Your search keyword '"Simone Fischer"' showing total 296 results

251. Sharing Is Caring, a Boundary Object Approach to Mapping and Discussing Personal Data Processing

Author

Rob Heyman, imec-SMIT, Vrije Universiteit Brussel (VUB), Eleni Kosta, Jo Pierson, Daniel Slamanig, Simone Fischer-Hübner, Stephan Krenn, TC 9, TC 11, WG 9.2, WG 9.6, WG 11.6, and WG 11.7

Subjects

Data processing, Boundary object, Smart city, Computer science, 05 social sciences, 050801 communication & media studies, 050905 science studies, Data science, Boundary (real estate), 0508 media and communications, Work (electrical), 11. Sustainability, [INFO]Computer Science [cs], 0509 other social sciences, Data protection impact assessment, GDPR

Abstract

Part 1: Keynotes and Invited Papers; International audience; This work answers the following question, how to gather and act on personal data in smart city projects using boundary objects? Smart city projects require new mapping methods so they can share and discuss work collectively. Working collectively is necessary because smart city projects are difficult to map in one singular view for personal data because different smart city stakeholders have a part of the required information. Summarising data processing operations is most often taken for granted and under-defined in Data Protection Impact Assessment methods.This paper is a plea for the use of boundary objects for GDPR compliance and research in smart cities. Therefore, this article is a comparison of the original context boundary objects with the context of smart cities to illustrate the need for a similar approach. The main results of this paper point to a new approach to enable collaborative GDPR compliance where specialist knowledge trickles down to developers and other actors not educated to comply with GDPR requirements.

Published

2019

252. Privacy Patterns for Pseudonymity

Author

Ina Schiering, Alexander Gabel, Ostfalia University of Applied Sciences, Eleni Kosta, Jo Pierson, Daniel Slamanig, Simone Fischer-Hübner, Stephan Krenn, TC 9, TC 11, WG 9.2, WG 9.6, WG 11.6, and WG 11.7

Subjects

Privacy by Design, Privacy patterns, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020207 software engineering, 02 engineering and technology, 16. Peace & justice, Computer security, computer.software_genre, Range (mathematics), Smart grid, General Data Protection Regulation, 0202 electrical engineering, electronic engineering, information engineering, ComputingMilieux_COMPUTERSANDSOCIETY, 020201 artificial intelligence & image processing, Use case, [INFO]Computer Science [cs], Anonymity, computer, Pseudonymity

Abstract

Part 3: Selected Papers; International audience; To implement the principle of Privacy by Design mentioned in the European General Data Protection Regulation one important measurement stated there is pseudonymisation. Pseudonymous data is widely used in medical applications and is investigated e.g. for vehicular ad-hoc networks and Smart Grid. The concepts used there address a broad range of important aspects and are therefore often specific and complex. Some privacy patterns are already addressing pseudonymity, but they are mostly abstract or rather very specific. This paper proposes privacy patterns for the development of pseudonymity concepts based on the analysis of pseudonymity solutions in use cases.

Published

2019

253. Me and My Robot - Sharing Information with a New Friend

Author

Reinhard Gerndt, Tanja Heuer, Ina Schiering, Ostfalia University of Applied Sciences, Eleni Kosta, Jo Pierson, Daniel Slamanig, Simone Fischer-Hübner, Stephan Krenn, TC 9, TC 11, WG 9.2, WG 9.6, WG 11.6, and WG 11.7

Subjects

Social robot, business.industry, media_common.quotation_subject, 05 social sciences, Internet privacy, User perception, 02 engineering and technology, Transparency (behavior), Human-Robot Interaction, Human–robot interaction, HRI, Privacy, Perception, 0202 electrical engineering, electronic engineering, information engineering, Robot, [INFO]Computer Science [cs], 020201 artificial intelligence & image processing, 0501 psychology and cognitive sciences, business, Psychology, Personally identifiable information, 050107 human factors, media_common

Abstract

Part 3: Selected Papers; International audience; This paper investigates user perception regarding social robots and personal information disclosure. During a study two participant groups stated their attitude towards functionality, shared personal information and the interest of transparency and intervenability. The impact of technical background knowledge regarding users attitude and perception was examined. Participants working with robots have a more open-minded attitude to share personal information achieving a wider range of functionality. Both groups care about transparency of collected data and the possibility of intervenability.

Published

2019

254. Design and Security Assessment of Usable Multi-factor Authentication and Single Sign-On Solutions for Mobile Applications

Author

Carbone, Roberto, Ranise, Silvio, Sciarretta, Giada, Security & Trust Research Unit [Trento], Fondazione Bruno Kessler [Trento, Italy] (FBK), Eleni Kosta, Jo Pierson, Daniel Slamanig, Simone Fischer-Hübner, Stephan Krenn, TC 9, TC 11, WG 9.2, WG 9.6, WG 11.6, and WG 11.7

Subjects

[INFO]Computer Science [cs]

Abstract

Part 2: Workshop and Tutorial Papers; International audience; In this interactive workshop we focused on multi-factor authentication and Single Sign-On solutions for mobile native applications. The main objective was to create awareness of the current limitations of these solutions in the mobile context. Thus, after an introduction part, the participants were invited to discuss usability and security issues of different mobile authentication scenarios. After this interactive part, we concluded the workshop presenting our on-going work on this topic by briefly describing our methodology for the design and security assessment of multi-factor authentication and Single Sign-On solutions for mobile native applications; and presenting a plugin that helps developers make their mobile native application secure.

Published

2019

255. Glycos: The Basis for a Peer-to-Peer, Private Online Social Network

Author

An Braeken, Ruben De Smet, Jo Pierson, Ann Dooms, Vrije Universiteit Brussel (VUB), Eleni Kosta, Jo Pierson, Daniel Slamanig, Simone Fischer-Hübner, Stephan Krenn, TC 9, TC 11, WG 9.2, WG 9.6, WG 11.6, WG 11.7, Kosta, Eleni, Pierson, Jo, Slamanig, Daniel, Fischer-Hübner, Simone, Krenn, Stephan, Brussels Center for Competition Policy, Communication Sciences, Studies in Media, Innovation and Technology, Faculty of Engineering, Electronics and Informatics, Digital Mathematics, Mathematics, Centre of Expertise on Gender, Diversity and Intersectionality, Computational and Applied Mathematics Programme, Engineering Technology, and Industrial Sciences and Technology

Subjects

Online social network, Social network, Privacy by Design, Basis (linear algebra), business.industry, Computer science, Privacy by design, 0102 computer and information sciences, 02 engineering and technology, Peer-to-peer, computer.software_genre, 01 natural sciences, World Wide Web, 010201 computation theory & mathematics, Privacy, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], business, computer

Abstract

Part 3: Selected Papers; International audience; Typical Web 2.0 applications are built on abstractions, allowing developers to rapidly and securely develop new features. For decentralised applications, these abstractions are often poor or non-existent.By proposing a set of abstract but generic building blocks for the development of peer-to-peer (decentralised), private online social networks, we aim to ease the development of user-facing applications. Additionally, an abstract programming system decouples the application from the data model, allowing to alter the front-end independently from the back-end.The proposed proof-of-concept protocol is based on existing cryptographic building blocks, and its viability is assessed in terms of performance.

Published

2019

256. Privacy and Socially Assistive Robots - A Meta Study

Author

Ina Schiering, Tanja Heuer, Reinhard Gerndt, Ostfalia University of Applied Sciences, Marit Hansen, Eleni Kosta, Igor Nai-Fovino, Simone Fischer-Hübner, TC 9, TC 11, WG 9.2, WG 9.5, WG 9.6, WG 11.7, and WG 11.6

Subjects

0209 industrial biotechnology, Focus (computing), Human-robot friendship, business.industry, Computer science, Internet privacy, Machine ethics, 02 engineering and technology, Roboethics, Human–robot interaction, 020901 industrial engineering & automation, HRI, Privacy, Robot ethics, 0202 electrical engineering, electronic engineering, information engineering, Ethical concerns, Assistive robot, Robot, 020201 artificial intelligence & image processing, [INFO]Computer Science [cs], Socially assistive robot, business, Assistive robotics, Human-robot interaction

Abstract

Part 6: Assistive Robots; International audience; This paper investigates studies about socially assistive robotics with focus on privacy and ethical concerns. Therefore, the privacy aspects are considered and the concerns expressed by users with regard to privacy are examined additionally. It becomes clear, there are still a lot of concerns regarding the use of robots, that’s why robots are not well accepted so far. To get a more transparent view on that, two models are introduced which might improve the understanding towards important privacy aspects.

