Mandatory Enforcement of Privacy Policies using Trusted Computing Principles

Modern communication systems and information technology create significant new threats to information privacy. In this paper, we discuss the need for proper privacy protection in cooperative intelligent transportation systems (cITS), one instance of such systems. We outline general principles for data protection and their legal basis and argue why pure legal protection is insufficient. Strong privacy-enhancing technologies need to be deployed in cITS to protect user data while it is generated and processed. As data minimization cannot always prevent the need for disclosing relevant personal information, we introduce the new concept of mandatory enforcement of privacy policies. This concept empowers users and data subjects to tightly couple their data with privacy policies and rely on the system to impose such policies onto any data processors. We also describe the PRECIOSA Privacy-enforcing Runtime Architecture that exemplifies our approach. Moreover, we show how an application can utilize this architecture by applying it to a pay as you drive (PAYD) car insurance scenario

An Examination of Privacy Policies of Global University Web Sites

Due to demand in online services, universities throughout the world are increasing the content of their Web sites and adding features, such as online applications and e-learning. However, adding online services requires that personal data is kept within computerized systems, thus putting personal private information at risk. Online consumers express concern about the risk of their personal private data and demand to know how organizations will protect their records. It is imperative that firms have mechanisms to guard their data and publish protection information within online privacy policies to mitigate user distrust. However, although industry privacy groups may recommend better protection and some countries may legislate its use; this is not universal in all university sites. This study analyzes 90 universities site throughout the world to determine the use of privacy protection. The results show a lack of use of certain privacy mechanisms. The research suggests methods for improving protection

A new conceptual framework within information privacy: Meta privacy

When considering information security and privacy issues most of the attention has previously focussed on data protection and the privacy of personally identifiable information (PII). What is often overlooked is consideration for the operational and transactional data. Specifically, the security and privacy protection of metadata and metastructure information of computing environments has not been factored in to most methods. Metadata, or data about data, can contain many personal details about an entity. It is subject to the same risks and malicious actions personal data is exposed to. This paper presents a new perspective for information security and privacy. It is termed Meta Privacy and is concerned with the protection and privacy of information system metadata and metastructure details. We first present a formal definition for meta privacy, and then analyse the factors that encompass and influence meta privacy. In addition, we recommend some techniques for the protection of meta privacy within the information systems. Further, the paper highlights the importance of ensuring all informational elements of information systems are adequately protected from a privacy perspective

On the Measurement of Privacy as an Attacker's Estimation Error

A wide variety of privacy metrics have been proposed in the literature to evaluate the level of protection offered by privacy enhancing-technologies. Most of these metrics are specific to concrete systems and adversarial models, and are difficult to generalize or translate to other contexts. Furthermore, a better understanding of the relationships between the different privacy metrics is needed to enable more grounded and systematic approach to measuring privacy, as well as to assist systems designers in selecting the most appropriate metric for a given application. In this work we propose a theoretical framework for privacy-preserving systems, endowed with a general definition of privacy in terms of the estimation error incurred by an attacker who aims to disclose the private information that the system is designed to conceal. We show that our framework permits interpreting and comparing a number of well-known metrics under a common perspective. The arguments behind these interpretations are based on fundamental results related to the theories of information, probability and Bayes decision.Comment: This paper has 18 pages and 17 figure

Investigating the tension between cloud-related actors and individual privacy rights

Historically, little more than lip service has been paid to the rights of individuals to act to preserve their own privacy. Personal information is frequently exploited for commercial gain, often without the person’s knowledge or permission. New legislation, such as the EU General Data Protection Regulation Act, has acknowledged the need for legislative protection. This Act places the onus on service providers to preserve the confidentiality of their users’ and customers’ personal information, on pain of punitive fines for lapses. It accords special privileges to users, such as the right to be forgotten. This regulation has global jurisdiction covering the rights of any EU resident, worldwide. Assuring this legislated privacy protection presents a serious challenge, which is exacerbated in the cloud environment. A considerable number of actors are stakeholders in cloud ecosystems. Each has their own agenda and these are not necessarily well aligned. Cloud service providers, especially those offering social media services, are interested in growing their businesses and maximising revenue. There is a strong incentive for them to capitalise on their users’ personal information and usage information. Privacy is often the first victim. Here, we examine the tensions between the various cloud actors and propose a framework that could be used to ensure that privacy is preserved and respected in cloud systems

The 'credit scoring pandemic' and the European vaccine: Making sense of EU data protection legislation

Copyright @ 2010 The Author. This article is available open access through the publisher’s website at the link below.This article explores credit scoring systems as a tool used by the credit industry to evaluate consumers’ credit applications and creditworthiness within the context of the EU. After an analysis of the technologies and techniques behind the scoring of individuals, it investigates the most relevant issues behind the reporting of consumer financial information, i.e. the prejudicial side of sharing people's reputation exacerbated by ever-advancing information technologies and the disrespect of the privacy of consumers. This is put in context with an analysis of the values that the right of informational privacy protects and the dangers that data protection legislation aims to prevent. Ultimately, this article aims at showing that a correct application of the existing EU data protection legislation should prevent, or at least repair, the flaws of the uses of credit scoring and concerns over the respect of established privacy rights

Privacy protection of user profiles in personalized information systems

Peer ReviewedPostprint (published version

SECMACE: Scalable and Robust Identity and Credential Management Infrastructure in Vehicular Communication Systems

Several years of academic and industrial research efforts have converged to a common understanding on fundamental security building blocks for the upcoming Vehicular Communication (VC) systems. There is a growing consensus towards deploying a special-purpose identity and credential management infrastructure, i.e., a Vehicular Public-Key Infrastructure (VPKI), enabling pseudonymous authentication, with standardization efforts towards that direction. In spite of the progress made by standardization bodies (IEEE 1609.2 and ETSI) and harmonization efforts (Car2Car Communication Consortium (C2C-CC)), significant questions remain unanswered towards deploying a VPKI. Deep understanding of the VPKI, a central building block of secure and privacy-preserving VC systems, is still lacking. This paper contributes to the closing of this gap. We present SECMACE, a VPKI system, which is compatible with the IEEE 1609.2 and ETSI standards specifications. We provide a detailed description of our state-of-the-art VPKI that improves upon existing proposals in terms of security and privacy protection, and efficiency. SECMACE facilitates multi-domain operations in the VC systems and enhances user privacy, notably preventing linking pseudonyms based on timing information and offering increased protection even against honest-but-curious VPKI entities. We propose multiple policies for the vehicle-VPKI interactions, based on which and two large-scale mobility trace datasets, we evaluate the full-blown implementation of SECMACE. With very little attention on the VPKI performance thus far, our results reveal that modest computing resources can support a large area of vehicles with very low delays and the most promising policy in terms of privacy protection can be supported with moderate overhead.Comment: 14 pages, 9 figures, 10 tables, IEEE Transactions on Intelligent Transportation System

A conceptual framework for information security and privacy

There are numerous information privacy approaches based on the four major models of privacy protection. That is, Comprehensive Privacy Laws, Sectoral Privacy Laws, Privacy Self-Regulation, and Technologies of Privacy. These solutions, used individually or without proper system privacy design considerations, have not been very effective. This is because there has been little in the way of instruction on how developers and designers are supposed to use these privacy tools. In this paper we address the problem by providing a privacy solution for integration into information systems called Shield Privacy. The Shield Privacy solution provides an effective system wide approach to privacy protection. It integrates relevant components from the various privacy models. We have implemented our Shield Privacy in a collaborative environment application. In this paper we also describe the prototype and discuss its advantages and areas of future work