Information privacy

About: Information privacy is a research topic. Over the lifetime, 25412 publications have been published within this topic receiving 579611 citations. The topic is also known as: data privacy & data protection.

Usable Security: History, Themes, and Challenges

Abstract: There has been roughly 15 years of research into approaches for aligning research in Human Computer Interaction with computer Security, more colloquially known as ``usable security.'' Although usability and security were once thought to be inherently antagonistic, today there is wide consensus that systems that are not usable will inevitably suffer security failures when they are deployed into the real world. Only by simultaneously addressing both usability and security concerns will we be able to build systems that are truly secure. This book presents the historical context of the work to date on usable security and privacy, creates a taxonomy for organizing that work, outlines current research objectives, presents lessons learned, and makes suggestions for future research. Table of Contents: Acknowledgments / Figure Credits / Introduction / A Brief History of Usable Privacy and Security Research / Major Themes in UPS Academic Research / Lessons Learned / Research Challenges / Conclusion: The Next Ten Years / Bibliography / Authors' Biographies

Parenting and Digital Media: From the Early Web to Contemporary Digital Society

Abstract: Parents have accessed websites, online discussion forums and blogs for advice, information and support since the early days of the World Wide Web (which first became widely available to users in the mid-1990s). In this century, the advent of mobile media such as smartphones and tablet computers and Wi-Fi has allowed parents to access the web from almost any location. They can use social-media platforms and apps (software applications for mobile devices) as part of their parenting practices. These technologies have brought with them opportunities for parents to seek information and support and exchange details of their experiences with each other in a variety of ways. These practices contribute to datafication, that is, rendering details of people’s lives into digital data formats (van Dijck 2014) - not only of parents themselves but also of their children. The possibilities that now exist not only for voluntary sharing of one’s personal data with others, but also for data leakage and commercial exploitation of this information, are key differences between the early digital media that were available to parents and those that they currently use. In this article, we review the literature in sociology and related social research addressing the ways in which digital media have been used for parenting-related purposes. We begin with the longer-established media of parenting websites, online discussion forums, blogs, email, mobile phones and message and video services and then move on to the newer technologies of social media and apps. This is followed by a section on data privacy and security issues. The concluding section summarises some major issues arising from the review and points to directions for further research.

Data Security, Privacy, Availability and Integrity in Cloud Computing: Issues and Current Solutions

Abstract: Cloud computing changed the world around us. Now people are moving their data to the cloud since data is getting bigger and needs to be accessible from many devices. Therefore, storing the data on the cloud becomes a norm. However, there are many issues that counter data stored in the cloud starting from virtual machine which is the mean to share resources in cloud and ending on cloud storage itself issues. In this paper, we present those issues that are preventing people from adopting the cloud and give a survey on solutions that have been done to minimize risks of these issues. For example, the data stored in the cloud needs to be confidential, preserving integrity and available. Moreover, sharing the data stored in the cloud among many users is still an issue since the cloud service provider is untrustworthy to manage authentication and authorization. In this paper, we list issues related to data stored in cloud storage and solutions to those issues which differ from other papers which focus on cloud as general.

ObliviAd: Provably Secure and Practical Online Behavioral Advertising

Abstract: Online behavioral advertising (OBA) involves the tracking of web users' online activities in order to deliver tailored advertisements. OBA has become a rapidly increasing source of revenue for a number of web services, and it is typically conducted by third-party data analytics firms such as brokers, which track user behaviors across web-sessions using mechanisms such as persistent cookies. This practice raises significant privacy concerns among users and privacy advocates alike. Therefore, the task of designing OBA systems that do not reveal user profiles to third parties has been receiving growing interest from the research community. Nevertheless, existing solutions are not ideal for privacy preserving OBA: some of them do not provide adequate privacy to users or adequate targeting information to brokers, while others require trusted third parties that are difficult to realize. In this paper, we propose ObliviAd a provably secure architecture for privacy preserving OBA. The distinguishing features of our approach are the usage of secure hardware-based private information retrieval for distributing advertisements and high-latency mixing of electronic tokens for billing advertisers without disclosing any information about client profiles to brokers. ObliviAd does not assume any trusted party and provides brokers an economical alternative that preserves the privacy of users without hampering the precision of ads selection. We present the first formal security definitions for OBA systems (namely, profile privacy, profile unlink ability, and billing correctness) and conduct a formal security analysis of ObliviAd using ProVerif, an automated cryptographic protocol verifier, establishing the aforementioned security properties against a strong adversarial model. Finally, we demonstrated the practicality of our approach with an experimental evaluation.

KIPDA: k-indistinguishable privacy-preserving data aggregation in wireless sensor networks

Abstract: When wireless sensor networks accumulate sensitive or confidential data, privacy becomes an important concern. Sensors are often resource-limited and power-constrained, and data aggregation is commonly used to address these issues. However, providing privacy without disrupting in-network data aggregation is challenging. Although privacy-preserving data aggregation for additive and multiplicative aggregation functions has been studied, nonlinear aggregation functions such as maximum and minimum have not been well addressed. We present KIPDA, a privacy-preserving aggregation method, which we specialize for maximum and minimum aggregation functions. KIPDA obfuscates sensitive measurements by hiding them among a set of camouflage values, enabling k-indistinguishability for data aggregation. In principle, KIPDA can be used to hide a wide range of aggregation functions, although this paper considers only maximum and minimum. Because the sensitive data are not encrypted, it is easily and efficiently aggregated with minimal in-network processing delay. We quantify the efficiency of KIPDA in terms of power consumption and time delay, studying tradeoffs between the protocol's effectiveness and its resilience against collusion.