Published

2018

257. From Privacy to Algorithms’ Fairness

Author

Mariachiara Tallacchini, Chiara Sabelli, Chercheur indépendant, Università cattolica del Sacro Cuore [Piacenza e Cremona] (Unicatt), Marit Hansen, Eleni Kosta, Igor Nai-Fovino, Simone Fischer-Hübner, TC 9, TC 11, WG 9.2, WG 9.5, WG 9.6, WG 11.7, and WG 11.6

Subjects

Fairness, Equal opportunities, Cover (telecommunications), Big data, Space (commercial competition), 01 natural sciences, Economic Justice, 010104 statistics & probability, 03 medical and health sciences, 0302 clinical medicine, Political science, media_common.cataloged_instance, [INFO]Computer Science [cs], Settore IUS/20 - FILOSOFIA DEL DIRITTO, 0101 mathematics, European union, media_common, Ethics, business.industry, 16. Peace & justice, Models of justice, Equal opportunity, Privacy, Normative, Construct (philosophy), business, Algorithm, Law, Algorithms, 030217 neurology & neurosurgery

Abstract

Part 3: Privacy in the Era of the Smart Revolution; International audience; This article aims to show how the legal and ethical debate – as far as ethics has become an indispensable complementary normative tool within legal frameworks – on the digital world in the United States (US) and the European Union (EU) has significantly opened up to include new dimensions other than privacy, particularly in connection with machine learning algorithms and Big Data. If privacy still remains the main interpretive construct to normatively forge the digital space, increasingly issues of discrimination, equal opportunity, fairness and, more broadly, models of justice, are entering the picture. While offering some examples of the inadequacy of privacy to cover new normative concerns related to Big Data and machine learning, the article also argues that attempts to grant algorithmic fairness represent just the first step in addressing the wider question about what models of digital justice we are willing to apply.

Published

2018

258. mHealth Applications for Goal Management Training - Privacy Engineering in Neuropsychological Studies

Author

Ina Schiering, Funda Ertas, Sandra Verena Müller, Alexander Gabel, Ostfalia University of Applied Sciences, Marit Hansen, Eleni Kosta, Igor Nai-Fovino, Simone Fischer-Hübner, TC 9, TC 11, WG 9.2, WG 9.5, WG 9.6, WG 11.7, and WG 11.6

Subjects

Computer science, Context (language use), 02 engineering and technology, Transparency, Privacy design strategies, 03 medical and health sciences, 0302 clinical medicine, Health care, Executive dysfunctions, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], 030212 general & internal medicine, Cognitive rehabilitation therapy, Privacy engineering, mHealth, Data minimization, business.industry, Neuropsychology, 020207 software engineering, Privacy protection goals, Transparency (behavior), Risk analysis (engineering), Privacy, ComputingMilieux_COMPUTERSANDSOCIETY, Goal management training, business, Pseudonymity

Abstract

Part 7: Mobility and Privacy; International audience; The potential of digitalisation in healthcare based on mobile health, so-called mHealth applications, is considerable. On the other hand these solutions incorporate huge privacy risks. In the context of goal management training, a neuropsychological training used for the cognitive rehabilitation of executive dysfunction after a brain injury, the use of mHealth applications is considered. Privacy requirements of this scenario are modelled based on methodologies as privacy protection goals and privacy design strategies. Measures to realize the requirements are proposed and discussed in the context of a study. The focus in privacy engineering is on pseudonymity of patients, data minimization and transparency for patients.

Published

2018

259. Designing a GDPR-Compliant and Usable Privacy Dashboard

Author

Philip Raschke, Sabrina Kirrane, Olha Drozd, Axel Küpper, Technische Universität Berlin (TU), Vienna University of Economics and Business, Wirtschaftsuniversität Wien [Austria] (WU), Marit Hansen, Eleni Kosta, Igor Nai-Fovino, Simone Fischer-Hübner, TC 9, TC 11, WG 9.2, WG 9.5, WG 9.6, WG 11.7, and WG 11.6

Subjects

Information privacy, Computer science, media_common.quotation_subject, Dashboard (business), Usability, ComputingMilieux_LEGALASPECTSOFCOMPUTING, 02 engineering and technology, Computer security, computer.software_genre, Transparency-enhancing tools, 0202 electrical engineering, electronic engineering, information engineering, media_common.cataloged_instance, 0501 psychology and cognitive sciences, [INFO]Computer Science [cs], European union, 050107 human factors, media_common, Distrust, business.industry, 05 social sciences, 020207 software engineering, Service provider, Privacy dashboard, Privacy-enhancing tools, Work (electrical), General Data Protection Regulation, business, computer, Data privacy

Abstract

Part 5: Safeguarding Personal Data and Mitigating Risks; International audience; The role of personal data gained significance across all business domains in past decades. Despite strict legal restrictions that processing personal data is subject to, users tend to respond to the extensive collection of data by service providers with distrust. Legal battles between data subjects and processors emphasized the need of adaptations by the current law to face today’s challenges. The European Union has taken action by introducing the General Data Protection Regulation (GDPR), which was adopted in April 2016 and will inure in May 2018. The GDPR extends existing data privacy rights of EU citizens and simultaneously puts pressure on controllers and processors by defining high penalties in case of non-compliance. Uncertainties remain to which extent controllers and processors need to adjust their existing technologies in order to conform to the new law. This work designs, implements, and evaluates a privacy dashboard for data subjects intending to enable and ease the execution of data privacy rights granted by the GDPR.

Published

2018

260. Data Protection Impact Assessment: A Hands-On Tour of the GDPR’s Most Practical Tool

Author

Michael Friedewald, Felix Bieker, Nicholas Martin, Marit Hansen, Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein [Kiel, Germany] (ULD), Fraunhofer Institute for Systems and Innovation Research (Fraunhofer ISI ), Fraunhofer (Fraunhofer-Gesellschaft), Marit Hansen, Eleni Kosta, Igor Nai-Fovino, Simone Fischer-Hübner, TC 9, TC 11, WG 9.2, WG 9.5, WG 9.6, WG 11.7, and WG 11.6

Subjects

Structure (mathematical logic), Process management, Process (engineering), Computer science, 05 social sciences, Risk to rights and freedoms, EU law, Legislation, Data Protection Impact Assessment, 030227 psychiatry, 03 medical and health sciences, 0302 clinical medicine, General Data Protection Regulation, 0502 economics and business, Data Protection Act 1998, [INFO]Computer Science [cs], Session (computer science), 050207 economics, Data protection impact assessment, Data protection

Abstract

Part 5: Safeguarding Personal Data and Mitigating Risks; International audience; This workshop introduced participants to the process of Data Protection Impact Assessment. This new tool of the GDPR is highly relevant for any processing of personal data, as it helps to structure the process, be aware of data protection issues and the relevant legislation and implement proper safeguards to protect data subjects. For processing operations posing a high risk for data subjects, a DPIA is mandatory from May 2018. The interactive workshop provided a framework for DPIA and guidance on specific questions such as when a high risk is likely to occur or how specific risks can be evaluated, which was assessed by participants in an interactive session with two different scenarios.

Published

2018

261. Data Protection by Design: Promises and Perils in Crossing the Rubicon Between Law and Engineering

Author

Alessia Tanas, Kjetil Rommetveit, Niels Van Dijk, Kosta, Eleni, Fischer-Hubner, Simone, Hansen, Marit, Nai-Fovino, Igor, Metajuridica, Law Science Technology and Society, Contextual Research in Law, Faculty of Law and Criminology, Centre for the Study of the Sciences and the Humanities (SVT), University of Bergen (UiB), Law, Science, Technology & Society (LSTS), Vrije Universiteit Brussel (VUB), Marit Hansen, Eleni Kosta, Igor Nai-Fovino, Simone Fischer-Hübner, TC 9, TC 11, WG 9.2, WG 9.5, WG 9.6, WG 11.7, and WG 11.6

Subjects

Information Systems and Management, Computer Networks and Communications, engineering, Fundamental rights, ComputingMilieux_LEGALASPECTSOFCOMPUTING, 050801 communication & media studies, Legislation, 02 engineering and technology, Field (computer science), 0508 media and communications, 020204 information systems, Political science, 0202 electrical engineering, electronic engineering, information engineering, Information systems, Data Protection Act 1998, [INFO]Computer Science [cs], Privacy engineering, privacy engineering, 05 social sciences, Techno-epistemic network, Legislature, 16. Peace & justice, Making-of, Information and Communications Technology, Law, Privacy and data protection by design, Socio-technical infrastructures, organisations

Abstract

Part 2: Privacy Engineering; International audience; This article reports some main findings from a study of recent efforts towards building privacy and other fundamental rights and freedoms into smart ICT systems. It mainly focuses on the concept of ‘Data Protection by Design and by Default’ (DPbD), recently introduced by EU legislation, and as implemented through the new field of privacy engineering. We describe the new constellations of actors that gather around this legislative and engineering initiative as an emerging ‘techno-epistemic network’. The article presents the empirical findings of a broad consultation with people involved in the making of this network, including policy makers, regulators, entrepreneurs, ICT developers, civil rights associations, and legal practitioners. Based on the findings from our consultations, we outline how DPbD is subject to differing, sometimes also conflicting or contradictory, expectations and requirements. We identify these as three main points of friction involved in the making of data protection by design: organisations versus autonomous data subjects; law versus engineering, and local versus global in the making of standards and infrastructures.

