Syllabus for Privacy and Information Technology, Fall 2017, UCLA Information Studies

OpenAIRE

Borgman, Christine L.

2017-01-01

Privacy is a broad topic that covers many disciplines, stakeholders, and concerns. This course addresses the intersection of privacy and information technology, surveying a wide array of topics of concern for research and practice in the information fields. Among the topics covered are the history and changing contexts of privacy; privacy risks and harms; law, policies, and practices; privacy in searching for information, in reading, and in libraries; surveillance, networks, and privacy by de...

6th Workshop on Service Orientation in Holonic and Multi-Agent Manufacturing

CERN Document Server

Trentesaux, Damien; Thomas, André; Leitão, Paulo; Oliveira, José

2017-01-01

The book offers an integrated vision on Cloud and HPC, Big Data, Analytics and virtualization in computing-oriented manufacturing, combining information and communication technologies, service-oriented control of holonic architectures as well as enterprise integration solutions based on SOA principles. It is structured in eight parts, each one grouping research and trends in digital manufacturing and service oriented manufacturing control: Cloud and Cyber-Physical Systems for Smart Manufacturing, Reconfigurable and Self-organized Multi-Agent Systems for Industry and Service, Sustainability Issues in Intelligent Manufacturing Systems, Holonic and Multi-agent System Design for Industry and Service, Should Intelligent Manufacturing Systems be Dependable and Safe?, Service-oriented Management and Control of Manufacturing Systems, Engineering and Human Integration in Flexible and Reconfigurable Industrial Systems,Virtualization and Simulation in Computing-oriented Industry and Service.

Information Privacy: Culture, Legislation and User Attitudes

Directory of Open Access Journals (Sweden)

Sophie Cockcroft

2006-11-01

Full Text Available Information privacy has received much public and research interest in recent years. Globally this has arisen from public anxiety following the September 11 attacks and within Australia a progressive tightening of privacy legislation in particular the privacy amendment (private sector Act of 2000 which became operative in 2001. This paper presents the results of a study into attitudes towards information privacy. Based on an instrument developed and validated by Smith et al (1996a this study sets out to measure individual concerns regarding organisational use of information along four dimensions: collection, errors, unauthorised secondary use, and improper access. The survey was completed by 67 undergraduate and postgraduate students enrolled in an e-commerce security subject at the University of Queensland. Comparisons are drawn between the results of this study and an identical one carried out at the University of North Alabama. Whilst it is too early to draw conclusions about the impact of these attitudes on the success of e-commerce in general, the results should be of interest to those within universities seeking to expand the use of networking technologies for handling sensitive information such as enrolment and fee processing (Vanscoy & Oakleaf 2003

Access to Information and Privacy | IDRC - International ...

International Development Research Centre (IDRC) Digital Library (Canada)

As a Crown corporation, IDRC is subject to Canada's laws on access to information and privacy protection. The following resources will help you learn more about IDRC and the access to information and privacy acts, including instructions for submitting an access to information or privacy act (ATIP) request. IDRC and ATIP ...

Privacy for location-based services

CERN Document Server

Ghinita, Gabriel

2013-01-01

Sharing of location data enables numerous exciting applications, such as location-based queries, location-based social recommendations, monitoring of traffic and air pollution levels, etc. Disclosing exact user locations raises serious privacy concerns, as locations may give away sensitive information about individuals' health status, alternative lifestyles, political and religious affiliations, etc. Preserving location privacy is an essential requirement towards the successful deployment of location-based applications. These lecture notes provide an overview of the state-of-the-art in locatio

Agent-oriented software engineering reflections on architectures, methodologies, languages, and frameworks

CERN Document Server

Shehory, Onn

2014-01-01

With this book, Onn Shehory and Arnon Sturm, together with further contributors, introduce the reader to various facets of agent-oriented software engineering (AOSE). They provide a selected collection of state-of-the-art findings, which combines research from information systems, artificial intelligence, distributed systems and software engineering and covers essential development aspects of agent-based systems. The book chapters are organized into five parts. The first part introduces the AOSE domain in general, including introduction to agents and the peculiarities of software engineerin

9th KES Conference on Agent and Multi-Agent Systems : Technologies and Applications

CERN Document Server

Howlett, Robert; Jain, Lakhmi

2015-01-01

Agents and multi-agent systems are related to a modern software paradigm which has long been recognized as a promising technology for constructing autonomous, complex and intelligent systems. The topics covered in this volume include agent-oriented software engineering, agent co-operation, co-ordination, negotiation, organization and communication, distributed problem solving, specification of agent communication languages, agent privacy, safety and security, formalization of ontologies and conversational agents. The volume highlights new trends and challenges in agent and multi-agent research and includes 38 papers classified in the following specific topics: learning paradigms, agent-based modeling and simulation, business model innovation and disruptive technologies, anthropic-oriented computing, serious games and business intelligence, design and implementation of intelligent agents and multi-agent systems, digital economy, and advances in networked virtual enterprises. Published p...

Service Outsourcing Character Oriented Privacy Conflict Detection Method in Cloud Computing

Directory of Open Access Journals (Sweden)

Changbo Ke

2014-01-01

Full Text Available Cloud computing has provided services for users as a software paradigm. However, it is difficult to ensure privacy information security because of its opening, virtualization, and service outsourcing features. Therefore how to protect user privacy information has become a research focus. In this paper, firstly, we model service privacy policy and user privacy preference with description logic. Secondly, we use the pellet reasonor to verify the consistency and satisfiability, so as to detect the privacy conflict between services and user. Thirdly, we present the algorithm of detecting privacy conflict in the process of cloud service composition and prove the correctness and feasibility of this method by case study and experiment analysis. Our method can reduce the risk of user sensitive privacy information being illegally used and propagated by outsourcing services. In the meantime, the method avoids the exception in the process of service composition by the privacy conflict, and improves the trust degree of cloud service providers.

Information Privacy, the Right to Receive Information and (Mobile) ICTs

NARCIS (Netherlands)

Strikwerda, L.

2010-01-01

The first part of this paper is about the notion of (information) privacy and its grounding in law. It discusses the tension between the right to privacy and the right to receive information. The second part of this paper explores how (mobile) ICTs challenge and complicate privacy claims and satisfy

Self-disclosure decision making based on intimacy and privacy

OpenAIRE

Such, Jose M.; Espinosa, Agustin; Garcia-Fornes, Ana; Sierra, Caries

2012-01-01

Autonomous agents may encapsulate their principals¿ personal data attributes. These attributes may be disclosed to other agents during agent interactions, producing a loss of privacy. Thus, agents need self-disclosure decision-making mechanisms to autonomously decide whether disclosing personal data attributes to other agents is acceptable or not. Current self-disclosure decision-making mechanisms consider the direct benefit and the privacy loss of disclosing an attribute. Howe...

Towards Privacy Managment of Information Systems

OpenAIRE

Drageide, Vidar

2009-01-01

This masters thesis provides insight into the concept of privacy. It argues why privacy is important, and why developers and system owners should keep privacy in mind when developing and maintaining systems containing personal information. Following this, a strategy for evaluating the overall level of privacy in a system is defined. The strategy is then applied to parts of the cellphone system in an attempt to evaluate the privacy of traffic and location data in this system.

Mobile location-based advertising: how information privacy concerns influence consumers' attitude and acceptance

NARCIS (Netherlands)

Limpf, N.; Voorveld, H.A.M.

2015-01-01

This study investigates the effect of information privacy concerns on consumers' attitude toward and acceptance of mobile location-based advertising (LBA), and the moderating role of the type of mobile LBA, namely push versus pull. Using an online experiment (N = 224), it was found that consumers'

An informational theory of privacy

NARCIS (Netherlands)

Schottmuller, C.; Jann, Ole

2016-01-01

We develop a theory that explains how and when privacy can increase welfare. Without privacy, some individuals misrepresent their preferences, because they will otherwise be statistically discriminated against. This "chilling effect" hurts them individually, and impairs information aggregation. The

Big data privacy: The datafication of personal information

DEFF Research Database (Denmark)

Mai, Jens-Erik

2016-01-01

. This broadened approach will take our thinking beyond current preoccupation with whether or not individuals’ consent was secured for data collection to privacy issues arising from the development of new information on individuals' likely behavior through analysis of already collected data—this new information......In the age of big data we need to think differently about privacy. We need to shift our thinking from definitions of privacy (characteristics of privacy) to models of privacy (how privacy works). Moreover, in addition to the existing models of privacy—the surveillance model and capture model......—we need to also consider a new model: the datafication model presented in this article, wherein new personal information is deduced by employing predictive analytics on already-gathered data. These three models of privacy supplement each other; they are not competing understandings of privacy...

Privacy and Open Government

Directory of Open Access Journals (Sweden)

Teresa Scassa

2014-06-01

Full Text Available The public-oriented goals of the open government movement promise increased transparency and accountability of governments, enhanced citizen engagement and participation, improved service delivery, economic development and the stimulation of innovation. In part, these goals are to be achieved by making more and more government information public in reusable formats and under open licences. This paper identifies three broad privacy challenges raised by open government. The first is how to balance privacy with transparency and accountability in the context of “public” personal information. The second challenge flows from the disruption of traditional approaches to privacy based on a collapse of the distinctions between public and private sector actors. The third challenge is that of the potential for open government data—even if anonymized—to contribute to the big data environment in which citizens and their activities are increasingly monitored and profiled.

Smartdata privacy meets evolutionary robotics

CERN Document Server

Harvey, Inman; Tomko, George

2013-01-01

Privacy by Design and the Promise of SmartData.- SmartData: the Need, the Goal and the Challenge.- Perspectives on Artificial Intelligence.- Context dependent information processing entails scale-free dynamics.- Philosophy and SmartData.- Relevance Realization and the Neurodynamics and Neural Connectivity of General Intelligence.- What Matters: Real Bodies and Virtual Worlds.- The development of autonomous virtual agents.- Patterns of Attractors in the "Brain"".- A Privacy-Enabled Mobile Computing Model Using Intelligent Cloud-Based Services.- Unconstraint the Population: the Benefits of Horiz

Agent-Oriented Embedded Control System Design and Development of a Vision-Based Automated Guided Vehicle

Directory of Open Access Journals (Sweden)

Wu Xing

2012-07-01

Full Text Available This paper presents a control system design and development approach for a vision-based automated guided vehicle (AGV based on the multi-agent system (MAS methodology and embedded system resources. A three-phase agent-oriented design methodology Prometheus is used to analyse system functions, construct operation scenarios, define agent types and design the MAS coordination mechanism. The control system is then developed in an embedded implementation containing a digital signal processor (DSP and an advanced RISC machine (ARM by using the multitasking processing capacity of multiple microprocessors and system services of a real-time operating system (RTOS. As a paradigm, an onboard embedded controller is designed and developed for the AGV with a camera detecting guiding landmarks, and the entire procedure has a high efficiency and a clear hierarchy. A vision guidance experiment for our AGV is carried out in a space-limited laboratory environment to verify the perception capacity and the onboard intelligence of the agent-oriented embedded control system.

An Agent-Based Simulation for Investigating the Impact of Stereotypes on Task-Oriented Group Formation

Science.gov (United States)

Maghami, Mahsa; Sukthankar, Gita

In this paper, we introduce an agent-based simulation for investigating the impact of social factors on the formation and evolution of task-oriented groups. Task-oriented groups are created explicitly to perform a task, and all members derive benefits from task completion. However, even in cases when all group members act in a way that is locally optimal for task completion, social forces that have mild effects on choice of associates can have a measurable impact on task completion performance. In this paper, we show how our simulation can be used to model the impact of stereotypes on group formation. In our simulation, stereotypes are based on observable features, learned from prior experience, and only affect an agent's link formation preferences. Even without assuming stereotypes affect the agents' willingness or ability to complete tasks, the long-term modifications that stereotypes have on the agents' social network impair the agents' ability to form groups with sufficient diversity of skills, as compared to agents who form links randomly. An interesting finding is that this effect holds even in cases where stereotype preference and skill existence are completely uncorrelated.

A PhD abstract presentation on Personal Information Privacy System based on Proactive Design

DEFF Research Database (Denmark)

Dhotre, Prashant Shantaram; Olesen, Henning

2014-01-01

providers and websites collects and make an extensive use of personal information. Using different Big Data methods and techniques the knowledge and patterns are generated or extracted from the data. This will lead to a serious problem to privacy breach. Hence, there is a need of embedding privacy...... in the design phase will be the basic principle on which the data security can be provided, and the privacy will be protected. This will give more control and power to user over personal information....

An Improved Privacy-Preserving Framework for Location-Based Services Based on Double Cloaking Regions with Supplementary Information Constraints

Directory of Open Access Journals (Sweden)

Li Kuang

2017-01-01

Full Text Available With the rapid development of location-based services in the field of mobile network applications, users enjoy the convenience of location-based services on one side, while being exposed to the risk of disclosure of privacy on the other side. Attacker will make a fierce attack based on the probability of inquiry, map data, point of interest (POI, and other supplementary information. The existing location privacy protection techniques seldom consider the supplementary information held by attackers and usually only generate single cloaking region according to the protected location point, and the query efficiency is relatively low. In this paper, we improve the existing LBSs system framework, in which we generate double cloaking regions by constraining the supplementary information, and then k-anonymous task is achieved by the cooperation of the double cloaking regions; specifically speaking, k dummy points of fixed dummy positions in the double cloaking regions are generated and the LBSs query is then performed. Finally, the effectiveness of the proposed method is verified by the experiments on real datasets.

Patients want granular privacy control over health information in electronic medical records.

Science.gov (United States)

Caine, Kelly; Hanania, Rima

2013-01-01

To assess patients' desire for granular level privacy control over which personal health information should be shared, with whom, and for what purpose; and whether these preferences vary based on sensitivity of health information. A card task for matching health information with providers, questionnaire, and interview with 30 patients whose health information is stored in an electronic medical record system. Most patients' records contained sensitive health information. No patients reported that they would prefer to share all information stored in an electronic medical record (EMR) with all potential recipients. Sharing preferences varied by type of information (EMR data element) and recipient (eg, primary care provider), and overall sharing preferences varied by participant. Patients with and without sensitive records preferred less sharing of sensitive versus less-sensitive information. Patients expressed sharing preferences consistent with a desire for granular privacy control over which health information should be shared with whom and expressed differences in sharing preferences for sensitive versus less-sensitive EMR data. The pattern of results may be used by designers to generate privacy-preserving EMR systems including interfaces for patients to express privacy and sharing preferences. To maintain the level of privacy afforded by medical records and to achieve alignment with patients' preferences, patients should have granular privacy control over information contained in their EMR.

Modelling information dissemination under privacy concerns in social media

Science.gov (United States)

Zhu, Hui; Huang, Cheng; Lu, Rongxing; Li, Hui

2016-05-01

Social media has recently become an important platform for users to share news, express views, and post messages. However, due to user privacy preservation in social media, many privacy setting tools are employed, which inevitably change the patterns and dynamics of information dissemination. In this study, a general stochastic model using dynamic evolution equations was introduced to illustrate how privacy concerns impact the process of information dissemination. Extensive simulations and analyzes involving the privacy settings of general users, privileged users, and pure observers were conducted on real-world networks, and the results demonstrated that user privacy settings affect information differently. Finally, we also studied the process of information diffusion analytically and numerically with different privacy settings using two classic networks.

Privacy vs. Reward in Indoor Location-Based Services

Directory of Open Access Journals (Sweden)

Fawaz Kassem

2016-10-01

Full Text Available With the advance of indoor localization technology, indoor location-based services (ILBS are gaining popularity. They, however, accompany privacy concerns. ILBS providers track the users’ mobility to learn more about their behavior, and then provide them with improved and personalized services. Our survey of 200 individuals highlighted their concerns about this tracking for potential leakage of their personal/private traits, but also showed their willingness to accept reduced tracking for improved service. In this paper, we propose PR-LBS (Privacy vs. Reward for Location-Based Service, a system that addresses these seemingly conflicting requirements by balancing the users’ privacy concerns and the benefits of sharing location information in indoor location tracking environments. PR-LBS relies on a novel location-privacy criterion to quantify the privacy risks pertaining to sharing indoor location information. It also employs a repeated play model to ensure that the received service is proportionate to the privacy risk. We implement and evaluate PR-LBS extensively with various real-world user mobility traces. Results show that PR-LBS has low overhead, protects the users’ privacy, and makes a good tradeoff between the quality of service for the users and the utility of shared location data for service providers.

The role of privacy protection in healthcare information systems adoption.

Science.gov (United States)

Hsu, Chien-Lung; Lee, Ming-Ren; Su, Chien-Hui

2013-10-01

Privacy protection is an important issue and challenge in healthcare information systems (HISs). Recently, some privacy-enhanced HISs are proposed. Users' privacy perception, intention, and attitude might affect the adoption of such systems. This paper aims to propose a privacy-enhanced HIS framework and investigate the role of privacy protection in HISs adoption. In the proposed framework, privacy protection, access control, and secure transmission modules are designed to enhance the privacy protection of a HIS. An experimental privacy-enhanced HIS is also implemented. Furthermore, we proposed a research model extending the unified theory of acceptance and use of technology by considering perceived security and information security literacy and then investigate user adoption of a privacy-enhanced HIS. The experimental results and analyses showed that user adoption of a privacy-enhanced HIS is directly affected by social influence, performance expectancy, facilitating conditions, and perceived security. Perceived security has a mediating effect between information security literacy and user adoption. This study proposes several implications for research and practice to improve designing, development, and promotion of a good healthcare information system with privacy protection.

Conceptual Modeling of Events as Information Objects and Change Agents

DEFF Research Database (Denmark)

Bækgaard, Lars

as a totality of an information object and a change agent. When an event is modeled as an information object it is comparable to an entity that exists only at a specific point in time. It has attributes and can be used for querying and specification of constraints. When an event is modeled as a change agent...... it is comparable to an executable transaction schema. Finally, we briefly compare our approach to object-oriented approaches based on encapsulated objects....

Anonymity versus privacy: selective information sharing in online cancer communities.

Science.gov (United States)

Frost, Jeana; Vermeulen, Ivar E; Beekers, Nienke

2014-05-14

Active sharing in online cancer communities benefits patients. However, many patients refrain from sharing health information online due to privacy concerns. Existing research on privacy emphasizes data security and confidentiality, largely focusing on electronic medical records. Patient preferences around information sharing in online communities remain poorly understood. Consistent with the privacy calculus perspective adopted from e-commerce research, we suggest that patients approach online information sharing instrumentally, weighing privacy costs against participation benefits when deciding whether to share certain information. Consequently, we argue that patients prefer sharing clinical information over daily life and identity information that potentially compromises anonymity. Furthermore, we explore whether patients' prior experiences, age, health, and gender affect perceived privacy costs and thus willingness to share information. The goal of the present study is to document patient preferences for sharing information within online health platforms. A total of 115 cancer patients reported sharing intentions for 15 different types of information, demographics, health status, prior privacy experiences, expected community utility, and privacy concerns. Factor analysis on the 15 information types revealed 3 factors coinciding with 3 proposed information categories: clinical, daily life, and identity information. A within-subject ANOVA showed a strong preference for sharing clinical information compared to daily life and identity information (F1,114=135.59, P=.001, η(2)=.93). Also, adverse online privacy experiences, age, and health status negatively affected information-sharing intentions. Female patients shared information less willingly. Respondents' information-sharing intentions depend on dispositional and situational factors. Patients share medical details more willingly than daily life or identity information. The results suggest the need to focus on

HIPPA privacy regulations: practical information for physicians.

Science.gov (United States)

McMahon, E B; Lee-Huber, T

2001-07-01

After much debate and controversy, the Bush administration announced on April 12, 2001, that it would implement the Health Insurance Portability and Accountability Act (HIPAA) privacy regulations issued by the Clinton administration in December of 2000. The privacy regulations became effective on April 14, 2001. Although the regulations are considered final, the Secretary of the Department of Health and Human Services has the power to modify the regulations at any time during the first year of implementation. These regulations affect how a patient's health information is used and disclosed, as well as how patients are informed of their privacy rights. As "covered entities," physicians have until April 14, 2003, to comply fully with the HIPAA privacy regulations, which are more than 1,500 pages in length. This article presents a basic overview of the new and complex regulations and highlights practical information about physicians' compliance with the regulations. However, this summary of the HIPAA privacy regulations should not be construed as legal advice or an opinion on specific situations. Please consult an attorney concerning your compliance with HIPAA and the regulations promulgated thereunder.

Anonymity Versus Privacy: Selective Information Sharing in Online Cancer Communities

Science.gov (United States)

Vermeulen, Ivar E; Beekers, Nienke

2014-01-01

Background Active sharing in online cancer communities benefits patients. However, many patients refrain from sharing health information online due to privacy concerns. Existing research on privacy emphasizes data security and confidentiality, largely focusing on electronic medical records. Patient preferences around information sharing in online communities remain poorly understood. Consistent with the privacy calculus perspective adopted from e-commerce research, we suggest that patients approach online information sharing instrumentally, weighing privacy costs against participation benefits when deciding whether to share certain information. Consequently, we argue that patients prefer sharing clinical information over daily life and identity information that potentially compromises anonymity. Furthermore, we explore whether patients’ prior experiences, age, health, and gender affect perceived privacy costs and thus willingness to share information. Objective The goal of the present study is to document patient preferences for sharing information within online health platforms. Methods A total of 115 cancer patients reported sharing intentions for 15 different types of information, demographics, health status, prior privacy experiences, expected community utility, and privacy concerns. Results Factor analysis on the 15 information types revealed 3 factors coinciding with 3 proposed information categories: clinical, daily life, and identity information. A within-subject ANOVA showed a strong preference for sharing clinical information compared to daily life and identity information (F 1,114=135.59, P=.001, η2=.93). Also, adverse online privacy experiences, age, and health status negatively affected information-sharing intentions. Female patients shared information less willingly. Conclusions Respondents’ information-sharing intentions depend on dispositional and situational factors. Patients share medical details more willingly than daily life or identity

Service orientation in holonic and multi-agent manufacturing

CERN Document Server

Thomas, André; Trentesaux, Damien

2015-01-01

This volume gathers the peer reviewed papers presented at the 4th edition of the International Workshop “Service Orientation in Holonic and Multi-agent Manufacturing – SOHOMA’14” organized and hosted on November 5-6, 2014 by the University of Lorraine, France in collaboration with the CIMR Research Centre of the University Politehnica of Bucharest and the TEMPO Laboratory of the University of Valenciennes and Hainaut-Cambrésis.   The book is structured in six parts, each one covering a specific research line which represents a trend in future manufacturing: (1) Holonic and Agent-based Industrial Automation Systems; (2) Service-oriented Management and Control of Manufacturing Systems; (3) Distributed Modelling for Safety and Security in Industrial Systems; (4) Complexity, Big Data and Virtualization in Computing-oriented Manufacturing; (5) Adaptive, Bio-inspired and Self-organizing Multi-Agent Systems for Manufacturing, and (6) Physical Internet Simulation, Modelling and Control.   There is a clear ...

Information privacy in organizations: empowering creative and extrarole performance.

Science.gov (United States)

Alge, Bradley J; Ballinger, Gary A; Tangirala, Subrahmaniam; Oakley, James L

2006-01-01

This article examines the relationship of employee perceptions of information privacy in their work organizations and important psychological and behavioral outcomes. A model is presented in which information privacy predicts psychological empowerment, which in turn predicts discretionary behaviors on the job, including creative performance and organizational citizenship behavior (OCB). Results from 2 studies (Study 1: single organization, N=310; Study 2: multiple organizations, N=303) confirm that information privacy entails judgments of information gathering control, information handling control, and legitimacy. Moreover, a model linking information privacy to empowerment and empowerment to creative performance and OCBs was supported. Findings are discussed in light of organizational attempts to control employees through the gathering and handling of their personal information. (c) 2006 APA, all rights reserved.

Blood rights: the body and information privacy.

Science.gov (United States)

Alston, Bruce

2005-05-01

Genetic and other medical technology makes blood, human tissue and other bodily samples an immediate and accessible source of comprehensive personal and health information about individuals. Yet, unlike medical records, bodily samples are not subject to effective privacy protection or other regulation to ensure that individuals have rights to control the collection, use and transfer of such samples. This article examines the existing coverage of privacy legislation, arguments in favour of baseline protection for bodily samples as sources of information and possible approaches to new regulation protecting individual privacy rights in bodily samples.

Privacy and Data-Based Research

OpenAIRE

Ori Heffetz; Katrina Ligett

2013-01-01

What can we, as users of microdata, formally guarantee to the individuals (or firms) in our dataset, regarding their privacy? We retell a few stories, well-known in data-privacy circles, of failed anonymization attempts in publicly released datasets. We then provide a mostly informal introduction to several ideas from the literature on differential privacy, an active literature in computer science that studies formal approaches to preserving the privacy of individuals in statistical databases...

An Efficient and Privacy-Preserving Multiuser Cloud-Based LBS Query Scheme

Directory of Open Access Journals (Sweden)

Lu Ou

2018-01-01

Full Text Available Location-based services (LBSs are increasingly popular in today’s society. People reveal their location information to LBS providers to obtain personalized services such as map directions, restaurant recommendations, and taxi reservations. Usually, LBS providers offer user privacy protection statement to assure users that their private location information would not be given away. However, many LBSs run on third-party cloud infrastructures. It is challenging to guarantee user location privacy against curious cloud operators while still permitting users to query their own location information data. In this paper, we propose an efficient privacy-preserving cloud-based LBS query scheme for the multiuser setting. We encrypt LBS data and LBS queries with a hybrid encryption mechanism, which can efficiently implement privacy-preserving search over encrypted LBS data and is very suitable for the multiuser setting with secure and effective user enrollment and user revocation. This paper contains security analysis and performance experiments to demonstrate the privacy-preserving properties and efficiency of our proposed scheme.

Dynamic electronic institutions in agent oriented cloud robotic systems.

Science.gov (United States)

Nagrath, Vineet; Morel, Olivier; Malik, Aamir; Saad, Naufal; Meriaudeau, Fabrice

2015-01-01

The dot-com bubble bursted in the year 2000 followed by a swift movement towards resource virtualization and cloud computing business model. Cloud computing emerged not as new form of computing or network technology but a mere remoulding of existing technologies to suit a new business model. Cloud robotics is understood as adaptation of cloud computing ideas for robotic applications. Current efforts in cloud robotics stress upon developing robots that utilize computing and service infrastructure of the cloud, without debating on the underlying business model. HTM5 is an OMG's MDA based Meta-model for agent oriented development of cloud robotic systems. The trade-view of HTM5 promotes peer-to-peer trade amongst software agents. HTM5 agents represent various cloud entities and implement their business logic on cloud interactions. Trade in a peer-to-peer cloud robotic system is based on relationships and contracts amongst several agent subsets. Electronic Institutions are associations of heterogeneous intelligent agents which interact with each other following predefined norms. In Dynamic Electronic Institutions, the process of formation, reformation and dissolution of institutions is automated leading to run time adaptations in groups of agents. DEIs in agent oriented cloud robotic ecosystems bring order and group intellect. This article presents DEI implementations through HTM5 methodology.

Introducing ALAS: A Novel Agent-Oriented Programming Language

Science.gov (United States)

Mitrović, Dejan; Ivanović, Mirjana; Vidaković, Milan

2011-09-01

Agent-oriented programming languages represent a family of programming languages that provide developers with high-level abstractions and constructs necessary for implementing and using agent-related concepts. In this paper a novel agent-oriented programming language for rapid and efficient development of reactive agents, named ALAS, is presented. The simple, but powerful set of language constructs is designed to support the execution of agents in heterogenous environments, and to enable easy employment of advanced agent features, such as mobility and web service integration.

77 FR 15555 - Freedom of Information Act and Privacy Act Procedures

Science.gov (United States)

2012-03-16

... Freedom of Information Act and Privacy Act Procedures AGENCY: Special Inspector General for Afghanistan... Freedom of Information Act (FOIA) and the Privacy Act of 1974. These procedures will facilitate public..., Freedom of information, Privacy. Authority and Issuance For the reasons set forth above, SIGAR establishes...

32 CFR 806b.30 - Evaluating information systems for Privacy Act compliance.

Science.gov (United States)

2010-07-01

... privacy issues are unchanged. (d) The depth and content of the Privacy Impact Assessment should be... 32 National Defense 6 2010-07-01 2010-07-01 false Evaluating information systems for Privacy Act... FORCE ADMINISTRATION PRIVACY ACT PROGRAM Privacy Impact Assessments § 806b.30 Evaluating information...

Public assessment of new surveillance-oriented security technologies: Beyond the trade-off between privacy and security.

Science.gov (United States)

Pavone, Vincenzo; Esposti, Sara Degli

2012-07-01

As surveillance-oriented security technologies (SOSTs) are considered security enhancing but also privacy infringing, citizens are expected to trade part of their privacy for higher security. Drawing from the PRISE project, this study casts some light on how citizens actually assess SOSTs through a combined analysis of focus groups and survey data. First, the outcomes suggest that people did not assess SOSTs in abstract terms but in relation to the specific institutional and social context of implementation. Second, from this embedded viewpoint, citizens either expressed concern about government's surveillance intentions and considered SOSTs mainly as privacy infringing, or trusted political institutions and believed that SOSTs effectively enhanced their security. None of them, however, seemed to trade privacy for security because concerned citizens saw their privacy being infringed without having their security enhanced, whilst trusting citizens saw their security being increased without their privacy being affected.

DAIDS: a Distributed, Agent-based Information Dissemination System

Directory of Open Access Journals (Sweden)

Pete Haglich

2007-10-01

Full Text Available The Distributed Agent-Based Information Dissemination System (DAIDS concept was motivated by the need to share information among the members of a military tactical team in an atmosphere of extremely limited or intermittent bandwidth. The DAIDS approach recognizes that in many cases communications limitations will preclude the complete sharing of all tactical information between the members of the tactical team. Communications may be limited by obstructions to the line of sight between platforms; electronic warfare; or environmental conditions, or just contention from other users of that bandwidth. Since it may not be possible to achieve a complete information exchange, it is important to prioritize transmissions so the most critical information from the standpoint of the recipient is disseminated first. The challenge is to be able to determine which elements of information are the most important to each teammate. The key innovation of the DAIDS concept is the use of software proxy agents to represent the information needs of the recipient of the information. The DAIDS approach uses these proxy agents to evaluate the content of a message in accordance with the context and information needs of the recipient platform (the agent's principal and prioritize the message for dissemination. In our research we implemented this approach and demonstrated that it provides nearly a reduction in transmission times for critical tactical reports by up to a factor of 30 under severe bandwidth limitations.

ACCOUNTING INFORMATION SYSTEMS: AN APPROACH FOCUSED ON OBJECTS WITH INTELLIGENT AGENTS

Directory of Open Access Journals (Sweden)

Marcelo Botelho da Costa Moraes

2010-01-01

Full Text Available Accounting aims at the treatment of information related to economic events within organizations. In order to do so, the double entry method is used (debt and credit accounting, which only considers monetary variations. With the development of information technologies, accounting information systems are born. In the 1980’s, the REA model (economic Resources, economic Events and economic Agents is created, which focuses on accounting information records, based on the association of economic resources, economic events and economic agents. The objective of this work is to demonstrate an object-oriented modeling with intelligent agents use, for information development and analysis focused on users. The proposed model is also analyzed according to accounting information quality, necessary for accounting information users, capable to comply with the needs of different user groups, with advantages in applications.

39 CFR 7.8 - Open meetings, Freedom of Information, and Privacy of Information.

Science.gov (United States)

2010-07-01

... 39 Postal Service 1 2010-07-01 2010-07-01 false Open meetings, Freedom of Information, and Privacy of Information. 7.8 Section 7.8 Postal Service UNITED STATES POSTAL SERVICE THE BOARD OF GOVERNORS OF THE U.S. POSTAL SERVICE PUBLIC OBSERVATION (ARTICLE VII) § 7.8 Open meetings, Freedom of Information, and Privacy of Information. The provisions o...

K-Anonymity Based Privacy Risk Budgeting System for Interactive Record Linkage

Directory of Open Access Journals (Sweden)

Hye-Chung Kum

2017-04-01

The k-anonymity based privacy risk budgeting system provides a mechanism where we can concretely reason about the tradeoff between the privacy risks due to information disclosed, accuracy gained, and biases reduced during interactive record linkage.

Validating agent oriented methodology (AOM) for netlogo modelling and simulation

Science.gov (United States)

WaiShiang, Cheah; Nissom, Shane; YeeWai, Sim; Sharbini, Hamizan

2017-10-01

AOM (Agent Oriented Modeling) is a comprehensive and unified agent methodology for agent oriented software development. AOM methodology was proposed to aid developers with the introduction of technique, terminology, notation and guideline during agent systems development. Although AOM methodology is claimed to be capable of developing a complex real world system, its potential is yet to be realized and recognized by the mainstream software community and the adoption of AOM is still at its infancy. Among the reason is that there are not much case studies or success story of AOM. This paper presents two case studies on the adoption of AOM for individual based modelling and simulation. It demonstrate how the AOM is useful for epidemiology study and ecological study. Hence, it further validate the AOM in a qualitative manner.

Beyond individual-centric privacy : Information technology in social systems

NARCIS (Netherlands)

Pieters, W.

2017-01-01

In the public debate, social implications of information technology are mainly seen through the privacy lens. Impact assessments of information technology are also often limited to privacy impact assessments, which are focused on individual rights and well-being, as opposed to the social

A Privacy-Preserving Framework for Trust-Oriented Point-of-Interest Recommendation

KAUST Repository

Liu, An; Wang, Weiqi; Li, Zhixu; Liu, Guanfeng; Li, Qing; Zhou, Xiaofang; Zhang, Xiangliang

2017-01-01

Point-of-Interest (POI) recommendation has attracted many interests recently because of its significant potential for helping users to explore new places and helping LBS providers to carry out precision marketing. Compared with the user-item rating matrix in conventional recommender systems, the user-location check-in matrix in POI recommendation is usually much more sparse, which makes the notorious cold start problem more prominent in POI recommendation. Trust-oriented recommendation is an effective way to deal with this problem but it requires that the recommender has access to user check-in and trust data. In practice, however, these data are usually owned by different businesses who are not willing to share their data with the recommender mainly due to privacy and legal concerns. In this paper, we propose a privacy-preserving framework to boost data owners willingness to share their data with untrustworthy businesses. More specifically, we utilize partially homomorphic encryption to design two protocols for privacy-preserving trustoriented POI recommendation. By offline encryption and parallel computing, these protocols can efficiently protect the private data of every party involved in the recommendation. We prove that the proposed protocols are secure against semi-honest adversaries. Experiments on both synthetic data and real data show that our protocols can achieve privacy-preserving with acceptable computation and communication cost.

A Privacy-Preserving Framework for Trust-Oriented Point-of-Interest Recommendation

KAUST Repository

Liu, An

2017-10-23

Point-of-Interest (POI) recommendation has attracted many interests recently because of its significant potential for helping users to explore new places and helping LBS providers to carry out precision marketing. Compared with the user-item rating matrix in conventional recommender systems, the user-location check-in matrix in POI recommendation is usually much more sparse, which makes the notorious cold start problem more prominent in POI recommendation. Trust-oriented recommendation is an effective way to deal with this problem but it requires that the recommender has access to user check-in and trust data. In practice, however, these data are usually owned by different businesses who are not willing to share their data with the recommender mainly due to privacy and legal concerns. In this paper, we propose a privacy-preserving framework to boost data owners willingness to share their data with untrustworthy businesses. More specifically, we utilize partially homomorphic encryption to design two protocols for privacy-preserving trustoriented POI recommendation. By offline encryption and parallel computing, these protocols can efficiently protect the private data of every party involved in the recommendation. We prove that the proposed protocols are secure against semi-honest adversaries. Experiments on both synthetic data and real data show that our protocols can achieve privacy-preserving with acceptable computation and communication cost.

45 CFR 164.520 - Notice of privacy practices for protected health information.

Science.gov (United States)

2010-10-01

... DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Privacy of Individually Identifiable Health Information § 164.520 Notice of privacy practices for protected health information. (a) Standard... 45 Public Welfare 1 2010-10-01 2010-10-01 false Notice of privacy practices for protected health...

Workshop--E-leaks: the privacy of health information in the age of electronic information.

Science.gov (United States)

Vonn, Michael; Lang, Renée; Perras, Maude

2011-10-01

This workshop examined some of the new challenges to health-related privacy emerging as a result of the proliferation of electronic communications and data storage, including through social media, electronic health records and ready access to personal information on the internet. The right to privacy is a human right. As such, protecting privacy and enforcing the duty of confidentiality regarding health information are fundamental to treating people with autonomy, dignity and respect. For people living with HIV, unauthorized disclosure of their status can lead to discrimination and breaches of other human rights. While this is not new, in this information age a new breed of privacy violation is emerging and our legal protections are not necessarily keeping pace.

A new privacy preserving technique for cloud service user endorsement using multi-agents

Directory of Open Access Journals (Sweden)

D. Chandramohan

2016-01-01

Full Text Available In data analysis the present focus on storage services are leveraged to attain its crucial part while user data get compromised. In the recent years service user’s valuable information has been utilized by unauthorized users and service providers. This paper examines the privacy awareness and importance of user’s secrecy preserving in the current cloud computing era. Gradually the information kept under the cloud environment gets increased due to its elasticity and availability. However, highly sensitive information is in a serious attack from various sources. Once private information gets misused, the probability of privacy breaching increases which thereby reduces user’s trust on cloud providers. In the modern internet world, information management and maintenance is one among the most decisive tasks. Information stored in the cloud by the finance, healthcare, government sectors, etc. makes it all the more challenging since such tasks are to be handled globally. The present scenario therefore demands a new Petri-net Privacy Preserving Framework (PPPF for safeguarding user’s privacy and, providing consistent and breach-less services from the cloud. This paper illustrates the design of PPPF and mitigates the cloud provider’s trust among users. The proposed technique conveys and collaborates with Privacy Preserving Cohesion Technique (PPCT, to develop validate, promote, adapt and also increase the need for data privacy. Moreover, this paper focuses on clinching and verification of unknown user intervention into the confidential data present in storage area and ensuring the performance of the cloud services. It also acts as an information preserving guard for high secrecy data storage areas.

