Bottom up approach to manage data privacy policy through the front end filter paradigm

An increasing number of business services for private companies and citizens are accomplished trough the web and mobile devices. Such a scenario is characterized by high dynamism and untrustworthiness, as a large number of applications exchange different kinds of data. This poses an urgent need for effective means in preserving data privacy. This paper proposes an approach, inspired to the front-end trust filter paradigm, to manage data privacy in a very flexible way. Preliminary experimentation suggests that the solution could be a promising path to follow for web-based transactions which will be very widespread in the next future

Complying with Data Handling Requirements in Cloud Storage Systems

In past years, cloud storage systems saw an enormous rise in usage. However, despite their popularity and importance as underlying infrastructure for more complex cloud services, today's cloud storage systems do not account for compliance with regulatory, organizational, or contractual data handling requirements by design. Since legislation increasingly responds to rising data protection and privacy concerns, complying with data handling requirements becomes a crucial property for cloud storage systems. We present PRADA, a practical approach to account for compliance with data handling requirements in key-value based cloud storage systems. To achieve this goal, PRADA introduces a transparent data handling layer, which empowers clients to request specific data handling requirements and enables operators of cloud storage systems to comply with them. We implement PRADA on top of the distributed database Cassandra and show in our evaluation that complying with data handling requirements in cloud storage systems is practical in real-world cloud deployments as used for microblogging, data sharing in the Internet of Things, and distributed email storage.Comment: 14 pages, 11 figures; revised manuscript, accepted for publication in IEEE Transactions on Cloud Computin

An Examination of Online Learning Security Requirements Within a Virtual Learning Environment of an Irish University

As the adoption of e-learning and need for lifelong learning increases, it is vital the administrator of a virtual learning environment continually ensures reliable and secure data. This case study engaged in the initial steps of analyzing the use and security needs of a virtual learning service within a university of Ireland. The university provided two virtual learning services which were comparatively analyzed, from a security and data protection perspective. In addition, survey results obtained from the university user community for one of the e-learning services were examined. Findings from the study were presented as user security requirements and recommendations, when planning future security initiatives of the e-learning services within the university

Quantifying Performance Costs of Database Fine-Grained Access Control

Fine-grained access control is a conceptual approach to addressing database security requirements. In relational database management systems, fine-grained access control refers to access restrictions enforced at the row, column, or cell level. While a number of commercial implementations of database fine-grained access control are available, there are presently no generalized approaches to implementing fine-grained access control for relational database management systems. Fine-grained access control is potentially a good solution for database professionals and system architects charged with designing database applications that implement granular security or privacy protection features. However, in the oral tradition of the database community, fine-grained access control is spoken of as imposing significant performance penalties, and is therefore best avoided. Regardless, there are current and emerging social, legal, and economic forces that mandate the need for efficient fine-grained access control in relational database management systems. In the study undertaken, the author was able to quantify the performance costs associated with four common implementations of fine-grained access control for relational database management systems. Security benchmarking was employed as the methodology to quantify performance costs. Synthetic data from the TPC-W benchmark as well as representative data from a real-world application were utilized in the benchmarking process. A simple graph-base performance model for Fine-grained Access Control Evaluation (FACE) was developed from benchmark data collected during the study. The FACE model is intended for use in predicting throughput and response times for relational database management systems that implement fine-grained access control using one of the common fine-grained access control mechanisms - authorization views, the Hippocratic Database, label-based access control, and transparent query rewrite. The author also addresses the issue of scalability for fine-grained access control mechanisms that were evaluated in the study