Published

2018

262. All Your Data Are Belong to us . European Perspectives on Privacy Issues in ‘Free’ Online Machine Translation Services

Author

Kamocki, Paweł, O’Regan, Jim, Stauch, Marc, Université Paris Descartes - Paris 5 (UPD5), Westfälische Wilhelms-Universität Münster (WWU), Institut für Deutsche Sprache und Linguistik (IDSL), Humboldt-Universität zu Berlin, Trinity College Dublin, Leibniz Universität Hannover [Hannover] (LUH), David Aspinall, Jan Camenisch, Marit Hansen, Simone Fischer-Hübner, Charles Raab, TC 9, TC 11, WG 9.2, WG 9.5, WG 9.6, WG 11.7, WG 11.4, WG 11.6, and Humboldt Universität zu Berlin

Subjects

Personal data, Machine Translation, Privacy, Directive 95/46/EC, [INFO]Computer Science [cs], [INFO] Computer Science [cs], Google Translate

Abstract

International audience; The English language has taken advantage of the Digital Revolution to establish itself as the global language; however, only 28.6 % of Internet users speak English as their native language. Machine Translation (MT) is a powerful technology that can bridge this gap. In development since the mid-20th century, MT has become available to every Internet user in the last decade, due to free online MT services. This paper aims to discuss the implications that these tools may have for the privacy of their users and how they are addressed by EU data protection law. It examines the data-flows in respect of the initial processing (both from the perspective of the user and the MT service provider) and potential further processing that may be undertaken by the MT service provider.

Published

2016

263. Smart Cars Cruising on the Road Paved with Good Intentions? – Workshop on Big Data Applications and Individual Rights Under the New European General Data Protection Regulation

Author

Barbara Büttner, Felix Bieker, Murat Karaboga, Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein [Kiel, Germany] (ULD), University of Kassel, Fraunhofer Institute for Systems and Innovation Research (Fraunhofer ISI ), Fraunhofer (Fraunhofer-Gesellschaft), Anja Lehmann, Diane Whitehouse, Simone Fischer-Hübner, Lothar Fritsch, Charles Raab, TC 9, TC 11, WG 9.2, WG 9.5, WG 9.6, WG 11.7, WG 11.4, and WG 11.6

Subjects

050502 law, Engineering, Individual rights, business.industry, 05 social sciences, Big data, Internet privacy, EU law, 020206 networking & telecommunications, ComputingMilieux_LEGALASPECTSOFCOMPUTING, 02 engineering and technology, Computer security, computer.software_genre, General Data Protection Regulation, Smart cars, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], business, computer, 0505 law

Abstract

Part 2: Workshop Papers; International audience; In this workshop we addressed the protection of individuals in the EU General Data Protection Regulation with regard to threats posed by big data applications. Using smart cars as an example, the workshop focused on the individuals’ rights under the new Regulation. After an introduction to these topics, participants were invited to discuss these issues in groups and draw general conclusions on the effectiveness of the rights for individuals under the General Data Protection Regulation.

Published

2016

264. Modelling the Relationship Between Privacy and Security Perceptions and the Acceptance of Surveillance Practices

Author

Sven Rung, Michael Friedewald, Marc van Lieshout, Fraunhofer Institute for Systems and Innovation Research (Fraunhofer ISI ), Fraunhofer (Fraunhofer-Gesellschaft), The Netherlands Organisation for Applied Scientific Research (TNO), David Aspinall, Jan Camenisch, Marit Hansen, Simone Fischer-Hübner, Charles Raab, TC 9, TC 11, WG 9.2, WG 9.5, WG 9.6, WG 11.7, WG 11.4, and WG 11.6

Subjects

Information privacy, business.industry, media_common.quotation_subject, 05 social sciences, Internet privacy, Trade-off, 050109 social psychology, Context (language use), 02 engineering and technology, Public opinion, Privacy, 020204 information systems, Perception, Security, 0202 electrical engineering, electronic engineering, information engineering, Sacrifice, [INFO]Computer Science [cs], 0501 psychology and cognitive sciences, Business, media_common

Abstract

International audience; The relationship between privacy and security is often but falsely understood as a zero-sum game, whereby more security can only be achieved by sacrifice of privacy. Since this has been proven as too simplistic this chapter explores what factors are influencing people’s perceptions of privacy and security in the context of security-oriented surveillance practices. We are presenting a model showing that structural elements such as trust in the institutions that are implementing and operating surveillance systems are crucial for the acceptability while individual factors such as age, gender or region of living are less important than often assumed.

Published

2016

265. Big Data Privacy and Anonymization

Author

Guillermo Navarro-Arribas, Vicenç Torra, University of Skövde [Sweden], Universitat Autònoma de Barcelona (UAB), Anja Lehmann, Diane Whitehouse, Simone Fischer-Hübner, Lothar Fritsch, Charles Raab, TC 9, TC 11, WG 9.2, WG 9.5, WG 9.6, WG 11.7, WG 11.4, and WG 11.6

Subjects

data privacy, Information privacy, Statistical disclosure control, Computer Sciences, business.industry, Computer science, user privacy, data mining algorithm, Big data, Internet privacy, 02 engineering and technology, Privacy preserving, Information sensitivity, User privacy, Datavetenskap (datalogi), differential privacy, 020204 information systems, sensitive information, 0202 electrical engineering, electronic engineering, information engineering, Differential privacy, [INFO]Computer Science [cs], 020201 artificial intelligence & image processing, Privacy-enhancing technologies, business

Abstract

Data privacy has been studied in the area of statistics (statistical disclosure control) and computer science (privacy preserving data mining and privacy enhancing technologies) for at least 40 years. In this period models, measures, methods, and technologies have been developed to effectively protect the disclosure of sensitive information. The coming of big data, with large volumes of data, dynamic and streaming data, poses new challenges to the field. In this paper we will review some of these challenges and propose some lines of research in the field. Also part of the IFIP AICT Tutorials book sub series (Tutorials, volume 498)

Published

2016

266. Privacy and Security Perceptions of European Citizens: A Test of the Trade-Off Model

Author

Michael Friedewald, Sven Rung, M. Ooms, Marc van Lieshout, Jelmer Ypma, Fraunhofer Institute for Systems and Innovation Research (Fraunhofer ISI ), Fraunhofer (Fraunhofer-Gesellschaft), The Netherlands Organisation for Applied Scientific Research (TNO), Jan Camenisch, Simone Fischer-Hübner, Marit Hansen, TC 11, TC 9, WG 9.2, WG 9.5, WG 9.6, WG 11.7, WG 11.4, and WG 11.6

Subjects

Information privacy, Informatics, Privacy by Design, Urban Mobility & Environment, Privacy policy, Internet privacy, Trade-off, Information Society, 050905 science studies, SP2 - Strategy & Policy 2, Political science, [INFO]Computer Science [cs], Information society, Public opinion, 0505 law, Valuation (finance), Infostructures, Cloud computing security, Privacy software, business.industry, 05 social sciences, Public relations, Privacy, 050501 criminology, Security, ComputingMilieux_COMPUTERSANDSOCIETY, ELSS - Earth, Life and Social Sciences, 0509 other social sciences, business, Personally identifiable information

Abstract

This paper considers the relationship between privacy and security and, in particular, the traditional “trade-off” paradigm that argues that citizens might be willing to sacrifice some privacy for more security. Academics have long argued against the trade-off paradigm, but these arguments have often fallen on deaf ears. Based on data gathered in a pan-European survey we show that both privacy and security are important to European citizens and that there is no significant correlation between people’s valuation of privacy and security. © IFIP International Federation for Information Processing 2015.

Published

2015

267. Patterns in Privacy - A Pattern-Based Approach for Assessments

Author

Ina Schiering, Jörn Kahrmann, Ostfalia University of Applied Sciences, Jan Camenisch, Simone Fischer-Hübner, Marit Hansen, TC 9, TC 11, WG 9.2, WG 9.5, WG 9.6, WG 11.7, WG 11.4, and WG 11.6

Subjects

Service (systems architecture), IT service, Privacy by Design, Computer science, BPMN, 02 engineering and technology, Assessment, computer.software_genre, Business Process Model and Notation, Business process management, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], Database, Pattern, business.industry, 020207 software engineering, Workflow, Privacy, Software design pattern, Software design, 020201 artificial intelligence & image processing, Privacy law, Software engineering, business, computer, Compliance

Abstract

Part 3: Privacy by Design and Privacy Patterns; International audience; The concept of patterns was first developed in the context of architecture and is now widely used in different fields such as software design or workflow design. In the last years the idea of patterns is also used to incorporate privacy in the life-cycle of Information Technology (IT) services. Concerning privacy and security, patterns are mainly used in the design phase of IT services in the form of design patterns. In this paper we propose a pattern-based approach to assess the compliance with privacy regulations continuously during the operation phase of an IT service. The central idea of patterns in this area is to provide an abstract representation of typical automated processing procedures for the processing of personal data. Since these patterns represent abstracted versions of workflows, we use as an illustration diagrams with a notation derived from Business Process Management Notation (BPMN). The aim of the approach presented here is to increase the transparency of assessments for all participants and to allow an easy adjustment of existing assessment results when changes occur.

