Equivalence-based Security for Querying Encrypted Databases: Theory and Application to Privacy Policy Audits

Motivated by the problem of simultaneously preserving confidentiality and usability of data outsourced to third-party clouds, we present two different database encryption schemes that largely hide data but reveal enough information to support a wide-range of relational queries. We provide a security definition for database encryption that captures confidentiality based on a notion of equivalence of databases from the adversary's perspective. As a specific application, we adapt an existing algorithm for finding violations of privacy policies to run on logs encrypted under our schemes and observe low to moderate overheads.Comment: CCS 2015 paper technical report, in progres

Privacy in an Ambient World

Privacy is a prime concern in today's information society. To protect\ud the privacy of individuals, enterprises must follow certain privacy practices, while\ud collecting or processing personal data. In this chapter we look at the setting where an\ud enterprise collects private data on its website, processes it inside the enterprise and\ud shares it with partner enterprises. In particular, we analyse three different privacy\ud systems that can be used in the different stages of this lifecycle. One of them is the\ud Audit Logic, recently introduced, which can be used to keep data private when it\ud travels across enterprise boundaries. We conclude with an analysis of the features\ud and shortcomings of these systems

Accounting, Information and the Development of Evidence-Based Resourcing Strategies in Education

In this paper we will argue that there has developed a significant gap between the high policy priority given to improving educational performance in the UK and the attention that has effectively been given to generating the information base upon which more effective educational resourcing strategies might be developed. This is despite the fact that evidence-based policies are intended to be at the heart of the current Modernising Government initiative. The high priority given to education by the incoming new Labour Government and by the Prime Minister in 1997 has since been accompanied by substantial additional resources under the Comprehensive Spending Reviews of 1998 and 2000. The principle of devolving educational budgets and resource management decisions down to individual schools through formula funding, that was at the centre of the previous government’s Local Management of School initiative, has also been reinforced. However, there remain important questions of the nature of the links which exist between school resourcing, characteristics of the pupil, and the educational achievements which can be expected from these different pupil and resource inputs. These questions are important for both the design of improved resource allocation formulae to allocate educational resources to individual schools and for resource management decisions within schools, as well as for target setting and performance monitoring. Answering these questions requires the development of a comprehensive national comparative school database, of which improvements in financial reporting would form a key component.educational resourcing; educational performance; resource management.

An Automated Approach to Auditing Disclosure of Third-Party Data Collection in Website Privacy Policies

A dominant regulatory model for web privacy is "notice and choice". In this model, users are notified of data collection and provided with options to control it. To examine the efficacy of this approach, this study presents the first large-scale audit of disclosure of third-party data collection in website privacy policies. Data flows on one million websites are analyzed and over 200,000 websites' privacy policies are audited to determine if users are notified of the names of the companies which collect their data. Policies from 25 prominent third-party data collectors are also examined to provide deeper insights into the totality of the policy environment. Policies are additionally audited to determine if the choice expressed by the "Do Not Track" browser setting is respected. Third-party data collection is wide-spread, but fewer than 15% of attributed data flows are disclosed. The third-parties most likely to be disclosed are those with consumer services users may be aware of, those without consumer services are less likely to be mentioned. Policies are difficult to understand and the average time requirement to read both a given site{\guillemotright}s policy and the associated third-party policies exceeds 84 minutes. Only 7% of first-party site policies mention the Do Not Track signal, and the majority of such mentions are to specify that the signal is ignored. Among third-party policies examined, none offer unqualified support for the Do Not Track signal. Findings indicate that current implementations of "notice and choice" fail to provide notice or respect choice

Appendix B: Ohio Attorney General Facial Recognition Task Force Proposal on Monitoring, Auditing, Enforcement and Transparency

Policy controls that govern agency activity generally contain at least two components: (1) a substantive policy; and (2) a governance structure for ensuring implementation of and compliance with that policy. Effective controls require both. This proposal focuses on the second component, the governance structure. Specifically, it addresses routine monitoring, annual audits, enforcement of the AG’s policies that govern the facial recognition system, and public transparency. Established facial recognition policies, including those that the Task Force has looked to as models, recognize the importance of establishing such a governance structure. We have reviewed existing federal and state policy templates documents in order to identify and integrate best practices. Based on this review, we believe that Ohio’s Facial Recognition Policy should address routine monitoring, periodic audits, enforcement, and public transparency. A policy that successfully integrated each of these elements would reflect best practices and could serve as a model for other states and localities

A framework to authenticate records in a government accounting system in Botswana to support the auditing process

An audit of financial statements relies heavily on authentic records to yield informed audit opinions. Without proper records of transactions, the objective of auditing financial statements becomes difficult. In the digital environment, determining the authenticity of digital documents for purposes of auditing is even more problematic because of a lack of criteria used by auditors for the declaration of such authenticity. This study sought to develop a framework for the authentication of records in a government accounting system in Botswana with a view to supporting the audit process in the public sector. This qualitative study framed within the interpretivism epistemological research paradigm, used archival diplomatics as a theoretical lens. Data were collected through system analysis, analysis of documents such as legislation, as well as interviews with auditors, ICT professionals and records management practitioners purposively selected from the Botswana National Archives and Records Services, Office of the Auditor General, Department of Information Technology, Accountant-General’s Department, Department of Internal Audit and Department of Corporate Services of the Ministry of Finance and Economic Development. The study established that the legislative framework for managing digital records does exist in Botswana. A lack of skills by records management professionals and auditors to authenticate digital records was also noted. The absence of some criteria to authenticate digital records means that auditors use their own discretion with regard to their authenticity. In addition, as a business system, the Government Accounting and Budgeting System (GABS) does produce and store digital records, but their authenticity and availability over time are not guaranteed. This weakness can be addressed by integrating GABS with an Enterprise Content Management (ECM). Currently, records authenticity in GABS is ensured through reliance on social and technical indicators (information technology and system application controls). The study suggests a framework for the authentication of digital accounting records in a government accounting system with the hope that its implementation would support the audit process. It is concluded that because of the failure to establish guidelines and checklists for auditors to authenticate digital records, there will be continued reliance on information technology and system application controls. Therefore, it is recommended that the Auditor General should develop a checklist for authentication. A further study of the integration of Government Accounting and Budgeting System with an Enterprise Content Management to properly manage digital records produced and stored in the system is recommended.Information ScienceD. Phil. (Information Science

Applying Sarbanes-Oxley Principles to Colleges and Universities

In the wake of the financial scandals that have occurred in the corporate sector, the public is demanding more accountability not only from corporations but also from nonprofit organizations such as universities. Institutions can enhance corporate governance by implementing some of the principles and procedures the Sarbanes-Oxley Act of 2002 (SOX) have mandated for public companies. Because public accounting firms audit universities, the firms can provide a valuable service to such clients by recommending ways in which universities can implement SOX practices that are appropriate and applicable. Although SOX does not currently apply to colleges and universities, it has created a climate in which many colleges and universities are considering ways to increase transparency and accountability in their financial operations. The outlook for mandating SOX-like legislation for nonprofits is unclear, both at the federal and state level. There is evidence, however, of some opposition to the implementation of SOX principles at universities