Digital privacy in the marketplace perspectives on the information exchange

CERN Document Server

Milne, George

2015-01-01

Digital Privacy in the Marketplace focuses on the data ex-changes between marketers and consumers, with special ttention to the privacy challenges that are brought about by new information technologies. The purpose of this book is to provide a background source to help the reader think more deeply about the impact of privacy issues on both consumers and marketers. It covers topics such as: why privacy is needed, the technological, historical and academic theories of privacy, how market exchange af-fects privacy, what are the privacy harms and protections available, and what is the likely future of privacy.

An Object-Oriented Information Model for Policy-based Management of Distributed Applications

NARCIS (Netherlands)

Diaz, G.; Gay, V.C.J.; Horlait, E.; Hamza, M.H.

2002-01-01

This paper presents an object-oriented information model to support a policy-based management for distributed multimedia applications. The information base contains application-level information about the users, the applications, and their profile. Our Information model is described in details and

Anonymity versus privacy: Selective information sharing in online cancer communities

OpenAIRE

Frost, J.H.; Vermeulen, I.E.; Beekers, N.

2014-01-01

Background Active sharing in online cancer communities benefits patients. However, many patients refrain from sharing health information online due to privacy concerns. Existing research on privacy emphasizes data security and confidentiality, largely focusing on electronic medical records. Patient preferences around information sharing in online communities remain poorly understood. Consistent with the privacy calculus perspective adopted from e-commerce research, we suggest that patients ap...

Multi-agent systems: effective approach for cancer care information management.

Science.gov (United States)

Mohammadzadeh, Niloofar; Safdari, Reza; Rahimi, Azin

2013-01-01

Physicians, in order to study the causes of cancer, detect cancer earlier, prevent or determine the effectiveness of treatment, and specify the reasons for the treatment ineffectiveness, need to access accurate, comprehensive, and timely cancer data. The cancer care environment has become more complex because of the need for coordination and communication among health care professionals with different skills in a variety of roles and the existence of large amounts of data with various formats. The goals of health care systems in such a complex environment are correct health data management, providing appropriate information needs of users to enhance the integrity and quality of health care, timely access to accurate information and reducing medical errors. These roles in new systems with use of agents efficiently perform well. Because of the potential capability of agent systems to solve complex and dynamic health problems, health care system, in order to gain full advantage of E- health, steps must be taken to make use of this technology. Multi-agent systems have effective roles in health service quality improvement especially in telemedicine, emergency situations and management of chronic diseases such as cancer. In the design and implementation of agent based systems, planning items such as information confidentiality and privacy, architecture, communication standards, ethical and legal aspects, identification opportunities and barriers should be considered. It should be noted that usage of agent systems only with a technical view is associated with many problems such as lack of user acceptance. The aim of this commentary is to survey applications, opportunities and barriers of this new artificial intelligence tool for cancer care information as an approach to improve cancer care management.

Privacy and human behavior in the age of information.

Science.gov (United States)

Acquisti, Alessandro; Brandimarte, Laura; Loewenstein, George

2015-01-30

This Review summarizes and draws connections between diverse streams of empirical research on privacy behavior. We use three themes to connect insights from social and behavioral sciences: people's uncertainty about the consequences of privacy-related behaviors and their own preferences over those consequences; the context-dependence of people's concern, or lack thereof, about privacy; and the degree to which privacy concerns are malleable—manipulable by commercial and governmental interests. Organizing our discussion by these themes, we offer observations concerning the role of public policy in the protection of privacy in the information age. Copyright © 2015, American Association for the Advancement of Science.

An examination of electronic health information privacy in older adults.

Science.gov (United States)

Le, Thai; Thompson, Hilaire; Demiris, George

2013-01-01

Older adults are the quickest growing demographic group and are key consumers of health services. As the United States health system transitions to electronic health records, it is important to understand older adult perceptions of privacy and security. We performed a secondary analysis of the Health Information National Trends Survey (2012, Cycle 1), to examine differences in perceptions of electronic health information privacy between older adults and the general population. We found differences in the level of importance placed on access to electronic health information (older adults placed greater emphasis on provider as opposed to personal access) and tendency to withhold information out of concerns for privacy and security (older adults were less likely to withhold information). We provide recommendations to alleviate some of these privacy concerns. This may facilitate greater use of electronic health communication between patient and provider, while promoting shared decision making.

Privacy of genetic information: a review of the laws in the United States.

Science.gov (United States)

Fuller, B; Ip, M

2001-01-01

This paper examines the privacy of genetic information and the laws in the United States designed to protect genetic privacy. While all 50 states have laws protecting the privacy of health information, there are many states that have additional laws that carve out additional protections specifically for genetic information. The majority of the individual states have enacted legislation to protect individuals from discrimination on the basis of genetic information, and most of this legislation also has provisions to protect the privacy of genetic information. On the Federal level, there has been no antidiscrimination or genetic privacy legislation. Secretary Donna Shalala of the Department of Health and Human Services has issued proposed regulations to protect the privacy of individually identifiable health information. These regulations encompass individually identifiable health information and do not make specific provisions for genetic information. The variety of laws regarding genetic privacy, some found in statutes to protect health information and some found in statutes to prevent genetic discrimination, presents challenges to those charged with administering and executing these laws.

Privacy and information security risks in a technology platform for home-based chronic disease rehabilitation and education.

Science.gov (United States)

Henriksen, Eva; Burkow, Tatjana M; Johnsen, Elin; Vognild, Lars K

2013-08-09

Privacy and information security are important for all healthcare services, including home-based services. We have designed and implemented a prototype technology platform for providing home-based healthcare services. It supports a personal electronic health diary and enables secure and reliable communication and interaction with peers and healthcare personnel. The platform runs on a small computer with a dedicated remote control. It is connected to the patient's TV and to a broadband Internet. The platform has been tested with home-based rehabilitation and education programs for chronic obstructive pulmonary disease and diabetes. As part of our work, a risk assessment of privacy and security aspects has been performed, to reveal actual risks and to ensure adequate information security in this technical platform. Risk assessment was performed in an iterative manner during the development process. Thus, security solutions have been incorporated into the design from an early stage instead of being included as an add-on to a nearly completed system. We have adapted existing risk management methods to our own environment, thus creating our own method. Our method conforms to ISO's standard for information security risk management. A total of approximately 50 threats and possible unwanted incidents were identified and analysed. Among the threats to the four information security aspects: confidentiality, integrity, availability, and quality; confidentiality threats were identified as most serious, with one threat given an unacceptable level of High risk. This is because health-related personal information is regarded as sensitive. Availability threats were analysed as low risk, as the aim of the home programmes is to provide education and rehabilitation services; not for use in acute situations or for continuous health monitoring. Most of the identified threats are applicable for healthcare services intended for patients or citizens in their own homes. Confidentiality

Privacy and medical information on the Internet.

Science.gov (United States)

Nelson, Steven B

2006-02-01

Health-care consumers are beginning to realize the presence and value of health-care information available on the Internet, but they need to be aware of risks that may be involved. In addition to delivering information, some Web sites collect information. Though not all of the information might be classified as protected health information, consumers need to realize what is collected and how it might be used. Consumers should know a Web site\\'s privacy policy before divulging any personal information. Health-care providers have a responsibility to know what information they are collecting and why. Web servers may collect large amounts of visitor information by default, and they should be modified to limit data collection to only what is necessary. Providers need to be cognizant of the many regulations concerning collection and disclosure of information obtained from consumers. Providers should also provide an easily understood privacy policy for users.

The study on privacy preserving data mining for information security

Science.gov (United States)

Li, Xiaohui

2012-04-01

Privacy preserving data mining have a rapid development in a short year. But it still faces many challenges in the future. Firstly, the level of privacy has different definitions in different filed. Therefore, the measure of privacy preserving data mining technology protecting private information is not the same. So, it's an urgent issue to present a unified privacy definition and measure. Secondly, the most of research in privacy preserving data mining is presently confined to the theory study.

75 FR 36535 - Freedom of Information Act, Privacy Act of 1974; Implementation

Science.gov (United States)

2010-06-28

... DEPARTMENT OF THE TREASURY Office of the Secretary 31 CFR Part 1 Freedom of Information Act... Freedom of Information Act (FOIA) and its regulations concerning the Privacy Act of 1974 (Privacy Act). It... correct those errors. List of Subjects in 31 CFR Part 1 Freedom of Information; Privacy. 0 Accordingly...

The Geographic Information Grid System Based on Mobile Agent

Institute of Scientific and Technical Information of China (English)

无

2006-01-01

We analyze the deficiencies of current application systems, and discuss the key requirements of distributed Geographic Information service (GIS). We construct the distributed GIS on grid platform. Considering the flexibility and efficiency, we integrate the mobile agent technology into the system. We propose a new prototype system, the Geographic Information Grid System (GIGS) based on mobile agent. This system has flexible services and high performance, and improves the sharing of distributed resources. The service strategy of the system and the examples are also presented.

Privacy Protection in Personal Health Information and Shared Care Records

Directory of Open Access Journals (Sweden)

Roderick L B Neame

2014-03-01

Full Text Available Background The protection of personal information privacy has become one of the most pressing security concerns for record keepers. Many institutions have yet to implement the essential infrastructure for data privacy protection and patient control when accessing and sharing data; even more have failed to instil a privacy and security awareness mindset and culture amongst their staff. Increased regulation, together with better compliance monitoring has led to the imposition of increasingly significant monetary penalties for failures to protect privacy. Objective  There is growing pressure in clinical environments to deliver shared patient care and to support this with integrated information.  This demands that more information passes between institutions and care providers without breaching patient privacy or autonomy.  This can be achieved with relatively minor enhancements of existing infrastructures and does not require extensive investment in inter-operating electronic records: indeed such investments to date have been shown not to materially improve data sharing.Requirements for Privacy  There is an ethical duty as well as a legal obligation on the part of care providers (and record keepers to keep patient information confidential and to share it only with the authorisation of the patient.  To achieve this information storage and retrieval, and communication systems must be appropriately configured. Patients may consult clinicians anywhere and at any time: therefore their data must be available for recipient-driven retrieval under patient control and kept private. 

Health information: reconciling personal privacy with the public good of human health.

Science.gov (United States)

Gostin, L O

2001-01-01

The success of the health care system depends on the accuracy, correctness and trustworthiness of the information, and the privacy rights of individuals to control the disclosure of personal information. A national policy on health informational privacy should be guided by ethical principles that respect individual autonomy while recognizing the important collective interests in the use of health information. At present there are no adequate laws or constitutional principles to help guide a rational privacy policy. The laws are scattered and fragmented across the states. Constitutional law is highly general, without important specific safeguards. Finally, a case study is provided showing the important trade-offs that exist between public health and privacy. For a model public health law, see www.critpath.org/msphpa/privacy.

45 CFR 164.522 - Rights to request privacy protection for protected health information.

Science.gov (United States)

2010-10-01

... ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Privacy of Individually Identifiable Health Information § 164.522 Rights to request privacy protection for protected health information. (a)(1... 45 Public Welfare 1 2010-10-01 2010-10-01 false Rights to request privacy protection for protected...

78 FR 72063 - Open Meeting of the Information Security and Privacy Advisory Board

Science.gov (United States)

2013-12-02

... NIST on information security and privacy issues pertaining to federal computer systems. Details... Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology, Commerce. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB) will meet...

Toward a systems- and control-oriented agent framework.

Science.gov (United States)

Fregene, Kingsley; Kennedy, Diane C; Wang, David W L

2005-10-01

This paper develops a systems- and control-oriented intelligent agent framework called the hybrid intelligent control agent (HICA), as well as its composition into specific kinds of multiagent systems. HICA is essentially developed around a hybrid control system core so that knowledge-based planning and coordination can be integrated with verified hybrid control primitives to achieve the coordinated control of multiple multimode dynamical systems. The scheme is applied to the control of teams of unmanned air and ground vehicles engaged in a pursuit-evasion war game. Results are demonstrated in simulation.

Regulating genetic privacy in the online health information era.

Science.gov (United States)

Magnusson, Roger S

As the clinical implications of the genetic components of disease come to be better understood, there is likely to be a significant increase in the volume of genetic information held within clinical records. As patient health care records, in turn, come on-line as part of broader health information networks, there is likely to be considerable pressure in favour of special laws protecting genetic privacy. This paper reviews some of the privacy challenges posed by electronic health records, some government initiatives in this area, and notes the impact that developments in genetic testing will have upon the 'genetic content' of e-health records. Despite the sensitivity of genetic information, the paper argues against a policy of 'genetic exceptionalism', and its implications for genetic privacy laws.

Entropy-Based Privacy against Profiling of User Mobility

Directory of Open Access Journals (Sweden)

Alicia Rodriguez-Carrion

2015-06-01

Full Text Available Location-based services (LBSs flood mobile phones nowadays, but their use poses an evident privacy risk. The locations accompanying the LBS queries can be exploited by the LBS provider to build the user profile of visited locations, which might disclose sensitive data, such as work or home locations. The classic concept of entropy is widely used to evaluate privacy in these scenarios, where the information is represented as a sequence of independent samples of categorized data. However, since the LBS queries might be sent very frequently, location profiles can be improved by adding temporal dependencies, thus becoming mobility profiles, where location samples are not independent anymore and might disclose the user’s mobility patterns. Since the time dimension is factored in, the classic entropy concept falls short of evaluating the real privacy level, which depends also on the time component. Therefore, we propose to extend the entropy-based privacy metric to the use of the entropy rate to evaluate mobility profiles. Then, two perturbative mechanisms are considered to preserve locations and mobility profiles under gradual utility constraints. We further use the proposed privacy metric and compare it to classic ones to evaluate both synthetic and real mobility profiles when the perturbative methods proposed are applied. The results prove the usefulness of the proposed metric for mobility profiles and the need for tailoring the perturbative methods to the features of mobility profiles in order to improve privacy without completely loosing utility.

Information Privacy: The Attitudes and Behaviours of Internet Users

OpenAIRE

Jakovljević, Marija

2011-01-01

The rise of electronic commerce and the Internet have created new technologies and capabilities, which increase concern for privacy online. This study reports on the results of an investigation of Internet users attitudes towards concern for privacy online, online behaviours adopted under varying levels of concern for privacy (high, moderate and low) and the types of information Internet users are protective of. Methodological triangulation was used, whereby both quantitative and qualitative ...

Privacy, the individual and genetic information: a Buddhist perspective.

Science.gov (United States)

Hongladarom, Soraj

2009-09-01

Bioinformatics is a new field of study whose ethical implications involve a combination of bioethics, computer ethics and information ethics. This paper is an attempt to view some of these implications from the perspective of Buddhism. Privacy is a central concern in both computer/information ethics and bioethics, and with information technology being increasingly utilized to process biological and genetic data, the issue has become even more pronounced. Traditionally, privacy presupposes the individual self but as Buddhism does away with the ultimate conception of an individual self, it has to find a way to analyse and justify privacy that does not presuppose such a self. It does this through a pragmatic conception that does not depend on a positing of the substantial self, which is then found to be unnecessary for an effective protection of privacy. As it may be possible one day to link genetic data to individuals, the Buddhist conception perhaps offers a more flexible approach, as what is considered to be integral to an individual person is not fixed in objectivity but depends on convention.

Multi-dimensional information diffusion and balancing market supply: an agent-based approach

NARCIS (Netherlands)

Osinga, S.A.; Kramer, M.R.; Hofstede, G.J.; Beulens, A.J.M.

2013-01-01

This agent-based information management model is designed to explore how multi-dimensional information, spreading through a population of agents (for example farmers) affects market supply. Farmers make quality decisions that must be aligned with available markets. Markets distinguish themselves by

A Framework For Enhancing Privacy In Location Based Services Using K-Anonymity Model

Directory of Open Access Journals (Sweden)

Jane Mugi

2015-08-01

Full Text Available Abstract This paper presents a framework for enhancing privacy in Location Based Services using K-anonymity model. Users of location based services have to reveal their location information in order to use these services however this has threatened the user privacy. K-anonymity approach has been studied extensively in various forms. However it is only effective when the user location is fixed. When a user moves and continuously sends their location information the location service provider can approximate user trajectory which poses a threat to the trajectory privacy of the user. This framework will ensure that user privacy is enhanced for both snapshot and continuous queries. The efficiency and effectiveness of the proposed framework was evaluated the results indicate that the proposed framework has high success rate and good run time performance.

Trajectory data privacy protection based on differential privacy mechanism

Science.gov (United States)

Gu, Ke; Yang, Lihao; Liu, Yongzhi; Liao, Niandong

2018-05-01

In this paper, we propose a trajectory data privacy protection scheme based on differential privacy mechanism. In the proposed scheme, the algorithm first selects the protected points from the user’s trajectory data; secondly, the algorithm forms the polygon according to the protected points and the adjacent and high frequent accessed points that are selected from the accessing point database, then the algorithm calculates the polygon centroids; finally, the noises are added to the polygon centroids by the differential privacy method, and the polygon centroids replace the protected points, and then the algorithm constructs and issues the new trajectory data. The experiments show that the running time of the proposed algorithms is fast, the privacy protection of the scheme is effective and the data usability of the scheme is higher.

DEVELOPMENT OF THE INTELLECTUAL AGENT-ORIENTED SYSTEM FOR DECISION SUPPORT AT ENTERPRISE

Directory of Open Access Journals (Sweden)

G. Chornous

2014-06-01

Full Text Available Actual status of management confirms usefulness and necessity for development of scientific modeling tools for decision-making processes based on distributed artificial intelligence. The paper presents opportunities of the agent – oriented approach to support operative and strategic management decisions at the pharmaceutical enterprise. It is argued that the combination of intelligent agents technology and Data Mining (DM produces a powerful synergistic effect. The basis of the intellectual agent – oriented DSS (AODSS is proposed to put a hybrid approach to the use of DM. Hybrid intelligent AODSS is represented numerous network of small agents, it provides concurrent operation execution, solutions distribution, knowledge management. Agents can be divided into groups: data agents, monitoring agents, agents for solutions search, modeling agents, impact agents and presentations agents. The result of research is development of AODSS created as a multi-level system wherein the project, process and environment levels are intercommunicated. The combination of intelligent technologies in AODSS allows involve rules, cases, a wide range of DM methods and models. The paper proposes a variant of AODSS implementation within the real enterprise IT-infrastructure based on SAP NetWeaver. The analysis results of the semi-commercial operation of the system assures that it can improve managerial decisions inasmuch as accuracy, consistency, flexibility, speed together form the basis of actual efficient solutions.

75 FR 13258 - Announcing a Meeting of the Information Security and Privacy Advisory Board

Science.gov (United States)

2010-03-19

... Director of OMB on information security and privacy issues pertaining to Federal government information... Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology... hereby given that the Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, April...

Privacy impact assessment in the design of transnational public health information systems: the BIRO project.

Science.gov (United States)

Di Iorio, C T; Carinci, F; Azzopardi, J; Baglioni, V; Beck, P; Cunningham, S; Evripidou, A; Leese, G; Loevaas, K F; Olympios, G; Federici, M Orsini; Pruna, S; Palladino, P; Skeie, S; Taverner, P; Traynor, V; Benedetti, M Massi

2009-12-01

To foster the development of a privacy-protective, sustainable cross-border information system in the framework of a European public health project. A targeted privacy impact assessment was implemented to identify the best architecture for a European information system for diabetes directly tapping into clinical registries. Four steps were used to provide input to software designers and developers: a structured literature search, analysis of data flow scenarios or options, creation of an ad hoc questionnaire and conduction of a Delphi procedure. The literature search identified a core set of relevant papers on privacy (n = 11). Technicians envisaged three candidate system architectures, with associated data flows, to source an information flow questionnaire that was submitted to the Delphi panel for the selection of the best architecture. A detailed scheme envisaging an "aggregation by group of patients" was finally chosen, based upon the exchange of finely tuned summary tables. Public health information systems should be carefully engineered only after a clear strategy for privacy protection has been planned, to avoid breaching current regulations and future concerns and to optimise the development of statistical routines. The BIRO (Best Information Through Regional Outcomes) project delivers a specific method of privacy impact assessment that can be conveniently used in similar situations across Europe.

78 FR 54454 - Open Meeting of the Information Security and Privacy Advisory Board

Science.gov (United States)

2013-09-04

... security and privacy issues pertaining to federal computer systems. Details regarding the ISPAB's... Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology, Commerce. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB) will meet...

A Public-key based Information Management Model for Mobile Agents

OpenAIRE

Rodriguez, Diego; Sobrado, Igor

2000-01-01

Mobile code based computing requires development of protection schemes that allow digital signature and encryption of data collected by the agents in untrusted hosts. These algorithms could not rely on carrying encryption keys if these keys could be stolen or used to counterfeit data by hostile hosts and agents. As a consequence, both information and keys must be protected in a way that only authorized hosts, that is the host that provides information and the server that has sent the mobile a...

Ethical aspects of information security and privacy

NARCIS (Netherlands)

Brey, Philip A.E.; Petkovic, Milan; Jonker, Willem

2007-01-01

This chapter reviews ethical aspects of computer and information security and privacy. After an introduction to ethical approaches to information technology, the focus is first on ethical aspects of computer security. These include the moral importance of computer security, the relation between

Agent-based method for distributed clustering of textual information

Science.gov (United States)

Potok, Thomas E [Oak Ridge, TN; Reed, Joel W [Knoxville, TN; Elmore, Mark T [Oak Ridge, TN; Treadwell, Jim N [Louisville, TN

2010-09-28

A computer method and system for storing, retrieving and displaying information has a multiplexing agent (20) that calculates a new document vector (25) for a new document (21) to be added to the system and transmits the new document vector (25) to master cluster agents (22) and cluster agents (23) for evaluation. These agents (22, 23) perform the evaluation and return values upstream to the multiplexing agent (20) based on the similarity of the document to documents stored under their control. The multiplexing agent (20) then sends the document (21) and the document vector (25) to the master cluster agent (22), which then forwards it to a cluster agent (23) or creates a new cluster agent (23) to manage the document (21). The system also searches for stored documents according to a search query having at least one term and identifying the documents found in the search, and displays the documents in a clustering display (80) of similarity so as to indicate similarity of the documents to each other.

Fair Information Principles of Brazilian Companies online privacy policies

Directory of Open Access Journals (Sweden)

Patricia Zeni Marchiori

2016-05-01

Full Text Available This research aims to present the Fair Information Principles in the privacy policies of the websites of major Brazilian companies (according to the 2014 Forbes Magazine list. The check and analysis were supported by a checklist compiled from documents issued by the Federal Trade Commission and the Organization for Economic Co-operation and development. The study selected fourteen companies from a universe of twenty-five, considering the immediacy criterion of access to the privacy policy on their websites. The security (safeguards principle is the most widespread foundation at the privacy policies of the companies selected (existing in eight of the fourteen analyzed policies; and the principle of responsibility receives less adhesion due to the fact that it is not covered in any of the examined online privacy policies. The Sabesp Company presents the most complete privacy policy, considering the compliance with the Fair Information Principles when compared to the others perused, while WEG does not present any of the principles identified in the documental survey. As for e-commerce, the number of companies that assume some of the Principles is further reduced. For the selected universe the adherence to the Fair information Principles is still incipient, althought its use is not mandatory. An open discussion of the proposed Brazilian law about personal data protection should play an important role in creating further guidance on the subject. Additional studies in this subject should involve the perception of users, as well as a cutout of companies which target e-commerce, considering that an effective alignment with these principles and other guidelines are required in order to protect the user’s privacy and personal data in the web environment.

12 CFR 716.6 - Information to be included in privacy notices.

Science.gov (United States)

2010-01-01

...) Financial service providers; (ii) Non-financial companies; and (iii) Others. (4) Disclosures under exception... CREDIT UNIONS PRIVACY OF CONSUMER FINANCIAL INFORMATION Privacy and Opt Out Notices § 716.6 Information... jointly with another financial institution, you satisfy the disclosure requirement of paragraph (a)(5) of...

Modeling agent's preferences by its designer's social value orientation

Science.gov (United States)

Zuckerman, Inon; Cheng, Kan-Leung; Nau, Dana S.

2018-03-01

Human social preferences have been shown to play an important role in many areas of decision-making. There is evidence from the social science literature that human preferences in interpersonal interactions depend partly on a measurable personality trait called, Social Value Orientation (SVO). Automated agents are often written by humans to serve as their delegates when interacting with other agents. Thus, one might expect an agent's behaviour to be influenced by the SVO of its human designer. With that in mind, we present the following: first, we explore, discuss and provide a solution to the question of how SVO tests that were designed for humans can be used to evaluate agents' social preferences. Second, we show that in our example domain there is a medium-high positive correlation between the social preferences of agents and their human designers. Third, we exemplify how the SVO information of the designer can be used to improve the performance of some other agents playing against those agents, and lastly, we develop and exemplify the behavioural signature SVO model which allows us to better predict performances when interactions are repeated and behaviour is adapted.

Investigating the feasibility of a BCI-driven robot-based writing agent for handicapped individuals

Science.gov (United States)

Syan, Chanan S.; Harnarinesingh, Randy E. S.; Beharry, Rishi

2014-07-01

Brain-Computer Interfaces (BCIs) predominantly employ output actuators such as virtual keyboards and wheelchair controllers to enable handicapped individuals to interact and communicate with their environment. However, BCI-based assistive technologies are limited in their application. There is minimal research geared towards granting disabled individuals the ability to communicate using written words. This is a drawback because involving a human attendant in writing tasks can entail a breach of personal privacy where the task entails sensitive and private information such as banking matters. BCI-driven robot-based writing however can provide a safeguard for user privacy where it is required. This study investigated the feasibility of a BCI-driven writing agent using the 3 degree-of- freedom Phantom Omnibot. A full alphanumerical English character set was developed and validated using a teach pendant program in MATLAB. The Omnibot was subsequently interfaced to a P300-based BCI. Three subjects utilised the BCI in the online context to communicate words to the writing robot over a Local Area Network (LAN). The average online letter-wise classification accuracy was 91.43%. The writing agent legibly constructed the communicated letters with minor errors in trajectory execution. The developed system therefore provided a feasible platform for BCI-based writing.

Investigating the feasibility of a BCI-driven robot-based writing agent for handicapped individuals

International Nuclear Information System (INIS)

Syan, Chanan S; Harnarinesingh, Randy E S; Beharry, Rishi

2014-01-01

Brain-Computer Interfaces (BCIs) predominantly employ output actuators such as virtual keyboards and wheelchair controllers to enable handicapped individuals to interact and communicate with their environment. However, BCI-based assistive technologies are limited in their application. There is minimal research geared towards granting disabled individuals the ability to communicate using written words. This is a drawback because involving a human attendant in writing tasks can entail a breach of personal privacy where the task entails sensitive and private information such as banking matters. BCI-driven robot-based writing however can provide a safeguard for user privacy where it is required. This study investigated the feasibility of a BCI-driven writing agent using the 3 degree-of- freedom Phantom Omnibot. A full alphanumerical English character set was developed and validated using a teach pendant program in MATLAB. The Omnibot was subsequently interfaced to a P300-based BCI. Three subjects utilised the BCI in the online context to communicate words to the writing robot over a Local Area Network (LAN). The average online letter-wise classification accuracy was 91.43%. The writing agent legibly constructed the communicated letters with minor errors in trajectory execution. The developed system therefore provided a feasible platform for BCI-based writing

Privacy and Innovation

OpenAIRE

Avi Goldfarb; Catherine Tucker

2011-01-01

Information and communication technology now enables firms to collect detailed and potentially intrusive data about their customers both easily and cheaply. This means that privacy concerns are no longer limited to government surveillance and public figures' private lives. The empirical literature on privacy regulation shows that privacy regulation may affect the extent and direction of data-based innovation. We also show that the impact of privacy regulation can be extremely heterogeneous. T...

Application of Agent Methodology in Healthcare Information Systems

Directory of Open Access Journals (Sweden)

Reem Abdalla

2017-02-01

Full Text Available This paper presents a case study to describe the features and the phases of the two agent methodologies. The Gaia methodology for agent oriented analysis and design, Tropos is a detailed agent oriented software engineering methodology to explore each methodology's ability to present solutions for small problems. Also we provide an attempt to discover whether the methodology is in fact understandable and usable. In addition we were collecting and taking notes of the advantages and weaknesses of these methodologies during the study analysis for each methodology and the relationships among their models. The Guardian Angle: Patient-Centered Health Information System (GA: PCHIS is the personal system to help track, manage, and interpret the subject's health history, and give advice to both patient and provider is used as the case study throughout the paper.

Privacy protection for personal health information and shared care records.

Science.gov (United States)

Neame, Roderick L B

2014-01-01

The protection of personal information privacy has become one of the most pressing security concerns for record keepers: this will become more onerous with the introduction of the European General Data Protection Regulation (GDPR) in mid-2014. Many institutions, both large and small, have yet to implement the essential infrastructure for data privacy protection and patient consent and control when accessing and sharing data; even more have failed to instil a privacy and security awareness mindset and culture amongst their staff. Increased regulation, together with better compliance monitoring, has led to the imposition of increasingly significant monetary penalties for failure to protect privacy: these too are set to become more onerous under the GDPR, increasing to a maximum of 2% of annual turnover. There is growing pressure in clinical environments to deliver shared patient care and to support this with integrated information. This demands that more information passes between institutions and care providers without breaching patient privacy or autonomy. This can be achieved with relatively minor enhancements of existing infrastructures and does not require extensive investment in inter-operating electronic records: indeed such investments to date have been shown not to materially improve data sharing. REQUIREMENTS FOR PRIVACY: There is an ethical duty as well as a legal obligation on the part of care providers (and record keepers) to keep patient information confidential and to share it only with the authorisation of the patient. To achieve this information storage and retrieval, communication systems must be appropriately configured. There are many components of this, which are discussed in this paper. Patients may consult clinicians anywhere and at any time: therefore, their data must be available for recipient-driven retrieval (i.e. like the World Wide Web) under patient control and kept private: a method for delivering this is outlined.

Service orientation in holonic and multi agent manufacturing and robotics

CERN Document Server

Thomas, Andre; Trentesaux, Damien

2013-01-01

The book covers four research domains representing a trend for modern manufacturing control: Holonic and Multi-agent technologies for industrial systems; Intelligent Product and Product-driven Automation; Service Orientation of Enterprise’s strategic and technical processes; and Distributed Intelligent Automation Systems. These evolution lines have in common concepts related to service orientation derived from the Service Oriented Architecture (SOA) paradigm.     The service-oriented multi-agent systems approach discussed in the book is characterized by the use of a set of distributed autonomous and cooperative agents, embedded in smart components that use the SOA principles, being oriented by offer and request of services, in order to fulfil production systems and value chain goals.   A new integrated vision combining emergent technologies is offered, to create control structures with distributed intelligence supporting the vertical and horizontal enterprise integration and running in truly distributed ...

Trust and Privacy Solutions Based on Holistic Service Requirements

Science.gov (United States)

Sánchez Alcón, José Antonio; López, Lourdes; Martínez, José-Fernán; Rubio Cifuentes, Gregorio

2015-01-01

The products and services designed for Smart Cities provide the necessary tools to improve the management of modern cities in a more efficient way. These tools need to gather citizens’ information about their activity, preferences, habits, etc. opening up the possibility of tracking them. Thus, privacy and security policies must be developed in order to satisfy and manage the legislative heterogeneity surrounding the services provided and comply with the laws of the country where they are provided. This paper presents one of the possible solutions to manage this heterogeneity, bearing in mind these types of networks, such as Wireless Sensor Networks, have important resource limitations. A knowledge and ontology management system is proposed to facilitate the collaboration between the business, legal and technological areas. This will ease the implementation of adequate specific security and privacy policies for a given service. All these security and privacy policies are based on the information provided by the deployed platforms and by expert system processing. PMID:26712752

Trust and Privacy Solutions Based on Holistic Service Requirements

Directory of Open Access Journals (Sweden)

José Antonio Sánchez Alcón

2015-12-01

Full Text Available The products and services designed for Smart Cities provide the necessary tools to improve the management of modern cities in a more efficient way. These tools need to gather citizens’ information about their activity, preferences, habits, etc. opening up the possibility of tracking them. Thus, privacy and security policies must be developed in order to satisfy and manage the legislative heterogeneity surrounding the services provided and comply with the laws of the country where they are provided. This paper presents one of the possible solutions to manage this heterogeneity, bearing in mind these types of networks, such as Wireless Sensor Networks, have important resource limitations. A knowledge and ontology management system is proposed to facilitate the collaboration between the business, legal and technological areas. This will ease the implementation of adequate specific security and privacy policies for a given service. All these security and privacy policies are based on the information provided by the deployed platforms and by expert system processing.

Trust and Privacy Solutions Based on Holistic Service Requirements.

Science.gov (United States)

Sánchez Alcón, José Antonio; López, Lourdes; Martínez, José-Fernán; Rubio Cifuentes, Gregorio

2015-12-24

The products and services designed for Smart Cities provide the necessary tools to improve the management of modern cities in a more efficient way. These tools need to gather citizens' information about their activity, preferences, habits, etc. opening up the possibility of tracking them. Thus, privacy and security policies must be developed in order to satisfy and manage the legislative heterogeneity surrounding the services provided and comply with the laws of the country where they are provided. This paper presents one of the possible solutions to manage this heterogeneity, bearing in mind these types of networks, such as Wireless Sensor Networks, have important resource limitations. A knowledge and ontology management system is proposed to facilitate the collaboration between the business, legal and technological areas. This will ease the implementation of adequate specific security and privacy policies for a given service. All these security and privacy policies are based on the information provided by the deployed platforms and by expert system processing.

22 CFR 51.22 - Passport agents and passport acceptance agents.

Science.gov (United States)

2010-04-01

... misdemeanor conviction for crimes involving moral turpitude or breach of trust, including but not limited to...) Safeguarding passport application information under the Privacy Act of 1974. Passport acceptance agents...

Anonymity versus privacy: Selective information sharing in online cancer communities

NARCIS (Netherlands)

Frost, J.H.; Vermeulen, I.E.; Beekers, N.

2014-01-01

Background: Active sharing in online cancer communities benefits patients. However, many patients refrain from sharing health information online due to privacy concerns. Existing research on privacy emphasizes data security and confidentiality, largely focusing on electronic medical records. Patient

Secure privacy-preserving biometric authentication scheme for telecare medicine information systems.

Science.gov (United States)

Li, Xuelei; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

2014-11-01

Healthcare delivery services via telecare medicine information systems (TMIS) can help patients to obtain their desired telemedicine services conveniently. However, information security and privacy protection are important issues and crucial challenges in healthcare information systems, where only authorized patients and doctors can employ telecare medicine facilities and access electronic medical records. Therefore, a secure authentication scheme is urgently required to achieve the goals of entity authentication, data confidentiality and privacy protection. This paper investigates a new biometric authentication with key agreement scheme, which focuses on patient privacy and medical data confidentiality in TMIS. The new scheme employs hash function, fuzzy extractor, nonce and authenticated Diffie-Hellman key agreement as primitives. It provides patient privacy protection, e.g., hiding identity from being theft and tracked by unauthorized participant, and preserving password and biometric template from being compromised by trustless servers. Moreover, key agreement supports secure transmission by symmetric encryption to protect patient's medical data from being leaked. Finally, the analysis shows that our proposal provides more security and privacy protection for TMIS.

A Distributed Multi-Agent System for Collaborative Information Management and Learning

Science.gov (United States)

Chen, James R.; Wolfe, Shawn R.; Wragg, Stephen D.; Koga, Dennis (Technical Monitor)

2000-01-01

In this paper, we present DIAMS, a system of distributed, collaborative agents to help users access, manage, share and exchange information. A DIAMS personal agent helps its owner find information most relevant to current needs. It provides tools and utilities for users to manage their information repositories with dynamic organization and virtual views. Flexible hierarchical display is integrated with indexed query search-to support effective information access. Automatic indexing methods are employed to support user queries and communication between agents. Contents of a repository are kept in object-oriented storage to facilitate information sharing. Collaboration between users is aided by easy sharing utilities as well as automated information exchange. Matchmaker agents are designed to establish connections between users with similar interests and expertise. DIAMS agents provide needed services for users to share and learn information from one another on the World Wide Web.

LPPS: A Distributed Cache Pushing Based K-Anonymity Location Privacy Preserving Scheme

Directory of Open Access Journals (Sweden)

Ming Chen

2016-01-01

Full Text Available Recent years have witnessed the rapid growth of location-based services (LBSs for mobile social network applications. To enable location-based services, mobile users are required to report their location information to the LBS servers and receive answers of location-based queries. Location privacy leak happens when such servers are compromised, which has been a primary concern for information security. To address this issue, we propose the Location Privacy Preservation Scheme (LPPS based on distributed cache pushing. Unlike existing solutions, LPPS deploys distributed cache proxies to cover users mostly visited locations and proactively push cache content to mobile users, which can reduce the risk of leaking users’ location information. The proposed LPPS includes three major process. First, we propose an algorithm to find the optimal deployment of proxies to cover popular locations. Second, we present cache strategies for location-based queries based on the Markov chain model and propose update and replacement strategies for cache content maintenance. Third, we introduce a privacy protection scheme which is proved to achieve k-anonymity guarantee for location-based services. Extensive experiments illustrate that the proposed LPPS achieves decent service coverage ratio and cache hit ratio with lower communication overhead compared to existing solutions.

Privacy and Personal Information Held by Government: A Comparative Study, Japan and New Zealand

Science.gov (United States)

Cullen, Rowena

This chapter reports on the concepts of information privacy and trust in government among citizens in Japan and New Zealand in a transnational, crosscultural study. Data from both countries are presented, and cultural and other factors are sought that might explain differences in attitudes shown. In both countries, citizens display a range of views, not related to age or gender. New Zealand citizens express concern about information privacy in relation to information held by government, but show a higher level of trust in government overall, and most attribute breaches of privacy to incompetence, rather than deliberate malfeasance. Japanese citizens interviewed also indicated that they had major concerns about information privacy, and had considerably less trust in government than New Zealand respondents showed. They were more inclined to attribute breaches of privacy to lax behavior in individuals than government systems. In both countries citizens showed an awareness of the tradeoffs necessary between personal privacy and the needs of the state to hold information for the benefit of all citizens, but knew little about the protection offered by privacy legislation, and expressed overall concern about privacy practices in the modern state. The study also provides evidence of cultural differences that can be related to Hofstede's dimensions of culture.

Ambient intelligence & personalization : people's perspectives on information privacy

NARCIS (Netherlands)

Garde - Perik, van de E.M.