Published

2015

268. Extending EMV Payment Smart Cards with Biometric On-Card Verification

Author

Olaf Henniger, Dimitar Nikolov, Fraunhofer Institute for Computer Graphics Research [Darmstadt] (Fraunhofer IGD), Fraunhofer (Fraunhofer-Gesellschaft), Simone Fischer-Hübner, Elisabeth Leeuw, Chris Mitchell, TC 11, and WG 11.6

Subjects

Biometrics, Java, business.industry, Computer science, media_common.quotation_subject, Payment system, 020206 networking & telecommunications, 02 engineering and technology, Payment, Computer security, computer.software_genre, Credit card, ATM card, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, [INFO]Computer Science [cs], Smart card, business, computer, Java applet, media_common, computer.programming_language

Abstract

Part 6: Session 4 - Identity Management with Smart Cards; International audience; Nowadays, many bank cards are smart cards (i.e. integrated-circuit cards) based on the EMV specifications for payment systems. This paper specifies how biometric on-card verification can be integrated into EMV debit and credit cards in a backwards-compatible way. The biometric verification does not change the EMV transaction flow outside the cardholder-verification step. The proposed payment system has been prototyped using Java cards and an applet for handwritten signature on-card verification.

Published

2013

269. Logout in Single Sign-on Systems

Author

Joonas Ruuskanen, Sanna Suoranta, Tuomas Aura, Asko Tontti, Aalto University, Scientific Computing Ltd (CSC), Simone Fischer-Hübner, Elisabeth Leeuw, Chris Mitchell, TC 11, and WG 11.6

Subjects

Authentication, User Friendly, business.industry, Computer science, Logout in Single Sign-On Systems, 02 engineering and technology, Phishing, Shibboleth, World Wide Web, Identity provider, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Web application, Single Logout, 020201 artificial intelligence & image processing, Single sign-on, [INFO]Computer Science [cs], business, OpenID

Abstract

Part 7: Session 5 - Federated Identity Management; International audience; Single sign-on (SSO) helps users to cope with many online services that require authentication. Systems such as OpenID and SAML-based Shibboleth offer federated identity management where an Identity Provider authenticates the user on behalf of the services. Much research concentrates on making authentication stronger, preventing phishing and making the systems more user friendly but less attention has been paid to the termination of the authentication sessions i.e. logout. It is, however, equally important that the sessions do not remain open when, for example, a student using shared computers in a university library leaves the workstation. In this article, we describe challenges related to logout in federated identity management on web based services and give guidelines for implementing reliable logout from services that use single sign-on.

Published

2013

270. Position Paper: Privacy Risk Analysis Is about Understanding Conflicting Incentives

Author

Einar Snekkenes, Gjøvik University College (GUC), Norwegian University of Science and Technology [Trondheim] (NTNU), Norwegian University of Science and Technology (NTNU)-Norwegian University of Science and Technology (NTNU), Simone Fischer-Hübner, Elisabeth Leeuw, Chris Mitchell, TC 11, and WG 11.6

Subjects

Risk analysis, Relation (database), 05 social sciences, 02 engineering and technology, 050105 experimental psychology, Incentive, Risk analysis (engineering), Scale (social sciences), 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Position paper, 020201 artificial intelligence & image processing, 0501 psychology and cognitive sciences, [INFO]Computer Science [cs], Business

Abstract

Part 5: Panel Session – Risk Management of Identity Management; International audience; We motivate and give a brief overview of the Conflicting Incentives Risk Analysis (CIRA) method, explaining key ideas and concepts, offering a small example and give an overview of remaining challenges in relation to the use of CIRA in large scale risk analysis projects.

Published

2013

271. Dynamic Identity Federation Using Security Assertion Markup Language (SAML)

Author

Md. Sadek Ferdous, Ron Poet, University of Glasgow, Simone Fischer-Hübner, Elisabeth Leeuw, Chris Mitchell, TC 11, and WG 11.6

Subjects

Identity Management, Flexibility (engineering), 021110 strategic, defence & security studies, SIMPLE (military communications protocol), Computer science, 0211 other engineering and technologies, Federated Identity Management, 020206 networking & telecommunications, 02 engineering and technology, Trust, Computer security, computer.software_genre, Service provisioning, Identity management, Security Assertion Markup Language, World Wide Web, Security Assertion Markup Language (SAML), Proof of concept, Identity Federation, 0202 electrical engineering, electronic engineering, information engineering, Identity (object-oriented programming), Key (cryptography), [INFO]Computer Science [cs], computer

Abstract

Part 7: Session 5 - Federated Identity Management; International audience; Security Assertion Markup Language (SAML, in short) is one of the most widely used technologies to enable Identity Federation among organisations from different trust domains. Despite its several advantages, one of the key disadvantages of SAML is the mechanism by which an identity federation is established. This mechanism lacks flexibility to create a federation in a dynamic fashion to enable service provisioning (or de-provisioning) in real time. Several different mechanisms to rectify this problem have been proposed. However, most of them require a more elaborate change at the core of the SAML. In this paper we present a simple approach based on an already drafted SAML Profile which requires no change of the SAML, rather it depends on the implementation of SAML. It will allow users to create federations using SAML between two prior unknown organisations in a dynamic fashion. Implicit in each identity federation is the issue of trust. Therefore, we also analyse in detail the trust issues of dynamic federations. Finally, we discuss our implemented proof of concept to elaborate the practicality of our approach.

Published

2013

272. Do-Not-Track Techniques for Browsers and Their Implications for Consumers

Author

Michael Dr. Marhöfer, Martin Beck, Technische Universität Dresden = Dresden University of Technology (TU Dresden), Nokia Siemens Networks, Jan Camenisch, Bruno Crispo, Simone Fischer-Hübner, Ronald Leenes, and Giovanni Russello

Subjects

Engineering, business.industry, 05 social sciences, Internet privacy, Control (management), 020207 software engineering, Advertising, 02 engineering and technology, Opt-out, Do Not Track, 0202 electrical engineering, electronic engineering, information engineering, Consumer privacy, 0501 psychology and cognitive sciences, White list, [INFO]Computer Science [cs], Tracking (education), business, Implementation, 050107 human factors

Abstract

Part 6: Consumer Privacy; International audience; Recent efforts to increase online privacy by offering the user a more general choice to opt out of online tracking were mainly pushed by the FTC in late 2010. As the FTC explicitly omitted technical details, browser developers started to implement what they thought might be appropriate to either limit user tracking directly, or let the advertiser know about the user’s wish to not be tracked. This paper gives a short overview on the positions and arguments of stakeholders and evaluates the technical proposals and implementations aiming to support the consumer in keeping control over his personal data.

Published

2011

273. Privacy Preserving Mechanisms for a Pervasive eHealth System

Author

Vincent Naessens, Koen Decroix, Milica Milutinovic, Bart De Decker, Distributed Systems and Computer Networks (DistriNet), Catholic University of Leuven - Katholieke Universiteit Leuven (KU Leuven), Industrial Engineering Department [Sint-Lieven], Katholieke Hogeschool Sint-Lieven (KaHo Sint-Lieven), Jan Camenisch, Bruno Crispo, Simone Fischer-Hübner, Ronald Leenes, and Giovanni Russello

Subjects

Focus (computing), 020205 medical informatics, Computer science, business.industry, Internet privacy, 02 engineering and technology, Service provider, Computer security, computer.software_genre, privacy, pervasive health care, Privacy preserving, 0202 electrical engineering, electronic engineering, information engineering, eHealth, commercial, Systems design, 020201 artificial intelligence & image processing, [INFO]Computer Science [cs], Architecture, business, computer

Abstract

Part 8: Privacy for eHealth and eID Applications; International audience; In this paper we propose a privacy-friendly eHealth system design providing pervasive care for the elderly or stay-at-home patients. The system integrates services of health status monitoring, organizing assistance and remote access to medical data. The proposed architecture is open and allows seamless integration of new services, service providers and users. The focus of this paper is on privacy preserving mechanisms that provide protection of the sensitive data handled by the system.

Published

2011

274. Assessing Formal Independence of Data Protection Authorities in a Comparative Perspective

Author

Philip Schütz, Fraunhofer Institute for Systems and Innovation Research (Fraunhofer ISI ), Fraunhofer (Fraunhofer-Gesellschaft), Jan Camenisch, Bruno Crispo, Simone Fischer-Hübner, Ronald Leenes, and Giovanni Russello

Subjects

Field (Bourdieu), media_common.quotation_subject, 05 social sciences, Public administration, 16. Peace & justice, Raising (linguistics), Independence, 0506 political science, Politics, Political science, 0502 economics and business, 050602 political science & public administration, Key (cryptography), Data Protection Act 1998, [INFO]Computer Science [cs], 050207 economics, Comparative perspective, Inspector general, media_common

Abstract

Part 2: Privacy Metrics and Comparison; International audience; Data protection authorities (DPAs) represent one of the key actors, not only when it comes to the execution of privacy and data protection policies, but also in terms of awareness raising, consultancy and networking. Since they comprise the spearhead of regulators in the field of privacy and data protection regulation, their independence from the private as well as political domain becomes of the utmost importance. However, independence turns out to be a multifaceted concept. That is why this contribution discusses ways of assessing DPAs’ independence, drawing on research about independent regulatory agencies (IRAs). Three country case studies are finally presented.

