121,658 research outputs found

    Addressing End-User Privacy Concerns

    Get PDF

    Privacy Engineering in Smart Home (SH) Systems: A Comprehensive Privacy Threat Analysis and Risk Management Approach

    Full text link
    Addressing trust concerns in Smart Home (SH) systems is imperative due to the limited study on preservation approaches that focus on analyzing and evaluating privacy threats for effective risk management. While most research focuses primarily on user privacy, device data privacy, especially identity privacy, is almost neglected, which can significantly impact overall user privacy within the SH system. To this end, our study incorporates privacy engineering (PE) principles in the SH system that consider user and device data privacy. We start with a comprehensive reference model for a typical SH system. Based on the initial stage of LINDDUN PRO for the PE framework, we present a data flow diagram (DFD) based on a typical SH reference model to better understand SH system operations. To identify potential areas of privacy threat and perform a privacy threat analysis (PTA), we employ the LINDDUN PRO threat model. Then, a privacy impact assessment (PIA) was carried out to implement privacy risk management by prioritizing privacy threats based on their likelihood of occurrence and potential consequences. Finally, we suggest possible privacy enhancement techniques (PETs) that can mitigate some of these threats. The study aims to elucidate the main threats to privacy, associated risks, and effective prioritization of privacy control in SH systems. The outcomes of this study are expected to benefit SH stakeholders, including vendors, cloud providers, users, researchers, and regulatory bodies in the SH systems domain.Comment: The paper has 3 figures, 8 table

    Taxonomy for Social Network Data Types from the Viewpoint of Privacy and User Control

    Get PDF
    The growing relevance and usage intensity of Online Social Networks (OSNs) along with the accumulation of a large amount of user data has led to privacy concerns among researchers and end users. Despite a large body of research addressing OSN privacy issues, little differentiation of data types on social network sites is made and a generally accepted classification and terminology for such data is missing, hence leading to confusion in related discussions. This paper proposes a taxonomy for data types on OSNs based on a thorough literature analysis and a conceptualization of typical OSN user activities. It aims at clarifying discussions among researchers, benefiting comparisons of data types within and across OSNs and at educating the end user about characteristics and implications of OSN data types. The taxonomy is evaluated by applying it to four major OSNs

    Reclaiming Information Privacy Online

    Get PDF
    The tremendous growth in information technology and the use of digital communication medium have led to serious concerns on preserving and reclaiming privacy of users online [1]. Many individuals consider privacy to be a right, but much or all of their online activity can be and is easily tracked by various organizations. Additionally, due to the lack of effective regulations, Internet Service Providers (ISPs) are lured to collect and disseminate user specific privacy and profile information for financial gains. In recent times, the strongest effort by the federal government towards addressing this concern was specified in the Freedom of Information Act and Privacy Act [2]. The Act provided guidelines and mechanisms to access, store and transmit individual personal information online. But, in-spite of various recent efforts there are huge lapses in online privacy, with very little accountability to identify and address the problem. The goal of this research and the experimental studies conducted is to demonstrate how information can still be leaked in the current Internet usage and the steps that end-users (clients) can take to mitigate the problem. The research also discusses numerous approaches and tools that can be readily implemented to help bring back privacy to online browsing

    Ethics Emerging: The Story of Privacy and Security Perceptions in Virtual Reality

    Get PDF
    Virtual reality (VR) technology aims to transport the user to a virtual world, fully immersing them in an experience entirely separate from the real world. VR devices can use sensor data to draw deeply personal inferences (e.g., medical conditions, emotions) and can enable virtual crimes (e.g., theft, assault on virtual representations of the user) from which users have been shown to experience real, significant emotional pain. As such, VR may involve especially sensitive user data and interactions. To effectively mitigate such risks and design for safer experiences, we aim to understand end-user perceptions of VR risks and how, if at all, developers are considering and addressing those risks. In this paper, we present the first work on VR security and privacy perceptions: a mixed-methods study involving semi-structured interviews with 20 VR users and developers, a survey of VR privacy policies, and an ethics co-design study with VR developers. We establish a foundational understanding of perceived risks in VR; raise concerns about the state of VR privacy policies; and contribute a concrete VR developer "code of ethics", created by developers, for developers
    • 

    corecore