44,673 research outputs found
Data Minimisation in Communication Protocols: A Formal Analysis Framework and Application to Identity Management
With the growing amount of personal information exchanged over the Internet,
privacy is becoming more and more a concern for users. One of the key
principles in protecting privacy is data minimisation. This principle requires
that only the minimum amount of information necessary to accomplish a certain
goal is collected and processed. "Privacy-enhancing" communication protocols
have been proposed to guarantee data minimisation in a wide range of
applications. However, currently there is no satisfactory way to assess and
compare the privacy they offer in a precise way: existing analyses are either
too informal and high-level, or specific for one particular system. In this
work, we propose a general formal framework to analyse and compare
communication protocols with respect to privacy by data minimisation. Privacy
requirements are formalised independent of a particular protocol in terms of
the knowledge of (coalitions of) actors in a three-layer model of personal
information. These requirements are then verified automatically for particular
protocols by computing this knowledge from a description of their
communication. We validate our framework in an identity management (IdM) case
study. As IdM systems are used more and more to satisfy the increasing need for
reliable on-line identification and authentication, privacy is becoming an
increasingly critical issue. We use our framework to analyse and compare four
identity management systems. Finally, we discuss the completeness and
(re)usability of the proposed framework
System upgrade: realising the vision for UK education
A report summarising the findings of the TEL programme in the wider context of technology-enhanced learning and offering recommendations for future strategy in the area was launched on 13th June at the House of Lords to a group of policymakers, technologists and practitioners chaired by Lord Knight.
The report – a major outcome of the programme – is written by TEL director Professor Richard Noss and a team of experts in various fields of technology-enhanced learning. The report features the programme’s 12 recommendations for using technology-enhanced learning to upgrade UK education
Citizenship education in England 2001-2010 : young people's practices and prospects for the future : the eighth and final report from the Citizenship Education Longitudinal Study (CELS)
On the one hand, there has been a marked and steady increase in young people’s civic and political participation and indications that these young people will continue to participate as adult citizens. In contrast, there has been a hardening of attitudes toward equality and society, a weakening of attachment to communities and fluctuating levels of engagement, efficacy and trust in the political arena. The factors that shape young people’s citizenship outcomes include age and life-stage, background factors, prior citizenship outcomes, as well as levels of ‘received’ citizenship education
Up-to-date Threat Modelling for Soft Privacy on Smart Cars
Physical persons playing the role of car drivers consume data that is sourced
from the Internet and, at the same time, themselves act as sources of relevant
data. It follows that citizens' privacy is potentially at risk while they
drive, hence the need to model privacy threats in this application domain. This
paper addresses the privacy threats by updating a recent threat-modelling
methodology and by tailoring it specifically to the soft privacy target
property, which ensures citizens' full control on their personal data. The
methodology now features the sources of documentation as an explicit variable
that is to be considered. It is demonstrated by including a new version of the
de-facto standard LINDDUN methodology as well as an additional source by ENISA
which is found to be relevant to soft privacy. The main findings are a set of
23 domain-independent threats, 43 domain-specific assets and 525
domain-dependent threats for the target property in the automotive domain.
While these exceed their previous versions, their main value is to offer
self-evident support to at least two arguments. One is that LINDDUN has evolved
much the way our original methodology already advocated because a few of our
previously suggested extensions are no longer outstanding. The other one is
that ENISA's treatment of privacy aboard smart cars should be extended
considerably because our 525 threats fall in the same scope.Comment: Accepted in 7th International Workshop on SECurity and Privacy
Requirements Engineering (SECPRE 2023). arXiv admin note: substantial text
overlap with arXiv:2306.0422
Balancing Access to Data And Privacy. A review of the issues and approaches for the future
Access to sensitive micro data should be provided using remote access data enclaves. These enclaves should be built to facilitate the productive, high-quality usage of microdata. In other words, they should support a collaborative environment that facilitates the development and exchange of knowledge about data among data producers and consumers. The experience of the physical and life sciences has shown that it is possible to develop a research community and a knowledge infrastructure around both research questions and the different types of data necessary to answer policy questions. In sum, establishing a virtual organization approach would provided the research community with the ability to move away from individual, or artisan, science, towards the more generally accepted community based approach. Enclave should include a number of features: metadata documentation capacity so that knowledge about data can be shared; capacity to add data so that the data infrastructure can be augmented; communication capacity, such as wikis, blogs and discussion groups so that knowledge about the data can be deepened and incentives for information sharing so that a community of practice can be built. The opportunity to transform micro-data based research through such a organizational infrastructure could potentially be as far-reaching as the changes that have taken place in the biological and astronomical sciences. It is, however, an open research question how such an organization should be established: whether the approach should be centralized or decentralized. Similarly, it is an open research question as to the appropriate metrics of success, and the best incentives to put in place to achieve success.Methodology for Collecting, Estimating, Organizing Microeconomic Data
Recommended from our members
"The dearest of our possessions": applying Floridi's information privacy concept in models of information behavior and information literacy
This conceptual paper argues for the value of an approach to privacy in the digital information environment informed by Luciano Floridi's philosophy of information and information ethics. This approach involves achieving informational privacy, through the features of anonymity and obscurity, through an optimal balance of ontological frictions. This approach may be used to modify models for information behavior and for information literacy, giving them a fuller and more effective coverage of privacy issues in the infosphere. For information behavior, the Information Seeking and Communication Model, and the Information Grounds conception, are most appropriate for this purpose. For information literacy, the metaliteracy model, using a modification a privacy literacy framework, is most suitable
- …