WorldWideScience

Sample records for public key privacy

  1. Privacy amplification for quantum key distribution

    International Nuclear Information System (INIS)

    Watanabe, Yodai

    2007-01-01

    This paper examines classical privacy amplification using a universal family of hash functions. In quantum key distribution, the adversary's measurement can wait until the choice of hash functions is announced, and so the adversary's information may depend on the choice. Therefore the existing result on classical privacy amplification, which assumes the independence of the choice from the other random variables, is not applicable to this case. This paper provides a security proof of privacy amplification which is valid even when the adversary's information may depend on the choice of hash functions. The compression rate of the proposed privacy amplification can be taken to be the same as that of the existing one with an exponentially small loss in secrecy of a final key. (fast track communication)

  2. 77 FR 31371 - Public Workshop: Privacy Compliance Workshop

    Science.gov (United States)

    2012-05-25

    ... presentations, including the privacy compliance fundamentals, privacy and data security, and the privacy... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary Public Workshop: Privacy Compliance... Homeland Security Privacy Office will host a public workshop, ``Privacy Compliance Workshop.'' DATES: The...

  3. Public privacy: Reciprocity and Silence

    Directory of Open Access Journals (Sweden)

    Jenny Kennedy

    2014-10-01

    Full Text Available In his 1958 poem 'Dedication to my Wife' TS Eliot proclaims "these are private words addressed to you in public". Simultaneously written for his wife, Valerie Fletcher, and to the implied you of a discourse network, Eliot's poem helps to illustrate the narrative voices and silences that are constitutive of an intimate public sphere. This paper situates reciprocity as a condition of possibility for public privacy. It shows how reciprocity is enabled by systems of code operating through material and symbolic registers. Code promises to control communication, to produce neutral, systemic forms of meaning. Yet such automation is challenged by uneven and fragmented patterns of reciprocity. Moreover, examining the media of public privacy reveals historical trajectories important for understanding contemporary socio­technical platforms of reciprocity. To explore the implicit requirement of reciprocity in publicly private practices, three sites of communication are investigated framed by a media archaeology perspective: postal networks, the mail­art project PostSecret and the anonymous zine 'You'.

  4. Public Key Infrastructure Study

    National Research Council Canada - National Science Library

    Berkovits, Shimshon

    1994-01-01

    The National Institute of Standards and Technology (NIST) has tasked The MITRE Corporation to study the alternatives for automated management of public keys and of the associated public key certificates for the Federal Government...

  5. Public Key Cryptography.

    Science.gov (United States)

    Tapson, Frank

    1996-01-01

    Describes public key cryptography, also known as RSA, which is a system using two keys, one used to put a message into cipher and another used to decipher the message. Presents examples using small prime numbers. (MKR)

  6. 75 FR 28051 - Public Workshop: Pieces of Privacy

    Science.gov (United States)

    2010-05-19

    ... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary Public Workshop: Pieces of Privacy AGENCY: Privacy Office, DHS. ACTION: Notice announcing public workshop. SUMMARY: The Department of Homeland Security Privacy Office will host a public workshop, ``Pieces of Privacy.'' DATES: The workshop will be...

  7. Youth, Privacy and Online Media: Framing the right to privacy in public policy-making

    DEFF Research Database (Denmark)

    Hasselbalch, Gry; Jørgensen, Rikke Frank

    2015-01-01

    debate. It presents the results of a qualitative study amongst 68 Danish high school students concerning how they perceive, negotiate and control their private sphere when using social media and builds a case for utilizing the results of studies as this to inform the ongoing policy discourses concerning...... policy making that the right to privacy is challenged in new ways in a structurally transformed online public sphere, the way in which it has been framed does not seem to acknowledge this transformation. This paper therefore argues for a reformulation of “online privacy” in the current global policy......The right to privacy is a fundamental human right defined in international and regional human rights instruments. As such it has been included as a core component of key legislature and policy proceedings throughout the brief history of the World Wide Web. While it is generally recognized in public...

  8. Anonymity-Preserving Public-Key Encryption

    DEFF Research Database (Denmark)

    Kohlweiss, Markulf; Maurer, Ueli; Onete, Cristina

    2013-01-01

    security properties have been proposed. We investigate constructions as well as limitations for preserving receiver anonymity when using public-key encryption (PKE). We use the constructive cryptography approach by Maurer and Renner and interpret cryptographic schemes as constructions of a certain ideal...... literature (IND-CCA, key-privacy, weak robustness). We also show that a desirable stronger variant, preventing the adversary from selective ”trial-deliveries” of messages, is unfortunately unachievable by any PKE scheme, no matter how strong. The constructive approach makes the guarantees achieved...... by applying a cryptographic scheme explicit in the constructed (ideal) resource; this specifies the exact requirements for the applicability of a cryptographic scheme in a given context. It also allows to decide which of the existing security properties of such a cryptographic scheme are adequate...

  9. Privacy with Public Access: Digital Memorials on QR Codes

    DEFF Research Database (Denmark)

    Gotved, Stine

    2015-01-01

    takes the departure in gravestones with QR-codes; objects at once physical and digital, underhandedly putting presumably private content within public reach. A plethora of issues of privacy and publicness are at play within the study's two connected but rather different empirical spaces: the physical...... in the borderland between private and public is exemplified, and with the presentation, we are ensuring a continued discussion on privacy as well as legacy in our digital society....

  10. Exploring the Perceived Measures of Privacy: RFID in Public Applications

    Directory of Open Access Journals (Sweden)

    Mohammad Alamgir Hossain

    2014-06-01

    Full Text Available The purpose of this study is to explore the measures that may protect privacy of the users - in the context of RFID use in public applications. More specifically, this study investigates what the users perceive to have securing their privacy, particularly for the RFID applications in public uses. Qualitative research approach has been utilised for this study. The author conducted two focus-group discussion sessions and eight in-depth interviews in two countries: one from Australasia region (Australia and the other from Asia (Bangladesh, assuming that the status, and the perceptions and tolerance of the citizens on privacy issues are different in the stated regions. The explored factors have been analysed from privacy perspectives. The findings show that, in developed and developing countries, the basic perceptions of the users on privacy protection are complimentary; however, privacy is a more serious concern in Australia than in Bangladesh. Data analysis proposed some attributes that may improve users’ privacy perceptions when RFID is used in public applications. This study is the single initiative that focuses on privacy of RFID users from national-use context. As practical implication, the proposed attributes can be exercised by the deploying agencies that implement RFID technology for citizens’ use.

  11. Big Data in Public Health: Terminology, Machine Learning, and Privacy.

    Science.gov (United States)

    Mooney, Stephen J; Pejaver, Vikas

    2018-04-01

    The digital world is generating data at a staggering and still increasing rate. While these "big data" have unlocked novel opportunities to understand public health, they hold still greater potential for research and practice. This review explores several key issues that have arisen around big data. First, we propose a taxonomy of sources of big data to clarify terminology and identify threads common across some subtypes of big data. Next, we consider common public health research and practice uses for big data, including surveillance, hypothesis-generating research, and causal inference, while exploring the role that machine learning may play in each use. We then consider the ethical implications of the big data revolution with particular emphasis on maintaining appropriate care for privacy in a world in which technology is rapidly changing social norms regarding the need for (and even the meaning of) privacy. Finally, we make suggestions regarding structuring teams and training to succeed in working with big data in research and practice.

  12. Fast implementation of length-adaptive privacy amplification in quantum key distribution

    International Nuclear Information System (INIS)

    Zhang Chun-Mei; Li Mo; Huang Jing-Zheng; Li Hong-Wei; Li Fang-Yi; Wang Chuan; Yin Zhen-Qiang; Chen Wei; Han Zhen-Fu; Treeviriyanupab Patcharapong; Sripimanwat Keattisak

    2014-01-01

    Post-processing is indispensable in quantum key distribution (QKD), which is aimed at sharing secret keys between two distant parties. It mainly consists of key reconciliation and privacy amplification, which is used for sharing the same keys and for distilling unconditional secret keys. In this paper, we focus on speeding up the privacy amplification process by choosing a simple multiplicative universal class of hash functions. By constructing an optimal multiplication algorithm based on four basic multiplication algorithms, we give a fast software implementation of length-adaptive privacy amplification. “Length-adaptive” indicates that the implementation of privacy amplification automatically adapts to different lengths of input blocks. When the lengths of the input blocks are 1 Mbit and 10 Mbit, the speed of privacy amplification can be as fast as 14.86 Mbps and 10.88 Mbps, respectively. Thus, it is practical for GHz or even higher repetition frequency QKD systems. (general)

  13. Deducing trapdoor primitives in public key encryption schemes

    Science.gov (United States)

    Pandey, Chandra

    2005-03-01

    Semantic security of public key encryption schemes is often interchangeable with the art of building trapdoors. In the frame of reference of Random Oracle methodology, the "Key Privacy" and "Anonymity" has often been discussed. However to a certain degree the security of most public key encryption schemes is required to be analyzed with formal proofs using one-way functions. This paper evaluates the design of El Gamal and RSA based schemes and attempts to parallelize the trapdoor primitives used in the computation of the cipher text, thereby magnifying the decryption error δp in the above schemes.

  14. Enhanced Internet Mobility and Privacy Using Public Cloud

    Directory of Open Access Journals (Sweden)

    Ping Zhang

    2017-01-01

    Full Text Available Internet mobile users are concerned more and more about their privacy nowadays as both researches and real world incidents show that leaking of communication and location privacy can lead to serious consequence, and many research works have been done to anonymize individual user from aggregated location data. However, just the communication itself between the mobile users and their peers or website could collect considerable privacy of the mobile users, such as location history, to other parties. In this paper, we investigated the potential privacy risk of mobile Internet users and proposed a scalable system built on top of public cloud services that can hide mobile user’s network location and traffic from communication peers. This system creates a dynamic distributed proxy network for each mobile user to minimize performance overhead and operation cost.

  15. 78 FR 18932 - Public Meeting: Unmanned Aircraft Systems Test Site Program; Privacy Approach

    Science.gov (United States)

    2013-03-28

    ... discussion about which privacy issues are raised by UAS operations and how law, public policy, and the...-0061] Public Meeting: Unmanned Aircraft Systems Test Site Program; Privacy Approach AGENCY: Federal... a public engagement session on Wednesday, April 3, 2013, on the proposed privacy policy approach for...

  16. Secret-key rates and privacy leakage in biometric systems

    NARCIS (Netherlands)

    Ignatenko, T.

    2009-01-01

    In this thesis both the generation of secret keys from biometric data and the binding of secret keys to biometric data are investigated. These secret keys can be used to regulate access to sensitive data, services, and environments. In a biometric secrecy system a secret key is generated or chosen

  17. Privacy for Key-Trees with Adaptive Adversaries

    NARCIS (Netherlands)

    Beye, M.; Veugen, P.J.M.

    2011-01-01

    Hash-lock authentication protocols for Radio Frequency IDentification (RFID) tags incur heavy search on the server. Key-trees have been proposed as a way to reduce search times, but because partial keys in such trees are shared, key compromise affects several tags. Butty´an [3] and Beye and Veugen

  18. Concurrently Deniable Group Key Agreement and Its Application to Privacy-Preserving VANETs

    Directory of Open Access Journals (Sweden)

    Shengke Zeng

    2018-01-01

    Full Text Available VANETs need secure communication. Authentication in VANETs resists the attack on the receipt of false information. Authenticated group key agreement (GKA is used to establish a confidential and authenticated communication channel for the multiple vehicles. However, authentication incurs privacy leakage, that is, by using digital signature. Therefore, the deniability is deserved for GKA (which is termed as DGKA due to the privacy protection. In the DGKA protocol, each participant interacts with intended partners to establish a common group session key. After this agreement session, each participant can not only be regarded as the intended sender but also deny that it has ever participated in this session. Therefore, under this established key, vehicles send confidential messages with authentication property and the deniability protects the vehicles privacy. We present a novel transformation from an unauthenticated group key agreement to a deniable (authenticated group key agreement without increasing communication round. Our full deniability is achieved even in the concurrent setting which suits the Internet environment. In addition, we design an authenticated and privacy-preserving communication protocol for VANETs by using the proposed deniable group key agreement.

  19. Privacy, confidentiality and abortion statistics: a question of public interest?

    Science.gov (United States)

    McHale, Jean V; Jones, June

    2012-01-01

    The precise nature and scope of healthcare confidentiality has long been the subject of debate. While the obligation of confidentiality is integral to professional ethical codes and is also safeguarded under English law through the equitable remedy of breach of confidence, underpinned by the right to privacy enshrined in Article 8 of the Human Rights Act 1998, it has never been regarded as absolute. But when can and should personal information be made available for statistical and research purposes and what if the information in question is highly sensitive information, such as that relating to the termination of pregnancy after 24 weeks? This article explores the case of In the Matter of an Appeal to the Information Tribunal under section 57 of the Freedom of Information Act 2000, concerning the decision of the Department of Health to withhold some statistical data from the publication of its annual abortion statistics. The specific data being withheld concerned the termination for serious fetal handicap under section 1(1)d of the Abortion Act 1967. The paper explores the implications of this case, which relate both to the nature and scope of personal privacy. It suggests that lessons can be drawn from this case about public interest and use of statistical information and also about general policy issues concerning the legal regulation of confidentiality and privacy in the future.

  20. Privacy authentication using key attribute-based encryption in mobile cloud computing

    Science.gov (United States)

    Mohan Kumar, M.; Vijayan, R.

    2017-11-01

    Mobile Cloud Computing is becoming more popular in nowadays were users of smartphones are getting increased. So, the security level of cloud computing as to be increased. Privacy Authentication using key-attribute based encryption helps the users for business development were the data sharing with the organization using the cloud in a secured manner. In Privacy Authentication the sender of data will have permission to add their receivers to whom the data access provided for others the access denied. In sender application, the user can choose the file which is to be sent to receivers and then that data will be encrypted using Key-attribute based encryption using AES algorithm. In which cipher created, and that stored in Amazon Cloud along with key value and the receiver list.

  1. Mathematical Background of Public Key Cryptography

    DEFF Research Database (Denmark)

    Frey, Gerhard; Lange, Tanja

    2005-01-01

    The two main systems used for public key cryptography are RSA and protocols based on the discrete logarithm problem in some cyclic group. We focus on the latter problem and state cryptographic protocols and mathematical background material.......The two main systems used for public key cryptography are RSA and protocols based on the discrete logarithm problem in some cyclic group. We focus on the latter problem and state cryptographic protocols and mathematical background material....

  2. Public key infrastructure for DOE security research

    Energy Technology Data Exchange (ETDEWEB)

    Aiken, R.; Foster, I.; Johnston, W.E. [and others

    1997-06-01

    This document summarizes the Department of Energy`s Second Joint Energy Research/Defence Programs Security Research Workshop. The workshop, built on the results of the first Joint Workshop which reviewed security requirements represented in a range of mission-critical ER and DP applications, discussed commonalties and differences in ER/DP requirements and approaches, and identified an integrated common set of security research priorities. One significant conclusion of the first workshop was that progress in a broad spectrum of DOE-relevant security problems and applications could best be addressed through public-key cryptography based systems, and therefore depended upon the existence of a robust, broadly deployed public-key infrastructure. Hence, public-key infrastructure ({open_quotes}PKI{close_quotes}) was adopted as a primary focus for the second workshop. The Second Joint Workshop covered a range of DOE security research and deployment efforts, as well as summaries of the state of the art in various areas relating to public-key technologies. Key findings were that a broad range of DOE applications can benefit from security architectures and technologies built on a robust, flexible, widely deployed public-key infrastructure; that there exists a collection of specific requirements for missing or undeveloped PKI functionality, together with a preliminary assessment of how these requirements can be met; that, while commercial developments can be expected to provide many relevant security technologies, there are important capabilities that commercial developments will not address, due to the unique scale, performance, diversity, distributed nature, and sensitivity of DOE applications; that DOE should encourage and support research activities intended to increase understanding of security technology requirements, and to develop critical components not forthcoming from other sources in a timely manner.

  3. Public-key encryption with chaos

    Science.gov (United States)

    Kocarev, Ljupco; Sterjev, Marjan; Fekete, Attila; Vattay, Gabor

    2004-12-01

    We propose public-key encryption algorithms based on chaotic maps, which are generalization of well-known and commercially used algorithms: Rivest-Shamir-Adleman (RSA), ElGamal, and Rabin. For the case of generalized RSA algorithm we discuss in detail its software implementation and properties. We show that our algorithm is as secure as RSA algorithm.

  4. Number Theory and Public-Key Cryptography.

    Science.gov (United States)

    Lefton, Phyllis

    1991-01-01

    Described are activities in the study of techniques used to conceal the meanings of messages and data. Some background information and two BASIC programs that illustrate the algorithms used in a new cryptographic system called "public-key cryptography" are included. (CW)

  5. Certificateless Public Auditing with Privacy Preserving for Cloud-Assisted Wireless Body Area Networks

    Directory of Open Access Journals (Sweden)

    Baoyuan Kang

    2017-01-01

    Full Text Available With cloud computing being integrated with wireless body area networks, the digital ecosystem called cloud-assisted WBAN was proposed. In cloud-assisted medical systems, the integrity of the stored data is important. Recently, based on certificateless public key cryptography, He et al. proposed a certificateless public auditing scheme for cloud-assisted WBANs. But He et al.’s scheme is not a scheme with privacy preserving. After many checks on some of the same data blocks, the auditor can derive these data blocks. In this paper, we propose a certificateless public auditing scheme with privacy preserving for cloud-assisted WBANs. In the proof phase of the proposed scheme, the proof information is protected from being directly exposed to the auditor. So, the curious auditor could not derive the data blocks. We also prove that the proposed scheme is secure in the random oracle model under the assumption that the Diffie-Hellman problem is hard, and we give a comparison of the proposed scheme with He et al.’s scheme in terms of security and computation cost.

  6. Public Opinion about the Importance of Privacy in Biobank Research

    Science.gov (United States)

    Kaufman, David J.; Murphy-Bollinger, Juli; Scott, Joan; Hudson, Kathy L.

    2009-01-01

    Concerns about privacy may deter people from participating in genetic research. Recruitment and retention of biobank participants requires understanding the nature and magnitude of these concerns. Potential participants in a proposed biobank were asked about their willingness to participate, their privacy concerns, informed consent, and data sharing. A representative survey of 4659 U.S. adults was conducted. Ninety percent of respondents would be concerned about privacy, 56% would be concerned about researchers having their information, and 37% would worry that study data could be used against them. However, 60% would participate in the biobank if asked. Nearly half (48%) would prefer to provide consent once for all research approved by an oversight panel, whereas 42% would prefer to provide consent for each project separately. Although 92% would allow academic researchers to use study data, 80% and 75%, respectively, would grant access to government and industry researchers. Concern about privacy was related to lower willingness to participate only when respondents were told that they would receive $50 for participation and would not receive individual research results back. Among respondents who were told that they would receive $200 or individual research results, privacy concerns were not related to willingness. Survey respondents valued both privacy and participation in biomedical research. Despite pervasive privacy concerns, 60% would participate in a biobank. Assuring research participants that their privacy will be protected to the best of researchers' abilities may increase participants' acceptance of consent for broad research uses of biobank data by a wide range of researchers. PMID:19878915

  7. The Right of Privacy of Public School Employees.

    Science.gov (United States)

    Bullock, Angela; Faber, Charles F.

    A nationwide controversy over the right of privacy has arisen as a result of companies probing into their workers' habits and health through such means as mandatory drug tests, electronic databases, and lie detector tests. The legal claims arising from these civil suits against employers for invasion of privacy have established precedents that are…

  8. Health information: reconciling personal privacy with the public good of human health.

    Science.gov (United States)

    Gostin, L O

    2001-01-01

    The success of the health care system depends on the accuracy, correctness and trustworthiness of the information, and the privacy rights of individuals to control the disclosure of personal information. A national policy on health informational privacy should be guided by ethical principles that respect individual autonomy while recognizing the important collective interests in the use of health information. At present there are no adequate laws or constitutional principles to help guide a rational privacy policy. The laws are scattered and fragmented across the states. Constitutional law is highly general, without important specific safeguards. Finally, a case study is provided showing the important trade-offs that exist between public health and privacy. For a model public health law, see www.critpath.org/msphpa/privacy.

  9. The perceived impact of location privacy: A web-based survey of public health perspectives and requirements in the UK and Canada

    Directory of Open Access Journals (Sweden)

    Boulos Maged

    2008-05-01

    Full Text Available Abstract Background The "place-consciousness" of public health professionals is on the rise as spatial analyses and Geographic Information Systems (GIS are rapidly becoming key components of their toolbox. However, "place" is most useful at its most precise, granular scale – which increases identification risks, thereby clashing with privacy issues. This paper describes the views and requirements of public health professionals in Canada and the UK on privacy issues and spatial data, as collected through a web-based survey. Methods Perceptions on the impact of privacy were collected through a web-based survey administered between November 2006 and January 2007. The survey targeted government, non-government and academic GIS labs and research groups involved in public health, as well as public health units (Canada, ministries, and observatories (UK. Potential participants were invited to participate through personally addressed, standardised emails. Results Of 112 invitees in Canada and 75 in the UK, 66 and 28 participated in the survey, respectively. The completion proportion for Canada was 91%, and 86% for the UK. No response differences were observed between the two countries. Ninety three percent of participants indicated a requirement for personally identifiable data (PID in their public health activities, including geographic information. Privacy was identified as an obstacle to public health practice by 71% of respondents. The overall self-rated median score for knowledge of privacy legislation and policies was 7 out of 10. Those who rated their knowledge of privacy as high (at the median or above also rated it significantly more severe as an obstacle to research (P Conclusion The clash between PID requirements – including granular geography – and limitations imposed by privacy and its associated bureaucracy require immediate attention and solutions, particularly given the increasing utilisation of GIS in public health. Solutions

  10. Privacy-preserving public auditing for data integrity in cloud

    Science.gov (United States)

    Shaik Saleem, M.; Murali, M.

    2018-04-01

    Cloud computing which has collected extent concentration from communities of research and with industry research development, a large pool of computing resources using virtualized sharing method like storage, processing power, applications and services. The users of cloud are vend with on demand resources as they want in the cloud computing. Outsourced file of the cloud user can easily tampered as it is stored at the third party service providers databases, so there is no integrity of cloud users data as it has no control on their data, therefore providing security assurance to the users data has become one of the primary concern for the cloud service providers. Cloud servers are not responsible for any data loss as it doesn’t provide the security assurance to the cloud user data. Remote data integrity checking (RDIC) licenses an information to data storage server, to determine that it is really storing an owners data truthfully. RDIC is composed of security model and ID-based RDIC where it is responsible for the security of every server and make sure the data privacy of cloud user against the third party verifier. Generally, by running a two-party Remote data integrity checking (RDIC) protocol the clients would themselves be able to check the information trustworthiness of their cloud. Within the two party scenario the verifying result is given either from the information holder or the cloud server may be considered as one-sided. Public verifiability feature of RDIC gives the privilege to all its users to verify whether the original data is modified or not. To ensure the transparency of the publicly verifiable RDIC protocols, Let’s figure out there exists a TPA who is having knowledge and efficiency to verify the work to provide the condition clearly by publicly verifiable RDIC protocols.

  11. The Public-Key-Infrastructure of the Radiological Society of Germany

    International Nuclear Information System (INIS)

    Schuetze, B.; Kaemmerer, M.; Klos, G.; Mildenberger, P.

    2006-01-01

    Pretty Good Privacy (PGP) encoding is based on the Public-Key-Procedure and permits the safe transmission of medical data. Furthermore it allows the use of an electronic signature provided that keys used belong to the key owner and that the key owner's identity is guaranteed by a trusted third party. Under the auspices of the Radiological Society of Germany (Deutsche Roentgengesellschaft, DRG) its IT-Working Group (Arbeitsgemeinschaft fuer Informationstechnik, GIT) built up an appropriate Certification Authority including the required Public-Key-Infrastructure. These GIT certified PGP keys allow the legal use of telemedicine in Germany. Digital signatures based to those certified keys correspond to the advanced signature according to the German Signature Law

  12. The Public-Key-Infrastructure of the Radiological Society of Germany

    Energy Technology Data Exchange (ETDEWEB)

    Schuetze, B. [Johannes Gutenberg-University of Mainz, Department of Radiology, Langenbeckstr. 1, 55131 Mainz (Germany)]. E-mail: schuetze@medizin-informatik.org; Kaemmerer, M. [Johannes Gutenberg-University of Mainz, Department of Radiology, Langenbeckstr. 1, 55131 Mainz (Germany); Klos, G. [Johannes Gutenberg-University of Mainz, Department of Radiology, Langenbeckstr. 1, 55131 Mainz (Germany); Mildenberger, P. [Johannes Gutenberg-University of Mainz, Department of Radiology, Langenbeckstr. 1, 55131 Mainz (Germany)

    2006-03-15

    Pretty Good Privacy (PGP) encoding is based on the Public-Key-Procedure and permits the safe transmission of medical data. Furthermore it allows the use of an electronic signature provided that keys used belong to the key owner and that the key owner's identity is guaranteed by a trusted third party. Under the auspices of the Radiological Society of Germany (Deutsche Roentgengesellschaft, DRG) its IT-Working Group (Arbeitsgemeinschaft fuer Informationstechnik, GIT) built up an appropriate Certification Authority including the required Public-Key-Infrastructure. These GIT certified PGP keys allow the legal use of telemedicine in Germany. Digital signatures based to those certified keys correspond to the advanced signature according to the German Signature Law.

  13. Public key cryptography from weaker assumptions

    DEFF Research Database (Denmark)

    Zottarel, Angela

    This dissertation is focused on the construction of public key cryptographic primitives and on the relative security analysis in a meaningful theoretic model. This work takes two orthogonal directions. In the first part, we study cryptographic constructions preserving their security properties also...... in the case the adversary is granted access to partial information about the secret state of the primitive. To do so, we work in an extension of the standard black-box model, a new framework where possible leakage from the secret state is taken into account. In particular, we give the first construction...

  14. Low-Power Public Key Cryptography

    Energy Technology Data Exchange (ETDEWEB)

    BEAVER,CHERYL L.; DRAELOS,TIMOTHY J.; HAMILTON,VICTORIA A.; SCHROEPPEL,RICHARD C.; GONZALES,RITA A.; MILLER,RUSSELL D.; THOMAS,EDWARD V.

    2000-11-01

    This report presents research on public key, digital signature algorithms for cryptographic authentication in low-powered, low-computation environments. We assessed algorithms for suitability based on their signature size, and computation and storage requirements. We evaluated a variety of general purpose and special purpose computing platforms to address issues such as memory, voltage requirements, and special functionality for low-powered applications. In addition, we examined custom design platforms. We found that a custom design offers the most flexibility and can be optimized for specific algorithms. Furthermore, the entire platform can exist on a single Application Specific Integrated Circuit (ASIC) or can be integrated with commercially available components to produce the desired computing platform.

  15. Walled Gardens: Privacy within Public Leisure Space Online and Offline

    NARCIS (Netherlands)

    P.A. Arora (Payal)

    2012-01-01

    textabstractAbstract Social network sites are the new urban parks where people congregate, socialize and exercise leisure. Its web architectures however are being walled in, dictated by market systems and State ideologies. These cyber-enclosures are justified along the lines of privacy that garners

  16. Public/private key certification authority and key distribution. Draft

    Energy Technology Data Exchange (ETDEWEB)

    Long, J.P.; Christensen, M.J.; Sturtevant, A.P.; Johnston, W.E.

    1995-09-25

    Traditional encryption, which protects messages from prying eyes, has been used for many decades. The present concepts of encryption are built from that heritage. Utilization of modern software-based encryption techniques implies much more than simply converting files to an unreadable form. Ubiquitous use of computers and advances in encryption technology coupled with the use of wide-area networking completely changed the reasons for utilizing encryption technology. The technology demands a new and extensive infrastructure to support these functions. Full understanding of these functions, their utility and value, and the need for an infrastructure, takes extensive exposure to the new paradigm. This paper addresses issues surrounding the establishment and operation of a key management system (i.e., certification authority) that is essential to the successful implementation and wide-spread use of encryption.

  17. Privacy enhancing techniques - the key to secure communication and management of clinical and genomic data.

    Science.gov (United States)

    De Moor, G J E; Claerhout, B; De Meyer, F

    2003-01-01

    To introduce some of the privacy protection problems related to genomics based medicine and to highlight the relevance of Trusted Third Parties (TTPs) and of Privacy Enhancing Techniques (PETs) in the restricted context of clinical research and statistics. Practical approaches based on two different pseudonymisation models, both for batch and interactive data collection and exchange, are described and analysed. The growing need of managing both clinical and genetic data raises important legal and ethical challenges. Protecting human rights in the realm of privacy, while optimising research potential and other statistical activities is a challenge that can easily be overcome with the assistance of a trust service provider offering advanced privacy enabling/enhancing solutions. As such, the use of pseudonymisation and other innovative Privacy Enhancing Techniques can unlock valuable data sources.

  18. Ethics in public health research: privacy and public health at risk: public health confidentiality in the digital age.

    Science.gov (United States)

    Myers, Julie; Frieden, Thomas R; Bherwani, Kamal M; Henning, Kelly J

    2008-05-01

    Public health agencies increasingly use electronic means to acquire, use, maintain, and store personal health information. Electronic data formats can improve performance of core public health functions, but potentially threaten privacy because they can be easily duplicated and transmitted to unauthorized people. Although such security breaches do occur, electronic data can be better secured than paper records, because authentication, authorization, auditing, and accountability can be facilitated. Public health professionals should collaborate with law and information technology colleagues to assess possible threats, implement updated policies, train staff, and develop preventive engineering measures to protect information. Tightened physical and electronic controls can prevent misuse of data, minimize the risk of security breaches, and help maintain the reputation and integrity of public health agencies.

  19. Physician privacy concerns when disclosing patient data for public health purposes during a pandemic influenza outbreak.

    Science.gov (United States)

    El Emam, Khaled; Mercer, Jay; Moreau, Katherine; Grava-Gubins, Inese; Buckeridge, David; Jonker, Elizabeth

    2011-06-09

    Privacy concerns by providers have been a barrier to disclosing patient information for public health purposes. This is the case even for mandated notifiable disease reporting. In the context of a pandemic it has been argued that the public good should supersede an individual's right to privacy. The precise nature of these provider privacy concerns, and whether they are diluted in the context of a pandemic are not known. Our objective was to understand the privacy barriers which could potentially influence family physicians' reporting of patient-level surveillance data to public health agencies during the Fall 2009 pandemic H1N1 influenza outbreak. Thirty seven family doctors participated in a series of five focus groups between October 29-31 2009. They also completed a survey about the data they were willing to disclose to public health units. Descriptive statistics were used to summarize the amount of patient detail the participants were willing to disclose, factors that would facilitate data disclosure, and the consensus on those factors. The analysis of the qualitative data was based on grounded theory. The family doctors were reluctant to disclose patient data to public health units. This was due to concerns about the extent to which public health agencies are dependable to protect health information (trusting beliefs), and the possibility of loss due to disclosing health information (risk beliefs). We identified six specific actions that public health units can take which would affect these beliefs, and potentially increase the willingness to disclose patient information for public health purposes. The uncertainty surrounding a pandemic of a new strain of influenza has not changed the privacy concerns of physicians about disclosing patient data. It is important to address these concerns to ensure reliable reporting during future outbreaks.

  20. Privacy After Snowden: Theoretical Developments and Public Opinion Perceptions of Privacy in Slovenia (Zasebnost po Snowdnu: novejša pojmovanja zasebnosti in odnos javnosti do le-te v Sloveniji

    Directory of Open Access Journals (Sweden)

    Aleš Završnik

    2014-10-01

    Full Text Available The article analyses recent theorizing of privacy arising from new technologies that allow constant and ubiquitous monitoring of our communication and movement. The theoretical part analyses Helen Nissenbaum’s theory of contextual integrity of privacy and pluralistic understanding of privacy by Daniel Solove. The empirical part presents the results of an online survey on the Slovenian public perceptions of privacy that includes questions on types and frequency of victimizations relating to the right to privacy; self-reported privacy violations; concern for the protection of one’s own privacy; perception of primary privacy offenders; the value of privacy; attitude towards data retention in public telecommunication networks; and acquaintance with the Information Commissioner of RS. Despite growing distrust of large internet corporations and – after Edward Snowden’s revelations – Intelligence agencies, the findings indicate a low degree of awareness and care for the protection of personal data.

  1. Robust Public Key Cryptography — A New Cryptosystem Surviving Private Key Compromise

    Science.gov (United States)

    Shaik, Cheman

    A weakness of the present-day public key cryptosystems is that these cryptosystems do not survive private-key compromise attacks resulting from an internal breach of trust. In a competitive business environment, private key compromise is a common incident that voids the strength of public key cryptosystems such as RSA and ECC. Bribing corporate employees to disclose their secret keys and inadvertently disclosing secret information are among a plethora of practical attacks that occur at the implementation level. Once a breach of trust takes place and subsequently the private key is revealed, any public key cryptosystem fails to secure electronic data in Internet communications. The revealed key may be used by an attacker to decipher the intercepted data at an intermediary router. This weakness of public key cryptography calls for an additional security measure that enables encryptions to survive private key compromise attacks.

  2. Privacy impact assessment in the design of transnational public health information systems: the BIRO project.

    Science.gov (United States)

    Di Iorio, C T; Carinci, F; Azzopardi, J; Baglioni, V; Beck, P; Cunningham, S; Evripidou, A; Leese, G; Loevaas, K F; Olympios, G; Federici, M Orsini; Pruna, S; Palladino, P; Skeie, S; Taverner, P; Traynor, V; Benedetti, M Massi

    2009-12-01

    To foster the development of a privacy-protective, sustainable cross-border information system in the framework of a European public health project. A targeted privacy impact assessment was implemented to identify the best architecture for a European information system for diabetes directly tapping into clinical registries. Four steps were used to provide input to software designers and developers: a structured literature search, analysis of data flow scenarios or options, creation of an ad hoc questionnaire and conduction of a Delphi procedure. The literature search identified a core set of relevant papers on privacy (n = 11). Technicians envisaged three candidate system architectures, with associated data flows, to source an information flow questionnaire that was submitted to the Delphi panel for the selection of the best architecture. A detailed scheme envisaging an "aggregation by group of patients" was finally chosen, based upon the exchange of finely tuned summary tables. Public health information systems should be carefully engineered only after a clear strategy for privacy protection has been planned, to avoid breaching current regulations and future concerns and to optimise the development of statistical routines. The BIRO (Best Information Through Regional Outcomes) project delivers a specific method of privacy impact assessment that can be conveniently used in similar situations across Europe.

  3. Conceptualising space and place : Lessons from geography for the debate on privacy in public

    NARCIS (Netherlands)

    Koops, Bert-Jaap; Galic, Masa; Timan, Tjerk; Newell, Bryce; Koops, Bert-Jaap

    2017-01-01

    This contribution aims to open up the rich literature on the conceptualisation of space and place, primarily from the field of geography, for scholars in other disciplines, in particular legal and governance scholars engaged in the debate on (the right to) privacy in public spaces. Although there is

  4. EPA's Public Access Website Children’s Privacy and Copyright Issues

    Science.gov (United States)

    This document establishes the policy for protecting the privacy of children on EPA’s Public Access Web site. It concerns the collection, both online and off, of information from ages 13 and under, and the display of Personally Identifying Information (PII)

  5. Assessing privacy risks in population health publications using a checklist-based approach.

    Science.gov (United States)

    O'Keefe, Christine M; Ickowicz, Adrien; Churches, Tim; Westcott, Mark; O'Sullivan, Maree; Khan, Atikur

    2017-11-10

    Recent growth in the number of population health researchers accessing detailed datasets, either on their own computers or through virtual data centers, has the potential to increase privacy risks. In response, a checklist for identifying and reducing privacy risks in population health analysis outputs has been proposed for use by researchers themselves. In this study we explore the usability and reliability of such an approach by investigating whether different users identify the same privacy risks on applying the checklist to a sample of publications. The checklist was applied to a sample of 100 academic population health publications distributed among 5 readers. Cohen's κ was used to measure interrater agreement. Of the 566 instances of statistical output types found in the 100 publications, the most frequently occurring were counts, summary statistics, plots, and model outputs. Application of the checklist identified 128 outputs (22.6%) with potential privacy concerns. Most of these were associated with the reporting of small counts. Among these identified outputs, the readers found no substantial actual privacy concerns when context was taken into account. Interrater agreement for identifying potential privacy concerns was generally good. This study has demonstrated that a checklist can be a reliable tool to assist researchers with anonymizing analysis outputs in population health research. This further suggests that such an approach may have the potential to be developed into a broadly applicable standard providing consistent confidentiality protection across multiple analyses of the same data. © The Author 2017. Published by Oxford University Press on behalf of the American Medical Informatics Association. All rights reserved. For Permissions, please email: journals.permissions@oup.com

  6. Privacy, autonomy, and public policy: French and North American perspectives.

    Science.gov (United States)

    Merchant, Jennifer

    2016-12-01

    This article raises the question of whether in both the United States and in France, an individual's autonomy and private decision-making right(s) in matters of health care and access to reproductive technologies can be conciliated with the general interest, and more specifically, the role of the State. Can a full-fledged right to privacy, the ability to exercise one's autonomy, exist alongside the general interest, and depend neither on financial resources like in the United States nor on centralised government decisions or the medical hierarchy like in France? The contrast between these two modern democracies justify the importance of comparing them. I will demonstrate that overlaps do exist: the free exercise of religion and opinion, freedom of expression, the inherent value of each individual. What differs, however, are the institutions and how they provide, protect, promote, or frame access to and expressions of these democratic principles. The impact of the global economy, the exposure of people around the world to each other via the internet, and the mirror effects of social media, blogs, and other such forums, have created new perspectives that countries project onto one another. For example, does France now seem to tout 'autonomy' as a new and important value because it appears to be an 'American success story'? Does the United States now seem to value human rights and a social-democratic approach because of the 'French model'? There seems to be some truth behind these assertions, but as this article will demonstrate, the portrayals of what the 'right to privacy' is in the United States and what 'socialised medicine' is in France are not necessarily fully accurate.

  7. Privacy, security, and the public health researcher in the era of electronic health record research.

    Science.gov (United States)

    Goldstein, Neal D; Sarwate, Anand D

    2016-01-01

    Health data derived from electronic health records are increasingly utilized in large-scale population health analyses. Going hand in hand with this increase in data is an increasing number of data breaches. Ensuring privacy and security of these data is a shared responsibility between the public health researcher, collaborators, and their institutions. In this article, we review the requirements of data privacy and security and discuss epidemiologic implications of emerging technologies from the computer science community that can be used for health data. In order to ensure that our needs as researchers are captured in these technologies, we must engage in the dialogue surrounding the development of these tools.

  8. Key management of the double random-phase-encoding method using public-key encryption

    Science.gov (United States)

    Saini, Nirmala; Sinha, Aloka

    2010-03-01

    Public-key encryption has been used to encode the key of the encryption process. In the proposed technique, an input image has been encrypted by using the double random-phase-encoding method using extended fractional Fourier transform. The key of the encryption process have been encoded by using the Rivest-Shamir-Adelman (RSA) public-key encryption algorithm. The encoded key has then been transmitted to the receiver side along with the encrypted image. In the decryption process, first the encoded key has been decrypted using the secret key and then the encrypted image has been decrypted by using the retrieved key parameters. The proposed technique has advantage over double random-phase-encoding method because the problem associated with the transmission of the key has been eliminated by using public-key encryption. Computer simulation has been carried out to validate the proposed technique.

  9. Public information. Key issue paper no. 5

    International Nuclear Information System (INIS)

    Kyd, D.

    2000-01-01

    Nuclear power was welcomed from the outset because it promised highly economic and convenient energy, especially electricity. Even today, nuclear projects espoused by developing nations can stimulate enthusiasm and national pride. However, public unease concerning nuclear power safety was magnified by the accidents at Three Mile Island in 1979 and Chernobyl in 1986. The perceived problem of transport and long term storage of nuclear waste has added to public concerns, as has the risk of the possible proliferation of nuclear weapons. Public information strategies must recognize and seek to address these fears by pointing to the many cumulative years of trouble-free nuclear operations and by stressing the strict rules and oversight designed to protect workers and the public from accidents and radioactive releases. It is against this background that the following material has been compiled. It comes from a variety of sources and reflects the experience mainly of industrialized countries that have national nuclear programs. It is important to underline that it is descriptive rather than prescriptive in nature for two reasons: first, the IAEA is essentially a forum for pooling collective knowledge in this as in other fields; and secondly, the IAEA would not presume to offer a universal formula, since national circumstances vary according to specific political, demographic, social and other factors. Hence only certain parts of this paper may be of direct relevance to any given national situation. (author)

  10. Public health - threats, concerns and key actions

    DEFF Research Database (Denmark)

    Czeskleba-Dupont, Rolf

    Public health is discussed departing from priorities related to the precautionary principle with special reference to air pollution from wood burning in individual stoves and the susceptibility of vulnerable groups, i.a. people with genetic predispositions for a lack of detoxifying capacity....

  11. Architectural Building A Public Key Infrastructure Integrated Information Space

    Directory of Open Access Journals (Sweden)

    Vadim Ivanovich Korolev

    2015-10-01

    Full Text Available The article keeps under consideration the mattersto apply the cryptographic system having a public key to provide information security and to implya digital signature. It performs the analysis of trust models at the formation of certificates and their use. The article describes the relationships between the trust model and the architecture public key infrastructure. It contains conclusions in respect of the options for building the public key infrastructure for integrated informationspace.

  12. 76 FR 12398 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Bureau of the Public Debt (BPD...

    Science.gov (United States)

    2011-03-07

    ... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2010-0034] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Bureau of the Public Debt (BPD))--Match Number 1304 AGENCY: Social Security... as shown above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection...

  13. Using routinely collected health data for surveillance, quality improvement and research: Framework and key questions to assess ethics, privacy and data access.

    Science.gov (United States)

    De Lusignan, Simon; Liyanage, Harshana; Di Iorio, Concetta Tania; Chan, Tom; Liaw, Siaw-Teng

    2016-01-19

    The use of health data for public health, surveillance, quality improvement and research is crucial to improve health systems and health care. However, bodies responsible for privacy and ethics often limit access to routinely collected health data. Ethical approvals, issues around protecting privacy and data access are often dealt with by different layers of regulations, making approval processes appear disjointed. To create a comprehensive framework for defining the ethical and privacy status of a project and for providing guidance on data access. The framework comprises principles and related questions. The core of the framework will be built using standard terminology definitions such as ethics-related controlled vocabularies and regional directives. It is built in this way to reduce ambiguity between different definitions. The framework is extensible: principles can be retired or added to, as can their related questions. Responses to these questions should allow data processors to define ethical issues, privacy risk and other unintended consequences. The framework contains three steps: (1) identifying possible ethical and privacy principles relevant to the project; (2) providing ethics and privacy guidance questions that inform the type of approval needed; and (3) assessing case-specific ethics and privacy issues. The outputs from this process should inform whether the balance between public interests and privacy breach and any ethical considerations are tipped in favour of societal benefits. If they are then this should be the basis on which data access is permitted. Tightly linking ethical principles to governance and data access may help maintain public trust.

  14. Cancer surveillance and information: balancing public health with privacy and confidentiality concerns (United States).

    Science.gov (United States)

    Deapen, Dennis

    2006-06-01

    Rapid advances in informatics and communication technologies are greatly expanding the capacity for information capture and transportation. While these tools can be used for great good, they also offer new opportunities for those who seek to obtain and use information for improper purposes. While issues related to identity theft for financial gain garner the most attention, protection of privacy in public health endeavors such as cancer surveillance is also a significant concern. Some efforts to protect health-related information have had unintended consequences detrimental to health research and public health practice. Achieving a proper balance between measures to protect privacy and the ability to guard and improve public health requires careful consideration and development of appropriate policies, regulations and use of technology.

  15. Key Distribution and Changing Key Cryptosystem Based on Phase Retrieval Algorithm and RSA Public-Key Algorithm

    Directory of Open Access Journals (Sweden)

    Tieyu Zhao

    2015-01-01

    Full Text Available The optical image encryption has attracted more and more researchers’ attention, and the various encryption schemes have been proposed. In existing optical cryptosystem, the phase functions or images are usually used as the encryption keys, and it is difficult that the traditional public-key algorithm (such as RSA, ECC, etc. is used to complete large numerical key transfer. In this paper, we propose a key distribution scheme based on the phase retrieval algorithm and the RSA public-key algorithm, which solves the problem for the key distribution in optical image encryption system. Furthermore, we also propose a novel image encryption system based on the key distribution principle. In the system, the different keys can be used in every encryption process, which greatly improves the security of the system.

  16. Documenting death: public access to government death records and attendant privacy concerns.

    Science.gov (United States)

    Boles, Jeffrey R

    2012-01-01

    This Article examines the contentious relationship between public rights to access government-held death records and privacy rights concerning the deceased, whose personal information is contained in those same records. This right of access dispute implicates core democratic principles and public policy interests. Open access to death records, such as death certificates and autopsy reports, serves the public interest by shedding light on government agency performance, uncovering potential government wrongdoing, providing data on public health trends, and aiding those investigating family history, for instance. Families of the deceased have challenged the release of these records on privacy grounds, as the records may contain sensitive and embarrassing information about the deceased. Legislatures and the courts addressing this dispute have collectively struggled to reconcile the competing open access and privacy principles. The Article demonstrates how a substantial portion of the resulting law in this area is haphazardly formed, significantly overbroad, and loaded with unintended consequences. The Article offers legal reforms to bring consistency and coherence to this currently disordered area of jurisprudence.

