the development of e-society, medical and financial markets, a privacy preserving data mining framework is presented so that data owners can carefully process data in order to preserve confidential information and guarantee information functionality within an acceptable boundary.
First, among many privacy-preserving methodologies, as a group of popular techniques for achieving a balance between data utility and information privacy, a class of data perturbation methods add a noise signal, following a statistical distribution, to an original numerical matrix. With the help of analysis in eigenspace of perturbed data, the potential privacy vulnerability of a popular data perturbation is analyzed in the presence of very little information leakage in privacy-preserving databases. The vulnerability to very little data leakage is theoretically proved and experimentally illustrated.
Second, in addition to numerical matrices, social networks have played a critical role in modern e-society. Security and privacy in social networks receive a lot of attention because of recent security scandals among some popular social network service providers. So, the need to protect confidential information from being disclosed motivates us to develop multiple privacy-preserving techniques for social networks.
Affinities (or weights) attached to edges are private and can lead to personal security leakage. To protect privacy of social networks, several algorithms are proposed, including Gaussian perturbation, greedy algorithm, and probability random walking algorithm. They can quickly modify original data in a large-scale situation, to satisfy different privacy requirements.
Third, the era of big data is approaching on the horizon in the industrial arena and academia, as the quantity of collected data is increasing in an exponential fashion. Three issues are studied in the age of big data with privacy preservation, obtaining a high confidence about accuracy of any specific differentially private queries, speedily and accurately updating a private summary of a binary stream with I/O-awareness, and launching a mutual private information retrieval for big data. All three issues are handled by two core backbones, differential privacy and the Chernoff Bound.
18
Awwal, Mohammad Abdul. "An Empirical Investigation of the Relationship between Computer Self-Efficacy and Information Privacy Concerns." NSUWorks, 2011. http://nsuworks.nova.edu/gscis_etd/82.
Full textAbstract:
The Internet and the growth of Information Technology (IT) and their enhanced capabilities to collect personal information have given rise to many privacy issues. Unauthorized access of personal information may result in identity theft, stalking, harassment, and other invasions of privacy. Information privacy concerns are impediments to broad-scale adoption of the Internet for purchasing decisions. Computer self-efficacy has been shown to be an effective predictor of behavioral intention and a critical determinant of intention to use Information Technology. This study investigated the relationship between an individual's computer self-efficacy and information privacy concerns; and also examined the differences among different age groups and between genders regarding information privacy concerns and their relationships with computer self-efficacy.
A paper-based survey was designed to empirically assess computer self-efficacy and information privacy concerns. The survey was developed by combining existing validated scales for computer self-efficacy and information privacy concerns. The target population of this study was the residents of New Jersey, U.S.A. The assessment was done by using the mall-intercept approach in which individuals were asked to fill out the survey. The sample size for this study was 400 students, professionals, and mature adults.
The Shapiro-Wilk test was used for testing data normality and the Spearman rank-order test was used for correlation analyses. MANOVA test was used for comparing mean values of computer self-efficacy and information privacy concerns between genders and among age groups. The results showed that the correlation between computer self-efficacy and information privacy concerns was significant and positive; and there were differences between genders and among age groups regarding information privacy concerns and their relationships with computer self-efficacy.
This study contributed to the body of knowledge about the relationships among antecedents and consequences of information privacy concerns and computer self-efficacy. The findings of this study can help corporations to improve e-commerce by targeting privacy policy-making efforts to address the explicit areas of consumer privacy concerns. The results of this study can also help IT practitioners to develop privacy protection tools and processes to address specific consumer privacy concerns.
19
Balan, Khalil. "User perspective of privacy and surveillance on social networks." Thesis, Linnéuniversitetet, Institutionen för informatik (IK), 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-63876.
Full textAbstract:
Social networks have integrated into people’s daily lives and they became a powerful medium for effective marketing and communication worldwide. Problem raise when governments and special agencies violate users’ information privacy under the pretext of protecting national security or something as, furthermore, when information became the source of income for social networks it became necessary to investigate users concerns about informational privacy on social platforms, if there are. The main purpose of the thesis is to understand what level of privacy awareness users on social networks have and how much relevant knowledge about surveillance on social networks they recognize. Moreover, the thesis aims to present users’ opinion about surveillance on Facebook and if they accept to be surveyed in certain scenarios. As results, the study has identified ambiguity in Facebook terms and data policy, while there has been clarity that Facebook applies massive surveillance in terms of data collection on all users on the network. 71% of the participants had concerns about their privacy on social networks, two-thirds of the participants didn’t read Facebook terms and 76% did believe that social networks sell users information for own benefits. The majority of the interview participants showed lack of knowledge about data collection on social networks, and didn’t know if governments do surveillance on social platforms or not. However, 37% of the survey participants claimed that they have nothing to hide and governments can look into their activities online, and almost similar percentage supported such an action. Further, most of the interview participants protect their informational privacy on social networks by having good privacy settings, controlling who have access to certain posts or managing friends list. However, 1/3 of the participants who had good privacy settings didn’t know all their friends on FB. Through personal observations on data analysis and literature review, I concluded the thesis with some suggestions of possible approaches to enhance information privacy, these recommendations present my own thoughts and weren’t derived in academic way rather personal notes during the thesis study.
20
Basciftci, Yuksel O. Basciftci. "Private and Secure Data Communication: Information Theoretic Approach." The Ohio State University, 2016. http://rave.ohiolink.edu/etdc/view?acc_num=osu1469137249.
Full text
21
Bauer, David Allen. "Preserving privacy with user-controlled sharing of verified information." Diss., Atlanta, Ga. : Georgia Institute of Technology, 2009. http://hdl.handle.net/1853/31676.
Full textAbstract:
Thesis (Ph.D)--Electrical and Computer Engineering, Georgia Institute of Technology, 2010.Committee Chair: Blough, Douglas; Committee Member: Ahamad, Mustaque; Committee Member: Liu, Ling; Committee Member: Riley, George; Committee Member: Yalamanchili, Sudha. Part of the SMARTech Electronic Thesis and Dissertation Collection.
22
Burdon, Mark. "The conceptual and operational compatibility of data breach notification and information privacy laws." Thesis, Queensland University of Technology, 2011. https://eprints.qut.edu.au/47512/1/Mark_Burdon_Thesis.pdf.
Full textAbstract:
Mandatory data breach notification laws are a novel and potentially important legal instrument regarding organisational protection of personal information. These laws require organisations that have suffered a data breach involving personal information to notify those persons that may be affected, and potentially government authorities, about the breach. The Australian Law Reform Commission (ALRC) has proposed the creation of a mandatory data breach notification scheme, implemented via amendments to the Privacy Act 1988 (Cth). However, the conceptual differences between data breach notification law and information privacy law are such that it is questionable whether a data breach notification scheme can be solely implemented via an information privacy law. Accordingly, this thesis by publications investigated, through six journal articles, the extent to which data breach notification law was conceptually and operationally compatible with information privacy law. The assessment of compatibility began with the identification of key issues related to data breach notification law. The first article, Stakeholder Perspectives Regarding the Mandatory Notification of Australian Data Breaches started this stage of the research which concluded in the second article, The Mandatory Notification of Data Breaches: Issues Arising for Australian and EU Legal Developments (‘Mandatory Notification‘). A key issue that emerged was whether data breach notification was itself an information privacy issue. This notion guided the remaining research and focused attention towards the next stage of research, an examination of the conceptual and operational foundations of both laws. The second article, Mandatory Notification and the third article, Encryption Safe Harbours and Data Breach Notification Laws did so from the perspective of data breach notification law. The fourth article, The Conceptual Basis of Personal Information in Australian Privacy Law and the fifth article, Privacy Invasive Geo-Mashups: Privacy 2.0 and the Limits of First Generation Information Privacy Laws did so for information privacy law. The final article, Contextualizing the Tensions and Weaknesses of Information Privacy and Data Breach Notification Laws synthesised previous research findings within the framework of contextualisation, principally developed by Nissenbaum. The examination of conceptual and operational foundations revealed tensions between both laws and shared weaknesses within both laws. First, the distinction between sectoral and comprehensive information privacy legal regimes was important as it shaped the development of US data breach notification laws and their subsequent implementable scope in other jurisdictions. Second, the sectoral versus comprehensive distinction produced different emphases in relation to data breach notification thus leading to different forms of remedy. The prime example is the distinction between market-based initiatives found in US data breach notification laws compared to rights-based protections found in the EU and Australia. Third, both laws are predicated on the regulation of personal information exchange processes even though both laws regulate this process from different perspectives, namely, a context independent or context dependent approach. Fourth, both laws have limited notions of harm that is further constrained by restrictive accountability frameworks. The findings of the research suggest that data breach notification is more compatible with information privacy law in some respects than others. Apparent compatibilities clearly exist as both laws have an interest in the protection of personal information. However, this thesis revealed that ostensible similarities are founded on some significant differences. Data breach notification law is either a comprehensive facet to a sectoral approach or a sectoral adjunct to a comprehensive regime. However, whilst there are fundamental differences between both laws they are not so great to make them incompatible with each other. The similarities between both laws are sufficient to forge compatibilities but it is likely that the distinctions between them will produce anomalies particularly if both laws are applied from a perspective that negates contextualisation.