Emergent Medical Data: Health Information Inferred by Artificial Intelligence

Artificial intelligence (AI) can infer health data from people’s behavior even when their behavior has no apparent connection to their health. AI can monitor one’s location to track the spread of infectious disease, scrutinize retail purchases to identify pregnant customers, and analyze social media to predict who might attempt suicide. These feats are possible because, in modern societies, people continuously interact with internet-enabled software and devices. Smartphones, wearables, and online platforms monitor people’s actions and produce digital traces, the electronic remnants of their behavior. In their raw form, digital traces might not be very interesting or useful; one’s location, retail purchases, and internet browsing habits are relatively mundane data points. However, AI can enhance the value of digital traces by transforming them into something more useful—emergent medical data (EMD). EMD is health information inferred by artificial intelligence from otherwise trivial digital traces. This Article describes how EMD-based profiling is increasingly promoted as a solution to public health crises such as the COVID-19 pandemic, gun violence, and the opioid crisis. However, there is little evidence to show that EMD-based profiling works. Even worse, it can cause significant harm, and current privacy and data protection laws contain loopholes that allow public and private entities to mine EMD without people’s knowledge or consent. After describing the risks and benefits of EMD mining and profiling, the Article proposes six different ways of conceptualizing these practices. It concludes with preliminary recommendations for effective regulation. Potential options include banning or restricting the collection of digital traces, regulating EMD mining algorithms, and restricting how EMD can be used once it is produced

Privacy in Cooperative Distributed Systems: Modeling and Protection Framework

A new form of computation is emerging rapidly with cloud computing, mobile computing, wearable computing and the Internet-of-Things. All can be characterized as a class of “Cooperative Distributed Systems” (CDS) in open environment. A major driver of the growth is the exponential adoption by people and organizations within all aspects of their day-to-day matters. In this context, users’ requirements for privacy protection are becoming essential and complex beyond the traditional approaches. This requires a formal treatment of “privacy” as a fundamental computation concept in CDS paradigm. The objective is to develop a comprehensive formal model for “privacy” as base to build a CDS based framework and platform in which various applications allow users to enjoy the comprehensive services in open environments while protecting their privacy seamlessly. To this end, this thesis presents a novel way of understudying, modeling and analyzing privacy concerns in CDS. A formal foundations and model of privacy is developed within the context of information management. This served as a base for developing a privacy protection management framework for CDS. It includes a privacy-aware agent model for CDS platform with the ability to support interaction-based privacy protection. The feasibility of the proposed models has been demonstrated by developing an agent-based CDS platform using JIAC framework and a privacy-based Contract Net Protocol. It also included the application scenarios for the framework for privacy protection is Internet-of-Tings, cloud-based resource scheduling and personal assistance

FinBook: literary content as digital commodity

This short essay explains the significance of the FinBook intervention, and invites the reader to participate. We have associated each chapter within this book with a financial robot (FinBot), and created a market whereby book content will be traded with financial securities. As human labour increasingly consists of unstable and uncertain work practices and as algorithms replace people on the virtual trading floors of the worlds markets, we see members of society taking advantage of FinBots to invest and make extra funds. Bots of all kinds are making financial decisions for us, searching online on our behalf to help us invest, to consume products and services. Our contribution to this compilation is to turn the collection of chapters in this book into a dynamic investment portfolio, and thereby play out what might happen to the process of buying and consuming literature in the not-so-distant future. By attaching identities (through QR codes) to each chapter, we create a market in which the chapter can ‘perform’. Our FinBots will trade based on features extracted from the authors’ words in this book: the political, ethical and cultural values embedded in the work, and the extent to which the FinBots share authors’ concerns; and the performance of chapters amongst those human and non-human actors that make up the market, and readership. In short, the FinBook model turns our work and the work of our co-authors into an investment portfolio, mediated by the market and the attention of readers. By creating a digital economy specifically around the content of online texts, our chapter and the FinBook platform aims to challenge the reader to consider how their personal values align them with individual articles, and how these become contested as they perform different value judgements about the financial performance of each chapter and the book as a whole. At the same time, by introducing ‘autonomous’ trading bots, we also explore the different ‘network’ affordances that differ between paper based books that’s scarcity is developed through analogue form, and digital forms of books whose uniqueness is reached through encryption. We thereby speak to wider questions about the conditions of an aggressive market in which algorithms subject cultural and intellectual items – books – to economic parameters, and the increasing ubiquity of data bots as actors in our social, political, economic and cultural lives. We understand that our marketization of literature may be an uncomfortable juxtaposition against the conventionally-imagined way a book is created, enjoyed and shared: it is intended to be