2009-01-01

Current developments towards Ambient Intelligence and related technological visions of the future are founded on continuous collection of information about individuals and their activities. This collection of information, its potentially persistent storage, dissemination and use raise privacy

78 FR 25254 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

Science.gov (United States)

2013-04-30

... information security and privacy issues pertaining to federal computer systems. Details regarding the ISPAB's... of the Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology, Commerce. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB...

76 FR 34650 - Announcing a Meeting of the Information Security and Privacy Advisory Board

Science.gov (United States)

2011-06-14

... Commerce and the Director of NIST on security and privacy issues pertaining to federal computer systems... Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology, Department of Commerce. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB...

Russian and Foreign Experience of Integration of Agent-Based Models and Geographic Information Systems

Directory of Open Access Journals (Sweden)

Konstantin Anatol’evich Gulin

2016-11-01

Full Text Available The article provides an overview of the mechanisms of integration of agent-based models and GIS technology developed by Russian and foreign researchers. The basic framework of the article is based on critical analysis of domestic and foreign literature (monographs, scientific articles. The study is based on the application of universal scientific research methods: system approach, analysis and synthesis, classification, systematization and grouping, generalization and comparison. The article presents theoretical and methodological bases of integration of agent-based models and geographic information systems. The concept and essence of agent-based models are explained; their main advantages (compared to other modeling methods are identified. The paper characterizes the operating environment of agents as a key concept in the theory of agent-based modeling. It is shown that geographic information systems have a wide range of information resources for calculations, searching, modeling of the real world in various aspects, acting as an effective tool for displaying the agents’ operating environment and allowing to bring the model as close as possible to the real conditions. The authors also focus on a wide range of possibilities for various researches in different spatial and temporal contexts. Comparative analysis of platforms supporting the integration of agent-based models and geographic information systems has been carried out. The authors give examples of complex socio-economic models: the model of a creative city, humanitarian assistance model. In the absence of standards for research results description, the authors focus on the models’ elements such as the characteristics of the agents and their operation environment, agents’ behavior, rules of interaction between the agents and the external environment. The paper describes the possibilities and prospects of implementing these models

People-oriented Information Visualization Design

Science.gov (United States)

Chen, Zhiyong; Zhang, Bolun

2018-04-01

In the 21st century with rapid development, in the wake of the continuous progress of science and technology, human society enters the information era and the era of big data, and the lifestyle and aesthetic system also change accordingly, so the emerging field of information visualization is increasingly popular. Information visualization design is the process of visualizing all kinds of tedious information data, so as to quickly accept information and save time-cost. Along with the development of the process of information visualization, information design, also becomes hotter and hotter, and emotional design, people-oriented design is an indispensable part of in the design of information. This paper probes information visualization design through emotional analysis of information design based on the social context of people-oriented experience from the perspective of art design. Based on the three levels of emotional information design: instinct level, behavior level and reflective level research, to explore and discuss information visualization design.

76 FR 7818 - Announcing a Meeting of the Information Security and Privacy Advisory Board

Science.gov (United States)

2011-02-11

... advise the Secretary of Commerce and the Director of NIST on security and privacy issues pertaining to... Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology, Commerce. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB) will meet...

75 FR 39920 - Announcing a Meeting of the Information Security and Privacy Advisory Board

Science.gov (United States)

2010-07-13

... advise the Secretary of Commerce and the Director of NIST on security and privacy issues pertaining to... Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, August...

Privacy Preservation in Distributed Subgradient Optimization Algorithms

OpenAIRE

Lou, Youcheng; Yu, Lean; Wang, Shouyang

2015-01-01

Privacy preservation is becoming an increasingly important issue in data mining and machine learning. In this paper, we consider the privacy preserving features of distributed subgradient optimization algorithms. We first show that a well-known distributed subgradient synchronous optimization algorithm, in which all agents make their optimization updates simultaneously at all times, is not privacy preserving in the sense that the malicious agent can learn other agents' subgradients asymptotic...

An Effective Privacy Architecture to Preserve User Trajectories in Reward-Based LBS Applications

Directory of Open Access Journals (Sweden)

A S M Touhidul Hasan

2018-02-01

Full Text Available How can training performance data (e.g., running or walking routes be collected, measured, and published in a mobile program while preserving user privacy? This question is becoming important in the context of the growing use of reward-based location-based service (LBS applications, which aim to promote employee training activities and to share such data with insurance companies in order to reduce the healthcare insurance costs of an organization. One of the main concerns of such applications is the privacy of user trajectories, because the applications normally collect user locations over time with identities. The leak of the identified trajectories often results in personal privacy breaches. For instance, a trajectory would expose user interest in places and behaviors in time by inference and linking attacks. This information can be used for spam advertisements or individual-based assaults. To the best of our knowledge, no existing studies can be directly applied to solve the problem while keeping data utility. In this paper, we identify the personal privacy problem in a reward-based LBS application and propose privacy architecture with a bounded perturbation technique to protect user’s trajectory from the privacy breaches. Bounded perturbation uses global location set (GLS to anonymize the trajectory data. In addition, the bounded perturbation will not generate any visiting points that are not possible to visit in real time. The experimental results on real-world datasets demonstrate that the proposed bounded perturbation can effectively anonymize location information while preserving data utility compared to the existing methods.

Agent-Based Modeling of Taxi Behavior Simulation with Probe Vehicle Data

Directory of Open Access Journals (Sweden)

Saurav Ranjit

2018-05-01

Full Text Available Taxi behavior is a spatial–temporal dynamic process involving discrete time dependent events, such as customer pick-up, customer drop-off, cruising, and parking. Simulation models, which are a simplification of a real-world system, can help understand the effects of change of such dynamic behavior. In this paper, agent-based modeling and simulation is proposed, that describes the dynamic action of an agent, i.e., taxi, governed by behavior rules and properties, which emulate the taxi behavior. Taxi behavior simulations are fundamentally done for optimizing the service level for both taxi drivers as well as passengers. Moreover, simulation techniques, as such, could be applied to another field of application as well, where obtaining real raw data are somewhat difficult due to privacy issues, such as human mobility data or call detail record data. This paper describes the development of an agent-based simulation model which is based on multiple input parameters (taxi stay point cluster; trip information (origin and destination; taxi demand information; free taxi movement; and network travel time that were derived from taxi probe GPS data. As such, agent’s parameters were mapped into grid network, and the road network, for which the grid network was used as a base for query/search/retrieval of taxi agent’s parameters, while the actual movement of taxi agents was on the road network with routing and interpolation. The results obtained from the simulated taxi agent data and real taxi data showed a significant level of similarity of different taxi behavior, such as trip generation; trip time; trip distance as well as trip occupancy, based on its distribution. As for efficient data handling, a distributed computing platform for large-scale data was used for extracting taxi agent parameter from the probe data by utilizing both spatial and non-spatial indexing technique.

Privacy and Anonymity in the Information Society – Challenges for the European Union

Directory of Open Access Journals (Sweden)

Ioannis A. Tsoukalas

2011-01-01

Full Text Available Electronic information is challenging traditional views on property and privacy. The explosion of digital data, driven by novel web applications, social networking, and mobile devices makes data security and the protection of privacy increasingly difficult. Furthermore, biometric data and radiofrequency identification applications enable correlations that are able to trace our cultural, behavioral, and emotional states. The concept of privacy in the digital realm is transformed and emerges as one of the biggest risks facing today's Information Society. In this context, the European Union (EU policy-making procedures strive to adapt to the pace of technological advancement. The EU needs to improve the existing legal frameworks for privacy and data protection. It needs to work towards a “privacy by education” approach for the empowerment of “privacy-literate” European digital citizens.

(a,k)-Anonymous Scheme for Privacy-Preserving Data Collection in IoT-based Healthcare Services Systems.

Science.gov (United States)

Li, Hongtao; Guo, Feng; Zhang, Wenyin; Wang, Jie; Xing, Jinsheng

2018-02-14

The widely use of IoT technologies in healthcare services has pushed forward medical intelligence level of services. However, it also brings potential privacy threat to the data collection. In healthcare services system, health and medical data that contains privacy information are often transmitted among networks, and such privacy information should be protected. Therefore, there is a need for privacy-preserving data collection (PPDC) scheme to protect clients (patients) data. We adopt (a,k)-anonymity model as privacy pretection scheme for data collection, and propose a novel anonymity-based PPDC method for healthcare services in this paper. The threat model is analyzed in the client-server-to-user (CS2U) model. On client-side, we utilize (a,k)-anonymity notion to generate anonymous tuples which can resist possible attack, and adopt a bottom-up clustering method to create clusters that satisfy a base privacy level of (a 1 ,k 1 )-anonymity. On server-side, we reduce the communication cost through generalization technology, and compress (a 1 ,k 1 )-anonymous data through an UPGMA-based cluster combination method to make the data meet the deeper level of privacy (a 2 ,k 2 )-anonymity (a 1  ≥ a 2 , k 2  ≥ k 1 ). Theoretical analysis and experimental results prove that our scheme is effective in privacy-preserving and data quality.

RESEARCH ON REMOTE SENSING GEOLOGICAL INFORMATION EXTRACTION BASED ON OBJECT ORIENTED CLASSIFICATION

Directory of Open Access Journals (Sweden)

H. Gao

2018-04-01

Full Text Available The northern Tibet belongs to the Sub cold arid climate zone in the plateau. It is rarely visited by people. The geological working conditions are very poor. However, the stratum exposures are good and human interference is very small. Therefore, the research on the automatic classification and extraction of remote sensing geological information has typical significance and good application prospect. Based on the object-oriented classification in Northern Tibet, using the Worldview2 high-resolution remote sensing data, combined with the tectonic information and image enhancement, the lithological spectral features, shape features, spatial locations and topological relations of various geological information are excavated. By setting the threshold, based on the hierarchical classification, eight kinds of geological information were classified and extracted. Compared with the existing geological maps, the accuracy analysis shows that the overall accuracy reached 87.8561 %, indicating that the classification-oriented method is effective and feasible for this study area and provides a new idea for the automatic extraction of remote sensing geological information.

Perspectives of Australian adults about protecting the privacy of their health information in statistical databases.

Science.gov (United States)

King, Tatiana; Brankovic, Ljiljana; Gillard, Patricia

2012-04-01

The aim of this study was to discover the public's attitude and views towards privacy in health care. This is a part of a larger project which aims to gain an insight into what kind of privacy is needed and develop technical measures to provide such privacy. The study was a two-stage process which combined qualitative and quantitative research. Stage One of the study comprised arranging and facilitating focus groups while in Stage Two we conducted a social survey. We measured attitudes towards privacy, medical research and consent; privacy concern about sharing one's health information for research; privacy concern about the possibility that some specific information from medical records could be linked to the patient's name in a situation that was not related to medical treatment. The results of the study revealed both great support for medical research (98%), and concern about privacy of health information (66%). Participants prefer to be asked for their permission before their health information is used for any purpose other than medical treatment (92%), and they would like to know the organisation and details of the research before allowing the use of their health records (83%). Age, level of education, place of birth and employment status are most strongly associated with privacy concerns. The study showed that there are some particularly sensitive issues and there is a concern (42-60%) about any possibility of linking these kinds of data to the patient's name in a situation that is not related to medical treatment. Such issues include sexually transmitted diseases, abortions and infertility, family medical history/genetic disorders, mental illness, drug/alcohol related incidents, lists of previous operations/procedures/dates and current medications. Participants believe they should be asked for permission before their health information is used for any purpose other than medical treatment. However, consent and privacy concerns are not necessary related

77 FR 58980 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

Science.gov (United States)

2012-09-25

... privacy issues pertaining to federal computer systems. Details regarding the ISPAB's activities are... of the Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology, Commerce. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB...

A privacy authentication scheme based on cloud for medical environment.

Science.gov (United States)

Chen, Chin-Ling; Yang, Tsai-Tung; Chiang, Mao-Lun; Shih, Tzay-Farn

2014-11-01

With the rapid development of the information technology, the health care technologies already became matured. Such as electronic medical records that can be easily stored. However, how to get medical resources more convenient is currently concerning issue. In spite of many literatures discussed about medical systems, these literatures should face many security challenges. The most important issue is patients' privacy. Therefore, we propose a privacy authentication scheme based on cloud environment. In our scheme, we use mobile device's characteristics, allowing peoples to use medical resources on the cloud environment to find medical advice conveniently. The digital signature is used to ensure the security of the medical information that is certified by the medical department in our proposed scheme.

Privacy-aware mobile agent: Protecting privacy in open systems by modelling social behaviour of software agents

NARCIS (Netherlands)

Meyer, A.P.

2004-01-01

In distributed problem solving with multi-agent systems it is assumed that collective behaviour emerges from interaction among rational agents. The dissemination of mobile agents will lead to open systems. Emergent behaviour in open systems must fulfil common goals based on goals of individual

Teaching Information Privacy in Marketing Courses: Key Educational Issues for Principles of Marketing and Elective Marketing Courses

Science.gov (United States)

Peltier, James W.; Milne, George R.; Phelps, Joseph E.; Barrett, Jennifer T.

2010-01-01

An "information privacy gap" exists in marketing education, with little research addressing the state of information privacy and how appropriate privacy strategies and tactics should be communicated to students. The primary purpose of this article is to provide educators an understanding of information privacy and how they can incorporate this…

Privacy, confidentiality and automated health information systems.

Science.gov (United States)

Vuori, H

1977-12-01

Professor Vuori's paper, first presented at the fourth Medico-legal Conference in Prague in the spring of this year, deals with the problem of the maintenance of confidentiality in computerized health records. Although more and more information is required, the hardware of the computer systems is so sophisticated that it would be very expensive indeed to 'break in' and steal from a modern data bank. Those concerned with programming computers are becoming more aware of their responsibilities concerning confidentiality and privacy, to the extent that a legal code of ethics for programmers is being formulated. They are also aware that the most sensitive of all relationships--the doctor-patient relationship--could be in danger if they failed to maintain high standards of integrity. An area of danger is where administrative boundaries between systems must be crossed--say between those of health and employment. Protection of privacy must be ensured by releasing full information about the type of data being stored, and by maintaining democratic control over the establishment of information systems.

78 FR 89 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

Science.gov (United States)

2013-01-02

... Management and Budget, and the Director of NIST on security and privacy issues pertaining to federal computer... of the Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology, Commerce. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB...

76 FR 81477 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

Science.gov (United States)

2011-12-28

... advise the Secretary of Commerce and the Director of NIST on security and privacy issues pertaining to... of the Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB) will meet...

77 FR 25686 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

Science.gov (United States)

2012-05-01

... Director of the Office of Management and Budget, and the Director of NIST on security and privacy issues... of the Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology, Commerce. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB...

DEVELOPMENT OF THE INTELLECTUAL AGENT-ORIENTED SYSTEM FOR DECISION SUPPORT AT ENTERPRISE

OpenAIRE

G. Chornous

2014-01-01

Actual status of management confirms usefulness and necessity for development of scientific modeling tools for decision-making processes based on distributed artificial intelligence. The paper presents opportunities of the agent – oriented approach to support operative and strategic management decisions at the pharmaceutical enterprise. It is argued that the combination of intelligent agents technology and Data Mining (DM) produces a powerful synergistic effect. The basis of the intellectual ...

Exploring the Far Side of Mobile Health: Information Security and Privacy of Mobile Health Apps on iOS and Android.

Science.gov (United States)

Dehling, Tobias; Gao, Fangjian; Schneider, Stephan; Sunyaev, Ali

2015-01-19

Mobile health (mHealth) apps aim at providing seamless access to tailored health information technology and have the potential to alleviate global health burdens. Yet, they bear risks to information security and privacy because users need to reveal private, sensitive medical information to redeem certain benefits. Due to the plethora and diversity of available mHealth apps, implications for information security and privacy are unclear and complex. The objective of this study was to establish an overview of mHealth apps offered on iOS and Android with a special focus on potential damage to users through information security and privacy infringements. We assessed apps available in English and offered in the categories "Medical" and "Health & Fitness" in the iOS and Android App Stores. Based on the information retrievable from the app stores, we established an overview of available mHealth apps, tagged apps to make offered information machine-readable, and clustered the discovered apps to identify and group similar apps. Subsequently, information security and privacy implications were assessed based on health specificity of information available to apps, potential damage through information leaks, potential damage through information manipulation, potential damage through information loss, and potential value of information to third parties. We discovered 24,405 health-related apps (iOS; 21,953; Android; 2452). Absence or scarceness of ratings for 81.36% (17,860/21,953) of iOS and 76.14% (1867/2452) of Android apps indicates that less than a quarter of mHealth apps are in more or less widespread use. Clustering resulted in 245 distinct clusters, which were consolidated into 12 app archetypes grouping clusters with similar assessments of potential damage through information security and privacy infringements. There were 6426 apps that were excluded during clustering. The majority of apps (95.63%, 17,193/17,979; of apps) pose at least some potential damage through

Location Privacy Protection Based on Improved K-Value Method in Augmented Reality on Mobile Devices

Directory of Open Access Journals (Sweden)

Chunyong Yin

2017-01-01

Full Text Available With the development of Augmented Reality technology, the application of location based service (LBS is more and more popular, which provides enormous convenience to people’s life. User location information could be obtained at anytime and anywhere. So user location privacy security suffers huge threats. Therefore, it is crucial to pay attention to location privacy protection in LBS. Based on the architecture of the trusted third party (TTP, we analyzed the advantages and shortages of existing location privacy protection methods in LBS on mobile terminal. Then we proposed the improved K-value location privacy protection method according to privacy level, which combines k-anonymity method with pseudonym method. Through the simulation experiment, the results show that this improved method can anonymize all service requests effectively. In addition to the experiment of execution time, it demonstrated that our proposed method can realize the location privacy protection more efficiently.

Large-scale Health Information Database and Privacy Protection.

Science.gov (United States)

Yamamoto, Ryuichi

2016-09-01

Japan was once progressive in the digitalization of healthcare fields but unfortunately has fallen behind in terms of the secondary use of data for public interest. There has recently been a trend to establish large-scale health databases in the nation, and a conflict between data use for public interest and privacy protection has surfaced as this trend has progressed. Databases for health insurance claims or for specific health checkups and guidance services were created according to the law that aims to ensure healthcare for the elderly; however, there is no mention in the act about using these databases for public interest in general. Thus, an initiative for such use must proceed carefully and attentively. The PMDA projects that collect a large amount of medical record information from large hospitals and the health database development project that the Ministry of Health, Labour and Welfare (MHLW) is working on will soon begin to operate according to a general consensus; however, the validity of this consensus can be questioned if issues of anonymity arise. The likelihood that researchers conducting a study for public interest would intentionally invade the privacy of their subjects is slim. However, patients could develop a sense of distrust about their data being used since legal requirements are ambiguous. Nevertheless, without using patients' medical records for public interest, progress in medicine will grind to a halt. Proper legislation that is clear for both researchers and patients will therefore be highly desirable. A revision of the Act on the Protection of Personal Information is currently in progress. In reality, however, privacy is not something that laws alone can protect; it will also require guidelines and self-discipline. We now live in an information capitalization age. I will introduce the trends in legal reform regarding healthcare information and discuss some basics to help people properly face the issue of health big data and privacy

Systems, methods and apparatus for modeling, specifying and deploying policies in autonomous and autonomic systems using agent-oriented software engineering

Science.gov (United States)

Hinchey, Michael G. (Inventor); Penn, Joaquin (Inventor); Sterritt, Roy (Inventor)

2011-01-01

Systems, methods and apparatus are provided through which in some embodiments, an agent-oriented specification modeled with MaCMAS, is analyzed, flaws in the agent-oriented specification modeled with MaCMAS are corrected, and an implementation is derived from the corrected agent-oriented specification. Described herein are systems, method and apparatus that produce fully (mathematically) tractable development of agent-oriented specification(s) modeled with methodology fragment for analyzing complex multiagent systems (MaCMAS) and policies for autonomic systems from requirements through to code generation. The systems, method and apparatus described herein are illustrated through an example showing how user formulated policies can be translated into a formal mode which can then be converted to code. The requirements-based programming systems, method and apparatus described herein may provide faster, higher quality development and maintenance of autonomic systems based on user formulation of policies.

Trust-based information system architecture for personal wellness.

Science.gov (United States)

Ruotsalainen, Pekka; Nykänen, Pirkko; Seppälä, Antto; Blobel, Bernd

2014-01-01

Modern eHealth, ubiquitous health and personal wellness systems take place in an unsecure and ubiquitous information space where no predefined trust occurs. This paper presents novel information model and an architecture for trust based privacy management of personal health and wellness information in ubiquitous environment. The architecture enables a person to calculate a dynamic and context-aware trust value for each service provider, and using it to design personal privacy policies for trustworthy use of health and wellness services. For trust calculation a novel set of measurable context-aware and health information-sensitive attributes is developed. The architecture enables a person to manage his or her privacy in ubiquitous environment by formulating context-aware and service provider specific policies. Focus groups and information modelling was used for developing a wellness information model. System analysis method based on sequential steps that enable to combine results of analysis of privacy and trust concerns and the selection of trust and privacy services was used for development of the information system architecture. Its services (e.g. trust calculation, decision support, policy management and policy binding services) and developed attributes enable a person to define situation-aware policies that regulate the way his or her wellness and health information is processed.

Security of electronic medical information and patient privacy: what you need to know.

Science.gov (United States)

Andriole, Katherine P

2014-12-01

The responsibility that physicians have to protect their patients from harm extends to protecting the privacy and confidentiality of patient health information including that contained within radiological images. The intent of HIPAA and subsequent HIPAA Privacy and Security Rules is to keep patients' private information confidential while allowing providers access to and maintaining the integrity of relevant information needed to provide care. Failure to comply with electronic protected health information (ePHI) regulations could result in financial or criminal penalties or both. Protected health information refers to anything that can reasonably be used to identify a patient (eg, name, age, date of birth, social security number, radiology examination accession number). The basic tools and techniques used to maintain medical information security and patient privacy described in this article include physical safeguards such as computer device isolation and data backup, technical safeguards such as firewalls and secure transmission modes, and administrative safeguards including documentation of security policies, training of staff, and audit tracking through system logs. Other important concepts related to privacy and security are explained, including user authentication, authorization, availability, confidentiality, data integrity, and nonrepudiation. Patient privacy and security of medical information are critical elements in today's electronic health care environment. Radiology has led the way in adopting digital systems to make possible the availability of medical information anywhere anytime, and in identifying and working to eliminate any risks to patients. Copyright © 2014 American College of Radiology. Published by Elsevier Inc. All rights reserved.

New Collaborative Filtering Algorithms Based on SVD++ and Differential Privacy

Directory of Open Access Journals (Sweden)

Zhengzheng Xian

2017-01-01

Full Text Available Collaborative filtering technology has been widely used in the recommender system, and its implementation is supported by the large amount of real and reliable user data from the big-data era. However, with the increase of the users’ information-security awareness, these data are reduced or the quality of the data becomes worse. Singular Value Decomposition (SVD is one of the common matrix factorization methods used in collaborative filtering, which introduces the bias information of users and items and is realized by using algebraic feature extraction. The derivative model SVD++ of SVD achieves better predictive accuracy due to the addition of implicit feedback information. Differential privacy is defined very strictly and can be proved, which has become an effective measure to solve the problem of attackers indirectly deducing the personal privacy information by using background knowledge. In this paper, differential privacy is applied to the SVD++ model through three approaches: gradient perturbation, objective-function perturbation, and output perturbation. Through theoretical derivation and experimental verification, the new algorithms proposed can better protect the privacy of the original data on the basis of ensuring the predictive accuracy. In addition, an effective scheme is given that can measure the privacy protection strength and predictive accuracy, and a reasonable range for selection of the differential privacy parameter is provided.

Disclosing genetic information to at-risk relatives: new Australian privacy principles, but uniformity still elusive.

Science.gov (United States)

Otlowski, Margaret F A

2015-04-06

There is growing understanding of the need for genetic information to be shared with genetic relatives in some circumstances. Since 2006, s 95AA of the Privacy Act 1988 (Cwlth) has permitted the disclosure of genetic information to genetic relatives without the patient's consent, provided that the health practitioner reasonably believes that disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of the genetic relatives. Enabling guidelines were introduced in 2009. These were limited to the private sector, and excluded doctors working in the public sector at both Commonwealth and state and territory levels. Privacy legislation was amended in March 2014, and new Australian Privacy Principles, which replace the National Privacy Principles and Information Privacy Principles, now cover the collection and use of personal information. The Privacy Act and the Australian Privacy Principles now extend to practitioners employed by the Commonwealth but not to health practitioners working in state and territory public hospitals. In this article, I review these legislative developments and highlight the implications of the lack of uniformity and the consequent need for a collaborative, uniform approach by states and territories.

Towards quantum-based privacy and voting

International Nuclear Information System (INIS)

Hillery, Mark; Ziman, Mario; Buzek, Vladimir; Bielikova, Martina

2006-01-01

The privacy of communicating participants is often of paramount importance, but in some situations it is an essential condition. A typical example is a fair (secret) voting. We analyze in detail communication privacy based on quantum resources, and we propose new quantum protocols. Possible generalizations that would lead to voting schemes are discussed

EPPS: Efficient and Privacy-Preserving Personal Health Information Sharing in Mobile Healthcare Social Networks.

Science.gov (United States)

Jiang, Shunrong; Zhu, Xiaoyan; Wang, Liangmin

2015-09-03

Mobile healthcare social networks (MHSNs) have emerged as a promising next-generation healthcare system, which will significantly improve the quality of life. However, there are many security and privacy concerns before personal health information (PHI) is shared with other parities. To ensure patients' full control over their PHI, we propose a fine-grained and scalable data access control scheme based on attribute-based encryption (ABE). Besides, policies themselves for PHI sharing may be sensitive and may reveal information about underlying PHI or about data owners or recipients. In our scheme, we let each attribute contain an attribute name and its value and adopt the Bloom filter to efficiently check attributes before decryption. Thus, the data privacy and policy privacy can be preserved in our proposed scheme. Moreover, considering the fact that the computational cost grows with the complexity of the access policy and the limitation of the resource and energy in a smart phone, we outsource ABE decryption to the cloud while preventing the cloud from learning anything about the content and access policy. The security and performance analysis is carried out to demonstrate that our proposed scheme can achieve fine-grained access policies for PHI sharing in MHSNs.

Agent-Based Model of Information Security System: Architecture and Formal Framework for Coordinated Intelligent Agents Behavior Specification

National Research Council Canada - National Science Library

Gorodetski, Vladimir

2001-01-01

The contractor will research and further develop the technology supporting an agent-based architecture for an information security system and a formal framework to specify a model of distributed knowledge...

Protection of Location Privacy Based on Distributed Collaborative Recommendations.

Science.gov (United States)

Wang, Peng; Yang, Jing; Zhang, Jian-Pei

2016-01-01

In the existing centralized location services system structure, the server is easily attracted and be the communication bottleneck. It caused the disclosure of users' location. For this, we presented a new distributed collaborative recommendation strategy that is based on the distributed system. In this strategy, each node establishes profiles of their own location information. When requests for location services appear, the user can obtain the corresponding location services according to the recommendation of the neighboring users' location information profiles. If no suitable recommended location service results are obtained, then the user can send a service request to the server according to the construction of a k-anonymous data set with a centroid position of the neighbors. In this strategy, we designed a new model of distributed collaborative recommendation location service based on the users' location information profiles and used generalization and encryption to ensure the safety of the user's location information privacy. Finally, we used the real location data set to make theoretical and experimental analysis. And the results show that the strategy proposed in this paper is capable of reducing the frequency of access to the location server, providing better location services and protecting better the user's location privacy.

Anonysense: privacy-aware people-centric sensing

DEFF Research Database (Denmark)

Triandopoulos, Nikolaos; Cornelius, Cory; Kapadia, Apu

2008-01-01

applications. For example, users' mobile phones may contribute data to community-oriented information services, from city-wide pollution monitoring to enterprise-wide detection of unauthorized Wi-Fi access points. This people-centric mobile-sensing model introduces a new security challenge in the design...... of mobile systems: protecting the privacy of participants while allowing their devices to reliably contribute high-quality data to these large-scale applications. We describe AnonySense, a privacy-aware architecture for realizing pervasive applications based on collaborative, opportunistic sensing...... by personal mobile devices. AnonySense allows applications to submit sensing tasks that will be distributed across anonymous participating mobile devices, later receiving verified, yet anonymized, sensor data reports back from the field, thus providing the first secure implementation of this participatory...

Adolescent Agentic Orientations: Contemporaneous Family Influence, Parental Biography and Intergenerational Development.

Science.gov (United States)

Johnson, Monica Kirkpatrick; Hitlin, Steven

2017-10-01

Agentic orientations developed in adolescence have been linked to better health, well-being, and achievements in the years following. This study examines longitudinal parental influences on the development of adolescent children's agentic orientations, captured by the core constructs of mastery beliefs and generalized life expectations. Drawing on multigenerational panel data from the United States (1991-2011), the study examines contemporaneous family factors, but also how parental biographies (their own transition to adulthood) and parents' own adolescent agentic orientations influence their adolescent children. Study adolescents were 46% male, 52% white, and 15.6 years old on average. The findings indicate that parents' early orientations and experiences in the transition to adulthood have little effect on their children's mastery beliefs, but that parents' generalized life expectations (in adolescence) and having married before having the child were associated with their children's more optimistic life expectations. Contemporaneous family income and optimistic expectations among parents-as-adolescents were somewhat substitutable as positive influences on adolescents' optimistic life expectations. The findings contribute to our understanding of intergenerational and over-time influences on these key adolescent orientations.

Exploring the Far Side of Mobile Health: Information Security and Privacy of Mobile Health Apps on iOS and Android

Science.gov (United States)

Dehling, Tobias; Gao, Fangjian; Schneider, Stephan

2015-01-01

Background Mobile health (mHealth) apps aim at providing seamless access to tailored health information technology and have the potential to alleviate global health burdens. Yet, they bear risks to information security and privacy because users need to reveal private, sensitive medical information to redeem certain benefits. Due to the plethora and diversity of available mHealth apps, implications for information security and privacy are unclear and complex. Objective The objective of this study was to establish an overview of mHealth apps offered on iOS and Android with a special focus on potential damage to users through information security and privacy infringements. Methods We assessed apps available in English and offered in the categories “Medical” and “Health & Fitness” in the iOS and Android App Stores. Based on the information retrievable from the app stores, we established an overview of available mHealth apps, tagged apps to make offered information machine-readable, and clustered the discovered apps to identify and group similar apps. Subsequently, information security and privacy implications were assessed based on health specificity of information available to apps, potential damage through information leaks, potential damage through information manipulation, potential damage through information loss, and potential value of information to third parties. Results We discovered 24,405 health-related apps (iOS; 21,953; Android; 2452). Absence or scarceness of ratings for 81.36% (17,860/21,953) of iOS and 76.14% (1867/2452) of Android apps indicates that less than a quarter of mHealth apps are in more or less widespread use. Clustering resulted in 245 distinct clusters, which were consolidated into 12 app archetypes grouping clusters with similar assessments of potential damage through information security and privacy infringements. There were 6426 apps that were excluded during clustering. The majority of apps (95.63%, 17,193/17,979; of apps) pose

Using genetic information while protecting the privacy of the soul.

Science.gov (United States)

Moor, J H

1999-01-01

Computing plays an important role in genetics (and vice versa). Theoretically, computing provides a conceptual model for the function and malfunction of our genetic machinery. Practically, contemporary computers and robots equipped with advanced algorithms make the revelation of the complete human genome imminent--computers are about to reveal our genetic souls for the first time. Ethically, computers help protect privacy by restricting access in sophisticated ways to genetic information. But the inexorable fact that computers will increasingly collect, analyze, and disseminate abundant amounts of genetic information made available through the genetic revolution, not to mention that inexpensive computing devices will make genetic information gathering easier, underscores the need for strong and immediate privacy legislation.

Human centred design of software agent in social network service against privacy concerns

OpenAIRE

Kim, Hojung

2016-01-01

This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University London The rapid growth and influence of social network services has led many scholars to focus on privacy issues. However, the research described in this thesis was motivated by the small number of design studies that have focused on practical approaches to identifying tacit information from users’ instant non-verbal responses to privacy issues. The research therefore aimed to propose pers...

Sex-oriented stable matchings of the marriage problem with correlated and incomplete information

Science.gov (United States)

Caldarelli, Guido; Capocci, Andrea; Laureti, Paolo

2001-10-01

In the stable marriage problem two sets of agents must be paired according to mutual preferences, which may happen to conflict. We present two generalizations of its sex-oriented version, aiming to take into account correlations between the preferences of agents and costly information. Their effects are investigated both numerically and analytically.

On the engineering design for systematic integration of agent-orientation in industrial automation.

Science.gov (United States)

Yu, Liyong; Schüller, Andreas; Epple, Ulrich

2014-09-01

In today's automation industry, agent-oriented development of system functionalities appears to have a great potential for increasing autonomy and flexibility of complex operations, while lowering the workload of users. In this paper, we present a reference model for the harmonious and systematical integration of agent-orientation in industrial automation. Considering compatibility with existing automation systems and best practice, this model combines advantages of function block technology, service orientation and native description methods from the automation standard IEC 61131-3. This approach can be applied as a guideline for the engineering design of future agent-oriented automation systems. Copyright © 2014 ISA. Published by Elsevier Ltd. All rights reserved.

Conceptual privacy framework for health information on wearable device.

Directory of Open Access Journals (Sweden)

Seyedmostafa Safavi

Full Text Available Wearable health tech provides doctors with the ability to remotely supervise their patients' wellness. It also makes it much easier to authorize someone else to take appropriate actions to ensure the person's wellness than ever before. Information Technology may soon change the way medicine is practiced, improving the performance, while reducing the price of healthcare. We analyzed the secrecy demands of wearable devices, including Smartphone, smart watch and their computing techniques, that can soon change the way healthcare is provided. However, before this is adopted in practice, all devices must be equipped with sufficient privacy capabilities related to healthcare service. In this paper, we formulated a new improved conceptual framework for wearable healthcare systems. This framework consists of ten principles and nine checklists, capable of providing complete privacy protection package to wearable device owners. We constructed this framework based on the analysis of existing mobile technology, the results of which are combined with the existing security standards. The approach also incorporates the market share percentage level of every app and its respective OS. This framework is evaluated based on the stringent CIA and HIPAA principles for information security. This evaluation is followed by testing the capability to revoke rights of subjects to access objects and ability to determine the set of available permissions for a particular subject for all models Finally, as the last step, we examine the complexity of the required initial setup.

32 CFR 635.12 - Release of information under the Privacy Act of 1974.

Science.gov (United States)

2010-07-01

... § 635.12 Release of information under the Privacy Act of 1974. (a) Military police records may be...) The release and denial authorities for all Privacy Act cases concerning military police records are...

Protecting Privacy in the Global South (Phase 2) | CRDI - Centre de ...

International Development Research Centre (IDRC) Digital Library (Canada)

The absence of appropriate privacy protections can lead to grave problems. Privacy ... Developing countries are home to the greatest number of Internet and mobile users, but such privacy protection is scarce. ... Agent(e) responsable du CRDI.

Ensuring the security and privacy of information in mobile health-care communication systems

Directory of Open Access Journals (Sweden)

Ademola P. Abidoye

2011-09-01

Full Text Available The sensitivity of health-care information and its accessibility via the Internet and mobile technology systems is a cause for concern in these modern times. The privacy, integrity and confidentiality of a patient’s data are key factors to be considered in the transmission of medical information for use by authorised health-care personnel. Mobile communication has enabled medical consultancy, treatment, drug administration and the provision of laboratory results to take place outside the hospital. With the implementation of electronic patient records and the Internet and Intranets, medical information sharing amongst relevant health-care providers was made possible. But the vital issue in this method of information sharing is security: the patient’s privacy, as well as the confidentiality and integrity of the health-care information system, should not be compromised. We examine various ways of ensuring the security and privacy of a patient’s electronic medical information in order to ensure the integrity and confidentiality of the information.

Development and Analyses of Privacy Management Models in Online Social Networks Based on Communication Privacy Management Theory

Science.gov (United States)

Lee, Ki Jung

2013-01-01

Online social networks (OSNs), while serving as an emerging means of communication, promote various issues of privacy. Users of OSNs encounter diverse occasions that lead to invasion of their privacy, e.g., published conversation, public revelation of their personally identifiable information, and open boundary of distinct social groups within…

EPPS: Efficient and Privacy-Preserving Personal Health Information Sharing in Mobile Healthcare Social Networks

Science.gov (United States)

Jiang, Shunrong; Zhu, Xiaoyan; Wang, Liangmin

2015-01-01

Mobile healthcare social networks (MHSNs) have emerged as a promising next-generation healthcare system, which will significantly improve the quality of life. However, there are many security and privacy concerns before personal health information (PHI) is shared with other parities. To ensure patients’ full control over their PHI, we propose a fine-grained and scalable data access control scheme based on attribute-based encryption (ABE). Besides, policies themselves for PHI sharing may be sensitive and may reveal information about underlying PHI or about data owners or recipients. In our scheme, we let each attribute contain an attribute name and its value and adopt the Bloom filter to efficiently check attributes before decryption. Thus, the data privacy and policy privacy can be preserved in our proposed scheme. Moreover, considering the fact that the computational cost grows with the complexity of the access policy and the limitation of the resource and energy in a smart phone, we outsource ABE decryption to the cloud while preventing the cloud from learning anything about the content and access policy. The security and performance analysis is carried out to demonstrate that our proposed scheme can achieve fine-grained access policies for PHI sharing in MHSNs. PMID:26404300

EPPS: Efficient and Privacy-Preserving Personal Health Information Sharing in Mobile Healthcare Social Networks

Directory of Open Access Journals (Sweden)

Shunrong Jiang

2015-09-01

Full Text Available Mobile healthcare social networks (MHSNs have emerged as a promising next-generation healthcare system, which will significantly improve the quality of life. However, there are many security and privacy concerns before personal health information (PHI is shared with other parities. To ensure patients’ full control over their PHI, we propose a fine-grained and scalable data access control scheme based on attribute-based encryption (ABE. Besides, policies themselves for PHI sharing may be sensitive and may reveal information about underlying PHI or about data owners or recipients. In our scheme, we let each attribute contain an attribute name and its value and adopt the Bloom filter to efficiently check attributes before decryption. Thus, the data privacy and policy privacy can be preserved in our proposed scheme. Moreover, considering the fact that the computational cost grows with the complexity of the access policy and the limitation of the resource and energy in a smart phone, we outsource ABE decryption to the cloud while preventing the cloud from learning anything about the content and access policy. The security and performance analysis is carried out to demonstrate that our proposed scheme can achieve fine-grained access policies for PHI sharing in MHSNs.

