Systematic privacy impact assessment scheme for smart connected toys data privacy compliance

Children\u27s privacy compliance assessment in the area of smart connected toy (SCT) or play robot is a challenge, considering the plethora of device manufacturers using varied controls in an attempt to address diverse global children\u27s privacy regulations. Systematic privacy impact assessment scheme (SPIAS) is an abstract model developed to assess children\u27s SCT privacy compliance to known global child-centered legislation such as the Children\u27s Online Privacy Protection Act (COPPA). SPIAS addresses this issue by integrating global survey and analysis of existing children\u27s privacy legislation, and evaluating privacy theories to provide means of classifying data processed by SCT into set states using a finite state machine (FSM). SPIAS, as a tool to, can be adapted assess and address privacy risks and compliance arising from a new SCT or the convergence of existing SCT that collects, processes, and transfers children information

"Nothing about us, without us":an investigation into the justification for Indigenous peoples to be involved in every step of Indigenous digital product design

This paper focuses on the experiences of built coalitions between the authors, students and the Indigenous peoples involved in a study of digital design. Ontario Tech University has been working with the Indigenous communities of the First Nations in Ontario, Canada. The report begins with a brief overview of the issues faced by the Indigenous communities in Canada. For example, retaining their traditional language, knowledge, and culture on their traditional lands. The paper then outlines the study's design and methods to understand how technology may help the Indigenous community address these issues. To do this, the authors set up a course project for 21 graduate students in Computer Science at Ontario Tech University in Winter 2021. The students were formed into nine groups. Each group was assigned the design and development an interactive design product prototype that would address some of the Indigenous community’s social issues considering user experience and co-design from the outset. Lastly, the report shares the findings of the study and discusses the success of ‘Nothing about us, without us’ and how the prototypes may ameliorate the issues faced by the Indigenous peoples. The takeaway that we aim for is an understanding that no matter how honourable it may seem to create something on their behalf, it is essential to involve the primary culture/language speakers. We also intend to create a model for this mutual collaboration which then can be pursued to enable mutually respectful relationships. Following the old adage, “give a man an app, and he will use it for one day, teach a man to design an app and he will share it with the world.

A comparative assessment of human factors in cybersecurity: Implications for cyber governance

This paper provides an extensive overview of cybersecurity awareness in the young, educated, and technology-savvy population of the United Arab Emirates (UAE), compared to the United States of America (USA) for advancing the scholarship and practice of global cyber governance. We conducted comparative empirical studies to identify differences in specific human factors that affect cybersecurity behaviour in the UAE and the USA. In addition, we employed several control variables to observe reliable results. We used Hofstede’s theoretical framework on culture to advance our investigation. The results show that the targeted population in the UAE exhibits contrasting interpretations of cybersecurity awareness of critical human factors as compared to their counterparts from the USA. We identify possible explanations for this relatively different behaviour in the UAE population. Our key contributions are to provide valuable information for cybersecurity policymakers in the UAE and Gulf Cooperation Council (GCC) region to further enhance cyber safety, governance, awareness, and trust among citizens

Towards a music visualization on robot (MVR) prototype

© 2018 IEEE. This paper presents a Music Visualization on Robot (MVR) prototype system which automatically links the flashlight, color and emotion of a robot through music. The MVR system is divided into three portions. Firstly, the system calculates the waiting time for a flashlight by beat tracking. Secondly, the system calculates the emotion correlated with music mood. Thirdly, the system links the color with emotion. To illustrate the prototype on a robot, the prototype implementation is based on a programmable robot called Zenbo because Zenbo has 8 LED light colors on 2 wheels and 24 face emotions to support various compositions

Forensic investigation of Google Meet for memory and browser artifacts

Web applications have experienced a widespread adaptation owing to the agile Service Oriented Architecture (SOA) reflecting the ever-changing software needs of users. Google Meet is one of the top video conferencing applications, especially in the post-COVID19 era. Security and privacy concerns are therefore critical. This paper presents an extensive digital forensic analysis of Google Meet running on multiple browsers and software platforms including Google Chrome, Mozilla Firefox, and Microsoft Edge browsers in Windows 10 and Linux. Artifacts, traces of potential evidence, are extracted from different locations on a client\u27s desktop, including the memory and browser. These include meeting records, communication records, email addresses, profile pictures, history, downloads, bookmarks, cache, cookies, etc. We explore how different Random Access Memory (RAM) sizes of client devices impact the persistence and format of extracted memory artifacts. A memory artifact extraction tool is developed to automate the extraction of artifacts identified via unstructured string analysis. Google Meet forensic artifacts are critical in that they are potential digital evidence in relevant criminal investigations. Additionally, they highlight that user data can be extracted despite implementing multiple privacy and security mechanisms

A glance at research-driven university\u27s technology transfer office in the UAE