23
Batistic, Kristina. "Privacy in Smart Parking." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-272998.
Full textAbstract:
The master thesis project will analyze the smart parking solution used in Frederiksberg municipality, focusing on privacy aspects in different data use cases. The current use case will be analyzed with the focus on its privacy aspects. Frederiksberg municipality is using a camera mounted on a car that records parked cars to check whether parking fee has been paid or not. The system recognizes the license plate out of the picture and checks in the system whether the parking for that license plate has been paid or not if it has not been paid it notifies the parking guard to go to the parked car and hand out a parking ticket. Since the license plate is considered personal data, this system has to follow the legal and other obligations for the handling of personal data, i.e., the new European General Data Protection Regulation. Frederiksberg municipality is also considering using data for secondary purposes, such as parking statistics, input for future regulation, analysis to improve the parking system or even making the data public. This thesis will analyze possible secondary use cases and their privacy impacts and recomn measures. The goal is to protect citizens privacy while providing with the best possible service.Examensarbetet kommer att analysera den smarta parkeringslösningen som används i Frederiksbergs kommun med fokus på sekretessaspekter i olika fall för dataanvändning. Det aktuella användningsfallet kommer att analyseras med fokus på dess integritetsaspekter. Frederiksberg kommun använder en kamera monterad på en bil som registrerar parkerade bilar för att kontrollera om parkeringsavgiften har betalats eller inte. Systemet känner igen registreringsskylten ur bilden och kontrollerar i systemet om parkeringen för den typskylten har betalats eller inte om den inte har betalats, meddelar parkeringsvakten att gå till den parkerade bilen och dela ut en parkeringsbiljett. Eftersom licensskylten betraktas som personuppgifter måste detta system följa de lagliga och andra skyldigheterna för hantering av personuppgifter, dvs. den nya förordningen om europeisk allmän dataskydd. Frederiksberg kommun överväger också att använda data för sekundära ändamål, som parkeringsstatistik, input för framtida reglering, analys för att förbättra parkeringssystemet eller till och med offentliggöra uppgifterna. Denna avhandling kommer att analysera eventuella fall av sekundär användning och deras inverkan på sekretess och rekommendera skyddsåtgärder. Målet skydda medborgarnas integritet samtidigt som de ger bästa möjliga service.
24
Kartaev, Timur. "Assessment of Privacy-preserving Computation Techniques for Marketing Analytics." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-280884.
Full textAbstract:
Nowadays, a large number of services require personal information for analy- sis, which brings privacy concerns. Notably, the marketing departments strive for detailed personal information for a more personalized advertising expe- rience. The data anonymization helps preserve the privacy of the individ- ual while still providing to the marketing department the users’ information. Moreover, the anonymization process should be optimized to find a balance be- tween utility and privacy of the dataset. Additionally, the latest data processing regulation, especially GDPR law, makes data anonymization even more rele- vant today. This thesis focuses on the assessment of different anonymization models in the context of marketing analytics. It assesses the three most com- mon privacy models: k-anonymity, l-diversity, and t-closeness. In the context of marketing analytics, the task is to predict the marketing channel’s revenue using in-app purchases. First, the models are used to anonymize users’ pur- chases. Second, based on anonymized purchases, the future trend of users purchases of the particular marketing channel is predicted. The results show that there is always a trade-off between utility and privacy when anonymiz- ing data. Primarily, t-closeness provides the highest privacy. However, the anonymized data using the t-closeness has an entirely different pattern of pur- chases than actual data. On the other hand, the k-anonymity model, when applied to purchases dataset, gives the lowest information loss and the lowest privacy. Finally, to sum up, the l-diversity is the most suitable for following GDPR constraints when anonymizing users’ purchases data and for predictions based on anonymized data. Keywords: privacy, marketing, anonymization, prediction, disclosure risk, LTVFör närvarande kräver ett stort antal tjänster personlig information för ana- lys, vilket orsakar integritetsproblem. I synnerhet strävar marknadsavdelning- arna efter detaljerad personlig information för en mer personlig reklamupp- levelse. Dataanonimiseringen hjälper till att bevara den enskildes integritet medan den fortfarande tillhandahåller marknadsavdelningen användarnas in- formation. Dessutom bör anonymiseringsprocessen optimeras för att hitta en balans mellan datasystemets verktyg och integritet. Dessutom gör den senaste databehandlingsregleringen, särskilt GDPR-lagen, anonymisering av data än- nu mer relevant i dag. Denna avhandling fokuserar på bedömningen av olika anonymiseringsmodeller i samband med marknadsanalys. Den utvärderar de tre vanligaste sekretessmodellerna: k-anonymitet, l-mångfald och t-närhet. In- om ramen för marknadsanalys är uppgiften att förutsäga marknadsföringska- nalens intäkter med köp i appen. Först används modellerna för att anonymisera användarnas köp. För det andra, baserat på anonymiserade inköp, förutsägas den framtida trenden för användarköp av den specifika marknadsföringskana- len. Resultaten visar att det alltid finns en avvägning mellan verktyg och sek- retess vid anonymisering av data. I första hand ger t-närhet högsta integritet. Emellertid har de anonymiserade uppgifterna med t-närheten ett helt annat in- köpsmönster än faktiska uppgifter. Å andra sidan ger k-anonymitetsmodellen den lägsta informationsförlusten och den lägsta sekretess när den tillämpas på inköpsdatasats. Slutligen, för att sammanfatta, är l-mångfalden den mest lämpade för att följa GDPR-begränsningar när anonymisering av användares inköpsdata och för förutsägelser baserade på anonymiserad data.
25
Wang, Xiwei. "Data Privacy Preservation in Collaborative Filtering Based Recommender Systems." UKnowledge, 2015. http://uknowledge.uky.edu/cs_etds/35.
Full textAbstract:
This dissertation studies data privacy preservation in collaborative filtering based recommender systems and proposes several collaborative filtering models that aim at preserving user privacy from different perspectives.
The empirical study on multiple classical recommendation algorithms presents the basic idea of the models and explores their performance on real world datasets. The algorithms that are investigated in this study include a popularity based model, an item similarity based model, a singular value decomposition based model, and a bipartite graph model. Top-N recommendations are evaluated to examine the prediction accuracy.