  17. The Privacy Attitude Questionnaire (PAQ): Initial Development and Validation

    OpenAIRE

    Chignell, Mark H.; Quan-Haase, Anabel; Gwizdka, Jacek

    2003-01-01

    Privacy has been identified as a key issue in a variety of domains, including electronic commerce and public policy. While there are many discussions of privacy issues from a legal and policy perspective, there is little information on the structure of privacy as a psychometric construct. Our goal is to develop a method for measuring attitudes towards privacy that can guide the design and personalization of services. This paper reports on the development of an initial version of the PAQ. Four...

  18. Evaluating privacy-preserving record linkage using cryptographic long-term keys and multibit trees on large medical datasets.

    Science.gov (United States)

    Brown, Adrian P; Borgs, Christian; Randall, Sean M; Schnell, Rainer

    2017-06-08

    Integrating medical data using databases from different sources by record linkage is a powerful technique increasingly used in medical research. Under many jurisdictions, unique personal identifiers needed for linking the records are unavailable. Since sensitive attributes, such as names, have to be used instead, privacy regulations usually demand encrypting these identifiers. The corresponding set of techniques for privacy-preserving record linkage (PPRL) has received widespread attention. One recent method is based on Bloom filters. Due to superior resilience against cryptographic attacks, composite Bloom filters (cryptographic long-term keys, CLKs) are considered best practice for privacy in PPRL. Real-world performance of these techniques using large-scale data is unknown up to now. Using a large subset of Australian hospital admission data, we tested the performance of an innovative PPRL technique (CLKs using multibit trees) against a gold-standard derived from clear-text probabilistic record linkage. Linkage time and linkage quality (recall, precision and F-measure) were evaluated. Clear text probabilistic linkage resulted in marginally higher precision and recall than CLKs. PPRL required more computing time but 5 million records could still be de-duplicated within one day. However, the PPRL approach required fine tuning of parameters. We argue that increased privacy of PPRL comes with the price of small losses in precision and recall and a large increase in computational burden and setup time. These costs seem to be acceptable in most applied settings, but they have to be considered in the decision to apply PPRL. Further research on the optimal automatic choice of parameters is needed.

  19. Teaching Information Privacy in Marketing Courses: Key Educational Issues for Principles of Marketing and Elective Marketing Courses

    Science.gov (United States)

    Peltier, James W.; Milne, George R.; Phelps, Joseph E.; Barrett, Jennifer T.

    2010-01-01

    An "information privacy gap" exists in marketing education, with little research addressing the state of information privacy and how appropriate privacy strategies and tactics should be communicated to students. The primary purpose of this article is to provide educators an understanding of information privacy and how they can incorporate this…

  20. Image encryption using fingerprint as key based on phase retrieval algorithm and public key cryptography

    Science.gov (United States)

    Zhao, Tieyu; Ran, Qiwen; Yuan, Lin; Chi, Yingying; Ma, Jing

    2015-09-01

    In this paper, a novel image encryption system with fingerprint used as a secret key is proposed based on the phase retrieval algorithm and RSA public key algorithm. In the system, the encryption keys include the fingerprint and the public key of RSA algorithm, while the decryption keys are the fingerprint and the private key of RSA algorithm. If the users share the fingerprint, then the system will meet the basic agreement of asymmetric cryptography. The system is also applicable for the information authentication. The fingerprint as secret key is used in both the encryption and decryption processes so that the receiver can identify the authenticity of the ciphertext by using the fingerprint in decryption process. Finally, the simulation results show the validity of the encryption scheme and the high robustness against attacks based on the phase retrieval technique.

  1. Simple Public Key Infrastructure Protocol Analysis and Design

    National Research Council Canada - National Science Library

    Vidergar, Alexander G

    2005-01-01

    ...). This thesis aims at proving the applicability of the Simple Public Key Infrastructure (SPKI) as a means of PKC. The strand space approach of Guttman and Thayer is used to provide an appropriate model for analysis...

  2. Vehicle Authentication via Monolithically Certified Public Key and Attributes

    OpenAIRE

    Dolev, Shlomi; Krzywiecki, Łukasz; Panwar, Nisha; Segal, Michael

    2015-01-01

    Vehicular networks are used to coordinate actions among vehicles in traffic by the use of wireless transceivers (pairs of transmitters and receivers). Unfortunately, the wireless communication among vehicles is vulnerable to security threats that may lead to very serious safety hazards. In this work, we propose a viable solution for coping with Man-in-the-Middle attacks. Conventionally, Public Key Infrastructure (PKI) is utilized for a secure communication with the pre-certified public key. H...

  3. Genetic privacy.

    Science.gov (United States)

    Sankar, Pamela

    2003-01-01

    During the past 10 years, the number of genetic tests performed more than tripled, and public concern about genetic privacy emerged. The majority of states and the U.S. government have passed regulations protecting genetic information. However, research has shown that concerns about genetic privacy are disproportionate to known instances of information misuse. Beliefs in genetic determinacy explain some of the heightened concern about genetic privacy. Discussion of the debate over genetic testing within families illustrates the most recent response to genetic privacy concerns.

  4. A Survey of Key Technology of Network Public Opinion Analysis

    Directory of Open Access Journals (Sweden)

    Li Su Ying

    2016-01-01

    Full Text Available The internet has become an important base for internet users to make comments because of its interactivity and fast dissemination. The outbreak of internet public opinion has become a major risk for network information security. Domestic and foreign researchers had carried out extensive and in-depth study on public opinion. Fruitful results have achieved in the basic theory research and emergency handling and other aspects of public opinion. But research on the public opinion in China is still in the initial stage, the key technology of the public opinion analysis is still as a starting point for in-depth study and discussion.

  5. Public key infrastructure building trusted applications and web services

    CERN Document Server

    Vacca, John R

    2004-01-01

    OVERVIEW OF PKI TECHNOLOGYPublic Key Infrastructures (PKIs): What Are They?Type of Certificate Authorities (CAS) ServicesPKI StandardsTypes of Vendor and Third-Party CA SystemsProtecting Private KeysCA System AttacksStolen Private Keys: What Can Be Done?Certificate Practice StatementsPKI ReadinessANALYZING AND DESIGNING PUBLIC KEY INFRASTRUCTURESPKI Design IssuesCost Justification and ConsiderationPKI Standards Design IssuesPKI Architectural Design ConsiderationsIMPLEMENTING PKIRequirementsImplementation ScheduleImplementation CostsPKI PerformanceMANAGING PKIRequesting a CertificateObtaining a

  6. Using routinely collected health data for surveillance, quality improvement and research: Framework and key questions to assess ethics, privacy and data access

    Directory of Open Access Journals (Sweden)

    Simon de Lusignan

    2016-01-01

    Full Text Available Background The use of health data for public health, surveillance, quality improvement and research is crucial to improve health systems and health care. However, bodies responsible for privacy and ethics often limit access to routinely collected health data. Ethical approvals, issues around protecting privacy and data access are often dealt with by different layers of regulations, making approval processes appear disjointed.Objective To create a comprehensive framework for defining the ethical and privacy status of a project and for providing guidance on data access.Method The framework comprises principles and related questions. The core of the framework will be built using standard terminology definitions such as ethics-related controlled vocabularies and regional directives. It is built in this way to reduce ambiguity between different definitions. The framework is extensible: principles can be retired or added to, as can their related questions. Responses to these questions should allow data processors to define ethical issues, privacy risk and other unintended consequences.Results The framework contains three steps: (1 identifying possible ethical and privacy principles relevant to the project; (2 providing ethics and privacy guidance questions that inform the type of approval needed; and (3 assessing case-specific ethics and privacy issues. The outputs from this process should inform whether the balance between public interests and privacy breach and any ethical considerations are tipped in favour of societal benefits. If they are then this should be the basis on which data access is permitted. Tightly linking ethical principles to governance and data access may help maintain public trust.

  7. A novel authentication scheme using self-certified public keys for telecare medical information systems.

    Science.gov (United States)

    Guo, Dianli; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

    2015-06-01

    Telecare medical information systems (TMIS), with the explosive growth of communication technology and physiological monitoring devices, are applied increasingly to enable and support healthcare delivery services. In order to safeguard patients' privacy and tackle the illegal access, authentication schemes for TMIS have been investigated and designed by many researchers. Many of them are promising for adoption in practice, nevertheless, they still have security flaws. In this paper, we propose a novel remote authentication scheme for TMIS using self-certified public keys, which is formally secure in the ID-mBJM model. Besides, the proposed scheme has better computational efficiency. Compared to the related schemes, our protocol is more practical for telemedicine system.

  8. Efficient secure-channel free public key encryption with keyword search for EMRs in cloud storage.

    Science.gov (United States)

    Guo, Lifeng; Yau, Wei-Chuen

    2015-02-01

    Searchable encryption is an important cryptographic primitive that enables privacy-preserving keyword search on encrypted electronic medical records (EMRs) in cloud storage. Efficiency of such searchable encryption in a medical cloud storage system is very crucial as it involves client platforms such as smartphones or tablets that only have constrained computing power and resources. In this paper, we propose an efficient secure-channel free public key encryption with keyword search (SCF-PEKS) scheme that is proven secure in the standard model. We show that our SCF-PEKS scheme is not only secure against chosen keyword and ciphertext attacks (IND-SCF-CKCA), but also secure against keyword guessing attacks (IND-KGA). Furthermore, our proposed scheme is more efficient than other recent SCF-PEKS schemes in the literature.

  9. Cryptanalysis of Compact-LWE and Related Lightweight Public Key Encryption

    Directory of Open Access Journals (Sweden)

    Dianyan Xiao

    2018-01-01

    Full Text Available In the emerging Internet of Things (IoT, lightweight public key cryptography plays an essential role in security and privacy protection. With the approach of quantum computing era, it is important to design and evaluate lightweight quantum-resistant cryptographic algorithms applicable to IoT. LWE-based cryptography is a widely used and well-studied family of postquantum cryptographic constructions whose hardness is based on worst-case lattice problems. To make LWE friendly to resource-constrained IoT devices, a variant of LWE, named Compact-LWE, was proposed and used to design lightweight cryptographic schemes. In this paper, we study the so-called Compact-LWE problem and clarify that under certain parameter settings it can be solved in polynomial time. As a consequence, our result leads to a practical attack against an instantiated scheme based on Compact-LWE proposed by Liu et al. in 2017.

  10. Policymaking to preserve privacy in disclosure of public health data: a suggested framework.

    Science.gov (United States)

    Mizani, Mehrdad A; Baykal, Nazife

    2015-03-01

    Health organisations in Turkey gather a vast amount of valuable individual data that can be used for public health purposes. The organisations use rigid methods to remove some useful details from the data while publishing the rest of the data in a highly aggregated form, mostly because of privacy concerns and lack of standardised policies. This action leads to information loss and bias affecting public health research. Hence, organisations need dynamic policies and well-defined procedures rather than a specific algorithm to protect the privacy of individual data. To address this need, we developed a framework for the systematic application of anonymity methods while reducing and objectively reporting the information loss without leaking confidentiality. This framework acts as a roadmap for policymaking by providing high-level pseudo-policies with semitechnical guidelines in addition to some sample scenarios suitable for policymakers, public health programme managers and legislators. Published by the BMJ Publishing Group Limited. For permission to use (where not already granted under a licence) please go to http://group.bmj.com/group/rights-licensing/permissions.

  11. Privacy protection and public goods: building a genetic database for health research in Newfoundland and Labrador.

    Science.gov (United States)

    Kosseim, Patricia; Pullman, Daryl; Perrot-Daley, Astrid; Hodgkinson, Kathy; Street, Catherine; Rahman, Proton

    2013-01-01

    To provide a legal and ethical analysis of some of the implementation challenges faced by the Population Therapeutics Research Group (PTRG) at Memorial University (Canada), in using genealogical information offered by individuals for its genetics research database. This paper describes the unique historical and genetic characteristics of the Newfoundland and Labrador founder population, which gave rise to the opportunity for PTRG to build the Newfoundland Genealogy Database containing digitized records of all pre-confederation (1949) census records of the Newfoundland founder population. In addition to building the database, PTRG has developed the Heritability Analytics Infrastructure, a data management structure that stores genotype, phenotype, and pedigree information in a single database, and custom linkage software (KINNECT) to perform pedigree linkages on the genealogy database. A newly adopted legal regimen in Newfoundland and Labrador is discussed. It incorporates health privacy legislation with a unique research ethics statute governing the composition and activities of research ethics boards and, for the first time in Canada, elevating the status of national research ethics guidelines into law. The discussion looks at this integration of legal and ethical principles which provides a flexible and seamless framework for balancing the privacy rights and welfare interests of individuals, families, and larger societies in the creation and use of research data infrastructures as public goods. The complementary legal and ethical frameworks that now coexist in Newfoundland and Labrador provide the legislative authority, ethical legitimacy, and practical flexibility needed to find a workable balance between privacy interests and public goods. Such an approach may also be instructive for other jurisdictions as they seek to construct and use biobanks and related research platforms for genetic research.

  12. Privacy protection and public goods: building a genetic database for health research in Newfoundland and Labrador

    Science.gov (United States)

    Pullman, Daryl; Perrot-Daley, Astrid; Hodgkinson, Kathy; Street, Catherine; Rahman, Proton

    2013-01-01

    Objective To provide a legal and ethical analysis of some of the implementation challenges faced by the Population Therapeutics Research Group (PTRG) at Memorial University (Canada), in using genealogical information offered by individuals for its genetics research database. Materials and methods This paper describes the unique historical and genetic characteristics of the Newfoundland and Labrador founder population, which gave rise to the opportunity for PTRG to build the Newfoundland Genealogy Database containing digitized records of all pre-confederation (1949) census records of the Newfoundland founder population. In addition to building the database, PTRG has developed the Heritability Analytics Infrastructure, a data management structure that stores genotype, phenotype, and pedigree information in a single database, and custom linkage software (KINNECT) to perform pedigree linkages on the genealogy database. Discussion A newly adopted legal regimen in Newfoundland and Labrador is discussed. It incorporates health privacy legislation with a unique research ethics statute governing the composition and activities of research ethics boards and, for the first time in Canada, elevating the status of national research ethics guidelines into law. The discussion looks at this integration of legal and ethical principles which provides a flexible and seamless framework for balancing the privacy rights and welfare interests of individuals, families, and larger societies in the creation and use of research data infrastructures as public goods. Conclusion The complementary legal and ethical frameworks that now coexist in Newfoundland and Labrador provide the legislative authority, ethical legitimacy, and practical flexibility needed to find a workable balance between privacy interests and public goods. Such an approach may also be instructive for other jurisdictions as they seek to construct and use biobanks and related research platforms for genetic research. PMID

  13. Attack on Privacy-Preserving Public Auditing Schemes for Cloud Storage

    Directory of Open Access Journals (Sweden)

    Baoyuan Kang

    2017-01-01

    Full Text Available With the development of Internet, cloud computing has emerged to provide service to data users. But, it is necessary for an auditor on behalf of users to check the integrity of the data stored in the cloud. The cloud server also must ensure the privacy of the data. In a usual public integrity check scheme, the linear combination of data blocks is needed for verification. But, after times of auditing on the same data blocks, based on collected linear combinations, the auditor might derive these blocks. Recently, a number of public auditing schemes with privacy-preserving are proposed. With blinded linear combinations of data blocks, the authors of these schemes believed that the auditor cannot derive any information about the data blocks and claimed that their schemes are provably secure in the random oracle model. In this paper, with detailed security analysis of these schemes, we show that these schemes are vulnerable to an attack from the malicious cloud server who modifies the data blocks and succeeds in forging proof information for data integrity check.

  14. Efficient KDM-CCA Secure Public-Key Encryption via Auxiliary-Input Authenticated Encryption

    Directory of Open Access Journals (Sweden)

    Shuai Han

    2017-01-01

    Full Text Available KDM[F]-CCA security of public-key encryption (PKE ensures the privacy of key-dependent messages f(sk which are closely related to the secret key sk, where f∈F, even if the adversary is allowed to make decryption queries. In this paper, we study the design of KDM-CCA secure PKE. To this end, we develop a new primitive named Auxiliary-Input Authenticated Encryption (AIAE. For AIAE, we introduce two related-key attack (RKA security notions, including IND-RKA and weak-INT-RKA. We present a generic construction of AIAE from tag-based hash proof system (HPS and one-time secure authenticated encryption (AE and give an instantiation of AIAE under the Decisional Diffie-Hellman (DDH assumption. Using AIAE as an essential building block, we give two constructions of efficient KDM-CCA secure PKE based on the DDH and the Decisional Composite Residuosity (DCR assumptions. Specifically, (i our first PKE construction is the first one achieving KDM[Faff]-CCA security for the set of affine functions and compactness of ciphertexts simultaneously. (ii Our second PKE construction is the first one achieving KDM[Fpolyd]-CCA security for the set of polynomial functions and almost compactness of ciphertexts simultaneously. Our PKE constructions are very efficient; in particular, they are pairing-free and NIZK-free.

  15. A Survey of Public Key Infrastructure-Based Security for Mobile Communication Systems

    Directory of Open Access Journals (Sweden)

    Mohammed Ramadan

    2016-08-01

    Full Text Available Mobile communication security techniques are employed to guard the communication between the network entities. Mobile communication cellular systems have become one of the most important communication systems in recent times and are used by millions of people around the world. Since the 1990s, considerable efforts have been taken to improve both the communication and security features of the mobile communications systems. However, these improvements divide the mobile communications field into different generations according to the communication and security techniques such as A3, A5 and A8 algorithms for 2G-GSM cellular system, 3G-authentication and key agreement (AKA, evolved packet system-authentication and key agreement (EPS-AKA, and long term evolution-authentication and key agreement (LTE-AKA algorithms for 3rd generation partnership project (3GPP systems. Furthermore, these generations have many vulnerabilities, and huge security work is involved to solve such problems. Some of them are in the field of the public key cryptography (PKC which requires a high computational cost and more network flexibility to be achieved. As such, the public key infrastructure (PKI is more compatible with the modern generations due to the superior communications features. This paper surveys the latest proposed works on the security of GSM, CDMA, and LTE cellular systems using PKI. Firstly, we present the security issues for each generation of mobile communication systems, then we study and analyze the latest proposed schemes and give some comparisons. Finally, we introduce some new directions for the future scope. This paper classifies the mobile communication security schemes according to the techniques used for each cellular system and covers some of the PKI-based security techniques such as authentication, key agreement, and privacy preserving.

  16. Unbelievable security : Matching AES using public key systems

    NARCIS (Netherlands)

    Lenstra, A.K.; Boyd, C.

    2001-01-01

    The Advanced Encryption Standard (AES) provides three levels of security: 128, 192, and 256 bits. Given a desired level of security for the AES, this paper discusses matching public key sizes for RSA and the ElGamal family of protocols. For the latter both traditional multiplicative groups of finite

  17. Public-Key Encryption with Non-interactive Opening

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Hofheinz, Dennis; Kiltz, Eike

    2008-01-01

    We formally define the primitive of public-key encryption with non-interactive opening (PKENO), where the receiver of a ciphertext C can, convincingly and without interaction, reveal what the result was of decrypting C, without compromising the scheme’s security. This has numerous applications...

  18. Public-key Encryption with Registered Keyword Search

    NARCIS (Netherlands)

    Tang, Qiang; Chen, Liqun

    Public-key Encryption with Keyword Search (PEKS) enables a server to test whether a tag from a sender and a trapdoor from a receiver contain the same keyword. In this paper, we highlight some potential security concern, i.e. a curious server is able to answer whether any selected keyword is

  19. 76 FR 48807 - Public Key Infrastructure (PKI) Certificate Action Form

    Science.gov (United States)

    2011-08-09

    ... Infrastructure (PKI) technology to support electronic commerce between the USPTO and its customers. PKI is a set... security for its electronic commerce systems, the USPTO uses PKI technology to protect the integrity and... DEPARTMENT OF COMMERCE United States Patent and Trademark Office Public Key Infrastructure (PKI...

  20. A lightweight privacy preserving authenticated key agreement protocol for SIP-based VoIP

    OpenAIRE

    Zhang, Liping; Tang, Shanyu; Zhu, Shaohui

    2016-01-01

    Session Initiation Protocol (SIP) is an essential part of most Voice over Internet Protocol (VoIP) architecture. Although SIP provides attractive features, it is exposed to various security threats, and so an efficient and secure authentication scheme is sought to enhance the security of SIP. Several attempts have been made to address the tradeoff problem between security and efficiency, but designing a successful authenticated key agreement protocol for SIP is still a challenging task from t...

  1. An application of different dioids in public key cryptography

    Energy Technology Data Exchange (ETDEWEB)

    Durcheva, Mariana I., E-mail: mdurcheva66@gmail.com [Technical University of Sofia, Faculty of Applied Mathematics and Informatics, 8 Kliment Ohridski St., Sofia 1000 (Bulgaria)

    2014-11-18

    Dioids provide a natural framework for analyzing a broad class of discrete event dynamical systems such as the design and analysis of bus and railway timetables, scheduling of high-throughput industrial processes, solution of combinatorial optimization problems, the analysis and improvement of flow systems in communication networks. They have appeared in several branches of mathematics such as functional analysis, optimization, stochastic systems and dynamic programming, tropical geometry, fuzzy logic. In this paper we show how to involve dioids in public key cryptography. The main goal is to create key – exchange protocols based on dioids. Additionally the digital signature scheme is presented.

  2. An application of different dioids in public key cryptography

    International Nuclear Information System (INIS)

    Durcheva, Mariana I.

    2014-01-01

    Dioids provide a natural framework for analyzing a broad class of discrete event dynamical systems such as the design and analysis of bus and railway timetables, scheduling of high-throughput industrial processes, solution of combinatorial optimization problems, the analysis and improvement of flow systems in communication networks. They have appeared in several branches of mathematics such as functional analysis, optimization, stochastic systems and dynamic programming, tropical geometry, fuzzy logic. In this paper we show how to involve dioids in public key cryptography. The main goal is to create key – exchange protocols based on dioids. Additionally the digital signature scheme is presented

  3. Efficient quantum secure communication with a publicly known key

    International Nuclear Information System (INIS)

    Li Chunyan; Li Xihan; Deng Fuguo; Zhou Hongyu

    2008-01-01

    This paper presents a simple way for an eavesdropper to eavesdrop freely the secret message in the experimental realization of quantum communication protocol proposed by Beige et al (2002 Acta Phys. Pol. A 101 357). Moreover, it introduces an efficient quantum secure communication protocol based on a publicly known key with decoy photons and two biased bases by modifying the original protocol. The total efficiency of this new protocol is double that of the original one. With a low noise quantum channel, this protocol can be used for transmitting a secret message. At present, this protocol is good for generating a private key efficiently. (general)

  4. Lower and Upper Bounds for Deniable Public-Key Encryption

    DEFF Research Database (Denmark)

    Bendlin, Rikke; Nielsen, Jesper Buus; Nordholt, Peter Sebastian

    2011-01-01

    the parties to change their internal state to make it look like a given ciphertext decrypts to a message different from what it really decrypts to. Deniable encryption was in this way introduced to allow to deny a message exchange and hence combat coercion. Depending on which parties can be coerced...... that it is impossible to construct a non-interactive bi-deniable public-key encryption scheme with better than polynomial security. Specifically, we give an explicit bound relating the security of the scheme to how efficient the scheme is in terms of key size. Our impossibility result establishes a lower bound...

  5. Key-phrase based classification of public health web pages.

    Science.gov (United States)

    Dolamic, Ljiljana; Boyer, Célia

    2013-01-01

    This paper describes and evaluates the public health web pages classification model based on key phrase extraction and matching. Easily extendible both in terms of new classes as well as the new language this method proves to be a good solution for text classification faced with the total lack of training data. To evaluate the proposed solution we have used a small collection of public health related web pages created by a double blind manual classification. Our experiments have shown that by choosing the adequate threshold value the desired value for either precision or recall can be achieved.

  6. Distributed public key schemes secure against continual leakage

    DEFF Research Database (Denmark)

    Akavia, Adi; Goldwasser, Shafi; Hazay, Carmit

    2012-01-01

    -secure against continual memory leakage. Our DPKE scheme also implies a secure storage system on leaky devices, where a value s can be secretely stored on devices that continually leak information about their internal state to an external attacker. The devices go through a periodic refresh protocol......In this work we study distributed public key schemes secure against continual memory leakage. The secret key will be shared among two computing devices communicating over a public channel, and the decryption operation will be computed by a simple 2-party protocol between the devices. Similarly...... against continual memory leakage, under the Bilinear Decisional Diffie-Hellman and $2$-linear assumptions. Our schemes have the following properties: 1. Our DPKE and DIBE schemes tolerate leakage at all times, including during refresh. During refresh the tolerated leakage is a (1/2-o (1),1)-fraction...

  7. Practical Implementation of Various Public Key Infrastructure Models

    Directory of Open Access Journals (Sweden)

    Dmitriy Anatolievich Melnikov

    2016-03-01

    Full Text Available The paper proposes a short comparative analysis of the contemporary models of public key infrastructure (PKI and the issues of the PKI models real implementation. The Russian model of PKI is presented. Differences between the North American and West Europe models of PKI and Russian model of PKI are described. The problems of creation and main directions of further development and improvement of the Russian PKI and its integration into the global trust environment are defined.

  8. Improved security proofs and constructions for public-key cryptography

    OpenAIRE

    Pan, Jiaxin (M. Sc.)

    2016-01-01

    Diese Arbeit verbessert die Sicherheitsanalyse und Konstruktierbarkeit von Public-Key-Kryptographie: Der erste Teil der Arbeit schlägt einen vereinfachten Sicherheitsbeweis für digitale Signaturverfahren von kanonischen Identifikationsschemata über die klassischen Fiat-Shamir-Transformation im Random Oracle Modell vor. Der zweite Teil der Arbeit schlägt eine neue Variante der Message Authentication Codes (MACs) vor, die sogenannten affinen MACs. Außerdem wird eine generische Transform...

  9. Noncoherent capacity of secret-key agreement with public discussion

    KAUST Repository

    Agrawal, Anurag

    2011-09-01

    We study the noncoherent capacity of secret-key agreement with public discussion over independent identically distributed (i.i.d.) Rayleigh fading wireless channels, where neither the sender nor the receivers have access to instantaneous channel state information (CSI). We present two results. At high signal-to-noise ratio (SNR), the secret-key capacity is bounded in SNR, regardless of the number of antennas at each terminal. Second, for a system with a single antenna at both the legitimate and the eavesdropper terminals and an arbitrary number of transmit antennas, the secret-key capacity-achieving input distribution is discrete, with a finite number of mass points. Numerically we observe that at low SNR, the capacity achieving distribution has two mass points with one of them at the origin. © 2011 IEEE.

  10. Noncoherent capacity of secret-key agreement with public discussion

    KAUST Repository

    Agrawal, Anurag; Rezki, Zouheir; Khisti, Ashish J.; Alouini, Mohamed-Slim

    2011-01-01

    We study the noncoherent capacity of secret-key agreement with public discussion over independent identically distributed (i.i.d.) Rayleigh fading wireless channels, where neither the sender nor the receivers have access to instantaneous channel state information (CSI). We present two results. At high signal-to-noise ratio (SNR), the secret-key capacity is bounded in SNR, regardless of the number of antennas at each terminal. Second, for a system with a single antenna at both the legitimate and the eavesdropper terminals and an arbitrary number of transmit antennas, the secret-key capacity-achieving input distribution is discrete, with a finite number of mass points. Numerically we observe that at low SNR, the capacity achieving distribution has two mass points with one of them at the origin. © 2011 IEEE.

  11. Building Secure Public Key Encryption Scheme from Hidden Field Equations

    Directory of Open Access Journals (Sweden)

    Yuan Ping

    2017-01-01

    Full Text Available Multivariate public key cryptography is a set of cryptographic schemes built from the NP-hardness of solving quadratic equations over finite fields, amongst which the hidden field equations (HFE family of schemes remain the most famous. However, the original HFE scheme was insecure, and the follow-up modifications were shown to be still vulnerable to attacks. In this paper, we propose a new variant of the HFE scheme by considering the special equation x2=x defined over the finite field F3 when x=0,1. We observe that the equation can be used to further destroy the special structure of the underlying central map of the HFE scheme. It is shown that the proposed public key encryption scheme is secure against known attacks including the MinRank attack, the algebraic attacks, and the linearization equations attacks. The proposal gains some advantages over the original HFE scheme with respect to the encryption speed and public key size.

  12. 76 FR 12397 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Bureau of the Public Debt (BPD...

    Science.gov (United States)

    2011-03-07

    ...; Computer Matching Program (SSA/ Bureau of the Public Debt (BPD))--Match Number 1038 AGENCY: Social Security... as shown above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection... containing SSNs extracted from the Supplemental Security Record database. Exchanges for this computer...

  13. Key Spatial Factors Influencing the Perceived Privacy in Nursing Units: An Exploration Study With Eight Nursing Units in Hong Kong.

    Science.gov (United States)

    Lu, Yi; Cai, Hui; Bosch, Sheila J

    2017-07-01

    This study examined how the spatial characteristics of patient beds, which are influenced by patient room design and nursing unit configuration, affect patients' perceptions about privacy. In the hospital setting, most patients expect a certain degree of privacy but also understand that their caregivers need appropriate access to them in order to provide high-quality care. Even veteran healthcare designers may struggle to create just the right balance between privacy and accessibility. A paper-based survey was conducted with 159 participants in Hong Kong-72 (45.3%) participants had been hospitalized and 87 (54.7%) participants had not-to document their selection of high-privacy beds, given simplified plans of eight nursing units. Two types of information, comprised of six variables, were examined for each bed. These include (1) room-level variables, specifically the number of beds per room and area per bed and (2) relational variables, including walking distance, directional change, integration, and control. The results demonstrate that when asked to identify high-privacy beds, participants selected beds in patient rooms with fewer beds per room, a larger area per bed, and a longer walking distance to the care team workstation. Interestingly, the participants having been hospitalized also chose beds with a visual connection to the care team workstation as being high in privacy. The participants with hospitalization experience may be willing to accept a bed with reduced visual privacy, perhaps out of a concern for safety.

  14. Error-correcting pairs for a public-key cryptosystem

    International Nuclear Information System (INIS)

    Pellikaan, Ruud; Márquez-Corbella, Irene

    2017-01-01

    Code-based Cryptography (CBC) is a powerful and promising alternative for quantum resistant cryptography. Indeed, together with lattice-based cryptography, multivariate cryptography and hash-based cryptography are the principal available techniques for post-quantum cryptography. CBC was first introduced by McEliece where he designed one of the most efficient Public-Key encryption schemes with exceptionally strong security guarantees and other desirable properties that still resist to attacks based on Quantum Fourier Transform and Amplitude Amplification. The original proposal, which remains unbroken, was based on binary Goppa codes. Later, several families of codes have been proposed in order to reduce the key size. Some of these alternatives have already been broken. One of the main requirements of a code-based cryptosystem is having high performance t -bounded decoding algorithms which is achieved in the case the code has a t -error-correcting pair (ECP). Indeed, those McEliece schemes that use GRS codes, BCH, Goppa and algebraic geometry codes are in fact using an error-correcting pair as a secret key. That is, the security of these Public-Key Cryptosystems is not only based on the inherent intractability of bounded distance decoding but also on the assumption that it is difficult to retrieve efficiently an error-correcting pair. In this paper, the class of codes with a t -ECP is proposed for the McEliece cryptosystem. Moreover, we study the hardness of distinguishing arbitrary codes from those having a t -error correcting pair. (paper)

  15. Quantum Hash function and its application to privacy amplification in quantum key distribution, pseudo-random number generation and image encryption

    Science.gov (United States)

    Yang, Yu-Guang; Xu, Peng; Yang, Rui; Zhou, Yi-Hua; Shi, Wei-Min

    2016-01-01

    Quantum information and quantum computation have achieved a huge success during the last years. In this paper, we investigate the capability of quantum Hash function, which can be constructed by subtly modifying quantum walks, a famous quantum computation model. It is found that quantum Hash function can act as a hash function for the privacy amplification process of quantum key distribution systems with higher security. As a byproduct, quantum Hash function can also be used for pseudo-random number generation due to its inherent chaotic dynamics. Further we discuss the application of quantum Hash function to image encryption and propose a novel image encryption algorithm. Numerical simulations and performance comparisons show that quantum Hash function is eligible for privacy amplification in quantum key distribution, pseudo-random number generation and image encryption in terms of various hash tests and randomness tests. It extends the scope of application of quantum computation and quantum information.

  16. Quantum Hash function and its application to privacy amplification in quantum key distribution, pseudo-random number generation and image encryption

    Science.gov (United States)

    Yang, Yu-Guang; Xu, Peng; Yang, Rui; Zhou, Yi-Hua; Shi, Wei-Min

    2016-01-01

    Quantum information and quantum computation have achieved a huge success during the last years. In this paper, we investigate the capability of quantum Hash function, which can be constructed by subtly modifying quantum walks, a famous quantum computation model. It is found that quantum Hash function can act as a hash function for the privacy amplification process of quantum key distribution systems with higher security. As a byproduct, quantum Hash function can also be used for pseudo-random number generation due to its inherent chaotic dynamics. Further we discuss the application of quantum Hash function to image encryption and propose a novel image encryption algorithm. Numerical simulations and performance comparisons show that quantum Hash function is eligible for privacy amplification in quantum key distribution, pseudo-random number generation and image encryption in terms of various hash tests and randomness tests. It extends the scope of application of quantum computation and quantum information. PMID:26823196

  17. Market Reactions to Publicly Announced Privacy and Security Breaches Suffered by Companies Listed on the United States Stock Exchanges: A Comparative Empirical Investigation

    Science.gov (United States)

    Coronado, Adolfo S.

    2012-01-01

    Using a sample of security and privacy breaches the present research examines the comparative announcement impact between the two types of events. The first part of the dissertation analyzes the impact of publicly announced security and privacy breaches on abnormal stock returns, the change in firm risk, and abnormal trading volume are measured.…

  18. Privacy and Innovation

    OpenAIRE

    Avi Goldfarb; Catherine Tucker

    2011-01-01

    Information and communication technology now enables firms to collect detailed and potentially intrusive data about their customers both easily and cheaply. This means that privacy concerns are no longer limited to government surveillance and public figures' private lives. The empirical literature on privacy regulation shows that privacy regulation may affect the extent and direction of data-based innovation. We also show that the impact of privacy regulation can be extremely heterogeneous. T...

  19. 75 FR 20364 - Public Buildings Service; Key Largo Beacon Annex Site; Key Largo, FL; Transfer of Property

    Science.gov (United States)

    2010-04-19

    ... GENERAL SERVICES ADMINISTRATION [Wildlife Order 187; 4-D-FL-1218] Public Buildings Service; Key Largo Beacon Annex Site; Key Largo, FL; Transfer of Property Pursuant to section 2 of Public Law 537, 80th Congress, approved May 19, 1948 (16 U.S.C. 667c), notice is hereby given that: 1. The General...

  20. BangA: An Efficient and Flexible Generalization-Based Algorithm for Privacy Preserving Data Publication

    Directory of Open Access Journals (Sweden)

    Adeel Anjum

    2017-01-01

    Full Text Available Privacy-Preserving Data Publishing (PPDP has become a critical issue for companies and organizations that would release their data. k-Anonymization was proposed as a first generalization model to guarantee against identity disclosure of individual records in a data set. Point access methods (PAMs are not well studied for the problem of data anonymization. In this article, we propose yet another approximation algorithm for anonymization, coined BangA, that combines useful features from Point Access Methods (PAMs and clustering. Hence, it achieves fast computation and scalability as a PAM, and very high quality thanks to its density-based clustering step. Extensive experiments show the efficiency and effectiveness of our approach. Furthermore, we provide guidelines for extending BangA to achieve a relaxed form of differential privacy which provides stronger privacy guarantees as compared to traditional privacy definitions.

  1. A New Heuristic Anonymization Technique for Privacy Preserved Datasets Publication on Cloud Computing

    Science.gov (United States)

    Aldeen Yousra, S.; Mazleena, Salleh

    2018-05-01

    Recent advancement in Information and Communication Technologies (ICT) demanded much of cloud services to sharing users’ private data. Data from various organizations are the vital information source for analysis and research. Generally, this sensitive or private data information involves medical, census, voter registration, social network, and customer services. Primary concern of cloud service providers in data publishing is to hide the sensitive information of individuals. One of the cloud services that fulfill the confidentiality concerns is Privacy Preserving Data Mining (PPDM). The PPDM service in Cloud Computing (CC) enables data publishing with minimized distortion and absolute privacy. In this method, datasets are anonymized via generalization to accomplish the privacy requirements. However, the well-known privacy preserving data mining technique called K-anonymity suffers from several limitations. To surmount those shortcomings, I propose a new heuristic anonymization framework for preserving the privacy of sensitive datasets when publishing on cloud. The advantages of K-anonymity, L-diversity and (α, k)-anonymity methods for efficient information utilization and privacy protection are emphasized. Experimental results revealed the superiority and outperformance of the developed technique than K-anonymity, L-diversity, and (α, k)-anonymity measure.

  2. Privacy encounters in Teledialogue

    DEFF Research Database (Denmark)

    Andersen, Lars Bo; Bøge, Ask Risom; Danholt, Peter

    2017-01-01

    Privacy is a major concern when new technologies are introduced between public authorities and private citizens. What is meant by privacy, however, is often unclear and contested. Accordingly, this article utilises grounded theory to study privacy empirically in the research and design project...... Teledialogue aimed at introducing new ways for public case managers and placed children to communicate through IT. The resulting argument is that privacy can be understood as an encounter, that is, as something that arises between implicated actors and entails some degree of friction and negotiation....... An argument which is further qualified through the philosophy of Gilles Deleuze. The article opens with a review of privacy literature before continuing to present privacy as an encounter with five different foci: what technologies bring into the encounter; who is related to privacy by implication; what...

  3. A Review of RSA and Public-Key Cryptosystems | Rabah | Botswana ...

    African Journals Online (AJOL)

    ... study and analyze the RSA cryptosystems – a public-key cryptographic algorithm - a system that uses two sets of keys; one for encryption and the other for decryption. Key Words: Public-key cryptography, DH, RSA, Internet Security and attacks, Digital Signature, Message digest, Authentication, Secure Socket Layer (SSL)

  4. Argumentation Key to Communicating Climate Change to the Public

    Science.gov (United States)

    Bleicher, R. E.; Lambert, J. L.

    2012-12-01

    Argumentation plays an important role in how we communicate climate change science to the public and is a key component integrated throughout the Next Generation Science Standards. A scientific argument can be described as a disagreement between explanations with data being used to justify each position. Argumentation is social process where two or more individuals construct and critique arguments (Kuhn & Udell, 2003; Nussbaum, 1997). Sampson, Grooms, and Walker's (2011) developed a framework for understanding the components of a scientific argument. The three components start with a claim (a conjecture, conclusion, explanation, or an answer to a research question). This claim must fit the evidence (observations that show trends over time, relationships between variables or difference between groups). The evidence must be justified with reasoning (explains how the evidence supports the explanation and whey it should count as support). In a scientific argument, or debate, the controversy focuses on how data were collected, what data can or should be included, and what inferences can be made based on a set of evidence. Toulmin's model (1969) also includes rebutting or presenting an alternative explanation supported by counter evidence and reasoning of why the alternative is not the appropriate explanation for the question of the problem. The process of scientific argumentation should involve the construction and critique of scientific arguments, one that involves the consideration of alternative hypotheses (Lawson, 2003). Scientific literacy depends as much on the ability to refute and recognize poor scientific arguments as much as it does on the ability to present an effective argument based on good scientific data (Osborne, 2010). Argument is, therefore, a core feature of science. When students learn to construct a sound scientific argument, they demonstrate critical thinking and a mastery of the science being taught. To present a convincing argument in support of

  5. 76 FR 31350 - Public Workshop; Privacy Compliance Basics and 2011 Developments

    Science.gov (United States)

    2011-05-31

    ... Privacy Act of 1974, as amended, the E-Government Act of 2002, Office of Management and Budget memoranda... telephone 703-235-0780; by facsimile 703-235-0442; or by e-mail at [email protected] . SUPPLEMENTARY INFORMATION... send an e-mail to [email protected] , with ``PRIVComplianceWorkshop'' in the subject line, and your full name...

  6. Privacy for All Students? Talking about and around Trans Students in "Public"

    Science.gov (United States)

    Stiegler, Sam

    2016-01-01

    This paper places under examination the arguments used to fight against school policies and legislation intended to guarantee and protect the rights of trans students. That is, the paper's central investigation works to uncover the regimes of truth about children, gender, race and privacy implicit in the methods employed by activists who seek to…

  7. Public engagement with CCS: barriers, key issues and ways forward

    Science.gov (United States)

    Xenias, Dimitrios

    2017-04-01

    Although Carbon Capture and Storage (CCS) is recognised as a crucial transition technology to a low-carbon world, it has not been popular with the public or some governments (e.g. the UK). Also, despite its use in industrial processes for decades, CCS remains and unfamiliar technology for most publics. It is therefore important to foster top-down and bottom-up acceptance of large scale CCS. In an exploratory round of interviews we canvassed the views of British, Dutch, German and Norwegian experts (N=13) with previous experience in public engagement with CCS. They identified barriers and drivers for CCS deployment and public engagement with CCS. Thematic analysis revealed a small number of recurrent issues, including: (a) lack of political leadership on CCS; (b) lack of public knowledge on relevant technologies and (c) difficulty communicating why CCS is necessary. Emphasis on these barriers varied with the level of experts' engagement with the public. More interestingly, although most experts agreed on the importance of public engagement, their views divided between 'why' engage and 'how' best to do this. In a subsequent expert survey (N=99) interview findings were reinforced: public support was seen as important for CCS roll-out (72%), though lower than political support and funding. The survey also showed that local public was expected to experience most risks, while global public will experience most benefits; whereas local business is seen to benefit more than global. Experts were overwhelmingly positive about CCS - risks outweigh benefits, and are confident that CCS will play a major role in climate change mitigation (along with reduced energy demand and renewables). These findings will be expanded on and triangulated in a follow-up public survey which will benefit those involved with public engagement with CCS.

  8. Public Acceptance, a Key Issue of Nuclear Energy

    International Nuclear Information System (INIS)

    Stritar, A.

    1996-01-01

    A brief history of public acceptance of nuclear energy in Slovenia is given. While in former Yugoslavia a problem of public acceptance virtually did not exist because of undemocratic social system, it grew larger and larger with the process of democratization in late eighties. The first democratic government in Slovenia had to abandon its original idea for an early closure of the nuclear power plant Krsko. In 1995 and 1996 there were two attempts to organize the national referendum about the future of the plant. The lessons learned from the public debates in recent years could help other countries entering the nuclear program to prepare and implement efficient public information strategy. (author)

  9. Public Auditing with Privacy Protection in a Multi-User Model of Cloud-Assisted Body Sensor Networks

    Science.gov (United States)

    Li, Song; Cui, Jie; Zhong, Hong; Liu, Lu

    2017-01-01

    Wireless Body Sensor Networks (WBSNs) are gaining importance in the era of the Internet of Things (IoT). The modern medical system is a particular area where the WBSN techniques are being increasingly adopted for various fundamental operations. Despite such increasing deployments of WBSNs, issues such as the infancy in the size, capabilities and limited data processing capacities of the sensor devices restrain their adoption in resource-demanding applications. Though providing computing and storage supplements from cloud servers can potentially enrich the capabilities of the WBSNs devices, data security is one of the prevailing issues that affects the reliability of cloud-assisted services. Sensitive applications such as modern medical systems demand assurance of the privacy of the users’ medical records stored in distant cloud servers. Since it is economically impossible to set up private cloud servers for every client, auditing data security managed in the remote servers has necessarily become an integral requirement of WBSNs’ applications relying on public cloud servers. To this end, this paper proposes a novel certificateless public auditing scheme with integrated privacy protection. The multi-user model in our scheme supports groups of users to store and share data, thus exhibiting the potential for WBSNs’ deployments within community environments. Furthermore, our scheme enriches user experiences by offering public verifiability, forward security mechanisms and revocation of illegal group members. Experimental evaluations demonstrate the security effectiveness of our proposed scheme under the Random Oracle Model (ROM) by outperforming existing cloud-assisted WBSN models. PMID:28475110

  10. Public Auditing with Privacy Protection in a Multi-User Model of Cloud-Assisted Body Sensor Networks.

    Science.gov (United States)

    Li, Song; Cui, Jie; Zhong, Hong; Liu, Lu

    2017-05-05

    Wireless Body Sensor Networks (WBSNs) are gaining importance in the era of the Internet of Things (IoT). The modern medical system is a particular area where the WBSN techniques are being increasingly adopted for various fundamental operations. Despite such increasing deployments of WBSNs, issues such as the infancy in the size, capabilities and limited data processing capacities of the sensor devices restrain their adoption in resource-demanding applications. Though providing computing and storage supplements from cloud servers can potentially enrich the capabilities of the WBSNs devices, data security is one of the prevailing issues that affects the reliability of cloud-assisted services. Sensitive applications such as modern medical systems demand assurance of the privacy of the users' medical records stored in distant cloud servers. Since it is economically impossible to set up private cloud servers for every client, auditing data security managed in the remote servers has necessarily become an integral requirement of WBSNs' applications relying on public cloud servers. To this end, this paper proposes a novel certificateless public auditing scheme with integrated privacy protection. The multi-user model in our scheme supports groups of users to store and share data, thus exhibiting the potential for WBSNs' deployments within community environments. Furthermore, our scheme enriches user experiences by offering public verifiability, forward security mechanisms and revocation of illegal group members. Experimental evaluations demonstrate the security effectiveness of our proposed scheme under the Random Oracle Model (ROM) by outperforming existing cloud-assisted WBSN models.

