Using Adaptive Enterprise Architecture Framework for Defining the Adaptable Identity Ecosystem Architecture

Digital identity management is often used to handle fraud detection and hence reduce identity thefts. However, using digital identity management presents additional challenges in terms of privacy of the identity owner meanwhile managing the security of the verification. In this paper, drawing on adaptive enterprise architecture (EA) with an ecosystem approach to digital identity, we describe an identity ecosystem (IdE) architecture to handle identity management (IdM) while safeguarding security and privacy. This study is a part of the larger action design research project with our industry partner DZ. We have used adaptive EA as a theoretical lens to define a privacy aware adaptive IdM with a view to improve the Id operations and delivery of services in the public and private sector. The value of the anticipated architecture is in its generic yet comprehensive structure, component orientation and layered approach which aim to enable the contemporary IdM

Exploring the relationships between privacy by design schemes and privacy laws: a comparative analysis

Internet of Things (IoT) applications have the potential to derive sensitive information about individuals. Therefore, developers must exercise due diligence to make sure that data are managed according to the privacy regulations and data protection laws. However, doing so can be a difficult and challenging task. Recent research has revealed that developers typically face difficulties when complying with regulations. One key reason is that, at times, regulations are vague, and could be challenging to extract and enact such legal requirements. In our research paper, we have conducted a systematic analysis of the data protection laws that are used across different continents, namely: (i) General Data Protection Regulations (GDPR), (ii) the Personal Information Protection and Electronic Documents Act (PIPEDA), (iii) the California Consumer Privacy Act (CCPA), (iv) Australian Privacy Principles (APPs), and (v) New Zealand’s Privacy Act 1993. In this technical report, we presented the detailed results of the conducted framework analysis method to attain a comprehensive view of different data protection laws and highlighted the disparities, in order to assist developers in adhering to the regulations across different regions, along with creating a Combined Privacy Law Framework (CPLF). After that, we gave an overview of various Privacy by Design (PbD) schemes developed previously by different researchers. Then, the key principles and individuals’ rights of the CPLF were mapped with the privacy principles, strategies, guidelines, and patterns of the Privacy by Design (PbD) schemes in order to investigate the gaps in existing schemes

Exploring the Relationships between Privacy by Design Schemes and Privacy Laws: A Comparative Analysis

Internet of Things (IoT) applications have the potential to derive sensitive information about individuals. Therefore, developers must exercise due diligence to make sure that data are managed according to the privacy regulations and data protection laws. However, doing so can be a difficult and challenging task. Recent research has revealed that developers typically face difficulties when complying with regulations. One key reason is that, at times, regulations are vague, and could be challenging to extract and enact such legal requirements. In our research paper, we have conducted a systematic analysis of the data protection laws that are used across different continents, namely: (i) General Data Protection Regulations (GDPR), (ii) the Personal Information Protection and Electronic Documents Act (PIPEDA), (iii) the California Consumer Privacy Act (CCPA), (iv) Australian Privacy Principles (APPs), and (v) New Zealand's Privacy Act 1993. In this technical report, we presented the detailed results of the conducted framework analysis method to attain a comprehensive view of different data protection laws and highlighted the disparities, in order to assist developers in adhering to the regulations across different regions, along with creating a Combined Privacy Law Framework (CPLF). After that, we gave an overview of various Privacy by Design (PbD) schemes developed previously by different researchers. Then, the key principles and individuals' rights of the CPLF were mapped with the privacy principles, strategies, guidelines, and patterns of the Privacy by Design (PbD) schemes in order to investigate the gaps in existing schemes.Comment: Technical Repor

Video forensics in cloud computing: the challenges & recommendations

Forensic analysis of large video surveillance datasets requires computationally demanding processing and significant storage space. The current standalone and often dedicated computing infrastructure used for the purpose is rather limited due to practical limits of hardware scalability and the associated cost. Recently Cloud Computing has emerged as a viable solution to computing resource limitations, taking full advantage of virtualisation capabilities and distributed computing technologies. Consequently the opportunities provided by cloud computing service to support the requirements of forensic video surveillance systems have been recently studied in literature. However such studies have been limited to very simple video analytic tasks carried out within a cloud based architecture. The requirements of a larger scale video forensic system are significantly more and demand an in-depth study. Especially there is a need to balance the benefits of cloud computing with the potential risks of security and privacy breaches of the video data. Understanding different legal issues involved in deploying video surveillance in cloud computing will help making the proposed security architecture affective against potential threats and hence lawful. In this work we conduct a literature review to understand the current regulations and guidelines behind establishing a trustworthy, cloud based video surveillance system. In particular we discuss the requirements of a legally acceptable video forensic system, study the current security and privacy challenges of cloud based computing systems and make recommendations for the design of a cloud based video forensic system

Video Forensics in Cloud Computing: The Challenges & Recommendations

Forensic analysis of large video surveillance datasets requires computationally demanding processing and significant storage space. The current standalone and often dedicated computing infrastructure used for the purpose is rather limited due to practical limits of hardware scalability and the associated cost. Recently Cloud Computing has emerged as a viable solution to computing resource limitations, taking full advantage of virtualisation capabilities and distributed computing technologies. Consequently the opportunities provided by cloud computing service to support the requirements of forensic video surveillance systems have been recently studied in literature. However such studies have been limited to very simple video analytic tasks carried out within a cloud based architecture. The requirements of a larger scale video forensic system are significantly more and demand an in-depth study. Especially there is a need to balance the benefits of cloud computing with the potential risks of security and privacy breaches of the video data. Understanding different legal issues involved in deploying video surveillance in cloud computing will help making the proposed security architecture affective against potential threats and hence lawful. In this work we conduct a literature review to understand the current regulations and guidelines behind establishing a trustworthy, cloud based video surveillance system. In particular we discuss the requirements of a legally acceptable video forensic system, study the current security and privacy challenges of cloud based computing systems and make recommendations for the design of a cloud based video forensic system

African Union data policy framework

The full text is available for free download. AU Data Policy Framework. 2022. Documents (https://au.int/en/documents/20220728/au-data-policy-framework).The African Union, representing its 55 member states from the whole African continent, endorsed its “African Union Data Policy Framework” by the AU Executive Council during its 40th Ordinary Session on 2-3 February (Ref EX.CL/Dec.1144/XL) and published in February 2022. The below excerpt are Executive Summary (pp VI-X) and the recommendations and actions of chapter V (18-64). (The editor Christoph Stückelberger)

Customer Relationship Management in a Public Cloud environment – Key influencing factors for European enterprises

Customer Relationship Management is crucial influencing factor for competitiveness in saturated markets. Public cloud-computing services for customer-relationship management provide many benefits. However, their usage in Europe is reluctant. Our research identifies several core and sub-influence factors and reveals how strong they are. Enterprises strive for covering risks in terms of safety and security. Further important influencing factors are functional completeness and integration into the existing environment. Our research provides new knowledge of the use of public cloud services in general and in particular for the use of customer relationship in a public cloud environment