Evaluación del rendimiento de una solución de cupones electrónicos para dispositivos móviles

El comercio electrónico móvil (m-commerce) representa ya una importante área de negocio con grandes oportunidades para consumidores y comerciantes. Sin embargo, todavía existen escenarios que requieren mejoras en cuanto a eficiencia, como son los cupones electrónicos. La eficiencia y el rendimiento de estas soluciones suele medirse únicamente considerando el coste de las operaciones criptográficas o realizando pruebas de laboratorio en entornos limitados, muchas veces una única máquina para ejecutar todo el escenario de pruebas (incluyendo consumidores y comerciantes). En este artículo presentamos un análisis del rendimiento de una solución de cupones electrónicos, mediante la cual comprobamos que no es suficiente analizar únicamente la carga debido a las operaciones criptográficas, sino que también deben considerarse otros factores, como el efecto de la red.Este trabajo ha sido parcialmente financiado por el Ministerio de Educación y Ciencia bajo el proyecto CONSOLIDERARES (CSD2007-00004)

Anonymous Single-Sign-On for n designated services with traceability

Anonymous Single-Sign-On authentication schemes have been proposed to allow users to access a service protected by a verifier without revealing their identity which has become more important due to the introduction of strong privacy regulations. In this paper we describe a new approach whereby anonymous authentication to different verifiers is achieved via authorisation tags and pseudonyms. The particular innovation of our scheme is authentication can only occur between a user and its designated verifier for a service, and the verification cannot be performed by any other verifier. The benefit of this authentication approach is that it prevents information leakage of a user's service access information, even if the verifiers for these services collude which each other. Our scheme also supports a trusted third party who is authorised to de-anonymise the user and reveal her whole services access information if required. Furthermore, our scheme is lightweight because it does not rely on attribute or policy-based signature schemes to enable access to multiple services. The scheme's security model is given together with a security proof, an implementation and a performance evaluation.Comment: 3

Privacy-preserving remote user authentication with K-times untraceability

National Research Foundation (NRF) Singapor

Responsible Environmental Behavior, Energy Conservation, and Compact Fluorescent Bulbs: You Can Lead a Horse to Water, But Can You Make It Drink?

Despite professing to care about the environment and supporting environmental causes, individuals behave in environmentally irresponsible ways like driving when they can take public transportation, littering, or disposing of toxic materials in unsound ways. This is the author\u27s fourth exploration of how to encourage individuals to stop behaving irresponsibly about the environment they allege to care deeply about. The prior three articles all explored how the norm of environmental protection could be enlisted in this effort; this article applies those theoretical conclusions to the very practical task of getting people to switch the type of light bulb they use. To accomplish this, the article synthesizes the previous articles into an assumption about the critical role of norms in changing personal behavior and tests that assumption by exploring how to make individuals more responsible consumers of electricity and adhere to the concrete norm of energy conservation by swapping out their incandescent light bulbs for compact fluorescent lights (“CFLs”). The agreed upon goal behind energy conservation is to reduce the country’s reliance on fossil fuel-based energy production, thus reducing the emission of harmful airborne pollutants and greenhouse gases as well as the related environmental harms associated with coal production. One way to reduce residential energy consumption is to persuade individuals to switch to CFLs. Up to ninety percent of energy produced by incandescent bulbs is lost as heat; switching to CFLs is one way to prevent this energy loss

POPE: Partial Order Preserving Encoding

Recently there has been much interest in performing search queries over encrypted data to enable functionality while protecting sensitive data. One particularly efficient mechanism for executing such queries is order-preserving encryption/encoding (OPE) which results in ciphertexts that preserve the relative order of the underlying plaintexts thus allowing range and comparison queries to be performed directly on ciphertexts. In this paper, we propose an alternative approach to range queries over encrypted data that is optimized to support insert-heavy workloads as are common in "big data" applications while still maintaining search functionality and achieving stronger security. Specifically, we propose a new primitive called partial order preserving encoding (POPE) that achieves ideal OPE security with frequency hiding and also leaves a sizable fraction of the data pairwise incomparable. Using only O(1) persistent and $O(n^\epsilon)$ non-persistent client storage for $0<\epsilon<1$, our POPE scheme provides extremely fast batch insertion consisting of a single round, and efficient search with O(1) amortized cost for up to $O(n^{1-\epsilon})$ search queries. This improved security and performance makes our scheme better suited for today's insert-heavy databases.Comment: Appears in ACM CCS 2016 Proceeding