  11. A brief review of revocable ID-based public key cryptosystem

    Directory of Open Access Journals (Sweden)

    Tsu-Yang Wu

    2016-03-01

    Full Text Available The design of ID-based cryptography has received much attention from researchers. However, how to revoke the misbehaviour/compromised user in ID-based public key cryptosystem becomes an important research issue. Recently, Tseng and Tsai proposed a novel public key cryptosystem called revocable ID-based public key cryptosystem (RIBE to solve the revocation problem. Later on, numerous research papers based on the Tseng-Tsai key RIBE were proposed. In this paper, we brief review Tseng and Tsai's RIBE. We hope this review can help the readers to understand the Tseng and Tsai's revocable ID-based public key cryptosystem.

  12. Information verification cryptosystem using one-time keys based on double random phase encoding and public-key cryptography

    Science.gov (United States)

    Zhao, Tieyu; Ran, Qiwen; Yuan, Lin; Chi, Yingying; Ma, Jing

    2016-08-01

    A novel image encryption system based on double random phase encoding (DRPE) and RSA public-key algorithm is proposed. The main characteristic of the system is that each encryption process produces a new decryption key (even for the same plaintext), thus the encryption system conforms to the feature of the one-time pad (OTP) cryptography. The other characteristic of the system is the use of fingerprint key. Only with the rightful authorization will the true decryption be obtained, otherwise the decryption will result in noisy images. So the proposed system can be used to determine whether the ciphertext is falsified by attackers. In addition, the system conforms to the basic agreement of asymmetric cryptosystem (ACS) due to the combination with the RSA public-key algorithm. The simulation results show that the encryption scheme has high robustness against the existing attacks.

  13. A Novel Key Distribution Solution for Combined Public/Secret Key ...

    African Journals Online (AJOL)

    Moreover, an implementation over the new IPv6 Internet protocol is presented such that the system can be ported to both wired and wireless networking environments. Keywords: cryptography, key distribution, security server. AJOL African Journals Online. HOW TO USE AJOL... for Researchers · for Librarians · for Authors ...

  14. Teaching Public Administration: Key Themes 1996-2016

    Science.gov (United States)

    Fenwick, John

    2018-01-01

    In this article, the aim is to explore some of the key themes to emerge in the journal during the past two decades. Each selected theme will be reviewed in the light of issues raised in particular papers. The aim of this approach is, first, to facilitate reflection upon the contribution of the journal as its subject matter has moved from a concern…

  15. Cloud Security Requirements - A checklist with security and privacy requirements for public cloud services

    OpenAIRE

    Bernsmed, Karin; Meland, Per Håkon; Jaatun, Martin Gilje

    2015-01-01

    - This document contains a checklist that can be used to develop or evaluate security and privacy requirements for Cloud computing services. The content has been gathered from established industry standards and best practices, supplemented with requirements from European data protection legislation, and taking into account security issues identified in recent research on Cloud security. The document is intended to be used by potential cloud customers that need to assess the security of a c...

  16. Challenges created by data dissemination and access restrictions when attempting to address community concerns: individual privacy versus public wellbeing.

    Science.gov (United States)

    Colquhoun, Amy; Aplin, Laura; Geary, Janis; Goodman, Karen J; Hatcher, Juanita

    2012-05-08

    Population health data are vital for the identification of public health problems and the development of public health strategies. Challenges arise when attempts are made to disseminate or access anonymised data that are deemed to be potentially identifiable. In these situations, there is debate about whether the protection of an individual's privacy outweighs potentially beneficial public health initiatives developed using potentially identifiable information. While these issues have an impact at planning and policy levels, they pose a particular dilemma when attempting to examine and address community concerns about a specific health problem. Research currently underway in northern Canadian communities on the frequency of Helicobacter pylori infection and associated diseases, such as stomach cancer, is used in this article to illustrate the challenges that data controls create on the ability of researchers and health officials to address community concerns. Barriers are faced by public health professionals and researchers when endeavouring to address community concerns; specifically, provincial cancer surveillance departments and community-driven participatory research groups face challenges related to data release or access that inhibit their ability to effectively address community enquiries. The resulting consequences include a limited ability to address misinformation or to alleviate concerns when dealing with health problems in small communities. The development of communication tools and building of trusting relationships are essential components of a successful investigation into community health concerns. It may also be important to consider that public wellbeing may outweigh the value of individual privacy in these situations. As such, a re-evaluation of data disclosure policies that are applicable in these circumstances should be considered.

  17. Key elements for a measurement framework for public sector innovation

    DEFF Research Database (Denmark)

    Bloch, Carter Walter; Lopez-Bassols, Vladimir

    2013-01-01

    This document provides an overview of recent NESTI work on developing guidelines for measuring public sector innovation (PSI). The paper includes an update on various ongoing activities which will contribute to the development of a measurement framework for PSI and outlines a number of areas which...

  18. Information Secrecy And Public-Key Cryptography | Mekuria | Zede ...

    African Journals Online (AJOL)

    The subject and need of information secrecy with emphasis to the choice of fully using an already established public channel is to be discussed. Related histories and current achievements made in the area of information hiding, notable persons who changed the course of its progress from ancient times to this last ...

  19. Informing the educators: one of the keys to public acceptance

    International Nuclear Information System (INIS)

    Mattox, G.C.; Reynolds, A.B.; Brenizer, J.S.

    1986-01-01

    One of the most difficult barriers to overcome in the task of gaining greater public acceptance of nuclear power is the widespread lack of correct information about the true risks and benefits of nuclear energy. The news media are the most prevalent sources of information for the public but they are highly constrained by the limits of space, time, and reader/viewer interest span in being able to cover this complex subject with any degree of completeness, much less with any degree of accuracy. Another source of information for the general public is the educational system, and while it also has its limitations, they are somewhat different from those faced by the media, and the educational system is generally considered to be a more credible information source than the media. This paper report on three programs undertaken in 1985 and 1986 by the Virginia Section of the American Nuclear Society (ANS) in conjunction with the University of Virginia (UVA), the Virginia State Department of Education, and various nuclear industry participants. Each program had its unique features, successes, an failures. All-in-all, these programs have been reported as being quite successful in helping to reach the public through informing the educators

  20. Privacy Policy

    Science.gov (United States)

    ... Home → NLM Privacy Policy URL of this page: https://medlineplus.gov/privacy.html NLM Privacy Policy To ... out of cookies in the most popular browsers, http://www.usa.gov/optout_instructions.shtml. Please note ...

  1. Key Performance Indicators of Public Universities Based on Quality Assessment Criteria in Thailand

    Science.gov (United States)

    Sukboonyasatit, Kritsana; Thanapaisarn, Chaiwit; Manmar, Lampang

    2011-01-01

    The research objective was to develop public universities' key performance indicators. Qualitative research and interviews were employed with each public university's senior executive and quality assessors. The sample group was selected by the office of the public sector development commission and Thailand's public universities can be separated…

  2. Advertising and Invasion of Privacy.

    Science.gov (United States)

    Rohrer, Daniel Morgan

    The right of privacy as it relates to advertising and the use of a person's name or likeness is discussed in this paper. After an introduction that traces some of the history of invasion of privacy in court decisions, the paper examines cases involving issues such as public figures and newsworthy items, right of privacy waived, right of privacy…

  3. Privacy Expectations in Online Contexts

    Science.gov (United States)

    Pure, Rebekah Abigail

    2013-01-01

    Advances in digital networked communication technology over the last two decades have brought the issue of personal privacy into sharper focus within contemporary public discourse. In this dissertation, I explain the Fourth Amendment and the role that privacy expectations play in the constitutional protection of personal privacy generally, and…

  4. Sustainability as the key to prioritize investments in public infrastructures

    International Nuclear Information System (INIS)

    Pardo-Bosch, Francesc; Aguado, Antonio

    2016-01-01

    Infrastructure construction, one of the biggest driving forces of the economy nowadays, requires a huge analysis and clear transparency to decide what projects have to be executed with the few resources available. With the aim to provide the public administrations a tool with which they can make their decisions easier, the Sustainability Index of Infrastructure Projects (SIIP) has been defined, with a multi-criteria decision system called MIVES, in order to classify non-uniform investments. This index evaluates, in two inseparable stages, the contribution to the sustainable development of each infrastructure project, analyzing its social, environmental and economic impact. The result of the SIIP allows to decide the order with which projects will be prioritized. The case of study developed proves the adaptability and utility of this tool for the ordinary budget management.

  5. Sustainability as the key to prioritize investments in public infrastructures

    Energy Technology Data Exchange (ETDEWEB)

    Pardo-Bosch, Francesc, E-mail: francesc.pardo@upc.edu [Departament d' Enginyeria Civil i Ambiental, Universitat Politècnica de Catalunya - Barcelona Tech. (Spain); Political Science Department, University of California - Berkeley (United States); Aguado, Antonio, E-mail: antonio.aguado@upc.edu [Departament d' Enginyeria Civil i Ambiental, Universitat Politècnica de Catalunya - Barcelona Tech. (Spain)

    2016-09-15

    Infrastructure construction, one of the biggest driving forces of the economy nowadays, requires a huge analysis and clear transparency to decide what projects have to be executed with the few resources available. With the aim to provide the public administrations a tool with which they can make their decisions easier, the Sustainability Index of Infrastructure Projects (SIIP) has been defined, with a multi-criteria decision system called MIVES, in order to classify non-uniform investments. This index evaluates, in two inseparable stages, the contribution to the sustainable development of each infrastructure project, analyzing its social, environmental and economic impact. The result of the SIIP allows to decide the order with which projects will be prioritized. The case of study developed proves the adaptability and utility of this tool for the ordinary budget management.

  6. Towards Public Key Encryption Scheme Supporting Equality Test with Fine-Grained Authorization

    NARCIS (Netherlands)

    Tang, Qiang

    2011-01-01

    In this paper we investigate a new category of public key encryption schemes which supports equality test between ciphertexts. With this new primitive, two users, who possess their own public/private key pairs, can issue token(s) to a proxy to authorize it to perform equality test between their

  7. Public Key Encryption Supporting Plaintext Equality Test and User-Specified Authorization

    NARCIS (Netherlands)

    Tang, Qiang

    2011-01-01

    In this paper we investigate a category of public key encryption schemes which supports plaintext equality test and user-specified authorization. With this new primitive, two users, who possess their own public/private key pairs, can issue token(s) to a proxy to authorize it to perform plaintext

  8. Privacy-awareness in blockchain-based PKI

    OpenAIRE

    2015-01-01

    Conventional public key infrastructure (PKI) designs are not optimal and contain security flaws; there is much work underway in improving PKI. The properties given by the Bitcoin blockchain and its derivatives are a natural solution to some of the problems with PKI - in particular, certificate transparency and elimination of single points of failure. Recently-proposed blockchain PKI designs are built as public ledgers linking identity with public key, giving no provision of privacy. We consid...

  9. A Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: PriAuth

    Directory of Open Access Journals (Sweden)

    Yuwen Chen

    2017-01-01

    Full Text Available In a wearable sensor-based deployment, sensors are placed over the patient to monitor their body health parameters. Continuous physiological information monitored by wearable sensors helps doctors have a better diagnostic and a suitable treatment. When doctors want to access the patient’s sensor data remotely via network, the patient will authenticate the identity of the doctor first, and then they will negotiate a key for further communication. Many lightweight schemes have been proposed to enable a mutual authentication and key establishment between the two parties with the help of a gateway node, but most of these schemes cannot enable identity confidentiality. Besides, the shared key is also known by the gateway, which means the patient’s sensor data could be leaked to the gateway. In PriAuth, identities are encrypted to guarantee confidentiality. Additionally, Elliptic Curve Diffie–Hellman (ECDH key exchange protocol has been adopted to ensure the secrecy of the key, avoiding the gateway access to it. Besides, only hash and XOR computations are adopted because of the computability and power constraints of the wearable sensors. The proposed scheme has been validated by BAN logic and AVISPA, and the results show the scheme has been proven as secure.

  10. Universal Keyword Classifier on Public Key Based Encrypted Multikeyword Fuzzy Search in Public Cloud.

    Science.gov (United States)

    Munisamy, Shyamala Devi; Chokkalingam, Arun

    2015-01-01

    Cloud computing has pioneered the emerging world by manifesting itself as a service through internet and facilitates third party infrastructure and applications. While customers have no visibility on how their data is stored on service provider's premises, it offers greater benefits in lowering infrastructure costs and delivering more flexibility and simplicity in managing private data. The opportunity to use cloud services on pay-per-use basis provides comfort for private data owners in managing costs and data. With the pervasive usage of internet, the focus has now shifted towards effective data utilization on the cloud without compromising security concerns. In the pursuit of increasing data utilization on public cloud storage, the key is to make effective data access through several fuzzy searching techniques. In this paper, we have discussed the existing fuzzy searching techniques and focused on reducing the searching time on the cloud storage server for effective data utilization. Our proposed Asymmetric Classifier Multikeyword Fuzzy Search method provides classifier search server that creates universal keyword classifier for the multiple keyword request which greatly reduces the searching time by learning the search path pattern for all the keywords in the fuzzy keyword set. The objective of using BTree fuzzy searchable index is to resolve typos and representation inconsistencies and also to facilitate effective data utilization.

  11. Universal Keyword Classifier on Public Key Based Encrypted Multikeyword Fuzzy Search in Public Cloud

    Directory of Open Access Journals (Sweden)

    Shyamala Devi Munisamy

    2015-01-01

    Full Text Available Cloud computing has pioneered the emerging world by manifesting itself as a service through internet and facilitates third party infrastructure and applications. While customers have no visibility on how their data is stored on service provider’s premises, it offers greater benefits in lowering infrastructure costs and delivering more flexibility and simplicity in managing private data. The opportunity to use cloud services on pay-per-use basis provides comfort for private data owners in managing costs and data. With the pervasive usage of internet, the focus has now shifted towards effective data utilization on the cloud without compromising security concerns. In the pursuit of increasing data utilization on public cloud storage, the key is to make effective data access through several fuzzy searching techniques. In this paper, we have discussed the existing fuzzy searching techniques and focused on reducing the searching time on the cloud storage server for effective data utilization. Our proposed Asymmetric Classifier Multikeyword Fuzzy Search method provides classifier search server that creates universal keyword classifier for the multiple keyword request which greatly reduces the searching time by learning the search path pattern for all the keywords in the fuzzy keyword set. The objective of using BTree fuzzy searchable index is to resolve typos and representation inconsistencies and also to facilitate effective data utilization.

  12. Adding query privacy to robust DHTs

    DEFF Research Database (Denmark)

    Backes, Michael; Goldberg, Ian; Kate, Aniket

    2012-01-01

    intermediate peers that (help to) route the queries towards their destinations. In this paper, we satisfy this requirement by presenting an approach for providing privacy for the keys in DHT queries. We use the concept of oblivious transfer (OT) in communication over DHTs to preserve query privacy without...... privacy over robust DHTs. Finally, we compare the performance of our privacy-preserving protocols with their more privacy-invasive counterparts. We observe that there is no increase in the message complexity...

  13. Public assessment of new surveillance-oriented security technologies: Beyond the trade-off between privacy and security.

    Science.gov (United States)

    Pavone, Vincenzo; Esposti, Sara Degli

    2012-07-01

    As surveillance-oriented security technologies (SOSTs) are considered security enhancing but also privacy infringing, citizens are expected to trade part of their privacy for higher security. Drawing from the PRISE project, this study casts some light on how citizens actually assess SOSTs through a combined analysis of focus groups and survey data. First, the outcomes suggest that people did not assess SOSTs in abstract terms but in relation to the specific institutional and social context of implementation. Second, from this embedded viewpoint, citizens either expressed concern about government's surveillance intentions and considered SOSTs mainly as privacy infringing, or trusted political institutions and believed that SOSTs effectively enhanced their security. None of them, however, seemed to trade privacy for security because concerned citizens saw their privacy being infringed without having their security enhanced, whilst trusting citizens saw their security being increased without their privacy being affected.

  14. Information privacy fundamentals for librarians and information professionals

    CERN Document Server

    Givens, Cherie L

    2014-01-01

    This book introduces library and information professionals to information privacy, provides an overview of information privacy in the library and information science context, U.S. privacy laws by sector, information privacy policy, and key considerations when planning and creating a privacy program.

  15. Design of a Secure Authentication and Key Agreement Scheme Preserving User Privacy Usable in Telecare Medicine Information Systems.

    Science.gov (United States)

    Arshad, Hamed; Rasoolzadegan, Abbas

    2016-11-01

    Authentication and key agreement schemes play a very important role in enhancing the level of security of telecare medicine information systems (TMISs). Recently, Amin and Biswas demonstrated that the authentication scheme proposed by Giri et al. is vulnerable to off-line password guessing attacks and privileged insider attacks and also does not provide user anonymity. They also proposed an improved authentication scheme, claiming that it resists various security attacks. However, this paper demonstrates that Amin and Biswas's scheme is defenseless against off-line password guessing attacks and replay attacks and also does not provide perfect forward secrecy. This paper also shows that Giri et al.'s scheme not only suffers from the weaknesses pointed out by Amin and Biswas, but it also is vulnerable to replay attacks and does not provide perfect forward secrecy. Moreover, this paper proposes a novel authentication and key agreement scheme to overcome the mentioned weaknesses. Security and performance analyses show that the proposed scheme not only overcomes the mentioned security weaknesses, but also is more efficient than the previous schemes.

  16. Public Attitudes about Health Information Technology, and Its Relationship to Health Care Quality, Costs, and Privacy

    Science.gov (United States)

    Gaylin, Daniel S; Moiduddin, Adil; Mohamoud, Shamis; Lundeen, Katie; Kelly, Jennifer A

    2011-01-01

    Objective To understand Americans' attitudes concerning health information technology's (IT's) potential to improve health care and differences in those attitudes based on demographics and technological affinity. Data Sources/Study Setting A random-digit-dial sample with known probability of selection for every household in the United States with a telephone, plus a supplemental sample of cell phone users. Telephone interviews were conducted from August 2009 through November 2009. Study Design Data were analyzed to present univariate estimates of Americans' opinions of health IT, as well as multivariate logistic regressions to assess hypotheses relating individuals' characteristics to their opinions. Characteristics used in our model include age, race, ethnicity, gender, income, and affinity to technology. Findings A large majority (78 percent) favor use of electronic medical records (EMRs); believe EMRs could improve care and reduce costs (78 percent and 59 percent, respectively); believe benefits of EMR use outweigh privacy risks (64 percent); and support health care information sharing among providers (72 percent). Regression analyses show more positive attitudes among those with higher incomes and greater comfort using electronic technologies. Conclusion The findings suggest that American's believe that health IT adoption is an effective means to improve the quality and safety of health care. PMID:21275986

  17. Public Key Infrastructure (PKI) Interoperability: A Security Services Approach to Support Transfer of Trust

    National Research Council Canada - National Science Library

    Hansen, Anthony

    1999-01-01

    Public key infrastructure (PKI) technology is at a primitive stage characterized by deployment of PKIs that are engineered to support the provision of security services within individual enterprises, and are not able to support...

  18. Measuring Public Leadership: Developing Scales for Four Key Public Leadership Roles

    NARCIS (Netherlands)

    Tummers, Lars; Knies, Eva|info:eu-repo/dai/nl/313875421

    2016-01-01

    This article on public leadership contributes to the literature by (1) focusing on the ‘public’ aspect of leadership and (2) developing quantitative scales for measuring four public leadership roles. These roles all refer to the extent to which public leaders actively support their employees in

  19. 32 CFR 701.101 - Privacy program terms and definitions.

    Science.gov (United States)

    2010-07-01

    ... from a project on privacy issues, identifying and resolving the privacy risks, and approval by a... 32 National Defense 5 2010-07-01 2010-07-01 false Privacy program terms and definitions. 701.101... DEPARTMENT OF THE NAVY DOCUMENTS AFFECTING THE PUBLIC DON Privacy Program § 701.101 Privacy program terms and...

  20. Security of public key encryption technique based on multiple chaotic systems

    International Nuclear Information System (INIS)

    Wang Kai; Pei Wenjiang; Zou Liuhua; Cheung Yiuming; He Zhenya

    2006-01-01

    Recently, a new public key encryption technique based on multiple chaotic systems has been proposed [B. Ranjan, Phys. Rev. Lett. 95 (2005) 098702]. This scheme employs m-chaotic systems and a set of linear functions for key exchange over an insecure channel. Security of the proposed algorithm grows as (NP) m , where N, P are the size of the key and the computational complexity of the linear functions respectively. In this Letter, the fundamental weakness of the cryptosystem is pointed out and a successful attack is described. Given the public keys and the initial vector, one can calculate the secret key based on Parseval's theorem. Both theoretical and experimental results show that the attacker can access to the secret key without difficulty. The lack of security discourages the use of such algorithm for practical applications

  1. Information security system based on virtual-optics imaging methodology and public key infrastructure

    Science.gov (United States)

    Peng, Xiang; Zhang, Peng; Cai, Lilong

    In this paper, we present a virtual-optical based information security system model with the aid of public-key-infrastructure (PKI) techniques. The proposed model employs a hybrid architecture in which our previously published encryption algorithm based on virtual-optics imaging methodology (VOIM) can be used to encipher and decipher data while an asymmetric algorithm, for example RSA, is applied for enciphering and deciphering the session key(s). For an asymmetric system, given an encryption key, it is computationally infeasible to determine the decryption key and vice versa. The whole information security model is run under the framework of PKI, which is on basis of public-key cryptography and digital signatures. This PKI-based VOIM security approach has additional features like confidentiality, authentication, and integrity for the purpose of data encryption under the environment of network.

  2. 76 FR 67763 - Privacy Act of 1974; Privacy Act System of Records

    Science.gov (United States)

    2011-11-02

    ... NATIONAL AERONAUTICS AND SPACE ADMINISTRATION [Notice (11-109)] Privacy Act of 1974; Privacy Act... proposed revisions to an existing Privacy Act system of records. SUMMARY: Pursuant to the provisions of the Privacy Act of 1974 (5 U.S.C. 552a), the National Aeronautics and Space Administration is issuing public...

  3. 76 FR 64114 - Privacy Act of 1974; Privacy Act System of Records

    Science.gov (United States)

    2011-10-17

    ... NATIONAL AERONAUTICS AND SPACE ADMINISTRATION [Notice (11-093)] Privacy Act of 1974; Privacy Act... proposed revisions to an existing Privacy Act system of records. SUMMARY: Pursuant to the provisions of the Privacy Act of 1974 (5 U.S.C. 552a), the National Aeronautics and Space Administration is issuing public...

  4. 78 FR 77503 - Privacy Act of 1974; Privacy Act System of Records

    Science.gov (United States)

    2013-12-23

    ... NATIONAL AERONAUTICS AND SPACE ADMINISTRATION [Notice 13-149] Privacy Act of 1974; Privacy Act... proposed revisions to existing Privacy Act systems of records. SUMMARY: Pursuant to the provisions of the Privacy Act of 1974 (5 U.S.C. 552a), the National Aeronautics and Space Administration is issuing public...

  5. 77 FR 69898 - Privacy Act of 1974; Privacy Act System of Records

    Science.gov (United States)

    2012-11-21

    ... NATIONAL AERONAUTICS AND SPACE ADMINISTRATION [Notice 12-100] Privacy Act of 1974; Privacy Act... proposed revisions to an existing Privacy Act system of records. SUMMARY: Pursuant to the provisions of the Privacy Act of 1974 (5 U.S.C. 552a), the National Aeronautics and Space Administration is issuing public...

  6. Public Perspectives of Mobile Phones' Effects on Healthcare Quality and Medical Data Security and Privacy: A 2-Year Nationwide Survey.

    Science.gov (United States)

    Richardson, Joshua E; Ancker, Jessica S

    2015-01-01

    Given growing interest in mobile phones for health management (mHealth), we surveyed consumer perceptions of mHealth in security, privacy, and healthcare quality using national random-digit-dial telephone surveys in 2013 and 2014. In 2013, 48% thought that using a mobile phone to communicate data with a physician's electronic health record (EHR) would improve the quality of health care. By 2014, the proportion rose to 57% (p privacy concerns yet nearly two-thirds expressed privacy concerns. In 2013 alone, respondents were more likely to express privacy concerns about medical data on mobile phones than they were to endorse similar concerns with EHRs or health information exchange (HIE). Consumers increasingly believe that mHealth improves healthcare quality, but security and privacy concerns need to be addressed for quality improvement to be fully realized.

  7. Bit-Oriented Quantum Public-Key Cryptosystem Based on Bell States

    Science.gov (United States)

    Wu, WanQing; Cai, QingYu; Zhang, HuanGuo; Liang, XiaoYan

    2018-06-01

    Quantum public key encryption system provides information confidentiality using quantum mechanics. This paper presents a quantum public key cryptosystem ( Q P K C) based on the Bell states. By H o l e v o' s theorem, the presented scheme provides the security of the secret key using one-wayness during the QPKC. While the QPKC scheme is information theoretic security under chosen plaintext attack ( C P A). Finally some important features of presented QPKC scheme can be compared with other QPKC scheme.

  8. Protecting patron privacy

    CERN Document Server

    Beckstrom, Matthew

    2015-01-01

    In a world where almost anyone with computer savvy can hack, track, and record the online activities of others, your library can serve as a protected haven for your visitors who rely on the Internet to conduct research-if you take the necessary steps to safeguard their privacy. This book shows you how to protect patrons' privacy while using the technology that your library provides, including public computers, Internet access, wireless networks, and other devices. Logically organized into two major sections, the first part of the book discusses why the privacy of your users is of paramount

  9. Privacy protection schemes for fingerprint recognition systems

    Science.gov (United States)

    Marasco, Emanuela; Cukic, Bojan

    2015-05-01

    The deployment of fingerprint recognition systems has always raised concerns related to personal privacy. A fingerprint is permanently associated with an individual and, generally, it cannot be reset if compromised in one application. Given that fingerprints are not a secret, potential misuses besides personal recognition represent privacy threats and may lead to public distrust. Privacy mechanisms control access to personal information and limit the likelihood of intrusions. In this paper, image- and feature-level schemes for privacy protection in fingerprint recognition systems are reviewed. Storing only key features of a biometric signature can reduce the likelihood of biometric data being used for unintended purposes. In biometric cryptosystems and biometric-based key release, the biometric component verifies the identity of the user, while the cryptographic key protects the communication channel. Transformation-based approaches only a transformed version of the original biometric signature is stored. Different applications can use different transforms. Matching is performed in the transformed domain which enable the preservation of low error rates. Since such templates do not reveal information about individuals, they are referred to as cancelable templates. A compromised template can be re-issued using a different transform. At image-level, de-identification schemes can remove identifiers disclosed for objectives unrelated to the original purpose, while permitting other authorized uses of personal information. Fingerprint images can be de-identified by, for example, mixing fingerprints or removing gender signature. In both cases, degradation of matching performance is minimized.

  10. Privacy Attitudes among Early Adopters of Emerging Health Technologies.

    Directory of Open Access Journals (Sweden)

    Cynthia Cheung

    Full Text Available Advances in health technology such as genome sequencing and wearable sensors now allow for the collection of highly granular personal health data from individuals. It is unclear how people think about privacy in the context of these emerging health technologies. An open question is whether early adopters of these advances conceptualize privacy in different ways than non-early adopters.This study sought to understand privacy attitudes of early adopters of emerging health technologies.Transcripts from in-depth, semi-structured interviews with early adopters of genome sequencing and health devices and apps were analyzed with a focus on participant attitudes and perceptions of privacy. Themes were extracted using inductive content analysis.Although interviewees were willing to share personal data to support scientific advancements, they still expressed concerns, as well as uncertainty about who has access to their data, and for what purpose. In short, they were not dismissive of privacy risks. Key privacy-related findings are organized into four themes as follows: first, personal data privacy; second, control over personal information; third, concerns about discrimination; and fourth, contributing personal data to science.Early adopters of emerging health technologies appear to have more complex and nuanced conceptions of privacy than might be expected based on their adoption of personal health technologies and participation in open science. Early adopters also voiced uncertainty about the privacy implications of their decisions to use new technologies and share their data for research. Though not representative of the general public, studies of early adopters can provide important insights into evolving attitudes toward privacy in the context of emerging health technologies and personal health data research.

  11. Privacy Attitudes among Early Adopters of Emerging Health Technologies.

    Science.gov (United States)

    Cheung, Cynthia; Bietz, Matthew J; Patrick, Kevin; Bloss, Cinnamon S

    2016-01-01

    Advances in health technology such as genome sequencing and wearable sensors now allow for the collection of highly granular personal health data from individuals. It is unclear how people think about privacy in the context of these emerging health technologies. An open question is whether early adopters of these advances conceptualize privacy in different ways than non-early adopters. This study sought to understand privacy attitudes of early adopters of emerging health technologies. Transcripts from in-depth, semi-structured interviews with early adopters of genome sequencing and health devices and apps were analyzed with a focus on participant attitudes and perceptions of privacy. Themes were extracted using inductive content analysis. Although interviewees were willing to share personal data to support scientific advancements, they still expressed concerns, as well as uncertainty about who has access to their data, and for what purpose. In short, they were not dismissive of privacy risks. Key privacy-related findings are organized into four themes as follows: first, personal data privacy; second, control over personal information; third, concerns about discrimination; and fourth, contributing personal data to science. Early adopters of emerging health technologies appear to have more complex and nuanced conceptions of privacy than might be expected based on their adoption of personal health technologies and participation in open science. Early adopters also voiced uncertainty about the privacy implications of their decisions to use new technologies and share their data for research. Though not representative of the general public, studies of early adopters can provide important insights into evolving attitudes toward privacy in the context of emerging health technologies and personal health data research.

  12. Privacy policies

    NARCIS (Netherlands)

    Dekker, M.A.C.; Etalle, S.; Hartog, den J.I.; Petkovic, M.; Jonker, W.

    2007-01-01

    Privacy is a prime concern in today’s information society. To protect the privacy of individuals, enterprises must follow certain privacy practices while collecting or processing personal data. In this chapter we look at the setting where an enterprise collects private data on its website, processes

  13. Privacy Policies

    NARCIS (Netherlands)

    Dekker, M.A.C.; Etalle, Sandro; den Hartog, Jeremy; Petkovic, M.; Jonker, W.; Jonker, Willem

    2007-01-01

    Privacy is a prime concern in today's information society. To protect the privacy of individuals, enterprises must follow certain privacy practices, while collecting or processing personal data. In this chapter we look at the setting where an enterprise collects private data on its website,

  14. Separable Reversible Data Hiding in Encrypted Signals with Public Key Cryptography

    Directory of Open Access Journals (Sweden)

    Wei-Liang Tai

    2018-01-01

    Full Text Available We propose separable reversible data hiding in an encrypted signal with public key cryptography. In our separable framework, the image owner encrypts the original image by using a public key. On receipt of the encrypted signal, the data-hider embeds data in it by using a data-hiding key. The image decryption and data extraction are independent and separable at the receiver side. Even though the receiver, who has only the data-hiding key, does not learn about the decrypted content, he can extract data from the received marked encrypted signal. However, the receiver who has only the private key cannot extract the embedded data, but he can directly decrypt the received marked encrypted signal to obtain the original image without any error. Compared with other schemes using a cipher stream to encrypt the image, the proposed scheme is more appropriate for cloud services without degrading the security level.

  15. Certificate Transparency with Privacy

    Directory of Open Access Journals (Sweden)

    Eskandarian Saba

    2017-10-01

    Full Text Available Certificate transparency (CT is an elegant mechanism designed to detect when a certificate authority (CA has issued a certificate incorrectly. Many CAs now support CT and it is being actively deployed in browsers. However, a number of privacy-related challenges remain. In this paper we propose practical solutions to two issues. First, we develop a mechanism that enables web browsers to audit a CT log without violating user privacy. Second, we extend CT to support non-public subdomains.

  16. 75 FR 70343 - Privacy Act; System of Records: Records of the Bureau of Public Affairs

    Science.gov (United States)

    2010-11-17

    ...: Electronic, hardcopy. RETRIEVABILITY: By individual name. SAFEGUARDS: All users are given cyber security...: Purpose and Disclosure to Consumer Reporting Agencies. Any persons interested in commenting on the amended.... State-22 SYSTEM NAME: Records of the Bureau of Public Affairs. SECURITY CLASSIFICATION: Unclassified...

  17. Protecting Astronaut Medical Privacy: Review of Presentations and Publications for Attributability

    Science.gov (United States)

    Wear, M. L.; Charvat, J. M.; Lee, L. R.; Babiak-Vazquez, A.; Mason, S. S.; Van Baalen, M.

    2018-01-01

    Retrospective research and medical data collected on astronauts can be a valuable resource for researchers. This data can be requested from two separate NASA Archives. The Lifetime Surveillance of Astronaut Health (LSAH) holds astronaut medical data, and the Life Sciences Data Archive (LSDA) holds research data. One condition of use of astronaut research and medical data is the requirement that all abstracts, publications and presentations using this data must be reviewed for attributability. All final versions of abstracts, presentations, posters, and manuscripts must be reviewed by LSDA/LSAH prior to submission to a conference, journal, or other entities outside the Principal Investigator (PI) laboratory [including the NASA Export Control Document Availability Authorization (DAA) system]. If material undergoes multiple revisions (e.g., journal editor comments), the new versions must also be reviewed by LSDA/LSAH prior to re-submission to the journal. The purpose of this review is to ensure that no personally identifiable information (PII) is included in materials that are presented in a public venue or posted to the public domain. The procedures for submitting materials for review will be outlined. The process that LSAH/LSDA follows for assessing attributability will be presented. Characteristics and parameter combinations that often prompt attributability concerns will be identified. A published case report for a National Football League (NFL) player will be used to demonstrate how, in a population of public interest, a combination of information can result in inadvertent release of private or sensitive information.

  18. Privacy Impact Assessment for the Mailing System for the Office of Public Affairs

    Science.gov (United States)

    The Mailing System for the Office of Public Affairs collects contact and geographic information. Learn how this data will be collected in the system, how it will be used, access to the data, the purpose of data collection, and record retention policies.

  19. Virtual-optical information security system based on public key infrastructure

    Science.gov (United States)

    Peng, Xiang; Zhang, Peng; Cai, Lilong; Niu, Hanben

    2005-01-01

    A virtual-optical based encryption model with the aid of public key infrastructure (PKI) is presented in this paper. The proposed model employs a hybrid architecture in which our previously published encryption method based on virtual-optics scheme (VOS) can be used to encipher and decipher data while an asymmetric algorithm, for example RSA, is applied for enciphering and deciphering the session key(s). The whole information security model is run under the framework of international standard ITU-T X.509 PKI, which is on basis of public-key cryptography and digital signatures. This PKI-based VOS security approach has additional features like confidentiality, authentication, and integrity for the purpose of data encryption under the environment of network. Numerical experiments prove the effectiveness of the method. The security of proposed model is briefly analyzed by examining some possible attacks from the viewpoint of a cryptanalysis.

  20. Trust Threshold Based Public Key Management in Mobile Ad Hoc Networks

    Science.gov (United States)

    2016-03-05

    detection 49 [6,7] , authentication, access control, key management, iso- 50 lating misbehaving nodes for effective routing [6,8,9] , and 51 many other...83 84 85 aims to achieve: (a) resiliency against misbehaving nodes 86 in the network to maintain minimum security vulnerabil- 87 ity; (b...neighbor will decreas the misbehaving node’s direct competence trust. Fur thermore, this neighbor when acting as a recommended public key management in

  1. 43 CFR 2.47 - Records subject to Privacy Act.

    Science.gov (United States)

    2010-10-01

    ... 43 Public Lands: Interior 1 2010-10-01 2010-10-01 false Records subject to Privacy Act. 2.47 Section 2.47 Public Lands: Interior Office of the Secretary of the Interior RECORDS AND TESTIMONY; FREEDOM OF INFORMATION ACT Privacy Act § 2.47 Records subject to Privacy Act. The Privacy Act applies to all...

  2. Cryptanalysis of the public key encryption based on multiple chaotic systems

    International Nuclear Information System (INIS)

    Zhang Linhua

    2008-01-01

    Recently, Ranjan proposed a novel public key encryption technique based on multiple chaotic systems [Phys Lett 2005;95]. Unfortunately, Wang soon gave a successful attack on its special case based on Parseval's theorem [Wang K, Pei W, Zhou L, et al. Security of public key encryption technique based on multiple chaotic system. Phys Lett A, in press]. In this letter, we give an improved example which can avoid the attack and point out that Wang cannot find the essential drawback of the technique. However, further experimental result shows Ruanjan's encryption technique is inefficient, and detailed theoretic analysis shows that the complexity to break the cryptosystem is overestimated

  3. Image encryption based on nonlinear encryption system and public-key cryptography

    Science.gov (United States)

    Zhao, Tieyu; Ran, Qiwen; Chi, Yingying

    2015-03-01

    Recently, optical asymmetric cryptosystem (OACS) has became the focus of discussion and concern of researchers. Some researchers pointed out that OACS was not tenable because of misunderstanding the concept of asymmetric cryptosystem (ACS). We propose an improved cryptosystem using RSA public-key algorithm based on existing OACS and the new system conforms to the basic agreement of public key cryptosystem. At the beginning of the encryption process, the system will produce an independent phase matrix and allocate the input image, which also conforms to one-time pad cryptosystem. The simulation results show that the validity of the improved cryptosystem and the high robustness against attack scheme using phase retrieval technique.

  4. Information hiding based on double random-phase encoding and public-key cryptography.

    Science.gov (United States)

    Sheng, Yuan; Xin, Zhou; Alam, Mohammed S; Xi, Lu; Xiao-Feng, Li

    2009-03-02

    A novel information hiding method based on double random-phase encoding (DRPE) and Rivest-Shamir-Adleman (RSA) public-key cryptosystem is proposed. In the proposed technique, the inherent diffusion property of DRPE is cleverly utilized to make up the diffusion insufficiency of RSA public-key cryptography, while the RSA cryptosystem is utilized for simultaneous transmission of the cipher text and the two phase-masks, which is not possible under the DRPE technique. This technique combines the complementary advantages of the DPRE and RSA encryption techniques and brings security and convenience for efficient information transmission. Extensive numerical simulation results are presented to verify the performance of the proposed technique.

  5. Secret-Key Agreement with Public Discussion subject to an Amplitude Constraint

    KAUST Repository

    Zorgui, Marwen; Rezki, Zouheir; Alomair, Basel; Alouini, Mohamed-Slim

    2016-01-01

    This paper considers the problem of secret-key agreement with public discussion subject to a peak power constraint A on the channel input. The optimal input distribution is proved to be discrete with finite support. To overcome the computationally heavy search for the optimal discrete distribution, several suboptimal schemes are proposed and shown numerically to perform close to the capacity. Moreover, lower and upper bounds for the secret-key capacity are provided and used to prove that the secret-key capacity converges for asymptotic high values of A, to the secret-key capacity with an average power constraint A2. Finally, when the amplitude constraint A is small (A ! 0), the secret-key capacity is proved to be asymptotically equal to the capacity of the legitimate user with an amplitude constraint A and no secrecy constraint.

  6. Secret-Key Agreement with Public Discussion subject to an Amplitude Constraint

    KAUST Repository

    Zorgui, Marwen

    2016-04-06

    This paper considers the problem of secret-key agreement with public discussion subject to a peak power constraint A on the channel input. The optimal input distribution is proved to be discrete with finite support. To overcome the computationally heavy search for the optimal discrete distribution, several suboptimal schemes are proposed and shown numerically to perform close to the capacity. Moreover, lower and upper bounds for the secret-key capacity are provided and used to prove that the secret-key capacity converges for asymptotic high values of A, to the secret-key capacity with an average power constraint A2. Finally, when the amplitude constraint A is small (A ! 0), the secret-key capacity is proved to be asymptotically equal to the capacity of the legitimate user with an amplitude constraint A and no secrecy constraint.

  7. Privacy and Open Government

    Directory of Open Access Journals (Sweden)

    Teresa Scassa

    2014-06-01

    Full Text Available The public-oriented goals of the open government movement promise increased transparency and accountability of governments, enhanced citizen engagement and participation, improved service delivery, economic development and the stimulation of innovation. In part, these goals are to be achieved by making more and more government information public in reusable formats and under open licences. This paper identifies three broad privacy challenges raised by open government. The first is how to balance privacy with transparency and accountability in the context of “public” personal information. The second challenge flows from the disruption of traditional approaches to privacy based on a collapse of the distinctions between public and private sector actors. The third challenge is that of the potential for open government data—even if anonymized—to contribute to the big data environment in which citizens and their activities are increasingly monitored and profiled.

  8. Toekomstvaste fysieke toegangsystemen : Public Key Infrastructure als oplossing voor fysiek toegangbeheer

    NARCIS (Netherlands)

    Kleinhuis, G.; Olk, J.G.E.

    2011-01-01

    Voor fysieke toegangssystemen wordt veelal gebruik gemaakt van toegangspassen met een contactlose chip. Soms zijn deze passen ook nog voorzien van een PKI (Public Key Infrastructure) contactchip voor toegang tot ICT en/of het plaatsen van een digitale handtekening. Ook voor fysieke toegang bied PKI

  9. Gaussian elimination in split unitary groups with an application to public-key cryptography

    Directory of Open Access Journals (Sweden)

    Ayan Mahalanobis

    2017-07-01

    Full Text Available Gaussian elimination is used in special linear groups to solve the word problem. In this paper, we extend Gaussian elimination to split unitary groups. These algorithms have an application in building a public-key cryptosystem, we demonstrate that.

  10. A General Construction of IND-CCA2 Secure Public Key Encryption

    DEFF Research Database (Denmark)

    Kiltz, Eike; Malone-Lee, John

    2003-01-01

    We propose a general construction for public key encryption schemes that are IND-CCA2 secure in the random oracle model. We show that the scheme proposed in [1, 2] fits our general framework and moreover that our method of analysis leads to a more efficient security reduction....

  11. Public perceptions of key performance indicators of healthcare in Alberta, Canada.

    Science.gov (United States)

    Northcott, Herbert C; Harvey, Michael D

    2012-06-01

    To examine the relationship between public perceptions of key performance indicators assessing various aspects of the health-care system. Cross-sequential survey research. Annual telephone surveys of random samples of adult Albertans selected by random digit dialing and stratified according to age, sex and region (n = 4000 for each survey year). The survey questionnaires included single-item measures of key performance indicators to assess public perceptions of availability, accessibility, quality, outcome and satisfaction with healthcare. Cronbach's α and factor analysis were used to assess the relationship between key performance indicators focusing on the health-care system overall and on a recent interaction with the health-care system. The province of Alberta, Canada during the years 1996-2004. Four thousand adults randomly selected each survey year. Survey questions measuring public perceptions of healthcare availability, accessibility, quality, outcome and satisfaction with healthcare. Factor analysis identified two principal components with key performance indicators focusing on the health system overall loading most strongly on the first component and key performance indicators focusing on the most recent health-care encounter loading most strongly on the second component. Assessments of the quality of care most recently received, accessibility of that care and perceived outcome of care tended to be higher than the more general assessments of overall health system quality and accessibility. Assessments of specific health-care encounters and more general assessments of the overall health-care system, while related, nevertheless comprise separate dimensions for health-care evaluation.

  12. Location Privacy in RFID Applications

    Science.gov (United States)

    Sadeghi, Ahmad-Reza; Visconti, Ivan; Wachsmann, Christian

    RFID-enabled systems allow fully automatic wireless identification of objects and are rapidly becoming a pervasive technology with various applications. However, despite their benefits, RFID-based systems also pose challenging risks, in particular concerning user privacy. Indeed, improvident use of RFID can disclose sensitive information about users and their locations allowing detailed user profiles. Hence, it is crucial to identify and to enforce appropriate security and privacy requirements of RFID applications (that are also compliant to legislation). This chapter first discusses security and privacy requirements for RFID-enabled systems, focusing in particular on location privacy issues. Then it explores the advances in RFID applications, stressing the security and privacy shortcomings of existing proposals. Finally, it presents new promising directions for privacy-preserving RFID systems, where as a case study we focus electronic tickets (e-tickets) for public transportation.