It is apparent that with more customers' preference data, recommender systems can better profile customers' shopping patterns which in turn produces product recommendations with higher accuracy. The precautions should be taken to address the privacy issues that arise during data sharing between two vendors. Study shows that matrix factorization techniques are ideal choices for data privacy preservation by their nature. In this dissertation, singular value decomposition (SVD) and nonnegative matrix factorization (NMF) are adopted as the fundamental techniques for collaborative filtering to make privacy-preserving recommendations. The proposed SVD based model utilizes missing value imputation, randomization technique, and the truncated SVD to perturb the raw rating data. The NMF based models, namely iAux-NMF and iCluster-NMF, take into account the auxiliary information of users and items to help missing value imputation and privacy preservation. Additionally, these models support efficient incremental data update as well.
A good number of online vendors allow people to leave their feedback on products. It is considered as users' public preferences. However, due to the connections between users' public and private preferences, if a recommender system fails to distinguish real customers from attackers, the private preferences of real customers can be exposed. This dissertation addresses an attack model in which an attacker holds real customers' partial ratings and tries to obtain their private preferences by cheating recommender systems. To resolve this problem, trustworthiness information is incorporated into NMF based collaborative filtering techniques to detect the attackers and make reasonably different recommendations to the normal users and the attackers. By doing so, users' private preferences can be effectively protected.
26
Miracle, Jacob M. "De-Anonymization Attack Anatomy and Analysis of Ohio Nursing Workforce Data Anonymization." Wright State University / OhioLINK, 2016. http://rave.ohiolink.edu/etdc/view?acc_num=wright1482825210051101.
Full text
27
Rodhe, Ioana. "Secure and Privacy-Aware Data Collection in Wireless Sensor Networks." Doctoral thesis, Uppsala universitet, Avdelningen för datorteknik, 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-180087.
Full textAbstract:
A wireless sensor network is a collection of numerous sensors distributed on an area of interest to collect and process data from the environment. One particular threat in wireless sensor networks is node compromise attacks, that is, attacks where the adversary gets physical access to a node and to the programs and keying material stored on it. Only authorized queries should be allowed in the network and the integrity and confidentiality of the data that is being collected should be protected. We propose a layered key distribution scheme together with two protocols for query authentication and confidential data aggregation. The layered key distribution is more robust to node and communication failures than a predefined tree structure. The protocols are secure under the assumption that less than n sensor nodes are compromised. n is a design parameter that allows us to trade off security for overhead. When more than n sensor nodes are compromised, our simulations show that the attacker can only introduce unauthorized queries into a limited part of the network and can only get access to a small part of the data that is aggregated in the network. Considering the data collection protocol we also contribute with strategies to reduce the energy consumption of an integrity preserving in-network aggregation scheme to a level below the energy consumption of a non-aggregation scheme. Our improvements reduce node congestion by a factor of three and the total communication load by 30%. Location privacy of the users carrying mobile devices is another aspect considered in this thesis. Considering a mobile sink that collects data from the network, we propose a strategy for data collection that requires no information about the location and movement pattern of the sink. We show that it is possible to provide data collection services, while protecting the location privacy of the sink. When mobile phones with built-in sensors are used as sensor nodes, location information about where the data has been sensed can be used to trace users and infer other personal information about them, like state of health or personal preferences. Therefore, location privacy preserving mechanisms have been proposed to provide location privacy to the users. We investigate how a location privacy preserving mechanism influences the quality of the collected data and consider strategies to reconstruct the data distribution without compromising location privacy.WISENET
28
Söderqvist, Mikael. "Privacy concerns in Ambient Assisted Living systems for home environments." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-252700.
Full textAbstract:
By 2060 it is estimated that 30% of the European population will be 60 years or older. An aging society will put a heavy strain on the healthcare system. To mitigate this strain and enable elderly to live autonomously in their homes the AAL program was formed. With healthcare and health monitoring systems operating in home environments questions regarding privacy and security should be among the top priorities. The aim with this systematic literature study is to identify common privacy concerns, analyze and map them to areas within the field of computer science. 1000 studies were reviewed and passed through a three step inclusion process. Leading to 30 included studies representing different research fields and user surveys. Included studies were categorized regarding privacy concerns and ended up as 18 vagueand 12 strong concerns and 8 solutions. Most common privacy concern among users were the unspecified privacy concern which might be a hindrance for acceptance of AAL systems in home environments. Other significant findings include the need for further research in representing data flow for users, user consent gathering and privacy vs. usability trade-offs.Till år 2060 är det uppskattat att 30% av den europeiska befolkningen kommer vara 60 år eller äldre. En åldrande befolkning kommer ge en högre belastningen på sjukvård och hemvård. För att minska belastningen och för att möjliggöra ett förlängt självständigt liv hos äldre i eget hem togs AAL-programmet fram. Med sjukvård och sjukvårds övervakning i hemmet ökar också frågeställningar kring den privata sfären och säkerhet, något som bör ha högsta prioritet. Målet med denna systematiska litteraturstudie är att identifiera de främst förekommande orsakerna till oro för påverkan av den privata sfären. I denna studie genomgick 1000 studier en trestegs inkluderingsprocess. Detta ledde fram till 30 inkluderade studier som representerar olika forskningsområden samt användarundersökningar. De inkluderade studierna kategoriseras enligt tre kategorier i relation till hur de tog upp orosområden inom privacy. Kategoriseringen fann 18 abstrakta orosområden, 12 starka orosområden och 8 lösningar till orosområden. Främst förekommande orosområden för användare var den abstrakta oron vilket kan vara ett hinder för adaptionen av AAL-system i hemmiljöer. Andra intressanta resultat inkluderar fortsatta forskningsområden såsom dataflödesrepresentation för användare, samtyckesinsamling samt avvägning mellan integritet och information.
29
Iwaya, Leonardo H. "Secure and Privacy-aware Data Collection and Processing in Mobile Health Systems." Licentiate thesis, Karlstads universitet, Institutionen för matematik och datavetenskap (from 2013), 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-46982.
Full textAbstract:
Healthcare systems have assimilated information and communication technologies in order to improve the quality of healthcare and patient's experience at reduced costs. The increasing digitalization of people's health information raises however new threats regarding information security and privacy. Accidental or deliberate data breaches of health data may lead to societal pressures, embarrassment and discrimination. Information security and privacy are paramount to achieve high quality healthcare services, and further, to not harm individuals when providing care. With that in mind, we give special attention to the category of Mobile Health (mHealth) systems. That is, the use of mobile devices (e.g., mobile phones, sensors, PDAs) to support medical and public health. Such systems, have been particularly successful in developing countries, taking advantage of the flourishing mobile market and the need to expand the coverage of primary healthcare programs. Many mHealth initiatives, however, fail to address security and privacy issues. This, coupled with the lack of specific legislation for privacy and data protection in these countries, increases the risk of harm to individuals. The overall objective of this thesis is to enhance knowledge regarding the design of security and privacy technologies for mHealth systems. In particular, we deal with mHealth Data Collection Systems (MDCSs), which consists of mobile devices for collecting and reporting health-related data, replacing paper-based approaches for health surveys and surveillance. This thesis consists of publications contributing to mHealth security and privacy in various ways: with a comprehensive literature review about mHealth in Brazil; with the design of a security framework for MDCSs (SecourHealth); with the design of a MDCS (GeoHealth); with the design of Privacy Impact Assessment template for MDCSs; and with the study of ontology-based obfuscation and anonymisation functions for health data.Information security and privacy are paramount to achieve high quality healthcare services, and further, to not harm individuals when providing care. With that in mind, we give special attention to the category of Mobile Health (mHealth) systems. That is, the use of mobile devices (e.g., mobile phones, sensors, PDAs) to support medical and public health. Such systems, have been particularly successful in developing countries, taking advantage of the flourishing mobile market and the need to expand the coverage of primary healthcare programs. Many mHealth initiatives, however, fail to address security and privacy issues. This, coupled with the lack of specific legislation for privacy and data protection in these countries, increases the risk of harm to individuals. The overall objective of this thesis is to enhance knowledge regarding the design of security and privacy technologies for mHealth systems. In particular, we deal with mHealth Data Collection Systems (MDCSs), which consists of mobile devices for collecting and reporting health-related data, replacing paper-based approaches for health surveys and surveillance.