Published

2011

275. The Infrastructure Level of Cloud Computing as a Basis for Privacy and Security of Software Services

Author

Ina Schiering, Jan Kretschmer, Ostfalia University of Applied Sciences, Jan Camenisch, Bruno Crispo, Simone Fischer-Hübner, Ronald Leenes, and Giovanni Russello

Subjects

Cloud computing security, business.industry, Software as a service, IT service management, Data_MISCELLANEOUS, cloud computing, Services computing, Cloud computing, Context (language use), 02 engineering and technology, security, Computer security, computer.software_genre, privacy, Data Protection Directive, auditing, 020401 chemical engineering, Cloud testing, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, [INFO]Computer Science [cs], 0204 chemical engineering, business, computer

Abstract

Part 4: Privacy and Transparency in the Age of Cloud Computing; International audience; An important basis for cloud computing are public IaaS cloud services as offered e.g. by Amazon, Rackspace, VmWare. Since IaaS cloud services are often used as a flexible infrastructure for SaaS cloud services, it is important to investigate IaaS cloud services as a basis to realise regulatory requirements in cloud computing, e.g the European Data Protection Directive and the E-Privacy Directive. In this context a prototype of an IaaS cloud service is presented which serves as a basis for software services (e.g. SaaS services) compliant with these European Directive. This is achieved by a combination of organisational, and technical measures accompanied by auditing and monitoring.

Published

2011

276. Detecting illegal system calls using a data-oriented detection model

Author

Jonathan-Christofer Demay, Frédéric Majorczyk, Frédéric Tronel, Eric Totel, SSIR - Equipe Sécurité des Systèmes d'Information et Réseaux - EA 4039, SUPELEC-Campus Rennes, Ecole Supérieure d'Electricité - SUPELEC (FRANCE)-Ecole Supérieure d'Electricité - SUPELEC (FRANCE), Algorithms for Dynamic Dependable Systems (ADEPT), Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Université de Rennes 1 (UR1), Université de Rennes (UNIV-RENNES)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes 1 (UR1), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-INRIA Rennes, Institut National de Recherche en Informatique et en Automatique (Inria), Confidentialité, Intégrité, Disponibilité et Répartition (CIDRE), CentraleSupélec-Inria Rennes – Bretagne Atlantique, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-SYSTÈMES LARGE ÉCHELLE (IRISA-D1), CentraleSupélec-Télécom Bretagne-Université de Rennes 1 (UR1), Université de Rennes (UNIV-RENNES)-Université de Rennes (UNIV-RENNES)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Rennes (ENS Rennes)-Université de Bretagne Sud (UBS)-Centre National de la Recherche Scientifique (CNRS)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-CentraleSupélec-Télécom Bretagne-Université de Rennes 1 (UR1), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Télécom Bretagne-Université de Rennes 1 (UR1), Université de Rennes (UNIV-RENNES)-Université de Rennes (UNIV-RENNES)-École normale supérieure - Rennes (ENS Rennes)-Université de Bretagne Sud (UBS)-Centre National de la Recherche Scientifique (CNRS)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA), Jan Camenisch, Simone Fischer-Hübner, Yuko Murayama, Armand Portmann, Carlos Rieder, TC 11, Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-INRIA Rennes, Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), and Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Télécom Bretagne-Centre National de la Recherche Scientifique (CNRS)

Subjects

Source code, Computer science, Language change, Anomaly (natural sciences), media_common.quotation_subject, 020206 networking & telecommunications, 020207 software engineering, 02 engineering and technology, Static analysis, computer.software_genre, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], System call, 0202 electrical engineering, electronic engineering, information engineering, Anomaly detection, [INFO]Computer Science [cs], Data mining, computer, media_common

Abstract

Part 9: Intrusion Detection; International audience; The most common anomaly detection mechanisms at application level consist in detecting a deviation of the control-flow of a program. A popular method to detect such anomaly is the use of application sequences of system calls. However, such methods do not detect mimicry attacks or attacks against the integrity of the system call parameters. To enhance such detection mechanisms, we propose an approach to detect in the application the corruption of data items that have an influence on the system calls. This approach consists in building automatically a data-oriented behaviour model of an application by static analysis of its source code. The proposed approach is illustrated on various examples, and an injection method is experimented to obtain an approximation of the detection coverage of the generated mechanisms.

Published

2011

277. Analyzing Key-Click Patterns of PIN Input for Recognizing VoIP Users

Author

Ge Zhang, Karlstad University [Sweden], Jan Camenisch, Simone Fischer-Hübner, Yuko Murayama, Armand Portmann, Carlos Rieder, and TC 11

Subjects

Authentication, Voice over IP, business.industry, Computer science, media_common.quotation_subject, 020206 networking & telecommunications, 02 engineering and technology, 16. Peace & justice, Speaker recognition, Computer security, computer.software_genre, Identification (information), 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Keypad, 020201 artificial intelligence & image processing, Conversation, [INFO]Computer Science [cs], False positive rate, business, computer, media_common

Abstract

Part 7: Privacy Attacks and Privacy-Enhancing Technologies; International audience; Malicious intermediaries are able to detect the availability of VoIP conversation flows in a network and observe the IP addresses used by the conversation partners. However, it is insufficient to infer the calling records of a particular user in this way since the linkability between a user and a IP address is uncertain: users may regularly change or share IP addresses. Unfortunately, VoIP flows may contain humanspecific features. For example, users sometimes are required to provide Personal identification numbers (PINs) to a voice server for authentication and thus the key-click patterns of entering a PIN can be extracted from VoIP flows for user recognition. We invited 31 subjects to enter 4-digital PINs on a virtual keypad of a popular VoIP user-agent with mouse clicking. Employing machine learning algorithms, we achieved average equal error rates of 10-29% for user verification and a hitting rate up to 65% with a false positive rate around 1% for user classification.

Published

2011

278. From Multiple Credentials to Browser-Based Single Sign-On: Are We More Secure?

Author

Roberto Carbone, Giancarlo Pellegrino, Jorge Cuellar, Luca Compagna, Alessandro Armando, Alessandro Sorniotti, Universita degli studi di Genova, Security & Trust Research Unit [Trento], Fondazione Bruno Kessler [Trento, Italy] (FBK), SAP Research, Siemens AG [Munich], IBM Research [Zurich], Jan Camenisch, Simone Fischer-Hübner, Yuko Murayama, Armand Portmann, Carlos Rieder, and TC 11

Subjects

021110 strategic, defence & security studies, Web server, Authentication, business.industry, Computer science, 0211 other engineering and technologies, 020206 networking & telecommunications, 02 engineering and technology, Service provider, computer.software_genre, Computer security, Security Assertion Markup Language, World Wide Web, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Resource (project management), User experience design, Scripting language, 0202 electrical engineering, electronic engineering, information engineering, Single sign-on, [INFO]Computer Science [cs], business, computer

Abstract

Part 3: Authentication; International audience; Browser-based Single Sign-On (SSO) is replacing conventional solutions based on multiple, domain-specific credentials by offering an improved user experience: clients log on to their company system once and are then able to access all services offered by the company’s partners. By focusing on the emerging SAML standard, in this paper we show that the prototypical browser-based SSO use case suffers from an authentication flaw that allows a malicious service provider to hijack a client authentication attempt and force the latter to access a resource without its consent or intention. This may have serious consequences, as evidenced by a Cross-Site Scripting attack that we have identified in the SAML-based SSO for Google Apps: the attack allowed a malicious web server to impersonate a user on any Google application. We also describe solutions that can be used to mitigate and even solve the problem.

Published

2011

279. Privacy-Enhanced Web-Based Event Scheduling with Majority Agreement

Author

Benjamin Kellermann, Technische Universität Dresden = Dresden University of Technology (TU Dresden), Jan Camenisch, Simone Fischer-Hübner, Yuko Murayama, Armand Portmann, Carlos Rieder, and TC 11

Subjects

Schedule, anonymity, Multimedia, electronic voting, privacy-enhanced application design, Computer science, Electronic voting, business.industry, Event scheduling, superposed sending, 02 engineering and technology, Computer security, computer.software_genre, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, event scheduling, Web application, 020201 artificial intelligence & image processing, [INFO]Computer Science [cs], business, computer, Drawback, Anonymity

Abstract

Part 7: Privacy Attacks and Privacy-Enhancing Technologies; International audience; Applications which help users to schedule events are becoming more and more important. A drawback of most existing applications is, that the preferences of all participants are revealed to the others. Previously proposed privacy-friendly solutions could only schedule meetings if all participants were available at the same time slot.We propose a new scheme, which overcomes this limitation, i.e., the meeting can be scheduled at the time slot, where just the majority of participants is available. Dudle (http://dudle.inf.tu-dresden.de), a web-application which implements the protocol is presented.We measured its performance in order to show that the protocol is practical and feasible.