  13. Privacy Law and Print Photojournalism.

    Science.gov (United States)

    Dykhouse, Caroline Dow

    Reviews of publications about privacy law, of recent court actions, and of interviews with newspaper photographers and attorneys indicate that torts of privacy often conflict with the freedoms to publish and to gather news. Although some guidelines have already been established (about running distorted pictures, "stealing" pictures, taking…

  14. An Attribute Involved Public Key Cryptosystem Based on P-Sylow Subgroups and Randomization

    Directory of Open Access Journals (Sweden)

    Sumalatha GUNNALA

    2018-04-01

    Full Text Available The Asymmetric Key Cryptosystem (AKC or Public Key Encryption (PKE is a mechanism used to encrypt the messages by using public key and decrypt the enciphered messages by using private key. Of late, the Attribute-Based Encryption (ABE is an expansion of asymmetric key encryption scheme that allows users to encrypt and decrypt the plaintext messages using the key based on the user’s credentials, called attributes, like social security number, PAN (Permanent Account Number, email ids or Aadhar number etc. Most of the existing ABE schemes rely on the multiple attributes from which the access control policies are derived. These policies define the users’ private keys, required for the decryption process and access to the confidential information. In this paper, we proposed a new attribute based asymmetric cryptosystem that uses the features of both the schemes: PKE and ABE. Here, we used a value of an attribute, personal to the user, for the encryption and the decryption process. This scheme assures that the receiver will only be able to access the secret data if recipient is shared with the valid attribute value. The asymmetric nature is this scheme is based on the concept of p-sylow sub-group assumption. In addition, the randomization factor is used in the encipherment process to strengthen the cipher further. The development of this cryptosystem is an embodiment where the merits of randomized asymmetric encryption technique and the attribute based encryption are integrated to achieve the authentication on top of confidentiality to secure the information transmission over the public networks.

  15. Privacy Protection: Mandating New Arrangements to Implement and Assess Federal Privacy Policy and Practice

    National Research Council Canada - National Science Library

    Relyea, Harold C

    2004-01-01

    When Congress enacted the Privacy Act of 1974, it established a temporary national study commission to conduct a comprehensive assessment of privacy policy and practice in both the public and private...

  16. An image hiding method based on cascaded iterative Fourier transform and public-key encryption algorithm

    Science.gov (United States)

    Zhang, B.; Sang, Jun; Alam, Mohammad S.

    2013-03-01

    An image hiding method based on cascaded iterative Fourier transform and public-key encryption algorithm was proposed. Firstly, the original secret image was encrypted into two phase-only masks M1 and M2 via cascaded iterative Fourier transform (CIFT) algorithm. Then, the public-key encryption algorithm RSA was adopted to encrypt M2 into M2' . Finally, a host image was enlarged by extending one pixel into 2×2 pixels and each element in M1 and M2' was multiplied with a superimposition coefficient and added to or subtracted from two different elements in the 2×2 pixels of the enlarged host image. To recover the secret image from the stego-image, the two masks were extracted from the stego-image without the original host image. By applying public-key encryption algorithm, the key distribution was facilitated, and also compared with the image hiding method based on optical interference, the proposed method may reach higher robustness by employing the characteristics of the CIFT algorithm. Computer simulations show that this method has good robustness against image processing.

  17. Privacy and Data-Based Research

    OpenAIRE

    Ori Heffetz; Katrina Ligett

    2013-01-01

    What can we, as users of microdata, formally guarantee to the individuals (or firms) in our dataset, regarding their privacy? We retell a few stories, well-known in data-privacy circles, of failed anonymization attempts in publicly released datasets. We then provide a mostly informal introduction to several ideas from the literature on differential privacy, an active literature in computer science that studies formal approaches to preserving the privacy of individuals in statistical databases...

  18. User Privacy in RFID Networks

    Science.gov (United States)

    Singelée, Dave; Seys, Stefaan

    Wireless RFID networks are getting deployed at a rapid pace and have already entered the public space on a massive scale: public transport cards, the biometric passport, office ID tokens, customer loyalty cards, etc. Although RFID technology offers interesting services to customers and retailers, it could also endanger the privacy of the end-users. The lack of protection mechanisms being deployed could potentially result in a privacy leakage of personal data. Furthermore, there is the emerging threat of location privacy. In this paper, we will show some practical attack scenarios and illustrates some of them with cases that have received press coverage. We will present the main challenges of enhancing privacy in RFID networks and evaluate some solutions proposed in literature. The main advantages and shortcomings will be briefly discussed. Finally, we will give an overview of some academic and industrial research initiatives on RFID privacy.

  19. 76 FR 5973 - Privacy Act of 1974; Notice; Publication of the Systems of Records Managed by the Commodity...

    Science.gov (United States)

    2011-02-02

    ... System CFTC-39 Freedom of Information Act Requests CFTC-40 Privacy Act Requests CFTC-41 Requests for... provisions of the Freedom of Information Act. Nonpublic portions may be used for any purpose specifically... harassment (sexual or non-sexual) on the basis of their race color, religion, sex (gender), national origin...

  20. The Effects of Public Concern for Information Privacy on the Adoption of Health Information Exchanges (HIEs) by Healthcare Entities.

    Science.gov (United States)

    Esmaeilzadeh, Pouyan

    2018-05-08

    The implementation of Health Information Exchanges (HIEs) by healthcare organizations may not achieve the desired outcomes as consumers may request that their health information remains unshared because of information privacy concerns. Drawing on the insights of concern for information privacy (CFIP) literature, this work extends the application of CFIP to the HIE domain. This study attempts to develop and test a model centered on the four dimensions of CFIP construct (collection, errors, unauthorized access, and secondary use) and their antecedents to predict consumers' opt-in behavioral intention toward HIE in the presence of the perceived health status' effects. We conducted an online survey in the United States using 826 samples. The results demonstrate that the perceived health information sensitivity and computer anxiety meaningfully contribute to information privacy concerns and CFIP construct significantly impedes consumers' opt-in decision to HIEs. Interestingly, contrary to our expectation, perceived poor health status considerably attenuates the negative effects exerted by CFIP on opt-in intention. The model proposed by this study can be used as a useful conceptual tool by both further studies and practitioners to examine the complex nature of patients' reactions to information privacy threats associated with the use of HIE technology in the healthcare industry.

  1. Shor-Preskill-type security proof for quantum key distribution without public announcement of bases

    International Nuclear Information System (INIS)

    Hwang, Won-Young; Wang Xiangbin; Matsumoto, Keiji; Kim, Jaewan; Lee, Hai-Woong

    2003-01-01

    We give a Shor-Preskill-type security proof to quantum key distribution without public announcement of bases [W.Y. Hwang et al., Phys. Lett. A 244, 489 (1998)]. First, we modify the Lo-Chau protocol once more so that it finally reduces to the quantum key distribution without public announcement of bases. Then we show how we can estimate the error rate in the code bits based on that in the checked bits in the proposed protocol, which is the central point of the proof. We discuss the problem of imperfect sources and that of large deviation in the error rate distributions. We discuss when the bases sequence must be discarded

  2. Understanding Price Elasticities to Inform Public Health Research and Intervention Studies: Key Issues

    Science.gov (United States)

    Nghiem, Nhung; Genç, Murat; Blakely, Tony

    2013-01-01

    Pricing policies such as taxes and subsidies are important tools in preventing and controlling a range of threats to public health. This is particularly so in tobacco and alcohol control efforts and efforts to change dietary patterns and physical activity levels as a means of addressing increases in noncommunicable diseases. To understand the potential impact of pricing policies, it is critical to understand the nature of price elasticities for consumer products. For example, price elasticities are key parameters in models of any food tax or subsidy that aims to quantify health impacts and cost-effectiveness. We detail relevant terms and discuss key issues surrounding price elasticities to inform public health research and intervention studies. PMID:24028228

  3. Understanding price elasticities to inform public health research and intervention studies: key issues.

    Science.gov (United States)

    Nghiem, Nhung; Wilson, Nick; Genç, Murat; Blakely, Tony

    2013-11-01

    Pricing policies such as taxes and subsidies are important tools in preventing and controlling a range of threats to public health. This is particularly so in tobacco and alcohol control efforts and efforts to change dietary patterns and physical activity levels as a means of addressing increases in noncommunicable diseases. To understand the potential impact of pricing policies, it is critical to understand the nature of price elasticities for consumer products. For example, price elasticities are key parameters in models of any food tax or subsidy that aims to quantify health impacts and cost-effectiveness. We detail relevant terms and discuss key issues surrounding price elasticities to inform public health research and intervention studies.

  4. Blockchain-based Public Key Infrastructure for Inter-Domain Secure Routing

    OpenAIRE

    de la Rocha Gómez-Arevalillo , Alfonso; Papadimitratos , Panos

    2017-01-01

    International audience; A gamut of secure inter-domain routing protocols has been proposed in the literature. They use traditional PGP-like and centralized Public Key Infrastructures for trust management. In this paper, we propose our alternative approach for managing security associations, Secure Blockchain Trust Management (SBTM), a trust management system that instantiates a blockchain-based PKI for the operation of securerouting protocols. A main motivation for SBTM is to facilitate gradu...

  5. 45 CFR 503.1 - Definitions-Privacy Act.

    Science.gov (United States)

    2010-10-01

    ... 45 Public Welfare 3 2010-10-01 2010-10-01 false Definitions-Privacy Act. 503.1 Section 503.1... THE UNITED STATES, DEPARTMENT OF JUSTICE RULES OF PRACTICE PRIVACY ACT AND GOVERNMENT IN THE SUNSHINE REGULATIONS Privacy Act Regulations § 503.1 Definitions—Privacy Act. For the purpose of this part: Agency...

  6. 45 CFR 503.2 - General policies-Privacy Act.

    Science.gov (United States)

    2010-10-01

    ... 45 Public Welfare 3 2010-10-01 2010-10-01 false General policies-Privacy Act. 503.2 Section 503.2... THE UNITED STATES, DEPARTMENT OF JUSTICE RULES OF PRACTICE PRIVACY ACT AND GOVERNMENT IN THE SUNSHINE REGULATIONS Privacy Act Regulations § 503.2 General policies—Privacy Act. The Commission will protect the...

  7. Non-coherent capacity of secret-key agreement with public discussion

    KAUST Repository

    Agrawal, Anurag

    2011-06-01

    We study the Rayleigh fading non-coherent capacity of secret-key agreement with public discussion, where neither the sender nor the receivers have access to instantaneous channel state information (CSI) of any channel. We present two results. At high Signal-to-Noise Ratio (SNR), the secret-key capacity is bounded in SNR, regardless of the number of antennas at each terminal. Second, for a system with a single antenna at both the legitimate and the eavesdropper terminals and an arbitrary number of transmit antennas, the secret-key capacity-achieving input distribution is discrete, with a finite number of mass points. Numerically we observe that at low-SNR, the capacity achieving distribution has two mass points with one of them at the origin. © 2011 IEEE.

  8. Non-coherent capacity of secret-key agreement with public discussion

    KAUST Repository

    Agrawal, Anurag; Rezki, Zouheir; Khisti, Ashish J.; Alouini, Mohamed-Slim

    2011-01-01

    We study the Rayleigh fading non-coherent capacity of secret-key agreement with public discussion, where neither the sender nor the receivers have access to instantaneous channel state information (CSI) of any channel. We present two results. At high Signal-to-Noise Ratio (SNR), the secret-key capacity is bounded in SNR, regardless of the number of antennas at each terminal. Second, for a system with a single antenna at both the legitimate and the eavesdropper terminals and an arbitrary number of transmit antennas, the secret-key capacity-achieving input distribution is discrete, with a finite number of mass points. Numerically we observe that at low-SNR, the capacity achieving distribution has two mass points with one of them at the origin. © 2011 IEEE.

  9. Public Health Preparedness Funding: Key Programs and Trends From 2001 to 2017.

    Science.gov (United States)

    Watson, Crystal R; Watson, Matthew; Sell, Tara Kirk

    2017-09-01

    To evaluate trends in funding over the past 16 years for key federal public health preparedness and response programs at the US Department of Health and Human Services, to improve understanding of federal funding history in this area, and to provide context for future resource allocation decisions for public health preparedness. In this 2017 analysis, we examined the funding history of key federal programs critical to public health preparedness by reviewing program budget data collected for our annual examination of federal funding for biodefense and health security programs since fiscal year (FY) 2001. State and local preparedness at the Centers for Disease Control and Prevention initially received $940 million in FY2002 and resulted in significant preparedness gains, but funding levels have since decreased by 31%. Similarly, the Hospital Preparedness Program within the Office of the Assistant Secretary for Preparedness and Response was funded at a high of $515 million in FY2003, but funding was reduced by 50%. Investments in medical countermeasure development and stockpiling remained relatively stable. The United States has made significant progress in preparing for disasters and advancing public health infrastructure. To enable continued advancement, federal funding commitments must be sustained.

  10. Internet privacy options for adequate realisation

    CERN Document Server

    2013-01-01

    A thorough multidisciplinary analysis of various perspectives on internet privacy was published as the first volume of a study, revealing the results of the achatech project "Internet Privacy - A Culture of Privacy and Trust on the Internet." The second publication from this project presents integrated, interdisciplinary options for improving privacy on the Internet utilising a normative, value-oriented approach. The ways in which privacy promotes and preconditions fundamental societal values and how privacy violations endanger the flourishing of said values are exemplified. The conditions which must be fulfilled in order to achieve a culture of privacy and trust on the internet are illuminated. This volume presents options for policy-makers, educators, businesses and technology experts how to facilitate solutions for more privacy on the Internet and identifies further research requirements in this area.

  11. Security, privacy, and confidentiality issues on the Internet

    Science.gov (United States)

    Kelly, Grant; McKenzie, Bruce

    2002-01-01

    We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to `sign' a message whereby the private key of an individual can be used to `hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a `digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers. PMID:12554559

  12. Security, privacy, and confidentiality issues on the Internet.

    Science.gov (United States)

    Kelly, Grant; McKenzie, Bruce

    2002-01-01

    We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to 'sign' a message whereby the private key of an individual can be used to 'hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a 'digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers.

  13. On the Security of a Simple Three-Party Key Exchange Protocol without Server’s Public Keys

    Directory of Open Access Journals (Sweden)

    Junghyun Nam

    2014-01-01

    Full Text Available Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010: (1 the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2 the protocol cannot protect clients’ passwords against an offline dictionary attack; and (3 the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol.

  14. Online Tracking Technologies and Web Privacy:Technologieën voor Online volgen en Web Privacy

    OpenAIRE

    Acar, Mustafa Gunes Can

    2017-01-01

    In my PhD thesis, I would like to study the problem of online privacy with a focus on Web and mobile applications. Key research questions to be addressed by my study are the following: How can we formalize and quantify web tracking? What are the threats presented against privacy by different tracking techniques such as browser fingerprinting and cookie based tracking? What kind of privacy enhancing technologies (PET) can be used to ensure privacy without degrading service quality? The stud...

  15. Security and privacy for implantable medical devices

    CERN Document Server

    Carrara, Sandro

    2014-01-01

     This book presents a systematic approach to analyzing the challenging engineering problems posed by the need for security and privacy in implantable medical devices (IMD).  It describes in detail new issues termed as lightweight security, due to the associated constraints on metrics such as available power, energy, computing ability, area, execution time, and memory requirements. Coverage includes vulnerabilities and defense across multiple levels, with basic abstractions of cryptographic services and primitives such as public key cryptography, block ciphers and digital signatures. Experts from engineering introduce to some IMD systems that have  recently been proposed and developed. Experts from Computer Security and Cryptography present new research, which shows vulnerabilities in existing IMDs and proposes solutions. Experts from Privacy Technology and Policy will discuss the societal, legal and ethical challenges surrounding IMD security as well as technological solutions that build on the latest in C...

  16. Adding Query Privacy to Robust DHTs

    DEFF Research Database (Denmark)

    Backes, Michael; Goldberg, Ian; Kate, Aniket

    2011-01-01

    intermediate peers that (help to) route the queries towards their destinations. In this paper, we satisfy this requirement by presenting an approach for providing privacy for the keys in DHT queries. We use the concept of oblivious transfer (OT) in communication over DHTs to preserve query privacy without...... of obtaining query privacy over robust DHTs. Finally, we compare the performance of our privacy-preserving protocols with their more privacy-invasive counterparts. We observe that there is no increase in the message complexity and only a small overhead in the computational complexity....

  17. Privacy Act

    Science.gov (United States)

    Learn about the Privacy Act of 1974, the Electronic Government Act of 2002, the Federal Information Security Management Act, and other information about the Environmental Protection Agency maintains its records.

  18. What was privacy?

    Science.gov (United States)

    McCreary, Lew

    2008-10-01

    Why is that question in the past tense? Because individuals can no longer feel confident that the details of their lives--from identifying numbers to cultural preferences--will be treated with discretion rather than exploited. Even as Facebook users happily share the names of their favorite books, movies, songs, and brands, they often regard marketers' use of that information as an invasion of privacy. In this wide-ranging essay, McCreary, a senior editor at HBR, examines numerous facets of the privacy issue, from Google searches, public shaming on the internet, and cell phone etiquette to passenger screening devices, public surveillance cameras, and corporate chief privacy officers. He notes that IBM has been a leader on privacy; its policy forswearing the use of employees' genetic information in hiring and benefits decisions predated the federal Genetic Information Nondiscrimination Act by three years. Now IBM is involved in an open-source project known as Higgins to provide users with transportable, potentially anonymous online presences. Craigslist, whose CEO calls it "as close to 100% user driven as you can get," has taken an extremely conservative position on privacy--perhaps easier for a company with a declared lack of interest in maximizing revenue. But TJX and other corporate victims of security breaches have discovered that retaining consumers' transaction information can be both costly and risky. Companies that underestimate the importance of privacy to their customers or fail to protect it may eventually face harsh regulation, reputational damage, or both. The best thing they can do, says the author, is negotiate directly with those customers over where to draw the line.

  19. Concentrated Differential Privacy

    OpenAIRE

    Dwork, Cynthia; Rothblum, Guy N.

    2016-01-01

    We introduce Concentrated Differential Privacy, a relaxation of Differential Privacy enjoying better accuracy than both pure differential privacy and its popular "(epsilon,delta)" relaxation without compromising on cumulative privacy loss over multiple computations.

  20. In science communication, why does the idea of the public deficit always return? Exploring key influences.

    Science.gov (United States)

    Suldovsky, Brianne

    2016-05-01

    Despite mounting criticism, the deficit model remains an integral part of science communication research and practice. In this article, I advance three key factors that contribute to the idea of the public deficit in science communication, including the purpose of science communication, how communication processes and outcomes are conceptualized, and how science and scientific knowledge are defined. Affording science absolute epistemic privilege, I argue, is the most compelling factor contributing to the continued use of the deficit model. In addition, I contend that the deficit model plays a necessary, though not sufficient, role in science communication research and practice. Areas for future research are discussed. © The Author(s) 2016.

  1. When public health and genetic privacy collide: positive and normative theories explaining how ACA's expansion of corporate wellness programs conflicts with GINA's privacy rules.

    Science.gov (United States)

    Bard, Jennifer S

    2011-01-01

    The Patient Protection and Affordable Care Act of 2010 (ACA) contains many provisions intended to increase access to and lower the cost of health care by adopting public health measures. One of these promotes the use of at-work wellness programs by both providing employers with grants to develop these programs and also increasing their ability to tie the price employees pay for health insurance for participating in these programs and meeting specific health goals. Yet despite ACA's specific alteration of three different statues which had in the past shielded employees from having to contribute to the cost of their health insurance based on their achieving employer-designated health markers, it chose to leave alone recently enacted rules implementing the Genetic Non-Discrimination Act (GINA), which prohibits employers from asking employees about their family health history in any context, including assessing their risk for setting wellness targets. This article reviews how both the changes made by ACA and the restrictions recently put place by GINA will affect the way employers are likely to structure Wellness Programs. It also considers how these changes reflect the competing social goals of both ACA, which seeks to expand access to the population by lowering costs, and GINA, which seeks to protect individuals from discrimination. It does so by analyzing both positive theories about how these new laws will function and normative theories explaining the likelihood of future friction between the interests of the population of the United States as a whole who are in need of increased and affordable access to health care, and of the individuals living in this country who risk discrimination, as science and medicine continue to make advances in linking genetic make-up to risk of future illness. © 2011 American Society of Law, Medicine & Ethics, Inc.

  2. Patient and public views about the security and privacy of Electronic Health Records (EHRs) in the UK: results from a mixed methods study.

    Science.gov (United States)

    Papoutsi, Chrysanthi; Reed, Julie E; Marston, Cicely; Lewis, Ruth; Majeed, Azeem; Bell, Derek

    2015-10-14

    Although policy discourses frame integrated Electronic Health Records (EHRs) as essential for contemporary healthcare systems, increased information sharing often raises concerns among patients and the public. This paper examines patient and public views about the security and privacy of EHRs used for health provision, research and policy in the UK. Sequential mixed methods study with a cross-sectional survey (in 2011) followed by focus group discussions (in 2012-2013). Survey participants (N = 5331) were recruited from primary and secondary care settings in West London (UK). Complete data for 2761 (51.8 %) participants were included in the final analysis for this paper. The survey results were discussed in 13 focus groups with people living with a range of different health conditions, and in 4 mixed focus groups with patients, health professionals and researchers (total N = 120). Qualitative data were analysed thematically. In the survey, 79 % of participants reported that they would worry about the security of their record if this was part of a national EHR system and 71 % thought the National Health Service (NHS) was unable to guarantee EHR safety at the time this work was carried out. Almost half (47 %) responded that EHRs would be less secure compared with the way their health record was held at the time of the survey. Of those who reported being worried about EHR security, many would nevertheless support their development (55 %), while 12 % would not support national EHRs and a sizeable proportion (33 %) were undecided. There were also variations by age, ethnicity and education. In focus group discussions participants weighed up perceived benefits against potential security and privacy threats from wider sharing of information, as well as discussing other perceived risks: commercial exploitation, lack of accountability, data inaccuracies, prejudice and inequalities in health provision. Patient and public worries about the security risks associated

  3. How socially aware are social media privacy controls?

    OpenAIRE

    Misra, Gaurav; Such Aparicio, Jose Miguel

    2016-01-01

    Social media sites are key mediators of online communication. Yet the privacy controls for these sites are not fully socially aware, even when privacy management is known to be fundamental to successful social relationships.

  4. Understanding key influencers' attitudes and beliefs about healthy public policy change for obesity prevention.

    Science.gov (United States)

    Raine, Kim D; Nykiforuk, Candace I J; Vu-Nguyen, Karen; Nieuwendyk, Laura M; VanSpronsen, Eric; Reed, Shandy; Wild, T Cameron

    2014-11-01

    As overweight and obesity is a risk factor for chronic diseases, the development of environmental and healthy public policy interventions across multiple sectors has been identified as a key strategy to address this issue. In 2009, a survey was developed to assess the attitudes and beliefs regarding health promotion principles, and the priority and acceptability of policy actions to prevent obesity and chronic diseases, among key policy influencers in Alberta and Manitoba, Canada. Surveys were mailed to 1,765 key influencers from five settings: provincial government, municipal government, school boards, print media companies, and workplaces with greater than 500 employees. A total of 236 surveys were completed with a response rate of 15.0%. Findings indicate nearly unanimous influencer support for individual-focused policy approaches and high support for some environmental policies. Restrictive environmental and economic policies received weakest support. Obesity was comparable to smoking with respect to perceptions as a societal responsibility versus a personal responsibility, boding well for the potential of environmental policy interventions for obesity prevention. This level of influencer support provides a platform for more evidence to be brokered to policy influencers about the effectiveness of environmental policy approaches to obesity prevention. © 2014 The Obesity Society.

  5. Key Performance Indicators for Maintenance Management Effectiveness of Public Hospital Building

    Directory of Open Access Journals (Sweden)

    Farhana Omar Mardhiah

    2017-01-01

    Full Text Available Effectiveness of management in maintenance aspect holds the key element in influencing the performance of overall maintenance management. Similarly, public hospital building needs an effective maintenance management as this type of building in nature is one of the most complex issues in the field of maintenance. Improper building maintenance management adopted by the organization significantly will interrupt the overall operation of the building. Therefore, this paper is aim to identifying the key performance indicator (KPI of effectiveness of maintenance management for the public hospital building. A total of 32 set of questionnaires were distributed to the maintenance manager for each hospital in the northern region of peninsular Malaysia by using self-administration strategy. The survey answer was analyzed by performing descriptive analysis in SPSS. Overall, the result of descriptive analysis shows that all the ten factors of effectiveness of maintenance management are accepted as KPI since the mean value is at least 3.93 which classified as important and significant. The most significant factor of effectiveness of maintenance management is task planning and scheduling with the mean score of 4.35. While less significant factor is identify as maintenance approach with the value of mean score is 3.93. The both results indicates that the management need to have well-structured planning for the maintenance works and also need to embrace the exact strategy of maintenance approach in order to achieved better overall performance of maintenance management. This study may draw a standard practice for the government in assessing the performance of public facilities in terms of maintenance management.

  6. Public/private partners. Key factors in creating a strategic alliance for community health.

    Science.gov (United States)

    Nelson, J C; Rashid, H; Galvin, V G; Essien, J D; Levine, L M

    1999-04-01

    The rapidly evolving American health system creates economic and societal incentives for public and private health organizations to collaborate. Despite the apparent benefits of collaboration, there is a paucity of information available to help local agencies develop partnerships. This study, itself a collaboration between a school of public health (SPH) and a Georgia health district, was undertaken to identify critical factors necessary to successfully initiate and sustain a public/private community health collaboration. Professional staff at the SPH conducted 26 standardized interviews involving participants from Cobb and Douglas counties Boards of Health; Promina Northwest (now known as Wellstar), a not-for-profit health system; and community stakeholders. Content analysis of each interview question was performed and comparisons were made both within each group and across groups. Trends were identified in the following key areas: vision of health care for Cobb and Douglas counties, forces driving collaboration, strengths of each organization, critical negotiating issues, and potential community gain resulting from the partnership. A shared vision between potential collaborators facilitates communication regarding strategies to achieve common goals. A previous history of working together in limited capacities allowed the partners to develop trust and respect for one another prior to entering negotiations. These factors, when taken in conjunction with each organization's strong leadership and knowledge of the community, build a strong foundation for a successful partnership.

  7. 76 FR 11435 - Privacy Act of 1974; Computer Matching Program

    Science.gov (United States)

    2011-03-02

    ... Security Administration. SUMMARY: Pursuant to the Computer Matching and Privacy Protection Act of 1988, Public Law 100-503, the Computer Matching and Privacy Protections Amendments of 1990, Pub. L. 101-508... Interpreting the Provisions of Public Law 100-503, the Computer Matching and Privacy Protection Act of 1988...

  8. Gaussian operations and privacy

    International Nuclear Information System (INIS)

    Navascues, Miguel; Acin, Antonio

    2005-01-01

    We consider the possibilities offered by Gaussian states and operations for two honest parties, Alice and Bob, to obtain privacy against a third eavesdropping party, Eve. We first extend the security analysis of the protocol proposed in [Navascues et al. Phys. Rev. Lett. 94, 010502 (2005)]. Then, we prove that a generalized version of this protocol does not allow one to distill a secret key out of bound entangled Gaussian states

  9. Musings on privacy issues in health research involving disaggregate geographic data about individuals

    Directory of Open Access Journals (Sweden)

    AbdelMalik Philip

    2009-07-01

    Full Text Available Abstract This paper offers a state-of-the-art overview of the intertwined privacy, confidentiality, and security issues that are commonly encountered in health research involving disaggregate geographic data about individuals. Key definitions are provided, along with some examples of actual and potential security and confidentiality breaches and related incidents that captured mainstream media and public interest in recent months and years. The paper then goes on to present a brief survey of the research literature on location privacy/confidentiality concerns and on privacy-preserving solutions in conventional health research and beyond, touching on the emerging privacy issues associated with online consumer geoinformatics and location-based services. The 'missing ring' (in many treatments of the topic of data security is also discussed. Personal information and privacy legislations in two countries, Canada and the UK, are covered, as well as some examples of recent research projects and events about the subject. Select highlights from a June 2009 URISA (Urban and Regional Information Systems Association workshop entitled 'Protecting Privacy and Confidentiality of Geographic Data in Health Research' are then presented. The paper concludes by briefly charting the complexity of the domain and the many challenges associated with it, and proposing a novel, 'one stop shop' case-based reasoning framework to streamline the provision of clear and individualised guidance for the design and approval of new research projects (involving geographical identifiers about individuals, including crisp recommendations on which specific privacy-preserving solutions and approaches would be suitable in each case.

  10. Musings on privacy issues in health research involving disaggregate geographic data about individuals.

    Science.gov (United States)

    Boulos, Maged N Kamel; Curtis, Andrew J; Abdelmalik, Philip

    2009-07-20

    This paper offers a state-of-the-art overview of the intertwined privacy, confidentiality, and security issues that are commonly encountered in health research involving disaggregate geographic data about individuals. Key definitions are provided, along with some examples of actual and potential security and confidentiality breaches and related incidents that captured mainstream media and public interest in recent months and years. The paper then goes on to present a brief survey of the research literature on location privacy/confidentiality concerns and on privacy-preserving solutions in conventional health research and beyond, touching on the emerging privacy issues associated with online consumer geoinformatics and location-based services. The 'missing ring' (in many treatments of the topic) of data security is also discussed. Personal information and privacy legislations in two countries, Canada and the UK, are covered, as well as some examples of recent research projects and events about the subject. Select highlights from a June 2009 URISA (Urban and Regional Information Systems Association) workshop entitled 'Protecting Privacy and Confidentiality of Geographic Data in Health Research' are then presented. The paper concludes by briefly charting the complexity of the domain and the many challenges associated with it, and proposing a novel, 'one stop shop' case-based reasoning framework to streamline the provision of clear and individualised guidance for the design and approval of new research projects (involving geographical identifiers about individuals), including crisp recommendations on which specific privacy-preserving solutions and approaches would be suitable in each case.

  11. Funding ATLAS 2012 key indicators for publicly funded research in Germany

    CERN Document Server

    Deutsche Forschungsgemeinschaft (DFG)

    2013-01-01

    The Funding ATLAS is a reporting system (previously referred to as the Funding Ranking) employed by the German Research Foundation (DFG) to provide information in the form of indicators of key developments in publicly funded research in Germany every three years. This English version of the Funding ATLAS 2012 presents selected findings from the more comprehensive German edition. At the core of the report are indicators that provide information on which subject areas have received funding at higher education and other research institutions in the period 2008-2010. This report also includes, as a supplement not found in the German edition, the decisions on the Excellence Initiative, which were taken shortly after the German edition of the Funding ATLAS 2012 was published. The report also addresses the subject of internationality by presenting selected indicators that show how attractive Germany's research institutions are for visiting scientists. In summary, the DFG Funding ATLAS furnishes reliable indicators o...

  12. Healthcare public key infrastructure (HPKI) and non-profit organization (NPO): essentials for healthcare data exchange.

    Science.gov (United States)

    Takeda, Hiroshi; Matsumura, Yasushi; Nakagawa, Katsuhiko; Teratani, Tadamasa; Qiyan, Zhang; Kusuoka, Hideo; Matsuoka, Masami

    2004-01-01

    To share healthcare information and to promote cooperation among healthcare providers and customers (patients) under computerized network environment, a non-profit organization (NPO), named as OCHIS, was established at Osaka, Japan in 2003. Since security and confidentiality issues on the Internet have been major concerns in the OCHIS, the system has been based on healthcare public key infrastructure (HPKI), and found that there remained problems to be solved technically and operationally. An experimental study was conducted to elucidate the central and the local function in terms of a registration authority and a time stamp authority by contracting with the Ministry of Economics and Trading Industries in 2003. This paper describes the experimental design with NPO and the results of the study concerning message security and HPKI. The developed system has been operated practically in Osaka urban area.

  13. The construction of a public key infrastructure for healthcare information networks in Japan.

    Science.gov (United States)

    Sakamoto, N

    2001-01-01

    The digital signature is a key technology in the forthcoming Internet society for electronic healthcare as well as for electronic commerce. Efficient exchanges of authorized information with a digital signature in healthcare information networks require a construction of a public key infrastructure (PKI). In order to introduce a PKI to healthcare information networks in Japan, we proposed a development of a user authentication system based on a PKI for user management, user authentication and privilege management of healthcare information systems. In this paper, we describe the design of the user authentication system and its implementation. The user authentication system provides a certification authority service and a privilege management service while it is comprised of a user authentication client and user authentication serves. It is designed on a basis of an X.509 PKI and is implemented with using OpenSSL and OpenLDAP. It was incorporated into the financial information management system for the national university hospitals and has been successfully working for about one year. The hospitals plan to use it as a user authentication method for their whole healthcare information systems. One implementation of the system is free to the national university hospitals with permission of the Japanese Ministry of Education, Culture, Sports, Science and Technology. Another implementation is open to the other healthcare institutes by support of the Medical Information System Development Center (MEDIS-DC). We are moving forward to a nation-wide construction of a PKI for healthcare information networks based on it.

  14. Compact FPGA hardware architecture for public key encryption in embedded devices.

    Science.gov (United States)

    Rodríguez-Flores, Luis; Morales-Sandoval, Miguel; Cumplido, René; Feregrino-Uribe, Claudia; Algredo-Badillo, Ignacio

    2018-01-01

    Security is a crucial requirement in the envisioned applications of the Internet of Things (IoT), where most of the underlying computing platforms are embedded systems with reduced computing capabilities and energy constraints. In this paper we present the design and evaluation of a scalable low-area FPGA hardware architecture that serves as a building block to accelerate the costly operations of exponentiation and multiplication in [Formula: see text], commonly required in security protocols relying on public key encryption, such as in key agreement, authentication and digital signature. The proposed design can process operands of different size using the same datapath, which exhibits a significant reduction in area without loss of efficiency if compared to representative state of the art designs. For example, our design uses 96% less standard logic than a similar design optimized for performance, and 46% less resources than other design optimized for area. Even using fewer area resources, our design still performs better than its embedded software counterparts (190x and 697x).

  15. Privacy 2.0

    Directory of Open Access Journals (Sweden)

    Stylianos Papathanassopoulos

    2015-04-01

    Full Text Available We live in the era of change. In this world, privacy is not a static concept, but instead has a dynamic component. Overall, it becomes clear that the public and private are not defined in the same manner as in the past and as in the actual world, while our personal information has become a commodity that can raise our visibility in the social media driven world.

  16. Public Key-Based Need-to-Know Authorization Engine Final Report CRADA No. TSB-1553-98

    Energy Technology Data Exchange (ETDEWEB)

    Mark, R. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States); Williams, R. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

    2017-11-01

    The goals of this project were to develop a public key-based authentication service plug-in based on LLNL's requirements, integrate the public key-based authentication with the Intra Verse authorization service adn the LLNL NTK server by developing a full-featured version of the prototyped Intra Verse need-to-know plug in; and to test the authorization and need-to-know plug-in in a secured extranet prototype among selected national Labs.

  17. Evaluation of unique identifiers used as keys to match identical publications in Pure and SciVal

    DEFF Research Database (Denmark)

    Madsen, Heidi Holst; Madsen, Dicte; Gauffriau, Marianne

    2016-01-01

    , and erroneous optical or special character recognition. The case study explores the use of UIDs in the integration between the databases Pure and SciVal. Specifically journal publications in English are matched between the two databases. We find all error types except erroneous optical or special character......Unique identifiers (UID) are seen as an effective key to match identical publications across databases or identify duplicates in a database. The objective of the present study is to investigate how well UIDs work as match keys in the integration between Pure and SciVal, based on a case...... also briefly discuss how publication sets formed by using UIDs as the match keys may affect the bibliometric indicators number of publications, number of citations, and the average number of citations per publication. The objective is addressed in a literature review and a case study. The literature...

  18. Common Criteria for Information Technology Security Evaluation: Department of Defense Public Key Infrastructure and Key Management Infrastructure Token Protection Profile (Medium Robustness)

    Science.gov (United States)

    2002-03-22

    may be derived from detailed inspection of the IC itself or from illicit appropriation of design information. Counterfeit smart cards can be mass...Infrastructure (PKI) as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair...interference devices (SQDIS), electrical testing, and electron beam testing. • Other attacks, such as UV or X-rays or high temperatures, could cause erasure

  19. Privacy transparency patterns

    NARCIS (Netherlands)

    Siljee B.I.J.

    2015-01-01

    This paper describes two privacy patterns for creating privacy transparency: the Personal Data Table pattern and the Privacy Policy Icons pattern, as well as a full overview of privacy transparency patterns. It is a first step in creating a full set of privacy design patterns, which will aid

  20. Performance Evaluation of Public Key Based Authentication in Future Mobile Communication Systems

    Directory of Open Access Journals (Sweden)

    Kambourakis Georgios

    2004-01-01

    Full Text Available While mobile hosts are evolving into full-IP enabled devices, there is a greater demand to provide a more flexible, reconfigurable, and scalable security mechanism in mobile communication systems beyond 3G (B3G. Work has already begun on such an “all-IP” end-to-end solution, commonly referred to as 4G systems. Fully fledged integration between heterogeneous networks, such as 2.5G, UMTS, WLAN, Bluetooth, and the Internet, demands fully compatible, time-tested, and reliable mechanisms to depend on. SSL protocol has proved its effectiveness in the wired Internet and it will probably be the most promising candidate for future wireless environments. In this paper, we discuss existing problems related to authentication and key agreement (AKA procedures, such as compromised authentication vectors attacks, as they appear in current 2/2.5G/3G mobile communication systems, and propose how SSL, combined with public key infrastructure (PKI elements, can be used to overcome these vulnerabilities. In this B3G environment, we perceive authentication as a service, which has to be performed at the higher protocol layers irrespective of the underlying network technology. Furthermore, we analyze the effectiveness of such a solution, based on measurements of a “prototype” implementation. Performance measurements indicate that SSL-based authentication can be possible in terms of service time in future wireless systems, while it can simultaneously provide both the necessary flexibility to network operators and a high level of confidence to end users.

  1. From Data Privacy to Location Privacy

    Science.gov (United States)

    Wang, Ting; Liu, Ling

    Over the past decade, the research on data privacy has achieved considerable advancement in the following two aspects: First, a variety of privacy threat models and privacy principles have been proposed, aiming at providing sufficient protection against different types of inference attacks; Second, a plethora of algorithms and methods have been developed to implement the proposed privacy principles, while attempting to optimize the utility of the resulting data. The first part of the chapter presents an overview of data privacy research by taking a close examination at the achievements from the above two aspects, with the objective of pinpointing individual research efforts on the grand map of data privacy protection. As a special form of data privacy, location privacy possesses its unique characteristics. In the second part of the chapter, we examine the research challenges and opportunities of location privacy protection, in a perspective analogous to data privacy. Our discussion attempts to answer the following three questions: (1) Is it sufficient to apply the data privacy models and algorithms developed to date for protecting location privacy? (2) What is the current state of the research on location privacy? (3) What are the open issues and technical challenges that demand further investigation? Through answering these questions, we intend to provide a comprehensive review of the state of the art in location privacy research.

  2. Customer privacy on UK healthcare websites.

    Science.gov (United States)

    Mundy, Darren P

    2006-09-01

    Privacy has been and continues to be one of the key challenges of an age devoted to the accumulation, processing, and mining of electronic information. In particular, privacy of healthcare-related information is seen as a key issue as health organizations move towards the electronic provision of services. The aim of the research detailed in this paper has been to analyse privacy policies on popular UK healthcare-related websites to determine the extent to which consumer privacy is protected. The author has combined approaches (such as approaches focused on usability, policy content, and policy quality) used in studies by other researchers on e-commerce and US healthcare websites to provide a comprehensive analysis of UK healthcare privacy policies. The author identifies a wide range of issues related to the protection of consumer privacy through his research analysis using quantitative results. The main outcomes from the author's research are that only 61% of healthcare-related websites in their sample group posted privacy policies. In addition, most of the posted privacy policies had poor readability standards and included a variety of privacy vulnerability statements. Overall, the author's findings represent significant current issues in relation to healthcare information protection on the Internet. The hope is that raising awareness of these results will drive forward changes in the industry, similar to those experienced with information quality.

  3. Trust Management for Public Key Infrastructures: Implementing the X.509 Trust Broker

    Directory of Open Access Journals (Sweden)

    Ahmad Samer Wazan

    2017-01-01

    Full Text Available A Public Key Infrastructure (PKI is considered one of the most important techniques used to propagate trust in authentication over the Internet. This technology is based on a trust model defined by the original X.509 (1988 standard and is composed of three entities: the certification authority (CA, the certificate holder (or subject, and the Relying Party (RP. The CA plays the role of a trusted third party between the certificate holder and the RP. In many use cases, this trust model has worked successfully. However, we argue that the application of this model on the Internet implies that web users need to depend on almost anyone in the world in order to use PKI technology. Thus, we believe that the current TLS system is not fit for purpose and must be revisited as a whole. In response, the latest draft edition of X.509 has proposed a new trust model by adding new entity called the Trust Broker (TB. In this paper, we present an implementation approach that a Trust Broker could follow in order to give RPs trust information about a CA by assessing the quality of its issued certificates. This is related to the quality of the CA’s policies and procedures and its commitment to them. Finally, we present our Trust Broker implementation that demonstrates how RPs can make informed decisions about certificate holders in the context of the global web, without requiring large processing resources themselves.

  4. An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks

    Science.gov (United States)

    Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

    2018-01-01

    Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes. PMID:29324719

  5. An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks.

    Science.gov (United States)

    Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

    2018-01-11

    Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

  6. Stakeholders' perception of key performance indicators (KPIs of public-private partnership (PPP projects

    Directory of Open Access Journals (Sweden)

    Olabode Emmanuel Ogunsanmi

    2013-12-01

    Full Text Available The study investigates key performance indicators (KPIs that could improve performance of public-private partnership (PPP projects in Nigeria. The study objectives include a comparison of stakeholders’ perception on KPIs and to investigate if significant difference exists between stakeholders’ perceptions on most KPIs. A structured questionnaire was used to collect information from various respondents who were recently involved in PPP projects. Random sampling technique was used to select forty-five (45 respondents out of which thirty-one (31 responses were used for the data analysis. The results indicate that top KPIs for performance improvement are levels of design complexity and technological advancement, and return on investment. Stakeholders agree on most of the rankings of the KPIs. The general perception of stakeholders was similar on most KPIs except for a few divergent opinions. The study findings have an implication for policy and decision making such that stakeholders could pay special attention to the KPIs identified, that could improve construction project performance. Finally the study recommends further research to explore KPIs for other procurement options.

  7. Privacy information management for video surveillance

    Science.gov (United States)

    Luo, Ying; Cheung, Sen-ching S.

    2013-05-01

    The widespread deployment of surveillance cameras has raised serious privacy concerns. Many privacy-enhancing schemes have been proposed to automatically redact images of trusted individuals in the surveillance video. To identify these individuals for protection, the most reliable approach is to use biometric signals such as iris patterns as they are immutable and highly discriminative. In this paper, we propose a privacy data management system to be used in a privacy-aware video surveillance system. The privacy status of a subject is anonymously determined based on her iris pattern. For a trusted subject, the surveillance video is redacted and the original imagery is considered to be the privacy information. Our proposed system allows a subject to access her privacy information via the same biometric signal for privacy status determination. Two secure protocols, one for privacy information encryption and the other for privacy information retrieval are proposed. Error control coding is used to cope with the variability in iris patterns and efficient implementation is achieved using surrogate data records. Experimental results on a public iris biometric database demonstrate the validity of our framework.

  8. Negotiating privacy in surveillant welfare relations

    DEFF Research Database (Denmark)

    Andersen, Lars Bo; Lauritsen, Peter; Bøge, Ask Risom

    . However, while privacy is central to debates of surveillance, it has proven less productive as an analytical resource for studying surveillance in practice. Consequently, this paper reviews different conceptualisations of privacy in relation to welfare and surveillance and argues for strengthening...... the analytical capacity of the concept by rendering it a situated and relational concept. The argument is developed through a research and design project called Teledialogue meant to improve the relation between case managers and children placed at institutions or in foster families. Privacy in Teledialogue...... notion of privacy are discussed in relation to both research- and public debates on surveillance in a welfare setting....

  9. Report from Dagstuhl Seminar 12331 Mobility Data Mining and Privacy

    OpenAIRE

    Clifton, Christopher W.; Kuijpers, Bart; Morik, Katharina; Saygin, Yucel

    2012-01-01

    This report documents the program and the outcomes of Dagstuhl Seminar 12331 “Mobility Data Mining and Privacy”. Mobility data mining aims to extract knowledge from movement behaviour of people, but this data also poses novel privacy risks. This seminar gathered a multidisciplinary team for a conversation on how to balance the value in mining mobility data with privacy issues. The seminar focused on four key issues: Privacy in vehicular data, in cellular data, context- dependent privacy, and ...

  10. 32 CFR 701.109 - Privacy Act (PA) appeals.

    Science.gov (United States)

    2010-07-01

    ... 32 National Defense 5 2010-07-01 2010-07-01 false Privacy Act (PA) appeals. 701.109 Section 701... OF THE NAVY DOCUMENTS AFFECTING THE PUBLIC DON Privacy Program § 701.109 Privacy Act (PA) appeals. (a... commence when the appeal reaches the office of the review authority having jurisdiction over the record...

  11. 32 CFR 505.3 - Privacy Act systems of records.

    Science.gov (United States)

    2010-07-01

    ... anticipated threats or hazards to the security or integrity of data, which could result in substantial harm... 32 National Defense 3 2010-07-01 2010-07-01 true Privacy Act systems of records. 505.3 Section 505... AND PUBLIC RELATIONS ARMY PRIVACY ACT PROGRAM § 505.3 Privacy Act systems of records. (a) Systems of...

  12. 22 CFR 212.22 - Protection of personal privacy.