A Neural-Network Clustering-Based Algorithm for Privacy Preserving Data Mining

Science.gov (United States)

Tsiafoulis, S.; Zorkadis, V. C.; Karras, D. A.

The increasing use of fast and efficient data mining algorithms in huge collections of personal data, facilitated through the exponential growth of technology, in particular in the field of electronic data storage media and processing power, has raised serious ethical, philosophical and legal issues related to privacy protection. To cope with these concerns, several privacy preserving methodologies have been proposed, classified in two categories, methodologies that aim at protecting the sensitive data and those that aim at protecting the mining results. In our work, we focus on sensitive data protection and compare existing techniques according to their anonymity degree achieved, the information loss suffered and their performance characteristics. The ℓ-diversity principle is combined with k-anonymity concepts, so that background information can not be exploited to successfully attack the privacy of data subjects data refer to. Based on Kohonen Self Organizing Feature Maps (SOMs), we firstly organize data sets in subspaces according to their information theoretical distance to each other, then create the most relevant classes paying special attention to rare sensitive attribute values, and finally generalize attribute values to the minimum extend required so that both the data disclosure probability and the information loss are possibly kept negligible. Furthermore, we propose information theoretical measures for assessing the anonymity degree achieved and empirical tests to demonstrate it.

Vulnerability- and Diversity-Aware Anonymization of Personally Identifiable Information for Improving User Privacy and Utility of Publishing Data

Science.gov (United States)

Majeed, Abdul; Ullah, Farman; Lee, Sungchang

2017-01-01

Personally identifiable information (PII) affects individual privacy because PII combinations may yield unique identifications in published data. User PII such as age, race, gender, and zip code contain private information that may assist an adversary in determining the user to whom such information relates. Each item of user PII reveals identity differently, and some types of PII are highly identity vulnerable. More vulnerable types of PII enable unique identification more easily, and their presence in published data increases privacy risks. Existing privacy models treat all types of PII equally from an identity revelation point of view, and they mainly focus on hiding user PII in a crowd of other users. Ignoring the identity vulnerability of each type of PII during anonymization is not an effective method of protecting user privacy in a fine-grained manner. This paper proposes a new anonymization scheme that considers the identity vulnerability of PII to effectively protect user privacy. Data generalization is performed adaptively based on the identity vulnerability of PII as well as diversity to anonymize data. This adaptive generalization effectively enables anonymous data, which protects user identity and private information disclosures while maximizing the utility of data for performing analyses and building classification models. Additionally, the proposed scheme has low computational overheads. The simulation results show the effectiveness of the scheme and verify the aforementioned claims. PMID:28481298

Vulnerability- and Diversity-Aware Anonymization of Personally Identifiable Information for Improving User Privacy and Utility of Publishing Data

Directory of Open Access Journals (Sweden)

Abdul Majeed

2017-05-01

Full Text Available Personally identifiable information (PII affects individual privacy because PII combinations may yield unique identifications in published data. User PII such as age, race, gender, and zip code contain private information that may assist an adversary in determining the user to whom such information relates. Each item of user PII reveals identity differently, and some types of PII are highly identity vulnerable. More vulnerable types of PII enable unique identification more easily, and their presence in published data increases privacy risks. Existing privacy models treat all types of PII equally from an identity revelation point of view, and they mainly focus on hiding user PII in a crowd of other users. Ignoring the identity vulnerability of each type of PII during anonymization is not an effective method of protecting user privacy in a fine-grained manner. This paper proposes a new anonymization scheme that considers the identity vulnerability of PII to effectively protect user privacy. Data generalization is performed adaptively based on the identity vulnerability of PII as well as diversity to anonymize data. This adaptive generalization effectively enables anonymous data, which protects user identity and private information disclosures while maximizing the utility of data for performing analyses and building classification models. Additionally, the proposed scheme has low computational overheads. The simulation results show the effectiveness of the scheme and verify the aforementioned claims.

Trust-aware Privacy Control for Social Media

OpenAIRE

Li, Na; Najafian-Razavi, Maryam; Gillet, Denis

2011-01-01

Due to the huge exposure of personal information in social media, a challenge now is to design effective privacy mechanisms that protect against unauthorized access to social data. In this paper, a trust model for social media is first presented. Based on the trust model, a trust-aware privacy control protocol is proposed, that exploits the underlying inter-entity trust information. The objective is to design a fine-grained privacy scheme that ensures a user’s online information is disclosed ...

Gain-Based Relief for Invasion of Privacy

Directory of Open Access Journals (Sweden)

Sirko Harder

2013-11-01

Full Text Available In many common law jurisdictions, some or all instances of invasion of privacy constitute a privacy-specific wrong either at common law (including equity or under statute. A remedy invariably available for such a wrong is compensation for loss. However, the plaintiff may instead seek to claim the profit the defendant has made from the invasion. This article examines when a plaintiff is, and should be, entitled to claim that profit, provided that invasion of privacy is actionable as such. After a brief overview of the relevant law in major common law jurisdictions, the article investigates how invasion of privacy fits into a general concept of what is called ‘restitution for wrongs’. It will be argued that the right to privacy is a right against the whole world and as such forms a proper basis of awarding gain-based relief for the unauthorised use of that right.

Agents Based e-Commerce and Securing Exchanged Information

Science.gov (United States)

Al-Jaljouli, Raja; Abawajy, Jemal

Mobile agents have been implemented in e-Commerce to search and filter information of interest from electronic markets. When the information is very sensitive and critical, it is important to develop a novel security protocol that can efficiently protect the information from malicious tampering as well as unauthorized disclosure or at least detect any malicious act of intruders. In this chapter, we describe robust security techniques that ensure a sound security of information gathered throughout agent’s itinerary against various security attacks, as well as truncation attacks. A sound security protocol is described, which implements the various security techniques that would jointly prevent or at least detect any malicious act of intruders. We reason about the soundness of the protocol usingSymbolic Trace Analyzer (STA), a formal verification tool that is based on symbolic techniques. We analyze the protocol in key configurations and show that it is free of flaws. We also show that the protocol fulfils the various security requirements of exchanged information in MAS, including data-integrity, data-confidentiality, data-authenticity, origin confidentiality and data non-repudiability.

The Effects of Public Concern for Information Privacy on the Adoption of Health Information Exchanges (HIEs) by Healthcare Entities.

Science.gov (United States)

Esmaeilzadeh, Pouyan

2018-05-08

The implementation of Health Information Exchanges (HIEs) by healthcare organizations may not achieve the desired outcomes as consumers may request that their health information remains unshared because of information privacy concerns. Drawing on the insights of concern for information privacy (CFIP) literature, this work extends the application of CFIP to the HIE domain. This study attempts to develop and test a model centered on the four dimensions of CFIP construct (collection, errors, unauthorized access, and secondary use) and their antecedents to predict consumers' opt-in behavioral intention toward HIE in the presence of the perceived health status' effects. We conducted an online survey in the United States using 826 samples. The results demonstrate that the perceived health information sensitivity and computer anxiety meaningfully contribute to information privacy concerns and CFIP construct significantly impedes consumers' opt-in decision to HIEs. Interestingly, contrary to our expectation, perceived poor health status considerably attenuates the negative effects exerted by CFIP on opt-in intention. The model proposed by this study can be used as a useful conceptual tool by both further studies and practitioners to examine the complex nature of patients' reactions to information privacy threats associated with the use of HIE technology in the healthcare industry.

Large-scale Health Information Database and Privacy Protection*1

Science.gov (United States)

YAMAMOTO, Ryuichi

2016-01-01

Japan was once progressive in the digitalization of healthcare fields but unfortunately has fallen behind in terms of the secondary use of data for public interest. There has recently been a trend to establish large-scale health databases in the nation, and a conflict between data use for public interest and privacy protection has surfaced as this trend has progressed. Databases for health insurance claims or for specific health checkups and guidance services were created according to the law that aims to ensure healthcare for the elderly; however, there is no mention in the act about using these databases for public interest in general. Thus, an initiative for such use must proceed carefully and attentively. The PMDA*2 projects that collect a large amount of medical record information from large hospitals and the health database development project that the Ministry of Health, Labour and Welfare (MHLW) is working on will soon begin to operate according to a general consensus; however, the validity of this consensus can be questioned if issues of anonymity arise. The likelihood that researchers conducting a study for public interest would intentionally invade the privacy of their subjects is slim. However, patients could develop a sense of distrust about their data being used since legal requirements are ambiguous. Nevertheless, without using patients’ medical records for public interest, progress in medicine will grind to a halt. Proper legislation that is clear for both researchers and patients will therefore be highly desirable. A revision of the Act on the Protection of Personal Information is currently in progress. In reality, however, privacy is not something that laws alone can protect; it will also require guidelines and self-discipline. We now live in an information capitalization age. I will introduce the trends in legal reform regarding healthcare information and discuss some basics to help people properly face the issue of health big data and privacy

A Generic Privacy Quantification Framework for Privacy-Preserving Data Publishing

Science.gov (United States)

Zhu, Zutao

2010-01-01

In recent years, the concerns about the privacy for the electronic data collected by government agencies, organizations, and industries are increasing. They include individual privacy and knowledge privacy. Privacy-preserving data publishing is a research branch that preserves the privacy while, at the same time, withholding useful information in…

Genetic privacy.

Science.gov (United States)

Sankar, Pamela

2003-01-01

During the past 10 years, the number of genetic tests performed more than tripled, and public concern about genetic privacy emerged. The majority of states and the U.S. government have passed regulations protecting genetic information. However, research has shown that concerns about genetic privacy are disproportionate to known instances of information misuse. Beliefs in genetic determinacy explain some of the heightened concern about genetic privacy. Discussion of the debate over genetic testing within families illustrates the most recent response to genetic privacy concerns.

A scalable healthcare information system based on a service-oriented architecture.

Science.gov (United States)

Yang, Tzu-Hsiang; Sun, Yeali S; Lai, Feipei

2011-06-01

Many existing healthcare information systems are composed of a number of heterogeneous systems and face the important issue of system scalability. This paper first describes the comprehensive healthcare information systems used in National Taiwan University Hospital (NTUH) and then presents a service-oriented architecture (SOA)-based healthcare information system (HIS) based on the service standard HL7. The proposed architecture focuses on system scalability, in terms of both hardware and software. Moreover, we describe how scalability is implemented in rightsizing, service groups, databases, and hardware scalability. Although SOA-based systems sometimes display poor performance, through a performance evaluation of our HIS based on SOA, the average response time for outpatient, inpatient, and emergency HL7Central systems are 0.035, 0.04, and 0.036 s, respectively. The outpatient, inpatient, and emergency WebUI average response times are 0.79, 1.25, and 0.82 s. The scalability of the rightsizing project and our evaluation results show that the SOA HIS we propose provides evidence that SOA can provide system scalability and sustainability in a highly demanding healthcare information system.

GLPP: A Game-Based Location Privacy-Preserving Framework in Account Linked Mixed Location-Based Services

Directory of Open Access Journals (Sweden)

Zhuo Ma

2018-01-01

Full Text Available In Location-Based Services (LBSs platforms, such as Foursquare and Swarm, the submitted position for a share or search leads to the exposure of users’ activities. Additionally, the cross-platform account linkage could aggravate this exposure, as the fusion of users’ information can enhance inference attacks on users’ next submitted location. Hence, in this paper, we propose GLPP, a personalized and continuous location privacy-preserving framework in account linked platforms with different LBSs (i.e., search-based LBSs and share-based LBSs. The key point of GLPP is to obfuscate every location submitted in search-based LBSs so as to defend dynamic inference attacks. Specifically, first, possible inference attacks are listed through user behavioral analysis. Second, for each specific attack, an obfuscation model is proposed to minimize location privacy leakage under a given location distortion, which ensures submitted locations’ utility for search-based LBSs. Third, for dynamic attacks, a framework based on zero-sum game is adopted to joint specific obfuscation above and minimize the location privacy leakage to a balanced point. Experiments on real dataset prove the effectiveness of our proposed attacks in Accuracy, Certainty, and Correctness and, meanwhile, also show the performance of our preserving solution in defense of attacks and guarantee of location utility.

Internet privacy options for adequate realisation

CERN Document Server

2013-01-01

A thorough multidisciplinary analysis of various perspectives on internet privacy was published as the first volume of a study, revealing the results of the achatech project "Internet Privacy - A Culture of Privacy and Trust on the Internet." The second publication from this project presents integrated, interdisciplinary options for improving privacy on the Internet utilising a normative, value-oriented approach. The ways in which privacy promotes and preconditions fundamental societal values and how privacy violations endanger the flourishing of said values are exemplified. The conditions which must be fulfilled in order to achieve a culture of privacy and trust on the internet are illuminated. This volume presents options for policy-makers, educators, businesses and technology experts how to facilitate solutions for more privacy on the Internet and identifies further research requirements in this area.

Policy recommendations for addressing privacy challenges associated with cell-based research and interventions.

Science.gov (United States)

Ogbogu, Ubaka; Burningham, Sarah; Ollenberger, Adam; Calder, Kathryn; Du, Li; El Emam, Khaled; Hyde-Lay, Robyn; Isasi, Rosario; Joly, Yann; Kerr, Ian; Malin, Bradley; McDonald, Michael; Penney, Steven; Piat, Gayle; Roy, Denis-Claude; Sugarman, Jeremy; Vercauteren, Suzanne; Verhenneman, Griet; West, Lori; Caulfield, Timothy

2014-02-03

The increased use of human biological material for cell-based research and clinical interventions poses risks to the privacy of patients and donors, including the possibility of re-identification of individuals from anonymized cell lines and associated genetic data. These risks will increase as technologies and databases used for re-identification become affordable and more sophisticated. Policies that require ongoing linkage of cell lines to donors' clinical information for research and regulatory purposes, and existing practices that limit research participants' ability to control what is done with their genetic data, amplify the privacy concerns. To date, the privacy issues associated with cell-based research and interventions have not received much attention in the academic and policymaking contexts. This paper, arising out of a multi-disciplinary workshop, aims to rectify this by outlining the issues, proposing novel governance strategies and policy recommendations, and identifying areas where further evidence is required to make sound policy decisions. The authors of this paper take the position that existing rules and norms can be reasonably extended to address privacy risks in this context without compromising emerging developments in the research environment, and that exceptions from such rules should be justified using a case-by-case approach. In developing new policies, the broader framework of regulations governing cell-based research and related areas must be taken into account, as well as the views of impacted groups, including scientists, research participants and the general public. This paper outlines deliberations at a policy development workshop focusing on privacy challenges associated with cell-based research and interventions. The paper provides an overview of these challenges, followed by a discussion of key themes and recommendations that emerged from discussions at the workshop. The paper concludes that privacy risks associated with cell-based

Information driving force and its application in agent-based modeling

Science.gov (United States)

Chen, Ting-Ting; Zheng, Bo; Li, Yan; Jiang, Xiong-Fei

2018-04-01

Exploring the scientific impact of online big-data has attracted much attention of researchers from different fields in recent years. Complex financial systems are typical open systems profoundly influenced by the external information. Based on the large-scale data in the public media and stock markets, we first define an information driving force, and analyze how it affects the complex financial system. The information driving force is observed to be asymmetric in the bull and bear market states. As an application, we then propose an agent-based model driven by the information driving force. Especially, all the key parameters are determined from the empirical analysis rather than from statistical fitting of the simulation results. With our model, both the stationary properties and non-stationary dynamic behaviors are simulated. Considering the mean-field effect of the external information, we also propose a few-body model to simulate the financial market in the laboratory.

GAIN RATIO BASED FEATURE SELECTION METHOD FOR PRIVACY PRESERVATION

Directory of Open Access Journals (Sweden)

R. Praveena Priyadarsini

2011-04-01

Full Text Available Privacy-preservation is a step in data mining that tries to safeguard sensitive information from unsanctioned disclosure and hence protecting individual data records and their privacy. There are various privacy preservation techniques like k-anonymity, l-diversity and t-closeness and data perturbation. In this paper k-anonymity privacy protection technique is applied to high dimensional datasets like adult and census. since, both the data sets are high dimensional, feature subset selection method like Gain Ratio is applied and the attributes of the datasets are ranked and low ranking attributes are filtered to form new reduced data subsets. K-anonymization privacy preservation technique is then applied on reduced datasets. The accuracy of the privacy preserved reduced datasets and the original datasets are compared for their accuracy on the two functionalities of data mining namely classification and clustering using naïve Bayesian and k-means algorithm respectively. Experimental results show that classification and clustering accuracy are comparatively the same for reduced k-anonym zed datasets and the original data sets.

Privacy and Confidentiality in Exchange of Information Procedures : Some Uncertainties, Many Issues, but Few Solutions

NARCIS (Netherlands)

Debelva, F.; Mosquera, Valderrama I.J.

2017-01-01

The overall aim of this article is to analyse the taxpayers’ rights to confidentiality and privacy in exchange of information including the new global standard of automatic exchange of information. Section 2 will analyse the state of the art regarding the right to privacy and confidentiality in

Protecting genetic privacy.

Science.gov (United States)

Roche, P A; Annas, G J

2001-05-01

This article outlines the arguments for and against new rules to protect genetic privacy. We explain why genetic information is different to other sensitive medical information, why researchers and biotechnology companies have opposed new rules to protect genetic privacy (and favour anti-discrimination laws instead), and discuss what can be done to protect privacy in relation to genetic-sequence information and to DNA samples themselves.

Randomization Based Privacy Preserving Categorical Data Analysis

Science.gov (United States)

Guo, Ling

2010-01-01

The success of data mining relies on the availability of high quality data. To ensure quality data mining, effective information sharing between organizations becomes a vital requirement in today's society. Since data mining often involves sensitive information of individuals, the public has expressed a deep concern about their privacy.…

Exploring the concepts of privacy and the sharing of sensitive health information.

Science.gov (United States)

Asiri, Eman; Asiri, Hanan; Househ, Mowafa

2014-01-01

People are increasingly sharing their personal information on social networks such as Facebook. Patients, in particular, join online support groups for specific conditions to get support and share their experience with other members of a social media group. Throughout this process, sensitive health information could be shared by group members as a part of this information exchange and privacy concerns can arise as a result. The purpose of this study is to explore various aspects relating to privacy and the sharing of sensitive health information through social media platforms. Our review found that social media such as Facebook already plays a large role in patients' lives as it helps patients to understand their health conditions and gain support from other people who suffer from the same condition. However, there are major concerns for those patients as their privacy and confidentiality can be harmed by improper use of their posted sensitive health information by governments, hospitals or individuals. More importantly, there is an increased need for laws and legislations that protect and empower patients. We recommend that healthcare organizations collaborate with social media software companies and create educational and awareness campaigns on the impacts of sharing sensitive health information through social media.

Conceptual Framework for Agent-Based Modeling of Customer-Oriented Supply Networks

OpenAIRE

Solano-Vanegas , Clara ,; Carrillo-Ramos , Angela; Montoya-Torres , Jairo ,

2015-01-01

Part 3: Collaboration Frameworks; International audience; Supply Networks (SN) are complex systems involving the interaction of different actors, very often, with different objectives and goals. Among the different existing modeling approaches, agent-based systems can properly represent the autonomous behavior of SN links and, simultaneously, observe the general response of the system as a result of individual actions. Most of research using agent-based modeling in SN focuses on production is...

De-identification of unstructured paper-based health records for privacy-preserving secondary use.

Science.gov (United States)

Fenz, Stefan; Heurix, Johannes; Neubauer, Thomas; Rella, Antonio

2014-07-01

Abstract Whenever personal data is processed, privacy is a serious issue. Especially in the document-centric e-health area, the patients' privacy must be preserved in order to prevent any negative repercussions for the patient. Clinical research, for example, demands structured health records to carry out efficient clinical trials, whereas legislation (e.g. HIPAA) regulates that only de-identified health records may be used for research. However, unstructured and often paper-based data dominates information technology, especially in the healthcare sector. Existing approaches are geared towards data in English-language documents only and have not been designed to handle the recognition of erroneous personal data which is the result of the OCR-based digitization of paper-based health records.

Privacy Policies

NARCIS (Netherlands)

Dekker, M.A.C.; Etalle, Sandro; den Hartog, Jeremy; Petkovic, M.; Jonker, W.; Jonker, Willem

2007-01-01

Privacy is a prime concern in today's information society. To protect the privacy of individuals, enterprises must follow certain privacy practices, while collecting or processing personal data. In this chapter we look at the setting where an enterprise collects private data on its website,

Disentangling privacy from property: toward a deeper understanding of genetic privacy.

Science.gov (United States)

Suter, Sonia M

2004-04-01

With the mapping of the human genome, genetic privacy has become a concern to many. People care about genetic privacy because genes play an important role in shaping us--our genetic information is about us, and it is deeply connected to our sense of ourselves. In addition, unwanted disclosure of our genetic information, like a great deal of other personal information, makes us vulnerable to unwanted exposure, stigmatization, and discrimination. One recent approach to protecting genetic privacy is to create property rights in genetic information. This Article argues against that approach. Privacy and property are fundamentally different concepts. At heart, the term "property" connotes control within the marketplace and over something that is disaggregated or alienable from the self. "Privacy," in contrast, connotes control over access to the self as well as things close to, intimately connected to, and about the self. Given these different meanings, a regime of property rights in genetic information would impoverish our understanding of that information, ourselves, and the relationships we hope will be built around and through its disclosure. This Article explores our interests in genetic information in order to deepen our understanding of the ongoing discourse about the distinction between property and privacy. It develops a conception of genetic privacy with a strong relational component. We ordinarily share genetic information in the context of relationships in which disclosure is important to the relationship--family, intimate, doctor-patient, researcher-participant, employer-employee, and insurer-insured relationships. Such disclosure makes us vulnerable to and dependent on the person to whom we disclose it. As a result, trust is essential to the integrity of these relationships and our sharing of genetic information. Genetic privacy can protect our vulnerability in these relationships and enhance the trust we hope to have in them. Property, in contrast, by

Privacy and confidentiality in pragmatic clinical trials.

Science.gov (United States)

McGraw, Deven; Greene, Sarah M; Miner, Caroline S; Staman, Karen L; Welch, Mary Jane; Rubel, Alan

2015-10-01

With pragmatic clinical trials, an opportunity exists to answer important questions about the relative risks, burdens, and benefits of therapeutic interventions. However, concerns about protecting the privacy of this information are significant and must be balanced with the imperative to learn from the data gathered in routine clinical practice. Traditional privacy protections for research uses of identifiable information rely disproportionately on informed consent or authorizations, based on a presumption that this is necessary to fulfill ethical principles of respect for persons. But frequently, the ideal of informed consent is not realized in its implementation. Moreover, the principle of respect for persons—which encompasses their interests in health information privacy—can be honored through other mechanisms. Data anonymization also plays a role in protecting privacy but is not suitable for all research, particularly pragmatic clinical trials. In this article, we explore both the ethical foundation and regulatory framework intended to protect privacy in pragmatic clinical trials. We then review examples of novel approaches to respecting persons in research that may have the added benefit of honoring patient privacy considerations. © The Author(s) 2015.

Preserving Differential Privacy for Similarity Measurement in Smart Environments

Directory of Open Access Journals (Sweden)

Kok-Seng Wong

2014-01-01

Full Text Available Advances in both sensor technologies and network infrastructures have encouraged the development of smart environments to enhance people’s life and living styles. However, collecting and storing user’s data in the smart environments pose severe privacy concerns because these data may contain sensitive information about the subject. Hence, privacy protection is now an emerging issue that we need to consider especially when data sharing is essential for analysis purpose. In this paper, we consider the case where two agents in the smart environment want to measure the similarity of their collected or stored data. We use similarity coefficient function FSC as the measurement metric for the comparison with differential privacy model. Unlike the existing solutions, our protocol can facilitate more than one request to compute FSC without modifying the protocol. Our solution ensures privacy protection for both the inputs and the computed FSC results.

Decrypting Information Sensitivity: Risk, Privacy, and Data Protection Law in the United States and the European Union

Science.gov (United States)

Fazlioglu, Muge

2017-01-01

This dissertation examines the risk-based approach to privacy and data protection and the role of information sensitivity within risk management. Determining what information carries the greatest risk is a multi-layered challenge that involves balancing the rights and interests of multiple actors, including data controllers, data processors, and…

Privacy policies

NARCIS (Netherlands)

Dekker, M.A.C.; Etalle, S.; Hartog, den J.I.; Petkovic, M.; Jonker, W.

2007-01-01

Privacy is a prime concern in today’s information society. To protect the privacy of individuals, enterprises must follow certain privacy practices while collecting or processing personal data. In this chapter we look at the setting where an enterprise collects private data on its website, processes

Comment on id-based remote data integrity checking with data privacy preserving

Science.gov (United States)

Zhang, Jianhong; Meng, Hongxin

2017-09-01

Recently, an ID-based remote data integrity checking protocol with perfect data privacy preserving (IEEE Transactions on Information Forensics and Security, doi: 10.1109/TIFS.2016.2615853) was proposed to achieve data privacy protection and integrity checking. Unfortunately, in this letter, we demonstrate that their protocol is insecure. An active hacker can modify the stored data without being detected by the verifier in the auditing. And we also show malicious cloud server can convince the verifier that the stored data are kept intact after the outsourced data blocks are deleted. Finally, the reasons to produce such attacks are given.

Study of information-orientation carry-out plan in energy sector

Energy Technology Data Exchange (ETDEWEB)

Kang, T W [Korea Energy Economics Institute, Euiwang (Korea, Republic of)

1998-04-01

Carrying out an information-orientation plan in the energy sector is indispensable if Korea is to survive in this unlimited competition age and global management system. It is also for maximizing the management efficiency of national energy resources as well as increasing the development of related industries and national welfare. The management of the energy resources sector of Korea, which is becoming diversified escaping from the past simple quantitative management of supplier-orientation, requires versatile and ample high-class information management system and high-level decision support system. In order to satisfy these requests, this study investigated and analyzed overall policies of the energy sector for carrying out information-orientation, neighborhood environment, organizational chart, information transfer method, the current condition of information-orientation, problems and improvements, demand of information-orientation of the future, and also reviewed the information-orientation status of advanced countries. Based on these, an information-orientation carryout plan in the energy sector is broken into three stages of `establishment of information transfer system`, `development of database`, and `establishment of decision support system` and presented per detailed work. It advised manpower, equipment and budget implementation plan, and a development schedule plan required for carrying out information-orientation as well as overall environmental build-up, and policy recommendation for the successful implementation of information-orientation. 24 refs., 27 figs., 15 tabs.

Privacy Verification Using Ontologies

NARCIS (Netherlands)

Kost, Martin; Freytag, Johann-Christoph; Kargl, Frank; Kung, Antonio

2011-01-01

As information systems extensively exchange information between participants, privacy concerns may arise from its potential misuse. A Privacy by Design (PbD) approach considers privacy requirements of different stakeholders during the design and the implementation of a system. Currently, a

A framework for privacy and security analysis of probe-based traffic information systems

KAUST Repository

Canepa, Edward S.; Claudel, Christian G.

2013-01-01

Most large scale traffic information systems rely on fixed sensors (e.g. loop detectors, cameras) and user generated data, this latter in the form of GPS traces sent by smartphones or GPS devices onboard vehicles. While this type of data is relatively inexpensive to gather, it can pose multiple security and privacy risks, even if the location tracks are anonymous. In particular, creating bogus location tracks and sending them to the system is relatively easy. This bogus data could perturb traffic flow estimates, and disrupt the transportation system whenever these estimates are used for actuation. In this article, we propose a new framework for solving a variety of privacy and cybersecurity problems arising in transportation systems. The state of traffic is modeled by the Lighthill-Whitham-Richards traffic flow model, which is a first order scalar conservation law with concave flux function. Given a set of traffic flow data, we show that the constraints resulting from this partial differential equation are mixed integer linear inequalities for some decision variable. The resulting framework is very flexible, and can in particular be used to detect spoofing attacks in real time, or carry out attacks on location tracks. Numerical implementations are performed on experimental data from the Mobile Century experiment to validate this framework. © 2013 ACM.

A privacy preserving secure and efficient authentication scheme for telecare medical information systems.

Science.gov (United States)

Mishra, Raghavendra; Barnwal, Amit Kumar

2015-05-01

The Telecare medical information system (TMIS) presents effective healthcare delivery services by employing information and communication technologies. The emerging privacy and security are always a matter of great concern in TMIS. Recently, Chen at al. presented a password based authentication schemes to address the privacy and security. Later on, it is proved insecure against various active and passive attacks. To erase the drawbacks of Chen et al.'s anonymous authentication scheme, several password based authentication schemes have been proposed using public key cryptosystem. However, most of them do not present pre-smart card authentication which leads to inefficient login and password change phases. To present an authentication scheme with pre-smart card authentication, we present an improved anonymous smart card based authentication scheme for TMIS. The proposed scheme protects user anonymity and satisfies all the desirable security attributes. Moreover, the proposed scheme presents efficient login and password change phases where incorrect input can be quickly detected and a user can freely change his password without server assistance. Moreover, we demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham) logic. The proposed scheme is also comparable in terms of computational overheads with relevant schemes.

Supporting multi-state collaboration on privacy and security to foster health IT and health information exchange.

Science.gov (United States)

Banger, Alison K; Alakoye, Amoke O; Rizk, Stephanie C

2008-11-06

As part of the HHS funded contract, Health Information Security and Privacy Collaboration, 41 states and territories have proposed collaborative projects to address cross-state privacy and security challenges related to health IT and health information exchange. Multi-state collaboration on privacy and security issues remains complicated, and resources to support collaboration around these topics are essential to the success of such collaboration. The resources outlined here offer an example of how to support multi-stakeholder, multi-state projects.

Location Privacy in RFID Applications

Science.gov (United States)

Sadeghi, Ahmad-Reza; Visconti, Ivan; Wachsmann, Christian

RFID-enabled systems allow fully automatic wireless identification of objects and are rapidly becoming a pervasive technology with various applications. However, despite their benefits, RFID-based systems also pose challenging risks, in particular concerning user privacy. Indeed, improvident use of RFID can disclose sensitive information about users and their locations allowing detailed user profiles. Hence, it is crucial to identify and to enforce appropriate security and privacy requirements of RFID applications (that are also compliant to legislation). This chapter first discusses security and privacy requirements for RFID-enabled systems, focusing in particular on location privacy issues. Then it explores the advances in RFID applications, stressing the security and privacy shortcomings of existing proposals. Finally, it presents new promising directions for privacy-preserving RFID systems, where as a case study we focus electronic tickets (e-tickets) for public transportation.

Putting the Focus Back on the Patient: How Privacy Concerns Affect Personal Health Information Sharing Intentions.

Science.gov (United States)

Abdelhamid, Mohamed; Gaia, Joana; Sanders, G Lawrence

2017-09-13

Health care providers are driven by greater participation and systemic cost savings irrespective of benefits to individual patients derived from sharing Personal Health Information (PHI). Protecting PHI is a critical issue in the sharing of health care information systems; yet, there is very little literature examining the topic of sharing PHI electronically. A good overview of the regulatory, privacy, and societal barriers to sharing PHI can be found in the 2009 Health Information Technology for Economic and Clinical Health Act. This study investigated the factors that influence individuals' intentions to share their PHI electronically with health care providers, creating an understanding of how we can represent a patient's interests more accurately in sharing settings, instead of treating patients like predetermined subjects. Unlike privacy concern and trust, patient activation is a stable trait that is not subject to change in the short term and, thus, is a useful factor in predicting sharing behavior. We apply the extended privacy model in the health information sharing context and adapt this model to include patient activation and issue involvement to predict individuals' intentions. This was a survey-based study with 1600+ participants using the Health Information National Trends Survey (HINTS) data to validate a model through various statistical techniques. The research method included an assessment of both the measurement and structural models with post hoc analysis. We find that privacy concern has the most influence on individuals' intentions to share. Patient activation, issue involvement, and patient-physician relationship are significant predictors of sharing intention. We contribute to theory by introducing patient activation and issue involvement as proxies for personal interest factors in the health care context. Overall, this study found that although patients are open to sharing their PHI, they still have concerns over the privacy of their PHI

Privacy Management and Networked PPD Systems - Challenges Solutions.

Science.gov (United States)

Ruotsalainen, Pekka; Pharow, Peter; Petersen, Francoise

2015-01-01

Modern personal portable health devices (PPDs) become increasingly part of a larger, inhomogeneous information system. Information collected by sensors are stored and processed in global clouds. Services are often free of charge, but at the same time service providers' business model is based on the disclosure of users' intimate health information. Health data processed in PPD networks is not regulated by health care specific legislation. In PPD networks, there is no guarantee that stakeholders share same ethical principles with the user. Often service providers have own security and privacy policies and they rarely offer to the user possibilities to define own, or adapt existing privacy policies. This all raises huge ethical and privacy concerns. In this paper, the authors have analyzed privacy challenges in PPD networks from users' viewpoint using system modeling method and propose the principle "Personal Health Data under Personal Control" must generally be accepted at global level. Among possible implementation of this principle, the authors propose encryption, computer understandable privacy policies, and privacy labels or trust based privacy management methods. The latter can be realized using infrastructural trust calculation and monitoring service. A first step is to require the protection of personal health information and the principle proposed being internationally mandatory. This requires both regulatory and standardization activities, and the availability of open and certified software application which all service providers can implement. One of those applications should be the independent Trust verifier.

Privacy Enforcement in a Cost-Effective Smart Grid

DEFF Research Database (Denmark)

Mikkelsen, Søren Aagaard

In this technical report we present the current state of the research conducted during the first part of the PhD period. The PhD thesis “Privacy Enforcement in a Cost-Effective Smart Grid” focuses on ensuring privacy when generating market for energy service providers that develop web services...... for the residential domain in the envisaged smart grid. The PhD project is funded and associated to the EU project “Energy Demand Aware Open Services for Smart Grid Intelligent Automation” (Smart HG) and therefore introduces the project on a system-level. Based on this, we present some of the integration, security...... and privacy challenges that emerge when designing a system architecture and infrastructure. The resulting architecture is a consumer-centric and agent-based design and uses open Internet-based communication protocols for enabling interoperability while being cost-effective. Finally, the PhD report present...

An Intelligent Fleet Condition-Based Maintenance Decision Making Method Based on Multi-Agent

OpenAIRE

Bo Sun; Qiang Feng; Songjie Li

2012-01-01

According to the demand for condition-based maintenance online decision making among a mission oriented fleet, an intelligent maintenance decision making method based on Multi-agent and heuristic rules is proposed. The process of condition-based maintenance within an aircraft fleet (each containing one or more Line Replaceable Modules) based on multiple maintenance thresholds is analyzed. Then the process is abstracted into a Multi-Agent Model, a 2-layer model structure containing host negoti...

Reward-based spatial crowdsourcing with differential privacy preservation

Science.gov (United States)

Xiong, Ping; Zhang, Lefeng; Zhu, Tianqing

2017-11-01

In recent years, the popularity of mobile devices has transformed spatial crowdsourcing (SC) into a novel mode for performing complicated projects. Workers can perform tasks at specified locations in return for rewards offered by employers. Existing methods ensure the efficiency of their systems by submitting the workers' exact locations to a centralised server for task assignment, which can lead to privacy violations. Thus, implementing crowsourcing applications while preserving the privacy of workers' location is a key issue that needs to be tackled. We propose a reward-based SC method that achieves acceptable utility as measured by task assignment success rates, while efficiently preserving privacy. A differential privacy model ensures rigorous privacy guarantee, and Laplace noise is introduced to protect workers' exact locations. We then present a reward allocation mechanism that adjusts each piece of the reward for a task using the distribution of the workers' locations. Through experimental results, we demonstrate that this optimised-reward method is efficient for SC applications.

Leaking privacy and shadow profiles in online social networks.

Science.gov (United States)

Garcia, David

2017-08-01

Social interaction and data integration in the digital society can affect the control that individuals have on their privacy. Social networking sites can access data from other services, including user contact lists where nonusers are listed too. Although most research on online privacy has focused on inference of personal information of users, this data integration poses the question of whether it is possible to predict personal information of nonusers. This article tests the shadow profile hypothesis, which postulates that the data given by the users of an online service predict personal information of nonusers. Using data from a disappeared social networking site, we perform a historical audit to evaluate whether personal data of nonusers could have been predicted with the personal data and contact lists shared by the users of the site. We analyze personal information of sexual orientation and relationship status, which follow regular mixing patterns in the social network. Going back in time over the growth of the network, we measure predictor performance as a function of network size and tendency of users to disclose their contact lists. This article presents robust evidence supporting the shadow profile hypothesis and reveals a multiplicative effect of network size and disclosure tendencies that accelerates the performance of predictors. These results call for new privacy paradigms that take into account the fact that individual privacy decisions do not happen in isolation and are mediated by the decisions of others.

Privacy preservation and information security protection for patients' portable electronic health records.

Science.gov (United States)

Huang, Lu-Chou; Chu, Huei-Chung; Lien, Chung-Yueh; Hsiao, Chia-Hung; Kao, Tsair

2009-09-01

As patients face the possibility of copying and keeping their electronic health records (EHRs) through portable storage media, they will encounter new risks to the protection of their private information. In this study, we propose a method to preserve the privacy and security of patients' portable medical records in portable storage media to avoid any inappropriate or unintentional disclosure. Following HIPAA guidelines, the method is designed to protect, recover and verify patient's identifiers in portable EHRs. The results of this study show that our methods are effective in ensuring both information security and privacy preservation for patients through portable storage medium.

Genomic research and data-mining technology: implications for personal privacy and informed consent.

Science.gov (United States)

Tavani, Herman T

2004-01-01

This essay examines issues involving personal privacy and informed consent that arise at the intersection of information and communication technology (ICT) and population genomics research. I begin by briefly examining the ethical, legal, and social implications (ELSI) program requirements that were established to guide researchers working on the Human Genome Project (HGP). Next I consider a case illustration involving deCODE Genetics, a privately owned genetic company in Iceland, which raises some ethical concerns that are not clearly addressed in the current ELSI guidelines. The deCODE case also illustrates some ways in which an ICT technique known as data mining has both aided and posed special challenges for researchers working in the field of population genomics. On the one hand, data-mining tools have greatly assisted researchers in mapping the human genome and in identifying certain "disease genes" common in specific populations (which, in turn, has accelerated the process of finding cures for diseases tha affect those populations). On the other hand, this technology has significantly threatened the privacy of research subjects participating in population genomics studies, who may, unwittingly, contribute to the construction of new groups (based on arbitrary and non-obvious patterns and statistical correlations) that put those subjects at risk for discrimination and stigmatization. In the final section of this paper I examine some ways in which the use of data mining in the context of population genomics research poses a critical challenge for the principle of informed consent, which traditionally has played a central role in protecting the privacy interests of research subjects participating in epidemiological studies.