30
Mittal, Nupur. "Data, learning and privacy in recommendation systems." Thesis, Rennes 1, 2016. http://www.theses.fr/2016REN1S084/document.
Full textAbstract:
Les systèmes de recommandation sont devenus une partie indispensable des services et des applications d’internet, en particulier dû à la surcharge de données provenant de nombreuses sources. Quel que soit le type, chaque système de recommandation a des défis fondamentaux à traiter. Dans ce travail, nous identifions trois défis communs, rencontrés par tous les types de systèmes de recommandation: les données, les modèles d'apprentissage et la protection de la vie privée. Nous élaborons différents problèmes qui peuvent être créés par des données inappropriées en mettant l'accent sur sa qualité et sa quantité. De plus, nous mettons en évidence l'importance des réseaux sociaux dans la mise à disposition publique de systèmes de recommandation contenant des données sur ses utilisateurs, afin d'améliorer la qualité des recommandations. Nous fournissons également les capacités d'inférence de données publiques liées à des données relatives aux utilisateurs. Dans notre travail, nous exploitons cette capacité à améliorer la qualité des recommandations, mais nous soutenons également qu'il en résulte des menaces d'atteinte à la vie privée des utilisateurs sur la base de leurs informations. Pour notre second défi, nous proposons une nouvelle version de la méthode des k plus proches voisins (knn, de l'anglais k-nearest neighbors), qui est une des méthodes d'apprentissage parmi les plus populaires pour les systèmes de recommandation. Notre solution, conçue pour exploiter la nature bipartie des ensembles de données utilisateur-élément, est évolutive, rapide et efficace pour la construction d'un graphe knn et tire sa motivation de la grande quantité de ressources utilisées par des calculs de similarité dans les calculs de knn. Notre algorithme KIFF utilise des expériences sur des jeux de données réelles provenant de divers domaines, pour démontrer sa rapidité et son efficacité lorsqu'il est comparé à des approches issues de l'état de l'art. Pour notre dernière contribution, nous fournissons un mécanisme permettant aux utilisateurs de dissimuler leur opinion sur des réseaux sociaux sans pour autant dissimuler leur identitéRecommendation systems have gained tremendous popularity, both in academia and industry. They have evolved into many different varieties depending mostly on the techniques and ideas used in their implementation. This categorization also marks the boundary of their application domain. Regardless of the types of recommendation systems, they are complex and multi-disciplinary in nature, involving subjects like information retrieval, data cleansing and preprocessing, data mining etc. In our work, we identify three different challenges (among many possible) involved in the process of making recommendations and provide their solutions. We elaborate the challenges involved in obtaining user-demographic data, and processing it, to render it useful for making recommendations. The focus here is to make use of Online Social Networks to access publicly available user data, to help the recommendation systems. Using user-demographic data for the purpose of improving the personalized recommendations, has many other advantages, like dealing with the famous cold-start problem. It is also one of the founding pillars of hybrid recommendation systems. With the help of this work, we underline the importance of user’s publicly available information like tweets, posts, votes etc. to infer more private details about her. As the second challenge, we aim at improving the learning process of recommendation systems. Our goal is to provide a k-nearest neighbor method that deals with very large amount of datasets, surpassing billions of users. We propose a generic, fast and scalable k-NN graph construction algorithm that improves significantly the performance as compared to the state-of-the art approaches. Our idea is based on leveraging the bipartite nature of the underlying dataset, and use a preprocessing phase to reduce the number of similarity computations in later iterations. As a result, we gain a speed-up of 14 compared to other significant approaches from literature. Finally, we also consider the issue of privacy. Instead of directly viewing it under trivial recommendation systems, we analyze it on Online Social Networks. First, we reason how OSNs can be seen as a form of recommendation systems and how information dissemination is similar to broadcasting opinion/reviews in trivial recommendation systems. Following this parallelism, we identify privacy threat in information diffusion in OSNs and provide a privacy preserving algorithm for the same. Our algorithm Riposte quantifies the privacy in terms of differential privacy and with the help of experimental datasets, we demonstrate how Riposte maintains the desirable information diffusion properties of a network
31
Boucher, Duane Eric. "An information privacy model for primary health care facilities." Thesis, University of Fort Hare, 2013. http://hdl.handle.net/10353/d1007181.
Full textAbstract:
The revolutionary migration within the health care sector towards the digitisation of medical records for convenience or compliance touches on many concerns with respect to ensuring the security of patient personally identifiable information (PII). Foremost of these is that a patient’s right to privacy is not violated. To this end, it is necessary that health care practitioners have a clear understanding of the various constructs of privacy in order to ensure privacy compliance is maintained. This research project focuses on an investigation of privacy from a multidisciplinary philosophical perspective to highlight the constructs of information privacy. These constructs together with a discussion focused on the confidentiality and accessibility of medical records results in the development of an artefact represented in the format of a model. The formulation of the model is accomplished by making use of the Design Science research guidelines for artefact development. Part of the process required that the artefact be refined through the use of an Expert Review Process. This involved an iterative (three phase) process which required (seven) experts from the fields of privacy, information security, and health care to respond to semi-structured questions administered with an interview guide. The data analysis process utilised the ISO/IEC 29100:2011(E) standard on privacy as a means to assign thematic codes to the responses, which were then analysed. The proposed information privacy model was discussed in relation to the compliance requirements of the South African Protection of Personal Information (PoPI) Bill of 2009 and their application in a primary health care facility. The proposed information privacy model provides a holistic view of privacy management that can residually be used to increase awareness associated with the compliance requirements of using patient PII.
32
Banerjea-Brodeur, Nicolas Paul. "Advance passenger information passenger name record : privacy rights and security awareness." Thesis, McGill University, 2003. http://digitool.Library.McGill.CA:80/R/?func=dbin-jump-full&object_id=80909.
Full textAbstract:
An in-depth study of Advance Passenger Information and Passenger Name Record has never been accomplished prior to the events of September 11 th. It is of great importance to distinguish both of these concepts as they entail different legal consequence. API is to be understood as a data transmission that Border Control Authorities possess in advance in order to facilitate the movements of passengers. It is furthermore imperative that harmonization and inter-operability between States be achieved in order for this system to work. Although the obligations seem to appear for air carriers to be extraneous, the positive impact is greater than the downfalls.Passenger Name Record access permits authorities to have additional data that could identify individuals requiring more questioning prior to border control clearance. This data does not cause in itself privacy issues other than perhaps the potential retention and manipulation of information that Border Control Authorities may acquire. In essence, bilateral agreements between governments should be sought in order to protect national legislation.
The common goal of the airline industry is to ensure safe and efficient air transport. API and PNR should be viewed as formalities that can facilitate border control clearance and prevent the entrance of potentially high-risk individuals.
33
Harvey, Brett D. "A code of practice for practitioners in private healthcare: a privacy perspective." Thesis, Nelson Mandela Metropolitan University, 2007. http://hdl.handle.net/10948/521.
Full textAbstract:
Whereas there are various initiatives to standardize the storage, processing and use of electronic patient information in the South African health sector, the sector is fragmented through the adoption of various approaches on national, provincial and district levels. Divergent IT systems are used in the public and private health sectors (“Recommendations of the Committee on …” 2003). Furthermore, general practitioners in some parts of the country still use paper as a primary means of documentation and storage. Nonetheless, the use of computerized systems is increasing, even in the most remote rural areas. This leads to the exposure of patient information to various threats that are perpetuated through the use of information technology. Irrespective of the level of technology adoption by practitioners in private healthcare practice, the security and privacy of patient information remains of critical importance. The disclosure of patient information whether intentional or not, can have dire consequences for a patient. In general, the requirements pertaining to the privacy of patient information are controlled and enforced through the adoption of legislation by the governing body of a country. Compared with developed nations, South Africa has limited legislation to help enforce privacy in the health sector. Conversely, Australia, New Zealand and Canada have some of the most advanced legislative frameworks when it comes to the privacy of patient information. In this dissertation, the Australian, New Zealand, Canadian and South African health sectors and the legislation they have in place to ensure the privacy of health information, will be investigated. Additionally, codes of practice and guidelines on privacy of patient information for GPs, in the afore-mentioned countries, will be investigated to form an idea as to what is needed in creating and formulating a new code of practice for the South African GP, as well as a pragmatic tool (checklist) to check adherence to privacy requirements.