Privacy, justice and equality : The history of privacy legislation and its significance for civil society

The paper examines the relation between the realms of privacy and civil society by analyzing the recent history of privacy legislation in general and the developments in Switzerland since the 1970s in particular. It argues that the conceptual distinction between the spheres of privacy, civil society and the state should not entice to ignore the interactions and interdependencies between these spheres. Instead, the protection of privacy should be understood as a precondition for social justice and equality and thus as fundamental for the development of a civil society. The first part of the paper deals with definitions for the relation between the private and the public, juxtaposing two contradicting definitions prevalent in the literature. The second part resumes the different stages of legislation in data protection since the 1970s, mainly in the European context, pointing out how the legal concept of privacy has been redefined over the past decades, from an individualistic to a social concept. The third part examines the recent privacy legislation in Switzerland and shows that the protection of privacy, for which the institutions of the government played an important role, sums up to the protection of basic civil rights, as the protection from unjust discrimination. The conclusion discusses the implications of the case study for understanding the relation between the realms of privacy, civil society and the state.Der Beitrag untersucht die Beziehung zwischen Privatsphäre und Zivilgesellschaft in historischer Perspektive. Als Fallbeispiele dienen die neuere Geschichte der Datenschutzgesetzgebung im Allgemeinen und die Entwicklung in der Schweiz seit den 1970er Jahren im Besonderen. Die Argumentation vertritt einen interaktionistischen Ansatz. Die begriffliche Unterscheidung zwischen den Bereichen Privatsphäre, Zivilgesellschaft und Staat soll nicht dazu verleiten, die Interaktionen und Interdependenzen zwischen diesen Sektoren zu übersehen. Der Schutz der Privatsphäre soll vielmehr als Voraussetzung für soziale Gerechtigkeit und Gleichheit und damit als grundlegend für die Entwicklung der Zivilgesellschaft verstanden werden. Der erste Teil des Beitrags diskutiert unterschiedliche Definitionen für die Beziehung zwischen Privatsphäre und Öffentlichkeit und stellt zwei widersprüchliche Definitionsversuche der neueren Literatur gegenüber. Im zweiten Teil werden die verschiedenen Stufen der Datenschutzgesetzgebung seit den 1970er Jahren, im europäischen Rahmen, zusammengefasst. Es wird gezeigt, wie der rechtliche Begriff der Privatsphäre in den letzten Jahrzehnten von einem individualistischen zu einem sozialen Konzept umdefiniert und erweitert wurde. Der dritte Teil untersucht die neueren Datenschutzgesetze in der Schweiz und zeigt, dass der Schutz der Privatsphäre in der politischen Diskussion auch als Garantie bürgerlicher Rechte und als Schutz vor ungerechter Diskriminierung verstanden wurde. In der Konklusion werden schließlich die Folgerungen diskutiert, die aus der Fallstudie für das Verständnis der Beziehung zwischen Zivilgesellschaft, Privatsphäre und Staat zu ziehen sind

App Permissions and the Third-Party Doctrine

Apple’s trademarked catchphrase “there’s an app for that”1 suggests that every app on a modern digital device is perfectly tailored to provide a specific, necessary convenience. Whether the user wants to check the weather, get updates on her favorite baseball team, find a coupon for her next purchase, or track her fitness and activity levels, she can use an app to fill gaps in her life that she may not have known existed. What the user might also not know, however, is that “permissions” either she or the phone’s operating system have granted to the app allow it to access functions and information on her device entirely unrelated to the app’s apparently straightforward purpose. The app’s developers might then package and sell information collected through those permissions to commercial partners,2 or, as this Article considers, divulge it to government investigators. In the spirit of Professor Tokson’s effort to consider the next wave of Fourth Amendment cases likely to reach the Supreme Court,3 this essay addresses a looming technological challenge to the Court’s third-party doctrine: the permissions that app developers obtain on our digital devices. Such permissions—which are either granted by the user upon installation of the app or permitted by the operating system without any user input—entitle app developers to access and send data from the device, such as the user’s location services, motion sensors, contacts, calendars, social media accounts, camera, or microphone. Carpenter contracted the third-party doctrine when government investigators collect location information emitted by a citizen’s cell phone to connect with towers in the nearby area.5 This Article considers what that decision portends for information government investigators might collect from a citizen’s cell phone and the apps that make it both enormously convenient and potentially intrusive upon personal privacy. This Article proceeds in three Parts. Part I quickly summarizes the history and limits of the third-party doctrine following Carpenter. Part II then provides a technical explanation of apps and the permissions they obtain from users, including the scope of those permissions and their often tenuous relationship to the app’s purpose. Part III suggests how courts should apply the third-party doctrine to data that app developers collect through wide-ranging permissions, which government investigators later obtain without a warrant