48 CFR 39.105 - Privacy.

Science.gov (United States)

2010-10-01

... 48 Federal Acquisition Regulations System 1 2010-10-01 2010-10-01 false Privacy. 39.105 Section 39... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 39.105 Privacy. Agencies shall ensure that contracts for information technology address protection of privacy in accordance with the Privacy Act (5 U.S.C...

A Cross-Cultural Perspective on the Privacy Calculus

Directory of Open Access Journals (Sweden)

Sabine Trepte

2017-01-01

Full Text Available The “privacy calculus” approach to studying online privacy implies that willingness to engage in disclosures on social network sites (SNSs depends on evaluation of the resulting risks and benefits. In this article, we propose that cultural factors influence the perception of privacy risks and social gratifications. Based on survey data collected from participants from five countries (Germany [n = 740], the Netherlands [n = 89], the United Kingdom [n = 67], the United States [n = 489], and China [n = 165], we successfully replicated the privacy calculus. Furthermore, we found that culture plays an important role: As expected, people from cultures ranking high in individualism found it less important to generate social gratifications on SNSs as compared to people from collectivist-oriented countries. However, the latter placed greater emphasis on privacy risks—presumably to safeguard the collective. Furthermore, we identified uncertainty avoidance to be a cultural dimension crucially influencing the perception of SNS risks and benefits. As expected, people from cultures ranking high in uncertainty avoidance found privacy risks to be more important when making privacy-related disclosure decisions. At the same time, these participants ascribed lower importance to social gratifications—possibly because social encounters are perceived to be less controllable in the social media environment.

Bridging the transatlantic divide in privacy

Directory of Open Access Journals (Sweden)

Paula Kift

2013-08-01

Full Text Available In the context of the US National Security Agency surveillance scandal, the transatlantic privacy divide has come back to the fore. In the United States, the right to privacy is primarily understood as a right to physical privacy, thus the protection from unwarranted government searches and seizures. In Germany on the other hand, it is also understood as a right to spiritual privacy, thus the right of citizens to develop into autonomous moral agents. The following article will discuss the different constitutional assumptions that underlie American and German attitudes towards privacy, namely privacy as an aspect of liberty or as an aspect of dignity. As data flows defy jurisdictional boundaries, however, policymakers across the Atlantic are faced with a conundrum: how can German and American privacy cultures be reconciled?

Economics of Privacy: Users'€™ Attitudes and Economic Impact of Information Privacy Protection

OpenAIRE

Frik, Alisa

2017-01-01

This doctoral thesis consists of three essays within the field of economics of information privacy examined through the lens of behavioral and experimental economics. Rapid development and expansion of Internet, mobile and network technologies in the last decades has provided multitudinous opportunities and benefits to both business and society proposing the customized services and personalized offers at a relatively low price and high speed. However, such innovations and progress have al...

76 FR 31425 - HIPAA Privacy Rule Accounting of Disclosures Under the Health Information Technology for Economic...

Science.gov (United States)

2011-05-31

... 164 HIPAA Privacy Rule Accounting of Disclosures Under the Health Information Technology for Economic... Secretary 45 CFR Part 164 RIN 0991-AB62 HIPAA Privacy Rule Accounting of Disclosures Under the Health... accounting of disclosures of protected health information. The purpose of these modifications is, in part, to...

Homomorphic encryption-based secure SIFT for privacy-preserving feature extraction

Science.gov (United States)

Hsu, Chao-Yung; Lu, Chun-Shien; Pei, Soo-Chang

2011-02-01

Privacy has received much attention but is still largely ignored in the multimedia community. Consider a cloud computing scenario, where the server is resource-abundant and is capable of finishing the designated tasks, it is envisioned that secure media retrieval and search with privacy-preserving will be seriously treated. In view of the fact that scale-invariant feature transform (SIFT) has been widely adopted in various fields, this paper is the first to address the problem of secure SIFT feature extraction and representation in the encrypted domain. Since all the operations in SIFT must be moved to the encrypted domain, we propose a homomorphic encryption-based secure SIFT method for privacy-preserving feature extraction and representation based on Paillier cryptosystem. In particular, homomorphic comparison is a must for SIFT feature detection but is still a challenging issue for homomorphic encryption methods. To conquer this problem, we investigate a quantization-like secure comparison strategy in this paper. Experimental results demonstrate that the proposed homomorphic encryption-based SIFT performs comparably to original SIFT on image benchmarks, while preserving privacy additionally. We believe that this work is an important step toward privacy-preserving multimedia retrieval in an environment, where privacy is a major concern.

End-to-End Privacy Protection for Facebook Mobile Chat based on AES with Multi-Layered MD5

Directory of Open Access Journals (Sweden)

Wibisono Sukmo Wardhono

2018-01-01

Full Text Available As social media environments become more interactive and amount of users grown tremendously, privacy is a matter of increasing concern. When personal data become a commodity, social media company can share users data to another party such as government. Facebook, inc is one of the social media company that frequently asked for user’s data. Although this private data request mechanism through a formal and valid legal process, it still undermine the fundamental right to information privacy. In This Case, social media users need protection against privacy violation from social media platform provider itself.  Private chat is the most favorite feature of a social media. Inside a chat room, user can share their private information contents. Cryptography is one of data protection methods that can be used to hides private communication data from unauthorized parties. In our study, we proposed a system that can encrypt chatting content based on AES and multi-layered MD5 to ensure social media users have privacy protection against social media company that use user informations as a commodity. In addition, this system can make users convenience to share their private information through social media platform.

75 FR 81205 - Privacy Act: Revision of Privacy Act Systems of Records

Science.gov (United States)

2010-12-27

... DEPARTMENT OF AGRICULTURE Office of the Secretary Privacy Act: Revision of Privacy Act Systems of Records AGENCY: Office of the Secretary, USDA. ACTION: Notice to Revise Privacy Act Systems of Records... two Privacy Act Systems of Records entitled ``Information on Persons Disqualified from the...

An Agent-based Simulation of a QoS-oriented Supply Chain

OpenAIRE

Gumzej, Roman; Rosi, Bojan

2017-01-01

With adaptive customer-orientation the efficiency of supply chain management is improved substantially. By the introduction of service quality-based decision-making into supply chain management the quality of service (QoS) within supply chains is expected to improve autonomously and continuously up- and downstream. In the paper the main characteristics of quality of service oriented supply chain management are outlined. The quality of service criterion, introduced into the adaptive supply cha...

User-Oriented and Cognitive Models of Information Retrieval

DEFF Research Database (Denmark)

Skov, Mette; Järvelin, Kalervo; Ingwersen, Peter

2018-01-01

The domain of user-oriented and cognitive information retrieval (IR) is first discussed, followed by a discussion on the dimensions and types of models one may build for the domain. The focus of the present entry is on the models of user-oriented and cognitive IR, not on their empirical...... applications. Several models with different emphases on user-oriented and cognitive IR are presented—ranging from overall approaches and relevance models to procedural models, cognitive models, and task-based models. The present entry does not discuss empirical findings based on the models....

Preserving location and absence privacy in geo-social networks

DEFF Research Database (Denmark)

Freni, Dario; Vicente, Carmen Ruiz; Mascetti, Sergio

2010-01-01

accessible to multiple users. This renders it difficult for GeoSN users to control which information about them is available and to whom it is available. This paper addresses two privacy threats that occur in GeoSNs: location privacy and absence privacy. The former concerns the availability of information...... about the presence of users in specific locations at given times, while the latter concerns the availability of information about the absence of an individual from specific locations during given periods of time. The challenge addressed is that of supporting privacy while still enabling useful services....... The resulting geo-aware social networks (GeoSNs) pose privacy threats beyond those found in location-based services. Content published in a GeoSN is often associated with references to multiple users, without the publisher being aware of the privacy preferences of those users. Moreover, this content is often...

Privacy protectionism and health information: is there any redress for harms to health?

Science.gov (United States)

Allen, Judy; Holman, C D'arcy J; Meslin, Eric M; Stanley, Fiona

2013-12-01

Health information collected by governments can be a valuable resource for researchers seeking to improve diagnostics, treatments and public health outcomes. Responsible use requires close attention to privacy concerns and to the ethical acceptability of using personal health information without explicit consent. Less well appreciated are the legal and ethical issues that are implicated when privacy protection is extended to the point where the potential benefits to the public from research are lost. Balancing these issues is a delicate matter for data custodians. This article examines the legal, ethical and structural context in which data custodians make decisions about the release of data for research. It considers the impact of those decisions on individuals. While there is strong protection against risks to privacy and multiple avenues of redress, there is no redress where harms result from a failure to release data for research.

Conversion of the agent-oriented domain-specific language ALAS into JavaScript

Science.gov (United States)

Sredojević, Dejan; Vidaković, Milan; Okanović, Dušan; Mitrović, Dejan; Ivanović, Mirjana

2016-06-01

This paper shows generation of JavaScript code from code written in agent-oriented domain-specific language ALAS. ALAS is an agent-oriented domain-specific language for writing software agents that are executed within XJAF middleware. Since the agents can be executed on various platforms, they must be converted into a language of the target platform. We also try to utilize existing tools and technologies to make the whole conversion process as simple as possible, as well as faster and more efficient. We use the Xtext framework that is compatible with Java to implement ALAS infrastructure - editor and code generator. Since Xtext supports Java, generation of Java code from ALAS code is straightforward. To generate a JavaScript code that will be executed within the target JavaScript XJAF implementation, Google Web Toolkit (GWT) is used.

An Alternative View of Privacy on Facebook

Directory of Open Access Journals (Sweden)

Christian Fuchs

2011-02-01

Full Text Available The predominant analysis of privacy on Facebook focuses on personal information revelation. This paper is critical of this kind of research and introduces an alternative analytical framework for studying privacy on Facebook, social networking sites and web 2.0. This framework is connecting the phenomenon of online privacy to the political economy of capitalism—a focus that has thus far been rather neglected in research literature about Internet and web 2.0 privacy. Liberal privacy philosophy tends to ignore the political economy of privacy in capitalism that can mask socio-economic inequality and protect capital and the rich from public accountability. Facebook is in this paper analyzed with the help of an approach, in which privacy for dominant groups, in regard to the ability of keeping wealth and power secret from the public, is seen as problematic, whereas privacy at the bottom of the power pyramid for consumers and normal citizens is seen as a protection from dominant interests. Facebook’s privacy concept is based on an understanding that stresses self-regulation and on an individualistic understanding of privacy. The theoretical analysis of the political economy of privacy on Facebook in this paper is based on the political theories of Karl Marx, Hannah Arendt and Jürgen Habermas. Based on the political economist Dallas Smythe’s concept of audience commodification, the process of prosumer commodification on Facebook is analyzed. The political economy of privacy on Facebook is analyzed with the help of a theory of drives that is grounded in Herbert Marcuse’s interpretation of Sigmund Freud, which allows to analyze Facebook based on the concept of play labor (= the convergence of play and labor.

Process and data fragmentation-oriented enterprise network integration with collaboration modelling and collaboration agents

Science.gov (United States)

Li, Qing; Wang, Ze-yuan; Cao, Zhi-chao; Du, Rui-yang; Luo, Hao

2015-08-01

With the process of globalisation and the development of management models and information technology, enterprise cooperation and collaboration has developed from intra-enterprise integration, outsourcing and inter-enterprise integration, and supply chain management, to virtual enterprises and enterprise networks. Some midfielder enterprises begin to serve for different supply chains. Therefore, they combine related supply chains into a complex enterprise network. The main challenges for enterprise network's integration and collaboration are business process and data fragmentation beyond organisational boundaries. This paper reviews the requirements of enterprise network's integration and collaboration, as well as the development of new information technologies. Based on service-oriented architecture (SOA), collaboration modelling and collaboration agents are introduced to solve problems of collaborative management for service convergence under the condition of process and data fragmentation. A model-driven methodology is developed to design and deploy the integrating framework. An industrial experiment is designed and implemented to illustrate the usage of developed technologies in this paper.

Enhancing Security and Privacy in Video Surveillance through Role-Oriented Access Control Mechanism

DEFF Research Database (Denmark)

Mahmood Rajpoot, Qasim

sensitive regions, e.g. faces, from the videos. However, very few research efforts have focused on addressing the security aspects of video surveillance data and on authorizing access to this data. Interestingly, while PETs help protect the privacy of individuals, they may also hinder the usefulness....... Pervasive usage of such systems gives substantial powers to those monitoring the videos and poses a threat to the privacy of anyone observed by the system. Aside from protecting privacy from the outside attackers, it is equally important to protect the privacy of individuals from the inside personnel...... involved in monitoring surveillance data to minimize the chances of misuse of the system, e.g. voyeurism. In this context, several techniques to protect the privacy of individuals, called privacy enhancing techniques (PET) have therefore been proposed in the literature which detect and mask the privacy...

PRUB: A Privacy Protection Friend Recommendation System Based on User Behavior

Directory of Open Access Journals (Sweden)

Wei Jiang

2016-01-01

Full Text Available The fast developing social network is a double-edged sword. It remains a serious problem to provide users with excellent mobile social network services as well as protecting privacy data. Most popular social applications utilize behavior of users to build connection with people having similar behavior, thus improving user experience. However, many users do not want to share their certain behavioral information to the recommendation system. In this paper, we aim to design a secure friend recommendation system based on the user behavior, called PRUB. The system proposed aims at achieving fine-grained recommendation to friends who share some same characteristics without exposing the actual user behavior. We utilized the anonymous data from a Chinese ISP, which records the user browsing behavior, for 3 months to test our system. The experiment result shows that our system can achieve a remarkable recommendation goal and, at the same time, protect the privacy of the user behavior information.

A Privacy-Preserving Outsourcing Data Storage Scheme with Fragile Digital Watermarking-Based Data Auditing

Directory of Open Access Journals (Sweden)

Xinyue Cao

2016-01-01

Full Text Available Cloud storage has been recognized as the popular solution to solve the problems of the rising storage costs of IT enterprises for users. However, outsourcing data to the cloud service providers (CSPs may leak some sensitive privacy information, as the data is out of user’s control. So how to ensure the integrity and privacy of outsourced data has become a big challenge. Encryption and data auditing provide a solution toward the challenge. In this paper, we propose a privacy-preserving and auditing-supporting outsourcing data storage scheme by using encryption and digital watermarking. Logistic map-based chaotic cryptography algorithm is used to preserve the privacy of outsourcing data, which has a fast operation speed and a good effect of encryption. Local histogram shifting digital watermark algorithm is used to protect the data integrity which has high payload and makes the original image restored losslessly if the data is verified to be integrated. Experiments show that our scheme is secure and feasible.

75 FR 80042 - Information Privacy and Innovation in the Internet Economy

Science.gov (United States)

2010-12-21

...The Department of Commerce's Internet Policy Task Force is conducting a comprehensive review of the nexus between privacy policy and innovation in the Internet economy. On April 23, 2010, the Department published a Notice of Inquiry seeking comment from all Internet stakeholders on the impact of current privacy laws in the United States and around the world on the pace of innovation in the information economy. The Department now seeks further comment on its report entitled, ``Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework,'' available at http:// www.ntia.doc.gov/internetpolicytaskforce/. Through this Notice requesting comments on the report, the Department hopes to spur further discussion with Internet stakeholders that will lead to the development of a series of Administration positions that will help develop an action plan in this important area.

A Secure RFID Tag Authentication Protocol with Privacy Preserving in Telecare Medicine Information System.

Science.gov (United States)

Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

2015-08-01

Radio Frequency Identification (RFID) based solutions are widely used for providing many healthcare applications include patient monitoring, object traceability, drug administration system and telecare medicine information system (TMIS) etc. In order to reduce malpractices and ensure patient privacy, in 2015, Srivastava et al. proposed a hash based RFID tag authentication protocol in TMIS. Their protocol uses lightweight hash operation and synchronized secret value shared between back-end server and tag, which is more secure and efficient than other related RFID authentication protocols. Unfortunately, in this paper, we demonstrate that Srivastava et al.'s tag authentication protocol has a serious security problem in that an adversary may use the stolen/lost reader to connect to the medical back-end server that store information associated with tagged objects and this privacy damage causing the adversary could reveal medical data obtained from stolen/lost readers in a malicious way. Therefore, we propose a secure and efficient RFID tag authentication protocol to overcome security flaws and improve the system efficiency. Compared with Srivastava et al.'s protocol, the proposed protocol not only inherits the advantages of Srivastava et al.'s authentication protocol for TMIS but also provides better security with high system efficiency.

Enhancing Privacy in Wearable IoT through a Provenance Architecture

Directory of Open Access Journals (Sweden)

Richard K. Lomotey

2018-04-01

Full Text Available The Internet of Things (IoT is inspired by network interconnectedness of humans, objects, and cloud services to facilitate new use cases and new business models across multiple enterprise domains including healthcare. This creates the need for continuous data streaming in IoT architectures which are mainly designed following the broadcast model. The model facilitates IoT devices to sense and deliver information to other nodes (e.g., cloud, physical objects, etc. that are interested in the information. However, this is a recipe for privacy breaches since sensitive data, such as personal vitals from wearables, can be delivered to undesired sniffing nodes. In order to protect users’ privacy and manufacturers’ IP, as well as detecting and blocking malicious activity, this research paper proposes privacy-oriented IoT architecture following the provenance technique. This ensures that the IoT data will only be delivered to the nodes that subscribe to receive the information. Using the provenance technique to ensure high transparency, the work is able to provide trace routes for digital audit trail. Several empirical evaluations are conducted in a real-world wearable IoT ecosystem to prove the superiority of the proposed work.

A Secure and Privacy-Preserving Navigation Scheme Using Spatial Crowdsourcing in Fog-Based VANETs

Science.gov (United States)

Wang, Lingling; Liu, Guozhu; Sun, Lijun

2017-01-01

Fog-based VANETs (Vehicular ad hoc networks) is a new paradigm of vehicular ad hoc networks with the advantages of both vehicular cloud and fog computing. Real-time navigation schemes based on fog-based VANETs can promote the scheme performance efficiently. In this paper, we propose a secure and privacy-preserving navigation scheme by using vehicular spatial crowdsourcing based on fog-based VANETs. Fog nodes are used to generate and release the crowdsourcing tasks, and cooperatively find the optimal route according to the real-time traffic information collected by vehicles in their coverage areas. Meanwhile, the vehicle performing the crowdsourcing task can get a reasonable reward. The querying vehicle can retrieve the navigation results from each fog node successively when entering its coverage area, and follow the optimal route to the next fog node until it reaches the desired destination. Our scheme fulfills the security and privacy requirements of authentication, confidentiality and conditional privacy preservation. Some cryptographic primitives, including the Elgamal encryption algorithm, AES, randomized anonymous credentials and group signatures, are adopted to achieve this goal. Finally, we analyze the security and the efficiency of the proposed scheme. PMID:28338620

A Secure and Privacy-Preserving Navigation Scheme Using Spatial Crowdsourcing in Fog-Based VANETs.

Science.gov (United States)

Wang, Lingling; Liu, Guozhu; Sun, Lijun

2017-03-24

Fog-based VANETs (Vehicular ad hoc networks) is a new paradigm of vehicular ad hoc networks with the advantages of both vehicular cloud and fog computing. Real-time navigation schemes based on fog-based VANETs can promote the scheme performance efficiently. In this paper, we propose a secure and privacy-preserving navigation scheme by using vehicular spatial crowdsourcing based on fog-based VANETs. Fog nodes are used to generate and release the crowdsourcing tasks, and cooperatively find the optimal route according to the real-time traffic information collected by vehicles in their coverage areas. Meanwhile, the vehicle performing the crowdsourcing task can get a reasonable reward. The querying vehicle can retrieve the navigation results from each fog node successively when entering its coverage area, and follow the optimal route to the next fog node until it reaches the desired destination. Our scheme fulfills the security and privacy requirements of authentication, confidentiality and conditional privacy preservation. Some cryptographic primitives, including the Elgamal encryption algorithm, AES, randomized anonymous credentials and group signatures, are adopted to achieve this goal. Finally, we analyze the security and the efficiency of the proposed scheme.

Privacy Awareness: A Means to Solve the Privacy Paradox?

Science.gov (United States)

Pötzsch, Stefanie

People are limited in their resources, i.e. they have limited memory capabilities, cannot pay attention to too many things at the same time, and forget much information after a while; computers do not suffer from these limitations. Thus, revealing personal data in electronic communication environments and being completely unaware of the impact of privacy might cause a lot of privacy issues later. Even if people are privacy aware in general, the so-called privacy paradox shows that they do not behave according to their stated attitudes. This paper discusses explanations for the existing dichotomy between the intentions of people towards disclosure of personal data and their behaviour. We present requirements on tools for privacy-awareness support in order to counteract the privacy paradox.

Multi-agent control system with information fusion based comfort model for smart buildings

International Nuclear Information System (INIS)

Wang, Zhu; Wang, Lingfeng; Dounis, Anastasios I.; Yang, Rui

2012-01-01

Highlights: ► Proposed a model to manage indoor energy and comfort for smart buildings. ► Developed a control system to maximize comfort with minimum energy consumption. ► Information fusion with ordered weighted averaging aggregation is used. ► Multi-agent technology and heuristic intelligent optimization are deployed in developing the control system. -- Abstract: From the perspective of system control, a smart and green building is a large-scale dynamic system with high complexity and a huge amount of information. Proper combination of the available information and effective control of the overall building system turns out to be a big challenge. In this study, we proposed a building indoor energy and comfort management model based on information fusion using ordered weighted averaging (OWA) aggregation. A multi-agent control system with heuristic intelligent optimization is developed to achieve a high level of comfort with the minimum power consumption. Case studies and simulation results are presented and discussed in this paper.

A Taxonomy of Privacy Constructs for Privacy-Sensitive Robotics

OpenAIRE

Rueben, Matthew; Grimm, Cindy M.; Bernieri, Frank J.; Smart, William D.

2017-01-01

The introduction of robots into our society will also introduce new concerns about personal privacy. In order to study these concerns, we must do human-subject experiments that involve measuring privacy-relevant constructs. This paper presents a taxonomy of privacy constructs based on a review of the privacy literature. Future work in operationalizing privacy constructs for HRI studies is also discussed.

The Genetic Privacy Act and commentary

Energy Technology Data Exchange (ETDEWEB)

Annas, G.J.; Glantz, L.H.; Roche, P.A.

1995-02-28

The Genetic Privacy Act is a proposal for federal legislation. The Act is based on the premise that genetic information is different from other types of personal information in ways that require special protection. Therefore, to effectively protect genetic privacy unauthorized collection and analysis of individually identifiable DNA must be prohibited. As a result, the premise of the Act is that no stranger should have or control identifiable DNA samples or genetic information about an individual unless that individual specifically authorizes the collection of DNA samples for the purpose of genetic analysis, authorized the creation of that private information, and has access to and control over the dissemination of that information.

Location Privacy with Randomness Consistency

Directory of Open Access Journals (Sweden)

Wu Hao

2016-10-01

Full Text Available Location-Based Social Network (LBSN applications that support geo-location-based posting and queries to provide location-relevant information to mobile users are increasingly popular, but pose a location-privacy risk to posts. We investigated existing LBSNs and location privacy mechanisms, and found a powerful potential attack that can accurately locate users with relatively few queries, even when location data is well secured and location noise is applied. Our technique defeats previously proposed solutions including fake-location detection and query rate limits.

Lightweight Privacy-Preserving Authentication Protocols Secure against Active Attack in an Asymmetric Way

Science.gov (United States)

Cui, Yank; Kobara, Kazukuni; Matsuura, Kanta; Imai, Hideki

As pervasive computing technologies develop fast, the privacy protection becomes a crucial issue and needs to be coped with very carefully. Typically, it is difficult to efficiently identify and manage plenty of the low-cost pervasive devices like Radio Frequency Identification Devices (RFID), without leaking any privacy information. In particular, the attacker may not only eavesdrop the communication in a passive way, but also mount an active attack to ask queries adaptively, which is obviously more dangerous. Towards settling this problem, in this paper, we propose two lightweight authentication protocols which are privacy-preserving against active attack, in an asymmetric way. That asymmetric style with privacy-oriented simplification succeeds to reduce the load of low-cost devices and drastically decrease the computation cost for the management of server. This is because that, unlike the usual management of the identities, our approach does not require any synchronization nor exhaustive search in the database, which enjoys great convenience in case of a large-scale system. The protocols are based on a fast asymmetric encryption with specialized simplification and only one cryptographic hash function, which consequently assigns an easy work to pervasive devices. Besides, our results do not require the strong assumption of the random oracle.

A Privacy-Preserving Intelligent Medical Diagnosis System Based on Oblivious Keyword Search

Directory of Open Access Journals (Sweden)

Zhaowen Lin

2017-01-01

Full Text Available One of the concerns people have is how to get the diagnosis online without privacy being jeopardized. In this paper, we propose a privacy-preserving intelligent medical diagnosis system (IMDS, which can efficiently solve the problem. In IMDS, users submit their health examination parameters to the server in a protected form; this submitting process is based on Paillier cryptosystem and will not reveal any information about their data. And then the server retrieves the most likely disease (or multiple diseases from the database and returns it to the users. In the above search process, we use the oblivious keyword search (OKS as a basic framework, which makes the server maintain the computational ability but cannot learn any personal information over the data of users. Besides, this paper also provides a preprocessing method for data stored in the server, to make our protocol more efficient.

Fourier Magnitude-Based Privacy-Preserving Clustering on Time-Series Data

Science.gov (United States)

Kim, Hea-Suk; Moon, Yang-Sae

Privacy-preserving clustering (PPC in short) is important in publishing sensitive time-series data. Previous PPC solutions, however, have a problem of not preserving distance orders or incurring privacy breach. To solve this problem, we propose a new PPC approach that exploits Fourier magnitudes of time-series. Our magnitude-based method does not cause privacy breach even though its techniques or related parameters are publicly revealed. Using magnitudes only, however, incurs the distance order problem, and we thus present magnitude selection strategies to preserve as many Euclidean distance orders as possible. Through extensive experiments, we showcase the superiority of our magnitude-based approach.

A security and privacy preserving e-prescription system based on smart cards.

Science.gov (United States)

Hsu, Chien-Lung; Lu, Chung-Fu

2012-12-01

In 2002, Ateniese and Medeiros proposed an e-prescription system, in which the patient can store e-prescription and related information using smart card. Latter, Yang et al. proposed a novel smart-card based e-prescription system based on Ateniese and Medeiros's system in 2004. Yang et al. considered the privacy issues of prescription data and adopted the concept of a group signature to provide patient's privacy protection. To make the e-prescription system more realistic, they further applied a proxy signature to allow a patient to delegate his signing capability to other people. This paper proposed a novel security and privacy preserving e-prescription system model based on smart cards. A new role, chemist, is included in the system model for settling the medicine dispute. We further presented a concrete identity-based (ID-based) group signature scheme and an ID-based proxy signature scheme to realize the proposed model. Main property of an ID-based system is that public key is simple user's identity and can be verified without extra public key certificates. Our ID-based group signature scheme can allow doctors to sign e-prescription anonymously. In a case of a medical dispute, identities of the doctors can be identified. The proposed ID-based proxy signature scheme can improve signing delegation and allows a delegation chain. The proposed e-prescription system based on our proposed two cryptographic schemes is more practical and efficient than Yang et al.'s system in terms of security, communication overheads, computational costs, practical considerations.

Balancing Between Privacy and Patient Needs for Health Information in the Age of Participatory Health and Social Media: A Scoping Review.

Science.gov (United States)

Househ, Mowafa; Grainger, Rebecca; Petersen, Carolyn; Bamidis, Panagiotis; Merolli, Mark

2018-04-22

 With the increased use of participatory health enabling technologies, such as social media, balancing the need for health information with patient privacy and confidentiality has become a more complex and immediate concern. The purpose of this paper produced by the members of the IMIA Fbrticipatoiy Health and Social Media (PHSM) working group is to investigate patient needs for health information using participatory health enabling technologies, while balancing their needs for privacy and confidentiality.  Six domain areas including media sharing platforms, patient portals, web-based platforms, crowdsourcing websites, medical avatars, and other mobile health technologies were identified by five members of the IMIA PHSM working group as relevant to participatory health and the balance between data sharing and patient needs for privacy and confidentiality. After identifying the relevant domain areas, our scoping review began by searching several databases such as PubMed, MEDLINE, Scopus, and Google Scholar using a variety of key search terms.  A total of 1,973 studies were identified, of which 68 studies met our inclusion criteria and were included in the analysis. Results showed that challenges for balancing patient needs for information and privacy and confidentiality concerns included: cross-cultural understanding, clinician and patient awareness, de-identification of data, and commercialization of patient data. Some opportunities identified were patient empowerment, connecting participatory health enabling technologies with clinical records, open data sharing agreement, and e-consent.  Balancing between privacy and patient needs for health information in the age of participatory health and social media offers several opportunities and challenges. More people are engaging in actively managing health through participatory health enabling technologies. Such activity often includes sharing health information and with this comes a perennial tension between

A Petri Net-Based Software Process Model for Developing Process-Oriented Information Systems

Science.gov (United States)

Li, Yu; Oberweis, Andreas

Aiming at increasing flexibility, efficiency, effectiveness, and transparency of information processing and resource deployment in organizations to ensure customer satisfaction and high quality of products and services, process-oriented information systems (POIS) represent a promising realization form of computerized business information systems. Due to the complexity of POIS, explicit and specialized software process models are required to guide POIS development. In this chapter we characterize POIS with an architecture framework and present a Petri net-based software process model tailored for POIS development with consideration of organizational roles. As integrated parts of the software process model, we also introduce XML nets, a variant of high-level Petri nets as basic methodology for business processes modeling, and an XML net-based software toolset providing comprehensive functionalities for POIS development.

Privacy Implications for Information and Communications Technology (ICT): the Case of the Jordanian E-Government

OpenAIRE

Almatarneh, Akram

2011-01-01

Information and Communications Technology (ICT) is one of the fastest growing sectors in Jordan. The importance of ICT cannot be ignored as it affects all aspects of Jordanian society including telecommunications, education, banking, commerce and employment. However, the issue of individual privacy in this sector is a particular challenge as individuals are disclosing large amounts of personal information than ever at a time when there are no specific privacy laws or regulations. This paper i...

An Intelligent Fleet Condition-Based Maintenance Decision Making Method Based on Multi-Agent

Directory of Open Access Journals (Sweden)

Bo Sun

2012-01-01

Full Text Available According to the demand for condition-based maintenance online decision making among a mission oriented fleet, an intelligent maintenance decision making method based on Multi-agent and heuristic rules is proposed. The process of condition-based maintenance within an aircraft fleet (each containing one or more Line Replaceable Modules based on multiple maintenance thresholds is analyzed. Then the process is abstracted into a Multi-Agent Model, a 2-layer model structure containing host negotiation and independent negotiation is established, and the heuristic rules applied to global and local maintenance decision making is proposed. Based on Contract Net Protocol and the heuristic rules, the maintenance decision making algorithm is put forward. Finally, a fleet consisting of 10 aircrafts on a 3-wave continuous mission is illustrated to verify this method. Simulation results indicate that this method can improve the availability of the fleet, meet mission demands, rationalize the utilization of support resources and provide support for online maintenance decision making among a mission oriented fleet.

Privacy and senior willingness to adopt smart home information technology in residential care facilities.

Science.gov (United States)

Courtney, K L

2008-01-01

With large predicted increases of the older adult (65 years and older) population, researchers have been exploring the use of smart home information technologies (IT) in residential care (RC) facilities to enhance resident quality of life and safety. Older adults' perceptions of privacy can inhibit their acceptance and subsequent adoption of smart home IT. This qualitative study, guided by principles of grounded theory research, investigated the relationship between privacy, living environment and willingness of older adults living in residential care facilities to adopt smart home IT through focus groups and individual interviews. The findings from this study indicate that privacy can be a barrier for older adults' adoption of smart home IT; however their own perception of their need for the technology may override their privacy concerns. Privacy concerns, as a barrier to technology adoption, can be influenced by both individual-level and community-level factors. Further exploration of the factors influencing older adults' perceptions of smart home IT need is necessary.

Agent based simulation on the process of human flesh search-From perspective of knowledge and emotion

Science.gov (United States)

Zhu, Hou; Hu, Bin

2017-03-01

Human flesh search as a new net crowed behavior, on the one hand can help us to find some special information, on the other hand may lead to privacy leaking and offending human right. In order to study the mechanism of human flesh search, this paper proposes a simulation model based on agent-based model and complex networks. The computational experiments show some useful results. Discovered information quantity and involved personal ratio are highly correlated, and most of net citizens will take part in the human flesh search or will not take part in the human flesh search. Knowledge quantity does not influence involved personal ratio, but influences whether HFS can find out the target human. When the knowledge concentrates on hub nodes, the discovered information quantity is either perfect or almost zero. Emotion of net citizens influences both discovered information quantity and involved personal ratio. Concretely, when net citizens are calm to face the search topic, it will be hardly to find out the target; But when net citizens are agitated, the target will be found out easily.

Strategic orientations and cooperation of external agents in the innovation process of rural enterprises

Directory of Open Access Journals (Sweden)

José Francisco dos Reis Neto

Full Text Available ABSTRACT: This article provides empirical evidence for the relationship between the market orientation, entrepreneurial orientation, and collaboration of external actors in the processes of incremental and radical innovations in rural enterprises. The research tested two sets of assumptions: first, the relation between contributions of strategic orientation and innovation processes; and second, collaborations of external stakeholders in the implementation of innovation processes. Data were collected from 208 rural enterprises and analyzed with the use of techniques of partial least squares structural equation modeling. Results showed that the market orientation contributes to the development of incremental innovation, and that the entrepreneurial orientation contributes to the implementation of the incremental and radical innovations. Specific agents (buyers, suppliers of goods and services, consultants, and others producers, collaborate positively in implementing incremental innovation; however, generic agents do not. The generic agents (universities and specialized public organizations are the ones that most intervene in radical innovations. The use of consistent theory in the areas of strategy, marketing and management in identifying that some of their causal relationships are confirmed for rural businesses unlike others, due to the structure of the market and the products produced by them.

Assurance in Agent-Based Systems

Energy Technology Data Exchange (ETDEWEB)

Gilliom, Laura R.; Goldsmith, Steven Y.

1999-05-10

Our vision of the future of information systems is one that includes engineered collectives of software agents which are situated in an environment over years and which increasingly improve the performance of the overall system of which they are a part. At a minimum, the movement of agent and multi-agent technology into National Security applications, including their use in information assurance, is apparent today. The use of deliberative, autonomous agents in high-consequence/high-security applications will require a commensurate level of protection and confidence in the predictability of system-level behavior. At Sandia National Laboratories, we have defined and are addressing a research agenda that integrates the surety (safety, security, and reliability) into agent-based systems at a deep level. Surety is addressed at multiple levels: The integrity of individual agents must be protected by addressing potential failure modes and vulnerabilities to malevolent threats. Providing for the surety of the collective requires attention to communications surety issues and mechanisms for identifying and working with trusted collaborators. At the highest level, using agent-based collectives within a large-scale distributed system requires the development of principled design methods to deliver the desired emergent performance or surety characteristics. This position paper will outline the research directions underway at Sandia, will discuss relevant work being performed elsewhere, and will report progress to date toward assurance in agent-based systems.

Assurance in Agent-Based Systems

International Nuclear Information System (INIS)

Gilliom, Laura R.; Goldsmith, Steven Y.

1999-01-01

Our vision of the future of information systems is one that includes engineered collectives of software agents which are situated in an environment over years and which increasingly improve the performance of the overall system of which they are a part. At a minimum, the movement of agent and multi-agent technology into National Security applications, including their use in information assurance, is apparent today. The use of deliberative, autonomous agents in high-consequence/high-security applications will require a commensurate level of protection and confidence in the predictability of system-level behavior. At Sandia National Laboratories, we have defined and are addressing a research agenda that integrates the surety (safety, security, and reliability) into agent-based systems at a deep level. Surety is addressed at multiple levels: The integrity of individual agents must be protected by addressing potential failure modes and vulnerabilities to malevolent threats. Providing for the surety of the collective requires attention to communications surety issues and mechanisms for identifying and working with trusted collaborators. At the highest level, using agent-based collectives within a large-scale distributed system requires the development of principled design methods to deliver the desired emergent performance or surety characteristics. This position paper will outline the research directions underway at Sandia, will discuss relevant work being performed elsewhere, and will report progress to date toward assurance in agent-based systems

Secure Mix-Zones for Privacy Protection of Road Network Location Based Services Users

Directory of Open Access Journals (Sweden)

Rubina S. Zuberi

2016-01-01

Full Text Available Privacy has been found to be the major impediment and hence the area to be worked out for the provision of Location Based Services in the wide sense. With the emergence of smart, easily portable, communicating devices, information acquisition is achieving new domains. The work presented here is an extension of the ongoing work towards achieving privacy for the present day emerging communication techniques. This work emphasizes one of the most effective real-time privacy enhancement techniques called Mix-Zones. In this paper, we have presented a model of a secure road network with Mix-Zones getting activated on the basis of spatial as well as temporal factors. The temporal factors are ascertained by the amount of traffic and its flow. The paper also discusses the importance of the number of Mix-Zones a user traverses and their mixing effectiveness. We have also shown here using our simulations which are required for the real-time treatment of the problem that the proposed transient Mix-Zones are part of a viable and robust solution towards the road network privacy protection of the communicating moving objects of the present scenario.

