The privacy by design approach has already been applied in different areas. We believe that the next challenge in this area today is to go beyond individual cases and to provide methodologies to explore the design spa...
详细信息
ISBN:
(纸本)9781450318907
The privacy by design approach has already been applied in different areas. We believe that the next challenge in this area today is to go beyond individual cases and to provide methodologies to explore the design space in a systematic way. As a first step in this direction, we focus in this paper on the data minimization principle and consider different options using decentralized architectures in which actors do not necessarily trust each other. We propose a framework to express the parameters to be taken into account (the service to be performed, the actors involved, their respective requirements, etc.) and an inference system to derive properties such as the possibility for an actor to detect potential errors (or frauds) in the computation of a variable. This inference system can be used in the design phase to check if an architecture meets the requirements of the parties or to point out conflicting requirements.
The latest rankings of computer language popularity once again list C as the most popular programming language [1]. As a computer scientist that has written a lot of C code over the years, I must admit that makes me s...
详细信息
ISBN:
(纸本)9781450318907
The latest rankings of computer language popularity once again list C as the most popular programming language [1]. As a computer scientist that has written a lot of C code over the years, I must admit that makes me smile. While I don't write code much anymore, I like writing code, and I like writing it in C. Apparently so do a lot of other people. However, C was also the most popular programming language 25 years ago which is one indication that, in the field of software development, not much has changed. Are software developers unwilling to accept new paradigms or are the new paradigms proposed to-date simply unacceptable? This talk discusses what has and hasn't changed in the area of software development, how change (or the lack of it) relates to applicationsecurity, and concludes with some thoughts on possible directions for the future.
security is an important barrier to wide adoption of distributed systems for sensitive data storage and management. In particular, one unsolved problem is to ensure that customers data protection policies are honored,...
详细信息
ISBN:
(纸本)9781450318907
security is an important barrier to wide adoption of distributed systems for sensitive data storage and management. In particular, one unsolved problem is to ensure that customers data protection policies are honored, regardless of where the data is physically stored and how often it is accessed, modified, and duplicated. This issue calls for two requirements to be satisfied. First, data should be managed in accordance to both owners' preferences and to the local regulations that may apply. Second, although multiple copies may exist, a consistent view across copies should be maintained. Toward addressing these issues, in this work we propose innovative policy enforcement techniques for adaptive sharing of users' outsourced data. We introduce the notion of autonomous self-controlling objects (SCO), that by means of object-oriented programming techniques, encapsulate sensitive resources and assure their protection by means of adaptive security policies of various granularity, and synchronization protocols. Through extensive evaluation, we show that our approach is effective and efficiently manages multiple data copies.
Modern information technologies enable organizations to capture large quantities of person-specific data while providing routine services. Many organizations hope, or are legally required, to share such data for secon...
详细信息
ISBN:
(纸本)9781450318907
Modern information technologies enable organizations to capture large quantities of person-specific data while providing routine services. Many organizations hope, or are legally required, to share such data for secondary purposes (e.g., to enable the validation of research findings) in a de-identified manner. In previous work, it was shown that de-identification policy alternatives could be modeled on a lattice, which could be searched for policies that met a prespecified risk threshold (e.g., likelihood of re-identification). However, the search was limited in several ways. First, its definition of utility was syntactic - based on the level of the lattice - and not semantic - based on the actual changes induced in the resulting data. Second, the threshold may not be known in *** goal of this work is to build the optimal set of policies that trade-off between privacy risk (R) and utility (U), which we refer to as a R-U frontier. To model this problem, we introduce a semantic definition of utility, based on information theory, that is compatible with the lattice representation of policies. To solve the problem, we initially build a set of policies that define a frontier. We then use a probability-guided heuristic to search the lattice for policies likely to update the frontier. To demonstrate the effectiveness of our approach, we perform an empirical analysis with the Adult dataset of the UCI Machine Learning Repository. We show that our approach can construct a frontier closer to optimal than competitive approaches by searching a smaller number of policies. In addition, we show that a frequently followed de-identification policy (i.e., the Safe Harbor standard of the HIPAA privacy Rule) is suboptimal in comparison to the frontier discovered by our approach.
In secure data management the inference problem occurs when data classified at a high security level becomes inferrible from data classified at lower levels. We present a model-theoretic approach to this problem that ...
详细信息
data collection agencies publish sensitive data for legitimate purposes, such as research, marketing and etc. data publishing has attracted much interest in research community due to the important concerns over the pr...
详细信息
As information systems extensively exchange information between participants, privacy concerns may arise from potential misuse. Existing design approaches consider non-technical privacy requirements of different stake...
详细信息
The popularity of location-based services leads to serious concerns on user privacy. A common mechanism to protect users' location and query privacy is spatial generalisation. As more user information becomes avai...
详细信息
暂无评论