34
Parameswaran, Rupa. "A Robust Data Obfuscation Technique for Privacy Preserving Collaborative Filtering." Diss., Georgia Institute of Technology, 2006. http://hdl.handle.net/1853/11459.
Full textAbstract:
Privacy is defined as the freedom from unauthorized intrusion. The availability of personal information through online databases, such as government records, medical records, and voters and #146; lists, pose a threat to personal privacy. The concern over individual privacy has led to the development of legal codes for safeguarding privacy in several countries. However, the ignorance of individuals as well as loopholes in the systems, have led to information breaches even in the presence of such rules and regulations. Protection against data privacy requires modification of the data itself. The term {em data obfuscation} is used to refer to the class of algorithms that modify the values of the data items without distorting the usefulness of the data. The main goal of this thesis is the development of a data obfuscation technique that provides robust privacy protection with minimal loss in usability of the data.
Although medical and financial services are two of the major areas where information privacy is a concern, privacy breaches are not restricted to these domains. One of the areas where the concern over data privacy is of growing interest is collaborative filtering. Collaborative filtering systems are being widely used in E-commerce applications to provide recommendations to users regarding products that might be of interest to them. The prediction accuracy of these systems is dependent on the size and accuracy of the data provided by users. However, the lack of sufficient guidelines governing the use and distribution of user data raises concerns over individual privacy. Users often provide the minimal information that is required for accessing these E-commerce services. The lack of rules governing the use and distribution of data disallows sharing of data among different communities for collaborative filtering. The goals of this thesis are (a) the definition of a standard for classifying DO techniques, (b) the development of a robust cluster preserving data obfuscation algorithm, and (c) the design and implementation of a privacy-preserving shared collaborative filtering framework using the data obfuscation algorithm.
35
Clarke, Roger Anthony, and Roger Clarke@xamax com au. "Data Surveillance: Theory, Practice & Policy." The Australian National University. Faculty of Engineering and Information Technology, 1997. http://thesis.anu.edu.au./public/adt-ANU20031112.124602.
Full textAbstract:
Data surveillance is the systematic use of personal data systems in the investigation or monitoring of the actions or communications of one or more persons. This collection of papers was the basis for a supplication under Rule 28 of the ANU's Degree of Doctor of Philosophy Rules.
The papers develop a body of theory that explains the nature, applications and impacts of the data processing technologies that support the investigation or monitoring of individuals and populations. Literature review and analysis is supplemented by reports of field work undertaken in both the United States and Australia, which tested the body of theory, and enabled it to be articulated.
The research programme established a firm theoretical foundation for further work. It provided insights into appropriate research methods, and delivered not only empirically-based descriptive and explanatory data, but also evaluative information relevant to policy-decisions. The body of work as a whole provides a basis on which more mature research work is able to build.
36
Ervik, Sara. "Privacy by Design applied in Practice and the Consequences for System Developers." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-251672.
Full textAbstract:
Providing privacy for users is an important matter, data is processed to an increasing extent including sensitive personal information. It is a liability for organizations to take responsibility for the privacy of their users. Organizations are required by law to handle personal information in accordance to General Data Protection Regulation (GDPR). But there is a gap between the legal requirements and the technical solutions. The framework Privacy by Design (PbD) presents guidelines to include privacy in a system but lacks concrete implementations. This paper investigates how PbD can be applied to a system and how it impacts the system development. The study adopts the approach of Colesky, Hoepman and Hillen to apply Privacy by Design in Practice. This was used to develop a system model with consideration of the privacy of users as well as functional requirements and the needs of system developers. The evaluation showed a positive attitude among system developers towards the proposed system model implementing PbD. The system developers estimated that the proposed system model would introduce a slight decrease in productivity but believed the positive aspects of applying privacy would outweigh the disadvantages.Användares integritet har blivit allt viktigare i takt med att mer data hanteras, inklusive känslig personlig information. Organisationer är skyldiga att ta ansvar för sina användares integritet. Det är obligatoriskt enligt lag för organisationer att hantera personlig information i enlighet med kraven definierade i direktivet Allmän Dataskyddsförordning eller General Data Protection Regulation(GDPR) på engelska. Men det kvarstår en klyfta mellan de juridiska kraven och tekniska lösningar. Inbyggd integritet eller Privacy by Design(PbD) på engelska består av principer för att utforma system med hänsyn till integritet, men metoden saknar konkreta implementationer. Denna studie undersöker hur PbD kan appliceras i ett system och hur det påverkar systemutvecklingen. Studien använder Colesky, Hoepman och Hillens tillvägagångssätt för att applicera PbD i praktiken. Med denna metod utvecklades en modell av ett system som tar hänsyn till användarnas integritet likväl systemutvecklarnas behov och systemkrav. Utvärderingen visade att systemutvecklarna var positiva till den föreslagna systemmodellen implementerad med PbD. Systemutvecklarna estimerade att den föreslagna systemmodellen skulle medföra en lätt minskning i produktiviteten men förmodade att de positiva effekterna av inbyggd integritet skulle väga upp nackdelarna.
37
Balla, Stefano. "Privacy-Preserving Data Mining: un approccio verticale." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2019. http://amslaurea.unibo.it/17517/.
Full textAbstract:
La crescente disponibilità dei dati, oltre a portare grandi benefici, ha portato alla luce diversi rischi dipendenti dell'esposizione di informazioni confidenziali. Inoltre il metodo di estrazione di informazioni detto Data Mining ha posto un ulteriore problema dando la possibilità di estrarre informazioni sensibili. Questa tesi tratta il tema della privacy sotto tre livelli principali: Privacy-Preserving Data Providing, Privacy-Preserving Data Collecting e Privacy-Preserving Data Mining. Questi livelli rappresentano la divisione del ciclo dei dati in tre tappe in cui i dati prima vengono forniti, poi vengono immagazzinati ed infine sottoposti all'applicazione del data mining. Per ciascun livello vengono proposte tecnologie, tecniche e approcci alla conservazione della privacy dei dati con l'obbiettivo di ridurre al minimo la perdita di informazioni.
38
Kitkowska, Agnieszka. "Advancing Models of Privacy Decision Making : Exploring the What & How of Privacy Behaviours." Licentiate thesis, Karlstads universitet, Institutionen för matematik och datavetenskap (from 2013), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-69974.