An X window based graphics user interface for radiation information processing system developed with object-oriented programming technology

International Nuclear Information System (INIS)

Gao Wenhuan; Fu Changqing; Kang Kejun

1993-01-01

X Window is a network-oriented and network transparent windowing system, and now dominant in the Unix domain. The object-oriented programming technology can be used to change the extensibility of a software system remarkably. An introduction to graphics user interface is given. And how to develop a graphics user interface for radiation information processing system with object-oriented programming technology, which is based on X Window and independent of application is described briefly

Utilizing Design Information in Aspect-Oriented Programming

OpenAIRE

Nagy, I.; Bergmans, Lodewijk; Havinga, W.K.; Aksit, Mehmet; Hirschfeld, Robert; Kowalczyk, Ryszard; Polze, Andreas; Weske, Mathias

2005-01-01

Traditionally in aspect-oriented languages, pointcut designators select joinpoints of a program based on lexical information such as explicit names of program elements. However, this reduces the adaptability of software, since it involves too much information that is hard-coded, and often implementationspecific. We claim that this problem can be reduced by referring to program units through their design intentions. Design intention is represented by annotated design information, which describ...

Internet Privacy: Comparison of Federal Agency Practices With FTC's Fair Information Principles

National Research Council Canada - National Science Library

2000-01-01

... recent privacy survey of commercial web sites. The survey's objective was to assess the on-line industry's progress in implementing four fair information principles which FTC believes are widely accepted. Notice...

The role of health care experience and consumer information efficacy in shaping privacy and security perceptions of medical records: national consumer survey results.

Science.gov (United States)

Patel, Vaishali; Beckjord, Ellen; Moser, Richard P; Hughes, Penelope; Hesse, Bradford W

2015-04-02

Providers' adoption of electronic health records (EHRs) is increasing and consumers have expressed concerns about the potential effects of EHRs on privacy and security. Yet, we lack a comprehensive understanding regarding factors that affect individuals' perceptions regarding the privacy and security of their medical information. The aim of this study was to describe national perceptions regarding the privacy and security of medical records and identify a comprehensive set of factors associated with these perceptions. Using a nationally representative 2011-2012 survey, we reported on adults' perceptions regarding privacy and security of medical records and sharing of health information between providers, and whether adults withheld information from a health care provider due to privacy or security concerns. We used multivariable models to examine the association between these outcomes and sociodemographic characteristics, health and health care experience, information efficacy, and technology-related variables. Approximately one-quarter of American adults (weighted n=235,217,323; unweighted n=3959) indicated they were very confident (n=989) and approximately half indicated they were somewhat confident (n=1597) in the privacy of their medical records; we found similar results regarding adults' confidence in the security of medical records (very confident: n=828; somewhat confident: n=1742). In all, 12.33% (520/3904) withheld information from a health care provider and 59.06% (2100/3459) expressed concerns about the security of both faxed and electronic health information. Adjusting for other characteristics, adults who reported higher quality of care had significantly greater confidence in the privacy and security of their medical records and were less likely to withhold information from their health care provider due to privacy or security concerns. Adults with higher information efficacy had significantly greater confidence in the privacy and security of medical

Patient privacy, consent, and identity management in health information exchange

CERN Document Server

Hosek, Susan D

2013-01-01

As a step toward improving its health information technology (IT) interoperability, the Military Health System is seeking to develop a research roadmap to better coordinate health IT research efforts, address IT capability gaps, and reduce programmatic risk for its enterprise projects. This report identifies gaps in research, policy, and practice involving patient privacy, consent, and identity management that need to be addressed to improve the quality and efficiency of care through health information exchange.

Managing information and knowledge within maternity services: Privacy and consent issues.

Science.gov (United States)

Baskaran, Vikraman; Davis, Kim; Bali, Rajeev K; Naguib, Raouf N G; Wickramasinghe, Nilmini

2013-09-01

Electronic Patient Records have improved vastly the quality and efficiency of care delivered. However, the formation of single demographic database and the ease of electronic information sharing give rise to many concerns including issues of consent, by whom and how data are accessed and used. This paper examines the organizational and socio-technical issues related to privacy, confidentiality and security when employing electronic records within a maternity service hospital in England. A preliminary questionnaire was administered (n  =  52), in total, 24 responses were received. Sixteen responses were from personnel in the information technology department, 5 from health information department and 3 from midwifery managers. This was followed by a semi-structured interview with representatives from the clinical and technological side. A number of issues related to information governance (IG) have been identified, especially breaches on sharing personal information without consent from the patients have been identified as one immediate challenge that needs to be fixed. There is an immediate need for more robust, realistic, built-in accountability both locally and nationally on data sharing. A culture of ownership and strict adherence to IG principles is paramount. Focused training in the area of data, information and knowledge sharing will bring in a balance of legitimate usage against the individual's rights to confidentiality and privacy.

When private information settles the bill : money and privacy in Google's market for smartphone applications

OpenAIRE

Kummer, Michael E.; Schulte, Patrick

2016-01-01

We shed light on a money-for-privacy trade-off in the market for smartphone applications ("apps"). Developers offer their apps cheaper in return for greater access to personal information, and consumers choose between lower prices and more privacy. We provide evidence for this pattern using data on 300,000 mobile applications which were obtained from the Android Market in 2012 and 2014. We augmented these data with information from Alexa.com and Amazon Mechanical Turk. Our findings show that ...

Internet and Privacy

OpenAIRE

Al-Fadhli, Meshal Shehab

2007-01-01

The concept of privacy is hard to understand and is not easy to define, because this concept is linked with several dimensions. Internet Privacy is associated with the use of the Internet and most likely appointed under communications privacy, involving the user of the Internet’s personal information and activities, and the disclosure of them online. This essay is going to present the meaning of privacy and the implications of it for Internet users. Also, this essay will demonstrate some of t...

Defining Privacy Is Supposed to Be Easy

DEFF Research Database (Denmark)

Mödersheim, Sebastian Alexander; Gross, Thomas; Viganò, Luca

2013-01-01

Formally specifying privacy goals is not trivial. The most widely used approach in formal methods is based on the static equivalence of frames in the applied pi-calculus, basically asking whether or not the intruder is able to distinguish two given worlds. A subtle question is how we can be sure...... that we have specified all pairs of worlds to properly reflect our intuitive privacy goal. To address this problem, we introduce in this paper a novel and declarative way to specify privacy goals, called α-β privacy, and relate it to static equivalence. This new approach is based on specifying two...... formulae α and β in first-order logic with Herbrand universes, where α reflects the intentionally released information and β includes the actual cryptographic (“technical”) messages the intruder can see. Then α-β privacy means that the intruder cannot derive any “non-technical” statement from β that he...

Risk-Based Models for Managing Data Privacy in Healthcare

Science.gov (United States)

AL Faresi, Ahmed

2011-01-01

Current research in health care lacks a systematic investigation to identify and classify various sources of threats to information privacy when sharing health data. Identifying and classifying such threats would enable the development of effective information security risk monitoring and management policies. In this research I put the first step…

iCrowd: agent-based behavior modeling and crowd simulator

Science.gov (United States)

Kountouriotis, Vassilios I.; Paterakis, Manolis; Thomopoulos, Stelios C. A.

2016-05-01

Initially designed in the context of the TASS (Total Airport Security System) FP-7 project, the Crowd Simulation platform developed by the Integrated Systems Lab of the Institute of Informatics and Telecommunications at N.C.S.R. Demokritos, has evolved into a complete domain-independent agent-based behavior simulator with an emphasis on crowd behavior and building evacuation simulation. Under continuous development, it reflects an effort to implement a modern, multithreaded, data-oriented simulation engine employing latest state-of-the-art programming technologies and paradigms. It is based on an extensible architecture that separates core services from the individual layers of agent behavior, offering a concrete simulation kernel designed for high-performance and stability. Its primary goal is to deliver an abstract platform to facilitate implementation of several Agent-Based Simulation solutions with applicability in several domains of knowledge, such as: (i) Crowd behavior simulation during [in/out] door evacuation. (ii) Non-Player Character AI for Game-oriented applications and Gamification activities. (iii) Vessel traffic modeling and simulation for Maritime Security and Surveillance applications. (iv) Urban and Highway Traffic and Transportation Simulations. (v) Social Behavior Simulation and Modeling.

Privacy, professionalism and Facebook: a dilemma for young doctors.

Science.gov (United States)

MacDonald, Joanna; Sohn, Sangsu; Ellis, Pete

2010-08-01

This study aimed to examine the nature and extent of use of the social networking service Facebook by young medical graduates, and their utilisation of privacy options. We carried out a cross-sectional survey of the use of Facebook by recent medical graduates, accessing material potentially available to a wider public. Data were then categorised and analysed. Survey subjects were 338 doctors who had graduated from the University of Otago in 2006 and 2007 and were registered with the Medical Council of New Zealand. Main outcome measures were Facebook membership, utilisation of privacy options, and the nature and extent of the material revealed. A total of 220 (65%) graduates had Facebook accounts; 138 (63%) of these had activated their privacy options, restricting their information to 'Friends'. Of the remaining 82 accounts that were more publicly available, 30 (37%) revealed users' sexual orientation, 13 (16%) revealed their religious views, 35 (43%) indicated their relationship status, 38 (46%) showed photographs of the users drinking alcohol, eight (10%) showed images of the users intoxicated and 37 (45%) showed photographs of the users engaged in healthy behaviours. A total of 54 (66%) members had used their accounts within the last week, indicating active use. Young doctors are active members of Facebook. A quarter of the doctors in our survey sample did not use the privacy options, rendering the information they revealed readily available to a wider public. This information, although it included some healthy behaviours, also revealed personal information that might cause distress to patients or alter the professional boundary between patient and practitioner, as well as information that could bring the profession into disrepute (e.g. belonging to groups like 'Perverts united'). Educators and regulators need to consider how best to advise students and doctors on societal changes in the concepts of what is public and what is private.

A Formal Study of the Privacy Concerns in Biometric-Based Remote Authentication Schemes

NARCIS (Netherlands)

Tang, Qiang; Bringer, Julien; Chabanne, Hervé; Pointcheval, David; Chen, L.; Mu, Y.; Susilo, W.

With their increasing popularity in cryptosystems, biometrics have attracted more and more attention from the information security community. However, how to handle the relevant privacy concerns remains to be troublesome. In this paper, we propose a novel security model to formalize the privacy

Privacy preserving interactive record linkage (PPIRL).

Science.gov (United States)

Kum, Hye-Chung; Krishnamurthy, Ashok; Machanavajjhala, Ashwin; Reiter, Michael K; Ahalt, Stanley

2014-01-01

Record linkage to integrate uncoordinated databases is critical in biomedical research using Big Data. Balancing privacy protection against the need for high quality record linkage requires a human-machine hybrid system to safely manage uncertainty in the ever changing streams of chaotic Big Data. In the computer science literature, private record linkage is the most published area. It investigates how to apply a known linkage function safely when linking two tables. However, in practice, the linkage function is rarely known. Thus, there are many data linkage centers whose main role is to be the trusted third party to determine the linkage function manually and link data for research via a master population list for a designated region. Recently, a more flexible computerized third-party linkage platform, Secure Decoupled Linkage (SDLink), has been proposed based on: (1) decoupling data via encryption, (2) obfuscation via chaffing (adding fake data) and universe manipulation; and (3) minimum information disclosure via recoding. We synthesize this literature to formalize a new framework for privacy preserving interactive record linkage (PPIRL) with tractable privacy and utility properties and then analyze the literature using this framework. Human-based third-party linkage centers for privacy preserving record linkage are the accepted norm internationally. We find that a computer-based third-party platform that can precisely control the information disclosed at the micro level and allow frequent human interaction during the linkage process, is an effective human-machine hybrid system that significantly improves on the linkage center model both in terms of privacy and utility.

Students' goal orientations, information processing strategies and knowledge development in competence-based pre-vocational secondary education

NARCIS (Netherlands)

Koopman, M.

2010-01-01

In this study, learning processes of students in competence-based Pre-Vocational Secondary Education (PVSE; in Dutch vmbo) were investigated. The study aimed at describing the relation between goal orientations, information processing strategies and the development of knowledge of these students.

Balancing Health Information Exchange and Privacy Governance from a Patient-Centred Connected Health and Telehealth Perspective.

Science.gov (United States)

Kuziemsky, Craig E; Gogia, Shashi B; Househ, Mowafa; Petersen, Carolyn; Basu, Arindam

2018-04-22

 Connected healthcare is an essential part of patient-centred care delivery. Technology such as telehealth is a critical part of connected healthcare. However, exchanging health information brings the risk of privacy issues. To better manage privacy risks we first need to understand the different patterns of patient-centred care in order to tailor solutions to address privacy risks.  Drawing upon published literature, we develop a business model to enable patient-centred care via telehealth. The model identifies three patient-centred connected health patterns. We then use the patterns to analyse potential privacy risks and possible solutions from different types of telehealth delivery.  Connected healthcare raises the risk of unwarranted access to health data and related invasion of privacy. However, the risk and extent of privacy issues differ according to the pattern of patient-centred care delivery and the type of particular challenge as they enable the highest degree of connectivity and thus the greatest potential for privacy breaches.  Privacy issues are a major concern in telehealth systems and patients, providers, and administrators need to be aware of these privacy issues and have guidance on how to manage them. This paper integrates patient-centred connected health care, telehealth, and privacy risks to provide an understanding of how risks vary across different patterns of patient-centred connected health and different types of telehealth delivery. Georg Thieme Verlag KG Stuttgart.

Agent-based simulation of a financial market

Science.gov (United States)

Raberto, Marco; Cincotti, Silvano; Focardi, Sergio M.; Marchesi, Michele

2001-10-01

This paper introduces an agent-based artificial financial market in which heterogeneous agents trade one single asset through a realistic trading mechanism for price formation. Agents are initially endowed with a finite amount of cash and a given finite portfolio of assets. There is no money-creation process; the total available cash is conserved in time. In each period, agents make random buy and sell decisions that are constrained by available resources, subject to clustering, and dependent on the volatility of previous periods. The model proposed herein is able to reproduce the leptokurtic shape of the probability density of log price returns and the clustering of volatility. Implemented using extreme programming and object-oriented technology, the simulator is a flexible computational experimental facility that can find applications in both academic and industrial research projects.

17 CFR 160.6 - Information to be included in privacy notices.

Science.gov (United States)

2010-04-01

... future to disclose, but to whom you do not currently disclose, nonpublic personal information. (f) Model... privacy notices. 160.6 Section 160.6 Commodity and Securities Exchanges COMMODITY FUTURES TRADING... that you make disclosures to other nonaffiliated companies: (1) For your everyday business purposes...

75 FR 19942 - Information Privacy and Innovation in the Internet Economy

Science.gov (United States)

2010-04-16

...The National Telecommunications and Information Administration (NTIA) and the International Trade Administration (ITA), on behalf of the U.S. Department of Commerce (Department), will hold a public meeting on May 7, 2010, to discuss the nexus between privacy policy and innovation in the Internet economy.

The privacy concerns in location based services: protection approaches and remaining challenges

OpenAIRE

Basiri, Anahid; Moore, Terry; Hill, Chris

2016-01-01

Despite the growth in the developments of the Location Based Services (LBS) applications, there are still several challenges remaining. One of the most important concerns about LBS, shared by many users and service providers is the privacy. Privacy has been considered as a big threat to the adoption of LBS among many users and consequently to the growth of LBS markets. This paper discusses the privacy concerns associated with location data, and the current privacy protection approaches. It re...

Preserving Employee Privacy in Wellness.

Science.gov (United States)

Terry, Paul E

2017-07-01

The proposed "Preserving Employee Wellness Programs Act" states that the collection of information about the manifested disease or disorder of a family member shall not be considered an unlawful acquisition of genetic information. The bill recognizes employee privacy protections that are already in place and includes specific language relating to nondiscrimination based on illness. Why did legislation expressly intending to "preserve wellness programs" generate such antipathy about wellness among journalists? This article argues that those who are committed to preserving employee wellness must be equally committed to preserving employee privacy. Related to this, we should better parse between discussions and rules about commonplace health screenings versus much less common genetic testing.

Towards Territorial Privacy in Smart Environments

NARCIS (Netherlands)

Könings, Bastian; Schaub, Florian; Weber, M.; Kargl, Frank

Territorial privacy is an old concept for privacy of the personal space dating back to the 19th century. Despite its former relevance, territorial privacy has been neglected in recent years, while privacy research and legislation mainly focused on the issue of information privacy. However, with the

Inference-Based Similarity Search in Randomized Montgomery Domains for Privacy-Preserving Biometric Identification.

Science.gov (United States)

Wang, Yi; Wan, Jianwu; Guo, Jun; Cheung, Yiu-Ming; C Yuen, Pong

2017-07-14

Similarity search is essential to many important applications and often involves searching at scale on high-dimensional data based on their similarity to a query. In biometric applications, recent vulnerability studies have shown that adversarial machine learning can compromise biometric recognition systems by exploiting the biometric similarity information. Existing methods for biometric privacy protection are in general based on pairwise matching of secured biometric templates and have inherent limitations in search efficiency and scalability. In this paper, we propose an inference-based framework for privacy-preserving similarity search in Hamming space. Our approach builds on an obfuscated distance measure that can conceal Hamming distance in a dynamic interval. Such a mechanism enables us to systematically design statistically reliable methods for retrieving most likely candidates without knowing the exact distance values. We further propose to apply Montgomery multiplication for generating search indexes that can withstand adversarial similarity analysis, and show that information leakage in randomized Montgomery domains can be made negligibly small. Our experiments on public biometric datasets demonstrate that the inference-based approach can achieve a search accuracy close to the best performance possible with secure computation methods, but the associated cost is reduced by orders of magnitude compared to cryptographic primitives.

17 CFR 248.6 - Information to be included in privacy notices.

Science.gov (United States)

2010-04-01

... examples to illustrate the types of third parties in each category: (i) Financial service providers; (ii) Non-financial companies; and (iii) Others. (4) Disclosures under exception for service providers and... (CONTINUED) REGULATIONS S-P AND S-AM Regulation S-P: Privacy of Consumer Financial Information and...

Customer privacy on UK healthcare websites.

Science.gov (United States)

Mundy, Darren P

2006-09-01

Privacy has been and continues to be one of the key challenges of an age devoted to the accumulation, processing, and mining of electronic information. In particular, privacy of healthcare-related information is seen as a key issue as health organizations move towards the electronic provision of services. The aim of the research detailed in this paper has been to analyse privacy policies on popular UK healthcare-related websites to determine the extent to which consumer privacy is protected. The author has combined approaches (such as approaches focused on usability, policy content, and policy quality) used in studies by other researchers on e-commerce and US healthcare websites to provide a comprehensive analysis of UK healthcare privacy policies. The author identifies a wide range of issues related to the protection of consumer privacy through his research analysis using quantitative results. The main outcomes from the author's research are that only 61% of healthcare-related websites in their sample group posted privacy policies. In addition, most of the posted privacy policies had poor readability standards and included a variety of privacy vulnerability statements. Overall, the author's findings represent significant current issues in relation to healthcare information protection on the Internet. The hope is that raising awareness of these results will drive forward changes in the industry, similar to those experienced with information quality.

Biometric features and privacy : condemned, based upon your finger print

NARCIS (Netherlands)

Bullee, Jan-Willem; Veldhuis, Raymond N.J.

What information is available in biometric features besides that needed for the biometric recognition process? What if a biometric feature contains Personally Identifiable Information? Will the whole biometric system become a threat to privacy? This paper is an attempt to quantifiy the link between

The Genetic Privacy Act and commentary

Energy Technology Data Exchange (ETDEWEB)

Annas, G.J.; Glantz, L.H.; Roche, P.A.

1995-02-28

The Genetic Privacy Act is a proposal for federal legislation. The Act is based on the premise that genetic information is different from other types of personal information in ways that require special protection. The DNA molecule holds an extensive amount of currently indecipherable information. The major goal of the Human Genome Project is to decipher this code so that the information it contains is accessible. The privacy question is, accessible to whom? The highly personal nature of the information contained in DNA can be illustrated by thinking of DNA as containing an individual`s {open_quotes}future diary.{close_quotes} A diary is perhaps the most personal and private document a person can create. It contains a person`s innermost thoughts and perceptions, and is usually hidden and locked to assure its secrecy. Diaries describe the past. The information in one`s genetic code can be thought of as a coded probabilistic future diary because it describes an important part of a unique and personal future. This document presents an introduction to the proposal for federal legislation `the Genetic Privacy Act`; a copy of the proposed act; and comment.

Cancer surveillance and information: balancing public health with privacy and confidentiality concerns (United States).

Science.gov (United States)

Deapen, Dennis

2006-06-01

Rapid advances in informatics and communication technologies are greatly expanding the capacity for information capture and transportation. While these tools can be used for great good, they also offer new opportunities for those who seek to obtain and use information for improper purposes. While issues related to identity theft for financial gain garner the most attention, protection of privacy in public health endeavors such as cancer surveillance is also a significant concern. Some efforts to protect health-related information have had unintended consequences detrimental to health research and public health practice. Achieving a proper balance between measures to protect privacy and the ability to guard and improve public health requires careful consideration and development of appropriate policies, regulations and use of technology.

Realizing IoT service's policy privacy over publish/subscribe-based middleware.

Science.gov (United States)

Duan, Li; Zhang, Yang; Chen, Shiping; Wang, Shiyao; Cheng, Bo; Chen, Junliang

2016-01-01

The publish/subscribe paradigm makes IoT service collaborations more scalable and flexible, due to the space, time and control decoupling of event producers and consumers. Thus, the paradigm can be used to establish large-scale IoT service communication infrastructures such as Supervisory Control and Data Acquisition systems. However, preserving IoT service's policy privacy is difficult in this paradigm, because a classical publisher has little control of its own event after being published; and a subscriber has to accept all the events from the subscribed event type with no choice. Few existing publish/subscribe middleware have built-in mechanisms to address the above issues. In this paper, we present a novel access control framework, which is capable of preserving IoT service's policy privacy. In particular, we adopt the publish/subscribe paradigm as the IoT service communication infrastructure to facilitate the protection of IoT services policy privacy. The key idea in our policy-privacy solution is using a two-layer cooperating method to match bi-directional privacy control requirements: (a) data layer for protecting IoT events; and (b) application layer for preserving the privacy of service policy. Furthermore, the anonymous-set-based principle is adopted to realize the functionalities of the framework, including policy embedding and policy encoding as well as policy matching. Our security analysis shows that the policy privacy framework is Chosen-Plaintext Attack secure. We extend the open source Apache ActiveMQ broker by building into a policy-based authorization mechanism to enforce the privacy policy. The performance evaluation results indicate that our approach is scalable with reasonable overheads.

Business Information Exchange System with Security, Privacy, and Anonymity

Directory of Open Access Journals (Sweden)

Sead Muftic

2016-01-01

Full Text Available Business Information Exchange is an Internet Secure Portal for secure management, distribution, sharing, and use of business e-mails, documents, and messages. It has three applications supporting three major types of information exchange systems: secure e-mail, secure instant messaging, and secure sharing of business documents. In addition to standard security services for e-mail letters, which are also applied to instant messages and documents, the system provides innovative features of privacy and full anonymity of users and their locations, actions, transactions, and exchanged resources. In this paper we describe design, implementation, and use of the system.

What was privacy?

Science.gov (United States)

McCreary, Lew

2008-10-01

Why is that question in the past tense? Because individuals can no longer feel confident that the details of their lives--from identifying numbers to cultural preferences--will be treated with discretion rather than exploited. Even as Facebook users happily share the names of their favorite books, movies, songs, and brands, they often regard marketers' use of that information as an invasion of privacy. In this wide-ranging essay, McCreary, a senior editor at HBR, examines numerous facets of the privacy issue, from Google searches, public shaming on the internet, and cell phone etiquette to passenger screening devices, public surveillance cameras, and corporate chief privacy officers. He notes that IBM has been a leader on privacy; its policy forswearing the use of employees' genetic information in hiring and benefits decisions predated the federal Genetic Information Nondiscrimination Act by three years. Now IBM is involved in an open-source project known as Higgins to provide users with transportable, potentially anonymous online presences. Craigslist, whose CEO calls it "as close to 100% user driven as you can get," has taken an extremely conservative position on privacy--perhaps easier for a company with a declared lack of interest in maximizing revenue. But TJX and other corporate victims of security breaches have discovered that retaining consumers' transaction information can be both costly and risky. Companies that underestimate the importance of privacy to their customers or fail to protect it may eventually face harsh regulation, reputational damage, or both. The best thing they can do, says the author, is negotiate directly with those customers over where to draw the line.

Methods for Model-Based Reasoning within Agent-Based Ambient Intelligence Applications

NARCIS (Netherlands)

Bosse, T.; Both, F.; Gerritsen, C.; Hoogendoorn, M.; Treur, J.

2012-01-01

Within agent-based Ambient Intelligence applications agents react to humans based on information obtained by sensoring and their knowledge about human functioning. Appropriate types of reactions depend on the extent to which an agent understands the human and is able to interpret the available

VCC-SSF: Service-Oriented Security Framework for Vehicular Cloud Computing

Directory of Open Access Journals (Sweden)

Won Min Kang

2015-02-01

Full Text Available Recently, as vehicle computing technology has advanced, the paradigm of the vehicle has changed from a simple means of transportation to a smart vehicle for safety and convenience. In addition, the previous functions of the Intelligent Transportation System (ITS such as traffic accident prevention and providing traffic volume information have been combined with cloud computing. ITS services provide user-oriented broad services in the Vehicular Cloud Computing (VCC environment through efficient traffic management, traffic accident prevention, and convenience services. However, existing vehicle services focus on providing services using sensing information inside the vehicle and the system to provide the service through an interface with the external infrastructure is insufficient. In addition, because wireless networks are used in VCC environments, there is a risk of important information leakage from sensors inside the vehicle, such as driver personal identification and payment information at the time of goods purchase. We propose the VCC Service-oriented Security Framework (VCC-SSF to address the limitations and security threats of VCC-based services. The proposed framework considers security for convenient and efficient services of VCC and includes new user-oriented payment management and active accident management services. Furthermore, it provides authentication, encryption, access control, confidentiality, integrity, and privacy protection for user personal information and information inside the vehicle.

75 FR 32372 - Information Privacy and Innovation in the Internet Economy

Science.gov (United States)

2010-06-08

.... 100402174-0238-02] RIN 0660-XA12 Information Privacy and Innovation in the Internet Economy AGENCY: National... Internet economy.\\1\\ In addition, the Department announced the formation of a Commerce-wide Internet Policy... Internet Economy, Launches Internet Policy Task Force, Department of Commerce Press Release (April 21, 2010...

Crowdsourcing for Context: Regarding Privacy in Beacon Encounters via Contextual Integrity

Directory of Open Access Journals (Sweden)

Bello-Ogunu Emmanuel

2016-07-01

Full Text Available Research shows that context is important to the privacy perceptions associated with technology. With Bluetooth Low Energy beacons, one of the latest technologies for providing proximity and indoor tracking, the current identifiers that characterize a beacon are not sufficient for ordinary users to make informed privacy decisions about the location information that could be shared. One solution would be to have standardized category and privacy labels, produced by beacon providers or an independent third-party. An alternative solution is to find an approach driven by users, for users. In this paper, we propose a novel crowdsourcing based approach to introduce elements of context in beacon encounters.We demonstrate the effectiveness of this approach through a user study, where participants use a crowd-based mobile app designed to collect beacon category and privacy information as a scavenger hunt game. Results show that our approach was effective in helping users label beacons according to the specific context of a given beacon encounter, as well as the privacy perceptions associated with it. This labeling was done with an accuracy of 92%, and with an acceptance rate of 82% of all recommended crowd labels. Lastly, we conclusively show how crowdsourcing for context can be used towards a user-centric framework for privacy management during beacon encounters.

SmartPrivacy for the smart grid : embedding privacy into the design of electricity conservation

Energy Technology Data Exchange (ETDEWEB)

Cavoukian, A. [Ontario Information and Privacy Commissioner, Toronto, ON (Canada); Polonetsky, J.; Wolf, C. [Future of Privacy Forum, Washington, DC (United States)

2009-11-15

Modernization efforts are underway to make the current electrical grid smarter. The future of the Smart Grid will be capable of informing consumers of their day-to-day energy use, curbing greenhouse gas emissions, and reducing consumers' energy bills. However, the Smart Grid also brings with it the possibility of collecting detailed information on individual energy consumption use and patterns within peoples' homes. This paper discussed the Smart Grid and its benefits, as well as the questions that should be examined regarding privacy. The paper also outlined the concept of SmartPrivacy and discussed its application to the Smart Grid scenario. Privacy by design foundational principles and Smart Grid components were also presented in an appendix. It was concluded that the information collected on a Smart Grid will form a library of personal information. The mishandling of this information could be extremely invasive of consumer privacy. 46 refs., 1 fig., 2 appendices.

A Model-Based Privacy Compliance Checker

OpenAIRE

Siani Pearson; Damien Allison

2009-01-01

Increasingly, e-business organisations are coming under pressure to be compliant to a range of privacy legislation, policies and best practice. There is a clear need for high-level management and administrators to be able to assess in a dynamic, customisable way the degree to which their enterprise complies with these. We outline a solution to this problem in the form of a model-driven automated privacy process analysis and configuration checking system. This system models privacy compliance ...

Gender and online privacy among teens: risk perception, privacy concerns, and protection behaviors.

Science.gov (United States)

Youn, Seounmi; Hall, Kimberly

2008-12-01

Survey data from 395 high school students revealed that girls perceive more privacy risks and have a higher level of privacy concerns than boys. Regarding privacy protection behaviors, boys tended to read unsolicited e-mail and register for Web sites while directly sending complaints in response to unsolicited e-mail. This study found girls to provide inaccurate information as their privacy concerns increased. Boys, however, refrained from registering to Web sites as their concerns increased.

76 FR 59073 - Privacy Act

Science.gov (United States)

2011-09-23

... CENTRAL INTELLIGENCE AGENCY 32 CFR Part 1901 Privacy Act AGENCY: Central Intelligence Agency. ACTION: Proposed rule. SUMMARY: Consistent with the Privacy Act (PA), the Central Intelligence Agency...-1379. SUPPLEMENTARY INFORMATION: Consistent with the Privacy Act (PA), the CIA has undertaken and...

New threats to health data privacy.

Science.gov (United States)

Li, Fengjun; Zou, Xukai; Liu, Peng; Chen, Jake Y

2011-11-24

Along with the rapid digitalization of health data (e.g. Electronic Health Records), there is an increasing concern on maintaining data privacy while garnering the benefits, especially when the data are required to be published for secondary use. Most of the current research on protecting health data privacy is centered around data de-identification and data anonymization, which removes the identifiable information from the published health data to prevent an adversary from reasoning about the privacy of the patients. However, published health data is not the only source that the adversaries can count on: with a large amount of information that people voluntarily share on the Web, sophisticated attacks that join disparate information pieces from multiple sources against health data privacy become practical. Limited efforts have been devoted to studying these attacks yet. We study how patient privacy could be compromised with the help of today's information technologies. In particular, we show that private healthcare information could be collected by aggregating and associating disparate pieces of information from multiple online data sources including online social networks, public records and search engine results. We demonstrate a real-world case study to show user identity and privacy are highly vulnerable to the attribution, inference and aggregation attacks. We also show that people are highly identifiable to adversaries even with inaccurate information pieces about the target, with real data analysis. We claim that too much information has been made available electronic and available online that people are very vulnerable without effective privacy protection.

New threats to health data privacy

Directory of Open Access Journals (Sweden)

Li Fengjun

2011-11-01

Full Text Available Abstract Background Along with the rapid digitalization of health data (e.g. Electronic Health Records, there is an increasing concern on maintaining data privacy while garnering the benefits, especially when the data are required to be published for secondary use. Most of the current research on protecting health data privacy is centered around data de-identification and data anonymization, which removes the identifiable information from the published health data to prevent an adversary from reasoning about the privacy of the patients. However, published health data is not the only source that the adversaries can count on: with a large amount of information that people voluntarily share on the Web, sophisticated attacks that join disparate information pieces from multiple sources against health data privacy become practical. Limited efforts have been devoted to studying these attacks yet. Results We study how patient privacy could be compromised with the help of today’s information technologies. In particular, we show that private healthcare information could be collected by aggregating and associating disparate pieces of information from multiple online data sources including online social networks, public records and search engine results. We demonstrate a real-world case study to show user identity and privacy are highly vulnerable to the attribution, inference and aggregation attacks. We also show that people are highly identifiable to adversaries even with inaccurate information pieces about the target, with real data analysis. Conclusion We claim that too much information has been made available electronic and available online that people are very vulnerable without effective privacy protection.

Privacy and policy for genetic research.

Science.gov (United States)

DeCew, Judith Wagner

2004-01-01

I begin with a discussion of the value of privacy and what we lose without it. I then turn to the difficulties of preserving privacy for genetic information and other medical records in the face of advanced information technology. I suggest three alternative public policy approaches to the problem of protecting individual privacy and also preserving databases for genetic research: (1) governmental guidelines and centralized databases, (2) corporate self-regulation, and (3) my hybrid approach. None of these are unproblematic; I discuss strengths and drawbacks of each, emphasizing the importance of protecting the privacy of sensitive medical and genetic information as well as letting information technology flourish to aid patient care, public health and scientific research.

Efficiency and Privacy Enhancement for a Track and Trace System of RFID-Based Supply Chains

Directory of Open Access Journals (Sweden)

Xunjun Chen

2015-06-01

Full Text Available One of the major applications of Radio Frequency Identification (RFID technology is in supply chain management as it promises to provide real-time visibility based on the function of track and trace. However, such an RFID-based track and trace system raises new security and privacy challenges due to the restricted resource of tags. In this paper, we refine three privacy related models (i.e., the privacy, path unlinkability, and tag unlinkability of RFID-based track and trace systems, and clarify the relations among these privacy models. Specifically, we have proven that privacy is equivalent to path unlinkability and tag unlinkability implies privacy. Our results simplify the privacy concept and protocol design for RFID-based track and trace systems. Furthermore, we propose an efficient track and trace scheme, Tracker+, which allows for authentic and private identification of RFID-tagged objects in supply chains. In the Tracker+, no computational ability is required for tags, but only a few bytes of storage (such as EPC Class 1 Gen 2 tags are needed to store the tag state. Indeed, Tracker+ reduces the memory requirements for each tag by one group element compared to the Tracker presented in other literature. Moreover, Tracker+ provides privacy against supply chain inside attacks.

Analysis of the security and privacy requirements of cloud-based electronic health records systems.

Science.gov (United States)

Rodrigues, Joel J P C; de la Torre, Isabel; Fernández, Gonzalo; López-Coronado, Miguel

2013-08-21

The Cloud Computing paradigm offers eHealth systems the opportunity to enhance the features and functionality that they offer. However, moving patients' medical information to the Cloud implies several risks in terms of the security and privacy of sensitive health records. In this paper, the risks of hosting Electronic Health Records (EHRs) on the servers of third-party Cloud service providers are reviewed. To protect the confidentiality of patient information and facilitate the process, some suggestions for health care providers are made. Moreover, security issues that Cloud service providers should address in their platforms are considered. To show that, before moving patient health records to the Cloud, security and privacy concerns must be considered by both health care providers and Cloud service providers. Security requirements of a generic Cloud service provider are analyzed. To study the latest in Cloud-based computing solutions, bibliographic material was obtained mainly from Medline sources. Furthermore, direct contact was made with several Cloud service providers. Some of the security issues that should be considered by both Cloud service providers and their health care customers are role-based access, network security mechanisms, data encryption, digital signatures, and access monitoring. Furthermore, to guarantee the safety of the information and comply with privacy policies, the Cloud service provider must be compliant with various certifications and third-party requirements, such as SAS70 Type II, PCI DSS Level 1, ISO 27001, and the US Federal Information Security Management Act (FISMA). Storing sensitive information such as EHRs in the Cloud means that precautions must be taken to ensure the safety and confidentiality of the data. A relationship built on trust with the Cloud service provider is essential to ensure a transparent process. Cloud service providers must make certain that all security mechanisms are in place to avoid unauthorized access

Extended Privacy in Crowdsourced Location-Based Services Using Mobile Cloud Computing

Directory of Open Access Journals (Sweden)

Jacques Bou Abdo

2016-01-01

Full Text Available Crowdsourcing mobile applications are of increasing importance due to their suitability in providing personalized and better matching replies. The competitive edge of crowdsourcing is twofold; the requestors can achieve better and/or cheaper responses while the crowd contributors can achieve extra money by utilizing their free time or resources. Crowdsourcing location-based services inherit the querying mechanism from their legacy predecessors and this is where the threat lies. In this paper, we are going to show that none of the advanced privacy notions found in the literature except for K-anonymity is suitable for crowdsourced location-based services. In addition, we are going to prove mathematically, using an attack we developed, that K-anonymity does not satisfy the privacy level needed by such services. To respond to this emerging threat, we will propose a new concept, totally different from existing resource consuming privacy notions, to handle user privacy using Mobile Cloud Computing.

Model-based Assessment for Balancing Privacy Requirements and Operational Capabilities

Energy Technology Data Exchange (ETDEWEB)

Knirsch, Fabian [Salzburg Univ. (Austria); Engel, Dominik [Salzburg Univ. (Austria); Frincu, Marc [Univ. of Southern California, Los Angeles, CA (United States); Prasanna, Viktor [Univ. of Southern California, Los Angeles, CA (United States)

2015-02-17

The smart grid changes the way energy is produced and distributed. In addition both, energy and information is exchanged bidirectionally among participating parties. Therefore heterogeneous systems have to cooperate effectively in order to achieve a common high-level use case, such as smart metering for billing or demand response for load curtailment. Furthermore, a substantial amount of personal data is often needed for achieving that goal. Capturing and processing personal data in the smart grid increases customer concerns about privacy and in addition, certain statutory and operational requirements regarding privacy aware data processing and storage have to be met. An increase of privacy constraints, however, often limits the operational capabilities of the system. In this paper, we present an approach that automates the process of finding an optimal balance between privacy requirements and operational requirements in a smart grid use case and application scenario. This is achieved by formally describing use cases in an abstract model and by finding an algorithm that determines the optimum balance by forward mapping privacy and operational impacts. For this optimal balancing algorithm both, a numeric approximation and – if feasible – an analytic assessment are presented and investigated. The system is evaluated by applying the tool to a real-world use case from the University of Southern California (USC) microgrid.

Privacy implications of location and contextual data on the social web

OpenAIRE

Zafeiropoulou, Aristea-Maria; Millard, David; Webber, Craig; O'Hara, Kieron

2011-01-01

Location-based applications have recently begun to emerge on the Social Web. After their appearance numerous concerns with regards to location privacy have been provoked. However, these privacy concerns seem to have effects beyond location, as other contextual information can be inferred through location information. This research addresses these implications, which keep on growing on the Social Web.