Published

2011

280. A Conceptual Model for Privacy Policies with Consent and Revocation Requirements

Author

Nick Papanikolaou, Michael Goldsmith, Sadie Creese, Marco Casassa Mont, Siani Pearson, Cloud and Security Lab [Bristol], Hewlett-Packard Laboratories [Bristol], Hewlett-Packard -Hewlett-Packard, International Digital Laboratory, University of Warwick [Coventry], Simone Fischer-Hübner, Penny Duquenoy, Marit Hansen, Ronald Leenes, Ge Zhang, TC 9, TC 11, WG 9.2, WG 9.6, WG 11.4, WG 11.6, and WG 11.7

Subjects

Information privacy, Revocation, Privacy by Design, business.industry, Privacy software, Privacy policy, media_common.quotation_subject, Internet privacy, 020207 software engineering, Context (language use), 02 engineering and technology, 16. Peace & justice, Computer security, computer.software_genre, 020204 information systems, Political science, 0202 electrical engineering, electronic engineering, information engineering, Conceptual model, [INFO]Computer Science [cs], business, Implementation, computer, media_common

Abstract

Part 9: Privacy Policies; International audience; This paper proposes a conceptual model for privacy policies that takes into account privacy requirements arising from different stakeholders, with legal, business and technical backgrounds. Current approaches to privacy management are either high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or low-level, focusing on the technical implementation of access controls to personal data held by an enterprise. High-level approaches tend to address privacy as an afterthought in ordinary business practice, and involve ad hoc enforcement practices; low-level approaches often leave out important legal and business considerations focusing solely on technical management of privacy policies. Hence, neither is a panacea and the low level approaches are often not adopted in real environments. Our conceptual model provides a means to express privacy policy requirements as well as users’ privacy preferences. It enables structured reasoning regarding containment and implementation between various policies at the high level, and enables easy traceability into the low-level policy implementations. Thus it offers a means to reason about correctness that links low-level privacy management mechanisms to stakeholder requirements, thereby encouraging exploitation of the low-level methods. We also present the notion of a consent and revocation policy. A consent and revocation policy is different from a privacy policy in that it defines not enterprise practices with regards to personal data, but more specifically, for each item of personal data held by an enterprise, what consent preferences a user may express and to what degree, and in what ways he or she can revoke their personal data. This builds on earlier work on defining the different forms of revocation for personal data, and on formal models of consent and revocation processes. The work and approach discussed in this paper is currently carried out in the context of the UK collaborative project EnCoRe (Ensuring Consent and Revocation).

Published

2011

281. Retrofitting Security in COTS Software with Binary Rewriting

Author

Angelos D. Keromytis, Pádraig O'Sullivan, Matthew Smithson, Aparna Kotha, Rajeev Barua, Kapil Anand, University of Maryland [Baltimore County] (UMBC), University of Maryland System, Columbia University [New York], Jan Camenisch, Simone Fischer-Hübner, Yuko Murayama, Armand Portmann, Carlos Rieder, and TC 11

Subjects

business.industry, Computer science, Software development, 020207 software engineering, 02 engineering and technology, Computer security, computer.software_genre, Software metric, Software framework, Software security assurance, 020204 information systems, Software construction, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], Backporting, Software verification and validation, Software system, business, computer

Abstract

Part 5: Software Security; International audience; We present a practical tool for inserting security features against low-level software attacks into third-party, proprietary or otherwise binary-only software. We are motivated by the inability of software users to select and use low-overhead protection schemes when source code is unavailable to them, by the lack of information as to what (if any) security mechanisms software producers have used in their toolchains, and the high overhead and inaccuracy of solutions that treat software as a black box.Our approach is based on SecondWrite, an advanced binary rewriter that operates without need for debugging information or other assist. Using SecondWrite, we insert a variety of defenses into program binaries. Although the defenses are generally well known, they have not generally been used together because they are implemented by different (non-integrated) tools. We are also the first to demonstrate the use of such mechanisms in the absence of source code availability. We experimentally evaluate the effectiveness and performance impact of our approach. We show that it stops all variants of low-level software attacks at a very low performance overhead, without impacting original program functionality

Published

2011

282. Delegation of Obligations and Responsibility

Author

Daniel Le Métayer, Nora Cuppens-Boulahia, Frédéric Cuppens, Meriam Ben Ghorbel, Guillaume Piolle, Département Logique des Usages, Sciences sociales et Sciences de l'Information (LUSSI), Université européenne de Bretagne - European University of Brittany (UEB)-Télécom Bretagne-Institut Mines-Télécom [Paris] (IMT), Lab-STICC_TB_CID_SFIIS, Université européenne de Bretagne - European University of Brittany (UEB)-Télécom Bretagne-Institut Mines-Télécom [Paris] (IMT)-Université européenne de Bretagne - European University of Brittany (UEB)-Télécom Bretagne-Institut Mines-Télécom [Paris] (IMT)-Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance (UMR 3192) (Lab-STICC), Université européenne de Bretagne - European University of Brittany (UEB)-Université de Bretagne Sud (UBS)-Université de Brest (UBO)-Institut Brestois du Numérique et des Mathématiques (IBNM), Université de Brest (UBO)-Télécom Bretagne-Institut Mines-Télécom [Paris] (IMT)-Centre National de la Recherche Scientifique (CNRS)-Université de Bretagne Sud (UBS)-Université de Brest (UBO)-Institut Brestois du Numérique et des Mathématiques (IBNM), Université de Brest (UBO)-Centre National de la Recherche Scientifique (CNRS), Legal Issues in Communication and Information Technologies (LICIT), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), SUPELEC-Campus Rennes, Ecole Supérieure d'Electricité - SUPELEC (FRANCE), Jan Camenish, Simone Fischer-Hübner, Yuko Murayama, Armand Portmann, Carlos Rieder, FLUOR, TC 11, ANR-07-SESU-0005,FLUOR,convergence du contrôle de FLux et d'Usage dans les Organisations(2007), Université européenne de Bretagne - European University of Brittany (UEB)-Université de Bretagne Sud (UBS)-Université de Brest (UBO)-Télécom Bretagne-Institut Brestois du Numérique et des Mathématiques (IBNM), and Université de Brest (UBO)-Institut Mines-Télécom [Paris] (IMT)-Centre National de la Recherche Scientifique (CNRS)-Université de Bretagne Sud (UBS)-Université de Brest (UBO)-Institut Brestois du Numérique et des Mathématiques (IBNM)

Subjects

Responsibility, Delegation, Computer science, media_common.quotation_subject, Liability, 020207 software engineering, 02 engineering and technology, 16. Peace & justice, Computer security, computer.software_genre, Obligations, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], 0202 electrical engineering, electronic engineering, information engineering, Sanctions, IFIP, [INFO]Computer Science [cs], 020201 artificial intelligence & image processing, Obligation, computer, Law and economics, media_common

Abstract

Part 6: Policy Compliance and Obligations; International audience; In this paper, we discuss the issue of responsibilities related to the fulfillment and the violation of obligations. We propose to formally define the different aspects of responsibility, namely causal responsibility, functional responsibility, liability as well as sanctions, and to examine how delegation influences these concepts. Our main aim is to identify the responsibility of each agent that is involved in the delegation of obligations. More precisely, we try to answer to the following questions: who is responsible for the obligation fulfillment? When a violation occurs, which agents are causally responsible for this violation? Who is liable for this violation and to whom? And finally, who must be sanctioned?

Published

2011

283. Oops - We Didn’t Mean to Do That! – How Unintended Consequences Can Hijack Good Privacy and Security Policies

Author

Thomas P. Keenan, Faculty of Environmental Design, University of Calgary, Department of Computer Science [Calgary] (CPSC), Simone Fischer-Hübner, Penny Duquenoy, Marit Hansen, Ronald Leenes, Ge Zhang, TC 9, TC 11, WG 9.2, WG 9.6, WG 11.4, WG 11.6, and WG 11.7

Subjects

policy analysis, Internet privacy, 0211 other engineering and technologies, Privacy laws of the United States, ComputingMilieux_LEGALASPECTSOFCOMPUTING, security, 02 engineering and technology, Criminal code, privacy, Security policy, 050601 international relations, Unintended consequences, [INFO]Computer Science [cs], Hacker, 021110 strategic, defence & security studies, strategic foresight, business.industry, Technology policy, technology policy, 05 social sciences, Policy analysis, 0506 political science, Futures studies, Business, hacking

Abstract

Part 4: Data Protection and Identity Management; International audience; All privacy laws, security policies, and even individual actions are subject to an often-forgotten factor – the “Law of Unintended Consequences” (LUC.) Yet LUC is not a “law” in the sense of appearing in the Criminal Code, nor is it a Law of Nature like gravity. It is actually a manifestation of our inadequate efforts at foresight, and there are things we can do to counteract it. This paper identifies classes of factors which have lead to unintended consequences in the privacy and computer security domains, though the list is by no means exhaustive. It is primarily intended to inspire further thinking and research. We clearly need to make a stronger effort to “foresee the unforeseeable” or at least “expect the unexpected” to maintain public confidence in technological systems. The disciplines of strategic foresight and automated policy analysis may prove useful in attaining this goal.