Full textAbstract:
People's decisions do not happen in a vacuum; there are multiple factors that may affect them. There are external determinants, such as cost/benefit calculation of decision outcomes. There are also internal factors, such as attitudes, personality, emotions, age, and nationality. Frequently, the latter have a final say on the decision at hand, and similar determinants are triggered during the digital interaction when people make decisions about their privacy. The current digital privacy landscape is filled with recurring security breaches and leaks of personal information collected by online service providers. Growing dependency on Internet-connected devices and increasing privacy risks prompted policy makers to protect individuals' right to privacy. In Europe, the General Data Protection Regulation requires companies to provide adequate information about their data collection and processing practices to users, to increase privacy awareness and enable better decision making. Regardless, currently there is no sufficient, usable technology, which could help people make improved privacy decisions, decreasing over-disclosure and oversharing. Hence, multidisciplinary researchers aim at developing new privacy-enhancing solutions. To define such solutions and successfully convey data provision and processing practices, potential risks, or harms resulting from information disclosure, it is crucial to understand cognitive processes underpinning privacy decisions. In this thesis, we examine privacy decisions and define factors that influence them. We investigate the attitude-behaviour relationship and identify privacy concerns affecting perceptions of privacy. Additionally, we examine factors influencing information sharing, such as emotional arousal and personality traits. Our results demonstrate that there is a relationship between privacy concerns and behaviours, and that simplified models of behaviour are insufficient to predict privacy decisions. Our findings show that internal factors, such as nationality and culture, emotional arousal, and individual characteristics, affect privacy decisions. Based on our findings, we conclude that future models of privacy should incorporate such determinants. Further, we postulate that privacy user interfaces must become more flexible and personalised than the current solutions.Growing dependency on Internet-connected devices and increasing privacy risks prompted policymakers to protect individuals’ right to privacy. In Europe, the General Data Protection Regulation requires companies to provide users with adequate information about data collection and processing practices to increase privacy awareness and enable better decisions. Hence, multidisciplinary researchers aim at developing new privacy-enhancing solutions. However, to develop such solutions it is crucial to understand cognitive processes underpinning privacy decisions. This thesis objective is to investigate privacy behaviours. We identify privacy concerns affecting perceptions of privacy and examine factors influencing information sharing. We show that simplified models of behaviour are insufficient predictors of privacy decisions, and that demographic characteristic, emotion and personality affect privacy attitudes and behaviours. Based on our findings we conclude that future models of privacy and designs of privacy user interfaces must incorporate such behavioural determinants.
39
Åhlfeldt, Rose-Mharie. "Information Security in Distributed Healthcare : Exploring the Needs for Achieving Patient Safety and Patient Privacy." Doctoral thesis, Stockholm University, Department of Computer and Systems Sciences (together with KTH), 2008. http://urn.kb.se/resolve?urn=urn:nbn:se:su:diva-7407.
Full textAbstract:
In healthcare, patient information is a critical factor. The right information at the right time is a necessity in order to provide the best possible care for a patient. Patient information must also be protected from unauthorized access in order to protect patient privacy. It is furthermore common for patients to visit more than one healthcare provider, which implies a need for cross border healthcare and continuity in the patient process.
This thesis is focused on information security in healthcare when patient information has to be managed and communicated between various healthcare actors and organizations. The work takes a practical approach with a set of investigations from different perspectives and with different professionals involved. Problems and needs have been identified, and a set of guidelines and recommendations has been suggested and developed in order to improve patient safety as well as patient privacy.
The results show that a comprehensive view of the entire area concerning patient information management between different healthcare actors is missing. Healthcare, as well as patient processes, have to be analyzed in order to gather knowledge needed for secure patient information management.
Furthermore, the results clearly show that there are deficiencies both at the technical and the administrative level of security in all investigated healthcare organizations.
The main contribution areas are: an increased understanding of information security by elaborating on the administrative part of information security, the identification of information security problems and needs in cross border healthcare, and a set of guidelines and recommendations in order to advance information security measures in healthcare.
40
Meddeoda, Gedara Kavindra Kulathilake. "Design for Addressing Data Privacy Issues in Legacy Enterprise Application Integration." Thesis, Luleå tekniska universitet, Institutionen för system- och rymdteknik, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-74245.
Full textAbstract:
Electronic message transfer is the key element in enterprise application integration (EAI) and the privacy of data transferred must be protected by the systems involved in the message transfer from origin to the destination. The recent data privacy regulation such as GDPR (General Data Protection Regulation) has enforced the organizations to ensure the privacy of the personal data handled with obligations to provide visibility and control over to the data owner. Privacy concerns with relevant to sensitive data embedded and transferred through business-to-business (B2B) middleware platforms in enterprise architecture are mostly at risk with the legacy nature of the products and the complexity of system integrations. This poses a great threat and challenge to organizations processing sensitive data over the interconnected systems in complying with regulatory requirements. This research proposes a solution design to address the data privacy issues related to personal data handled in an enterprise application integration framework. Where electronic messages used to transfer personally identifiable information (PII). The proposal consisting of a design called “Safety Locker” to issue unique tokens related to encrypted PII elements stored in a persistence data storage based on Apache Ignite. While adding REST API interfaces to access the application functionality such as tokenization, de-tokenization, token management and accessing audit logs. The safety locker can run as a standalone application allowing clients to access its functionality remotely utilizing hypertext transfer protocol (HTTP). The design allows the data controllers to ensure the privacy of PII by embedding tokens generated from the application within the electronic messages transferred through interconnected systems. The solution design is evaluated through a proof of concept implementation, which can be adapted, enhanced to apply in EAI implementations.
41
Menfors, Martina, and Felicia Fernstedt. "Geotagging in social media : exploring the privacy paradox." Thesis, Högskolan i Borås, Akademin för bibliotek, information, pedagogik och IT, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:hb:diva-8685.
Full textAbstract:
Increasingly, online social media networks allow users to use geotagging. This method of adding location data to various content shared in real time has introduced privacy related issues and threats to the users of such networks. Previous research present opposing findings on whether users actually care about their location privacy or not, and it has also been shown that users often display a behaviour inconsistent with their concerns. When asked, users tend to report high privacy concerns, but in contrast, they will then not let their privacy concerns affect or limit their behaviour online; the privacy paradox is a description of this dichotomy. The problem, however, is not only that location privacy seems to be a paradoxical issue; the sharing of location data provides users with new possibilities that can potentially have negative consequences for them, such as someone else being able to identify one’s identity, home location, habits or other sensitive information. Social media network users communicate that a part of this is due to the lack of control over which information they share, with whom and where.This study employs a qualitative method, using unstructured interviews in a pre-study and a self-completion questionnaire. The purpose of the study is to examine and gain a better understanding of how the privacy paradox can help to better explain users’ location data disclosure preferences in the context of social media networking, and to help social media network developers in order to reduce privacy-related issues in social media networking applications with geotagging capabilities. The findings indicate that the paradox indeed is evident in user’s stated geotagging behaviour, and that users are slightly more worried about their location privacy than their overall online privacy. The conclusions offer a couple of different explanations for the paradox, and we argue that the contradiction of the paradox can be seen as a constant trade-off between benefits and risks of geotagging. We also give some examples of such advantages and disadvantages.
42
Ghafghazi, Hamidreza. "Privacy-Preserving Location-Aware Data Availability and Access Authorization in Public Safety Broadband Networks." Thesis, Université d'Ottawa / University of Ottawa, 2017. http://hdl.handle.net/10393/36006.
Full textAbstract:
The increased demand for interoperability among Emergency Responders (ERs) and timely accessibility to a large amount of reliable, accurate, context and location aware, and privacy-preserved data (e.g., environmental data, health records, building plan, etc.), mandates the emergence of dedicated Public Safety Broadband Networks (PSBNs). However, realizing PSBNs and addressing such requirements encounters substantial challenges. For example, several security and privacy vulnerabilities have been detected in the Long Term Evolution (LTE) which is the leading enabler of PSBNs. Nonetheless, the more significant challenge lies under the corresponding data requirements. This is because data is unstructured, its volume is enormous, and it includes inaccurate, irrelevant, and context-free data. Moreover, the data sources are heterogeneous and may not be reachable in an emergency. Furthermore, the data contains personally identifiable information for which privacy and access authorization should be respected. In this thesis, we investigate and address the aforementioned challenges. Here, we propose an efficient and secure algorithm to mitigate the main security and privacy vulnerability of LTE. In addition, to provide context and location aware data availability during an emergency, we propose a secure data storage structure and privacy-preserving search scheme. Furthermore, we propose a location-aware data access model to filter irrelevant data with regards to an incident and prevent unauthorized data access. To envision our access model, we propose a location-aware fine grained access authorization scheme. Our security analysis shows that our search scheme is secure against a chosen keyword attack and the proposed authorization scheme is formally proven secure against a selective chosen ciphertext attack. Concerning performance efficiency, our search scheme requires minimal data search and retrieval delay and the proposed authorization scheme imposes constant communication and decryption computation overheads. Finally, we propose a context-aware framework, which fully complies with emergency response requirements, based on the concept of trust to filter-out inaccurate and irrelevant data. The integration of our contributions promises highly reliable, accurate, context and location aware, and privacy-preserved data availability and timely data accessibility.
