InShopnito: an advanced yet privacy-friendly mobile shopping application

Mobile Shopping Applications (MSAs) are rapidly gaining popularity. They enhance the shopping experience, by offering customized recommendations or incorporating customer loyalty programs. Although MSAs are quite effective at attracting new customers and binding existing ones to a retailer's services, existing MSAs have several shortcomings. The data collection practices involved in MSAs and the lack of transparency thereof are important concerns for many customers. This paper presents inShopnito, a privacy-preserving mobile shopping application. All transactions made in inShopnito are unlinkable and anonymous. However, the system still offers the expected features from a modern MSA. Customers can take part in loyalty programs and earn or spend loyalty points and electronic vouchers. Furthermore, the MSA can suggest personalized recommendations even though the retailer cannot construct rich customer profiles. These profiles are managed on the smartphone and can be partially disclosed in order to get better, customized recommendations. Finally, we present an implementation called inShopnito, of which the security and performance is analyzed. In doing so, we show that it is possible to have a privacy-preserving MSA without having to sacrifice practicality

Supplementary data for article: Mišić, D.; Šiler, B.; Gašić, U.; Avramov, S.; Živković, S.; Živković, J. N.; Milutinović, M.; Tešić, Ž. Simultaneous UHPLC/DAD/(+/-)HESI-MS/MS Analysis of Phenolic Acids and Nepetalactones in Methanol Extracts of Nepeta Species: A Possible Application in Chemotaxonomic Studies. Phytochemical Analysis 2015, 26 (1), 72–85. https://doi.org/10.1002/pca.2538

Supporting information for: [https://doi.org/10.1002/pca.2538]Related to published version: [http://cherry.chem.bg.ac.rs/handle/123456789/1663

Supplementary data for article: Mišić, D.; Šiler, B.; Gašić, U.; Avramov, S.; Živković, S.; Živković, J. N.; Milutinović, M.; Tešić, Ž. Simultaneous UHPLC/DAD/(+/-)HESI-MS/MS Analysis of Phenolic Acids and Nepetalactones in Methanol Extracts of Nepeta Species: A Possible Application in Chemotaxonomic Studies. Phytochemical Analysis 2015, 26 (1), 72–85. https://doi.org/10.1002/pca.2538

Supporting information for: [https://doi.org/10.1002/pca.2538]Related to published version: [http://cherry.chem.bg.ac.rs/handle/123456789/1663

Genetic Aspects of Micronutrients Important for Inflammatory Bowel Disease

Inflammatory bowel disease (IBD), Crohn’s disease (CD) and ulcerative colitis (UC) are complex diseases whose etiology is associated with genetic and environmental risk factors, among which are diet and gut microbiota. To date, IBD is an incurable disease and the main goal of its treatment is to reduce symptoms, prevent complications, and improve nutritional status and the quality of life. Patients with IBD usually suffer from nutritional deficiency with imbalances of specific micronutrient levels that contribute to the further deterioration of the disease. Therefore, along with medications usually used for IBD treatment, therapeutic strategies also include the supplementation of micronutrients such as vitamin D, folic acid, iron, and zinc. Micronutrient supplementation tailored according to individual needs could help patients to maintain overall health, avoid the triggering of symptoms, and support remission. The identification of individuals’ genotypes associated with the absorption, transport and metabolism of micronutrients can modify future clinical practice in IBD and enable individualized treatment. This review discusses the personalized approach with respect to genetics related to micronutrients commonly used in inflammatory bowel disease treatment

Reproductive biology traits affecting productivity of sour cherry

The objective of this work was to evaluate variability in reproductive biology traits and the correlation between them in genotypes of 'Oblacinska' sour cherry (Prunus cerasus). High genetic diversity was found in the 41 evaluated genotypes, and significant differences were observed among them for all studied traits: flowering time, pollen germination, number of fruiting branches, production of flower and fruit, number of flowers per bud, fruit set, and limb yield efficiency. The number of fruiting branches significantly influenced the number of flower and fruit, fruit set, and yield efficiency. In addition to number of fruiting branches, yield efficiency was positively correlated with fruit set and production of flower and fruit. Results from principal component analysis suggested a reduction of the reproductive biology factors affecting yield to four main characters: number and structure of fruiting branches, flowering time, and pollen germination. Knowledge of the reproductive biology of the 'Oblacinska' genotypes can be used to select the appropriate ones to be grown or used as parents in breeding programs. In this sense, genotypes II/2, III/9, III/13, and III/14 have very good flower production and satisfactory pollen germination