Published

2011

284. Problem Analysis of Traditional IT-Security Risk Assessment Methods – An Experience Report from the Insurance and Auditing Domain

Author

Yijun Yu, Jan Jürjens, Bashar Nuseibeh, Stefan Taubenberger, Munich Re, Fraunhofer Institute for Software and Systems Engineering (Fraunhofer ISST), Fraunhofer (Fraunhofer-Gesellschaft), University of Limerick (UL), The Open University [Milton Keynes] (OU), Jan Camenisch, Simone Fischer-Hübner, Yuko Murayama, Armand Portmann, Carlos Rieder, and TC 11

Subjects

Reinsurance, business.industry, Computer science, IT risk analysis, 02 engineering and technology, Factor analysis of information risk, Audit, IT risk management, Identification (information), Risk analysis (engineering), Security requirements, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, IT risk assessment, [INFO]Computer Science [cs], 020201 artificial intelligence & image processing, Information technology audit, business, Risk assessment, Risk management

Abstract

Part 8: Risk Analysis and Security Metrics; International audience; Traditional information technology (IT) security risk assessment approaches are based on an analysis of events, probabilities and impacts. In practice, security experts often find it difficult to determine IT risks reliably with precision. In this paper, we review the risk determination steps of traditional risk assessment approaches and report on our experience of using such approaches. Our experience is based on performing IT audits and IT business insurance cover assessments within a reinsurance company. The paper concludes with a summary of issues concerning traditional approaches that are related to the identification and evaluation of events, probabilities and impacts. We also conclude that there is a need to develop alternative approaches, and suggest a security requirements-based risk assessment approach without events and probabilities.

Published

2011

285. Applying Formal Methods to Detect and Resolve Ambiguities in Privacy Requirements

Author

Sadie Creese, Nick Papanikolaou, Michael Goldsmith, Ioannis Agrafiotis, Fischer-Hübner, S, Duquenoy, P, Hansen, M, Leenes, R, Zhang, G, International Digital Laboratory, University of Warwick [Coventry], Simone Fischer-Hübner, Penny Duquenoy, Marit Hansen, Ronald Leenes, Ge Zhang, TC 9, TC 11, WG 9.2, WG 9.6, WG 11.4, WG 11.6, and WG 11.7

Subjects

050502 law, Formal notation, Revocation, Computer science, 05 social sciences, 02 engineering and technology, Data subject, Computer security, computer.software_genre, Formal methods, Data science, Focus (linguistics), 020204 information systems, Formal specification, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], computer, Register of data controllers, Natural language, 0505 law

Abstract

In this paper, we demonstrate how formal methods can be used to unambiguously express privacy requirements. We focus on requirements for consent and revocation controls in a real world case study that has emerged within the EnCoRe project. We analyse the ambiguities and issues that arise when requirements expressed in natural language are transformed into a formal notation, and propose solutions to address these issues. These ambiguities were brought to our attention only through the use of a formal notation, which we have designed specifically for this purpose. © 2011 IFIP International Federation for Information Processing.

Published

2011

286. Privacy-Friendly Incentives and Their Application to Wikipedia

Author

Jan Camenisch, Thomas Groß, Christian Hoertnagl, Peter Hladky, IBM Research Lab. - Zürich, Department of Computer Science, Eidgenössische Technische Hochschule - Swiss Federal Institute of Technology [Zürich] (ETH Zürich), Elisabeth Leeuw, Simone Fischer-Hübner, and Lothar Fritsch

Subjects

anonymity, anonymous credentials, business.industry, media_common.quotation_subject, Internet privacy, Privacy protection, pseudonyms, 020207 software engineering, Cryptography, 02 engineering and technology, privacy, Credential, World Wide Web, Software, Incentive, Trustworthiness, 0202 electrical engineering, electronic engineering, information engineering, ComputingMilieux_COMPUTERSANDSOCIETY, [INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL], 020201 artificial intelligence & image processing, Quality (business), business, e-cash, Anonymity, media_common

Abstract

International audience; Double-blind peer review is a powerful method to achieve high quality and thus trustworthiness of user-contributed content. Facilitating such reviews requires incentives as well as privacy protection for the reviewers. In this paper, we present the concept of privacy-friendly incentives and discuss the required properties. We then propose a concrete cryptographic realization based on ideas from anonymous e-cash and credential systems. Finally, we report on our software's integration into the MediaWiki software.

Published

2010

287. Implementability of the Identity Management Part in Pfitzmann/Hansen’s Terminology for a Complex Digital World

Author

Manuela Berg, Katrin Borcea-Pfitzmann, Faculty of Computer Science [TU Dresden], Technische Universität Dresden = Dresden University of Technology (TU Dresden), Simone Fischer-Hübner, Penny Duquenoy, Marit Hansen, Ronald Leenes, Ge Zhang, TC 9, TC 11, WG 9.2, WG 9.6, WG 11.4, WG 11.6, and WG 11.7

Subjects

business.industry, Perspective (graphical), 020206 networking & telecommunications, 02 engineering and technology, Linkage (mechanical), Data science, Identity management, Terminology, Privacy model, law.invention, Pure Data, law, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, [INFO]Computer Science [cs], Artificial intelligence, business, Psychology, computer, computer.programming_language

Abstract

Part 1: Terminology; International audience; Based on a widely cited terminology, this paper provides different interpretations of concepts introduced in the terminology asking for an implementable privacy model for computer-mediated interactions between individuals. A separation of the digital world and the physical world is proposed, as well as a linkage of the two worlds. The digital world contains digital representations of individuals and it consists of pure data. The physical world contains individuals and it consists of information (produced by individuals) and data. Moreover, a refined definition of privacy is being elaborated that serves as justification for identity management of individuals interested in a sophisticated perspective of privacy.

Published

2010

288. Supporting Semi-automated Compliance Control by a System Design Based on the Concept of Separation of Concerns

Author

Ralph Herkenhöner, Sebastian Haas, Ammar Alkassar, Denis Royer, Günter Müller, Hermann de Meer, Institut für Informatik und Gesellschaft (IIG), University of Freiburg [Freiburg], Lehrstuhl für Rechnernetze und Rechnerkommunikation, Universität Passau [Passau], Sirrix AG, Simone Fischer-Hübner, Penny Duquenoy, Marit Hansen, Ronald Leenes, Ge Zhang, TC 9, TC 11, WG 9.2, WG 9.6, WG 11.4, WG 11.6, and WG 11.7

Subjects

Engineering, business.industry, Separation of concerns, Control (management), ComputingMilieux_LEGALASPECTSOFCOMPUTING, Audit, Trusted third party, Computer security, computer.software_genre, Compliance (psychology), Risk analysis (engineering), Information system, Systems design, Data Protection Act 1998, [INFO]Computer Science [cs], business, computer

Abstract

Part 4: Data Protection and Identity Management; International audience; Manual compliance audits of information systems tend to be time consuming. This leads to the problem that actual systems are not audited properly and do not comply to data protection laws or cannot be proven to comply. As a result, personal data of the data subject are potentially threatened with loss and misuse. Automatic compliance control is able to reduce the effort of compliance checks. However, current approaches are facing several drawbacks, e.g. the effort of employing cryptographic hardware on every single subsystem. In this paper a system design is presented that is able to circumvent several drawbacks of existing solutions thereby supporting and going beyond existing mechanisms for automated compliance control.

Published

2010

289. Privacy: What Are We Actually Talking About?

Author

Michael Friedewald, Philip Schütz, Fraunhofer Institute for Systems and Innovation Research (Fraunhofer ISI ), Fraunhofer (Fraunhofer-Gesellschaft), Simone Fischer-Hübner, Penny Duquenoy, Marit Hansen, Ronald Leenes, Ge Zhang, TC 9, TC 11, WG 9.2, WG 9.6, WG 11.4, WG 11.6, and WG 11.7

Subjects

050502 law, Computer science, business.industry, 05 social sciences, Perspective (graphical), Internet privacy, Subject (philosophy), 02 engineering and technology, Information security, Data subject, Multidisciplinary approach, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], business, Register of data controllers, Personally identifiable information, 0505 law

Abstract

Part 1: Terminology; International audience; This paper presents a multidisciplinary approach to privacy. The subject is examined from an ethical, social, and economic perspective reflecting the preliminary findings of the EU-funded research project PRESCIENT. The analysis will give a comprehensive illustration of the dimensions’ unique and characteristic features. This will build the basis for identifying overlaps and developing synergetic effects, which should ideally contribute to a better understanding of privacy.