BALANCING PRIVACY, PRECISION AND PERFORMANCE IN DISTRIBUTED SYSTEMS

Privacy, Precision, and Performance (3Ps) are three fundamental design objectives in distributed systems. However, these properties tend to compete with one another and are not considered absolute properties or functions. They must be defined and justified in terms of a system, its resources, stakeholder concerns, and the security threat model. To date, distributed systems research has only considered the trade-offs of balancing privacy, precision, and performance in a pairwise fashion. However, this dissertation formally explores the space of trade-offs among all 3Ps by examining three representative classes of distributed systems, namely Wireless Sensor Networks (WSNs), cloud systems, and Data Stream Management Systems (DSMSs). These representative systems support large part of the modern and mission-critical distributed systems. WSNs are real-time systems characterized by unreliable network interconnections and highly constrained computational and power resources. The dissertation proposes a privacy-preserving in-network aggregation protocol for WSNs demonstrating that the 3Ps could be navigated by adopting the appropriate algorithms and cryptographic techniques that are not prohibitively expensive. Next, the dissertation highlights the privacy and precision issues that arise in cloud databases due to the eventual consistency models of the cloud. To address these issues, consistency enforcement techniques across cloud servers are proposed and the trade-offs between 3Ps are discussed to help guide cloud database users on how to balance these properties. Lastly, the 3Ps properties are examined in DSMSs which are characterized by high volumes of unbounded input data streams and strict real-time processing constraints. Within this system, the 3Ps are balanced through a proposed simple and efficient technique that applies access control policies over shared operator networks to achieve privacy and precision without sacrificing the systems performance. Despite that in this dissertation, it was shown that, with the right set of protocols and algorithms, the desirable 3P properties can co-exist in a balanced way in well-established distributed systems, this dissertation is promoting the use of the new 3Ps-by-design concept. This concept is meant to encourage distributed systems designers to proactively consider the interplay among the 3Ps from the initial stages of the systems design lifecycle rather than identifying them as add-on properties to systems

Wrongful Living

Executing an advance directive that specifies a patient\u27s wishes regarding end-of-life medical care is an exercise of self-determination--a conscious choice about the degree and type of medical intervention one wishes to receive under end-of-life circumstances. Empirical studies, however, consistently report that healthcare professionals fail to comply with advance directives; violations of a patient\u27s interest in self-determination are alarmingly common. From a practical perspective, the conduct of either patients or healthcare professionals may make an advance directive unavailable, which results in noncompliance. Legally, courts have historically rejected claims for “wrongful living” associated with the prolongation of life that results from unwanted medical intervention. As a result, healthcare professionals fear the liability threatened by a wrongful death claim more than the legal exposure risked by keeping an individual alive despite a contrary mandate in an advance directive. In response to practical concerns regarding availability, this Article proposes the creation of a nationwide registry of advance directives and argues that sanctions for violations of professional responsibility as well as the risk of liability for legal malpractice encourage utilization of the proposed registry. To realign the skewed legal incentives, this Article argues that the compensable harms associated with battery and negligence claims filed in lieu of “wrongful living” claims should include the loss of enjoyment of life. Because damages for loss of enjoyment of life are rarely mentioned by courts or scholars in the context of violating advance directives, this Article describes loss of enjoyment of life damages and argues that such damages should be compensable in the same manner that tort law compensates for similar injuries that lack an objective market value. In combination, the practical and legal proposals incentivize compliance with an advance directive and thereby expand the protection afforded a patient\u27s interest in self-determination