5 research outputs found

    Preserving Privacy in Cyber-physical-social systems: An Anonymity and Access Control Approach

    Get PDF
    With the significant development of mobile commerce, the integration of physical, social, and cyber worlds is increasingly common. The term Cyber Physical Social Systems is used to capture technology鈥檚 human-centric role. With the revolutionization of CPSS, privacy protections become a major concern for both customers and enterprises. Although data generalization by obfuscation and anonymity can provide protection for an individual鈥檚 privacy, overgeneralization may lead to less-valuable data. In this paper, we contrive generalization boundary techniques (k-anonymity) to maximize data usability while minimizing disclosure with a privacy access control mechanism. This paper proposes a combination of purpose-based access control models with an anonymity technique in distributed computing environments for privacy preserving policies and mechanisms that demonstrate policy conflicting problems. This combined approach will provide protections for individual personal information and make data sharable to authorized party with proper purposes. Here, we have examined data with k-anonymity to create a specific level of obfuscation that maintains the usefulness of data and used a heuristic approach to a privacy access control framework in which the privacy requirement is to satisfy the k-anonymity. The extensive experiments on both real-world and synthetic data sets show that the proposed privacy aware access control model with k- anonymity is practical and effective. It will generate an anonymized data set in accordance with the privacy clearance of a certain request and allow users access at different privacy levels, fulfilling some set of obligations and addressing privacy and utility requirements, flexible access control, and improved data availability, while guaranteeing a certain level of privacy.Ope

    Building access control policy model for Privacy Preserving and Testing Policy Conflicting Problems

    Get PDF
    This paper proposes a purpose-based access control model in distributed computing environment for privacy preserving policies and mechanisms, and describes algorithms for policy conflicting problems. The mechanism enforces access policy to data containing personally identifiable information. The key component is purpose involved access control models for expressing highly complex privacy-related policies with various features. A policy refers to an access right that a subject can have on an object, based on attribute predicates, obligation actions, and system conditions. Policy conflicting problems may arise when new access policies are generated that are possible to be conflicted to existing policies. As a result of the policy conflicts, private information cannot be well protected. The structure of purpose involved access control policy is studied, and efficient conflict-checking algorithms are developed and implemented. Finally a discussion of our work in comparison with other related work such as EPAL is presented

    Data privacy

    Get PDF
    Data privacy studies methods, tools, and theory to avoid the disclosure of sensitive information. Its origin is in statistics with the goal to ensure the confidentiality of data gathered from census and questionnaires. The topic was latter introduced in computer science and more particularly in data mining, where due to the large amount of data currently available, has attracted the interest of researchers, practitioners, and companies. In this paper we will review the main topics related to data privacy and privacy-enhancing technologies

    Contributions to privacy in web search engines

    Get PDF
    Els motors de cerca d鈥橧nternet recullen i emmagatzemen informaci贸 sobre els seus usuaris per tal d鈥檕ferir-los millors serveis. A canvi de rebre un servei personalitzat, els usuaris perden el control de les seves pr貌pies dades. Els registres de cerca poden revelar informaci贸 sensible de l鈥檜suari, o fins i tot revelar la seva identitat. En aquesta tesis tractem com limitar aquests problemes de privadesa mentre mantenim suficient informaci贸 a les dades. La primera part d鈥檃questa tesis tracta els m猫todes per prevenir la recollida d鈥檌nformaci贸 per part dels motores de cerca. Ja que aquesta informaci贸 es requerida per oferir un servei prec铆s, l鈥檕bjectiu es proporcionar registres de cerca que siguin adequats per proporcionar personalitzaci贸. Amb aquesta finalitat, proposem un protocol que empra una xarxa social per tal d鈥檕fuscar els perfils dels usuaris. La segona part tracta la disseminaci贸 de registres de cerca. Proposem t猫cniques que la permeten, proporcionant k-anonimat i minimitzant la p猫rdua d鈥檌nformaci贸.Web Search Engines collects and stores information about their users in order to tailor their services better to their users' needs. Nevertheless, while receiving a personalized attention, the users lose the control over their own data. Search logs can disclose sensitive information and the identities of the users, creating risks of privacy breaches. In this thesis we discuss the problem of limiting the disclosure risks while minimizing the information loss. The first part of this thesis focuses on the methods to prevent the gathering of information by WSEs. Since search logs are needed in order to receive an accurate service, the aim is to provide logs that are still suitable to provide personalization. We propose a protocol which uses a social network to obfuscate users' profiles. The second part deals with the dissemination of search logs. We propose microaggregation techniques which allow the publication of search logs, providing kk-anonymity while minimizing the information loss
    corecore