The role of Signal Processing in Meeting Privacy Challenges [an overview]

International audienceWith the increasing growth and sophistication of information technology, personal information is easily accessible electronically. This flood of released personal data raises important privacy concerns. However, electronic data sources exist to be used and have tremendous value (utility) to their users and collectors, leading to a tension between privacy and utility. This article aims to quantify that tension by means of an information-theoretic framework and motivate signal processing approaches to privacy problems. The framework is applied to a number of case studies to illustrate concretely how signal processing can be harnessed to provide data privacy

Using Quantitative Methods as Support for Audit of the Distributed Informatics Systems

This paper highlights some issues regarding how an indicators system must be developed and used in an audit process. Distributed systems are presented from de points of view of their main properties, architectures, applications, software quality characteristics and the scope of audit process in such systems. The audit process is defined in accordance to standard ISO 19011 and the main characteristics of this process are highlighted. Before using quantitative methods in audit processes, the framework in which the indicators are built must be defined. There are presented types of indicators used in audit process and classes of measurement scale. An audit process is carried out on different levels and support indicators must be in accordance to audit object. The paper presents some requirements of the indicators depending on the level of audit.Quantitative Methods, Audit Process, Distributed Informatics System

Enabling Privacy in a Distributed Game-Theoretical Scheduling System for Domestic Appliances

Demand side management (DSM) makes it possible to adjust the load experienced by the power grid while reducing the consumers' bill. Game-theoretic DSM is an appealing decentralized approach for collaboratively scheduling the usage of domestic electrical appliances within a set of households while meeting the users' preferences about the usage time. The drawback of distributed DSM protocols is that they require each user to communicate his/her own energy consumption patterns, which may leak sensitive information regarding private habits. This paper proposes a distributed privacy-friendly DSM system that preserves users' privacy by integrating data aggregation and perturbation techniques: users decide their schedule according to aggregated consumption measurements perturbed by means of additive white Gaussian noise. We evaluate the noise power and the number of users required to achieve a given privacy level, quantified by means of the increase of the information entropy of the aggregated energy consumption pattern. The performance of our proposed DSM system is compared to the one of a benchmark system that does not support privacy preservation in terms of total bill, peak demand, and convergence time. Results show that privacy can be improved at the cost of increasing the peak demand and the number of game iterations, whereas the total bill is only marginally incremented

Integrating Systems and Economic Models for Security Investments in the Presence of Dynamic Stochastic Shocks

Organizations deploy a number of security measures with differing intensities to protect their company’s information assets. These assets are found in various location within a company, with differing levels of security applied to them. Such measures protect the different aspects of the organization’s information systems, which are typically separated into three different attributes; confidentiality, integrity, and availability. We start by defining a system in terms of its locations, resources and processes to use as an underlying framework for our security model. We then systematically define the time evolution of all the three attributes when subjected to shocks aiming at degrading the system’s capacity. We shock each of the attributes of the system and trace the adjustment of the attributes and policy responses; we undertake this exercise for different types of organizations: a military weapons system operator, a financial firm or bank, a retail organization, and a medical research organization, producing their impulse-response functions to quantify their responses and speed of adjustment. This economic model is validated through various means, including Monte Carlo simulations. We find that organizations, although they react in similar ways to shocks to their attributes over time, and are able quickly to get back to their pre-shock states over time, differ in the intensity of their policy responses which differ depending upon the character of the organization