Virtue, Privacy and Self-Determination

DEFF Research Database (Denmark)

Stamatellos, Giannis

2011-01-01

The ethical problem of privacy lies at the core of computer ethics and cyber ethics discussions. The extensive use of personal data in digital networks poses a serious threat to the user’s right of privacy not only at the level of a user’s data integrity and security but also at the level of a user......’s identity and freedom. In normative ethical theory the need for an informational self-deterministic approach of privacy is stressed with greater emphasis on the control over personal data. However, scant attention has been paid on a virtue ethics approach of information privacy. Plotinus’ discussion of self......-determination is related to ethical virtue, human freedom and intellectual autonomy. The Plotinian virtue ethics approach of self-determination is not primarily related to the sphere of moral action, but to the quality of the self prior to moral practice. In this paper, it is argued that the problem of information privacy...

Privacy in domestic environments

OpenAIRE

Radics, Peter J; Gracanin, Denis

2011-01-01

non-peer-reviewed While there is a growing body of research on privacy,most of the work puts the focus on information privacy. Physical and psychological privacy issues receive little to no attention. However, the introduction of technology into our lives can cause problems with regard to these aspects of privacy. This is especially true when it comes to our homes, both as nodes of our social life and places for relaxation. This paper presents the results of a study intended to captu...

Privacy in an Ambient World

NARCIS (Netherlands)

Dekker, M.A.C.; Etalle, Sandro; den Hartog, Jeremy

Privacy is a prime concern in today's information society. To protect the privacy of individuals, enterprises must follow certain privacy practices, while collecting or processing personal data. In this chapter we look at the setting where an enterprise collects private data on its website,

Efficient privacy-enhanced familiarity-based recommender system

NARCIS (Netherlands)

Jeckmans, Arjan; Peter, Andreas; Hartel, Pieter H.

Recommender systems can help users to find interesting content, often based on similarity with other users. However, studies have shown that in some cases familiarity gives comparable results to similarity. Using familiarity has the added bonus of increasing privacy between users and utilizing a

MODEL REGULATION FOR DATA PRIVACY IN THE APPLICATION OF BIOMETRIC SMART CARD

Directory of Open Access Journals (Sweden)

Sinta Dewi

2017-03-01

This article will explore data privacy model regulation which is intended to regulate and protect  data privacy. This  regulatory model  combining several approaches in managing data privacy, especially in using biometric smardcard. Firstly, through laws that enforces the principles and international standards. Secondly, through the market approach (market-based solution which is derived through industry associations to help protect consumer data privacy by applying privacy policy in the form of a statement that the industry will protect consumers' privacy by implementing fair information principles. Third, through technological approach such as PET's (privacy enchasing technology,  i.e the techniques for anonymous and pseudo-anonymous payment, communication, and web access. Fourthly, through corporate privacy rules.

FIPA agent based network distributed control system

Energy Technology Data Exchange (ETDEWEB)

D. Abbott; V. Gyurjyan; G. Heyes; E. Jastrzembski; C. Timmer; E. Wolin

2003-03-01

A control system with the capabilities to combine heterogeneous control systems or processes into a uniform homogeneous environment is discussed. This dynamically extensible system is an example of the software system at the agent level of abstraction. This level of abstraction considers agents as atomic entities that communicate to implement the functionality of the control system. Agents' engineering aspects are addressed by adopting the domain independent software standard, formulated by FIPA. Jade core Java classes are used as a FIPA specification implementation. A special, lightweight, XML RDFS based, control oriented, ontology markup language is developed to standardize the description of the arbitrary control system data processor. Control processes, described in this language, are integrated into the global system at runtime, without actual programming. Fault tolerance and recovery issues are also addressed.

FIPA agent based network distributed control system

International Nuclear Information System (INIS)

Abbott, D.; Gyurjyan, V.; Heyes, G.; Jastrzembski, E.; Timmer, C.; Wolin, E.

2003-01-01

A control system with the capabilities to combine heterogeneous control systems or processes into a uniform homogeneous environment is discussed. This dynamically extensible system is an example of the software system at the agent level of abstraction. This level of abstraction considers agents as atomic entities that communicate to implement the functionality of the control system. Agents' engineering aspects are addressed by adopting the domain independent software standard, formulated by FIPA. Jade core Java classes are used as a FIPA specification implementation. A special, lightweight, XML RDFS based, control oriented, ontology markup language is developed to standardize the description of the arbitrary control system data processor. Control processes, described in this language, are integrated into the global system at runtime, without actual programming. Fault tolerance and recovery issues are also addressed

Open Government Leads To The Abolition Of The Right To The Informational Privacy: An Invitation To Discussion

Directory of Open Access Journals (Sweden)

Tetiana Korshun

2017-12-01

Full Text Available The main thesis of the article is that informational privacy slows down the progress in many areas of science and social development. Current tendencies to open government lead us to construct a fully transparent society. And we should be ready to organize our public and private life in the absence of the informational privacy, including the most sensible areas. This transformation will influence almost every sphere of our social life. Increasing the level of tolerance, more security for private businesses, cost savings for states and individuals, the new wave in the development of the electronic services from governments and corporations, more incentives for law-changing process, the next level of social trust are the core of the transparent society after the abolition of the right to the informational privacy. But there are many more consequences that require further detailed study and research.

Analyzing User Awareness of Privacy Data Leak in Mobile Applications

Directory of Open Access Journals (Sweden)

Youngho Kim

2015-01-01

Full Text Available To overcome the resource and computing power limitation of mobile devices in Internet of Things (IoT era, a cloud computing provides an effective platform without human intervention to build a resource-oriented security solution. However, existing malware detection methods are constrained by a vague situation of information leaks. The main goal of this paper is to measure a degree of hiding intention for the mobile application (app to keep its leaking activity invisible to the user. For real-world application test, we target Android applications, which unleash user privacy data. With the TaintDroid-ported emulator, we make experiments about the timing distance between user events and privacy leaks. Our experiments with Android apps downloaded from the Google Play show that most of leak cases are driven by user explicit events or implicit user involvement which make the user aware of the leakage. Those findings can assist a malware detection system in reducing the rate of false positive by considering malicious intentions. From the experiment, we understand better about app’s internal operations as well. As a case study, we also presents a cloud-based dynamic analysis framework to perform a traffic monitor.

Institutional and Actor-Oriented Factors Constraining Expert-Based Forest Information Exchange in Europe: A Policy Analysis from an Actor-Centred Institutionalist Approach

Directory of Open Access Journals (Sweden)

Tanya Baycheva-Merger

2018-03-01

Full Text Available Adequate and accessible expert-based forest information has become increasingly in demand for effective decisions and informed policies in the forest and forest-related sectors in Europe. Such accessibility requires a collaborative environment and constant information exchange between various actors at different levels and across sectors. However, information exchange in complex policy environments is challenging, and is often constrained by various institutional, actor-oriented, and technical factors. In forest policy research, no study has yet attempted to simultaneously account for these multiple factors influencing expert-based forest information exchange. By employing a policy analysis from an actor-centred institutionalist perspective, this paper aims to provide an overview of the most salient institutional and actor-oriented factors that are perceived as constraining forest information exchange at the national level across European countries. We employ an exploratory research approach, and utilise both qualitative and quantitative methods to analyse our data. The data was collected through a semi-structured survey targeted at forest and forest-related composite actors in 21 European countries. The results revealed that expert-based forest information exchange is constrained by a number of compound and closely interlinked institutional and actor-oriented factors, reflecting the complex interplay of institutions and actors at the national level. The most salient institutional factors that stand out include restrictive or ambiguous data protection policies, inter-organisational information arrangements, different organisational cultures, and a lack of incentives. Forest information exchange becomes even more complex when actors are confronted with actor-oriented factors such as issues of distrust, diverging preferences and perceptions, intellectual property rights, and technical capabilities. We conclude that expert-based forest information

Cloud Privacy Audit Framework: A Value-Based Design

Science.gov (United States)

Coss, David Lewis

2013-01-01

The rapid expansion of cloud technology provides enormous capacity, which allows for the collection, dissemination and re-identification of personal information. It is the cloud's resource capabilities such as these that fuel the concern for privacy. The impetus of these concerns are not to far removed from those expressed by Mason in 1986…

Agent planning in AgScala

Science.gov (United States)

Tošić, Saša; Mitrović, Dejan; Ivanović, Mirjana

2013-10-01

Agent-oriented programming languages are designed to simplify the development of software agents, especially those that exhibit complex, intelligent behavior. This paper presents recent improvements of AgScala, an agent-oriented programming language based on Scala. AgScala includes declarative constructs for managing beliefs, actions and goals of intelligent agents. Combined with object-oriented and functional programming paradigms offered by Scala, it aims to be an efficient framework for developing both purely reactive, and more complex, deliberate agents. Instead of the Prolog back-end used initially, the new version of AgScala relies on Agent Planning Package, a more advanced system for automated planning and reasoning.

Privacy notice for dummies? Towards European guidelines on how to give "clear and comprehensive information" on the cookies' use in order to protect the internet users' right to online privacy

NARCIS (Netherlands)

Luzak, J.A.

2014-01-01

The reviewed ePrivacy Directive aims at ensuring internet users’ online privacy by requiring users to give informed consent to the gathering, storing, and processing of their data by internet service providers, e.g., through the cookies’ use. However, it is hardly possible to talk about an

An Agent-Based Framework for E-Commerce Information Retrieval Management Using Genetic Algorithms

Directory of Open Access Journals (Sweden)

Floarea NASTASE

2009-01-01

Full Text Available The paper addresses the issue of improving retrieval performance management for retrieval from document collections that exist on the Internet. It also comes with a solution that uses the benefits of the agent technology and genetic algorithms in the process of the information retrieving management. The most important paradigms of information retrieval are mentioned having the goal to make more evident the advantages of using the genetic algorithms based one. Within the paper, also a genetic algorithm that can be use for the proposed solution is detailed and a comparative description between the dynamic and static proposed solution is made. In the end, new future directions are shown based on elements presented in this paper. The future results look very encouraging.

Privacy Act

Science.gov (United States)

Learn about the Privacy Act of 1974, the Electronic Government Act of 2002, the Federal Information Security Management Act, and other information about the Environmental Protection Agency maintains its records.

A knowledge base architecture for distributed knowledge agents

Science.gov (United States)

Riedesel, Joel; Walls, Bryan

1990-01-01

A tuple space based object oriented model for knowledge base representation and interpretation is presented. An architecture for managing distributed knowledge agents is then implemented within the model. The general model is based upon a database implementation of a tuple space. Objects are then defined as an additional layer upon the database. The tuple space may or may not be distributed depending upon the database implementation. A language for representing knowledge and inference strategy is defined whose implementation takes advantage of the tuple space. The general model may then be instantiated in many different forms, each of which may be a distinct knowledge agent. Knowledge agents may communicate using tuple space mechanisms as in the LINDA model as well as using more well known message passing mechanisms. An implementation of the model is presented describing strategies used to keep inference tractable without giving up expressivity. An example applied to a power management and distribution network for Space Station Freedom is given.

An agent-based information management model of the Chinese pig sector

NARCIS (Netherlands)

Osinga, S.A.; Kramer, M.R.; Hofstede, G.J.; Roozmand, O.; Beulens, A.J.M.

2010-01-01

This paper investigates the effect of a selected top-down measure (what-if scenario) on actual agent behaviour and total system behaviour by means of an agent-based simulation model, when agents’ behaviour cannot fully be managed because the agents are autonomous. The Chinese pork sector serves as

Security, privacy, and confidentiality issues on the Internet.

Science.gov (United States)

Kelly, Grant; McKenzie, Bruce

2002-01-01

We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to 'sign' a message whereby the private key of an individual can be used to 'hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a 'digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers.

Privacy protection schemes for fingerprint recognition systems

Science.gov (United States)

Marasco, Emanuela; Cukic, Bojan

2015-05-01

The deployment of fingerprint recognition systems has always raised concerns related to personal privacy. A fingerprint is permanently associated with an individual and, generally, it cannot be reset if compromised in one application. Given that fingerprints are not a secret, potential misuses besides personal recognition represent privacy threats and may lead to public distrust. Privacy mechanisms control access to personal information and limit the likelihood of intrusions. In this paper, image- and feature-level schemes for privacy protection in fingerprint recognition systems are reviewed. Storing only key features of a biometric signature can reduce the likelihood of biometric data being used for unintended purposes. In biometric cryptosystems and biometric-based key release, the biometric component verifies the identity of the user, while the cryptographic key protects the communication channel. Transformation-based approaches only a transformed version of the original biometric signature is stored. Different applications can use different transforms. Matching is performed in the transformed domain which enable the preservation of low error rates. Since such templates do not reveal information about individuals, they are referred to as cancelable templates. A compromised template can be re-issued using a different transform. At image-level, de-identification schemes can remove identifiers disclosed for objectives unrelated to the original purpose, while permitting other authorized uses of personal information. Fingerprint images can be de-identified by, for example, mixing fingerprints or removing gender signature. In both cases, degradation of matching performance is minimized.

Big data privacy protection model based on multi-level trusted system

Science.gov (United States)

Zhang, Nan; Liu, Zehua; Han, Hongfeng

2018-05-01

costs at different levels. Therefore, the proposed model solves the continuous influence caused by cascading events and ensures that the disclosure of low-level data privacy of users does not affect the high-level data privacy, thus greatly improving the safety of the private information of user.

Technical Privacy Metrics: a Systematic Survey

OpenAIRE

Wagner, Isabel; Eckhoff, David

2018-01-01

The file attached to this record is the author's final peer reviewed version The goal of privacy metrics is to measure the degree of privacy enjoyed by users in a system and the amount of protection offered by privacy-enhancing technologies. In this way, privacy metrics contribute to improving user privacy in the digital world. The diversity and complexity of privacy metrics in the literature makes an informed choice of metrics challenging. As a result, instead of using existing metrics, n...

Privacy Practices of Health Social Networking Sites: Implications for Privacy and Data Security in Online Cancer Communities.

Science.gov (United States)

Charbonneau, Deborah H

2016-08-01

While online communities for social support continue to grow, little is known about the state of privacy practices of health social networking sites. This article reports on a structured content analysis of privacy policies and disclosure practices for 25 online ovarian cancer communities. All of the health social networking sites in the study sample provided privacy statements to users, yet privacy practices varied considerably across the sites. The majority of sites informed users that personal information was collected about participants and shared with third parties (96%, n = 24). Furthermore, more than half of the sites (56%, n = 14) stated that cookies technology was used to track user behaviors. Despite these disclosures, only 36% (n = 9) offered opt-out choices for sharing data with third parties. In addition, very few of the sites (28%, n = 7) allowed individuals to delete their personal information. Discussions about specific security measures used to protect personal information were largely missing. Implications for privacy, confidentiality, consumer choice, and data safety in online environments are discussed. Overall, nurses and other health professionals can utilize these findings to encourage individuals seeking online support and participating in social networking sites to build awareness of privacy risks to better protect their personal health information in the digital age.

An Effective Grouping Method for Privacy-Preserving Bike Sharing Data Publishing

Directory of Open Access Journals (Sweden)

A S M Touhidul Hasan

2017-10-01

Full Text Available Bike sharing programs are eco-friendly transportation systems that are widespread in smart city environments. In this paper, we study the problem of privacy-preserving bike sharing microdata publishing. Bike sharing systems collect visiting information along with user identity and make it public by removing the user identity. Even after excluding user identification, the published bike sharing dataset will not be protected against privacy disclosure risks. An adversary may arrange published datasets based on bike’s visiting information to breach a user’s privacy. In this paper, we propose a grouping based anonymization method to protect published bike sharing dataset from linking attacks. The proposed Grouping method ensures that the published bike sharing microdata will be protected from disclosure risks. Experimental results show that our approach can protect user privacy in the released datasets from disclosure risks and can keep more data utility compared with existing methods.

A privacy protection model to support personal privacy in relational databases.

OpenAIRE

2008-01-01

The individual of today incessantly insists on more protection of his/her personal privacy than a few years ago. During the last few years, rapid technological advances, especially in the field of information technology, directed most attention and energy to the privacy protection of the Internet user. Research was done and is still being done covering a vast area to protect the privacy of transactions performed on the Internet. However, it was established that almost no research has been don...

Through Patients' Eyes: Regulation, Technology, Privacy, and the Future.

Science.gov (United States)

Petersen, Carolyn

2018-04-22

Privacy is commonly regarded as a regulatory requirement achieved via technical and organizational management practices. Those working in the field of informatics often play a role in privacy preservation as a result of their expertise in information technology, workflow analysis, implementation science, or related skills. Viewing privacy from the perspective of patients whose protected health information is at risk broadens the considerations to include the perceived duality of privacy; the existence of privacy within a context unique to each patient; the competing needs inherent within privacy management; the need for particular consideration when data are shared; and the need for patients to control health information in a global setting. With precision medicine, artificial intelligence, and other treatment innovations on the horizon, health care professionals need to think more broadly about how to preserve privacy in a health care environment driven by data sharing. Patient-reported privacy preferences, privacy portability, and greater transparency around privacy-preserving functionalities are potential strategies for ensuring that privacy regulations are met and privacy is preserved. Georg Thieme Verlag KG Stuttgart.

A blockchain-based data usage auditing architecture with enhanced privacy and availability

OpenAIRE

Kaaniche , Nesrine; Laurent , Maryline

2017-01-01

International audience; Recent years have witnessed the trend of increasingly relying on distributed infrastructures. This increased the number of reported incidents of security breaches compromising users' privacy, where third parties massively collect, process and manage users' personal data. Towards these security and privacy challenges, we combine hierarchical identity based cryptographic mechanisms with emerging blockchain infrastructures and propose a blockchain-based data usage auditin...

Health care and privacy law in electronic commerce.

Science.gov (United States)

Wright, B

1994-01-01

As electronic data interchange (EDI) continues to gain acceptance and use, questions regarding protection of the confidentiality of private healthcare information have arisen. This article explains how a computer-based information system equipped with appropriate safeguards can be far better at ensuring privacy than a paper-based system.

An Agent Based Software Approach towards Building Complex Systems

Directory of Open Access Journals (Sweden)

Latika Kharb

2015-08-01

Full Text Available Agent-oriented techniques represent an exciting new means of analyzing, designing and building complex software systems. They have the potential to significantly improve current practice in software engineering and to extend the range of applications that can feasibly be tackled. Yet, to date, there have been few serious attempts to cast agent systems as a software engineering paradigm. This paper seeks to rectify this omission. Specifically, points to be argued include:firstly, the conceptual apparatus of agent-oriented systems is well-suited to building software solutions for complex systems and secondly, agent-oriented approaches represent a genuine advance over the current state of the art for engineering complex systems. Following on from this view, the major issues raised by adopting an agentoriented approach to software engineering are highlighted and discussed in this paper.

Privacy-Preserving Location-Based Service Scheme for Mobile Sensing Data

Directory of Open Access Journals (Sweden)

Qingqing Xie

2016-11-01

Full Text Available With the wide use of mobile sensing application, more and more location-embedded data are collected and stored in mobile clouds, such as iCloud, Samsung cloud, etc. Using these data, the cloud service provider (CSP can provide location-based service (LBS for users. However, the mobile cloud is untrustworthy. The privacy concerns force the sensitive locations to be stored on the mobile cloud in an encrypted form. However, this brings a great challenge to utilize these data to provide efficient LBS. To solve this problem, we propose a privacy-preserving LBS scheme for mobile sensing data, based on the RSA (for Rivest, Shamir and Adleman algorithm and ciphertext policy attribute-based encryption (CP-ABE scheme. The mobile cloud can perform location distance computing and comparison efficiently for authorized users, without location privacy leakage. In the end, theoretical security analysis and experimental evaluation demonstrate that our scheme is secure against the chosen plaintext attack (CPA and efficient enough for practical applications in terms of user side computation overhead.

Privacy-Preserving Location-Based Service Scheme for Mobile Sensing Data.

Science.gov (United States)

Xie, Qingqing; Wang, Liangmin

2016-11-25

With the wide use of mobile sensing application, more and more location-embedded data are collected and stored in mobile clouds, such as iCloud, Samsung cloud, etc. Using these data, the cloud service provider (CSP) can provide location-based service (LBS) for users. However, the mobile cloud is untrustworthy. The privacy concerns force the sensitive locations to be stored on the mobile cloud in an encrypted form. However, this brings a great challenge to utilize these data to provide efficient LBS. To solve this problem, we propose a privacy-preserving LBS scheme for mobile sensing data, based on the RSA (for Rivest, Shamir and Adleman) algorithm and ciphertext policy attribute-based encryption (CP-ABE) scheme. The mobile cloud can perform location distance computing and comparison efficiently for authorized users, without location privacy leakage. In the end, theoretical security analysis and experimental evaluation demonstrate that our scheme is secure against the chosen plaintext attack (CPA) and efficient enough for practical applications in terms of user side computation overhead.

The Effectiveness of Health Care Information Technologies: Evaluation of Trust, Security Beliefs, and Privacy as Determinants of Health Care Outcomes

Science.gov (United States)

2018-01-01

Background The diffusion of health information technologies (HITs) within the health care sector continues to grow. However, there is no theory explaining how success of HITs influences patient care outcomes. With the increase in data breaches, HITs’ success now hinges on the effectiveness of data protection solutions. Still, empirical research has only addressed privacy concerns, with little regard for other factors of information assurance. Objective The objective of this study was to study the effectiveness of HITs using the DeLone and McLean Information Systems Success Model (DMISSM). We examined the role of information assurance constructs (ie, the role of information security beliefs, privacy concerns, and trust in health information) as measures of HIT effectiveness. We also investigated the relationships between information assurance and three aspects of system success: attitude toward health information exchange (HIE), patient access to health records, and perceived patient care quality. Methods Using structural equation modeling, we analyzed the data from a sample of 3677 cancer patients from a public dataset. We used R software (R Project for Statistical Computing) and the Lavaan package to test the hypothesized relationships. Results Our extension of the DMISSM to health care was supported. We found that increased privacy concerns reduce the frequency of patient access to health records use, positive attitudes toward HIE, and perceptions of patient care quality. Also, belief in the effectiveness of information security increases the frequency of patient access to health records and positive attitude toward HIE. Trust in health information had a positive association with attitudes toward HIE and perceived patient care quality. Trust in health information had no direct effect on patient access to health records; however, it had an indirect relationship through privacy concerns. Conclusions Trust in health information and belief in the effectiveness of

The Effectiveness of Health Care Information Technologies: Evaluation of Trust, Security Beliefs, and Privacy as Determinants of Health Care Outcomes.

Science.gov (United States)

Kisekka, Victoria; Giboney, Justin Scott

2018-04-11

The diffusion of health information technologies (HITs) within the health care sector continues to grow. However, there is no theory explaining how success of HITs influences patient care outcomes. With the increase in data breaches, HITs' success now hinges on the effectiveness of data protection solutions. Still, empirical research has only addressed privacy concerns, with little regard for other factors of information assurance. The objective of this study was to study the effectiveness of HITs using the DeLone and McLean Information Systems Success Model (DMISSM). We examined the role of information assurance constructs (ie, the role of information security beliefs, privacy concerns, and trust in health information) as measures of HIT effectiveness. We also investigated the relationships between information assurance and three aspects of system success: attitude toward health information exchange (HIE), patient access to health records, and perceived patient care quality. Using structural equation modeling, we analyzed the data from a sample of 3677 cancer patients from a public dataset. We used R software (R Project for Statistical Computing) and the Lavaan package to test the hypothesized relationships. Our extension of the DMISSM to health care was supported. We found that increased privacy concerns reduce the frequency of patient access to health records use, positive attitudes toward HIE, and perceptions of patient care quality. Also, belief in the effectiveness of information security increases the frequency of patient access to health records and positive attitude toward HIE. Trust in health information had a positive association with attitudes toward HIE and perceived patient care quality. Trust in health information had no direct effect on patient access to health records; however, it had an indirect relationship through privacy concerns. Trust in health information and belief in the effectiveness of information security safeguards increases

A review of Agent Based Modeling for agricultural policy evaluation

NARCIS (Netherlands)

Kremmydas, Dimitris; Athanasiadis, I.N.; Rozakis, Stelios

2018-01-01

Farm level scale policy analysis is receiving increased attention due to a changing agricultural policy orientation. Agent based models (ABM) are farm level models that have appeared in the end of 1990's, having several differences from traditional farm level models, like the consideration of

Exercising privacy rights in medical science.

Science.gov (United States)

Hillmer, Michael; Redelmeier, Donald A

2007-12-04

Privacy laws are intended to preserve human well-being and improve medical outcomes. We used the Sportstats website, a repository of competitive athletic data, to test how easily these laws can be circumvented. We designed a haphazard, unrepresentative case-series analysis and applied unscientific methods based on an Internet connection and idle time. We found it both feasible and titillating to breach anonymity, stockpile personal information and generate misquotations. We extended our methods to snoop on celebrities, link to outside databases and uncover refusal to participate. Throughout our study, we evaded capture and public humiliation despite violating these 6 privacy fundamentals. We suggest that the legitimate principle of safeguarding personal privacy is undermined by the natural human tendency toward showing off.

Online privacy: overview and preliminary research

Directory of Open Access Journals (Sweden)

Renata Mekovec

2010-12-01

Full Text Available Normal 0 21 false false false HR X-NONE X-NONE MicrosoftInternetExplorer4 Over the last decade using the Internet for online shopping, information browsing and searching as well as for online communication has become part of everyday life. Although the Internet technology has a lot of benefits for users, one of the most important disadvantages is related to the increasing capacity for users’ online activity surveillance. However, the users are increasingly becoming aware of online surveillance methods, which results in their increased concern for privacy protection. Numerous factors influence the way in which individuals perceive the level of privacy protection when they are online. This article provides a review of factors that influence the privacy perception of Internet users. Previous online privacy research related to e-business was predominantly focused on the dimension of information privacy and concerned with the way users’ personal information is collected, saved and used by an online company. This article’s main aim is to provide an overview of numerous Internet users’ privacy perception elements across various privacy dimensions as well as their potential categorization. In addition, considering that e-banking and online shopping are one of the most widely used e-services, an examination of online privacy perception of e-banking/online shopping users was performed. 

76 FR 79114 - Privacy Act of 1974: Implementation of Exemptions; DOT/ALL 23-Information Sharing Environment...

Science.gov (United States)

2011-12-21

...] Privacy Act of 1974: Implementation of Exemptions; DOT/ALL 23-- Information Sharing Environment (ISE... titled, ``DOT/ALL 23--Information Sharing Environment (ISE) Suspicious Activity Reporting (SAR... exempts portions of the ``DOT/ALL 23--Information Sharing Environment (ISE) Suspicious Activity Reporting...

Security and privacy issues with health care information technology.

Science.gov (United States)

Meingast, Marci; Roosta, Tanya; Sastry, Shankar

2006-01-01

The face of health care is changing as new technologies are being incorporated into the existing infrastructure. Electronic patient records and sensor networks for in-home patient monitoring are at the current forefront of new technologies. Paper-based patient records are being put in electronic format enabling patients to access their records via the Internet. Remote patient monitoring is becoming more feasible as specialized sensors can be placed inside homes. The combination of these technologies will improve the quality of health care by making it more personalized and reducing costs and medical errors. While there are benefits to technologies, associated privacy and security issues need to be analyzed to make these systems socially acceptable. In this paper we explore the privacy and security implications of these next-generation health care technologies. We describe existing methods for handling issues as well as discussing which issues need further consideration.

Do Privacy Concerns Matter for Millennials?

DEFF Research Database (Denmark)

Fodor, Mark; Brem, Alexander

2015-01-01

data have raised the question, if location data are considered as sensitive data by users. Thus, we use two privacy concern models, namely Concern for Information Privacy (CFIP) and Internet Users’ Information Privacy Concerns (IUIPC) to find out. Our sample comprises of 235 individuals between 18...... and 34 years (Generation C) from Germany. The results of this study indicate that the second-order factor IUIPC showed better fit for the underlying data than CFIP did. Overall privacy concerns have been found to have an impact on behavioral intentions of users for LBS adoption. Furthermore, other risk...

Technology as a Threat to Privacy: Ethical Challenges and Guidelines for the Information Professionals.

Science.gov (United States)

Britz, J. J.

1996-01-01

Assesses the impact of technology on privacy. Discusses electronic monitoring of people in the workplace; interception and reading of e-mail messages; merging of databases which contain personal information; rise in the number of hackers; and the development of software that makes the decoding of digital information virtually impossible. Presents…

Collaborative Information Agents on the World Wide Web

Science.gov (United States)

Chen, James R.; Mathe, Nathalie; Wolfe, Shawn; Koga, Dennis J. (Technical Monitor)

1998-01-01

In this paper, we present DIAMS, a system of distributed, collaborative information agents which help users access, collect, organize, and exchange information on the World Wide Web. Personal agents provide their owners dynamic displays of well organized information collections, as well as friendly information management utilities. Personal agents exchange information with one another. They also work with other types of information agents such as matchmakers and knowledge experts to facilitate collaboration and communication.

The Mechanisms of Interpersonal Privacy in Social Networking Websites: A Study of Subconscious Processes, Social Network Analysis, and Fear of Social Exclusion

Science.gov (United States)

Hammer, Bryan

2013-01-01

With increasing usage of social networking sites like Facebook there is a need to study privacy. Previous research has placed more emphasis on outcome-oriented contexts, such as e-commerce sites. In process-oriented contexts, like Facebook, privacy has become a source of conflict for users. The majority of architectural privacy (e.g. privacy…

Using social network analysis and agent-based modelling to explore information flow using common operational pictures for maritime search and rescue operations.

Science.gov (United States)

Baber, C; Stanton, N A; Atkinson, J; McMaster, R; Houghton, R J

2013-01-01

The concept of common operational pictures (COPs) is explored through the application of social network analysis (SNA) and agent-based modelling to a generic search and rescue (SAR) scenario. Comparing the command structure that might arise from standard operating procedures with the sort of structure that might arise from examining information-in-common, using SNA, shows how one structure could be more amenable to 'command' with the other being more amenable to 'control' - which is potentially more suited to complex multi-agency operations. An agent-based model is developed to examine the impact of information sharing with different forms of COPs. It is shown that networks using common relevant operational pictures (which provide subsets of relevant information to groups of agents based on shared function) could result in better sharing of information and a more resilient structure than networks that use a COP. SNA and agent-based modelling are used to compare different forms of COPs for maritime SAR operations. Different forms of COP change the communications structures in the socio-technical systems in which they operate, which has implications for future design and development of a COP.

ISHM-oriented adaptive fault diagnostics for avionics based on a distributed intelligent agent system

Science.gov (United States)

Xu, Jiuping; Zhong, Zhengqiang; Xu, Lei

2015-10-01

In this paper, an integrated system health management-oriented adaptive fault diagnostics and model for avionics is proposed. With avionics becoming increasingly complicated, precise and comprehensive avionics fault diagnostics has become an extremely complicated task. For the proposed fault diagnostic system, specific approaches, such as the artificial immune system, the intelligent agents system and the Dempster-Shafer evidence theory, are used to conduct deep fault avionics diagnostics. Through this proposed fault diagnostic system, efficient and accurate diagnostics can be achieved. A numerical example is conducted to apply the proposed hybrid diagnostics to a set of radar transmitters on an avionics system and to illustrate that the proposed system and model have the ability to achieve efficient and accurate fault diagnostics. By analyzing the diagnostic system's feasibility and pragmatics, the advantages of this system are demonstrated.

Cloud-based privacy-preserving remote ECG monitoring and surveillance.

Science.gov (United States)

Page, Alex; Kocabas, Ovunc; Soyata, Tolga; Aktas, Mehmet; Couderc, Jean-Philippe

2015-07-01

The number of technical solutions for monitoring patients in their daily activities is expected to increase significantly in the near future. Blood pressure, heart rate, temperature, BMI, oxygen saturation, and electrolytes are few of the physiologic factors that will soon be available to patients and their physicians almost continuously. The availability and transfer of this information from the patient to the health provider raises privacy concerns. Moreover, current data encryption approaches expose patient data during processing, therefore restricting their utility in applications requiring data analysis. We propose a system that couples health monitoring techniques with analytic methods to permit the extraction of relevant information from patient data without compromising privacy. This proposal is based on the concept of fully homomorphic encryption (FHE). Since this technique is known to be resource-heavy, we develop a proof-of-concept to assess its practicality. Results are presented from our prototype system, which mimics live QT monitoring and detection of drug-induced QT prolongation. Transferring FHE-encrypted QT and RR samples requires about 2 Mbps of network bandwidth per patient. Comparing FHE-encrypted values--for example, comparing QTc to a given threshold-runs quickly enough on modest hardware to alert the doctor of important results in real-time. We demonstrate that FHE could be used to securely transfer and analyze ambulatory health monitoring data. We present a unique concept that could represent a disruptive type of technology with broad applications to multiple monitoring devices. Future work will focus on performance optimizations to accelerate expansion to these other applications. © 2014 Wiley Periodicals, Inc.

Location-Based Services and Privacy in Airports

DEFF Research Database (Denmark)

Hansen, John Paulin; Alapetite, Alexandre; Andersen, Henning Boje

2009-01-01

This paper reports on a study of privacy concerns related to location-based services in an airport, where users who volunteer for the service will be tracked for a limited period and within a limited area. Reactions elicited from travellers at a field trial showed 60% feeling to some or to a larg...

RFID Privacy Risk Evaluation Based on Synthetic Method of Extended Attack Tree and Information Feature Entropy

OpenAIRE

Li, Peng; Xu, Chao; Chen, Long; Wang, Ruchuan

2015-01-01

Evaluation of security risks in radio frequency identification (RFID) systems is a challenging problem in Internet of Things (IoT). This paper proposes an extended attack tree (EAT) model to identify RFID system’s flaws and vulnerabilities. A corresponding formal description of the model is described which adds a probability SAND node together with the probability attribute of the node attack. In addition, we model the process of an RFID data privacy attack based on EAT, taking a sensitive in...

The perceived impact of location privacy: A web-based survey of public health perspectives and requirements in the UK and Canada

Directory of Open Access Journals (Sweden)

Boulos Maged

2008-05-01

Full Text Available Abstract Background The "place-consciousness" of public health professionals is on the rise as spatial analyses and Geographic Information Systems (GIS are rapidly becoming key components of their toolbox. However, "place" is most useful at its most precise, granular scale – which increases identification risks, thereby clashing with privacy issues. This paper describes the views and requirements of public health professionals in Canada and the UK on privacy issues and spatial data, as collected through a web-based survey. Methods Perceptions on the impact of privacy were collected through a web-based survey administered between November 2006 and January 2007. The survey targeted government, non-government and academic GIS labs and research groups involved in public health, as well as public health units (Canada, ministries, and observatories (UK. Potential participants were invited to participate through personally addressed, standardised emails. Results Of 112 invitees in Canada and 75 in the UK, 66 and 28 participated in the survey, respectively. The completion proportion for Canada was 91%, and 86% for the UK. No response differences were observed between the two countries. Ninety three percent of participants indicated a requirement for personally identifiable data (PID in their public health activities, including geographic information. Privacy was identified as an obstacle to public health practice by 71% of respondents. The overall self-rated median score for knowledge of privacy legislation and policies was 7 out of 10. Those who rated their knowledge of privacy as high (at the median or above also rated it significantly more severe as an obstacle to research (P Conclusion The clash between PID requirements – including granular geography – and limitations imposed by privacy and its associated bureaucracy require immediate attention and solutions, particularly given the increasing utilisation of GIS in public health. Solutions

The Allure of Privacy or the Desire for Self-Expression? Identifying Users' Gratifications for Ephemeral, Photograph-Based Communication.

Science.gov (United States)

Waddell, T Franklin

2016-07-01

Temporary messaging programs continue to rise in popularity, due in large part to the perceived privacy that they afford. However, recent controversies have revealed that messages shared on ephemeral messaging services are persistent and potentially retrieval, thus undermining the privacy they are assumed to provide. Given this paradox, why are temporary messaging services so popular? Does the allure of privacy still motivate the use of temporary messaging programs? Or, if privacy is no longer afforded by ephemeral messaging, what other psychological gratifications do these applications fulfill that might account for their continued use? Informed by the Modality-Agency-Interactivity-Navigability (MAIN) model and the uses and gratifications tradition, the current study conducted qualitative interviews to identify the gratifications that individuals derive from the popular ephemeral messaging application, Snapchat. Study results show that the visual affordances of ephemeral messaging have legitimized photographic communication, providing self-expression and relational gratifications that are unfulfilled by text-based applications. By comparison, users report low levels of trust in the privacy affordances of ephemeral messaging, and instead projecting negative effects of temporary messaging on other users rather than self. Theoretical and practical implications of these results are discussed.

Pattern-oriented Agent-based Monte Carlo simulation of Cellular Redox Environment

DEFF Research Database (Denmark)

Tang, Jiaowei; Holcombe, Mike; Boonen, Harrie C.M.

/CYSS) and mitochondrial redox couples. Evidence suggests that both intracellular and extracellular redox can affect overall cell redox state. How redox is communicated between extracellular and intracellular environments is still a matter of debate. Some researchers conclude based on experimental data...... cells. Biochimica Et Biophysica Acta-General Subjects, 2008. 1780(11): p. 1271-1290. 5. Jones, D.P., Redox sensing: orthogonal control in cell cycle and apoptosis signalling. J Intern Med, 2010. 268(5): p. 432-48. 6. Pogson, M., et al., Formal agent-based modelling of intracellular chemical interactions...

Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification rules under the Health Information Technology for Economic and Clinical Health Act and the Genetic Information Nondiscrimination Act; other modifications to the HIPAA rules.

Science.gov (United States)

2013-01-25

The Department of Health and Human Services (HHS or ``the Department'') is issuing this final rule to: Modify the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Enforcement Rules to implement statutory amendments under the Health Information Technology for Economic and Clinical Health Act (``the HITECH Act'' or ``the Act'') to strengthen the privacy and security protection for individuals' health information; modify the rule for Breach Notification for Unsecured Protected Health Information (Breach Notification Rule) under the HITECH Act to address public comment received on the interim final rule; modify the HIPAA Privacy Rule to strengthen the privacy protections for genetic information by implementing section 105 of Title I of the Genetic Information Nondiscrimination Act of 2008 (GINA); and make certain other modifications to the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (the HIPAA Rules) to improve their workability and effectiveness and to increase flexibility for and decrease burden on the regulated entities.