    Science.gov (United States)

    2010-04-01

    ... 22 Foreign Relations 1 2010-04-01 2010-04-01 false Protection of personal privacy. 212.22 Section... Information for Public Inspection and Copying § 212.22 Protection of personal privacy. To the extent required to prevent a clearly unwarranted invasion of personal privacy, USAID may delete identifying details...

  13. 36 CFR 902.56 - Protection of personal privacy.

    Science.gov (United States)

    2010-07-01

    ... privacy. 902.56 Section 902.56 Parks, Forests, and Public Property PENNSYLVANIA AVENUE DEVELOPMENT... Protection of personal privacy. (a) Any of the following personnel, medical, or similar records is within the... invasion of his personal privacy: (1) Personnel and background records personal to any officer or employee...

  14. Privacy Concerns: The Effects of the Latest FERPA Changes

    Science.gov (United States)

    Cossler, Christine

    2010-01-01

    Privacy, something once taken for granted, has again become top-of-mind for public school districts thanks to technology's increasing reach, as well as new changes to privacy laws governing student information. Recently, educators have had to face important changes to the Family Educational Rights and Privacy Act (FERPA), originally signed into…

  15. 32 CFR 701.119 - Privacy and the web.

    Science.gov (United States)

    2010-07-01

    ... 32 National Defense 5 2010-07-01 2010-07-01 false Privacy and the web. 701.119 Section 701.119... THE NAVY DOCUMENTS AFFECTING THE PUBLIC DON Privacy Program § 701.119 Privacy and the web. DON activities shall consult SECNAVINST 5720.47B for guidance on what may be posted on a Navy Web site. ...

  16. Semantic Security: Privacy Definitions Revisited

    OpenAIRE

    Jinfei Liu; Li Xiong; Jun Luo

    2013-01-01

    In this paper we illustrate a privacy framework named Indistinguishabley Privacy. Indistinguishable privacy could be deemed as the formalization of the existing privacy definitions in privacy preserving data publishing as well as secure multi-party computation. We introduce three representative privacy notions in the literature, Bayes-optimal privacy for privacy preserving data publishing, differential privacy for statistical data release, and privacy w.r.t. semi-honest behavior in the secure...

  17. The Value of Privacy and Surveillance Drones in the Public Domain : Scrutinizing the Dutch Flexible Deployment of Mobile Cameras Act

    NARCIS (Netherlands)

    Gerdo Kuiper; Quirine Eijkman

    2017-01-01

    The flexible deployment of drones in the public domain, is in this article assessed from a legal philosophical perspective. On the basis of theories of Dworkin and Moore the distinction between individual rights and collective security policy goals is discussed. Mobile cameras in the public domain

  18. An Alternative View of Privacy on Facebook

    Directory of Open Access Journals (Sweden)

    Christian Fuchs

    2011-02-01

    Full Text Available The predominant analysis of privacy on Facebook focuses on personal information revelation. This paper is critical of this kind of research and introduces an alternative analytical framework for studying privacy on Facebook, social networking sites and web 2.0. This framework is connecting the phenomenon of online privacy to the political economy of capitalism—a focus that has thus far been rather neglected in research literature about Internet and web 2.0 privacy. Liberal privacy philosophy tends to ignore the political economy of privacy in capitalism that can mask socio-economic inequality and protect capital and the rich from public accountability. Facebook is in this paper analyzed with the help of an approach, in which privacy for dominant groups, in regard to the ability of keeping wealth and power secret from the public, is seen as problematic, whereas privacy at the bottom of the power pyramid for consumers and normal citizens is seen as a protection from dominant interests. Facebook’s privacy concept is based on an understanding that stresses self-regulation and on an individualistic understanding of privacy. The theoretical analysis of the political economy of privacy on Facebook in this paper is based on the political theories of Karl Marx, Hannah Arendt and Jürgen Habermas. Based on the political economist Dallas Smythe’s concept of audience commodification, the process of prosumer commodification on Facebook is analyzed. The political economy of privacy on Facebook is analyzed with the help of a theory of drives that is grounded in Herbert Marcuse’s interpretation of Sigmund Freud, which allows to analyze Facebook based on the concept of play labor (= the convergence of play and labor.

  19. Protecting privacy in a clinical data warehouse.

    Science.gov (United States)

    Kong, Guilan; Xiao, Zhichun

    2015-06-01

    Peking University has several prestigious teaching hospitals in China. To make secondary use of massive medical data for research purposes, construction of a clinical data warehouse is imperative in Peking University. However, a big concern for clinical data warehouse construction is how to protect patient privacy. In this project, we propose to use a combination of symmetric block ciphers, asymmetric ciphers, and cryptographic hashing algorithms to protect patient privacy information. The novelty of our privacy protection approach lies in message-level data encryption, the key caching system, and the cryptographic key management system. The proposed privacy protection approach is scalable to clinical data warehouse construction with any size of medical data. With the composite privacy protection approach, the clinical data warehouse can be secure enough to keep the confidential data from leaking to the outside world. © The Author(s) 2014.

  20. Key challenges of offshore wind power: Three essays addressing public acceptance, stakeholder conflict, and wildlife impacts

    Science.gov (United States)

    Bates, Alison Waterbury

    been proposed. The essay examines how the public considers the societal tradeoffs that are made to develop small-scale, in-view demonstration wind projects instead of larger facilities farther offshore. Results indicate that a strong majority of the public supports near-shore demonstration wind projects in both states. Primary reasons for support include benefits to wildlife, cost of electricity, and job creation, while the primary reasons for opposition include wildlife impacts, aesthetics, tourism, and user conflicts. These factors differ between coastal Delaware and greater Atlantic City and highlight the importance of local, community engagement in the early stages of development. The second essay examines the interaction of a new proposed use of the ocean---offshore wind---and a key existing ocean user group---commercial fishers. A key component of offshore wind planning includes consideration of existing uses of the marine environment in order to optimally site wind projects while minimizing conflicts. Commercial fisheries comprise an important stakeholder group, and may be one of the most impacted stakeholders from offshore renewable energy development. Concern of the fishing industry stems from possible interference with productive fishing grounds and access within wind developments resulting in costs from increased effort or reduction in catch. Success of offshore wind development may in part depend on the acceptance of commercial fishers, who are concerned about loss of access to fishing grounds. Using a quantitative, marine spatial planning approach in the siting of offshore wind projects with respect to commercial fishing in the mid-Atlantic, U.S., this essay develops a spatially explicit representation of potential conflicts and compatibilities between these two industries in the mid-Atlantic region of the United States. Areas that are highly valuable to the wind industry are determined through a spatial suitability model using variable cost per unit

  1. Privacy in the Genomic Era.

    Science.gov (United States)

    Naveed, Muhammad; Ayday, Erman; Clayton, Ellen W; Fellay, Jacques; Gunter, Carl A; Hubaux, Jean-Pierre; Malin, Bradley A; Wang, Xiaofeng

    2015-09-01

    Genome sequencing technology has advanced at a rapid pace and it is now possible to generate highly-detailed genotypes inexpensively. The collection and analysis of such data has the potential to support various applications, including personalized medical services. While the benefits of the genomics revolution are trumpeted by the biomedical community, the increased availability of such data has major implications for personal privacy; notably because the genome has certain essential features, which include (but are not limited to) (i) an association with traits and certain diseases, (ii) identification capability (e.g., forensics), and (iii) revelation of family relationships. Moreover, direct-to-consumer DNA testing increases the likelihood that genome data will be made available in less regulated environments, such as the Internet and for-profit companies. The problem of genome data privacy thus resides at the crossroads of computer science, medicine, and public policy. While the computer scientists have addressed data privacy for various data types, there has been less attention dedicated to genomic data. Thus, the goal of this paper is to provide a systematization of knowledge for the computer science community. In doing so, we address some of the (sometimes erroneous) beliefs of this field and we report on a survey we conducted about genome data privacy with biomedical specialists. Then, after characterizing the genome privacy problem, we review the state-of-the-art regarding privacy attacks on genomic data and strategies for mitigating such attacks, as well as contextualizing these attacks from the perspective of medicine and public policy. This paper concludes with an enumeration of the challenges for genome data privacy and presents a framework to systematize the analysis of threats and the design of countermeasures as the field moves forward.

  2. Privacy in the Genomic Era

    Science.gov (United States)

    NAVEED, MUHAMMAD; AYDAY, ERMAN; CLAYTON, ELLEN W.; FELLAY, JACQUES; GUNTER, CARL A.; HUBAUX, JEAN-PIERRE; MALIN, BRADLEY A.; WANG, XIAOFENG

    2015-01-01

    Genome sequencing technology has advanced at a rapid pace and it is now possible to generate highly-detailed genotypes inexpensively. The collection and analysis of such data has the potential to support various applications, including personalized medical services. While the benefits of the genomics revolution are trumpeted by the biomedical community, the increased availability of such data has major implications for personal privacy; notably because the genome has certain essential features, which include (but are not limited to) (i) an association with traits and certain diseases, (ii) identification capability (e.g., forensics), and (iii) revelation of family relationships. Moreover, direct-to-consumer DNA testing increases the likelihood that genome data will be made available in less regulated environments, such as the Internet and for-profit companies. The problem of genome data privacy thus resides at the crossroads of computer science, medicine, and public policy. While the computer scientists have addressed data privacy for various data types, there has been less attention dedicated to genomic data. Thus, the goal of this paper is to provide a systematization of knowledge for the computer science community. In doing so, we address some of the (sometimes erroneous) beliefs of this field and we report on a survey we conducted about genome data privacy with biomedical specialists. Then, after characterizing the genome privacy problem, we review the state-of-the-art regarding privacy attacks on genomic data and strategies for mitigating such attacks, as well as contextualizing these attacks from the perspective of medicine and public policy. This paper concludes with an enumeration of the challenges for genome data privacy and presents a framework to systematize the analysis of threats and the design of countermeasures as the field moves forward. PMID:26640318

  3. Proceedings from the 9th Annual Meeting of International Society for Medical Publication Professionals Roundtable Session: key insights.

    Science.gov (United States)

    Simcoe, Donna; Juneja, Renu; Scott, Gayle Nicholas; Sridharan, Kanaka; Williams-Hughes, Celeste

    2014-03-01

    During the 9th Annual Meeting of the International Society for Medical Publication Professionals (ISMPP, April 29-May 1, 2013 in Baltimore, MD), ∼650 participants attended two of 13 available roundtable sessions. Participants included medical publication professionals from industry, communication agencies, and journals. DISCUSSION TOPICS: Roundtable participants discussed how to best interpret and implement various guidances, such as Good Publication Practices 2 (GPP2), the International Committee of Medical Journal Editors (ICMJE) guidelines, and the Physician Payment Sunshine Act. The impact of and compliance with Corporate Integrity agreements (CIAs) on medical publication planning practices was debated. Roundtable participants also discussed ways of advancing both advocacy for the medical publication professional field and internal and external collaborations. The development of review manuscripts, publications from regions newly emerging in publication planning, medical devices publications, and real-world experience publications were discussed. Participants also considered the benefits and uncertainties of new technologies in medical publications such as multimedia and social media. This is the first ever article to be published following the well-attended ISMPP roundtable sessions. The objective of this manuscript is to summarize key learnings that will aid continued discussions about challenges and opportunities facing medical publication professionals.

  4. A Public-key based Information Management Model for Mobile Agents

    OpenAIRE

    Rodriguez, Diego; Sobrado, Igor

    2000-01-01

    Mobile code based computing requires development of protection schemes that allow digital signature and encryption of data collected by the agents in untrusted hosts. These algorithms could not rely on carrying encryption keys if these keys could be stolen or used to counterfeit data by hostile hosts and agents. As a consequence, both information and keys must be protected in a way that only authorized hosts, that is the host that provides information and the server that has sent the mobile a...

  5. Preserving Smart Objects Privacy through Anonymous and Accountable Access Control for a M2M-Enabled Internet of Things

    Directory of Open Access Journals (Sweden)

    José L. Hernández-Ramos

    2015-07-01

    Full Text Available As we get into the Internet of Things era, security and privacy concerns remain as the main obstacles in the development of innovative and valuable services to be exploited by society. Given the Machine-to-Machine (M2M nature of these emerging scenarios, the application of current privacy-friendly technologies needs to be reconsidered and adapted to be deployed in such global ecosystem. This work proposes different privacy-preserving mechanisms through the application of anonymous credential systems and certificateless public key cryptography. The resulting alternatives are intended to enable an anonymous and accountable access control approach to be deployed on large-scale scenarios, such as Smart Cities. Furthermore, the proposed mechanisms have been deployed on constrained devices, in order to assess their suitability for a secure and privacy-preserving M2M-enabled Internet of Things.

  6. Preserving Smart Objects Privacy through Anonymous and Accountable Access Control for a M2M-Enabled Internet of Things

    Science.gov (United States)

    Hernández-Ramos, José L.; Bernabe, Jorge Bernal; Moreno, M. Victoria; Skarmeta, Antonio F.

    2015-01-01

    As we get into the Internet of Things era, security and privacy concerns remain as the main obstacles in the development of innovative and valuable services to be exploited by society. Given the Machine-to-Machine (M2M) nature of these emerging scenarios, the application of current privacy-friendly technologies needs to be reconsidered and adapted to be deployed in such global ecosystem. This work proposes different privacy-preserving mechanisms through the application of anonymous credential systems and certificateless public key cryptography. The resulting alternatives are intended to enable an anonymous and accountable access control approach to be deployed on large-scale scenarios, such as Smart Cities. Furthermore, the proposed mechanisms have been deployed on constrained devices, in order to assess their suitability for a secure and privacy-preserving M2M-enabled Internet of Things. PMID:26140349

  7. Preserving Smart Objects Privacy through Anonymous and Accountable Access Control for a M2M-Enabled Internet of Things.

    Science.gov (United States)

    Hernández-Ramos, José L; Bernabe, Jorge Bernal; Moreno, M Victoria; Skarmeta, Antonio F

    2015-07-01

    As we get into the Internet of Things era, security and privacy concerns remain as the main obstacles in the development of innovative and valuable services to be exploited by society. Given the Machine-to-Machine (M2M) nature of these emerging scenarios, the application of current privacy-friendly technologies needs to be reconsidered and adapted to be deployed in such global ecosystem. This work proposes different privacy-preserving mechanisms through the application of anonymous credential systems and certificateless public key cryptography. The resulting alternatives are intended to enable an anonymous and accountable access control approach to be deployed on large-scale scenarios, such as Smart Cities. Furthermore, the proposed mechanisms have been deployed on constrained devices, in order to assess their suitability for a secure and privacy-preserving M2M-enabled Internet of Things.

  8. Lattice Based Mix Network for Location Privacy in Mobile System

    Directory of Open Access Journals (Sweden)

    Kunwar Singh

    2015-01-01

    Full Text Available In 1981, David Chaum proposed a cryptographic primitive for privacy called mix network (Mixnet. A mixnet is cryptographic construction that establishes anonymous communication channel through a set of servers. In 2004, Golle et al. proposed a new cryptographic primitive called universal reencryption which takes the input as encrypted messages under the public key of the recipients not the public key of the universal mixnet. In Eurocrypt 2010, Gentry, Halevi, and Vaikunthanathan presented a cryptosystem which is an additive homomorphic and a multiplicative homomorphic for only one multiplication. In MIST 2013, Singh et al. presented a lattice based universal reencryption scheme under learning with error (LWE assumption. In this paper, we have improved Singh et al.’s scheme using Fairbrother’s idea. LWE is a lattice hard problem for which till now there is no polynomial time quantum algorithm. Wiangsripanawan et al. proposed a protocol for location privacy in mobile system using universal reencryption whose security is reducible to Decision Diffie-Hellman assumption. Once quantum computer becomes a reality, universal reencryption can be broken in polynomial time by Shor’s algorithm. In postquantum cryptography, our scheme can replace universal reencryption scheme used in Wiangsripanawan et al. scheme for location privacy in mobile system.

  9. Privacy og selvbeskrivelse

    DEFF Research Database (Denmark)

    Rosengaard, Hans Ulrik

    2015-01-01

    En beskrivelse af feltet for forskning i Privacy med særligt henblik på privacys betydning for muligheden for at styre sin egen selvbeskrivelse......En beskrivelse af feltet for forskning i Privacy med særligt henblik på privacys betydning for muligheden for at styre sin egen selvbeskrivelse...

  10. Electronic signature for medical documents--integration and evaluation of a public key infrastructure in hospitals.

    Science.gov (United States)

    Brandner, R; van der Haak, M; Hartmann, M; Haux, R; Schmücker, P

    2002-01-01

    Our objectives were to determine the user-oriented and legal requirements for a Public Key Infrastructure (PKI) for electronic signatures for medical documents, and to translate these requirements into a general model for a signature system. A prototype of this model was then implemented and evaluated in clinical routine use. Analyses of documents, processes, interviews, observations, and of the available literature supplied the foundations for the development of the signature system model. Eight participants of the Department of Dermatology of the Heidelberg University Medical Center evaluated the implemented prototype from December 2000 to January 2001, during the course of an intervention study. By means of questionnaires, interviews, observations and database analyses, the usefulness and user acceptance of the electronic signature and its integration into electronic discharge letters were established. Since the major part of medical documents generated in a hospital are signature-relevant, they will require electronic signatures in the future. A PKI must meet the multitude of responsibilities and security needs required in a hospital. Also, the signature functionality must be integrated directly into the workflow surrounding document creation. A developed signature model, fulfilling user-oriented and legal requirements, was implemented using hard and software components that conform to the German Signature Law. It was integrated into the existing hospital information system of the Heidelberg University Medical Center. At the end of the intervention study, the average acceptance scores achieved were mean = 3.90; SD = 0.42 on a scale of 1 (very negative attitude) to 5 (very positive attitude) for the electronic signature procedure. Acceptance of the integration into computer-supported discharge letter writing reached mean = 3.91; SD = 0.47. On average, the discharge letters were completed 7.18 days earlier. The electronic signature is indispensable for the

  11. 45 CFR 164.534 - Compliance dates for initial implementation of the privacy standards.

    Science.gov (United States)

    2010-10-01

    ... privacy standards. 164.534 Section 164.534 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Privacy of Individually Identifiable Health Information § 164.534 Compliance dates for initial implementation of the privacy standards. (a...

  12. 45 CFR 164.520 - Notice of privacy practices for protected health information.

    Science.gov (United States)

    2010-10-01

    ... DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Privacy of Individually Identifiable Health Information § 164.520 Notice of privacy practices for protected health information. (a) Standard... 45 Public Welfare 1 2010-10-01 2010-10-01 false Notice of privacy practices for protected health...

  13. 45 CFR 164.522 - Rights to request privacy protection for protected health information.

    Science.gov (United States)

    2010-10-01

    ... ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Privacy of Individually Identifiable Health Information § 164.522 Rights to request privacy protection for protected health information. (a)(1... 45 Public Welfare 1 2010-10-01 2010-10-01 false Rights to request privacy protection for protected...

  14. Privacy vs security

    CERN Document Server

    Stalla-Bourdillon, Sophie; Ryan, Mark D

    2014-01-01

    Securing privacy in the current environment is one of the great challenges of today's democracies. Privacy vs. Security explores the issues of privacy and security and their complicated interplay, from a legal and a technical point of view. Sophie Stalla-Bourdillon provides a thorough account of the legal underpinnings of the European approach to privacy and examines their implementation through privacy, data protection and data retention laws. Joshua Philips and Mark D. Ryan focus on the technological aspects of privacy, in particular, on today's attacks on privacy by the simple use of today'

  15. An Analysis of Facebook Intensity and Privacy Management Practices of Public School Educators in the United States

    Science.gov (United States)

    Neely, Laura Sue Perry

    2011-01-01

    Social networking sites like Facebook continue to gain popularity among all segments of the population (boyd & Ellison, 2007; Madden & Smith, 2010). Public school employees all over the country are finding themselves facing disciplinary action due to participation in this fast growing fad. The problem is that there is a lack of clarity in the…

  16. Public health ethics: key concepts and issues in policy and practice

    National Research Council Canada - National Science Library

    Dawson, Angus

    2011-01-01

    .... Topics covered include the nature of public health ethics, the concepts of disease and prevention, risk and precaution, health inequalities and justice, screening, vaccination and disease control...

  17. Privacy and Security: A Bibliography.

    Science.gov (United States)

    Computer and Business Equipment Manufacturers Association, Washington, DC.

    Compiled at random from many sources, this bibliography attempts to cite as many publications concerning privacy and security as are available. The entries are organized under seven headings: (1) systems security, technical security, clearance of personnel, (2) corporate physical security, (3) administrative security, (4) miscellaneous--privacy…

  18. Privacy in the Sharing Economy

    DEFF Research Database (Denmark)

    Ranzini, Giulia; Etter, Michael; Lutz, Christoph

    ’s digital services through providing recommendations to Europe’s institutions. The initial stage of this research project involves a set of three literature reviews of the state of research on three core topics in relation to the sharing economy: participation (1), privacy (2), and power (3). This piece...... is a literature review on the topic of privacy. It addresses key privacy challenges for different stakeholders in the sharing economy. Throughout, we use the term "consumers" to refer to users on the receiving end (e.g., Airbnb guests, Uber passengers), "providers" to refer to users on the providing end (e.......g., Airbnb hosts, Uber drivers) and "platforms" to refer to the mediating sites, apps and infrastructures matching consumers and providers (e.g., Airbnb, Uber)....

  19. Understanding and involvement: The key to public acceptance of the Waste Isolation Pilot Plant

    International Nuclear Information System (INIS)

    Kuntz, B.S.

    1991-01-01

    The Waste Isolation Pilot Plant (WIPP) is a research and development project of the United States Department of Energy (DOE) that is authorized under Public Law 96-164 ''to demonstrate the safe disposal of radioactive wastes resulting from defense programs of the United States.'' The transportation and disposal of transuranic radioactive wastes require an extensive public and media information program. This program must be able to respond to numerous information requests and concerns from state governments, citizens on the transportation routes, political leaders, public interest groups, emergency responders, and national and local media. The WIPP has developed a proactive program which aggressively provides information to these audiences through written and visual products, exhibits, presentations, and tours. As a result, thousands of interested parties have had their questions and concerns addressed, resulting in public understanding and support of the project's mission and its commitment to the safety of the public and the environment

  20. Efficient Dynamic Searchable Encryption with Forward Privacy

    Directory of Open Access Journals (Sweden)

    Etemad Mohammad

    2018-01-01

    Full Text Available Searchable symmetric encryption (SSE enables a client to perform searches over its outsourced encrypted files while preserving privacy of the files and queries. Dynamic schemes, where files can be added or removed, leak more information than static schemes. For dynamic schemes, forward privacy requires that a newly added file cannot be linked to previous searches. We present a new dynamic SSE scheme that achieves forward privacy by replacing the keys revealed to the server on each search. Our scheme is efficient and parallelizable and outperforms the best previous schemes providing forward privacy, and achieves competitive performance with dynamic schemes without forward privacy. We provide a full security proof in the random oracle model. In our experiments on the Wikipedia archive of about four million pages, the server takes one second to perform a search with 100,000 results.

  1. AN EMPIRICAL EXAMINATION OF THE PRIVACY BEHAVIOUR WITH REFERENCE SOCIAL NETWORKING SITES

    OpenAIRE

    Tanvi Gupta*1, Mamta Rani2 & Ravneet Singh Bhandari3

    2018-01-01

    Purpose – The purpose of this paper is to propose and examine a privacy behaviour model in the context of Social networking factors (Indian scenario). The effects of key elements of SNS factors on perceived values of privacy behaviour were empirically determined. Design/methodology/approach – SNS is conceptualized as a multi-dimensional construct including emotional privacy, social privacy, personal privacy, and value. The investigated socio demographic factors included, age, gender, ethn...

  2. Implementation of DoD Public Key Infrastructure Policy and Procedures

    National Research Council Canada - National Science Library

    2001-01-01

    Introduction. Federal agencies, including DoD, are increasingly using the World Wide Web and other Internet-based applications to provide on-line public access to information and services as well as to improve...

  3. Federal Agency Use of Public Key Technology for Digital Signatures and Authentication

    National Research Council Canada - National Science Library

    Lyons-Burke, Kathy

    2000-01-01

    ... or authentication over open networks such as the Internet. This includes communications with other Federal or non-Federal entities, such as members of the public, private firms, citizen groups, and State and local Governments...

  4. Lobbying and Social Participation – Key Features for an Effective Public Administration in Romania

    Directory of Open Access Journals (Sweden)

    Laura Maria IRIMIEȘ

    2017-12-01

    Full Text Available Lobbying is one of the main structural elements of democratic governance and sustainable development and is essential to achieving competitive and effi cient administrative and decisional processes in local governance. Successfully implementing lobbying regulations and techniques is of extreme importance for any public system, where social participation in the decision-making process can strongly contribute to social, political and economic / fi nancial effi - ciency. Over the last 15 years, several legislative initiatives have tried to design a coherent framework for lobby, but they are still unapplied either due to insuffi cient public understanding of the concept, or due to more or less justifi ed uncertainties and fears. The necessity of regulating lobbying in Romania is placed in a context where an important number of anticorruption international and domestic recommendations and state reliability statistics, added to a certain lack of effectiveness in time and public money management, show that the public administration system needs to be reformed. And lobbying is, as the following article shows, a must for any public reform of public administration in Romania. The case of multilingual entrance signs / labels in Cluj-Napoca is an unquestionable and unbeatable example that the simple existence of legal frameworks of lobbying could turn into real time, energy and money savers.

  5. Key handling in wireless sensor networks

    International Nuclear Information System (INIS)

    Li, Y; Newe, T

    2007-01-01

    With the rapid growth of Wireless Sensor Networks (WSNs), many advanced application areas have received significant attention. However, security will be an important factor for their full adoption. Wireless sensor nodes pose unique challenges and as such traditional security protocols, used in traditional networks cannot be applied directly. Some new protocols have been published recently with the goal of providing both privacy of data and authentication of sensor nodes for WSNs. Such protocols can employ private-key and/or public key cryptographic algorithms. Public key algorithms hold the promise of simplifying the network infrastructure required to provide security services such as: privacy, authentication and non-repudiation, while symmetric algorithms require less processing power on the lower power wireless node. In this paper a selection of key establishment/agreement protocols are reviewed and they are broadly divided into two categories: group key agreement protocols and pair-wise key establishment protocols. A summary of the capabilities and security related services provided by each protocol is provided

  6. Key handling in wireless sensor networks

    Energy Technology Data Exchange (ETDEWEB)

    Li, Y; Newe, T [Optical Fibre Sensors Research Centre, Department of Electronic and Computer Engineering, University of Limerick, Limerick (Ireland)

    2007-07-15

    With the rapid growth of Wireless Sensor Networks (WSNs), many advanced application areas have received significant attention. However, security will be an important factor for their full adoption. Wireless sensor nodes pose unique challenges and as such traditional security protocols, used in traditional networks cannot be applied directly. Some new protocols have been published recently with the goal of providing both privacy of data and authentication of sensor nodes for WSNs. Such protocols can employ private-key and/or public key cryptographic algorithms. Public key algorithms hold the promise of simplifying the network infrastructure required to provide security services such as: privacy, authentication and non-repudiation, while symmetric algorithms require less processing power on the lower power wireless node. In this paper a selection of key establishment/agreement protocols are reviewed and they are broadly divided into two categories: group key agreement protocols and pair-wise key establishment protocols. A summary of the capabilities and security related services provided by each protocol is provided.

  7. A Distributed Public Key Infrastructure Based on Threshold Cryptography for the HiiMap Next Generation Internet Architecture

    Directory of Open Access Journals (Sweden)

    Oliver Hanka

    2011-02-01

    Full Text Available In this article, a security extension for the HiiMap Next Generation Internet Architecture is presented. We regard a public key infrastructure which is integrated into the mapping infrastructure of the locator/identifier-split addressing scheme. The security approach is based on Threshold Cryptography which enables a sharing of keys among the mapping servers. Hence, a more trustworthy and fair approach for a Next Generation Internet Architecture as compared to the state of the art approach is fostered. Additionally, we give an evaluation based on IETF AAA recommendations for security-related systems.

  8. Survey of main challenges (security and privacy in wireless body area networks for healthcare applications

    Directory of Open Access Journals (Sweden)

    Samaher Al-Janabi

    2017-07-01

    Full Text Available Wireless Body Area Network (WBAN is a new trend in the technology that provides remote mechanism to monitor and collect patient’s health record data using wearable sensors. It is widely recognized that a high level of system security and privacy play a key role in protecting these data when being used by the healthcare professionals and during storage to ensure that patient’s records are kept safe from intruder’s danger. It is therefore of great interest to discuss security and privacy issues in WBANs. In this paper, we reviewed WBAN communication architecture, security and privacy requirements and security threats and the primary challenges in WBANs to these systems based on the latest standards and publications. This paper also covers the state-of-art security measures and research in WBAN. Finally, open areas for future research and enhancements are explored.

  9. Key Motivational Factors in the Retention of Three Generations of Public High School Mathematics Teachers

    Science.gov (United States)

    Pospichal, Wendy

    2011-01-01

    Purpose: The purpose of this study was to describe and compare the similarities and differences between five key motivational factors: (a) new teacher induction, (b) noninduction mentor support in the early years of teaching, (c) salary and benefits, (d) working conditions, and (e) administrative support influential in retention of employment in…

  10. Privacy and human behavior in the age of information.

    Science.gov (United States)

    Acquisti, Alessandro; Brandimarte, Laura; Loewenstein, George

    2015-01-30

    This Review summarizes and draws connections between diverse streams of empirical research on privacy behavior. We use three themes to connect insights from social and behavioral sciences: people's uncertainty about the consequences of privacy-related behaviors and their own preferences over those consequences; the context-dependence of people's concern, or lack thereof, about privacy; and the degree to which privacy concerns are malleable—manipulable by commercial and governmental interests. Organizing our discussion by these themes, we offer observations concerning the role of public policy in the protection of privacy in the information age. Copyright © 2015, American Association for the Advancement of Science.

  11. Collaboration with HEIs: A Key Capacity Building Block for the Uganda Water and Sanitation Public Sector

    Science.gov (United States)

    Kayaga, Sam

    2007-01-01

    The capacity of public service staff in developing countries is crucial for achieving the Millennium Development Goals. Literature from developed countries shows that, working with higher education institutions (HEIs), industries have improved their human resource capacity through continuing professional development. This paper reports on research…

  12. Key issues of public relations of Europe: findings from the European Communication Monitor 2007-2014

    NARCIS (Netherlands)

    Verčič, D.; Verhoeven, P.; Zerfass, A.

    2014-01-01

    European Communication Monitor is the largest longitudinal research project in public relations practice in the world. Data collected annually from 2007 to 2014 show that practitioners perceive five issues as the most important for their work: linking business strategy and communication, coping with

  13. A proactive public information policy: a key element for regulator independence and credibility

    International Nuclear Information System (INIS)

    Kindelan, J.M.

    2001-01-01

    The future of the nuclear industry will depend to a large extent on the perception that the members of the public have of it. However, our mission as regulatory bodies is not to change the pro-or anti- nuclear feelings of the public, but to set in them the confidence that the use currently made of nuclear energy is carried out with the greatest guarantees of safety. We should continue to avoid their feeling of fear without reasons or their perception of uncertainty regarding processes that are duly controlled and supervised. I am convinced that whatever progress we make in increasing transparency will lead to an increase in the public credibility of the organisations that we represent. The reason underlying our need for this credibility, this reputation for autonomy and efficiency, for good performance, is that without it we will not have sufficient authority in the eyes of the regulated sector or other private political and economic interests, and will not, therefore, be in a position to provide a sensation of confidence to the members of the public, whose tranquillity and interests are our obligation. (author)

  14. A Market Analysis of Publications, Trade Conferences, and Key Events for Fleet Readiness Center Southwest

    Science.gov (United States)

    2007-12-01

    Win and Keep Big Customers. Austin: Bard Press, 2005. Kotler , Philip and Kevin Lane Keller. Marketing Management. Upper Saddle River, NJ...NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA MBA PROFESSIONAL REPORT A Market Analysis of Publications, Trade Conferences...AGENCY USE ONLY (Leave blank) 2. REPORT DATE December 2007 3. REPORT TYPE AND DATES COVERED MBA Professional Report 4. TITLE AND SUBTITLE: A Market

  15. Interviewing Key Informants: Strategic Planning for a Global Public Health Management Program

    Science.gov (United States)

    Kun, Karen E.; Kassim, Anisa; Howze, Elizabeth; MacDonald, Goldie

    2013-01-01

    The Centers for Disease Control and Prevention's Sustainable Management Development Program (SMDP) partners with low- and middle-resource countries to develop management capacity so that effective global public health programs can be implemented and better health outcomes can be achieved. The program's impact however, was variable. Hence, there…

  16. Cryptosystem based on two-step phase-shifting interferometry and the RSA public-key encryption algorithm

    Science.gov (United States)

    Meng, X. F.; Peng, X.; Cai, L. Z.; Li, A. M.; Gao, Z.; Wang, Y. R.

    2009-08-01

    A hybrid cryptosystem is proposed, in which one image is encrypted to two interferograms with the aid of double random-phase encoding (DRPE) and two-step phase-shifting interferometry (2-PSI), then three pairs of public-private keys are utilized to encode and decode the session keys (geometrical parameters, the second random-phase mask) and interferograms. In the stage of decryption, the ciphered image can be decrypted by wavefront reconstruction, inverse Fresnel diffraction, and real amplitude normalization. This approach can successfully solve the problem of key management and dispatch, resulting in increased security strength. The feasibility of the proposed cryptosystem and its robustness against some types of attack are verified and analyzed by computer simulations.

  17. Performing privacy in schools

    DEFF Research Database (Denmark)

    Lauritsen, Peter; Bøge, Ask Risom; Andersen, Lars Bo

    with technologies is carried out as well as observation is conducted. We obtain and present new knowledge about how surveillance is practiced in the interpersonal relations of students and teachers. References: Monahan, T., & Torres, R. D. (2009). Schools Under Surveillance: Cultures of Control in Public Education....... Rutgers University Press. Selwyn, N. (2010). Schools and Schooling in the Digital Age: A Critical Analysis. Routledge. Taylor, E. (2013). Surveillance Schools: Security, Discipline and Control in Contemporary Education. Palgrave Macmillan UK. Taylor, E., & Rooney, T. (2016). Surveillance Futures: Social......In this presentation we pursue the question: How is privacy performed and perceived in schools by children? Our aim is to investigate how the boundaries between public and private spheres are continuously performed in the formal setting of the classroom as well as in the social lives of students...

  18. Free-ranging domestic cats (Felis catus) on public lands: estimating density, activity, and diet in the Florida Keys

    Science.gov (United States)

    Cove, Michael V.; Gardner, Beth; Simons, Theodore R.; Kays, Roland; O'Connell, Allan F.

    2017-01-01

    Feral and free-ranging domestic cats (Felis catus) can have strong negative effects on small mammals and birds, particularly in island ecosystems. We deployed camera traps to study free-ranging cats in national wildlife refuges and state parks on Big Pine Key and Key Largo in the Florida Keys, USA, and used spatial capture–recapture models to estimate cat abundance, movement, and activities. We also used stable isotope analyses to examine the diet of cats captured on public lands. Top population models separated cats based on differences in movement and detection with three and two latent groups on Big Pine Key and Key Largo, respectively. We hypothesize that these latent groups represent feral, semi-feral, and indoor/outdoor house cats based on the estimated movement parameters of each group. Estimated cat densities and activity varied between the two islands, with relatively high densities (~4 cats/km2) exhibiting crepuscular diel patterns on Big Pine Key and lower densities (~1 cat/km2) exhibiting nocturnal diel patterns on Key Largo. These differences are most likely related to the higher proportion of house cats on Big Pine relative to Key Largo. Carbon and nitrogen isotope ratios from hair samples of free-ranging cats (n = 43) provided estimates of the proportion of wild and anthropogenic foods in cat diets. At the population level, cats on both islands consumed mostly anthropogenic foods (>80% of the diet), but eight individuals were effective predators of wildlife (>50% of the diet). We provide evidence that cat groups within a population move different distances, exhibit different activity patterns, and that individuals consume wildlife at different rates, which all have implications for managing this invasive predator.

  19. Istanbul Chamber of Certified Public Accountants (ISMMMO The Key Element of Accounting Profession

    Directory of Open Access Journals (Sweden)

    İlkim Mengülerek

    2013-11-01

    Full Text Available The purpose of this article is to indicate the identity struggle of a profession, the endeavors in the journey from Association to Chamber, the steps taken within this context, the achievements in a short period of time, the organizational development of Istanbul Chamber of Certified Public Accountants (ISMMMO between 1990 and 2009, the social function of the Chamber and its contributions to the profession in terms of information and science. The Information Access Center (IAC, established in 2006, serves not only in Istanbul but all over Turkey. IAC collects all books and periodicals in the field of accountancy published in Turkey and tracks certain foreign publications. It also continues to improve its services with the accountancy bibliography (books, articles, daily newsletter, index of "Mali Çözüm (Finance Solutions" magazine, and through activies and studies in the Library Week.

  20. Istanbul Chamber of Certified Public Accountants (ISMMMO) The Key Element of Accounting Profession

    OpenAIRE

    İlkim Mengülerek

    2013-01-01

    The purpose of this article is to indicate the identity struggle of a profession, the endeavors in the journey from Association to Chamber, the steps taken within this context, the achievements in a short period of time, the organizational development of Istanbul Chamber of Certified Public Accountants (ISMMMO) between 1990 and 2009, the social function of the Chamber and its contributions to the profession in terms of information and science. The Information Access Center (IAC), established ...

  1. Trust and its ramification for the DoD public key infrastructure (PKI)

    OpenAIRE

    Pedersen, Carl M.

    2001-01-01

    Approved for public release; distribution is unlimited Researchers have used a wide variety of trust definitions, leading to a plethora of meanings of the concept. But what does the word trust' mean? While most scholars provide their own definition of trust, they are dissatisfied regarding their own lack of consensus about what trust is. Trust is a cognitive function and modeling trust is an attempt to emulate the way a human assesses trust. Models of trust have been developed in an attemp...

  2. Public-private relationships in biobanking: a still underestimated key component of open innovation.

    Science.gov (United States)

    Hofman, Paul; Bréchot, Christian; Zatloukal, Kurt; Dagher, Georges; Clément, Bruno

    2014-01-01

    Access to human bioresources is essential to the understanding of human diseases and to the discovery of new biomarkers aimed at improving the diagnosis, prognosis, and the predictive response of patients to treatments. The use of biospecimens is strictly controlled by ethical assessment, which complies with the laws of the country. These laws regulate the partnerships between the biobanks and industrial actors. However, private-public partnerships (PPP) can be limiting for several reasons, which can hamper the discovery of new biological tests and new active molecules targeted to human diseases. The bottlenecks and roadblocks in establishing these partnerships include: poor organization of the biobank in setting up PPP, evaluation of the cost of human samples, the absence of experience on the public side in setting up contracts with industry, and the fact that public and private partners may not share the same objectives. However, it is critical, in particular for academic biobanks, to establish strong PPP to accelerate translational research for the benefits of patients, and to allow the sustainability of the biobank. The purpose of this review is to discuss the main bottlenecks and roadblocks that can hamper the establishment of PPP based on solid and trusting relationships.

  3. Is Electronic Privacy Achievable?

    National Research Council Canada - National Science Library

    Irvine, Cynthia E; Levin, Timothy E

    2000-01-01

    ... individuals. The purpose of this panel was to focus on how new technologies are affecting privacy. Technologies that might adversely affect privacy were identified by Rein Turn at previous symposia...

  4. A Scenario-Based Protocol Checker for Public-Key Authentication Scheme

    Science.gov (United States)

    Saito, Takamichi

    Security protocol provides communication security for the internet. One of the important features of it is authentication with key exchange. Its correctness is a requirement of the whole of the communication security. In this paper, we introduce three attack models realized as their attack scenarios, and provide an authentication-protocol checker for applying three attack-scenarios based on the models. We also utilize it to check two popular security protocols: Secure SHell (SSH) and Secure Socket Layer/Transport Layer Security (SSL/TLS).

  5. Neuroethics and Brain Privacy

    DEFF Research Database (Denmark)

    Ryberg, Jesper

    2017-01-01

    An introduction is presented in which editor discusses various articles within the issue on topics including ethical challenges with importance of privacy for well-being, impact of brain-reading on mind privacy and neurotechnology.......An introduction is presented in which editor discusses various articles within the issue on topics including ethical challenges with importance of privacy for well-being, impact of brain-reading on mind privacy and neurotechnology....

  6. Privacy and internet services

    OpenAIRE

    Samec, Marek

    2010-01-01

    This thesis is focused on internet services user privacy. Goal of this thesis is to determine level of user awareness of how is their privacy approached while using internet services. Then suggest procedure to improve this awareness, or that will lead to better control of individual privacy. In theoretical part I analyze general and legislative approach to privacy, followed by analysis of behaviour of internet service users and providers. Part of this analysis deals with usage of web cookies ...

  7. Internet and Privacy

    OpenAIRE

    Al-Fadhli, Meshal Shehab

    2007-01-01

    The concept of privacy is hard to understand and is not easy to define, because this concept is linked with several dimensions. Internet Privacy is associated with the use of the Internet and most likely appointed under communications privacy, involving the user of the Internet’s personal information and activities, and the disclosure of them online. This essay is going to present the meaning of privacy and the implications of it for Internet users. Also, this essay will demonstrate some of t...

  8. Key Characteristics of Rehabilitation Quality Improvement Publications: Scoping Review From 2010 to 2016.

    Science.gov (United States)

    Jesus, Tiago S; Papadimitriou, Christina; Pinho, Cátia S; Hoenig, Helen

    2017-09-28

    To characterize the peer-reviewed quality improvement (QI) literature in rehabilitation. Five electronic databases were searched for English-language articles from 2010 to 2016. Keywords for QI and safety management were searched for in combination with keywords for rehabilitation content and journals. Secondary searches (eg, references-list scanning) were also performed. Two reviewers independently selected articles using working definitions of rehabilitation and QI study types; of 1016 references, 112 full texts were assessed for eligibility. Reported study characteristics including study focus, study setting, use of inferential statistics, stated limitations, and use of improvement cycles and theoretical models were extracted by 1 reviewer, with a second reviewer consulted whenever inferences or interpretation were involved. Fifty-nine empirical rehabilitation QI studies were found: 43 reporting on local QI activities, 7 reporting on QI effectiveness research, 8 reporting on QI facilitators or barriers, and 1 systematic review of a specific topic. The number of publications had significant yearly growth between 2010 and 2016 (P=.03). Among the 43 reports on local QI activities, 23.3% did not explicitly report any study limitations; 39.5% did not used inferential statistics to measure the QI impact; 95.3% did not cite/mention the appropriate reporting guidelines; only 18.6% reported multiple QI cycles; just over 50% reported using a model to guide the QI activity; and only 7% reported the use of a particular theoretical model. Study sites and focuses were diverse; however, nearly a third (30.2%) examined early mobilization in intensive care units. The number of empirical, peer-reviewed rehabilitation QI publications is growing but remains a tiny fraction of rehabilitation research publications. Rehabilitation QI studies could be strengthened by greater use of extant models and theory to guide the QI work, consistent reporting of study limitations, and use of

  9. Understanding public sexual harassment : lesson plans and session guidance, key Stages 3 & 4.

    OpenAIRE

    Vera-Gray, F.; Bullough, J.

    2017-01-01

    These lesson plans have been written by Dr. Fiona Vera-Gray at Durham University and Jayne Bullough from Rape Crisis South London (RASASC). They were created through a partnership project with Doll’s Eye Theatre, Purple Drum, RASASC, Dr. Maria Garner, and Dr. Fiona Vera-Gray. Lessons on public sexual harassment were drawn from the work of Dr. Vera-Gray at Durham University. The project was made possible by Durham Law School’s Impact Acceleration Grant from the Economics and ...

  10. Right of Privacy, Right to Know: Which Prevails?

    Science.gov (United States)

    Simon, Morton J.

    1977-01-01

    Looks at the conflict between the 'right to know' and the 'right to privacy' by examining relationships and situations pertinent to both and concludes that the right to know and the right to privacy are two of the most ambiguous legal areas today facing government, the courts, the public and the individual. Available from: Public Relations Review,…

  11. 78 FR 21600 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2013-04-11

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DoD-2013-OS-0050] Privacy Act of 1974... notice in its existing inventory of record systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as... members of the public is to make these submissions available for public viewing on the Internet at http...

  12. 76 FR 10010 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-02-23

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2011-OS-0020] Privacy Act of 1974... inventory of records systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES: This... the public is to make these submissions available for public viewing on the Internet at http://www...

  13. 78 FR 52517 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2013-08-23

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID DoD-2013-OS-0183] Privacy Act of 1974... systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES: This proposed action will... public is to make these submissions available for public viewing on the Internet at http://www...

  14. 76 FR 11213 - Privacy Act of 1974; Systems of Records

    Science.gov (United States)

    2011-03-01

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID DOD-2011-OS-0017] Privacy Act of 1974... inventory of records systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES: This... public is of make these submissions available for public viewing on the Internet at http://www...

  15. 76 FR 43993 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-07-22

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2011-OS-0081] Privacy Act of 1974... the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES: This proposed action would be effective... the public is to make these submissions available for public viewing on the Internet at http://www...

  16. 76 FR 10008 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-02-23

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2011-OS-0023] Privacy Act of 1974... inventory of record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES: This... from members of the public is to make these submissions available for public viewing on the Internet at...

