Confidentiality-Preserving Publish/Subscribe: A Survey

Publish/subscribe (pub/sub) is an attractive communication paradigm for large-scale distributed applications running across multiple administrative domains. Pub/sub allows event-based information dissemination based on constraints on the nature of the data rather than on pre-established communication channels. It is a natural fit for deployment in untrusted environments such as public clouds linking applications across multiple sites. However, pub/sub in untrusted environments lead to major confidentiality concerns stemming from the content-centric nature of the communications. This survey classifies and analyzes different approaches to confidentiality preservation for pub/sub, from applications of trust and access control models to novel encryption techniques. It provides an overview of the current challenges posed by confidentiality concerns and points to future research directions in this promising field

Routes for breaching and protecting genetic privacy

We are entering the era of ubiquitous genetic information for research, clinical care, and personal curiosity. Sharing these datasets is vital for rapid progress in understanding the genetic basis of human diseases. However, one growing concern is the ability to protect the genetic privacy of the data originators. Here, we technically map threats to genetic privacy and discuss potential mitigation strategies for privacy-preserving dissemination of genetic data.Comment: Draft for comment

Legal and Policy Framework for Promoting Equitable Access to Documentary Heritage

The National Mission for Manuscripts of India, in association with UNESCO, completed a research study to assist in the development of legal and policy framework and protocols for promoting equitable access to documentary heritage, relevant to India and other South Asian countries. This study report seeks to accurately identify and critically examine the legal and policy framework for promoting equitable access to our documentary heritage. The National Mission for Manuscripts is the most important institution in India creating bibliographic databases of manuscripts and engaged in the conservation and preservation of valuable manuscripts. This report engages with the legal and policy framework which envelops the lifecycle of the Mission’s work: the process of access to manuscripts, digitization of manuscripts and the creation of databases. By critically examining the legal rules in the practical context of the Mission’s work, the research team has put together the first such review of any such initiative in the protection of traditional knowledge in the country. The conclusions of the report are in the form of draft legal agreements and policy recommendations located in the discussion on various parts of the Mission’s work. While this report does not set out to be the final word on these significant policy initiatives, the report definitely makes significant progress in the policy debate and legal literature in this field. This report illustrates working patterns of the Mission within the legal and policy framework in the Country. This report will be a valuable sourcebook for understanding South Asian legal and policy framework for accessing documentary heritage collections. The draft legal agreements and policy recommendations, presented in this report, will also be valuable intervention tools for South Asian countries that share similar legal and policy framework within the sub-region

Big Data Privacy Context: Literature Effects On Secure Informational Assets

This article's objective is the identification of research opportunities in the current big data privacy domain, evaluating literature effects on secure informational assets. Until now, no study has analyzed such relation. Its results can foster science, technologies and businesses. To achieve these objectives, a big data privacy Systematic Literature Review (SLR) is performed on the main scientific peer reviewed journals in Scopus database. Bibliometrics and text mining analysis complement the SLR. This study provides support to big data privacy researchers on: most and least researched themes, research novelty, most cited works and authors, themes evolution through time and many others. In addition, TOPSIS and VIKOR ranks were developed to evaluate literature effects versus informational assets indicators. Secure Internet Servers (SIS) was chosen as decision criteria. Results show that big data privacy literature is strongly focused on computational aspects. However, individuals, societies, organizations and governments face a technological change that has just started to be investigated, with growing concerns on law and regulation aspects. TOPSIS and VIKOR Ranks differed in several positions and the only consistent country between literature and SIS adoption is the United States. Countries in the lowest ranking positions represent future research opportunities.Comment: 21 pages, 9 figure

Anonymizing cybersecurity data in critical infrastructures: the CIPSEC approach

Cybersecurity logs are permanently generated by network devices to describe security incidents. With modern computing technology, such logs can be exploited to counter threats in real time or before they gain a foothold. To improve these capabilities, logs are usually shared with external entities. However, since cybersecurity logs might contain sensitive data, serious privacy concerns arise, even more when critical infrastructures (CI), handling strategic data, are involved. We propose a tool to protect privacy by anonymizing sensitive data included in cybersecurity logs. We implement anonymization mechanisms grouped through the definition of a privacy policy. We adapt said approach to the context of the EU project CIPSEC that builds a unified security framework to orchestrate security products, thus offering better protection to a group of CIs. Since this framework collects and processes security-related data from multiple devices of CIs, our work is devoted to protecting privacy by integrating our anonymization approach.Peer ReviewedPostprint (published version

A hybrid strategy for privacy-preserving recommendations for mobile shopping

To calculate recommendations, recommender systems col-lect and store huge amounts of users ’ personal data such as preferences, interaction behavior, or demographic infor-mation. If these data are used for other purposes or get into the wrong hands, the privacy of the users can be com-promised. Thus, service providers are confronted with the challenge of o↵ering accurate recommendations without the risk of dissemination of sensitive information. This paper presents a hybrid strategy combining collaborative filtering and content-based techniques for mobile shopping with the primary aim of preserving the customer’s privacy. Detailed information about the customer, such as the shopping his-tory, is securely stored on the customer’s smartphone and locally processed by a content-based recommender. Data of individual shopping sessions, which are sent to the store backend for product association and comparison with simi-lar customers, are unlinkable and anonymous. No uniquely identifying information of the customer is revealed, making it impossible to associate successive shopping sessions at the store backend. Optionally, the customer can disclose demo-graphic data and a rudimentary explicit profile for further personalization