43
Ilesanmi, Olufemi Olajide. "Privacy in RFID Transit Systems : A case study of SL - Storstockholms Lokaltrafik." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-177584.
Full textAbstract:
Radio Frequency Identification (RFID) is a technology that facilitates wirelesscommunication. It is being widely used for access control purposes to aid administration ofservices. As with most wireless technologies, RFID has its challenges, due to its medium (radio waves) of communication, which makes it susceptible to signal interception and other possible attacks. The goal of this project is to investigate the insecurities in the implementation of the RFID system in transit (Storstockholms Lokaltrafik, Stockholm) systems. Due to the nature of the system, spatial information about consumers are accumulated over time thereby attracting some level of interests either legitimate or illegitimate, and raising some concerns. This thesis, takes into consideration the vulnerabilities of the RFID system and the potential security risks consumers of the system are exposed to, a detailed analysis is carried out on the existing infrastructure with the goal of exposing the shortcomings of the systems and proposing mitigating solutions. After an extensive work, seven (7) threats to privacy and security of RFID users were elaborated. Also discussion, about how different legislations around the world enforced data handling regulations in relation to commuter data, is carried out. Finally, most recent threats to consumer privacy are taken into consideration, as well as security in the mass transit field to put together a list of recommended safe practices. The work shows that RFID does pose significant threat to consumer privacy. One might argue that RFID has its benefits in its various implementations. However the fact remains that there are issues with regards to privacy that must to be addressed.
44
Demirsoy, Delil, and Erik Holm. "En studie om Big data och personlig integritet : Vad vet studenter om lagring av deras personliga uppgifter?" Thesis, Högskolan Väst, Avd för informatik, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:hv:diva-15395.
Full textAbstract:
Denna studie handlar om studenters kännedom om de personliga uppgifter som lagras av institutioner inom högre utbildning, och om det finns skillnader mellan kön gällande kännedomen och hanteringen av dessa uppgifter. Då det i samband med den expanderande lagringen av data och användningen av den genom Big data inom organisationen, visat sig ha påverkan på den personliga integriteten. Tidigare forskning indikerar på att det finns en brist i kännedomen och hanteringen hos människor om vad som lagras av organisationer. Tidigare forskning har även indikerat på att det finns skillnader mellan kön i hanteringen och kännedomen om personliga uppgifter som lagras av organisationer. Denna studien avgränsar sig till studenternas kännedom om vad institutioner inom högre utbildning lagrar om dem och skillnader mellan kön angående dessa uppgifter. För denna studie har en forskningsmetod i form av elektroniska enkäter använts, där studenter fått redogöra för deras kännedom och tankar av institutioner inom högre utbildnings lagring och hantering av personliga uppgifter. Syftet var att undersöka vilken kännedom dessa har om de personliga uppgifter som lagras av organisationer och vilken insikt de har om hur de kan användas. Totalt har 151 deltagit i enkätundersökningen där 126 uppgett att de varit studenter. Metoden som använts för studien är en kvantitativ ansats med kvalitativa inslag, där den kvalitativa delen avser de frågor som besvarats i fri text. Vidare är den kvantitativa delen för de frågor som har analyserats genom statistik och siffror. Frågorna från den använda forskningsmetoden i denna studie i form av elektroniska enkäter har bearbetats och slutligen presenterats. Under teoriavsnittet redogörs de begrepp som använts i studien, samt en mer ingående redogörelse för integritetens betydelse vid lagring av data. Vidare analyseras resultatet från studien utifrån Petronios CPM-teori och dess fem principer med hänsyn till den personliga integriteten. Arbetet konkluderades med en slutsats om att studenter har en vag form av kännedom gällande de uppgifter som lagras av institutioner inom högre utbildning. Det visade sig att studenter inte upplever att deras kännedom är tillräcklig. Till följd av att de inte upplever att de får tillräcklig med information av institutioner inom högre utbildning. Resultatet från studien visade att studenter hade kännedom om begrepp kopplade till lagring av personliga uppgifter. Det visade sig att det finns skillnader mellan kön i hanteringen av personliga uppgifter, men till följd av avsaknaden av bortfallsanalysen var dessa fynd svårt att verifiera fullt ut. Resultatet indikerade på att ett flertal studenter inte kände sig trygga när institutioner inom högre utbildning samlade information om dem. På grund av att de inte hade kännedom om vad som lagrades. Dock visade resultatet att de flesta tycker att skolan borde ge tydligare information om de personliga uppgifterna som lagras. Vilket i sin tur gjorde att flera kände att de förlorade kontroll över den personliga integriteten. Detta gällande de åsikter om hur tydliga de anser att institutioner inom högre utbildning är vid informering av personliga uppgifter som de lagrar.This research study examines students' knowledge of personal data stored by institutions of higher education as well as, whether there are differences between the genders regarding the knowledge and the management of this stored data. This is connected to the expanding storage of data and the use of it through Big data within the organisations where it was shown to have impact on the personal integrity. Previous studies report that there is a knowledge gap within society regarding the information on what is stored. In addition to this, research showed that there are differences between genders about the knowledge and control of their personal data. Therefore, this study focuses on students' knowledge of what higher education institutions store about them as well as whether there are differences between genders. This study applies a quantitative research method in the form of electronic questionnaires for data collection. These questionnaires were handed out to students which contained questions about students' knowledge and views about their institution's storage and management of their personal data. A total of 151 people participated in this study, where 126 of the participants stated that they were students. Moreover. this study includes some elements of qualitative research methods where some of the questions in the electronic questionnaires could be answered in free text. The qualitative and quantitative methods were later analyzed and compared to Petrionio's CPM-theory and its five principles regarding the personal integrity. The result of the study showed that students' have a vague form of knowledge regarding the data stored by institutions of higher education. The research also indicated that there are differences between the sexes in the handling of personal data. However, our findings show that the lack of dropout analysis makes the mentioned findings quite difficult to be fully verified. The result has shown that several students did not feel secure when organizations within higher educational institutions stored personal data about them. This is because they feel that their knowledge on what is being stored is insufficient which consequently led them to feel a lacking control about their own personal integrity. Thus, results showed that most people think that the educational institutions should provide more specific information about the personal data that they store about them.
45
Pagès, Billai Linn. "Designing a Comprehensive Privacy Policy : A qualitative comparative study." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-293357.
Full textAbstract:
Social media platforms have to provide a privacy or data policy for users of their services and these legal documents tend to demonstrate characteristics of poor user experience design. A majority of users have difficulties understanding the privacy policy due to the long and legalistic nature of these documents, which will result in fewer readers. By investigating the users’ attitudes towards the privacy policy on the social media platform Instagram, a prototype of an alternative privacy policy aimed to enhance the users’ engagement was designed. The Double Diamond model was used to investigate the design process of the prototype. This included an initial literature study together with qualitative interviews. The results from the interviews showed that participants rarely read privacy policies due to their long and illegible nature and that a more comprehensible policy would be helpful. The final design of the prototype was created iteratively after feedback from the user tests. The novel prototype was found to be easy to comprehend and faster to navigate than the original data policy. The majority of the users also expressed a preference for the alternative prototype. The interesting results from this preliminary study can be taken further in a full-scale study with a larger participant sample with representation from different age groups.Sociala medieplattformar måste tillhandahålla en integritet eller datapolicy för användare av sina tjänster och dessa juridiska handlingar tenderar att visa egenskaper av dålig användarupplevelse. En majoritet av användarna har svårigheter att förstå integritetspolicyn på grund av den långa och legalistiska karaktären hos dessa dokument, vilket i sin tur resulterar i färre läsare. Genom att undersöka användarnas attityder till integritetspolicyn på den social medieplattformen Instagram, var en prototyp av en alternativ integritetspolicy som syftar till att förbättra användarnas engagemang utformad. Double Diamond-modellen användes för att undersöka prototypens designprocess. Detta inkluderade en första litteraturstudie tillsammans med kvalitativa intervjuer. Resultatet från intervjuerna visade att deltagarna sällan läste integritetspolicys på grund av deras långa och oläsliga natur och att en mer begriplig policy skulle vara till hjälp. Den slutliga utformningen av prototypen skapades iterativt efter återkoppling från användartester. Den nya prototypen visade sig vara lätt att förstå och snabbare för att navigera än den ursprungliga datapolicyn. Majoriteten av användarna uttryckte också en preferens för den alternativa prototypen. De intressanta resultaten från denna preliminära studie kan vidtas ytterligare i en fullskalig studie med ett större antal deltagare och representation från olika åldersgrupper.