  17. 78 FR 31905 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2013-05-28

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DoD-2013-OS-0110] Privacy Act of 1974... notice in its existing inventory of record systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as... members of the public is to make these submissions available for public viewing on the Internet at http...

  18. 76 FR 45543 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-07-29

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2011-OS-0082] Privacy Act of 1974... subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES: This proposed action will be... the public is to make these submissions available for public viewing on the Internet at http://www...

  19. 75 FR 67703 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2010-11-03

    ... DEPARTMENT OF DEFENSE Department of the Army [Docket ID USA-2010-0024] Privacy Act of 1974; System... record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES: This proposed... the public is to make these submissions available for public viewing on the Internet at http://www...

  20. 76 FR 62394 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-10-07

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2011-OS-0109] Privacy Act of 1974... notice from its existing inventory of record systems subject to the Privacy Act of 1974 (5 U.S.C. 552a... public is to make these submissions available for public viewing on the Internet at http://www...

  1. 76 FR 37329 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-06-27

    ... DEPARTMENT OF DEFENSE Department of the Air Force [Docket ID: USAF-2011-0018] Privacy Act of 1974... of record systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES: This... public is to make these submissions available for public viewing on the Internet at http://www...

  2. 76 FR 1409 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-01-10

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2011-OS-0001] Privacy Act of 1974... inventory of record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES: This... from members of the public is to make these submissions available for public viewing on the Internet at...

  3. 75 FR 81247 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2010-12-27

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID DOD-2010-OS-0168] Privacy Act of 1974... inventory of records systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES: This... public is to make these submissions available for public viewing on the Internet at http://www...

  4. 76 FR 22682 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-04-22

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID DOD-2011-OS-0044] Privacy Act of 1974... inventory of record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES: This... from members of the public is to make these submissions available for public viewing on the Internet at...

  5. 76 FR 1411 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-01-10

    ... DEPARTMENT OF DEFENSE Department of the Air Force [Docket ID: USAF-2011-0001] Privacy Act of 1974... of record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES: This... the public is to make these submissions available for public viewing on the Internet at http://www...

  6. 78 FR 6078 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2013-01-29

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DoD-2013-OS-0011] Privacy Act of 1974... record systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES: This proposed... public is to make these submissions available for public viewing on the Internet at http:// [[Page 6079...

  7. 78 FR 5788 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2013-01-28

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DoD-2013-OS-0005] Privacy Act of 1974... of record systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES: This... of the public is to make these submissions available for public viewing on the Internet at http://www...

  8. 77 FR 60400 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2012-10-03

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID DOD-2012-OS-0119] Privacy Act of 1974... inventory of record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a(r)), as amended. DATES: This... public is to make these submissions available for public viewing on the Internet at http://www...

  9. 78 FR 14279 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2013-03-05

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID DoD-2013-OS-0040] Privacy Act of 1974... of record systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES: This... of the public is to make these submissions available for public viewing on the Internet at http://www...

  10. 78 FR 14273 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2013-03-05

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID DoD-2013-OS-0019] Privacy Act of 1974... record systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES: This proposed... public is to make these submissions available for public viewing on the Internet at http://www...

  11. 76 FR 28002 - Privacy Act of 1974; Systems of Records

    Science.gov (United States)

    2011-05-13

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2011-OS-0052] Privacy Act of 1974... existing inventory of records systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES... the public is to make these submissions available for public viewing on the Internet at http://www...

  12. 75 FR 69650 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2010-11-15

    ... DEPARTMENT OF DEFENSE Department of the Army [Docket ID: USA-2010-0026] Privacy Act of 1974... record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES: This proposed... from members of the public is to make these submissions available for public viewing on the Internet at...

  13. 78 FR 44102 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2013-07-23

    ... DEPARTMENT OF DEFENSE Department of the Army [Docket ID: USA-2013-0027] Privacy Act of 1974... of record systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES: This... of the public is to make these submissions available for public viewing on the Internet at http://www...

  14. Privacy and policy for genetic research.

    Science.gov (United States)

    DeCew, Judith Wagner

    2004-01-01

    I begin with a discussion of the value of privacy and what we lose without it. I then turn to the difficulties of preserving privacy for genetic information and other medical records in the face of advanced information technology. I suggest three alternative public policy approaches to the problem of protecting individual privacy and also preserving databases for genetic research: (1) governmental guidelines and centralized databases, (2) corporate self-regulation, and (3) my hybrid approach. None of these are unproblematic; I discuss strengths and drawbacks of each, emphasizing the importance of protecting the privacy of sensitive medical and genetic information as well as letting information technology flourish to aid patient care, public health and scientific research.

  15. Privacy and Library Records

    Science.gov (United States)

    Bowers, Stacey L.

    2006-01-01

    This paper summarizes the history of privacy as it relates to library records. It commences with a discussion of how the concept of privacy first originated through case law and follows the concept of privacy as it has affected library records through current day and the "USA PATRIOT Act."

  16. Privacy Verification Using Ontologies

    NARCIS (Netherlands)

    Kost, Martin; Freytag, Johann-Christoph; Kargl, Frank; Kung, Antonio

    2011-01-01

    As information systems extensively exchange information between participants, privacy concerns may arise from its potential misuse. A Privacy by Design (PbD) approach considers privacy requirements of different stakeholders during the design and the implementation of a system. Currently, a

  17. Social Media Users’ Legal Consciousness About Privacy

    Directory of Open Access Journals (Sweden)

    Katharine Sarikakis

    2017-02-01

    Full Text Available This article explores the ways in which the concept of privacy is understood in the context of social media and with regard to users’ awareness of privacy policies and laws in the ‘Post-Snowden’ era. In the light of presumably increased public exposure to privacy debates, generated partly due to the European “Right to be Forgotten” ruling and the Snowden revelations on mass surveillance, this article explores users’ meaning-making of privacy as a matter of legal dimension in terms of its violations and threats online and users’ ways of negotiating their Internet use, in particular social networking sites. Drawing on the concept of legal consciousness, this article explores through focus group interviews the ways in which social media users negotiate privacy violations and what role their understanding of privacy laws (or lack thereof might play in their strategies of negotiation. The findings are threefold: first, privacy is understood almost universally as a matter of controlling one’s own data, including information disclosure even to friends, and is strongly connected to issues about personal autonomy; second, a form of resignation with respect to control over personal data appears to coexist with a recognized need to protect one’s private data, while respondents describe conscious attempts to circumvent systems of monitoring or violation of privacy, and third, despite widespread coverage of privacy legal issues in the press, respondents’ concerns about and engagement in “self-protecting” tactics derive largely from being personally affected by violations of law and privacy.

  18. Addressing College Drinking as a Statewide Public Health Problem: Key Findings From the Maryland Collaborative.

    Science.gov (United States)

    Arria, Amelia M; Jernigan, David H

    2018-03-01

    Excessive drinking among college students is a serious and pervasive public health problem. Although much research attention has focused on developing and evaluating evidence-based practices to address college drinking, adoption has been slow. The Maryland Collaborative to Reduce College Drinking and Related Problems was established in 2012 to bring together a network of institutions of higher education in Maryland to collectively address college drinking by using both individual-level and environmental-level evidence-based approaches. In this article, the authors describe the findings of this multilevel, multicomponent statewide initiative. To date, the Maryland Collaborative has succeeded in providing a forum for colleges to share knowledge and experiences, strengthen existing strategies, and engage in a variety of new activities. Administration of an annual student survey has been useful for guiding interventions as well as evaluating progress toward the Maryland Collaborative's goal to measurably reduce high-risk drinking and its radiating consequences on student health, safety, and academic performance and on the communities surrounding college campuses. The experiences of the Maryland Collaborative exemplify real-world implementation of evidence-based approaches to reduce this serious public health problem.

  19. Benchmarking Non Public Hospitals in Puerto Rico: A Key Component in the Financial Performance

    Directory of Open Access Journals (Sweden)

    Arisbel Ramos Martin

    2016-03-01

    Full Text Available Benchmarking is considered a key component of the organizational performance measurement system. This study examines a sample of 53 profit and nonprofit hospitals registered in the American Hospital Directory, through four financial dimensions: liquidity, efficiency, profitability and capital structure. The purpose of the study is to validate whether the financial industry benchmark differs or not from a group of 17 selected financial ratios of profit and nonprofit hospitals, to determine if their financial performance is efficient or inefficient in the Puerto Rico health care system. The findings from the research show that 53% or more of the 17 selected financial ratios, compared globally, suggest being efficient in both types of hospitals. This means that these financial ratios were greater than or equal to the industry benchmark.

  20. 77 FR 17460 - Multistakeholder Process To Develop Consumer Data Privacy Codes of Conduct

    Science.gov (United States)

    2012-03-26

    ..., 2012, NTIA requested public comments on (1) which consumer data privacy issues should be the focus of.... 120214135-2203-02] RIN 0660-XA27 Multistakeholder Process To Develop Consumer Data Privacy Codes of Conduct... request for public comments on the multistakeholder process to develop consumer data privacy codes of...

  1. Multilayered security and privacy protection in Car-to-X networks solutions from application down to physical layer

    CERN Document Server

    Stübing, Hagen

    2013-01-01

    Car-to-X (C2X) communication in terms of Car-to-Car (C2C) and Car-to-Infrastructure (C2I) communication aims at increasing road safety and traffic efficiency by exchanging foresighted traffic information. Thereby, security and privacy are regarded as an absolute prerequisite for successfully establishing the C2X technology on the market. Towards the paramount objective of covering the entire ITS reference model with security and privacy measures, Hagen Stübing develops dedicated solutions for each layer, respectively. On application layer a security architecture in terms of a Public Key Infras

  2. Public health economics: a systematic review of guidance for the economic evaluation of public health interventions and discussion of key methodological issues.

    Science.gov (United States)

    Edwards, Rhiannon Tudor; Charles, Joanna Mary; Lloyd-Williams, Huw

    2013-10-24

    If Public Health is the science and art of how society collectively aims to improve health, and reduce inequalities in health, then Public Health Economics is the science and art of supporting decision making as to how society can use its available resources to best meet these objectives and minimise opportunity cost. A systematic review of published guidance for the economic evaluation of public health interventions within this broad public policy paradigm was conducted. Electronic databases and organisation websites were searched using a 22 year time horizon (1990-2012). References of papers were hand searched for additional papers for inclusion. Government reports or peer-reviewed published papers were included if they; referred to the methods of economic evaluation of public health interventions, identified key challenges of conducting economic evaluations of public health interventions or made recommendations for conducting economic evaluations of public health interventions. Guidance was divided into three categories UK guidance, international guidance and observations or guidance provided by individual commentators in the field of public health economics. An assessment of the theoretical frameworks underpinning the guidance was made and served as a rationale for categorising the papers. We identified 5 international guidance documents, 7 UK guidance documents and 4 documents by individual commentators. The papers reviewed identify the main methodological challenges that face analysts when conducting such evaluations. There is a consensus within the guidance that wider social and environmental costs and benefits should be looked at due to the complex nature of public health. This was reflected in the theoretical underpinning as the majority of guidance was categorised as extra-welfarist. In this novel review we argue that health economics may have come full circle from its roots in broad public policy economics. We may find it useful to think in this broader

  3. Public health economics: a systematic review of guidance for the economic evaluation of public health interventions and discussion of key methodological issues

    Science.gov (United States)

    2013-01-01

    Background If Public Health is the science and art of how society collectively aims to improve health, and reduce inequalities in health, then Public Health Economics is the science and art of supporting decision making as to how society can use its available resources to best meet these objectives and minimise opportunity cost. A systematic review of published guidance for the economic evaluation of public health interventions within this broad public policy paradigm was conducted. Methods Electronic databases and organisation websites were searched using a 22 year time horizon (1990–2012). References of papers were hand searched for additional papers for inclusion. Government reports or peer-reviewed published papers were included if they; referred to the methods of economic evaluation of public health interventions, identified key challenges of conducting economic evaluations of public health interventions or made recommendations for conducting economic evaluations of public health interventions. Guidance was divided into three categories UK guidance, international guidance and observations or guidance provided by individual commentators in the field of public health economics. An assessment of the theoretical frameworks underpinning the guidance was made and served as a rationale for categorising the papers. Results We identified 5 international guidance documents, 7 UK guidance documents and 4 documents by individual commentators. The papers reviewed identify the main methodological challenges that face analysts when conducting such evaluations. There is a consensus within the guidance that wider social and environmental costs and benefits should be looked at due to the complex nature of public health. This was reflected in the theoretical underpinning as the majority of guidance was categorised as extra-welfarist. Conclusions In this novel review we argue that health economics may have come full circle from its roots in broad public policy economics. We may

  4. Publication patterns on occupied Palestine in four key medical journals 1990-2016: a descriptive study.

    Science.gov (United States)

    Gilbert, Mads

    2018-02-21

    The atrocities in Syria have been covered in the four general medical weekly journals in the USA and the UK. Medical journal articles addressing political determinants of public health have rightly described and criticised the international community's failure to enforce humanitarian law while urging global bodies of power to ensure protection of civilians and civilian infrastructure and medical services. Discussions of the political influences on health of people in the occupied Palestinian territory (West Bank and Gaza Strip) seem to be considered politically out-of-bounds by some medical journals. This study used a keyword-based search to explore patterns of publication about the occupied Palestinian territory and Israel by four large US and European medical journals. The four highest ranked, peer-reviewed, international medical journals were searched: The Journal of the American Medical Association (JAMA), The New England Journal of Medicine (NEJM), The Lancet, and The British Medical Journal (BMJ). Searches were conducted between Sept 1 and Sept 6, using each journal's search engine with the keywords "Gaza", "West Bank" and the stems "Palestin*" and "Israel*" in all fields for the period Jan 1, 1990, to Sept 6, 2016. News and commentary articles were included in the findings. The searches found the term "Palestin*" in 49 articles from the two US journals (32 in JAMA; 17 in NEJM) and 694 articles in the two UK journals (236 in The Lancet; 458 in BMJ). "Israel*" was found in 840 articles in US journals (386 in JAMA; 454 in NEJM) and in 2972 articles in UK journals (1388 in The Lancet; 1584 in BMJ). "West Bank" was found in nine articles in US journals (nine in JAMA; none in NEJM) and in 297 articles from the UK (211 in The Lancet; 86 in BMJ). "Gaza" was found in 18 articles in US journals (15 from JAMA; three from NEJM) and in 487 articles in UK journals (324 in The Lancet; 166 in BMJ). Compared with the two US-based medical journals, the UK journals published

  5. Public Policies for ICT Update In Business: Some Key Indicators for Spain in the European Area

    Directory of Open Access Journals (Sweden)

    José Luis Vázquez

    2013-08-01

    Full Text Available Purpose—Based on the new face of business in the twenty first century, this general review is aimed at analyzing the use of information and communication technologies (ICT as social technologies by Spanish enterprises in the European context, as a result of recent policy frameworks set at communitarian and national levels.Design/methodology/approach—The paper reviews the guidelines marked by European common policies with regards to ICT update in business, just as the translation of such standards in the Spanish area. From this framework, implications of ICT adoption in the social relationships with consumers, employees, business partners and public authorities are analyzed by providing some figures in the Spanish context in comparison with the European average.Findings—The analysis supports a positive effect of national policies on Spanish enterprises’ use of social technologies in the interactions with their internal and external stakeholders, while some differences can be reported attending size and sector criteria. In this respect, ICT penetration seems to be widespread in Spanish enterprises longer than ten employees, specially within informatics, telecommunications and audiovisuals, whereas automation of interactions is moderated in micro-enterprises in the manufacture, building, retailing, and transportation sectors.Research limitations/implications—The paper offers a general overview of the use of ICT as social technologies in Spanish enterprises based on public reports. However, further research should be oriented to analyze more in deep the impact of public policies on ICT adoption and usage in business, by explaining their determining factors and comparing different clusters of counties and major regions of the world.Practical implications—The analysis reported point to the need of reinforcing the Spanish positioning in the ICT European sector in the long term. In this sense, future policy measures should be devoted to

  6. Public Policies for ICT Update In Business: Some Key Indicators for Spain in the European Area

    Directory of Open Access Journals (Sweden)

    Ana Lanero

    2011-08-01

    Full Text Available Purpose—Based on the new face of business in the twenty first century, this general review is aimed at analyzing the use of information and communication technologies (ICT as social technologies by Spanish enterprises in the European context, as a result of recent policy frameworks set at communitarian and national levels. Design/methodology/approach—The paper reviews the guidelines marked by European common policies with regards to ICT update in business, just as the translation of such standards in the Spanish area. From this framework, implications of ICT adoption in the social relationships with consumers, employees, business partners and public authorities are analyzed by providing some figures in the Spanish context in comparison with the European average.Findings—The analysis supports a positive effect of national policies on Spanish enterprises’ use of social technologies in the interactions with their internal and external stakeholders, while some differences can be reported attending size and sector criteria. In this respect, ICT penetration seems to be widespread in Spanish enterprises longer than ten employees, specially within informatics, telecommunications and audiovisuals, whereas automation of interactions is moderated in micro-enterprises in the manufacture, building, retailing, and transportation sectors.Research limitations/implications—The paper offers a general overview of the use of ICT as social technologies in Spanish enterprises based on public reports. However, further research should be oriented to analyze more in deep the impact of public policies on ICT adoption and usage in business, by explaining their determining factors and comparing different clusters of counties and major regions of the world.Practical implications—The analysis reported point to the need of reinforcing the Spanish positioning in the ICT European sector in the long term. In this sense, future policy measures should be devoted to

  7. Privacy Protection in Cloud Using Rsa Algorithm

    OpenAIRE

    Amandeep Kaur; Manpreet Kaur

    2014-01-01

    The cloud computing architecture has been on high demand nowadays. The cloud has been successful over grid and distributed environment due to its cost and high reliability along with high security. However in the area of research it is observed that cloud computing still has some issues in security regarding privacy. The cloud broker provide services of cloud to general public and ensures that data is protected however they sometimes lag security and privacy. Thus in this work...

  8. Privacy by design in personal health monitoring.

    Science.gov (United States)

    Nordgren, Anders

    2015-06-01

    The concept of privacy by design is becoming increasingly popular among regulators of information and communications technologies. This paper aims at analysing and discussing the ethical implications of this concept for personal health monitoring. I assume a privacy theory of restricted access and limited control. On the basis of this theory, I suggest a version of the concept of privacy by design that constitutes a middle road between what I call broad privacy by design and narrow privacy by design. The key feature of this approach is that it attempts to balance automated privacy protection and autonomously chosen privacy protection in a way that is context-sensitive. In personal health monitoring, this approach implies that in some contexts like medication assistance and monitoring of specific health parameters one single automatic option is legitimate, while in some other contexts, for example monitoring in which relatives are receivers of health-relevant information rather than health care professionals, a multi-choice approach stressing autonomy is warranted.

  9. What are the key organisational capabilities that facilitate research use in public health policy?

    Science.gov (United States)

    Huckel Schneider, Carmen; Campbell, Danielle; Milat, Andrew; Haynes, Abby; Quinn, Emma

    2014-11-28

    Literature about research use suggests that certain characteristics or capabilities may make policy agencies more evidence attuned. This study sought to determine policy makers' perceptions of a suite of organisational capabilities identified from the literature as potentially facilitating research uptake in policy decision making. A literature scan identified eight key organisational capabilities that support research use in policy making. To determine whether these capabilities were relevant, practical and applicable in real world policy settings, nine Australian health policy makers were consulted in September 2011. We used an open-ended questionnaire asking what facilitates the use of research in policy and program decision making, followed by specific questions rating the proposed capabilities. Interviews were transcribed and the content analysed. There was general agreement that the capabilities identified from the literature were relevant to real world contexts. However, interviewees varied in whether they could provide examples of experiences with the capabilities, how essential they considered the different capabilities to be and how difficult they considered the capabilities were to achieve. Efforts to improve the use of research in policy decision making are likely to benefit from targeting multiple organisational capabilities, including staff skills and competence, tools such as templates and checklists to aid evidence use and leadership support for the use of research in policy development. However, such efforts should be guided by an understanding of how policy agencies use evidence and how they view their roles, and external factors such as resource constraints and availability of appropriate research.

  10. Art as a key tool for engaging the public with the ICESat-2 mission

    Science.gov (United States)

    Casasanto, V.; Markus, T.

    2017-12-01

    NASA's Ice, Cloud, and land Elevation Satellite (ICESat-2), to be launched in the Fall of 2018, will measure the height of Earth from space using lasers, collecting the most precise and detailed account yet of our planet's elevation. The mission will allow scientists to investigate how global warming is changing the planet's icy polar regions and to take stock of Earth's vegetation. ICESat-2's emphasis on polar ice, as well as its unique measurement approach, has provided an intriguing and accessible focus for the mission's education and outreach programs. Sea ice and land ice are areas have experienced significant change in recent years. It is key to communicate what is happening, why we are measuring these areas and their importance to our global climate. Art is a powerful tool to inspire, engage, and provide an emotional connection to these remote areas. This paper will detail ICESat-2's art/science collaborations, including results from a unique collaboration with art and design school the Savannah College of Art Design (SCAD). Additional programs will be discussed including a multimedia live music program to engage on an emotional level, to communicate the importance of the polar regions to our global climate, and to inspire to take action.

  11. Security of Color Image Data Designed by Public-Key Cryptosystem Associated with 2D-DWT

    Science.gov (United States)

    Mishra, D. C.; Sharma, R. K.; Kumar, Manish; Kumar, Kuldeep

    2014-08-01

    In present times the security of image data is a major issue. So, we have proposed a novel technique for security of color image data by public-key cryptosystem or asymmetric cryptosystem. In this technique, we have developed security of color image data using RSA (Rivest-Shamir-Adleman) cryptosystem with two-dimensional discrete wavelet transform (2D-DWT). Earlier proposed schemes for security of color images designed on the basis of keys, but this approach provides security of color images with the help of keys and correct arrangement of RSA parameters. If the attacker knows about exact keys, but has no information of exact arrangement of RSA parameters, then the original information cannot be recovered from the encrypted data. Computer simulation based on standard example is critically examining the behavior of the proposed technique. Security analysis and a detailed comparison between earlier developed schemes for security of color images and proposed technique are also mentioned for the robustness of the cryptosystem.

  12. On the Ergodic Secret-Key Agreement over Spatially Correlated Multiple-Antenna Channels with Public Discussion

    KAUST Repository

    Zorgui, Marwen

    2015-09-28

    We consider secret-key agreement with public discussion over multiple-input multiple-output (MIMO) Rayleigh fast-fading channels under correlated environment. We assume that transmit, legitimate receiver and eavesdropper antennas are correlated. The legitimate receiver and the eavesdropper are assumed to have perfect channel knowledge while the transmitter has only knowledge of the correlation matrices. First, we derive the expression of the secret-key capacity under the considered setup. We prove that the optimal transmit strategy achieving the secret-key capacity consists in transmitting independent Gaussian signals along the eingenvectors of the transmit correlation matrix. The powers allocated to each channel mode are determined as the solution to a numerical optimization problem. A necessary and sufficient condition for beamforming (i.e., transmitting along the strongest channel mode) to be capacity-achieving is derived. Moreover, we analyze the impact of correlation matrices on the system performance. Finally, we study the system’s performance in the two extreme power regimes. In the high-power regime, we provide closed-form expressions of the gain/loss due to correlation. In the low signal-to-noise ratio (SNR) regime, we investigate the energy efficiency of the system by determining the minimum energy required for sharing a secret-key bit and the wideband slope while highlighting the impact of correlation matrices.

  13. Public health and social injustice are the key issues for the decriminalization of abortion in Mexico.

    Science.gov (United States)

    1994-01-01

    Although the Second National Abortion Survey Gallup found that 88% of Mexicans believe abortion should be a woman's choice and 77% think the decriminalization of abortion would substantially reduce maternal mortality, abortion in Mexico remains governed by a 1931 criminal code. The survey was initiated by the Information and Reproductive Choice Group to provide information for the 1994 national debate on abortion. Supporters of legal abortion note that poor women resort to unsafe pregnancy terminations without regard to the criminal status of abortion. According to Patricia Mercado, co-founder of the Reproductive Choice Group, "You can be against abortion, but still allow it to be decriminalized. In other words, criminalization does not prevent women from having abortions, it only makes then have then in bad conditions. The idea is that women should be able to decide freely without risking problems of health and social justice." Despite public support for abortion legalization, survey results indicate widespread fear about acknowledging the existence of clandestine abortion. An estimated 1-2 million illegal abortions occur each year in Mexico, yet only 26% of survey respondents would admit to knowing a woman who had undergone illegal abortion.

  14. Biobanking and Privacy in India.

    Science.gov (United States)

    Chaturvedi, Sachin; Srinivas, Krishna Ravi; Muthuswamy, Vasantha

    2016-03-01

    Biobank-based research is not specifically addressed in Indian statutory law and therefore Indian Council for Medical Research guidelines are the primary regulators of biobank research in India. The guidelines allow for broad consent and for any level of identification of specimens. Although privacy is a fundamental right under the Indian Constitution, courts have limited this right when it conflicts with other rights or with the public interest. Furthermore, there is no established privacy test or actionable privacy right in the common law of India. In order to facilitate biobank-based research, both of these lacunae should be addressed by statutory law specifically addressing biobanking and more directly addressing the accompanying privacy concerns. A biobank-specific law should be written with international guidelines in mind, but harmonization with other laws should not be attempted until after India has created a law addressing biobank research within the unique legal and cultural environment of India. © 2016 American Society of Law, Medicine & Ethics.

  15. Kids Sell: Celebrity Kids’ Right to Privacy

    Directory of Open Access Journals (Sweden)

    Seong Choul Hong

    2016-04-01

    Full Text Available The lives of celebrities are often spotlighted in the media because of their newsworthiness; however, many celebrities argue that their right to privacy is often infringed upon. Concerns about celebrity privacy are not limited to the celebrities themselves and often expand to their children. As a result of their popularity, public interest has pushed paparazzi and journalists to pursue trivial and private details about the lives of both celebrities and their children. This paper investigates conflicting areas where the right to privacy and the right to know collide when dealing with the children of celebrities. In general, the courts have been unsympathetic to celebrity privacy claims, noting their newsworthiness and self-promoted characteristic. Unless the press violates news-gathering ethics or torts, the courts will often rule in favor of the media. However, the story becomes quite different when related to an infringement on the privacy of celebrities’ children. This paper argues that all children have a right to protect their privacy regardless of their parents’ social status. Children of celebrities should not be exempt to principles of privacy just because their parents are a celebrity. Furthermore, they should not be exposed by the media without the voluntary consent of their legal patrons. That is, the right of the media to publish and the newsworthiness of children of celebrities must be restrictedly acknowledged.

  16. New threats to health data privacy.

    Science.gov (United States)

    Li, Fengjun; Zou, Xukai; Liu, Peng; Chen, Jake Y

    2011-11-24

    Along with the rapid digitalization of health data (e.g. Electronic Health Records), there is an increasing concern on maintaining data privacy while garnering the benefits, especially when the data are required to be published for secondary use. Most of the current research on protecting health data privacy is centered around data de-identification and data anonymization, which removes the identifiable information from the published health data to prevent an adversary from reasoning about the privacy of the patients. However, published health data is not the only source that the adversaries can count on: with a large amount of information that people voluntarily share on the Web, sophisticated attacks that join disparate information pieces from multiple sources against health data privacy become practical. Limited efforts have been devoted to studying these attacks yet. We study how patient privacy could be compromised with the help of today's information technologies. In particular, we show that private healthcare information could be collected by aggregating and associating disparate pieces of information from multiple online data sources including online social networks, public records and search engine results. We demonstrate a real-world case study to show user identity and privacy are highly vulnerable to the attribution, inference and aggregation attacks. We also show that people are highly identifiable to adversaries even with inaccurate information pieces about the target, with real data analysis. We claim that too much information has been made available electronic and available online that people are very vulnerable without effective privacy protection.

  17. Choose Privacy Week: Educate Your Students (and Yourself) about Privacy

    Science.gov (United States)

    Adams, Helen R.

    2016-01-01

    The purpose of "Choose Privacy Week" is to encourage a national conversation to raise awareness of the growing threats to personal privacy online and in day-to-day life. The 2016 Choose Privacy Week theme is "respecting individuals' privacy," with an emphasis on minors' privacy. A plethora of issues relating to minors' privacy…

  18. 75 FR 63703 - Privacy Act of 1974; Privacy Act Regulation

    Science.gov (United States)

    2010-10-18

    ... FEDERAL RESERVE SYSTEM 12 CFR Part 261a [Docket No. R-1313] Privacy Act of 1974; Privacy Act... implementing the Privacy Act of 1974 (Privacy Act). The primary changes concern the waiver of copying fees... records under the Privacy Act; the amendment of special procedures for the release of medical records to...

  19. A Taxonomy of Privacy Constructs for Privacy-Sensitive Robotics

    OpenAIRE

    Rueben, Matthew; Grimm, Cindy M.; Bernieri, Frank J.; Smart, William D.

    2017-01-01

    The introduction of robots into our society will also introduce new concerns about personal privacy. In order to study these concerns, we must do human-subject experiments that involve measuring privacy-relevant constructs. This paper presents a taxonomy of privacy constructs based on a review of the privacy literature. Future work in operationalizing privacy constructs for HRI studies is also discussed.

  20. A digital memories based user authentication scheme with privacy preservation.

    Directory of Open Access Journals (Sweden)

    JunLiang Liu

    Full Text Available The traditional username/password or PIN based authentication scheme, which still remains the most popular form of authentication, has been proved insecure, unmemorable and vulnerable to guessing, dictionary attack, key-logger, shoulder-surfing and social engineering. Based on this, a large number of new alternative methods have recently been proposed. However, most of them rely on users being able to accurately recall complex and unmemorable information or using extra hardware (such as a USB Key, which makes authentication more difficult and confusing. In this paper, we propose a Digital Memories based user authentication scheme adopting homomorphic encryption and a public key encryption design which can protect users' privacy effectively, prevent tracking and provide multi-level security in an Internet & IoT environment. Also, we prove the superior reliability and security of our scheme compared to other schemes and present a performance analysis and promising evaluation results.

  1. Privacy-Preserving Electrocardiogram Monitoring for Intelligent Arrhythmia Detection.

    Science.gov (United States)

    Son, Junggab; Park, Juyoung; Oh, Heekuck; Bhuiyan, Md Zakirul Alam; Hur, Junbeom; Kang, Kyungtae

    2017-06-12

    Long-term electrocardiogram (ECG) monitoring, as a representative application of cyber-physical systems, facilitates the early detection of arrhythmia. A considerable number of previous studies has explored monitoring techniques and the automated analysis of sensing data. However, ensuring patient privacy or confidentiality has not been a primary concern in ECG monitoring. First, we propose an intelligent heart monitoring system, which involves a patient-worn ECG sensor (e.g., a smartphone) and a remote monitoring station, as well as a decision support server that interconnects these components. The decision support server analyzes the heart activity, using the Pan-Tompkins algorithm to detect heartbeats and a decision tree to classify them. Our system protects sensing data and user privacy, which is an essential attribute of dependability, by adopting signal scrambling and anonymous identity schemes. We also employ a public key cryptosystem to enable secure communication between the entities. Simulations using data from the MIT-BIH arrhythmia database demonstrate that our system achieves a 95.74% success rate in heartbeat detection and almost a 96.63% accuracy in heartbeat classification, while successfully preserving privacy and securing communications among the involved entities.

  2. Privacy-Preserving Electrocardiogram Monitoring for Intelligent Arrhythmia Detection †

    Science.gov (United States)

    Son, Junggab; Park, Juyoung; Oh, Heekuck; Bhuiyan, Md Zakirul Alam; Hur, Junbeom; Kang, Kyungtae

    2017-01-01

    Long-term electrocardiogram (ECG) monitoring, as a representative application of cyber-physical systems, facilitates the early detection of arrhythmia. A considerable number of previous studies has explored monitoring techniques and the automated analysis of sensing data. However, ensuring patient privacy or confidentiality has not been a primary concern in ECG monitoring. First, we propose an intelligent heart monitoring system, which involves a patient-worn ECG sensor (e.g., a smartphone) and a remote monitoring station, as well as a decision support server that interconnects these components. The decision support server analyzes the heart activity, using the Pan–Tompkins algorithm to detect heartbeats and a decision tree to classify them. Our system protects sensing data and user privacy, which is an essential attribute of dependability, by adopting signal scrambling and anonymous identity schemes. We also employ a public key cryptosystem to enable secure communication between the entities. Simulations using data from the MIT-BIH arrhythmia database demonstrate that our system achieves a 95.74% success rate in heartbeat detection and almost a 96.63% accuracy in heartbeat classification, while successfully preserving privacy and securing communications among the involved entities. PMID:28604628

  3. Secret-key agreement over spatially correlated fast-fading multiple-antenna channels with public discussion

    KAUST Repository

    Zorgui, Marwen

    2015-06-14

    We consider secret-key agreement with public discussion over multiple-input multiple-output (MIMO) Rayleigh fast-fading channels under correlated environment. We assume that transmit, legitimate receiver and eavesdropper antennas are correlated. The legitimate receiver and the eavesdropper are assumed to have perfect channel knowledge while the transmitter has only knowledge of the correlation matrices. First, we derive the expression of the secret-key capacity under the considered setup. Then, we prove that the optimal transmit strategy achieving the secret-key capacity consists in transmitting independent Gaussian signals along the eingenvectors of the transmit correlation matrix. The powers allocated to each channel mode are determined as the solution to a numerical optimization problem that we derive. A necessary and sufficient condition for beamforming (i.e., transmitting along the strongest channel mode) to be capacity-achieving is derived. Finally, we analyze the impact of correlation matrices on the system performance and provide closed-form expressions of the gain/loss due to correlation in the high power regime.

  4. A Deontological View of the Privacy Debate.

    Science.gov (United States)

    Wilson, Alan

    The mass media are at odds with the public on issues concerning privacy, i.e., issues concerning whether private information about a person should be printed in a newspaper or magazine. In a 1982 survey, one journalist/respondent said his or her newspaper "almost always" favored the public's right to know over a person's right to…

  5. Student Data Privacy Is Cloudy Today, Clearer Tomorrow

    Science.gov (United States)

    Trainor, Sonja

    2015-01-01

    An introduction to the big picture conversation on student data privacy and the norms that are coming out of it. The author looks at the current state of federal law, and ahead to proposed legislation at the federal level. The intent is to help educators become familiar with the key issues regarding student data privacy in education so as to…

  6. Secure open cloud in data transmission using reference pattern and identity with enhanced remote privacy checking

    Science.gov (United States)

    Vijay Singh, Ran; Agilandeeswari, L.

    2017-11-01

    To handle the large amount of client’s data in open cloud lots of security issues need to be address. Client’s privacy should not be known to other group members without data owner’s valid permission. Sometime clients are fended to have accessing with open cloud servers due to some restrictions. To overcome the security issues and these restrictions related to storing, data sharing in an inter domain network and privacy checking, we propose a model in this paper which is based on an identity based cryptography in data transmission and intermediate entity which have client’s reference with identity that will take control handling of data transmission in an open cloud environment and an extended remote privacy checking technique which will work at admin side. On behalf of data owner’s authority this proposed model will give best options to have secure cryptography in data transmission and remote privacy checking either as private or public or instructed. The hardness of Computational Diffie-Hellman assumption algorithm for key exchange makes this proposed model more secure than existing models which are being used for public cloud environment.

  7. Designing Privacy for You : A User Centric Approach For Privacy

    OpenAIRE

    Senarath, Awanthika; Arachchilage, Nalin A. G.; Slay, Jill

    2017-01-01

    Privacy directly concerns the user as the data owner (data- subject) and hence privacy in systems should be implemented in a manner which concerns the user (user-centered). There are many concepts and guidelines that support development of privacy and embedding privacy into systems. However, none of them approaches privacy in a user- centered manner. Through this research we propose a framework that would enable developers and designers to grasp privacy in a user-centered manner and implement...

  8. Sharing Privacy Protected and Statistically Sound Clinical Research Data Using Outsourced Data Storage

    Directory of Open Access Journals (Sweden)

    Geontae Noh

    2014-01-01

    Full Text Available It is critical to scientific progress to share clinical research data stored in outsourced generally available cloud computing services. Researchers are able to obtain valuable information that they would not otherwise be able to access; however, privacy concerns arise when sharing clinical data in these outsourced publicly available data storage services. HIPAA requires researchers to deidentify private information when disclosing clinical data for research purposes and describes two available methods for doing so. Unfortunately, both techniques degrade statistical accuracy. Therefore, the need to protect privacy presents a significant problem for data sharing between hospitals and researchers. In this paper, we propose a controlled secure aggregation protocol to secure both privacy and accuracy when researchers outsource their clinical research data for sharing. Since clinical data must remain private beyond a patient’s lifetime, we take advantage of lattice-based homomorphic encryption to guarantee long-term security against quantum computing attacks. Using lattice-based homomorphic encryption, we design an aggregation protocol that aggregates outsourced ciphertexts under distinct public keys. It enables researchers to get aggregated results from outsourced ciphertexts of distinct researchers. To the best of our knowledge, our protocol is the first aggregation protocol which can aggregate ciphertexts which are encrypted with distinct public keys.

  9. Regulating Online Data Privacy

    OpenAIRE

    Paul Reid

    2004-01-01

    With existing data protection laws proving inadequate in the fight to protect online data privacy and with the offline law of privacy in a state of change and uncertainty, the search for an alternative solution to the important problem of online data privacy should commence. With the inherent problem of jurisdiction that the Internet presents, such a solution is best coming from a multi-national body with the power to approximate laws in as many jurisdictions as possible, with a recognised au...

  10. Protecting genetic privacy.

    Science.gov (United States)

    Roche, P A; Annas, G J

    2001-05-01

    This article outlines the arguments for and against new rules to protect genetic privacy. We explain why genetic information is different to other sensitive medical information, why researchers and biotechnology companies have opposed new rules to protect genetic privacy (and favour anti-discrimination laws instead), and discuss what can be done to protect privacy in relation to genetic-sequence information and to DNA samples themselves.

  11. Privacy driven internet ecosystem

    OpenAIRE

    Trinh, Tuan Anh; Gyarmati, Laszlo

    2012-01-01

    The dominant business model of today's Internet is built upon advertisements; users can access Internet services while the providers show ads to them. Although significant efforts have been made to model and analyze the economic aspects of this ecosystem, the heart of the current status quo, namely privacy, has not received the attention of the research community yet. Accordingly, we propose an economic model of the privacy driven Internet ecosystem where privacy is handled as an asset that c...

  12. PUBLIC KEY INFRASTRUCTURE (PKI)

    Data.gov (United States)

    Federal Laboratory Consortium — Common Access Card (CAC)Enterprise Testing Overview:Established in 2003Performs test and evaluations of the DOD PKI CAC issuance systems from an enterprise level all...

  13. Privacy in domestic environments

    OpenAIRE

    Radics, Peter J; Gracanin, Denis

    2011-01-01

    non-peer-reviewed While there is a growing body of research on privacy,most of the work puts the focus on information privacy. Physical and psychological privacy issues receive little to no attention. However, the introduction of technology into our lives can cause problems with regard to these aspects of privacy. This is especially true when it comes to our homes, both as nodes of our social life and places for relaxation. This paper presents the results of a study intended to captu...

  14. Privacy Training Program

    Science.gov (United States)

    Recognizing that training and awareness are critical to protecting agency Personally Identifiable Information (PII), the EPA is developing online training for privacy contacts in its programs and regions.

  15. Practical Privacy Assessment

    DEFF Research Database (Denmark)

    Peen, Søren; Jansen, Thejs Willem; Jensen, Christian D.

    2008-01-01

    This chapter proposes a privacy assessment model called the Operational Privacy Assessment Model that includes organizational, operational and technical factors for the protection of personal data stored in an IT system. The factors can be evaluated in a simple scale so that not only the resulting...... graphical depiction can be easily created for an IT system, but graphical comparisons across multiple IT systems are also possible. Examples of factors presented in a Kiviat graph are also presented. This assessment tool may be used to standardize privacy assessment criteria, making it less painful...... for the management to assess privacy risks on their systems....

  16. Comparative Approaches to Biobanks and Privacy.

    Science.gov (United States)

    Rothstein, Mark A; Knoppers, Bartha Maria; Harrell, Heather L

    2016-03-01

    Laws in the 20 jurisdictions studied for this project display many similar approaches to protecting privacy in biobank research. Although few have enacted biobank-specific legislation, many countries address biobanking within other laws. All provide for some oversight mechanisms for biobank research, even though the nature of that oversight varies between jurisdictions. Most have some sort of controlled access system in place for research with biobank specimens. While broad consent models facilitate biobanking, countries without national or federated biobanks have been slow to adopt broad consent. International guidelines have facilitated sharing and generally take a proportional risk approach, but many countries have provisions guiding international sharing and a few even limit international sharing. Although privacy laws may not prohibit international collaborations, the multi-prong approach to privacy unique to each jurisdiction can complicate international sharing. These symposium issues can serve as a resource for explaining the sometimes intricate privacy laws in each studied jurisdiction, outlining the key issues with regards to privacy and biobanking, and serving to describe a framework for the process of harmonization of privacy laws. © 2016 American Society of Law, Medicine & Ethics.

  17. Beyond individual-centric privacy : Information technology in social systems

    NARCIS (Netherlands)

    Pieters, W.

    2017-01-01

    In the public debate, social implications of information technology are mainly seen through the privacy lens. Impact assessments of information technology are also often limited to privacy impact assessments, which are focused on individual rights and well-being, as opposed to the social

  18. 77 FR 64962 - Privacy Act of 1974, as Amended

    Science.gov (United States)

    2012-10-24

    ... social media, and recipients of other public relations materials issued by the CFPB about CFPB sponsored... THE BUREAU OF CONSUMER FINANCIAL PROTECTION Privacy Act of 1974, as Amended AGENCY: Bureau of Consumer Financial Protection. ACTION: Notice of Proposed Privacy Act System of Records. SUMMARY: In...

  19. 78 FR 3971 - Children's Online Privacy Protection Rule

    Science.gov (United States)

    2013-01-17

    ... functionality or content of their properties or gain greater publicity through social media in an effort to... Children's Online Privacy Protection Rule; Final Rule #0;#0;Federal Register / Vol. 78 , No. 12 / Thursday... 3084-AB20 Children's Online Privacy Protection Rule AGENCY: Federal Trade Commission (``FTC'' or...

  20. 76 FR 53420 - Privacy Act of 1974; Systems of Records

    Science.gov (United States)

    2011-08-26

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2011-OS-0097] Privacy Act of 1974... notice in its existing inventory of records systems subject to the Privacy Act of 1974, (5 U.S.C. 552a... submissions available for public viewing on the Internet at http://www.regulations.gov as they are [[Page...

  1. 77 FR 37002 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2012-06-20

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2012-OS-0072] Privacy Act of 1974... inventory of record systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES: This... available for public viewing on the Internet at http://www.regulations.gov as they are received without...

  2. 76 FR 63611 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-10-13

    ... DEPARTMENT OF DEFENSE Department of the Army [Docket ID: USA-2011-0025] Privacy Act of 1974... existing inventory of record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES... submissions available for public viewing on the Internet at http:// [[Page 63612

  3. 78 FR 43869 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2013-07-22

    ... DEPARTMENT OF DEFENSE Department of the Navy [Docket ID USN-2013-0025] Privacy Act of 1974; System... systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES: This proposed action will... submissions available for public viewing on the Internet at http://www.regulations.gov as they are received...

  4. 76 FR 66698 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-10-27

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2011-OS-0117] Privacy Act of 1974... notice from its existing inventory of record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a... submissions available for public viewing on the Internet at http://www.regulations.gov as they are received...

  5. 75 FR 52517 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2010-08-26

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID DOD-2010-OS-0117] Privacy Act of 1974... existing inventory of record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES... available for public viewing on the Internet at http://www.regulations.gov as they are received without...

  6. 77 FR 60412 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2012-10-03

    ... DEPARTMENT OF DEFENSE Department of the Army [Docket ID USA-2012-0012] Privacy Act of 1974; System... systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES: This proposed action will... submissions available for public viewing on the Internet at http://www.regulations.gov as they are received...

  7. 76 FR 70428 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-11-14

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2011-OS-0120] Privacy Act of 1974... notice from its existing inventory of record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a... submissions available for public viewing on the Internet at http://www.regulations.gov as they are received...

  8. 77 FR 37885 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2012-06-25

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID DOD-2012-OS-0074] Privacy Act of 1974... existing inventory of record systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES... available for public viewing on the Internet at http://www.regulations.gov as they are received without...

  9. 78 FR 60265 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2013-10-01

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID DoD-2013-OS-0201] Privacy Act of 1974... inventory of record systems subject to the Privacy Act of 1974, as amended. DATES: This proposed action will... submissions available for public viewing on the Internet at http://www.regulations.gov as they are received...

  10. 76 FR 60008 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-09-28

    ... DEPARTMENT OF DEFENSE Department of the Army [Docket ID USA-2011-0023] Privacy Act of 1974; System... existing inventory of record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended... submissions available for public viewing on the Internet at http://www.regulations.gov as they are received...