Published

2010

290. Privacy Effects of Web Bugs Amplified by Web 2.0

Author

Jaromir Dobias, Technische Universität Dresden = Dresden University of Technology (TU Dresden), Simone Fischer-Hübner, Penny Duquenoy, Marit Hansen, Ronald Leenes, Ge Zhang, TC 9, TC 11, WG 9.2, WG 9.6, WG 11.4, WG 11.6, and WG 11.7

Subjects

Web analytics, Web standards, Engineering, Secret Tracking, Web 2.0, Surveillance, Web development, business.industry, Internet privacy, Web Privacy, 02 engineering and technology, Web application security, World Wide Web, 020204 information systems, Web page, Web design, 0202 electrical engineering, electronic engineering, information engineering, Social Network, 020201 artificial intelligence & image processing, Web navigation, [INFO]Computer Science [cs], business, Web Bugs

Abstract

Part 8: Social Networks and Privacy; International audience; Web bugs are Web-based digital tracking objects enabling third parties to monitor access to the content, in which they are embedded. Web bugs are commonly used by advertisers to monitor web users. The negative impact of web bugs on the privacy of users is known for over a decade. In recent years, Web 2.0 technologies have introduced social aspects into the online media, enhancing the ability of ordinary users to act as the content providers. However, this has also allowed end-users to place web bugs online. This has not only increased the number of potential initiators of monitoring of web surfing behaviour, but also potentially introduced new privacy threats. This paper presents a study on end-user induced web bugs. Our experimental results indicate that, in the light of Web 2.0 technologies, the well-known concept of web bugs leads to new privacy-related problems.

Published

2010

291. Secure Logging of Retained Data for an Anonymity Service

Author

Petr Švenda, Stefan Köpsell, Technische Universität Dresden = Dresden University of Technology (TU Dresden), Masaryk University [Brno] (MUNI), Michele Bezzi, Penny Duquenoy, Simone Fischer-Hübner, Marit Hansen, and Ge Zhang

Subjects

021110 strategic, defence & security studies, Engineering, business.industry, 0211 other engineering and technologies, Cryptography, 02 engineering and technology, 16. Peace & justice, Computer security, computer.software_genre, Public-key cryptography, 020204 information systems, Server, Distributed data store, 0202 electrical engineering, electronic engineering, information engineering, [INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL], Smart card, Data retention, Trusted timestamping, business, computer, Anonymity

Abstract

International audience; The recently introduced legislation on data retention to aid prosecuting cyber-related crime in Europe also affects the achievable security of systems for anonymous communication on the Internet. We have analyzed the newly arising risks associated with the process of accessing and storage of the retained data and propose a secure logging system, which utilizes cryptographic smart cards, trusted timestamping servers and distributed storage. These key components will allow for controlled access to the stored log data, enforce a limited data retention period, ensure integrity of the logged data, and enable reasonably convenient response to any legitimated request of the retained data. A practical implementation of the proposed scheme was performed for the AN.ON anonymity service, but the scheme can be used for other services affected by data retention legislation.

Published

2010

292. Lifelong Privacy: Privacy and Identity Management for Life

Author

Andreas Pfitzmann, Katrin Borcea-Pfitzmann, Faculty of Computer Science, Technische Universität Dresden = Dresden University of Technology (TU Dresden), Michele Bezzi, Penny Duquenoy, Simone Fischer-Hübner, Marit Hansen, and Ge Zhang

Subjects

Identity Management, Engineering, Information privacy, Privacy by Design, business.industry, Control (management), Internet privacy, Lifelong Aspects, 02 engineering and technology, Computer security, computer.software_genre, Identity management, Stages of Life, Intrusion, Privacy, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, [INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL], 020201 artificial intelligence & image processing, Areas of Life, business, computer

Abstract

International audience; The design of identity management preserving an individual's privacy must not stop at supporting the user in managing her/his present identities. Instead, since any kind of privacy intrusion may have implications on the individual's future life, it is necessary that we identify and understand the issues related to longterm aspects of privacy-enhancing identity management. Only that way, according solutions can be developed, which enable users to control the disclosure of their personal data throughout their whole lives, comprising past, present, and future. This paper will give a general overview about concepts supporting privacy-enhancing identity management. Further, it introduces the reader to the problem field of privacy management by means of privacy-enhancing identity management during various stages of life as well as in various areas of life. Statements about required mechanisms will be given as well as directions regarding the three most important aspects to consider when managing one's identities: communication infrastructure as well as selection of communication partners and tools.

Published

2010

293. Anonymous Credentials in Web Applications - A Child's Play with the PRIME Core

Author

Kellermann, Benjamin, Scholz, Immanuel, Faculty of Computer Science, Technische Universität Dresden = Dresden University of Technology (TU Dresden), Michele Bezzi, Penny Duquenoy, Simone Fischer-Hübner, Marit Hansen, and Ge Zhang

Subjects

anonymous credentials, security programming, ComputingMilieux_COMPUTERSANDSOCIETY, [INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL]

Abstract

International audience; Web applications dealing with personal data in a privacyfriendly way have the need for anonymous credential systems. While there are already protocols describing anonymous credential systems and libraries, implementing the protocols, application using the libraries are rare. Without applications supporting anonymous credentials, companies will not start building a credential infrastructure and vice versa. This paper presents an easy way to issue and use anonymous credentials for web applications. By reducing the initial cost for both parties, the barrier of "starting first" can be lowered.

Published

2009

294. Privacy-Respecting Access Control in Collaborative Workspaces

Author

Stefanie Pötzsch, Katrin Borcea-Pfitzmann, Faculty of Computer Science, Technische Universität Dresden = Dresden University of Technology (TU Dresden), Michele Bezzi, Penny Duquenoy, Simone Fischer-Hübner, Marit Hansen, and Ge Zhang

Subjects

Web forum, business.industry, Computer science, Social software, Control (management), Access Control, 020206 networking & telecommunications, Context (language use), Access control, 02 engineering and technology, Workspace, computer.software_genre, World Wide Web, Collaborative Workspaces, Privacy, Web Forum, 020204 information systems, Personal Data, 0202 electrical engineering, electronic engineering, information engineering, [INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL], The Internet, Information society, business, computer

Abstract

International audience; In these days' information society, people share their life with others not only in their direct, personal environment, but also on the Internet by using social software such as collaborative workspaces. In this context, an important issue is maintaining control over personal data, i.e., who is able to access which information. In this paper, we argue why traditional access control mechanisms are inappropriate for collaborative workspaces in general and present a concept for privacy-respecting access control in a web forum as an instance of collaborative workspaces.

Published

2009

295. Privacy of Outsourced Data

Author

Sabrina De Capitani di Vimercati, Sara Foresti, Dipartimento di Tecnologie dell'Informazione, Università degli Studi di Milano [Milano] (UNIMI), Michele Bezzi, Penny Duquenoy, Simone Fischer-Hübner, Marit Hansen, and Ge Zhang

Subjects

021110 strategic, defence & security studies, Computer science, business.industry, 0211 other engineering and technologies, Fragmentation (computing), 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Encryption, External storage, 0202 electrical engineering, electronic engineering, information engineering, [INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL], business, computer

Abstract

International audience; Data outsourced to an external storage server are usually encrypted since there is the common assumption that all data are equally sensitive. The encrypted data however cannot be efficiently queried and their selective release is not possible or require the application of specific solutions. To overcome these problems, new proposals have been recently developed, which are based on a fragmentation technique possibly combined with encryption. The main advantage of these proposals is that they limit the use of encryption, thus improving query execution efficiency. In this paper, we describe such fragmentation-based approaches focusing in particular on the different data fragmentation models proposed in the literature. We then conclude the paper with a discussion on some research directions.

Published

2009

296. An Analysis for Anonymity and Unlinkability for a VoIP Conversation

Author

Ge Zhang, Karlstad University [Sweden], Michele Bezzi, Penny Duquenoy, Simone Fischer-Hübner, Marit Hansen, and Ge Zhang

Subjects

Session Initiation Protocol, Service (systems architecture), Voice over IP, computer.internet_protocol, business.industry, Computer science, Internet privacy, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Usability, 02 engineering and technology, Popularity, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, [INFO.INFO-DL]Computer Science [cs]/Digital Libraries [cs.DL], 020201 artificial intelligence & image processing, The Internet, Session (computer science), business, computer, Anonymity

Abstract

International audience; With the growth of its popularity, VoIP is increasingly popular nowadays. Similarly to other Internet applications, VoIP users may desire to be unlinkable with their participated VoIP session records for privacy issues. In this paper, we explore the Items of Interests (IOIs) from anonymisation aspects based on a simplified VoIP model and analyse the potential links between them. We address possible methods to break the links. Finally, we also discuss requirements for a VoIP anonymisation Service (VAS) in terms of functionality, performance and usability. Based on this, we discuss the fundamental design requirements for a VAS which we intend to subsequently implement.

Published

2009