46
Jellen, Isabel. "Towards Security and Privacy in Networked Medical Devices and Electronic Healthcare Systems." DigitalCommons@CalPoly, 2020. https://digitalcommons.calpoly.edu/theses/2141.
Full textAbstract:
E-health is a growing eld which utilizes wireless sensor networks to enable access to effective and efficient healthcare services and provide patient monitoring to enable early detection and treatment of health conditions. Due to the proliferation of e-health systems, security and privacy have become critical issues in preventing data falsification, unauthorized access to the system, or eavesdropping on sensitive health data. Furthermore, due to the intrinsic limitations of many wireless medical devices, including low power and limited computational resources, security and device performance can be difficult to balance. Therefore, many current networked medical devices operate without basic security services such as authentication, authorization, and encryption.
In this work, we survey recent work on e-health security, including biometric approaches, proximity-based approaches, key management techniques, audit mechanisms, anomaly detection, external device methods, and lightweight encryption and key management protocols. We also survey the state-of-the art in e-health privacy, including techniques such as obfuscation, secret sharing, distributed data mining, authentication, access control, blockchain, anonymization, and cryptography. We then propose a comprehensive system model for e-health applications with consideration of battery capacity and computational ability of medical devices. A case study is presented to show that the proposed system model can support heterogeneous medical devices with varying power and resource constraints. The case study demonstrates that it is possible to signicantly reduce the overhead for security on power-constrained devices based on the proposed system model.
47
Katirai, Hooman. "A theory and toolkit for the mathematics of privacy : methods for anonymizing data while minimizing information loss." Thesis, Massachusetts Institute of Technology, 2006. http://hdl.handle.net/1721.1/34526.
Full textAbstract:
Thesis (S.M.)--Massachusetts Institute of Technology, Engineering Systems Division, Technology and Policy Program; and, Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2006.Includes bibliographical references (leaves 85-86).
Privacy laws are an important facet of our society. But they can also serve as formidable barriers to medical research. The same laws that prevent casual disclosure of medical data have also made it difficult for researchers to access the information they need to conduct research into the causes of disease. But it is possible to overcome some of these legal barriers through technology. The US law known as HIPAA, for example, allows medical records to be released to researchers without patient consent if the records are provably anonymized prior to their disclosure. It is not enough for records to be seemingly anonymous. For example, one researcher estimates that 87.1% of the US population can be uniquely identified by the combination of their zip, gender, and date of birth - fields that most people would consider anonymous. One promising technique for provably anonymizing records is called k-anonymity. It modifies each record so that it matches k other individuals in a population - where k is an arbitrary parameter. This is achieved by, for example, changing specific information such as a date of birth, to a less specific counterpart such as a year of birth.
(cont.) Previous studies have shown that achieving k-anonymity while minimizing information loss is an NP-hard problem; thus a brute force search is out of the question for most real world data sets. In this thesis, we present an open source Java toolkit that seeks to anonymize data while minimizing information loss. It uses an optimization framework and methods typically used to attack NP-hard problems including greedy search and clustering strategies. To test the toolkit a number of previously unpublished algorithms and information loss metrics have been implemented. These algorithms and measures are then empirically evaluated using a data set consisting of 1000 real patient medical records taken from a local hospital. The theoretical contributions of this work include: (1) A new threat model for privacy - that allows an adversary's capabilities to be modeled using a formalism called a virtual attack database. (2) Rationally defensible information loss measures - we show that previously published information loss measures are difficult to defend because they fall prey to what is known as the "weighted indexing problem." To remedy this problem we propose a number of information-loss measures that are in principle more attractive than previously published measures.
(cont.) (3) Shown that suppression and generalization - two concepts that were previously thought to be distinct - are in fact the same thing; insofar as each generalization can be represented by a suppression and vice versa. (4) We show that Domain Generalization Hierarchies can be harvested to assist the construction of a Bayesian network to measure information loss. (5) A database can be thought of as a sub-sample of a population. We outline a technique that allows one to predict k-anonymity in a population. This allows us, under some conditions, to release records that match fewer than k individuals in a database while still achieving k-anonymity against an adversary according to some probability and confidence interval. While we have chosen to focus our thesis on the anonymization of medical records, our methodologies, toolkit and command line tools are equally applicable to any tabular data such as the data one finds in relational databases - the most common type of database today.
by Hooman Katirai.
S.M.
48
Burkhart, Martin [Verfasser]. "Enabling Collaborative Network Security with Privacy-Preserving Data Aggregation / Martin Burkhart." Aachen : Shaker, 2011. http://d-nb.info/1071528394/34.
Full text
49
Bernal, Paul Alexander. "Do deficiencies in data privacy threaten our autonomy and, if so, can informational privacy rights meet this threat?" Thesis, London School of Economics and Political Science (University of London), 2011. http://etheses.lse.ac.uk/321/.
Full textAbstract:
This thesis sets out a model to examine how the internet functions. 'The symbiotic web' suggests a symbiotic relationship between corporations that have built business models dependent upon the gathering of personal data from people, and the individuals themselves who have begun to rely on apparently 'free' services (from search to email, social networking to YouTube). Having set out the model, the thesis looks at its implications: how it has contributed to many, both the positive and negative, developments on the internet in recent years, but also driven the mass gathering, use and holding of personal data. The symbiotic web is currently essentially beneficial to both businesses and individuals, but there are significant risks attached - risks associated with the accumulation of data and risks that the symbiotic relationship could become negative and parasitic, putting individuals' privacy and autonomy at risk. The implications of this model are examined through the use of case studies: the dispute between Google and the Article 29 Working Party over data retention, Phorm's 'Webwise' behavioural targeting system, and a number of smaller case studies about data vulnerability from the HMRC data disc loss to the ACS:Law hack/leak. The thesis suggests the development and use of specific rights designed for the internet to address the associated risks: a 'right to roam the internet with privacy', a right to monitor those who monitor us, and a 'right to delete data'. These rights would be set out as principles rather than enacted and enforced as laws, and brought into play through Murray's model of symbiotic regulation. These rights would support the positive development of the web symbiosis and encourage and shape new business models that are more supportive of individual autonomy and privacy.
50
Siganto, Jean Josephine. "Transparent, balanced and vigorous: The exercise of the Australian Privacy Commissioner's powers in relation to National Privacy Principle 4." Thesis, Queensland University of Technology, 2015. https://eprints.qut.edu.au/83792/4/Jean_Siganto_Thesis.pdf.
Full textAbstract:
This thesis considers whether the Australian Privacy Commissioner's use of its powers supports compliance with the requirement to 'take reasonable steps' to protect personal information in National Privacy Principle 4 of the Privacy Act 1988 (Cth). Two unique lenses were used. First, the Commissioner's use of powers was assessed against the principles of transparency, balance and vigorousness and secondly against alignment with an industry practice approach to securing information. Following a comprehensive review of publicly available materials, interviews and investigation file records, this thesis found that the Commissioner's use of his powers has not been transparent, balanced or vigorous, nor has it been supportive of an industry practice approach to securing data. Accordingly, it concludes that the Privacy Commissioner's use of its regulatory powers is unlikely to result in any significant improvement to the security of personal information held by organisations in Australia.