On the Measurement of Privacy as an Attacker's Estimation Error

A wide variety of privacy metrics have been proposed in the literature to evaluate the level of protection offered by privacy enhancing-technologies. Most of these metrics are specific to concrete systems and adversarial models, and are difficult to generalize or translate to other contexts. Furthermore, a better understanding of the relationships between the different privacy metrics is needed to enable more grounded and systematic approach to measuring privacy, as well as to assist systems designers in selecting the most appropriate metric for a given application. In this work we propose a theoretical framework for privacy-preserving systems, endowed with a general definition of privacy in terms of the estimation error incurred by an attacker who aims to disclose the private information that the system is designed to conceal. We show that our framework permits interpreting and comparing a number of well-known metrics under a common perspective. The arguments behind these interpretations are based on fundamental results related to the theories of information, probability and Bayes decision.Comment: This paper has 18 pages and 17 figure

Semantic discovery and reuse of business process patterns

Patterns currently play an important role in modern information systems (IS) development and their use has mainly been restricted to the design and implementation phases of the development lifecycle. Given the increasing significance of business modelling in IS development, patterns have the potential of providing a viable solution for promoting reusability of recurrent generalized models in the very early stages of development. As a statement of research-in-progress this paper focuses on business process patterns and proposes an initial methodological framework for the discovery and reuse of business process patterns within the IS development lifecycle. The framework borrows ideas from the domain engineering literature and proposes the use of semantics to drive both the discovery of patterns as well as their reuse

Progress in information technology and tourism management: 20 years on and 10 years after the Internet—The state of eTourism research

This paper reviews the published articles on eTourism in the past 20 years. Using a wide variety of sources, mainly in the tourism literature, this paper comprehensively reviews and analyzes prior studies in the context of Internet applications to Tourism. The paper also projects future developments in eTourism and demonstrates critical changes that will influence the tourism industry structure. A major contribution of this paper is its overview of the research and development efforts that have been endeavoured in the field, and the challenges that tourism researchers are, and will be, facing

Simulatable security for quantum protocols

The notion of simulatable security (reactive simulatability, universal composability) is a powerful tool for allowing the modular design of cryptographic protocols (composition of protocols) and showing the security of a given protocol embedded in a larger one. Recently, these methods have received much attention in the quantum cryptographic community. We give a short introduction to simulatable security in general and proceed by sketching the many different definitional choices together with their advantages and disadvantages. Based on the reactive simulatability modelling of Backes, Pfitzmann and Waidner we then develop a quantum security model. By following the BPW modelling as closely as possible, we show that composable quantum security definitions for quantum protocols can strongly profit from their classical counterparts, since most of the definitional choices in the modelling are independent of the underlying machine model. In particular, we give a proof for the simple composition theorem in our framework.Comment: Added proof of combination lemma; added comparison to the model of Ben-Or, Mayers; minor correction

Can relativistic bit commitment lead to secure quantum oblivious transfer?

While unconditionally secure bit commitment (BC) is considered impossible within the quantum framework, it can be obtained under relativistic or experimental constraints. Here we study whether such BC can lead to secure quantum oblivious transfer (QOT). The answer is not completely negative. On one hand, we provide a detailed cheating strategy, showing that the "honest-but-curious adversaries" in some of the existing no-go proofs on QOT still apply even if secure BC is used, enabling the receiver to increase the average reliability of the decoded value of the transferred bit. On the other hand, it is also found that some other no-go proofs claiming that a dishonest receiver can always decode all transferred bits simultaneously with reliability 100% become invalid in this scenario, because their models of cryptographic protocols are too ideal to cover such a BC-based QOT.Comment: Published version. This paper generalized some results in Sec. V of arXiv:1101.4587, and pointed out the limitation of the proof in arXiv:quant-ph/961103