Privacy-Preserving Incentive Systems with Highly Efficient Point-Collection

Incentive systems (such as customer loyalty systems) are omnipresent nowadays and deployed in several areas such as retail, travel, and financial services. Despite the benefits for customers and companies, this involves large amounts of sensitive data being transferred and analyzed. These concerns initiated research on privacy-preserving incentive systems, where users register with a provider and are then able to privately earn and spend incentive points. In this paper we construct an incentive system that improves upon the state-of-the-art in several ways: – We improve efficiency of the Earn protocol by replacing costly zero-knowledge proofs with a short structure-preserving signature on equivalence classes. – We enable tracing of remainder tokens from double-spending transactions without losing backward unlinkability. – We allow for secure recovery of failed Spend protocol runs (where usually, any retries would be counted as double-spending attempts). – We guarantee that corrupt users cannot falsely blame other corrupt users for their double-spending. We propose an extended formal model of incentive systems and a concrete instantiation using homomorphic Pedersen commitments, ElGamal encryption, structure-preserving signatures on equivalence classes (SPS-EQ), and zero-knowledge proofs of knowledge. We formally prove our construction secure and present benchmarks showing its practical efficiency

Privacy-preserving Identity Management

With the technological advances and the evolution of online services, user privacy is becoming a crucial issue in the modern day society. Privacy in the general sense refers to individuals’ ability to protect information about themselves and selectively present it to other entities. This concept is nowadays strongly affected by everyday practices that assume personal data disclosure, such as online shopping and participation in loyalty schemes. This makes it difficult for an individual to control the outflow of her personal data and provides third parties with strong data gathering possibilities. On the other hand, the privacy-related legislation obliges the service providers to limit the collection of personal data and protect the data they collect. In rare cases, the privacy protection can be driven by the desire to build a trust relationship with customers. To achieve the described goals of protecting users’ privacy, this thesis focuses on two aspects of managing personal information. Firstly, we address the privacy-preserving design and development of information systems. The described approach coheres to the privacy-by-design principles, which assert that privacy should be embedded in a system design from the very beginning as an essential component of the core functionality, rather than being introduced as an add-on. Secondly, we develop a framework that informs the users about their privacy level and consequences of utilising a particular service or interacting with a particular service provider. That way, the user is enabled to make informed decisions about the disclosure of her personal information and remain in control of her achieved privacy. The first part of the thesis describes a reusable mechanism for achieving unlinkability and anonymity in incentive systems, such as loyalty schemes or reputation systems, while creating a certain level of assurance for the providers about the participating users. Namely, it allows the users to prove that they are registered for a particular service, that they satisfy specific requirements posed by the provider and that they cannot share their earned benefits, while remaining anonymous. The versatility of the scheme is demonstrated with its application in a privacy-preserving ticketing system for public transport services. The resulting system prevents tracking users’ movements. At the same time, the provider can impose needed restrictions on transport services utilisation. Further, this thesis presents a design of a privacy-preserving eHealth system. It is intended for commercial use, with limited trust assumptions, while protecting users’ personal and sensitive data. It allows the patients and elderly to connect to a range of caregivers and care providers. Besides describing the architectural design of the system, we also develop the protocols that describe its functioning. The latter part of this thesis focuses on ensuring user informedness about their attained privacy level. It presents a logic-based framework that allows the users to track which information is known or can be learned by which providers. This is achieved through modelling relevant credential technologies, service providers and the interactions of a user, i.e. data disclosures. The framework also evaluates which interactions can be linked together, as these links allow the providers to extend their knowledge about the user. Consequently, the user can decide on which information may be disclosed, by assessing the privacy level that would be achieved.nrpages: 206status: publishe

Prolog-based framework for privacy evaluation and user feedback

In this report, we describe the design and functioning of a logic-based framework for privacy evaluation and user feedback. This framework is meant to be running on the user’s side and to track user’s actions, i.e. disclosures that she makes, in order to evaluate the profiles different providers hold about her. The evaluation is based on the utilised credential technologies, providers’ authentication, data storage and data sharing policies and on actual interactions between the user and providers when services are consumed. Besides providing feedback on the achieved privacy level, the framework can also be applied for inspecting the consequences of potential subsequent disclosures. This allows the user to make an informed decision on which disclosures to make or to choose between alternative authentication policies.nrpages: 27status: publishe