8,711 research outputs found
Privacy Threat Model for Data Portability in Social Network Applications
The advent of the participatory Web and social network applications has changed our communication behavior and the way we express ourselves on the Web. Social network application providers benefit from the increasing amount of personally identifiable information willingly displayed on their sites but, at the same time, risks of data misuse threaten the information privacy of individual users as well as the providers’ business model. From recent research, this paper reports the major requirements for developing privacy-preserving social network applications and proposes a privacy threat model that can be used to enhance the information privacy in data or social network portability initiatives by determining the issues at stake related to the processing of personally identifiable information
Assessing database and network threats in traditional and cloud computing
Cloud Computing is currently one of the most widely-spoken terms in IT. While it offers a range of technological and financial benefits, its wide acceptance by organizations is not yet wide spread. Security concerns are a main reason for this and this paper studies the data and network threats posed in both traditional and cloud paradigms in an effort to assert in which areas cloud computing addresses security issues and where it does introduce new ones. This evaluation is based on Microsoft’s STRIDE threat model and discusses the stakeholders, the impact and recommendations for tackling each threat
A Critical Look at Decentralized Personal Data Architectures
While the Internet was conceived as a decentralized network, the most widely
used web applications today tend toward centralization. Control increasingly
rests with centralized service providers who, as a consequence, have also
amassed unprecedented amounts of data about the behaviors and personalities of
individuals.
Developers, regulators, and consumer advocates have looked to alternative
decentralized architectures as the natural response to threats posed by these
centralized services. The result has been a great variety of solutions that
include personal data stores (PDS), infomediaries, Vendor Relationship
Management (VRM) systems, and federated and distributed social networks. And
yet, for all these efforts, decentralized personal data architectures have seen
little adoption.
This position paper attempts to account for these failures, challenging the
accepted wisdom in the web community on the feasibility and desirability of
these approaches. We start with a historical discussion of the development of
various categories of decentralized personal data architectures. Then we survey
the main ideas to illustrate the common themes among these efforts. We tease
apart the design characteristics of these systems from the social values that
they (are intended to) promote. We use this understanding to point out numerous
drawbacks of the decentralization paradigm, some inherent and others
incidental. We end with recommendations for designers of these systems for
working towards goals that are achievable, but perhaps more limited in scope
and ambition
Designing the Health-related Internet of Things: Ethical Principles and Guidelines
The conjunction of wireless computing, ubiquitous Internet access, and the miniaturisation of sensors have opened the door for technological applications that can monitor health and well-being outside of formal healthcare systems. The health-related Internet of Things (H-IoT) increasingly plays a key role in health management by providing real-time tele-monitoring of patients, testing of treatments, actuation of medical devices, and fitness and well-being monitoring. Given its numerous applications and proposed benefits, adoption by medical and social care institutions and consumers may be rapid. However, a host of ethical concerns are also raised that must be addressed. The inherent sensitivity of health-related data being generated and latent risks of Internet-enabled devices pose serious challenges. Users, already in a vulnerable position as patients, face a seemingly impossible task to retain control over their data due to the scale, scope and complexity of systems that create, aggregate, and analyse personal health data. In response, the H-IoT must be designed to be technologically robust and scientifically reliable, while also remaining ethically responsible, trustworthy, and respectful of user rights and interests. To assist developers of the H-IoT, this paper describes nine principles and nine guidelines for ethical design of H-IoT devices and data protocols
- …