Privacy, justice and equality: the history of privacy legislation and its significance for civil society

"The paper examines the relation between the realms of privacy and civil society by analyzing the recent history of privacy legislation in general and the developments in Switzerland since the 1970s in particular. It argues that the conceptual distinction between the spheres of privacy, civil society and the state should not entice to ignore the interactions and interdependencies between these spheres. Instead, the protection of privacy should be understood as a precondition for social justice and equality and thus as fundamental for the development of a civil society. The first part of the paper deals with definitions for the relation between the private and the public, juxtaposing two contradicting definitions prevalent in the literature. The second part resumes the different stages of legislation in data protection since the 1970s, mainly in the European context, pointing out how the legal concept of privacy has been redefined over the past decades, from an individualistic to a social concept. The third part examines the recent privacy legislation in Switzerland and shows that the protection of privacy, for which the institutions of the government played an important role, sums up to the protection of basic civil rights, as the protection from unjust discrimination. The conclusion discusses the implications of the case study for understanding the relation between the realms of privacy, civil society and the state." (author's abstract)"Der Beitrag untersucht die Beziehung zwischen Privatsphäre und Zivilgesellschaft in historischer Perspektive. Als Fallbeispiele dienen die neuere Geschichte der Datenschutzgesetzgebung im Allgemeinen und die Entwicklung in der Schweiz seit den 1970er Jahren im Besonderen. Die Argumentation vertritt einen interaktionistischen Ansatz. Die begriffliche Unterscheidung zwischen den Bereichen Privatsphäre, Zivilgesellschaft und Staat soll nicht dazu verleiten, die Interaktionen und Interdependenzen zwischen diesen Sektoren zu übersehen. Der Schutz der Privatsphäre soll vielmehr als Voraussetzung für soziale Gerechtigkeit und Gleichheit und damit als grundlegend für die Entwicklung der Zivilgesellschaft verstanden werden. Der erste Teil des Beitrags diskutiert unterschiedliche Definitionen für die Beziehung zwischen Privatsphäre und Öffentlichkeit und stellt zwei widersprüchliche Definitionsversuche der neueren Literatur gegenüber. Im zweiten Teil werden die verschiedenen Stufen der Datenschutzgesetzgebung seit den 1970er Jahren, im europäischen Rahmen, zusammengefasst. Es wird gezeigt, wie der rechtliche Begriff der Privatsphäre in den letzten Jahrzehnten von einem individualistischen zu einem sozialen Konzept umdefiniert und erweitert wurde. Der dritte Teil untersucht die neueren Datenschutzgesetze in der Schweiz und zeigt, dass der Schutz der Privatsphäre in der politischen Diskussion auch als Garantie bürgerlicher Rechte und als Schutz vor ungerechter Diskriminierung verstanden wurde. In der Konklusion werden schließlich die Folgerungen diskutiert, die aus der Fallstudie für das Verständnis der Beziehung zwischen Zivilgesellschaft, Privatsphäre und Staat zu ziehen sind." (Autorenreferat

TB STIGMA – MEASUREMENT GUIDANCE

TB is the most deadly infectious disease in the world, and stigma continues to play a significant role in worsening the epidemic. Stigma and discrimination not only stop people from seeking care but also make it more difficult for those on treatment to continue, both of which make the disease more difficult to treat in the long-term and mean those infected are more likely to transmit the disease to those around them. TB Stigma – Measurement Guidance is a manual to help generate enough information about stigma issues to design and monitor and evaluate efforts to reduce TB stigma. It can help in planning TB stigma baseline measurements and monitoring trends to capture the outcomes of TB stigma reduction efforts. This manual is designed for health workers, professional or management staff, people who advocate for those with TB, and all who need to understand and respond to TB stigma