© 2018 Inderscience Enterprises Ltd. Technology transfer offices (TTOs) in research-driven universities serve as an intermediary between suppliers of innovations and those who can potentially commercialise them. In the United Arab Emirates (UAE), TTOs are expected to take an important role in the evolution of successful spin-off companies from innovation to production to sales to sustainable profit. TTOs aim to help businesses to innovate and prosper leading to improving local and national economic prosperity. TTOs often support spin-off companies becoming a learning organisation and easing into an articulated management of activities complementary to the research and development activities that create the innovation and drive the transition from innovation to product lines. This paper aims to investigate the current situation of research-driven university\u27s TTO in UAE using a case study of Etisalat BT Innovation Center at Khalifa University and Masdar Institute for university policy implications. The findings suggest that TTOs assist university researchers in many ways

A glance of child’s play privacy in smart toys

© Springer International Publishing AG 2016. A smart toy is defined as a device consisting of a physical toy component that connects to one or more toy computing services to facilitate gameplay in the Cloud through networking and sensory technologies to enhance the functionality of a traditional toy. A smart toy in this context can be effectively considered an Internet of Things (IoT) with Artificial Intelligence (AI) which can provide Augmented Reality (AR) experiences to users. Referring to the direction of the United States Federal Trade Commission Children’s Online Privacy Protection Act (COPPA) and the European Union Data Protection Directive (EUDPD), this study adopts the definition of a child to be an individual under the age of 13 years old. In this study, the first assumption is that children do not understand the concept of privacy. The second assumption is that children will disclose as much information to smart toys as they can trust. Breaches of privacy can result in physical safety of child user, e.g., child predators. While the parents/legal guardians of a child strive to ensure their child’s physical and online safety and privacy, there is no common approach for these parents/guardians to study the information flow between their child and the smart toys they interact with. This paper discusses related privacy requirements for smart toys in a toy computing environment with a case study on a commercial smart toy called Hello Barbie from Mattel

Differentially private multidimensional data publishing

© 2017, Springer-Verlag London Ltd., part of Springer Nature. Various organizations collect data about individuals for various reasons, such as service improvement. In order to mine the collected data for useful information, data publishing has become a common practice among those organizations and data analysts, research institutes, or simply the general public. The quality of published data significantly affects the accuracy of the data analysis and thus affects decision making at the corporate level. In this study, we explore the research area of privacy-preserving data publishing, i.e., publishing high-quality data without compromising the privacy of the individuals whose data are being published. Syntactic privacy models, such as k-anonymity, impose syntactic privacy requirements and make certain assumptions about an adversary’s background knowledge. To address this shortcoming, we adopt differential privacy, a rigorous privacy model that is independent of any adversary’s knowledge and insensitive to the underlying data. The published data should preserve individuals’ privacy, yet remain useful for analysis. To maintain data utility, we propose DiffMulti, a workload-aware and differentially private algorithm that employs multidimensional generalization. We devise an efficient implementation to the proposed algorithm and use a real-life data set for experimental analysis. We evaluate the performance of our method in terms of data utility, efficiency, and scalability. When compared to closely related existing methods, DiffMulti significantly improved data utility, in some cases, by orders of magnitude

Intelligent multi-agent collaboration model for smart home IoT security

© 2018 IEEE. While the Internet of Things (IoT) continue to extend deeper into the daily lives of people, the domain of the smart home offers a unique need for security. Traditional firewalls and antivirus are not sufficient to protect the connected home from security threats, and to date, there have been limited solutions provided for this problem. This paper explores the recent works in this area and presents a new approach towards securing smart home networks through multi-agent collaboration. The model uses Beliefs, Desires, and Intentions (BDI) architecture for intelligent agent decision making, as well as a multi-agent collaboration model for achieving mutual security goals within the smart home network. For initial proof of concept, we provide a use case demonstrating the coordination of the threat response decision between operational availability and security risk agents as a qualitative coalitional game. This model can also be extended to other areas such as threat modeling, vulnerability scanning, and patching, as well as more advanced threat engagement and distraction. Throughout, we also consider operational goals of convenience and availability as required for a usability perspective within the smart home environment

A Privacy-Preserving Context Ontology (PPCO) for Smart Connected Toys

© 2019 IEEE. Ubiquitous mobile technology like Smart Connected Toys (SCTs) have unique challenges of clearly defining context data elements due to unstructured, consistent, and persistent changes in the environment. SCTs interact with its context to achieve meaningful functionality while maintaining context data privacy. As SCTs become increasingly pervasive, the toys with their built-in features must be aware of and adapt to their changing contexts while providing a sense of privacy and security to contextual data processed to support its use. This paper presents a context profile through SCT Privacy-Preserving Context Ontology (PPCO) and examines the benefits of designing a context data model for SCT privacy goals. Our proposed data context model is an abstract model, which organizes elements of data and standardizes how they relate to one another. It organizes properties of related entries in SCT based on eXtensible Markup Language (XML) to depict and project how the SCT contextual information-related to the SCTs\u27 environment-is assembled and maintained. Ultimately, the PPCO provides a structured description of the SCT context profile necessary to identify needed privacy controls to support SCT privacy goals