  11. 76 FR 82286 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-12-30

    ... DEPARTMENT OF DEFENSE Department of the Army [Docket ID USA-2011-0028] Privacy Act of 1974; System... record systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES: This proposed... available for public viewing on the Internet at http://www.regulations.gov as they are received without...

  12. 75 FR 63824 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2010-10-18

    ... DEPARTMENT OF DEFENSE Department of the Air Force [Docket ID: USAF-2010-0026] Privacy Act of 1974... inventory of record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES: This... for public viewing on the Internet at http://www.regulations.gov as they are received without change...

  13. 75 FR 65456 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2010-10-25

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2010-OS-0147] Privacy Act of 1974... existing inventory of record systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. [[Page... available for public viewing on the Internet at http://www.regulations.gov as they are received without...

  14. 77 FR 26260 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2012-05-03

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID DoD-2012-OS-0030] Privacy Act of 1974... inventory of records systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES: This... make these submissions available for public viewing on the Internet at http://www.regulations.gov as...

  15. 75 FR 3714 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2010-01-22

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2010-OS-0004] Privacy Act of 1974... its existing inventory of record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as... available for public viewing on the Internet at http://www.regulations.gov as they are received without...

  16. 76 FR 39394 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2011-07-06

    ... DEPARTMENT OF DEFENSE Department of the Navy [Docket ID USN-2011-0010] Privacy Act of 1974; System... systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended. DATES: This proposed action will... submissions available for public viewing on the Internet at http://www.regulations.gov as they are received...

  17. 75 FR 62111 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2010-10-07

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DOD-2010-OS-0140] Privacy Act of 1974... records notices in its existing inventory of record systems subject to the Privacy Act of 1974, (5 U.S.C... submissions available for public viewing on the Internet at http://www.regulations.gov as they are received...

  18. 78 FR 22525 - Privacy Act of 1974; System of Records

    Science.gov (United States)

    2013-04-16

    ... DEPARTMENT OF DEFENSE Office of the Secretary [Docket ID: DoD-2013-0057] Privacy Act of 1974... systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. DATES: This proposed action will... submissions available for public viewing on the Internet at http://www.regulations.gov as they are received...

  19. 32 CFR 806b.51 - Privacy and the Web.

    Science.gov (United States)

    2010-07-01

    ... 32 National Defense 6 2010-07-01 2010-07-01 false Privacy and the Web. 806b.51 Section 806b.51... PROGRAM Disclosing Records to Third Parties § 806b.51 Privacy and the Web. Do not post personal information on publicly accessible DoD web sites unless clearly authorized by law and implementing regulation...

  20. Comparison of two speech privacy measurements, articulation index (AI) and speech privacy noise isolation class (NIC'), in open workplaces

    Science.gov (United States)

    Yoon, Heakyung C.; Loftness, Vivian

    2002-05-01

    Lack of speech privacy has been reported to be the main dissatisfaction among occupants in open workplaces, according to workplace surveys. Two speech privacy measurements, Articulation Index (AI), standardized by the American National Standards Institute in 1969, and Speech Privacy Noise Isolation Class (NIC', Noise Isolation Class Prime), adapted from Noise Isolation Class (NIC) by U. S. General Services Administration (GSA) in 1979, have been claimed as objective tools to measure speech privacy in open offices. To evaluate which of them, normal privacy for AI or satisfied privacy for NIC', is a better tool in terms of speech privacy in a dynamic open office environment, measurements were taken in the field. AIs and NIC's in the different partition heights and workplace configurations have been measured following ASTM E1130 (Standard Test Method for Objective Measurement of Speech Privacy in Open Offices Using Articulation Index) and GSA test PBS-C.1 (Method for the Direct Measurement of Speech-Privacy Potential (SPP) Based on Subjective Judgments) and PBS-C.2 (Public Building Service Standard Method of Test Method for the Sufficient Verification of Speech-Privacy Potential (SPP) Based on Objective Measurements Including Methods for the Rating of Functional Interzone Attenuation and NC-Background), respectively.

  1. Public assessment of key performance indicators of healthcare in a Canadian province: the effect of age and chronic health problems.

    Science.gov (United States)

    Nurullah, Abu Sadat; Northcott, Herbert C; Harvey, Michael D

    2014-01-15

    This study explores the effect of age and chronic conditions on public perceptions of the health system, as measured by the Key Performance Indicators (KPIs) of healthcare, in the province of Alberta in Canada. Drawing from data collected by Government of Alberta's Department of Health and Wellness, this research examines two key questions: (1) Do people in the 65+ age group rate the KPIs of healthcare (i.e., availability, accessibility, quality, outcome, and satisfaction) more favorably compared to people in younger age groups in Alberta? (2) Does the rating of KPIs of healthcare in Alberta vary with different chronic conditions (i.e., no chronic problem, chronic illnesses without pain, and chronic pain)? The findings indicate that people in the older age group tend to rate the KPIs of healthcare more favorably compared to younger age groups in Alberta, net of socio-demographic factors, self-reported health status, and knowledge and utilization of health services. However, people experiencing chronic pain are less likely to rate the KPIs of healthcare favorably compared to people with no chronic health problem in Alberta. Discussion includes implications of the findings for the healthcare system in the province.

  2. An in-depth mixed-methods approach to Ryan White HIV/AIDS care program comprehensive needs assessment from the Northeast Georgia Public Health District: the significance of patient privacy, psychological health, and social stigma to care.

    Science.gov (United States)

    Huff, Amber; Chumbler, Neale; Cherry, Colleen O'Brien; Hill, Miranda; Veguilla, Vic

    2015-04-01

    We apply a social-ecological interpretive framework to understanding relationships among patient privacy, psychological health, social stigma, and continuity in care in the HIV treatment cascade in the rural southeastern US. This research was conducted as part of the 2013 comprehensive needs assessment for the Northeast Georgia Ryan White Consortium using an anthropologically informed mixed-methods design, and a deductive-inductive approach to thematic analysis of qualitative data obtained in interviews and focus groups with service providers and service utilizers. Our comprehensive needs assessment yielded two key components. First, we identified salient phenomena influencing introduction to, retention among, and satisfaction of patients in the Ryan White-coordinated treatment cascade in NE-GA. Second, we formulated actionable recommendations around leverage points identified in the current district-wide system of care. Results highlight spatial, institutional, and interpersonal aspects of the system of care that intersect around issues of patient privacy, psychological health, and social stigma. These intersections constitute pathways by which persons living with HIV are exposed to stigma and other negative social signals regarding their health status without sufficient access to behavioral health services. These negative issues, in turn, can erect significant barriers to long-term continuity in care. Copyright © 2015 Elsevier Ltd. All rights reserved.

  3. 77 FR 15555 - Freedom of Information Act and Privacy Act Procedures

    Science.gov (United States)

    2012-03-16

    ... Freedom of Information Act and Privacy Act Procedures AGENCY: Special Inspector General for Afghanistan... Freedom of Information Act (FOIA) and the Privacy Act of 1974. These procedures will facilitate public..., Freedom of information, Privacy. Authority and Issuance For the reasons set forth above, SIGAR establishes...

  4. 45 CFR 2508.3 - What is the Corporation's Privacy Act policy?

    Science.gov (United States)

    2010-10-01

    ... 45 Public Welfare 4 2010-10-01 2010-10-01 false What is the Corporation's Privacy Act policy? 2508... NATIONAL AND COMMUNITY SERVICE IMPLEMENTATION OF THE PRIVACY ACT OF 1974 § 2508.3 What is the Corporation's Privacy Act policy? It is the policy of the Corporation to protect, preserve, and defend the right of...

  5. Privacy in Educational Use of Social Media in the U.S.

    Science.gov (United States)

    Marek, Michael W.; Skrabut, Stan

    2017-01-01

    Few scholarly publications have addressed in detail the question of student privacy when using social media for classroom educational activities. This study combined qualitative and conceptual methodologies to explore the implications of privacy law on learning activities, using the strict Family Educational Rights Privacy Act (FERPA) in the…

  6. Development and Analyses of Privacy Management Models in Online Social Networks Based on Communication Privacy Management Theory

    Science.gov (United States)

    Lee, Ki Jung

    2013-01-01

    Online social networks (OSNs), while serving as an emerging means of communication, promote various issues of privacy. Users of OSNs encounter diverse occasions that lead to invasion of their privacy, e.g., published conversation, public revelation of their personally identifiable information, and open boundary of distinct social groups within…

  7. Privacy and Property? Multi-level Strategies for Protecting Personal Interests in Genetic Material

    OpenAIRE

    Laurie, Graeme

    2003-01-01

    The paper builds on earlier medico-legal work by Laurie on privacy in relation to genetic material. In this chapter, the author discusses not only Laurie's views as 'pro-privacy' but the limitations of privacy, particularly once information, genetic or otherwise, enters a public sphere. The article draws on cases and laws in the UK, continental Europe, and the US, to provide a comparative view in suggesting an alternative approach to privacy.

  8. Privacy enhanced recommender system

    NARCIS (Netherlands)

    Erkin, Zekeriya; Erkin, Zekeriya; Beye, Michael; Veugen, Thijs; Lagendijk, Reginald L.

    2010-01-01

    Recommender systems are widely used in online applications since they enable personalized service to the users. The underlying collaborative filtering techniques work on user’s data which are mostly privacy sensitive and can be misused by the service provider. To protect the privacy of the users, we

  9. Information Privacy Revealed

    Science.gov (United States)

    Lavagnino, Merri Beth

    2013-01-01

    Why is Information Privacy the focus of the January-February 2013 issue of "EDUCAUSE Review" and "EDUCAUSE Review Online"? Results from the 2012 annual survey of the International Association of Privacy Professionals (IAPP) indicate that "meeting regulatory compliance requirements continues to be the top perceived driver…

  10. Privacy Metrics and Boundaries

    NARCIS (Netherlands)

    L-F. Pau (Louis-François)

    2005-01-01

    textabstractThis paper aims at defining a set of privacy metrics (quantitative and qualitative) in the case of the relation between a privacy protector ,and an information gatherer .The aims with such metrics are: -to allow to assess and compare different user scenarios and their differences; for

  11. Privacy under construction : A developmental perspective on privacy perception

    NARCIS (Netherlands)

    Steijn, W.M.P.; Vedder, A.H.

    2015-01-01

    We present a developmental perspective regarding the difference in perceptions toward privacy between young and old. Here, we introduce the notion of privacy conceptions, that is, the specific ideas that individuals have regarding what privacy actually is. The differences in privacy concerns often

  12. Freedom and privacy in ambient intelligence

    NARCIS (Netherlands)

    Brey, Philip A.E.

    2006-01-01

    This paper analyzes ethical aspects of the new paradigm of Ambient Intelligence, which is a combination of Ubiquitous Computing and Intelligent User Interfaces (IUI’s). After an introduction to the approach, two key ethical dimensions will be analyzed: freedom and privacy. It is argued that Ambient

  13. Protecting privacy in data release

    CERN Document Server

    Livraga, Giovanni

    2015-01-01

    This book presents a comprehensive approach to protecting sensitive information when large data collections are released by their owners. It addresses three key requirements of data privacy: the protection of data explicitly released, the protection of information not explicitly released but potentially vulnerable due to a release of other data, and the enforcement of owner-defined access restrictions to the released data. It is also the first book with a complete examination of how to enforce dynamic read and write access authorizations on released data, applicable to the emerging data outsou

  14. A Certificate Authority (CA-based cryptographic solution for HIPAA privacy/security regulations

    Directory of Open Access Journals (Sweden)

    Sangram Ray

    2014-07-01

    Full Text Available The Health Insurance Portability and Accountability Act (HIPAA passed by the US Congress establishes a number of privacy/security regulations for e-healthcare systems. These regulations support patients’ medical privacy and secure exchange of PHI (protected health information among medical practitioners. Three existing HIPAA-based schemes have been studied but appear to be ineffective as patients’ PHI is stored in smartcards. Moreover, carrying a smartcard during a treatment session and accessing PHI from different locations results in restrictions. In addition, authentication of the smartcard presenter would not be possible if the PIN is compromised. In this context, we propose an MCS (medical center server should be located at each hospital and accessed via the Internet for secure handling of patients’ PHI. All entities of the proposed e-health system register online with the MCS, and each entity negotiates a contributory registration key, where public-key certificates issued and maintained by CAs are used for authentication. Prior to a treatment session, a doctor negotiates a secret session key with MCS and uploads/retrieves patients’ PHI securely. The proposed scheme has five phases, which have been implemented in a secure manner for supporting HIPAA privacy/security regulations. Finally, the security aspects, computation and communication costs of the scheme are analyzed and compared with existing methods that display satisfactory performance.

  15. Method and system for normalizing biometric variations to authenticate users from a public database and that ensures individual biometric data privacy

    Science.gov (United States)

    Strait, Robert S.; Pearson, Peter K.; Sengupta, Sailes K.

    2000-01-01

    A password system comprises a set of codewords spaced apart from one another by a Hamming distance (HD) that exceeds twice the variability that can be projected for a series of biometric measurements for a particular individual and that is less than the HD that can be encountered between two individuals. To enroll an individual, a biometric measurement is taken and exclusive-ORed with a random codeword to produce a "reference value." To verify the individual later, a biometric measurement is taken and exclusive-ORed with the reference value to reproduce the original random codeword or its approximation. If the reproduced value is not a codeword, the nearest codeword to it is found, and the bits that were corrected to produce the codeword to it is found, and the bits that were corrected to produce the codeword are also toggled in the biometric measurement taken and the codeword generated during enrollment. The correction scheme can be implemented by any conventional error correction code such as Reed-Muller code R(m,n). In the implementation using a hand geometry device an R(2,5) code has been used in this invention. Such codeword and biometric measurement can then be used to see if the individual is an authorized user. Conventional Diffie-Hellman public key encryption schemes and hashing procedures can then be used to secure the communications lines carrying the biometric information and to secure the database of authorized users.

  16. Method and system for normalizing biometric variations to authenticate users from a public database and that ensures individual biometric data privacy

    International Nuclear Information System (INIS)

    Strait, R.S.; Pearson, P.K.; Sengupta, S.K.

    2000-01-01

    A password system comprises a set of codewords spaced apart from one another by a Hamming distance (HD) that exceeds twice the variability that can be projected for a series of biometric measurements for a particular individual and that is less than the HD that can be encountered between two individuals. To enroll an individual, a biometric measurement is taken and exclusive-ORed with a random codeword to produce a reference value. To verify the individual later, a biometric measurement is taken and exclusive-ORed with the reference value to reproduce the original random codeword or its approximation. If the reproduced value is not a codeword, the nearest codeword to it is found, and the bits that were corrected to produce the codeword to it is found, and the bits that were corrected to produce the codeword are also toggled in the biometric measurement taken and the codeword generated during enrollment. The correction scheme can be implemented by any conventional error correction code such as Reed-Muller code R(m,n). In the implementation using a hand geometry device an R(2,5) code has been used in this invention. Such codeword and biometric measurement can then be used to see if the individual is an authorized user. Conventional Diffie-Hellman public key encryption schemes and hashing procedures can then be used to secure the communications lines carrying the biometric information and to secure the database of authorized users

  17. Video Surveillance: Privacy Issues and Legal Compliance

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim; Jensen, Christian D.

    2015-01-01

    Pervasive usage of video surveillance is rapidly increasing in developed countries. Continuous security threats to public safety demand use of such systems. Contemporary video surveillance systems offer advanced functionalities which threaten the privacy of those recorded in the video. There is a...

  18. Randomization Based Privacy Preserving Categorical Data Analysis

    Science.gov (United States)

    Guo, Ling

    2010-01-01

    The success of data mining relies on the availability of high quality data. To ensure quality data mining, effective information sharing between organizations becomes a vital requirement in today's society. Since data mining often involves sensitive information of individuals, the public has expressed a deep concern about their privacy.…

  19. Security, privacy and ethics in electronic records management in the ...

    African Journals Online (AJOL)

    Security, privacy and ethics in electronic records management in the South African public sector. ... Computers have become such valuable tools for conducting business ... One great advantage of the computers is the ease with which a large

  20. Privacy, Time Consistent Optimal Labour Income Taxation and Education Policy

    OpenAIRE

    Konrad, Kai A.

    1999-01-01

    Incomplete information is a commitment device for time consistency problems. In the context of time consistent labour income taxation privacy reduces welfare losses and increases the effectiveness of public education as a second best policy.

  1. Web Security, Privacy & Commerce

    CERN Document Server

    Garfinkel, Simson

    2011-01-01

    Since the first edition of this classic reference was published, World Wide Web use has exploded and e-commerce has become a daily part of business and personal life. As Web use has grown, so have the threats to our security and privacy--from credit card fraud to routine invasions of privacy by marketers to web site defacements to attacks that shut down popular web sites. Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Exp

  2. Privacy in Social Networks

    CERN Document Server

    Zheleva, Elena

    2012-01-01

    This synthesis lecture provides a survey of work on privacy in online social networks (OSNs). This work encompasses concerns of users as well as service providers and third parties. Our goal is to approach such concerns from a computer-science perspective, and building upon existing work on privacy, security, statistical modeling and databases to provide an overview of the technical and algorithmic issues related to privacy in OSNs. We start our survey by introducing a simple OSN data model and describe common statistical-inference techniques that can be used to infer potentially sensitive inf

  3. Valuating Privacy with Option Pricing Theory

    Science.gov (United States)

    Berthold, Stefan; Böhme, Rainer

    One of the key challenges in the information society is responsible handling of personal data. An often-cited reason why people fail to make rational decisions regarding their own informational privacy is the high uncertainty about future consequences of information disclosures today. This chapter builds an analogy to financial options and draws on principles of option pricing to account for this uncertainty in the valuation of privacy. For this purpose, the development of a data subject's personal attributes over time and the development of the attribute distribution in the population are modeled as two stochastic processes, which fit into the Binomial Option Pricing Model (BOPM). Possible applications of such valuation methods to guide decision support in future privacy-enhancing technologies (PETs) are sketched.

  4. Toward privacy-preserving JPEG image retrieval

    Science.gov (United States)

    Cheng, Hang; Wang, Jingyue; Wang, Meiqing; Zhong, Shangping

    2017-07-01

    This paper proposes a privacy-preserving retrieval scheme for JPEG images based on local variance. Three parties are involved in the scheme: the content owner, the server, and the authorized user. The content owner encrypts JPEG images for privacy protection by jointly using permutation cipher and stream cipher, and then, the encrypted versions are uploaded to the server. With an encrypted query image provided by an authorized user, the server may extract blockwise local variances in different directions without knowing the plaintext content. After that, it can calculate the similarity between the encrypted query image and each encrypted database image by a local variance-based feature comparison mechanism. The authorized user with the encryption key can decrypt the returned encrypted images with plaintext content similar to the query image. The experimental results show that the proposed scheme not only provides effective privacy-preserving retrieval service but also ensures both format compliance and file size preservation for encrypted JPEG images.

  5. Effective Privacy-Preserving Online Route Planning

    DEFF Research Database (Denmark)

    Vicente, Carmen Ruiz; Assent, Ira; Jensen, Christian S.

    2011-01-01

    An online Route Planning Service (RPS) computes a route from one location to another. Current RPSs such as Google Maps require the use of precise locations. However, some users may not want to disclose their source and destination locations due to privacy concerns. An approach that supplies fake...... privacy. The solution re-uses a standard online RPS rather than replicate this functionality, and it needs no trusted third party. The solution is able to compute the exact results without leaking of the exact locations to the RPS or un-trusted parties. In addition, we provide heuristics that reduce...... the number of times that the RPS needs to be queried, and we also describe how the accuracy and privacy requirements can be relaxed to achieve better performance. An empirical study offers insight into key properties of the approach....

  6. Scalable privacy-preserving data sharing methodology for genome-wide association studies: an application to iDASH healthcare privacy protection challenge.

    Science.gov (United States)

    Yu, Fei; Ji, Zhanglong

    2014-01-01

    In response to the growing interest in genome-wide association study (GWAS) data privacy, the Integrating Data for Analysis, Anonymization and SHaring (iDASH) center organized the iDASH Healthcare Privacy Protection Challenge, with the aim of investigating the effectiveness of applying privacy-preserving methodologies to human genetic data. This paper is based on a submission to the iDASH Healthcare Privacy Protection Challenge. We apply privacy-preserving methods that are adapted from Uhler et al. 2013 and Yu et al. 2014 to the challenge's data and analyze the data utility after the data are perturbed by the privacy-preserving methods. Major contributions of this paper include new interpretation of the χ2 statistic in a GWAS setting and new results about the Hamming distance score, a key component for one of the privacy-preserving methods.

  7. New threats to health data privacy

    Directory of Open Access Journals (Sweden)

    Li Fengjun

    2011-11-01

    Full Text Available Abstract Background Along with the rapid digitalization of health data (e.g. Electronic Health Records, there is an increasing concern on maintaining data privacy while garnering the benefits, especially when the data are required to be published for secondary use. Most of the current research on protecting health data privacy is centered around data de-identification and data anonymization, which removes the identifiable information from the published health data to prevent an adversary from reasoning about the privacy of the patients. However, published health data is not the only source that the adversaries can count on: with a large amount of information that people voluntarily share on the Web, sophisticated attacks that join disparate information pieces from multiple sources against health data privacy become practical. Limited efforts have been devoted to studying these attacks yet. Results We study how patient privacy could be compromised with the help of today’s information technologies. In particular, we show that private healthcare information could be collected by aggregating and associating disparate pieces of information from multiple online data sources including online social networks, public records and search engine results. We demonstrate a real-world case study to show user identity and privacy are highly vulnerable to the attribution, inference and aggregation attacks. We also show that people are highly identifiable to adversaries even with inaccurate information pieces about the target, with real data analysis. Conclusion We claim that too much information has been made available electronic and available online that people are very vulnerable without effective privacy protection.

  8. Privacy in the Internet: Myth or reality

    Directory of Open Access Journals (Sweden)

    Mikarić Bratislav

    2016-01-01

    Full Text Available The present time, unthinkable without using Internet - from e-mail, through social networks, cloud services, GPS, to YouTube and mobile computing in business, as well as on a private level, poses a question: Is there a way to protect data and their privacy on the Internet? What are the ways to control what personal information we will publicly share with others and is there a safe way to protect privacy on the world's global computer network? The paper gives an overview of the situation in the field, as well as tips for achieving the desired level of data protection.

  9. Governing the internet in the privacy arena

    Directory of Open Access Journals (Sweden)

    Carsten Ochs

    2016-09-01

    Full Text Available The surveillance disclosures triggered by Snowden have fueled the public re-negotiation of privacy. To follow resulting controversies we present a methodology that links social worlds theory to approaches asking for the democratic governance character of issue-centred arenas. After having outlined this approach it is put to the test. We analyse and compare two cases: the Schengen/National Routing, and the Parliamentary Committee investigating the NSA surveillance disclosures. The analysis reveals two oscillating governance modes at work in the privacy arena; their interplay results in an obstruction. Based on this observation we finally provide a diagnosis of possible future arena trajectories.

  10. Reward-based spatial crowdsourcing with differential privacy preservation

    Science.gov (United States)

    Xiong, Ping; Zhang, Lefeng; Zhu, Tianqing

    2017-11-01

    In recent years, the popularity of mobile devices has transformed spatial crowdsourcing (SC) into a novel mode for performing complicated projects. Workers can perform tasks at specified locations in return for rewards offered by employers. Existing methods ensure the efficiency of their systems by submitting the workers' exact locations to a centralised server for task assignment, which can lead to privacy violations. Thus, implementing crowsourcing applications while preserving the privacy of workers' location is a key issue that needs to be tackled. We propose a reward-based SC method that achieves acceptable utility as measured by task assignment success rates, while efficiently preserving privacy. A differential privacy model ensures rigorous privacy guarantee, and Laplace noise is introduced to protect workers' exact locations. We then present a reward allocation mechanism that adjusts each piece of the reward for a task using the distribution of the workers' locations. Through experimental results, we demonstrate that this optimised-reward method is efficient for SC applications.

  11. Privacy and Security Research Group workshop on network and distributed system security: Proceedings

    Energy Technology Data Exchange (ETDEWEB)

    1993-05-01

    This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

  12. National Privacy Research Strategy

    Data.gov (United States)

    Networking and Information Technology Research and Development, Executive Office of the President — On July 1, NITRD released the National Privacy Research Strategy. Research agencies across government participated in the development of the strategy, reviewing...

  13. Cybersecurity and Privacy

    DEFF Research Database (Denmark)

    he huge potential in future connected services has as a precondition that privacy and security needs are dealt with in order for new services to be accepted. This issue is increasingly on the agenda both at the company and at individual level. Cybersecurity and Privacy – bridging the gap addresses...... two very complex fields of the digital world, i.e., Cybersecurity and Privacy. These multifaceted, multidisciplinary and complex issues are usually understood and valued differently by different individuals, data holders and legal bodies. But a change in one field immediately affects the others....... Policies, frameworks, strategies, laws, tools, techniques, and technologies – all of these are tightly interwoven when it comes to security and privacy. This book is another attempt to bridge the gap between the industry and academia. The book addresses the views from academia and industry on the subject...

  14. Privacy for Sale?

    DEFF Research Database (Denmark)

    Sørensen, Lene Tolstrup; Sørensen, Jannick Kirk; Khajuria, Samant

    Data brokers have become central players in the collection online of private user data. Data brokers’ activities are however not very transparent or even known by users. Many users regard privacy a central element when they use online services. Based on 12 short interviews with users, this paper...... analyses how users perceive the concept of online privacy in respect to data brokers col- lection of private data, and particularly novel services that offer users the possi- bility to sell their private data. Two groups of users are identified: Those who are considering selling their data under specific...... conditions, and those who reject the idea completely. Based on the literature we identify two positions to privacy either as an instrumental good, or as an intrinsic good. The paper positions vari- ous user perceptions on privacy that are relevant for future service develop- ment....

  15. Exercising privacy rights in medical science.

    Science.gov (United States)

    Hillmer, Michael; Redelmeier, Donald A

    2007-12-04

    Privacy laws are intended to preserve human well-being and improve medical outcomes. We used the Sportstats website, a repository of competitive athletic data, to test how easily these laws can be circumvented. We designed a haphazard, unrepresentative case-series analysis and applied unscientific methods based on an Internet connection and idle time. We found it both feasible and titillating to breach anonymity, stockpile personal information and generate misquotations. We extended our methods to snoop on celebrities, link to outside databases and uncover refusal to participate. Throughout our study, we evaded capture and public humiliation despite violating these 6 privacy fundamentals. We suggest that the legitimate principle of safeguarding personal privacy is undermined by the natural human tendency toward showing off.

  16. Privacy policies for health social networking sites

    Science.gov (United States)

    Li, Jingquan

    2013-01-01

    Health social networking sites (HSNS), virtual communities where users connect with each other around common problems and share relevant health data, have been increasingly adopted by medical professionals and patients. The growing use of HSNS like Sermo and PatientsLikeMe has prompted public concerns about the risks that such online data-sharing platforms pose to the privacy and security of personal health data. This paper articulates a set of privacy risks introduced by social networking in health care and presents a practical example that demonstrates how the risks might be intrinsic to some HSNS. The aim of this study is to identify and sketch the policy implications of using HSNS and how policy makers and stakeholders should elaborate upon them to protect the privacy of online health data. PMID:23599228

  17. Privacy policies for health social networking sites.

    Science.gov (United States)

    Li, Jingquan

    2013-01-01

    Health social networking sites (HSNS), virtual communities where users connect with each other around common problems and share relevant health data, have been increasingly adopted by medical professionals and patients. The growing use of HSNS like Sermo and PatientsLikeMe has prompted public concerns about the risks that such online data-sharing platforms pose to the privacy and security of personal health data. This paper articulates a set of privacy risks introduced by social networking in health care and presents a practical example that demonstrates how the risks might be intrinsic to some HSNS. The aim of this study is to identify and sketch the policy implications of using HSNS and how policy makers and stakeholders should elaborate upon them to protect the privacy of online health data.

  18. Privacy-leakage codes for biometric authentication systems

    NARCIS (Netherlands)

    Ignatenko, T.; Willems, F.M.J.

    2014-01-01

    In biometric privacy-preserving authentication systems that are based on key-binding, two terminals observe two correlated biometric sequences. The first terminal selects a secret key, which is independent of the biometric data, binds this secret key to the observed biometric sequence and

  19. Perspectives on key principles of generalist medical practice in public service in sub-saharan africa: a qualitative study

    Directory of Open Access Journals (Sweden)

    Downing Raymond V

    2011-07-01

    Full Text Available Abstract Background The principles and practice of Family Medicine that arose in developed Western countries have been imported and adopted in African countries without adequate consideration of their relevance and appropriateness to the African context. In this study we attempted to elicit a priori principles of generalist medical practice from the experience of long-serving medical officers in a variety of African counties, through which we explored emergent principles of Family Medicine in our own context. Methods A descriptive study design was utilized, using qualitative methods. 16 respondents who were clinically active medical practitioners, working as generalists in the public services or non-profit sector for at least 5 years, and who had had no previous formal training or involvement in academic Family Medicine, were purposively selected in 8 different countries in southern, western and east Africa, and interviewed. Results The respondents highlighted a number of key issues with respect to the external environment within which they work, their collective roles, activities and behaviours, as well as the personal values and beliefs that motivate their behaviour. The context is characterized by resource constraints, high workload, traditional health beliefs, and the difficulty of referring patients to the next level of care. Generalist clinicians in sub-Saharan Africa need to be competent across a wide range of clinical disciplines and procedural skills at the level of the district hospital and clinic, in both chronic and emergency care. They need to understand the patient's perspective and context, empowering the patient and building an effective doctor-patient relationship. They are also managers, focused on coordinating and improving the quality of clinical care through teamwork, training and mentoring other health workers in the generalist setting, while being life-long learners themselves. However, their role in the community, was

  20. Introduction of Renal Key Performance Indicators Associated with Increased Uptake of Peritoneal Dialysis in a Publicly Funded Health Service.

    Science.gov (United States)

    Toussaint, Nigel D; McMahon, Lawrence P; Dowling, Gregory; Holt, Stephen G; Smith, Gillian; Safe, Maria; Knight, Richard; Fair, Kathleen; Linehan, Leanne; Walker, Rowan G; Power, David A

    2017-01-01

    ♦ BACKGROUND: Increased demand for treatment of end-stage kidney disease has largely been accommodated by a costly increase in satellite hemodialysis (SHD) in most jurisdictions. In the Australian State of Victoria, a marked regional variation in the uptake of home-based dialysis suggests that use of home therapies could be increased as an alternative to SHD. An earlier strategy based solely on increased remuneration had failed to increase uptake of home therapies. Therefore, the public dialysis funder adopted the incidence and prevalence of home-based dialysis therapies as a key performance indicator (KPI) for its health services to encourage greater uptake of home therapies. ♦ METHODS: A KPI data collection and bench-marking program was established in 2012 by the Victorian Department of Health and Human Services, with data provided monthly by all renal units in Victoria using a purpose-designed website portal. A KPI Working Group was responsible for analyzing data each quarter and ensuring indicators remained accurate and relevant and each KPI had clear definitions and targets. We present a prospective, observational study of all dialysis patients in Victoria over a 4-year period following the introduction of the renal KPI program, with descriptive analyses to evaluate the proportion of patients using home therapies as well as home dialysis modality survival. ♦ RESULTS: Following the introduction of the KPI program, the net growth of dialysis patient numbers in Victoria remained stable over 4 years, at 75 - 80 per year (approximately 4%). However, unlike the previous decade, about 40% of this growth was through an increase in home dialysis, which was almost exclusively peritoneal dialysis (PD). The increase was identified particularly in the young (20 - 49) and the elderly (> 80). Disappointingly, however, 67% of these incident patients ceased PD within 2 years of commencement, 46% of whom transferred to SHD. ♦ CONCLUSIONS: Introduction of a KPI program

  1. Enabling secure and privacy preserving communications in smart grids

    CERN Document Server

    Li, Hongwei

    2014-01-01

    This brief focuses on the current research on security and privacy preservation in smart grids. Along with a review of the existing works, this brief includes fundamental system models, possible frameworks, useful performance, and future research directions. It explores privacy preservation demand response with adaptive key evolution, secure and efficient Merkle tree based authentication, and fine-grained keywords comparison in the smart grid auction market. By examining the current and potential security and privacy threats, the author equips readers to understand the developing issues in sma

  2. Key-Alternating Ciphers in a Provable Setting: Encryption Using a Small Number of Public Permutations (Extended Abstract)

    DEFF Research Database (Denmark)

    Bogdanov, Andrey; Knudsen, L.R.; Leander, Gregor

    2012-01-01

    show that the distribution of Fourier coefficients for the cipher over all keys is close to ideal. Lastly, we define a practical instance of the construction with t = 2 using AES referred to as AES2. Any attack on AES2 with complexity below 285 will have to make use of AES with a fixed known key...

  3. 78 FR 46686 - Privacy Act of 1974; Treasury/United States Mint .013-United States Mint National Electronic...

    Science.gov (United States)

    2013-08-01

    ... available publicly. FOR FURTHER INFORMATION CONTACT: For general questions and privacy issues, please... DEPARTMENT OF THE TREASURY Privacy Act of 1974; Treasury/United States Mint .013--United States... Privacy Act of 1974, as amended, 5 U.S.C. 552a, the Department of the Treasury (``Treasury'') and the...

  4. 75 FR 7648 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of Veterans Affairs...

    Science.gov (United States)

    2010-02-22

    ... Computer Matching and Privacy Protection Act of 1988 (Public Law (Pub. L.) 100-503), amended the Privacy... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2010-0006] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Department of Veterans Affairs/Veterans Benefits Administration (VA/ VBA...

  5. Information Privacy: Culture, Legislation and User Attitudes

    Directory of Open Access Journals (Sweden)

    Sophie Cockcroft

    2006-11-01

    Full Text Available Information privacy has received much public and research interest in recent years. Globally this has arisen from public anxiety following the September 11 attacks and within Australia a progressive tightening of privacy legislation in particular the privacy amendment (private sector Act of 2000 which became operative in 2001. This paper presents the results of a study into attitudes towards information privacy. Based on an instrument developed and validated by Smith et al (1996a this study sets out to measure individual concerns regarding organisational use of information along four dimensions: collection, errors, unauthorised secondary use, and improper access. The survey was completed by 67 undergraduate and postgraduate students enrolled in an e-commerce security subject at the University of Queensland. Comparisons are drawn between the results of this study and an identical one carried out at the University of North Alabama. Whilst it is too early to draw conclusions about the impact of these attitudes on the success of e-commerce in general, the results should be of interest to those within universities seeking to expand the use of networking technologies for handling sensitive information such as enrolment and fee processing (Vanscoy & Oakleaf 2003

  6. An informational theory of privacy

    NARCIS (Netherlands)

    Schottmuller, C.; Jann, Ole

    2016-01-01

    We develop a theory that explains how and when privacy can increase welfare. Without privacy, some individuals misrepresent their preferences, because they will otherwise be statistically discriminated against. This "chilling effect" hurts them individually, and impairs information aggregation. The

  7. Privacy-related context information for ubiquitous health.

    Science.gov (United States)

    Seppälä, Antto; Nykänen, Pirkko; Ruotsalainen, Pekka

    2014-03-11

    Ubiquitous health has been defined as a dynamic network of interconnected systems. A system is composed of one or more information systems, their stakeholders, and the environment. These systems offer health services to individuals and thus implement ubiquitous computing. Privacy is the key challenge for ubiquitous health because of autonomous processing, rich contextual metadata, lack of predefined trust among participants, and the business objectives. Additionally, regulations and policies of stakeholders may be unknown to the individual. Context-sensitive privacy policies are needed to regulate information processing. Our goal was to analyze privacy-related context information and to define the corresponding components and their properties that support privacy management in ubiquitous health. These properties should describe the privacy issues of information processing. With components and their properties, individuals can define context-aware privacy policies and set their privacy preferences that can change in different information-processing situations. Scenarios and user stories are used to analyze typical activities in ubiquitous health to identify main actors, goals, tasks, and stakeholders. Context arises from an activity and, therefore, we can determine different situations, services, and systems to identify properties for privacy-related context information in information-processing situations. Privacy-related context information components are situation, environment, individual, information technology system, service, and stakeholder. Combining our analyses and previously identified characteristics of ubiquitous health, more detailed properties for the components are defined. Properties define explicitly what context information for different components is needed to create context-aware privacy policies that can control, limit, and constrain information processing. With properties, we can define, for example, how data can be processed or how components

  8. Privacy-Related Context Information for Ubiquitous Health

    Science.gov (United States)

    Nykänen, Pirkko; Ruotsalainen, Pekka

    2014-01-01

    Background Ubiquitous health has been defined as a dynamic network of interconnected systems. A system is composed of one or more information systems, their stakeholders, and the environment. These systems offer health services to individuals and thus implement ubiquitous computing. Privacy is the key challenge for ubiquitous health because of autonomous processing, rich contextual metadata, lack of predefined trust among participants, and the business objectives. Additionally, regulations and policies of stakeholders may be unknown to the individual. Context-sensitive privacy policies are needed to regulate information processing. Objective Our goal was to analyze privacy-related context information and to define the corresponding components and their properties that support privacy management in ubiquitous health. These properties should describe the privacy issues of information processing. With components and their properties, individuals can define context-aware privacy policies and set their privacy preferences that can change in different information-processing situations. Methods Scenarios and user stories are used to analyze typical activities in ubiquitous health to identify main actors, goals, tasks, and stakeholders. Context arises from an activity and, therefore, we can determine different situations, services, and systems to identify properties for privacy-related context information in information-processing situations. Results Privacy-related context information components are situation, environment, individual, information technology system, service, and stakeholder. Combining our analyses and previously identified characteristics of ubiquitous health, more detailed properties for the components are defined. Properties define explicitly what context information for different components is needed to create context-aware privacy policies that can control, limit, and constrain information processing. With properties, we can define, for example, how

  9. Privacy in social networking sites

    OpenAIRE

    Λεονάρδος, Γεώργιος; Leonardos, Giorgos

    2016-01-01

    The purpose of this study is to explore the aspects of privacy over the use of social networks web sites. More specific, we will show the types of social networks, their privacy mechanisms that are different in each social network site, their privacy options that are offered to users. We will report some serious privacy violations incidents of the most popular social networks sites such as Facebook, Twitter, LinkedIn. Also, we will report some important surveys about social networks and pr...

  10. Policy recommendations for addressing privacy challenges associated with cell-based research and interventions.

    Science.gov (United States)

    Ogbogu, Ubaka; Burningham, Sarah; Ollenberger, Adam; Calder, Kathryn; Du, Li; El Emam, Khaled; Hyde-Lay, Robyn; Isasi, Rosario; Joly, Yann; Kerr, Ian; Malin, Bradley; McDonald, Michael; Penney, Steven; Piat, Gayle; Roy, Denis-Claude; Sugarman, Jeremy; Vercauteren, Suzanne; Verhenneman, Griet; West, Lori; Caulfield, Timothy

    2014-02-03

    The increased use of human biological material for cell-based research and clinical interventions poses risks to the privacy of patients and donors, including the possibility of re-identification of individuals from anonymized cell lines and associated genetic data. These risks will increase as technologies and databases used for re-identification become affordable and more sophisticated. Policies that require ongoing linkage of cell lines to donors' clinical information for research and regulatory purposes, and existing practices that limit research participants' ability to control what is done with their genetic data, amplify the privacy concerns. To date, the privacy issues associated with cell-based research and interventions have not received much attention in the academic and policymaking contexts. This paper, arising out of a multi-disciplinary workshop, aims to rectify this by outlining the issues, proposing novel governance strategies and policy recommendations, and identifying areas where further evidence is required to make sound policy decisions. The authors of this paper take the position that existing rules and norms can be reasonably extended to address privacy risks in this context without compromising emerging developments in the research environment, and that exceptions from such rules should be justified using a case-by-case approach. In developing new policies, the broader framework of regulations governing cell-based research and related areas must be taken into account, as well as the views of impacted groups, including scientists, research participants and the general public. This paper outlines deliberations at a policy development workshop focusing on privacy challenges associated with cell-based research and interventions. The paper provides an overview of these challenges, followed by a discussion of key themes and recommendations that emerged from discussions at the workshop. The paper concludes that privacy risks associated with cell

  11. Privacy in an Ambient World

    NARCIS (Netherlands)

    Dekker, M.A.C.; Etalle, Sandro; den Hartog, Jeremy

    Privacy is a prime concern in today's information society. To protect the privacy of individuals, enterprises must follow certain privacy practices, while collecting or processing personal data. In this chapter we look at the setting where an enterprise collects private data on its website,

  12. 76 FR 59073 - Privacy Act

    Science.gov (United States)

    2011-09-23

    ... CENTRAL INTELLIGENCE AGENCY 32 CFR Part 1901 Privacy Act AGENCY: Central Intelligence Agency. ACTION: Proposed rule. SUMMARY: Consistent with the Privacy Act (PA), the Central Intelligence Agency...-1379. SUPPLEMENTARY INFORMATION: Consistent with the Privacy Act (PA), the CIA has undertaken and...

  13. Designing Privacy-by-Design

    NARCIS (Netherlands)

    Rest, J.H.C. van; Boonstra, D.; Everts, M.H.; Rijn, M. van; Paassen, R.J.G. van

    2014-01-01

    The proposal for a new privacy regulation d.d. January 25th 2012 introduces sanctions of up to 2% of the annual turnover of enterprises. This elevates the importance of mitigation of privacy risks. This paper makes Privacy by Design more concrete, and positions it as the mechanism to mitigate these

  14. Security and Privacy Analyses of Internet of Things Toys

    OpenAIRE

    Chu, Gordon; Apthorpe, Noah; Feamster, Nick

    2018-01-01

    This paper investigates the security and privacy of Internet-connected children's smart toys through case studies of three commercially-available products. We conduct network and application vulnerability analyses of each toy using static and dynamic analysis techniques, including application binary decompilation and network monitoring. We discover several publicly undisclosed vulnerabilities that violate the Children's Online Privacy Protection Rule (COPPA) as well as the toys' individual pr...

  15. MPH education for the 21st century: motivation, rationale, and key principles for the new Columbia public health curriculum.

    Science.gov (United States)

    Fried, Linda P; Begg, Melissa D; Bayer, Ronald; Galea, Sandro

    2014-01-01

    Public health is at a watershed moment. The world's health needs are changing, and complex problems require interdisciplinary approaches and systems-based solutions. Our longer lives and changing environments necessitate life-course and structural approaches to prevention. This argues strongly for public health graduate education that adequately prepares trainees to tackle emerging challenges and to lead now and in the future. Nearly a century of scholarship and scientific advances may offer a blueprint for training the next generation of public health leaders. We articulate a case for change; discuss some of the foundational principles that should guide public health education; and discuss what such a change might look like building on prior scholarship, on the examples set by other disciplines, and on our own experience.

  16. MPH Education for the 21st Century: Motivation, Rationale, and Key Principles for the New Columbia Public Health Curriculum

    Science.gov (United States)

    Fried, Linda P.; Begg, Melissa D.; Bayer, Ronald

    2014-01-01

    Public health is at a watershed moment. The world’s health needs are changing, and complex problems require interdisciplinary approaches and systems-based solutions. Our longer lives and changing environments necessitate life-course and structural approaches to prevention. This argues strongly for public health graduate education that adequately prepares trainees to tackle emerging challenges and to lead now and in the future. Nearly a century of scholarship and scientific advances may offer a blueprint for training the next generation of public health leaders. We articulate a case for change; discuss some of the foundational principles that should guide public health education; and discuss what such a change might look like building on prior scholarship, on the examples set by other disciplines, and on our own experience. PMID:24228646

  17. Public debates - key issue in the environmental licensing process for the completion of the Cernavoda NPP Unit 2

    International Nuclear Information System (INIS)

    Rotaru, Ioan; Jelev, Adrian

    2003-01-01

    SN 'NUCLEARELECTRICA' S.A., the owner of Cernavoda NPP, organized, in 2001, several public consultations related to environmental impact of the completion of the Cernavoda NPP Unit 2, as required by the Romanian environmental law, part of project approval. Public consultations on the environmental assessment for the completion of the Cernavoda NPP - Unit 2 took place in 2001 between August 15 and September 21 in accordance with the provisions of Law No. 137/95 and Order No. 125/96. Romanian environmental legislation, harmonization of national environmental legislation with European Union, Romanian legislative requirements, information distributed to the public, issues raised and follow-up, they all are topics highlighted by this paper and they are addressing the environmental licensing process of the Cernavoda 2 NPP. The public consultation process described fulfils all the Romanian requirements for carrying out meaningful consultation with its relevant shareholders. The process also satisfies EDC (Export Development Corporation - Canada) requirements for public consultation and disclosure with relevant shareholders in the host country. SNN is fully committed to consulting as necessary with relevant shareholders throughout the construction and operation of the Project. Concerns of the public have been taken into account with the operations of Unit 1 and will continue to be addressed during the Unit 2 Project

  18. Waste Oriented Innovation Culture-Transparency-Public Trust Cycle : Success Key for Nuclear Facility Management in Indonesia

    International Nuclear Information System (INIS)

    Susetyo Hario Putero; Haryono B Santosa

    2007-01-01

    Radioactive matter that is a primary material in a nuclear facility, including nuclear power generation, is a part of hazardous materials. Its existence will lead a controversy, although the precise management system for handling it is available. Public sometimes reject the nuclear technology due to the lack of understanding and wrong perception on that technology, especially the radioactive waste treatment. So, strategies should be designed for correcting public perception, until public acceptance on utilization of nuclear technology in Indonesia increase. The innovation development on radioactive waste management was studied by observing and interviewing managements and operators of Japan Atomic Energy Agency (JAEA), Japan. The constructing of concept was based on study result. Based on assumption that the current state of the radioactive waste treatment is suitable and there is serious improvement of technology, therefore systematic and precise oriented corrective efforts of public perception could be done. Transparency, intensive communication, and public participation that show responsible action for emerging mutual trust are basic of strategy that should be developed. High level public acceptance on utilization of nuclear technology is expected to be able for stimulating and supporting sustainable technology innovation culture. (author)

  19. Privacy Bridges: EU and US Privacy Experts In Search of Transatlantic Privacy Solutions

    NARCIS (Netherlands)

    Abramatic, J.-F.; Bellamy, B.; Callahan, M.E.; Cate, F.; van Eecke, P.; van Eijk, N.; Guild, E.; de Hert, P.; Hustinx, P.; Kuner, C.; Mulligan, D.; O'Connor, N.; Reidenberg, J.; Rubinstein, I.; Schaar, P.; Shadbolt, N.; Spiekermann, S.; Vladeck, D.; Weitzner, D.J.; Zuiderveen Borgesius, F.; Hagenauw, D.; Hijmans, H.

