Information privacy

About: Information privacy is a research topic. Over the lifetime, 25412 publications have been published within this topic receiving 579611 citations. The topic is also known as: data privacy & data protection.

A formal model of obfuscation and negotiation for location privacy

Abstract: Obfuscation concerns the practice of deliberately degrading the quality of information in some way, so as to protect the privacy of the individual to whom that information refers. In this paper, we argue that obfuscation is an important technique for protecting an individual's location privacy within a pervasive computing environment. The paper sets out a formal framework within which obfuscated location-based services are defined. This framework provides a computationally efficient mechanism for balancing an individual's need for high-quality information services against that individual's need for location privacy. Negotiation is used to ensure that a location-based service provider receives only the information it needs to know in order to provide a service of satisfactory quality. The results of this work have implications for numerous applications of mobile and location-aware systems, as they provide a new theoretical foundation for addressing the privacy concerns that are acknowledged to be retarding the widespread acceptance and use of location-based services.

Random projection-based multiplicative data perturbation for privacy preserving distributed data mining

Abstract: This paper explores the possibility of using multiplicative random projection matrices for privacy preserving distributed data mining. It specifically considers the problem of computing statistical aggregates like the inner product matrix, correlation coefficient matrix, and Euclidean distance matrix from distributed privacy sensitive data possibly owned by multiple parties. This class of problems is directly related to many other data-mining problems such as clustering, principal component analysis, and classification. This paper makes primary contributions on two different grounds. First, it explores independent component analysis as a possible tool for breaching privacy in deterministic multiplicative perturbation-based models such as random orthogonal transformation and random rotation. Then, it proposes an approximate random projection-based technique to improve the level of privacy protection while still preserving certain statistical characteristics of the data. The paper presents extensive theoretical analysis and experimental results. Experiments demonstrate that the proposed technique is effective and can be successfully used for different types of privacy-preserving data mining applications.

Social and Political Dimensions of Privacy

Abstract: This article provides a framework for analyzing privacy in modern societies, defining information privacy and describing three levels that structure the values assigned to privacy. After describing a contemporary privacy baseline (1945-1960), these concepts are applied to social and political privacy developments in three contemporary eras of steadily growing privacy concerns and societal responses across citizen-government, employee-employer, and consumer-business relationships in 1961-1979, 1980-1989, and 1990-2002. Each period is described in terms of new technology applications, changing social climates, and organizational and legal developments. Effects of the 9/11 terrorist attacks on privacy balances are analyzed and predictions for future privacy developments are presented. The relationship of articles in this issue to the author's framework is noted throughout.

IccTA: detecting inter-component privacy leaks in Android apps

Abstract: Shake Them All is a popular "Wallpaper" application exceeding millions of downloads on Google Play. At installation, this application is given permission to (1) access the Internet (for updating wallpapers) and (2) use the device microphone (to change background following noise changes). With these permissions, the application could silently record user conversations and upload them remotely. To give more confidence about how Shake Them All actually processes what it records, it is necessary to build a precise analysis tool that tracks the flow of any sensitive data from its source point to any sink, especially if those are in different components. Since Android applications may leak private data carelessly or maliciously, we propose IccTA, a static taint analyzer to detect privacy leaks among components in Android applications. IccTA goes beyond state-of-the-art approaches by supporting inter- component detection. By propagating context information among components, IccTA improves the precision of the analysis. IccTA outperforms existing tools on two benchmarks for ICC-leak detectors: DroidBench and ICC-Bench. Moreover, our approach detects 534 ICC leaks in 108 apps from MalGenome and 2,395 ICC leaks in 337 apps in a set of 15,000 Google Play apps.

Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance

Abstract: This book, written by recognized authorities in the tech security world, addresses issues that affect any organization preparing to use cloud computing as an option. Cloud computing has emerged as a popular way for corporations to save money that would otherwise go into their IT infrastructure. However, along with the promise of cloud computing there has also been considerable skepticism about the type and extent of security and privacy that these services provide. Cloud Security and Privacy walks you through the steps you need to take to ensure your web applications are secure and your data is safe, and addresses regulatory issues such as audit and compliance. Ideal for IT personnel who need to deliver and maintain applications in the cloud, business managers looking to cut costs, service providers, and investors, this book provides the detailed information on cloud computing security that has been lacking, until now.