Trust, Privacy, and Frame Problems in Social and Business E-Networks, Part 1

Directory of Open Access Journals (Sweden)

Jeff Buechner

2011-03-01

Full Text Available Privacy issues in social and business e-networks are daunting in complexity—private information about oneself might be routed through countless artificial agents. For each such agent, in that context, two questions about trust are raised: Where an agent must access (or store personal information, can one trust that artificial agent with that information and, where an agent does not need to either access or store personal information, can one trust that agent not to either access or store that information? It would be an infeasible task for any human being to explicitly determine, for each artificial agent, whether it can be trusted. That is, no human being has the computational resources to make such an explicit determination. There is a well-known class of problems in the artificial intelligence literature, known as frame problems, where explicit solutions to them are computationally infeasible. Human common sense reasoning solves frame problems, though the mechanisms employed are largely unknown. I will argue that the trust relation between two agents (human or artificial functions, in some respects, is a frame problem solution. That is, a problem is solved without the need for a computationally infeasible explicit solution. This is an aspect of the trust relation that has remained unexplored in the literature. Moreover, there is a formal, iterative structure to agent-agent trust interactions that serves to establish the trust relation non-circularly, to reinforce it, and to “bootstrap” its strength.

The Impact of Privacy Concerns and Perceived Vulnerability to Risks on Users Privacy Protection Behaviors on SNS: A Structural Equation Model

OpenAIRE

Noora Sami Al-Saqer; Mohamed E. Seliaman

2016-01-01

This research paper investigates Saudi users’ awareness levels about privacy policies in Social Networking Sites (SNSs), their privacy concerns and their privacy protection measures. For this purpose, a research model that consists of five main constructs namely information privacy concern, awareness level of privacy policies of social networking sites, perceived vulnerability to privacy risks, perceived response efficacy, and privacy protecting behavior was developed. An online survey questi...

Integration of Life Cycle Assessment Into Agent-Based Modeling : Toward Informed Decisions on Evolving Infrastructure Systems

NARCIS (Netherlands)

Davis, C.B.; Nikoli?, I.; Dijkema, G.P.J.

2009-01-01

A method is presented that allows for a life cycle assessment (LCA) to provide environmental information on an energy infrastructure system while it evolves. Energy conversion facilities are represented in an agent-based model (ABM) as distinct instances of technologies with owners capable of making

An Emotional Agent Model Based on Granular Computing

Directory of Open Access Journals (Sweden)

Jun Hu

2012-01-01

Full Text Available Affective computing has a very important significance for fulfilling intelligent information processing and harmonious communication between human being and computers. A new model for emotional agent is proposed in this paper to make agent have the ability of handling emotions, based on the granular computing theory and the traditional BDI agent model. Firstly, a new emotion knowledge base based on granular computing for emotion expression is presented in the model. Secondly, a new emotional reasoning algorithm based on granular computing is proposed. Thirdly, a new emotional agent model based on granular computing is presented. Finally, based on the model, an emotional agent for patient assistant in hospital is realized, experiment results show that it is efficient to handle simple emotions.

Privacy on Hypothesis Testing in Smart Grids

OpenAIRE

Li, Zuxing; Oechtering, Tobias

2015-01-01

In this paper, we study the problem of privacy information leakage in a smart grid. The privacy risk is assumed to be caused by an unauthorized binary hypothesis testing of the consumer's behaviour based on the smart meter readings of energy supplies from the energy provider. Another energy supplies are produced by an alternative energy source. A controller equipped with an energy storage device manages the energy inflows to satisfy the energy demand of the consumer. We study the optimal ener...

How can hospitals better protect the privacy of electronic medical records? Perspectives from staff members of health information management departments.

Science.gov (United States)

Sher, Ming-Ling; Talley, Paul C; Cheng, Tain-Junn; Kuo, Kuang-Ming

2017-05-01

The adoption of electronic medical records (EMR) is expected to better improve overall healthcare quality and to offset the financial pressure of excessive administrative burden. However, safeguarding EMR against potentially hostile security breaches from both inside and outside healthcare facilities has created increased patients' privacy concerns from all sides. The aim of our study was to examine the influencing factors of privacy protection for EMR by healthcare professionals. We used survey methodology to collect questionnaire responses from staff members in health information management departments among nine Taiwanese hospitals active in EMR utilisation. A total of 209 valid responses were collected in 2014. We used partial least squares for analysing the collected data. Perceived benefits, perceived barriers, self-efficacy and cues to action were found to have a significant association with intention to protect EMR privacy, while perceived susceptibility and perceived severity were not. Based on the findings obtained, we suggest that hospitals should provide continuous ethics awareness training to relevant staff and design more effective strategies for improving the protection of EMR privacy in their charge. Further practical and research implications are also discussed.

49 CFR 10.13 - Privacy Officer.

Science.gov (United States)

2010-10-01

... INDIVIDUALS General § 10.13 Privacy Officer. (a) To assist with implementation, evaluation, and administration issues, the Chief Information Officer appoints a principal coordinating official with the title Privacy... 49 Transportation 1 2010-10-01 2010-10-01 false Privacy Officer. 10.13 Section 10.13...

Security, privacy, and confidentiality issues on the Internet

Science.gov (United States)

Kelly, Grant; McKenzie, Bruce

2002-01-01

We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to `sign' a message whereby the private key of an individual can be used to `hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a `digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers. PMID:12554559

Interpretation and Analysis of Privacy Policies of Websites in India

DEFF Research Database (Denmark)

Dhotre, Prashant Shantaram; Olesen, Henning; Khajuria, Samant

2016-01-01

the conditions specified in the policy document. So, ideally the privacy policies should be readable and provide sufficient information to empower users to make knowledgeable decisions. Thus, we have examined more than 50 privacy policies and discussed the content analysis in this paper. We discovered...... on information collection methods, purpose, sharing entities names and data transit. In this study, the 11 % privacy policies are compliance with privacy standards which denotes other privacy policies are less committed to support transparency, choice, and accountability in the process of information collection...... that the policies are not only unstructured but also described in complicated language. Our analysis shows that the user data security measures are nonspecific and unsatisfactory in 57% privacy policies. In spite of huge amount of information collection, the privacy policies does not have clear description...

Just in Time Research: Privacy Practices

Science.gov (United States)

Grama, Joanna Lyn

2014-01-01

The January 2014 edition of the ECAR Update subscriber newsletter included an informal poll on information privacy practices. The poll was intended to collect a quick snapshot of the higher education community's thoughts on this important topic during Data Privacy Month. Results of the poll will be used to inform EDUCAUSE research, programs,…

Privacy Metrics and Boundaries

NARCIS (Netherlands)

L-F. Pau (Louis-François)

2005-01-01

textabstractThis paper aims at defining a set of privacy metrics (quantitative and qualitative) in the case of the relation between a privacy protector ,and an information gatherer .The aims with such metrics are: -to allow to assess and compare different user scenarios and their differences; for

Privacy-preserving record linkage on large real world datasets.

Science.gov (United States)

Randall, Sean M; Ferrante, Anna M; Boyd, James H; Bauer, Jacqueline K; Semmens, James B

2014-08-01

Record linkage typically involves the use of dedicated linkage units who are supplied with personally identifying information to determine individuals from within and across datasets. The personally identifying information supplied to linkage units is separated from clinical information prior to release by data custodians. While this substantially reduces the risk of disclosure of sensitive information, some residual risks still exist and remain a concern for some custodians. In this paper we trial a method of record linkage which reduces privacy risk still further on large real world administrative data. The method uses encrypted personal identifying information (bloom filters) in a probability-based linkage framework. The privacy preserving linkage method was tested on ten years of New South Wales (NSW) and Western Australian (WA) hospital admissions data, comprising in total over 26 million records. No difference in linkage quality was found when the results were compared to traditional probabilistic methods using full unencrypted personal identifiers. This presents as a possible means of reducing privacy risks related to record linkage in population level research studies. It is hoped that through adaptations of this method or similar privacy preserving methods, risks related to information disclosure can be reduced so that the benefits of linked research taking place can be fully realised. Copyright © 2013 Elsevier Inc. All rights reserved.

Disclosure of computerized health care information: provider privacy rights under supply side competition.

Science.gov (United States)

Watson, B L

1981-01-01

This Article explores the constitutional, statutory and common law privacy rights of physicians given the inescapable role of delivery data under supply side competition. The Article begins with a general review of the federal constitutional right of privacy. It then discusses the statutory protection given to physician-specific data under current federal law, and considers the insights gained from the controversy over physician data and the federal Freedom of Information Act. The remainder of the Article analyzes the usefulness of several common law causes of action to remedy the misuse of physician data, and concludes with recommendations which may obviate the need for litigation to protect against misuse of physician-specific data.

A Certificate Authority (CA-based cryptographic solution for HIPAA privacy/security regulations

Directory of Open Access Journals (Sweden)

Sangram Ray

2014-07-01

Full Text Available The Health Insurance Portability and Accountability Act (HIPAA passed by the US Congress establishes a number of privacy/security regulations for e-healthcare systems. These regulations support patients’ medical privacy and secure exchange of PHI (protected health information among medical practitioners. Three existing HIPAA-based schemes have been studied but appear to be ineffective as patients’ PHI is stored in smartcards. Moreover, carrying a smartcard during a treatment session and accessing PHI from different locations results in restrictions. In addition, authentication of the smartcard presenter would not be possible if the PIN is compromised. In this context, we propose an MCS (medical center server should be located at each hospital and accessed via the Internet for secure handling of patients’ PHI. All entities of the proposed e-health system register online with the MCS, and each entity negotiates a contributory registration key, where public-key certificates issued and maintained by CAs are used for authentication. Prior to a treatment session, a doctor negotiates a secret session key with MCS and uploads/retrieves patients’ PHI securely. The proposed scheme has five phases, which have been implemented in a secure manner for supporting HIPAA privacy/security regulations. Finally, the security aspects, computation and communication costs of the scheme are analyzed and compared with existing methods that display satisfactory performance.

Unveiling consumer's privacy paradox behaviour in an economic exchange.

Science.gov (United States)

Motiwalla, Luvai F; Li, Xiao-Bai

2016-01-01

Privacy paradox is of great interest to IS researchers and firms gathering personal information. It has been studied from social, behavioural, and economic perspectives independently. However, prior research has not examined the degrees of influence these perspectives contribute to the privacy paradox problem. We combine both economic and behavioural perspectives in our study of the privacy paradox with a price valuation of personal information through an economic experiment combined with a behavioural study on privacy paradox. Our goal is to reveal more insights on the privacy paradox through economic valuation on personal information. Results indicate that general privacy concerns or individual disclosure concerns do not have a significant influence on the price valuation of personal information. Instead, prior disclosure behaviour in specific scenario, like with healthcare providers or social networks, is a better indicator of consumer price valuations.

Formal Security-Proved Mobile Anonymous Authentication Protocols with Credit-Based Chargeability and Controllable Privacy

Directory of Open Access Journals (Sweden)

Chun-I Fan

2016-06-01

Full Text Available Smart mobile phones are widely popularized and advanced mobile communication services are provided increasingly often, such that ubiquitous computing environments will soon be a reality. However, there are many security threats to mobile networks and their impact on security is more serious than that in wireline networks owing to the features of wireless transmissions and the ubiquity property. The secret information which mobile users carry may be stolen by malicious entities. To guarantee the quality of advanced services, security and privacy would be important issues when users roam within various mobile networks. In this manuscript, an anonymous authentication scheme will be proposed to protect the security of the network system and the privacy of users. Not only does the proposed scheme provide mutual authentication between each user and the system, but also each user’s identity is kept secret against anyone else, including the system. Although the system anonymously authenticates the users, it can still generate correct bills to charge these anonymous users via a credit-based solution instead of debit-based ones. Furthermore, our protocols also achieve fair privacy which allows the judge to revoke the anonymity and trace the illegal users when they have misused the anonymity property, for example, if they have committed crimes. Finally, in this paper, we also carry out complete theoretical proofs on each claimed security property.

Privacy by design in personal health monitoring.

Science.gov (United States)

Nordgren, Anders

2015-06-01

The concept of privacy by design is becoming increasingly popular among regulators of information and communications technologies. This paper aims at analysing and discussing the ethical implications of this concept for personal health monitoring. I assume a privacy theory of restricted access and limited control. On the basis of this theory, I suggest a version of the concept of privacy by design that constitutes a middle road between what I call broad privacy by design and narrow privacy by design. The key feature of this approach is that it attempts to balance automated privacy protection and autonomously chosen privacy protection in a way that is context-sensitive. In personal health monitoring, this approach implies that in some contexts like medication assistance and monitoring of specific health parameters one single automatic option is legitimate, while in some other contexts, for example monitoring in which relatives are receivers of health-relevant information rather than health care professionals, a multi-choice approach stressing autonomy is warranted.

Ontological Model-Based Transparent Access To Information In A Medical Multi-Agent System

Directory of Open Access Journals (Sweden)

Felicia GÎZĂ-BELCIUG

2012-01-01

Full Text Available Getting the full electronic medical record of a patient is an important step in providing a quality medical service. But the degree of heterogeneity of data from health unit informational systems is very high, because each unit can have a different model for storing patients’ medical data. In order to achieve the interoperability and integration of data from various medical units that store partial patient medical information, this paper proposes a multi-agent systems and ontology based approach. Therefore, we present an ontological model for describing the particular structure of the data integration process. The system is to be used for centralizing the information from a patient’s partial medical records. The main advantage of the proposed model is the low ratio between the complexity of the model and the amount of information that can be retrieved in order to generate the complete medical history of a patient.

Data Security and Privacy in Apps for Dementia: An Analysis of Existing Privacy Policies.

Science.gov (United States)

Rosenfeld, Lisa; Torous, John; Vahia, Ipsit V

2017-08-01

Despite tremendous growth in the number of health applications (apps), little is known about how well these apps protect their users' health-related data. This gap in knowledge is of particular concern for apps targeting people with dementia, whose cognitive impairment puts them at increased risk of privacy breaches. In this article, we determine how many dementia apps have privacy policies and how well they protect user data. Our analysis included all iPhone apps that matched the search terms "medical + dementia" or "health & fitness + dementia" and collected user-generated content. We evaluated all available privacy policies for these apps based on criteria that systematically measure how individual user data is handled. Seventy-two apps met the above search teams and collected user data. Of these, only 33 (46%) had an available privacy policy. Nineteen of the 33 with policies (58%) were specific to the app in question, and 25 (76%) specified how individual-user as opposed to aggregate data would be handled. Among these, there was a preponderance of missing information, the majority acknowledged collecting individual data for internal purposes, and most admitted to instances in which they would share user data with outside parties. At present, the majority of health apps focused on dementia lack a privacy policy, and those that do exist lack clarity. Bolstering safeguards and improving communication about privacy protections will help facilitate consumer trust in apps, thereby enabling more widespread and meaningful use by people with dementia and those involved in their care. Copyright © 2017. Published by Elsevier Inc.

Multi-Agent Information Classification Using Dynamic Acquaintance Lists.

Science.gov (United States)

Mukhopadhyay, Snehasis; Peng, Shengquan; Raje, Rajeev; Palakal, Mathew; Mostafa, Javed

2003-01-01

Discussion of automated information services focuses on information classification and collaborative agents, i.e. intelligent computer programs. Highlights include multi-agent systems; distributed artificial intelligence; thesauri; document representation and classification; agent modeling; acquaintances, or remote agents discovered through…

From Data Privacy to Location Privacy

Science.gov (United States)

Wang, Ting; Liu, Ling

Over the past decade, the research on data privacy has achieved considerable advancement in the following two aspects: First, a variety of privacy threat models and privacy principles have been proposed, aiming at providing sufficient protection against different types of inference attacks; Second, a plethora of algorithms and methods have been developed to implement the proposed privacy principles, while attempting to optimize the utility of the resulting data. The first part of the chapter presents an overview of data privacy research by taking a close examination at the achievements from the above two aspects, with the objective of pinpointing individual research efforts on the grand map of data privacy protection. As a special form of data privacy, location privacy possesses its unique characteristics. In the second part of the chapter, we examine the research challenges and opportunities of location privacy protection, in a perspective analogous to data privacy. Our discussion attempts to answer the following three questions: (1) Is it sufficient to apply the data privacy models and algorithms developed to date for protecting location privacy? (2) What is the current state of the research on location privacy? (3) What are the open issues and technical challenges that demand further investigation? Through answering these questions, we intend to provide a comprehensive review of the state of the art in location privacy research.

Reassessing insurers' access to genetic information: genetic privacy, ignorance, and injustice.

Science.gov (United States)

Feiring, Eli

2009-06-01

Many countries have imposed strict regulations on the genetic information to which insurers have access. Commentators have warned against the emerging body of legislation for different reasons. This paper demonstrates that, when confronted with the argument that genetic information should be available to insurers for health insurance underwriting purposes, one should avoid appeals to rights of genetic privacy and genetic ignorance. The principle of equality of opportunity may nevertheless warrant restrictions. A choice-based account of this principle implies that it is unfair to hold people responsible for the consequences of the genetic lottery, since we have no choice in selecting our genotype or the expression of it. However appealing, this view does not take us all the way to an adequate justification of inaccessibility of genetic information. A contractarian account, suggesting that health is a condition of opportunity and that healthcare is an essential good, seems more promising. I conclude that if or when predictive medical tests (such as genetic tests) are developed with significant actuarial value, individuals have less reason to accept as fair institutions that limit access to healthcare on the grounds of risk status. Given the assumption that a division of risk pools in accordance with a rough estimate of people's level of (genetic) risk will occur, fairness and justice favour universal health insurance based on solidarity.

A privacy-preserving framework for outsourcing location-based services to the cloud

OpenAIRE

Zhu, Xiaojie; Ayday, Erman; Vitenberg, Roman

2018-01-01

Thanks to the popularity of mobile devices a large number of location-based services (LBS) have emerged. While a large number of privacy-preserving solutions for LBS have been proposed, most of these solutions do not consider the fact that LBS are typically cloud-based nowadays. Outsourcing data and computation to the cloud raises a number of significant challenges related to data confidentiality, user identity and query privacy, fine-grain access control, and query expressiveness. In this wo...

Insights to develop privacy policy for organization in Indonesia

Science.gov (United States)

Rosmaini, E.; Kusumasari, T. F.; Lubis, M.; Lubis, A. R.

2018-03-01

Nowadays, the increased utilization of shared application in the network needs not only dictate to have enhanced security but also emphasize the need to balance its privacy protection and ease of use. Meanwhile, its accessibility and availability as the demand from organization service put privacy obligations become more complex process to be handled and controlled. Nonetheless, the underlying principles for privacy policy exist in Indonesian current laws, even though they spread across various article regulations. Religions, constitutions, statutes, regulations, custom and culture requirements still become the reference model to control the activity process for data collection and information sharing accordingly. Moreover, as the customer and organization often misinterpret their responsibilities and rights in the business function, process and level, the essential thing to be considered for professionals on how to articulate clearly the rules that manage their information gathering and distribution in a manner that translates into information system specification and requirements for developers and managers. This study focus on providing suggestion and recommendation to develop privacy policy based on descriptive analysis of 791 respondents on personal data protection in accordance with political and economic factor in Indonesia.

Perceived Information Security, Information Privacy, Risk and Institutional Trust on Consumer€™s Trust in E-commerce

OpenAIRE

Parengkuan, Frane Maorets

2014-01-01

E-commerce is widely being used in nowadays generation where the business entrepreneur from small to large institution, has widely taken advantage on the internet to promote business and deliver information about their product. Consumer trust is an important aspect of e-commerce, and understanding its antecedents and consequences is a prime concern. This research designed to find out the influence of Perceived Information Security, Privacy, Risk and Institutional Trust on Consumers Trust in E...

Privacy-Preserving Location-Based Service Scheme for Mobile Sensing Data †

Science.gov (United States)

Xie, Qingqing; Wang, Liangmin

2016-01-01

With the wide use of mobile sensing application, more and more location-embedded data are collected and stored in mobile clouds, such as iCloud, Samsung cloud, etc. Using these data, the cloud service provider (CSP) can provide location-based service (LBS) for users. However, the mobile cloud is untrustworthy. The privacy concerns force the sensitive locations to be stored on the mobile cloud in an encrypted form. However, this brings a great challenge to utilize these data to provide efficient LBS. To solve this problem, we propose a privacy-preserving LBS scheme for mobile sensing data, based on the RSA (for Rivest, Shamir and Adleman) algorithm and ciphertext policy attribute-based encryption (CP-ABE) scheme. The mobile cloud can perform location distance computing and comparison efficiently for authorized users, without location privacy leakage. In the end, theoretical security analysis and experimental evaluation demonstrate that our scheme is secure against the chosen plaintext attack (CPA) and efficient enough for practical applications in terms of user side computation overhead. PMID:27897984

Agent-oriented enterprise modeling based on business rules

NARCIS (Netherlands)

Taveter, K.; Wagner, G.R.; Kunii, H.S.; Jajodia, S.; Solvberg, A.

2001-01-01

Business rules are statements that express (certain parts of) a business policy, defining business terms and defining or constraining the operations of an enterprise, in a declarative manner. Since these rules define and constrain the interaction among business agents in the course of business

Ambiguity in Social Network Data for Presence, Sensitive-Attribute, Degree and Relationship Privacy Protection.

Science.gov (United States)

Rajaei, Mehri; Haghjoo, Mostafa S; Miyaneh, Eynollah Khanjari

2015-01-01

Maintaining privacy in network data publishing is a major challenge. This is because known characteristics of individuals can be used to extract new information about them. Recently, researchers have developed privacy methods based on k-anonymity and l-diversity to prevent re-identification or sensitive label disclosure through certain structural information. However, most of these studies have considered only structural information and have been developed for undirected networks. Furthermore, most existing approaches rely on generalization and node clustering so may entail significant information loss as all properties of all members of each group are generalized to the same value. In this paper, we introduce a framework for protecting sensitive attribute, degree (the number of connected entities), and relationships, as well as the presence of individuals in directed social network data whose nodes contain attributes. First, we define a privacy model that specifies privacy requirements for the above private information. Then, we introduce the technique of Ambiguity in Social Network data (ASN) based on anatomy, which specifies how to publish social network data. To employ ASN, individuals are partitioned into groups. Then, ASN publishes exact values of properties of individuals of each group with common group ID in several tables. The lossy join of those tables based on group ID injects uncertainty to reconstruct the original network. We also show how to measure different privacy requirements in ASN. Simulation results on real and synthetic datasets demonstrate that our framework, which protects from four types of private information disclosure, preserves data utility in tabular, topological and spectrum aspects of networks at a satisfactory level.

Cognitive Privacy for Personal Clouds

Directory of Open Access Journals (Sweden)

Milena Radenkovic

2016-01-01

Full Text Available This paper proposes a novel Cognitive Privacy (CogPriv framework that improves privacy of data sharing between Personal Clouds for different application types and across heterogeneous networks. Depending on the behaviour of neighbouring network nodes, their estimated privacy levels, resource availability, and social network connectivity, each Personal Cloud may decide to use different transmission network for different types of data and privacy requirements. CogPriv is fully distributed, uses complex graph contacts analytics and multiple implicit novel heuristics, and combines these with smart probing to identify presence and behaviour of privacy compromising nodes in the network. Based on sensed local context and through cooperation with remote nodes in the network, CogPriv is able to transparently and on-the-fly change the network in order to avoid transmissions when privacy may be compromised. We show that CogPriv achieves higher end-to-end privacy levels compared to both noncognitive cellular network communication and state-of-the-art strategies based on privacy-aware adaptive social mobile networks routing for a range of experiment scenarios based on real-world user and network traces. CogPriv is able to adapt to varying network connectivity and maintain high quality of service while managing to keep low data exposure for a wide range of privacy leakage levels in the infrastructure.

The ABC of ABC : An analysis of attribute-based credentials in the light of data protection, privacy and identity.

NARCIS (Netherlands)

Korenhof, P.E.I.; Koning, Merel; Alpár, Gergely; Hoepman, J.H.; Padullés, Joan Balcells; i Martínez, Agustí Cerrillo; Poch, Miquel Peguera; López, Ismael Peña; de Moner, María José Pifarré; Solana, Mònica Vilasau

2014-01-01

Our networked society increasingly needs secure identity sys- tems. The Attribute-based credential (ABC) technology is designed to be privacy-friendlier than contemporary authentication methods, which often suffer from information leakage. So far, however, some of the wider implications of ABC have

Functional Suitability Measurement using Goal-Oriented Approach based on ISO/IEC 25010 for Academics Information System

Directory of Open Access Journals (Sweden)

Ajeng Savitri Puspaningrum

2017-10-01

Full Text Available Rapid of information technology development grow a new competitive environment. Including higher education, they need to improve their service quality in order to provide education service in more competitive. One of the ways of using information technology in higher education is the used of Academic Information System (AIS. AIS was developed to achieve the goals of the learning process which is one of vision and mission organization success factor. The measurement is needed to evaluate the quality of AIS. Functionality is one of the quality factors which is measured by observing the correlation between function and functional suitability. In this study, the quality of AIS functional suitability is measured using goal-oriented approach base on ISO/IEC 25010 in the perspective of a lecturer. The strategic plan of an institution is used as a reference to measure if the system used to have meet institution goals when using this approach. The result shows that the measurement using goal-oriented approach become more objective and suitable to the need of used AIS quality improvement for the institution than the measurement with ISO/IEC 25010 only.

Overview of Privacy in Social Networking Sites (SNS)

Science.gov (United States)

Powale, Pallavi I.; Bhutkar, Ganesh D.

2013-07-01

Social Networking Sites (SNS) have become an integral part of communication and life style of people in today's world. Because of the wide range of services offered by SNSs mostly for free of cost, these sites are attracting the attention of all possible Internet users. Most importantly, users from all age groups have become members of SNSs. Since many of the users are not aware of the data thefts associated with information sharing, they freely share their personal information with SNSs. Therefore, SNSs may be used for investigating users' character and social habits by familiar or even unknown persons and agencies. Such commercial and social scenario, has led to number of privacy and security threats. Though, all major issues in SNSs need to be addressed, by SNS providers, privacy of SNS users is the most crucial. And therefore, in this paper, we have focused our discussion on "privacy in SNSs". We have discussed different ways of Personally Identifiable Information (PII) leakages from SNSs, information revelation to third-party domains without user consent and privacy related threats associated with such information sharing. We expect that this comprehensive overview on privacy in SNSs will definitely help in raising user awareness about sharing data and managing their privacy with SNSs. It will also help SNS providers to rethink about their privacy policies.

Consumer Responses to the Introduction of Privacy Protection Measures: An Exploratory Research Framework

OpenAIRE

Heng Xu

2009-01-01

Information privacy is at the center of discussion and controversy among multiple stakeholders including business leaders, privacy activists, and government regulators. However, conceptualizations of information privacy have been somewhat patchy in current privacy literature. In this article, we review the conceptualizations of information privacy through three different lenses (information exchange, social contract and information control), and then try to build upon previous literature from...

An Alternative View of Privacy on Facebook

OpenAIRE

Christian Fuchs

2011-01-01

The predominant analysis of privacy on Facebook focuses on personal information revelation. This paper is critical of this kind of research and introduces an alternative analytical framework for studying privacy on Facebook, social networking sites and web 2.0. This framework is connecting the phenomenon of online privacy to the political economy of capitalism—a focus that has thus far been rather neglected in research literature about Internet and web 2.0 privacy. Liberal privacy philosophy ...

Analysis of Privacy-Enhancing Identity Management Systems

DEFF Research Database (Denmark)

Adjei, Joseph K.; Olesen, Henning

Privacy has become a major issue for policy makers. This has been impelled by the rapid development of technologies that facilitate collection, distribution, storage, and manipulation of personal information. Business organizations are finding new ways of leveraging the value derived from consumer...... is an attempt to understand the relationship between individuals’ intentions to disclose personal information, their actual personal information disclosure behaviours, and how these can be leveraged to develop privacy-enhancing identity management systems (IDMS) that users can trust. Legal, regulatory...... and technological aspects of privacy and technology adoption are also discussed....

Evolution of natural agents: preservation, advance, and emergence of functional information.

Science.gov (United States)

Sharov, Alexei A

2016-04-01

Biological evolution is often viewed narrowly as a change of morphology or allele frequency in a sequence of generations. Here I pursue an alternative informational concept of evolution, as preservation, advance, and emergence of functional information in natural agents. Functional information is a network of signs (e.g., memory, transient messengers, and external signs) that are used by agents to preserve and regulate their functions. Functional information is preserved in evolution via complex interplay of copying and construction processes: the digital components are copied, whereas interpreting subagents together with scaffolds, tools, and resources, are constructed. Some of these processes are simple and invariant, whereas others are complex and contextual. Advance of functional information includes improvement and modification of already existing functions. Although the genome information may change passively and randomly, the interpretation is active and guided by the logic of agent behavior and embryonic development. Emergence of new functions is based on the reinterpretation of already existing information, when old tools, resources, and control algorithms are adopted for novel functions. Evolution of functional information progressed from protosemiosis, where signs correspond directly to actions, to eusemiosis, where agents associate signs with objects. Language is the most advanced form of eusemiosis, where the knowledge of objects and models is communicated between agents.

A cyber-anima-based model of material conscious information network

Directory of Open Access Journals (Sweden)

Jianping Shen

2017-03-01

Full Text Available Purpose – This paper aims to study the node modeling, multi-agent architecture and addressing method for the material conscious information network (MCIN, which is a large-scaled, open-styled, self-organized and ecological intelligent network of supply–demand relationships. Design/methodology/approach – This study models the MCIN by node model definition, multi-agent architecture design and addressing method presentation. Findings – The prototype of novel E-commerce platform based on the MCIN shows the effectiveness and soundness of the MCIN modeling. By comparing to current internet, the authors also find that the MCIN has the advantages of socialization, information integration, collective intelligence, traceability, high robustness, unification of producing and consuming, high scalability and decentralization. Research limitations/implications – Leveraging the dimensions of structure, character, knowledge and experience, a modeling approach of the basic information can fit all kinds of the MCIN nodes. With the double chain structure for both basic and supply–demand information, the MCIN nodes can be modeled comprehensively. The anima-desire-intention-based multi-agent architecture makes the federated agents of the MCIN nodes self-organized and intelligent. The MCIN nodes can be efficiently addressed by the supply–demand-oriented method. However, the implementation of the MCIN is still in process. Practical implications – This paper lays the theoretical foundation for the future networked system of supply–demand relationship and the novel E-commerce platform. Originality/value – The authors believe that the MCIN, first proposed in this paper, is a transformational innovation which facilitates the infrastructure of the future networked system of supply–demand relationship.

Ensuring the security and privacy of information in mobile health-care communication systems

OpenAIRE

Adesina, Ademola O.; Agbele, Kehinde K.; Februarie, Ronald; Abidoye, Ademola P.; Nyongesa, Henry O.

2011-01-01

The sensitivity of health-care information and its accessibility via the Internet and mobile technology systems is a cause for concern in these modern times. The privacy, integrity and confidentiality of a patient’s data are key factors to be considered in the transmission of medical information for use by authorised health-care personnel. Mobile communication has enabled medical consultancy, treatment, drug administration and the provision of laboratory results to take place outside the hosp...

Service oriented architecture governance tools within information security

OpenAIRE

2012-01-01

M.Tech. Service Oriented Architecture has many advantages. For example, organisations can align business with Information Technology, reuse the developed functionality, reduce development and maintain cost for applications. Organisations adopt Service Oriented Architecture with the aim of automating and integrating business processes. However, it has information security vulnerabilities that should be considered. For example, applications exchange information across the Internet, where it ...

Reliable Collaborative Filtering on Spatio-Temporal Privacy Data

Directory of Open Access Journals (Sweden)

Zhen Liu

2017-01-01

Full Text Available Lots of multilayer information, such as the spatio-temporal privacy check-in data, is accumulated in the location-based social network (LBSN. When using the collaborative filtering algorithm for LBSN location recommendation, one of the core issues is how to improve recommendation performance by combining the traditional algorithm with the multilayer information. The existing approaches of collaborative filtering use only the sparse user-item rating matrix. It entails high computational complexity and inaccurate results. A novel collaborative filtering-based location recommendation algorithm called LGP-CF, which takes spatio-temporal privacy information into account, is proposed in this paper. By mining the users check-in behavior pattern, the dataset is segmented semantically to reduce the data size that needs to be computed. Then the clustering algorithm is used to obtain and narrow the set of similar users. User-location bipartite graph is modeled using the filtered similar user set. Then LGP-CF can quickly locate the location and trajectory of users through message propagation and aggregation over the graph. Through calculating users similarity by spatio-temporal privacy data on the graph, we can finally calculate the rating of recommendable locations. Experiments results on the physical clusters indicate that compared with the existing algorithms, the proposed LGP-CF algorithm can make recommendations more accurately.

Design and Application of an Intelligent Agent for Web Information Discovery

Institute of Scientific and Technical Information of China (English)

闵君; 冯珊; 唐超; 许立达

2003-01-01

With the propagation of applications on the internet, the internet has become a great information source which supplies users with valuable information. But it is hard for users to quickly acquire the right information on the web. This paper an intelligent agent for internet applications to retrieve and extract web information under user's guidance. The intelligent agent is made up of a retrieval script to identify web sources, an extraction script based on the document object model to express extraction process, a data translator to export the extracted information into knowledge bases with frame structures, and a data reasoning to reply users' questions. A GUI tool named Script Writer helps to generate the extraction script visually, and knowledge rule databases help to extract wanted information and to generate the answer to questions.

Privacy amplification for quantum key distribution

International Nuclear Information System (INIS)

Watanabe, Yodai

2007-01-01

This paper examines classical privacy amplification using a universal family of hash functions. In quantum key distribution, the adversary's measurement can wait until the choice of hash functions is announced, and so the adversary's information may depend on the choice. Therefore the existing result on classical privacy amplification, which assumes the independence of the choice from the other random variables, is not applicable to this case. This paper provides a security proof of privacy amplification which is valid even when the adversary's information may depend on the choice of hash functions. The compression rate of the proposed privacy amplification can be taken to be the same as that of the existing one with an exponentially small loss in secrecy of a final key. (fast track communication)

Privacy for Sale?

DEFF Research Database (Denmark)

Sørensen, Lene Tolstrup; Sørensen, Jannick Kirk; Khajuria, Samant

Data brokers have become central players in the collection online of private user data. Data brokers’ activities are however not very transparent or even known by users. Many users regard privacy a central element when they use online services. Based on 12 short interviews with users, this paper...... analyses how users perceive the concept of online privacy in respect to data brokers col- lection of private data, and particularly novel services that offer users the possi- bility to sell their private data. Two groups of users are identified: Those who are considering selling their data under specific...... conditions, and those who reject the idea completely. Based on the literature we identify two positions to privacy either as an instrumental good, or as an intrinsic good. The paper positions vari- ous user perceptions on privacy that are relevant for future service develop- ment....

OntoTrader: An Ontological Web Trading Agent Approach for Environmental Information Retrieval

Directory of Open Access Journals (Sweden)

Luis Iribarne

2014-01-01

Full Text Available Modern Web-based Information Systems (WIS are becoming increasingly necessary to provide support for users who are in different places with different types of information, by facilitating their access to the information, decision making, workgroups, and so forth. Design of these systems requires the use of standardized methods and techniques that enable a common vocabulary to be defined to represent the underlying knowledge. Thus, mediation elements such as traders enrich the interoperability of web components in open distributed systems. These traders must operate with other third-party traders and/or agents in the system, which must also use a common vocabulary for communication between them. This paper presents the OntoTrader architecture, an Ontological Web Trading agent based on the OMG ODP trading standard. It also presents the ontology needed by some system agents to communicate with the trading agent and the behavioral framework for the SOLERES OntoTrader agent, an Environmental Management Information System (EMIS. This framework implements a “Query-Searching/Recovering-Response” information retrieval model using a trading service, SPARQL notation, and the JADE platform. The paper also presents reflection, delegation and, federation mediation models and describes formalization, an experimental testing environment in three scenarios, and a tool which allows our proposal to be evaluated and validated.

A digital memories based user authentication scheme with privacy preservation.

Directory of Open Access Journals (Sweden)

JunLiang Liu

Full Text Available The traditional username/password or PIN based authentication scheme, which still remains the most popular form of authentication, has been proved insecure, unmemorable and vulnerable to guessing, dictionary attack, key-logger, shoulder-surfing and social engineering. Based on this, a large number of new alternative methods have recently been proposed. However, most of them rely on users being able to accurately recall complex and unmemorable information or using extra hardware (such as a USB Key, which makes authentication more difficult and confusing. In this paper, we propose a Digital Memories based user authentication scheme adopting homomorphic encryption and a public key encryption design which can protect users' privacy effectively, prevent tracking and provide multi-level security in an Internet & IoT environment. Also, we prove the superior reliability and security of our scheme compared to other schemes and present a performance analysis and promising evaluation results.

A Framework for Agent-based Human Interaction Support

Directory of Open Access Journals (Sweden)

Axel Bürkle

2008-10-01

Full Text Available In this paper we describe an agent-based infrastructure for multimodal perceptual systems which aims at developing and realizing computer services that are delivered to humans in an implicit and unobtrusive way. The framework presented here supports the implementation of human-centric context-aware applications providing non-obtrusive assistance to participants in events such as meetings, lectures, conferences and presentations taking place in indoor "smart spaces". We emphasize on the design and implementation of an agent-based framework that supports "pluggable" service logic in the sense that the service developer can concentrate on coding the service logic independently of the underlying middleware. Furthermore, we give an example of the architecture's ability to support the cooperation of multiple services in a meeting scenario using an intelligent connector service and a semantic web oriented travel service.

Guaranteeing Privacy-Observing Data Exchange

DEFF Research Database (Denmark)

Probst, Christian W.

2016-01-01

Privacy is a major concern in large of parts of the world when exchanging information. Ideally, we would like to be able to have fine-grained control about how information that we deem sensitive can be propagated and used. While privacy policy languages exist, it is not possible to control whether...... the entity that receives data is living up to its own policy specification. In this work we present our initial work on an approach that empowers data owners to specify their privacy preferences, and data consumers to specify their data needs. Using a static analysis of the two specifications, our approach...... then finds a communication scheme that complies with these preferences and needs. While applicable to online transactions, the same techniques can be used in development of IT systems dealing with sensitive data. To the best of our knowledge, no existing privacy policy languages supports negotiation...

An OAIS-Based Hospital Information System on the Cloud: Analysis of a NoSQL Column-Oriented Approach.