    2015-01-01

    The EU and US share a common commitment to privacy protection as a cornerstone of democracy. Following the Treaty of Lisbon, data privacy is a fundamental right that the European Union must proactively guarantee. In the United States, data privacy derives from constitutional protections in the

  20. Finding privacy from a public death: a qualitative exploration of how a dedicated space for end-of-life care in an acute hospital impacts on dying patients and their families.

    Science.gov (United States)

    Slatyer, Susan; Pienaar, Catherine; Williams, Anne M; Proctor, Karen; Hewitt, Laura

    2015-08-01

    To explore the experiences and perceptions of hospital staff caring for dying patients in a dedicated patient/family room (named Lotus Room). Dying in hospital is a common outcome for people across the world. However, noise and activity in acute environments present barriers to quality end-of-life care. This is of concern because care provided to dying patients has been shown to affect both the patients and the bereaved families. A qualitative descriptive approach was used. Semi-structured interviews were conducted with 17 multidisciplinary staff and seven families provided information through an investigator-developed instrument. Qualitative data analysis generated three categories describing: Dying in an hospital; The Lotus Room; and the Outcomes for patients and families. The Lotus Room was seen as a large, private and, ultimately, safe space for patients and families within the public hospital environment. Family feedback supported staff perspectives that the Lotus Room facilitated family presence and communication. The privacy afforded by the Lotus Room within this acute hospital provided benefits for the dying patients and grieving families. Improved outcomes included a peaceful death for patients, which may have assisted the family with their bereavement. This study provides evidence of how the physical environment can address well-established barriers to quality end-of-life care in acute hospitals. © 2015 John Wiley & Sons Ltd.

  1. Biometrics and privacy

    NARCIS (Netherlands)

    Grijpink, J.H.A.M.

    2001-01-01

    Biometrics offers many alternatives for protecting our privacy and preventing us from falling victim to crime. Biometrics can even serve as a solid basis for safe anonymous and semi-anonymous legal transactions. In this article Jan Grijpink clarifies which concepts and practical applications this

  2. Reconciling privacy and security

    NARCIS (Netherlands)

    Lieshout, M.J. van; Friedewald, M.; Wright, D.; Gutwirth, S.

    2013-01-01

    This paper considers the relationship between privacy and security and, in particular, the traditional "trade-off" paradigm. The issue is this: how, in a democracy, can one reconcile the trend towards increasing security (for example, as manifested by increasing surveillance) with the fundamental

  3. Privacy Policy | FNLCR Staging

    Science.gov (United States)

    The privacy of our users is of utmost importance to Frederick National Lab. The policy outlined below establishes how Frederick National Lab will use the information we gather about you from your visit to our website. We may collect and store

  4. Ensuring privacy in the study of pathogen genetics.

    Science.gov (United States)

    Mehta, Sanjay R; Vinterbo, Staal A; Little, Susan J

    2014-08-01

    Rapid growth in the genetic sequencing of pathogens in recent years has led to the creation of large sequence databases. This aggregated sequence data can be very useful for tracking and predicting epidemics of infectious diseases. However, the balance between the potential public health benefit and the risk to personal privacy for individuals whose genetic data (personal or pathogen) are included in such work has been difficult to delineate, because neither the true benefit nor the actual risk to participants has been adequately defined. Existing approaches to minimise the risk of privacy loss to participants are based on de-identification of data by removal of a predefined set of identifiers. These approaches neither guarantee privacy nor protect the usefulness of the data. We propose a new approach to privacy protection that will quantify the risk to participants, while still maximising the usefulness of the data to researchers. This emerging standard in privacy protection and disclosure control, which is known as differential privacy, uses a process-driven rather than data-centred approach to protecting privacy. Copyright © 2014 Elsevier Ltd. All rights reserved.

  5. An examination of electronic health information privacy in older adults.

    Science.gov (United States)

    Le, Thai; Thompson, Hilaire; Demiris, George

    2013-01-01

    Older adults are the quickest growing demographic group and are key consumers of health services. As the United States health system transitions to electronic health records, it is important to understand older adult perceptions of privacy and security. We performed a secondary analysis of the Health Information National Trends Survey (2012, Cycle 1), to examine differences in perceptions of electronic health information privacy between older adults and the general population. We found differences in the level of importance placed on access to electronic health information (older adults placed greater emphasis on provider as opposed to personal access) and tendency to withhold information out of concerns for privacy and security (older adults were less likely to withhold information). We provide recommendations to alleviate some of these privacy concerns. This may facilitate greater use of electronic health communication between patient and provider, while promoting shared decision making.

  6. Privacy as Fundamental right:The Case of Indian AAdhar

    DEFF Research Database (Denmark)

    Khajuria, Samant; Skouby, Knud Erik; Sørensen, Lene Tolstrup

    In August 2017; unanimous judgment by the Supreme Court of India (SCI) i was a resounding victory for privacy. The ruling was the outcome of a petition challenging the constitutional validity of the Indian biometric identity scheme Aadhaar. The one-page order signed by all nine judges declares....... “The right to privacy is protected as an intrinsic part of the right to life and personal liberty under Article 21 and as a part of the freedoms guaranteed by Part III of the Constitution.” Privacy is a key concerns today in the emerging digital market of India. The vision of Digital Indian can only......-mining tool. Looking into EU General Data Protection Regulation (GDPR), where the main goal of the regulation is to build and/or increase trust in the EU citizens in using digital services. Similarly, a clear well defined privacy regulations needs to be in place in India with heavy fines failing to comply....

  7. Analyzing the Effectiveness of the Self-organized Public-Key Management System on MANETs under the Lack of Cooperation and the Impersonation Attacks

    Science.gov (United States)

    da Silva, Eduardo; Dos Santos, Aldri Luiz; Lima, Michele N.; Albini, Luiz Carlos Pessoa

    Among the key management schemes for MANETs, the Self-Organized Public-Key Management System (PGP-Like) is the main chaining-based key management scheme. It is fully self-organized and does not require any certificate authority. Two kinds of misbehavior attacks are considered to be great threats to PGP-Like: lack of cooperation and impersonation attacks. This work quantifies the impact of such attacks on the PGP-Like. Simulation results show that PGP-Like was able to maintain its effectiveness when submitted to the lack of cooperation attack, contradicting previously theoretical results. It correctly works even in the presence of more than 60% of misbehaving nodes, although the convergence time is affected with only 20% of misbehaving nodes. On the other hand, PGP-Like is completely vulnerable to the impersonation attack. Its functionality is affected with just 5% of misbehaving nodes, confirming previously theoretical results.

  8. Impact of Mini-drone based Video Surveillance on Invasion of Privacy

    OpenAIRE

    Korshunov, Pavel; Bonetto, Margherita; Ebrahimi, Touradj; Ramponi, Giovanni

    2015-01-01

    An increase in adoption of video surveillance, affecting many aspects of daily lives, raises public concern about an intrusion into individual privacy. New sensing and surveillance technologies, such as mini-drones, threaten to eradicate boundaries of private space even more. Therefore, it is important to study the effect of mini-drones on privacy intrusion and to understand how existing protection privacy filters perform on a video captured by a mini-drone. To this end, we have built a publi...

  9. Calculation of key reduction for B92 QKD protocol

    Science.gov (United States)

    Mehic, Miralem; Partila, Pavol; Tovarek, Jaromir; Voznak, Miroslav

    2015-05-01

    It is well known that Quantum Key Distribution (QKD) can be used with the highest level of security for distribution of the secret key, which is further used for symmetrical encryption. B92 is one of the oldest QKD protocols. It uses only two non-orthogonal states, each one coding for one bit-value. It is much faster and simpler when compared to its predecessors, but with the idealized maximum efficiencies of 25% over the quantum channel. B92 consists of several phases in which initial key is significantly reduced: secret key exchange, extraction of the raw key (sifting), error rate estimation, key reconciliation and privacy amplification. QKD communication is performed over two channels: the quantum channel and the classical public channel. In order to prevent a man-in-the-middle attack and modification of messages on the public channel, authentication of exchanged values must be performed. We used Wegman-Carter authentication because it describes an upper bound for needed symmetric authentication key. We explained the reduction of the initial key in each of QKD phases.

  10. Privacy Preserving Similarity Based Text Retrieval through Blind Storage

    Directory of Open Access Journals (Sweden)

    Pinki Kumari

    2016-09-01

    Full Text Available Cloud computing is improving rapidly due to their more advantage and more data owners give interest to outsource their data into cloud storage for centralize their data. As huge files stored in the cloud storage, there is need to implement the keyword based search process to data user. At the same time to protect the privacy of data, encryption techniques are used for sensitive data, that encryption is done before outsourcing data to cloud server. But it is critical to search results in encryption data. In this system we propose similarity text retrieval from the blind storage blocks with encryption format. This system provides more security because of blind storage system. In blind storage system data is stored randomly on cloud storage.  In Existing Data Owner cannot encrypt the document data as it was done only at server end. Everyone can access the data as there was no private key concept applied to maintained privacy of the data. But In our proposed system, Data Owner can encrypt the data himself using RSA algorithm.  RSA is a public key-cryptosystem and it is widely used for sensitive data storage over Internet. In our system we use Text mining process for identifying the index files of user documents. Before encryption we also use NLP (Nature Language Processing technique to identify the keyword synonyms of data owner document. Here text mining process examines text word by word and collect literal meaning beyond the words group that composes the sentence. Those words are examined in API of word net so that only equivalent words can be identified for index file use. Our proposed system provides more secure and authorized way of recover the text in cloud storage with access control. Finally, our experimental result shows that our system is better than existing.

  11. Dissemination of public health information: key tools utilised by the NECOBELAC network in Europe and Latin America.

    Science.gov (United States)

    De Castro, Paola; Marsili, Daniela; Poltronieri, Elisabetta; Calderón, Carlos Agudelo

    2012-06-01

     Open Access (OA) to scientific information is an important step forward in communication patterns, yet we still need to reinforce OA principles to promote a cultural change of traditional publishing practices. The advantages of free access to scientific information are even more evident in public health where knowledge is directly associated with human wellbeing.  An OA 'consolidation' initiative in public health is presented to show how the involvement of people and institutions is fundamental to create awareness on OA and promote a cultural change. This initiative is developed within the project NEtwork of COllaboration Between Europe and Latin American Caribbean countries (NECOBELAC), financed by the European Commission.  Three actions are envisaged: Capacity building through a flexible and sustainable training programme on scientific writing and OA publishing; creation of training tools based on semantic web technologies; development of a network of supporting institutions.  In 2010-2011, 23 training initiatives were performed involving 856 participants from 15 countries; topic maps on scientific publication and OA were produced; 195 institutions are included in the network.  Cultural change in scientific dissemination practices is a long process requiring a flexible approach and strong commitment by all stakeholders. © 2012 The authors. Health Information and Libraries Journal © 2012 Health Libraries Group Health Information and Libraries Journal.

  12. Towards Territorial Privacy in Smart Environments

    NARCIS (Netherlands)

    Könings, Bastian; Schaub, Florian; Weber, M.; Kargl, Frank

    Territorial privacy is an old concept for privacy of the personal space dating back to the 19th century. Despite its former relevance, territorial privacy has been neglected in recent years, while privacy research and legislation mainly focused on the issue of information privacy. However, with the

  13. Privacy Awareness: A Means to Solve the Privacy Paradox?

    Science.gov (United States)

    Pötzsch, Stefanie

    People are limited in their resources, i.e. they have limited memory capabilities, cannot pay attention to too many things at the same time, and forget much information after a while; computers do not suffer from these limitations. Thus, revealing personal data in electronic communication environments and being completely unaware of the impact of privacy might cause a lot of privacy issues later. Even if people are privacy aware in general, the so-called privacy paradox shows that they do not behave according to their stated attitudes. This paper discusses explanations for the existing dichotomy between the intentions of people towards disclosure of personal data and their behaviour. We present requirements on tools for privacy-awareness support in order to counteract the privacy paradox.

  14. Privacy rules for DNA databanks. Protecting coded 'future diaries'.

    Science.gov (United States)

    Annas, G J

    1993-11-17

    In privacy terms, genetic information is like medical information. But the information contained in the DNA molecule itself is more sensitive because it contains an individual's probabilistic "future diary," is written in a code that has only partially been broken, and contains information about an individual's parents, siblings, and children. Current rules for protecting the privacy of medical information cannot protect either genetic information or identifiable DNA samples stored in DNA databanks. A review of the legal and public policy rationales for protecting genetic privacy suggests that specific enforceable privacy rules for DNA databanks are needed. Four preliminary rules are proposed to govern the creation of DNA databanks, the collection of DNA samples for storage, limits on the use of information derived from the samples, and continuing obligations to those whose DNA samples are in the databanks.

  15. Genetic secrets: Protecting privacy and confidentiality in the genetic era

    Energy Technology Data Exchange (ETDEWEB)

    Rothstein, M.A. [ed.

    1998-07-01

    Few developments are likely to affect human beings more profoundly in the long run than the discoveries resulting from advances in modern genetics. Although the developments in genetic technology promise to provide many additional benefits, their application to genetic screening poses ethical, social, and legal questions, many of which are rooted in issues of privacy and confidentiality. The ethical, practical, and legal ramifications of these and related questions are explored in depth. The broad range of topics includes: the privacy and confidentiality of genetic information; the challenges to privacy and confidentiality that may be projected to result from the emerging genetic technologies; the role of informed consent in protecting the confidentiality of genetic information in the clinical setting; the potential uses of genetic information by third parties; the implications of changes in the health care delivery system for privacy and confidentiality; relevant national and international developments in public policies, professional standards, and laws; recommendations; and the identification of research needs.

  16. Security and privacy in electronic health records: a systematic literature review.

    Science.gov (United States)

    Fernández-Alemán, José Luis; Señor, Inmaculada Carrión; Lozoya, Pedro Ángel Oliver; Toval, Ambrosio

    2013-06-01

    To report the results of a systematic literature review concerning the security and privacy of electronic health record (EHR) systems. Original articles written in English found in MEDLINE, ACM Digital Library, Wiley InterScience, IEEE Digital Library, Science@Direct, MetaPress, ERIC, CINAHL and Trip Database. Only those articles dealing with the security and privacy of EHR systems. The extraction of 775 articles using a predefined search string, the outcome of which was reviewed by three authors and checked by a fourth. A total of 49 articles were selected, of which 26 used standards or regulations related to the privacy and security of EHR data. The most widely used regulations are the Health Insurance Portability and Accountability Act (HIPAA) and the European Data Protection Directive 95/46/EC. We found 23 articles that used symmetric key and/or asymmetric key schemes and 13 articles that employed the pseudo anonymity technique in EHR systems. A total of 11 articles propose the use of a digital signature scheme based on PKI (Public Key Infrastructure) and 13 articles propose a login/password (seven of them combined with a digital certificate or PIN) for authentication. The preferred access control model appears to be Role-Based Access Control (RBAC), since it is used in 27 studies. Ten of these studies discuss who should define the EHR systems' roles. Eleven studies discuss who should provide access to EHR data: patients or health entities. Sixteen of the articles reviewed indicate that it is necessary to override defined access policies in the case of an emergency. In 25 articles an audit-log of the system is produced. Only four studies mention that system users and/or health staff should be trained in security and privacy. Recent years have witnessed the design of standards and the promulgation of directives concerning security and privacy in EHR systems. However, more work should be done to adopt these regulations and to deploy secure EHR systems. Copyright

  17. Pythia: A Privacy-enhanced Personalized Contextual Suggestion System for Tourism

    NARCIS (Netherlands)

    Drosatos, G.; Efraimidis, P.S.; Arampatzis, A.; Stamatelatos, G.; Athanasiadis, I.N.

    2015-01-01

    We present Pythia, a privacy-enhanced non-invasive contextual suggestion system for tourists, with important architectural innovations. The system offers high quality personalized recommendations, non-invasive operation and protection of user privacy. A key feature of Pythia is the exploitation of

  18. Effective sharing of health records, maintaining privacy: a practical schema.

    Science.gov (United States)

    Neame, Roderick

    2013-01-01

    A principal goal of computerisation of medical records is to join up care services for patients, so that their records can follow them wherever they go and thereby reduce delays, duplications, risks and errors, and costs. Healthcare records are increasingly being stored electronically, which has created the necessary conditions for them to be readily sharable. However simply driving the implementation of electronic medical records is not sufficient, as recent developments have demonstrated (1): there remain significant obstacles. The three main obstacles relate to (a) record accessibility (knowing where event records are and being able to access them), (b) maintaining privacy (ensuring that only those authorised by the patient can access and extract meaning from the records) and (c) assuring the functionality of the shared information (ensuring that the records can be shared non-proprietorially across platforms without loss of meaning, and that their authenticity and trustworthiness are demonstrable). These constitute a set of issues that need new thinking, since existing systems are struggling to deliver them. The solution to this puzzle lies in three main parts. Clearly there is only one environment suited to such widespread sharing, which is the World Wide Web, so this is the communications basis. Part one requires that a sharable synoptic record is created for each care event and stored in standard web-format and in readily accessible locations, on 'the web' or in 'the cloud'. To maintain privacy these publicly-accessible records must be suitably protected either stripped of identifiers (names, addresses, dates, places etc.) and/or encrypted: either way the record must be tagged with a tag that means nothing to anyone, but serves to identify and authenticate a specific record when retrieved. For ease of retrieval patients must hold an index of care events, records and web locations (plus any associated information for each such as encryption keys, context etc

  19. PRIVACY AS A CULTURAL PHENOMENON

    Directory of Open Access Journals (Sweden)

    Garfield Benjamin

    2017-07-01

    Full Text Available Privacy remains both contentious and ever more pertinent in contemporary society. Yet it persists as an ill-defined term, not only within specific fields but in its various uses and implications between and across technical, legal and political contexts. This article offers a new critical review of the history of privacy in terms of two dominant strands of thinking: freedom and property. These two conceptions of privacy can be seen as successive historical epochs brought together under digital technologies, yielding increasingly complex socio-technical dilemmas. By simplifying the taxonomy to its socio-cultural function, the article provides a generalisable, interdisciplinary approach to privacy. Drawing on new technologies, historical trends, sociological studies and political philosophy, the article presents a discussion of the value of privacy as a term, before proposing a defense of the term cyber security as a mode of scalable cognitive privacy that integrates the relative needs of individuals, governments and corporations.

  20. A security and privacy preserving e-prescription system based on smart cards.

    Science.gov (United States)

    Hsu, Chien-Lung; Lu, Chung-Fu

    2012-12-01

    In 2002, Ateniese and Medeiros proposed an e-prescription system, in which the patient can store e-prescription and related information using smart card. Latter, Yang et al. proposed a novel smart-card based e-prescription system based on Ateniese and Medeiros's system in 2004. Yang et al. considered the privacy issues of prescription data and adopted the concept of a group signature to provide patient's privacy protection. To make the e-prescription system more realistic, they further applied a proxy signature to allow a patient to delegate his signing capability to other people. This paper proposed a novel security and privacy preserving e-prescription system model based on smart cards. A new role, chemist, is included in the system model for settling the medicine dispute. We further presented a concrete identity-based (ID-based) group signature scheme and an ID-based proxy signature scheme to realize the proposed model. Main property of an ID-based system is that public key is simple user's identity and can be verified without extra public key certificates. Our ID-based group signature scheme can allow doctors to sign e-prescription anonymously. In a case of a medical dispute, identities of the doctors can be identified. The proposed ID-based proxy signature scheme can improve signing delegation and allows a delegation chain. The proposed e-prescription system based on our proposed two cryptographic schemes is more practical and efficient than Yang et al.'s system in terms of security, communication overheads, computational costs, practical considerations.

  1. The privacy implications of Bluetooth

    OpenAIRE

    Kostakos, Vassilis

    2008-01-01

    A substantial amount of research, as well as media hype, has surrounded RFID technology and its privacy implications. Currently, researchers and the media focus on the privacy threats posed by RFID, while consumer groups choose to boycott products bearing RFID tags. At the same, however, a very similar technology has quietly become part of our everyday lives: Bluetooth. In this paper we highlight the fact that Bluetooth is a widespread technology that has real privacy implications. Furthermor...

  2. Slumdog romance: Facebook love and digital privacy at the margins

    Science.gov (United States)

    Arora, Payal; Scheiber, Laura

    2017-01-01

    Facebook has consolidated its position as the one-stop-shop for social activity among the poor in the global South. Sex, romance, and love are key motivations for mobile and Internet technology usage among this demographic, much like the West. Digital romance is a critical context through which we gain fresh perspectives on Internet governance for an emerging digital and globalizing public. Revenge porn, slut-shaming, and Internet romance scams are a common and growing malady worldwide. Focusing on how it manifests in diverse digital cultures will aid in the shaping of new Internet laws for a more inclusive cross-cultural public. In specific, this article examines how low-income youth in two of the BRICS (Brazil, Russia, India, China and South Africa) nations – Brazil and India – exercise and express their notions on digital privacy, surveillance, and trust through the lens of romance. This allows for a more thorough investigation of the relationship between sexuality, morality, and governance within the larger Facebook ecology. As Facebook becomes the dominant virtual public sphere for the world’s poor, we are compelled to ask whether inclusivity of the digital users comes at the price of diversity of digital platforms.

  3. Slumdog romance: Facebook love and digital privacy at the margins.

    Science.gov (United States)

    Arora, Payal; Scheiber, Laura

    2017-04-01

    Facebook has consolidated its position as the one-stop-shop for social activity among the poor in the global South. Sex, romance, and love are key motivations for mobile and Internet technology usage among this demographic, much like the West. Digital romance is a critical context through which we gain fresh perspectives on Internet governance for an emerging digital and globalizing public. Revenge porn, slut-shaming, and Internet romance scams are a common and growing malady worldwide. Focusing on how it manifests in diverse digital cultures will aid in the shaping of new Internet laws for a more inclusive cross-cultural public. In specific, this article examines how low-income youth in two of the BRICS (Brazil, Russia, India, China and South Africa) nations - Brazil and India - exercise and express their notions on digital privacy, surveillance, and trust through the lens of romance. This allows for a more thorough investigation of the relationship between sexuality, morality, and governance within the larger Facebook ecology. As Facebook becomes the dominant virtual public sphere for the world's poor, we are compelled to ask whether inclusivity of the digital users comes at the price of diversity of digital platforms.

  4. Public interest approach to data protection law: the meaning, value and utility of the public interest for research uses of data

    OpenAIRE

    Stevens, Leslie Anne

    2017-01-01

    Due to legal uncertainty surrounding the application of key provisions of European and UK data protection law, the public interest in protecting individuals’ informational privacy is routinely neglected, as are the public interests in certain uses of data. Consent or anonymisation are often treated as the paradigmatic example of compliance with data protection law, even though both are unable to attend to the full range of rights and interests at stake in data processing. Curre...

  5. Cognitive Privacy for Personal Clouds

    Directory of Open Access Journals (Sweden)

    Milena Radenkovic

    2016-01-01

    Full Text Available This paper proposes a novel Cognitive Privacy (CogPriv framework that improves privacy of data sharing between Personal Clouds for different application types and across heterogeneous networks. Depending on the behaviour of neighbouring network nodes, their estimated privacy levels, resource availability, and social network connectivity, each Personal Cloud may decide to use different transmission network for different types of data and privacy requirements. CogPriv is fully distributed, uses complex graph contacts analytics and multiple implicit novel heuristics, and combines these with smart probing to identify presence and behaviour of privacy compromising nodes in the network. Based on sensed local context and through cooperation with remote nodes in the network, CogPriv is able to transparently and on-the-fly change the network in order to avoid transmissions when privacy may be compromised. We show that CogPriv achieves higher end-to-end privacy levels compared to both noncognitive cellular network communication and state-of-the-art strategies based on privacy-aware adaptive social mobile networks routing for a range of experiment scenarios based on real-world user and network traces. CogPriv is able to adapt to varying network connectivity and maintain high quality of service while managing to keep low data exposure for a wide range of privacy leakage levels in the infrastructure.

  6. Enhancing Privacy for Biometric Identification Cards

    Directory of Open Access Journals (Sweden)

    2009-01-01

    Full Text Available Most developed countries have started the implementation of biometric electronic identification cards, especially passports. The European Union and the United States of America struggle to introduce and standardize these electronic documents. Due to the personal nature of the biometric elements used for the generation of these cards, privacy issues were raised on both sides of the Atlantic Ocean, leading to civilian protests and concerns. The lack of transparency from the public authorities responsible with the implementation of such identification systems, and the poor technological approaches chosen by these authorities, are the main reasons for the negative popularity of the new identification methods. The following article shows an approach that provides all the benefits of modern technological advances in the fields of biometrics and cryptography, without sacrificing the privacy of those that will be the beneficiaries of the new system

  7. Data privacy for the smart grid

    CERN Document Server

    Herold, Rebecca

    2015-01-01

    The Smart Grid and PrivacyWhat Is the Smart Grid? Changes from Traditional Energy Delivery Smart Grid Possibilities Business Model Transformations Emerging Privacy Risks The Need for Privacy PoliciesPrivacy Laws, Regulations, and Standards Privacy-Enhancing Technologies New Privacy Challenges IOT Big Data What Is the Smart Grid?Market and Regulatory OverviewTraditional Electricity Business SectorThe Electricity Open Market Classifications of Utilities Rate-Making ProcessesElectricity Consumer

  8. A Survey of Privacy on Data Integration

    OpenAIRE

    Do Son, Thanh

    2015-01-01

    This survey is an integrated view of other surveys on privacy preserving for data integration. First, we review the database context and challenges and research questions. Second, we formulate the privacy problems for schema matching and data matching. Next, we introduce the elements of privacy models. Then, we summarize the existing privacy techniques and the analysis (proofs) of privacy guarantees. Finally, we describe the privacy frameworks and their applications.

  9. Technical Privacy Metrics: a Systematic Survey

    OpenAIRE

    Wagner, Isabel; Eckhoff, David

    2018-01-01

    The file attached to this record is the author's final peer reviewed version The goal of privacy metrics is to measure the degree of privacy enjoyed by users in a system and the amount of protection offered by privacy-enhancing technologies. In this way, privacy metrics contribute to improving user privacy in the digital world. The diversity and complexity of privacy metrics in the literature makes an informed choice of metrics challenging. As a result, instead of using existing metrics, n...

  10. 78 FR 43258 - Privacy Act; System of Records: Human Resources Records, State-31

    Science.gov (United States)

    2013-07-19

    ... DEPARTMENT OF STATE [Public Notice 8384] Privacy Act; System of Records: Human Resources Records... system of records, Human Resources Records, State- 31, pursuant to the provisions of the Privacy Act of... State proposes that the current system will retain the name ``Human Resources Records'' (previously...

  11. Opening More Data : A New Privacy Risk Scoring Model for Open Data

    NARCIS (Netherlands)

    Ali-Eldin, A.M.T.; Zuiderwijk-van Eijk, AMG; Janssen, M.F.W.H.A.

    2017-01-01

    While the opening of data has become a common practice for both governments and companies, many datasets
    are still not published since they might violate privacy regulations. The risk on privacy violations is a factor
    that often blocks the publication of data and results in a reserved

  12. 42 CFR 403.812 - HIPAA privacy, security, administrative data standards, and national identifiers.

    Science.gov (United States)

    2010-10-01

    ... 42 Public Health 2 2010-10-01 2010-10-01 false HIPAA privacy, security, administrative data... Prescription Drug Discount Card and Transitional Assistance Program § 403.812 HIPAA privacy, security, administrative data standards, and national identifiers. (a) HIPAA covered entities. An endorsed sponsor is a...

  13. 75 FR 5166 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration...

    Science.gov (United States)

    2010-02-01

    ... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2009-0043] Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration/Railroad Retirement Board (SSA/RRB))-- Match... INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 Public Law (Pub. L.) 100-503...

  14. Information and Communication Technologies (ICT) as keys to the enhancement of public awareness about potential earth impacts

    Science.gov (United States)

    Usikov, Denis A.

    2013-09-01

    The 2007 Planetary Defense Conference recommends "to provide or enhance Internet sites to show how threats evolve and to illustrate possible action scenarios". Thereby, establishment of informational and communicational AsteroidAware web-site with the exact, authentic data about the past and the present of Earth's impact events will assist in achievement of positive results and progress in different directions on political, international, social and scientific levels. Expanded ICT's capabilities for popularization of planetary defense can help in resolving the problem of low public interest. The project's primary intent lies in popularizing the concept of planetary defenses and attracting attention to the potential dangers that threaten the Earth from outer space. The result of the efforts falling into the boundaries of this project would be an increased amount of social participation in the process of developing solutions for and increasing awareness of potential collisions between various astral bodies and the Earth. The project is also aimed at creating a foundation for the interaction between scientists and executives from around the world to facilitate international efforts of searching for fitting measures towards lowering threat levels and developing strategies revolving around united actions against potential threats.

  15. The Privacy Coach: Supporting customer privacy in the Internet of Things

    OpenAIRE

    Broenink, Gerben; Hoepman, Jaap-Henk; Hof, Christian van 't; van Kranenburg, Rob; Smits, David; Wisman, Tijmen

    2010-01-01

    The Privacy Coach is an application running on a mobile phone that supports customers in making privacy decisions when confronted with RFID tags. The approach we take to increase customer privacy is a radical departure from the mainstream research efforts that focus on implementing privacy enhancing technologies on the RFID tags themselves. Instead the Privacy Coach functions as a mediator between customer privacy preferences and corporate privacy policies, trying to find a match between the ...

  16. Disinvestment policy and the public funding of assisted reproductive technologies: outcomes of deliberative engagements with three key stakeholder groups.

    Science.gov (United States)

    Hodgetts, Katherine; Hiller, Janet E; Street, Jackie M; Carter, Drew; Braunack-Mayer, Annette J; Watt, Amber M; Moss, John R; Elshaug, Adam G

    2014-05-05

    Measures to improve the quality and sustainability of healthcare practice and provision have become a policy concern. In addition, the involvement of stakeholders in health policy decision-making has been advocated, as complex questions arise around the structure of funding arrangements in a context of limited resources. Using a case study of assisted reproductive technologies (ART), deliberative engagements with a range of stakeholder groups were held on the topic of how best to structure the distribution of Australian public funding in this domain. Deliberative engagements were carried out with groups of ART consumers, clinicians and community members. The forums were informed by a systematic review of ART treatment safety and effectiveness (focusing, in particular, on maternal age and number of treatment cycles), as well as by international policy comparisons, and ethical and cost analyses. Forum discussions were transcribed and subject to thematic analysis. Each forum demonstrated stakeholders' capacity to understand concepts of choice under resource scarcity and disinvestment, and to countenance options for ART funding not always aligned with their interests. Deliberations in each engagement identified concerns around 'equity' and 'patient responsibility', culminating in a broad preference for (potential) ART subsidy restrictions to be based upon individual factors rather than maternal age or number of treatment cycles. Community participants were open to restrictions based upon measures of body mass index (BMI) and smoking status, while consumers and clinicians saw support to improve these factors as part of an ART treatment program, as distinct from a funding criterion. All groups advocated continued patient co-payments, with measures in place to provide treatment access to those unable to pay (namely, equity of access). Deliberations yielded qualitative, socially-negotiated evidence required to inform ethical, accountable policy decisions in the specific

  17. Story Lab: Student Data Privacy

    Science.gov (United States)

    Herold, Benjamin

    2015-01-01

    Student data privacy is an increasingly high-profile--and controversial--issue that touches schools and families across the country. There are stories to tell in virtually every community. About three dozen states have passed legislation addressing student data privacy in the past two years, and eight different proposals were floating around…

  18. Simple group password-based authenticated key agreements for the integrated EPR information system.

    Science.gov (United States)

    Lee, Tian-Fu; Chang, I-Pin; Wang, Ching-Cheng

    2013-04-01

    The security and privacy are important issues for electronic patient records (EPRs). The goal of EPRs is sharing the patients' medical histories such as the diagnosis records, reports and diagnosis image files among hospitals by the Internet. So the security issue for the integrated EPR information system is essential. That is, to ensure the information during transmission through by the Internet is secure and private. The group password-based authenticated key agreement (GPAKE) allows a group of users like doctors, nurses and patients to establish a common session key by using password authentication. Then the group of users can securely communicate by using this session key. Many approaches about GAPKE employ the public key infrastructure (PKI) in order to have higher security. However, it not only increases users' overheads and requires keeping an extra equipment for storing long-term secret keys, but also requires maintaining the public key system. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for the integrated EPR information system. The proposed SGPAKE protocol does not require using the server or users' public keys. Each user only remembers his weak password shared with a trusted server, and then can obtain a common session key. Then all users can securely communicate by using this session key. The proposed SGPAKE protocol not only provides users with convince, but also has higher security.

  19. 45 CFR 2508.19 - What Privacy Act exemptions or control of systems of records are exempt from disclosure?

    Science.gov (United States)

    2010-10-01

    ... 45 Public Welfare 4 2010-10-01 2010-10-01 false What Privacy Act exemptions or control of systems of records are exempt from disclosure? 2508.19 Section 2508.19 Public Welfare Regulations Relating to... ACT OF 1974 § 2508.19 What Privacy Act exemptions or control of systems of records are exempt from...

  20. 45 CFR 2508.8 - Who is responsible for establishing the Corporation's rules of conduct for Privacy Act compliance?

    Science.gov (United States)

    2010-10-01

    ... Corporation's rules of conduct for Privacy Act compliance? 2508.8 Section 2508.8 Public Welfare Regulations Relating to Public Welfare (Continued) CORPORATION FOR NATIONAL AND COMMUNITY SERVICE IMPLEMENTATION OF THE PRIVACY ACT OF 1974 § 2508.8 Who is responsible for establishing the Corporation's rules of conduct for...

  1. Privacy and Big Data

    CERN Document Server

    Craig, Terence

    2011-01-01

    Much of what constitutes Big Data is information about us. Through our online activities, we leave an easy-to-follow trail of digital footprints that reveal who we are, what we buy, where we go, and much more. This eye-opening book explores the raging privacy debate over the use of personal data, with one undeniable conclusion: once data's been collected, we have absolutely no control over who uses it or how it is used. Personal data is the hottest commodity on the market today-truly more valuable than gold. We are the asset that every company, industry, non-profit, and government wants. Pri

  2. Speech Privacy Problems

    Science.gov (United States)

    1945-08-18

    eondwious, «ach AnvoWnc either one or tiro staple m^aSattoa processes. The British teo -dimensioaai privacy system eUiissd both ire- oasaay ana time...of the 884 gas tube and ground showed that the tubs did not re- main fired throughout the duration of the 4- kc puls.e. Instead, the tube fired on...ouri’ent through the relay circuit was not sufficient to: permit its firm operation, especially when the amplitude of the 4~ kc pulse was low. This

  3. Democracy and genetic privacy: the value of bodily integrity.

    Science.gov (United States)

    Beckman, Ludvig

    2005-01-01

    The right to genetic privacy is presently being incorporated in legal systems all over the world. It remains largely unclear however what interests and values this right serves to protect. There are many different arguments made in the literature, yet none takes into account the problem of how particular values can be justified given the plurality of moral and religious doctrines in our societies. In this article theories of public reason are used in order to explore how genetic privacy could be justified in a way that is sensitive to the "fact of pluralism". The idea of public reason is specified as the idea that governments should appeal only to values and beliefs that are acceptable to all reasonable citizens in the justification of rights. In examining prevalent arguments for genetic privacy--based on the value of autonomy or on the value of intimacy--it is concluded that they do not meet this requirement. In dealing with this deficiency in the literature, an argument is developed that genetic privacy is fundamental to the democratic participation of all citizens. By referring to the preconditions of democratic citizenship, genetic privacy can be justified in a way that respects the plurality of comprehensive doctrines of morality and religion in contemporary societies.

  4. A Generic Privacy Quantification Framework for Privacy-Preserving Data Publishing

    Science.gov (United States)

    Zhu, Zutao

    2010-01-01

    In recent years, the concerns about the privacy for the electronic data collected by government agencies, organizations, and industries are increasing. They include individual privacy and knowledge privacy. Privacy-preserving data publishing is a research branch that preserves the privacy while, at the same time, withholding useful information in…

  5. 76 FR 64115 - Privacy Act of 1974; Privacy Act System of Records

    Science.gov (United States)

    2011-10-17

    ... NATIONAL AERONAUTICS AND SPACE ADMINISTRATION [Notice (11-092)] Privacy Act of 1974; Privacy Act... retirement of one Privacy Act system of records notice. SUMMARY: In accordance with the Privacy Act of 1974, NASA is giving notice that it proposes to cancel the following Privacy Act system of records notice...

  6. 48 CFR 39.105 - Privacy.

    Science.gov (United States)

    2010-10-01

    ... 48 Federal Acquisition Regulations System 1 2010-10-01 2010-10-01 false Privacy. 39.105 Section 39... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 39.105 Privacy. Agencies shall ensure that contracts for information technology address protection of privacy in accordance with the Privacy Act (5 U.S.C...

  7. East African Journal of Public Health: Submissions

    African Journals Online (AJOL)

    Author Guidelines; » Copyright Notice; » Privacy Statement ... and noncommunicable diseases, health leadership and management issues. ... current scientific and policy debates, including methodological issues in public health research.

  8. A national agenda for public health informatics: summarized recommendations from the 2001 AMIA Spring Congress.

    Science.gov (United States)

    Yasnoff, W A; Overhage, J M; Humphreys, B L; LaVenture, M

    2001-01-01

    The AMIA 2001 Spring Congress brought together members of the the public health and informatics communities to develop a national agenda for public health informatics. Discussions of funding and governance; architecture and infrastructure; standards and vocabulary; research, evaluation, and best practices; privacy, confidentiality, and security; and training and workforce resulted in 74 recommendations with two key themes-that all stakeholders need to be engaged in coordinated activities related to public health information architecture, standards, confidentiality, best practices, and research; and that informatics training is needed throughout the public health workforce. Implementation of this consensus agenda will help promote progress in the application of information technology to improve public health.

  9. Advanced research in data privacy

    CERN Document Server

    Torra, Vicenç

    2015-01-01

    This book provides an overview of the research work on data privacy and privacy enhancing technologies carried by the participants of the ARES project. ARES (Advanced Research in Privacy an Security, CSD2007-00004) has been one of the most important research projects funded by the Spanish Government in the fields of computer security and privacy. It is part of the now extinct CONSOLIDER INGENIO 2010 program, a highly competitive program which aimed to advance knowledge and open new research lines among top Spanish research groups. The project started in 2007 and will finish this 2014. Composed by 6 research groups from 6 different institutions, it has gathered an important number of researchers during its lifetime. Among the work produced by the ARES project, one specific work package has been related to privacy. This books gathers works produced by members of the project related to data privacy and privacy enhancing technologies. The presented works not only summarize important research carried in the proje...

  10. Biomedical databases: protecting privacy and promoting research.

    Science.gov (United States)

    Wylie, Jean E; Mineau, Geraldine P

    2003-03-01

    When combined with medical information, large electronic databases of information that identify individuals provide superlative resources for genetic, epidemiology and other biomedical research. Such research resources increasingly need to balance the protection of privacy and confidentiality with the promotion of research. Models that do not allow the use of such individual-identifying information constrain research; models that involve commercial interests raise concerns about what type of access is acceptable. Researchers, individuals representing the public interest and those developing regulatory guidelines must be involved in an ongoing dialogue to identify practical models.

  11. Student Privacy and Educational Data Mining: Perspectives from Industry

    Science.gov (United States)

    Sabourin, Jennifer; Kosturko, Lucy; FitzGerald, Clare; McQuiggan, Scott

    2015-01-01

    While the field of educational data mining (EDM) has generated many innovations for improving educational software and student learning, the mining of student data has recently come under a great deal of scrutiny. Many stakeholder groups, including public officials, media outlets, and parents, have voiced concern over the privacy of student data…

  12. Scoping Electronic Communication Privacy Rules: Data, Services and Values

    NARCIS (Netherlands)

    van Hoboken, J.; Zuiderveen Borgesius, F.

    2015-01-01

    We use electronic communication networks for more than simply traditional telecommunications: we access the news, buy goods online, file our taxes, contribute to public debate, and more. As a result, a wider array of privacy interests is implicated for users of electronic communications networks and

  13. 78 FR 14669 - Privacy Act of 1974; Implementation

    Science.gov (United States)

    2013-03-07

    ... law enforcement and intelligence matters, and for the reasons set forth in the rule these exemptions... general editorial revisions to the reasons for the existing IRFS exemptions. The public was provided with...) The proposed exemptions contravene the intent of the Privacy Act; (2) the DEA does not clearly...

  14. 13 CFR 102.36 - Privacy Act standards of conduct.

    Science.gov (United States)

    2010-01-01

    ... 13 Business Credit and Assistance 1 2010-01-01 2010-01-01 false Privacy Act standards of conduct. 102.36 Section 102.36 Business Credit and Assistance SMALL BUSINESS ADMINISTRATION RECORD DISCLOSURE... existence or development of any system of records that is not the subject of a current or planned public...

  15. Multi-biometrics based cryptographic key regeneration scheme

    OpenAIRE

    Kanade , Sanjay Ganesh; Petrovska-Delacrétaz , Dijana; Dorizzi , Bernadette

    2009-01-01

    International audience; Biometrics lack revocability and privacy while cryptography cannot detect the user's identity. By obtaining cryptographic keys using biometrics, one can achieve the properties such as revocability, assurance about user's identity, and privacy. In this paper, we propose a multi-biometric based cryptographic key regeneration scheme. Since left and right irises of a person are uncorrelated, we treat them as two independent biometrics and combine in our system. We propose ...

  16. Towards Privacy Managment of Information Systems

    OpenAIRE

    Drageide, Vidar

    2009-01-01

    This masters thesis provides insight into the concept of privacy. It argues why privacy is important, and why developers and system owners should keep privacy in mind when developing and maintaining systems containing personal information. Following this, a strategy for evaluating the overall level of privacy in a system is defined. The strategy is then applied to parts of the cellphone system in an attempt to evaluate the privacy of traffic and location data in this system.

  17. An Alternative View of Privacy on Facebook

    OpenAIRE

    Christian Fuchs

    2011-01-01

    The predominant analysis of privacy on Facebook focuses on personal information revelation. This paper is critical of this kind of research and introduces an alternative analytical framework for studying privacy on Facebook, social networking sites and web 2.0. This framework is connecting the phenomenon of online privacy to the political economy of capitalism—a focus that has thus far been rather neglected in research literature about Internet and web 2.0 privacy. Liberal privacy philosophy ...

  18. Effective online privacy mechanisms with persuasive communication

    OpenAIRE

    Coopamootoo, P L

    2016-01-01

    This thesis contributes to research by taking a social psychological perspective to managing privacy online. The thesis proposes to support the effort to form a mental model that is required to evaluate a context with regards to privacy attitudes or to ease the effort by biasing activation of privacy attitudes. Privacy being a behavioural concept, the human-computer interaction design plays a major role in supporting and contributing to end users’ ability to manage their privacy online. Howev...

  19. Trajectory data privacy protection based on differential privacy mechanism

    Science.gov (United States)

    Gu, Ke; Yang, Lihao; Liu, Yongzhi; Liao, Niandong

    2018-05-01

    In this paper, we propose a trajectory data privacy protection scheme based on differential privacy mechanism. In the proposed scheme, the algorithm first selects the protected points from the user’s trajectory data; secondly, the algorithm forms the polygon according to the protected points and the adjacent and high frequent accessed points that are selected from the accessing point database, then the algorithm calculates the polygon centroids; finally, the noises are added to the polygon centroids by the differential privacy method, and the polygon centroids replace the protected points, and then the algorithm constructs and issues the new trajectory data. The experiments show that the running time of the proposed algorithms is fast, the privacy protection of the scheme is effective and the data usability of the scheme is higher.

  20. Privacy and CHI : methodologies for studying privacy issues

    NARCIS (Netherlands)

    Patil, S.; Romero, N.A.; Karat, J.

    2006-01-01

    This workshop aims to reflect on methodologies to empirically study privacy issues related to advanced technology. The goal is to address methodological concerns by drawing upon both theoretical perspectives as well as practical experiences.