A systematic overview on methods to protect sensitive data provided for various analyses

In view of the various methodological developments regarding the protection of sensitive data, especially with respect to privacy-preserving computation and federated learning, a conceptual categorization and comparison between various methods stemming from different fields is often desired. More concretely, it is important to provide guidance for the practice, which lacks an overview over suitable approaches for certain scenarios, whether it is differential privacy for interactive queries, k-anonymity methods and synthetic data generation for data publishing, or secure federated analysis for multiparty computation without sharing the data itself. Here, we provide an overview based on central criteria describing a context for privacy-preserving data handling, which allows informed decisions in view of the many alternatives. Besides guiding the practice, this categorization of concepts and methods is destined as a step towards a comprehensive ontology for anonymization. We emphasize throughout the paper that there is no panacea and that context matters

East–West Perspectives on Privacy, Ethical Pluralism and Global Information Ethics

Information and Communication Technologies (ICTs) are both primary drivers and facilitating technologies of globalization—and thereby, of exponentially expanding possibilities of cross-cultural encounters. Currently, over one billion persons throughout the planet have access to the Web: of these, Asian users constitute 35.8% of the Web population, while Europeans make up 28.3 % of world users—and North Americans only 20.9% (Internet World Stats, 2007). Our histories teach us all too well that such encounters—especially concerning potentially global ethical norms—always run the risk of devolving into more destructive rather than emancipatory events. Speci?cally, these encounters risk pulling us into one of two contradictory positions. First of all, naïve ethnocentrisms too easily issue in imperialisms that remake “the Other” in one’s own image—precisely by eliminating the irreducible differences in norms and practices that de?ne distinctive cultures. Second, these imperialisms thereby inspire a relativistic turn to the sheerly local—precisely for the sake of preserving local identities and cultures. Hence the general problem: how we might foster a cross-cultural communication for a global ICE that steers between the two Manichean polarities of ethnocentric imperialism and fragmenting relativism

Privacy-Preserving Reengineering of Model-View-Controller Application Architectures Using Linked Data

When a legacy system’s software architecture cannot be redesigned, implementing additional privacy requirements is often complex, unreliable and costly to maintain. This paper presents a privacy-by-design approach to reengineer web applications as linked data-enabled and implement access control and privacy preservation properties. The method is based on the knowledge of the application architecture, which for the Web of data is commonly designed on the basis of a model-view-controller pattern. Whereas wrapping techniques commonly used to link data of web applications duplicate the security source code, the new approach allows for the controlled disclosure of an application’s data, while preserving non-functional properties such as privacy preservation. The solution has been implemented and compared with existing linked data frameworks in terms of reliability, maintainability and complexity

Secure data sharing and processing in heterogeneous clouds

The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors