Efficient routing of snow removal vehicles

This research addresses the problem of finding a minimum cost set of routes for vehicles in a road network subject to some constraints. Extensions, such as multiple service requirements, and mixed networks have been considered. Variations of this problem exist in many practical applications such as snow removal, refuse collection, mail delivery, etc. An exact algorithm was developed using integer programming to solve small size problems. Since the problem is NP-hard, a heuristic algorithm needs to be developed. An algorithm was developed based on the Greedy Randomized Adaptive Search Procedure (GRASP) heuristic, in which each replication consists of applying a construction heuristic to find feasible and good quality solutions, followed by a local search heuristic. A simulated annealing heuristic was developed to improve the solutions obtained from the construction heuristic. The best overall solution was selected from the results of several replications. The heuristic was tested on four sets of problem instances (total of 115 instances) obtained from the literature. The simulated annealing heuristic was able to achieve average improvements of up to 26.36% over the construction results on these problem instances. The results obtained with the developed heuristic were compared to the results obtained with recent heuristics developed by other authors. The developed heuristic improved the best-known solution found by other authors on 18 of the 115 instances and matched the results on 89 of those instances. It worked specially better with larger problems. The average deviations to known lower bounds for all four datasets were found to range between 0.21 and 2.61%

Exploring the relationships between privacy by design schemes and privacy laws: a comparative analysis

Internet of Things (IoT) applications have the potential to derive sensitive information about individuals. Therefore, developers must exercise due diligence to make sure that data are managed according to the privacy regulations and data protection laws. However, doing so can be a difficult and challenging task. Recent research has revealed that developers typically face difficulties when complying with regulations. One key reason is that, at times, regulations are vague, and could be challenging to extract and enact such legal requirements. In our research paper, we have conducted a systematic analysis of the data protection laws that are used across different continents, namely: (i) General Data Protection Regulations (GDPR), (ii) the Personal Information Protection and Electronic Documents Act (PIPEDA), (iii) the California Consumer Privacy Act (CCPA), (iv) Australian Privacy Principles (APPs), and (v) New Zealand’s Privacy Act 1993. In this technical report, we presented the detailed results of the conducted framework analysis method to attain a comprehensive view of different data protection laws and highlighted the disparities, in order to assist developers in adhering to the regulations across different regions, along with creating a Combined Privacy Law Framework (CPLF). After that, we gave an overview of various Privacy by Design (PbD) schemes developed previously by different researchers. Then, the key principles and individuals’ rights of the CPLF were mapped with the privacy principles, strategies, guidelines, and patterns of the Privacy by Design (PbD) schemes in order to investigate the gaps in existing schemes

Exploring the Relationships between Privacy by Design Schemes and Privacy Laws: A Comparative Analysis

Internet of Things (IoT) applications have the potential to derive sensitive information about individuals. Therefore, developers must exercise due diligence to make sure that data are managed according to the privacy regulations and data protection laws. However, doing so can be a difficult and challenging task. Recent research has revealed that developers typically face difficulties when complying with regulations. One key reason is that, at times, regulations are vague, and could be challenging to extract and enact such legal requirements. In our research paper, we have conducted a systematic analysis of the data protection laws that are used across different continents, namely: (i) General Data Protection Regulations (GDPR), (ii) the Personal Information Protection and Electronic Documents Act (PIPEDA), (iii) the California Consumer Privacy Act (CCPA), (iv) Australian Privacy Principles (APPs), and (v) New Zealand's Privacy Act 1993. In this technical report, we presented the detailed results of the conducted framework analysis method to attain a comprehensive view of different data protection laws and highlighted the disparities, in order to assist developers in adhering to the regulations across different regions, along with creating a Combined Privacy Law Framework (CPLF). After that, we gave an overview of various Privacy by Design (PbD) schemes developed previously by different researchers. Then, the key principles and individuals' rights of the CPLF were mapped with the privacy principles, strategies, guidelines, and patterns of the Privacy by Design (PbD) schemes in order to investigate the gaps in existing schemes.Comment: Technical Repor

Exploring the relationships between privacy by design schemes and privacy laws: a comparative analysis

Internet of Things (IoT) applications have the potential to derive sensitive information about individuals. Therefore, developers must exercise due diligence to make sure that data are managed according to the privacy regulations and data protection laws. However, doing so can be a difficult and challenging task. Recent research has revealed that developers typically face difficulties when complying with regulations. One key reason is that, at times, regulations are vague, and could be challenging to extract and enact such legal requirements. In our research paper, we have conducted a systematic analysis of the data protection laws that are used across different continents, namely: (i) General Data Protection Regulations (GDPR), (ii) the Personal Information Protection and Electronic Documents Act (PIPEDA), (iii) the California Consumer Privacy Act (CCPA), (iv) Australian Privacy Principles (APPs), and (v) New Zealand’s Privacy Act 1993. In this technical report, we presented the detailed results of the conducted framework analysis method to attain a comprehensive view of different data protection laws and highlighted the disparities, in order to assist developers in adhering to the regulations across different regions, along with creating a Combined Privacy Law Framework (CPLF). After that, we gave an overview of various Privacy by Design (PbD) schemes developed previously by different researchers. Then, the key principles and individuals’ rights of the CPLF were mapped with the privacy principles, strategies, guidelines, and patterns of the Privacy by Design (PbD) schemes in order to investigate the gaps in existing schemes

Privacy‐aware cloud ecosystems: Architecture and performance

With an increasing number of cloud providers offering services made use of by both individual users and other providers, there is a realization that service provision now involves an “ecosystem” of providers. Some providers may be directly visible to a user, while others may be contributors to composite services and not directly known to the user—as only the provider offering the composite service is visible. Such services may include: domain specific services (eg, simulation), advertising services, or profiling/analytics services. Understanding the impact on data privacy of a user for such a composite service remains a challenge, and providing transparency (and obtaining user consent for data use) remains a key requirement of the European General Data Protection Regulation (GDPR). An architecture that makes use of blockchains and smart contracts is proposed that addresses this requirement. An implementation of the architecture is used to demonstrate how access control can be managed and audited. The scalability and cost of undertaking access control, as the number of actors (both service providers and “voters”) increases, is also described. The proposed approach can be used to support service aggregation across both private and public clouds

Automating GDPR compliance verification for cloud-hosted services

Cloud-hosted business processes require access to customer data to complete a transaction, to improve a customer’s on-line experience or provide useful product recommendations. However, privacy concerns associated with the use of this data have led to legal regulations that impose restrictions on how such data is requested or processed by an on-line service, with large penalties for violating these restrictions, e.g. the European General Data Protection Regulation (GDPR). We propose a framework for helping cloud-hosted services automate GDPR compliance checking. The framework comprises three steps: represent data flow in business processes with an appropriate abstraction (timed transition systems), formalise GDPR rules and obligations and incorporate them into the same abstraction, and implement the abstraction in a model checking tool (Uppaal) in order to automatically verify compliance of business process activities with GDPR. We demonstrate the approach using a cloud-based purchase order system

Compliance checking of cloud providers: design and implementation

The recognition of capabilities supplied by cloud systems is presently growing up. Collecting or sharing healthcare data and sensitive information especially during Covid-19 pandemic has motivated organizations and enterprises to leverage the upsides coming from cloud-based applications. However, the privacy of electronic data in such applications remains a significant challenge for cloud vendors to adapt their solutions with existing privacy legislation standards such as general data protection regulation (GDPR). This paper, first, proposes a formal model and verification for data usage requests of providers in a cloud composite service using a model checking tool. A cloud pharmacy scenario is presented to illustrate the connectivity of providers in the composite service and the stream of their requests for both collection and movement of patient data. A set of verification is, then, undertaken over the pharmacy service in accordance with three significant GDPR obligations, namely user consent, data access and data transfer. Following that, the paper designs and implements a cloud container virtualization based on the verified formal model realising GDPR requirements. The container makes use of some enforcement smart contracts to only proceed the providers’ requests, which are compliant with GDPR. Finally, several experiments are provided to investigate the performance of our approach in terms of time, memory and cost

COM-PACE: Compliance-Aware Cloud Application Engineering Using Blockchain

The COVID19 Pandemic has highlighted our dependence on online services (from government, e-commerce/retail, and entertainment), often hosted over external cloud computing infrastructure. The users of these services interact with a web interface rather than the larger distributed service provisioning chain that can involve an interlinked group of providers. The data and identity of users are often provided to service provider who may share it (or have automatic sharing agreement) with backend services (such as advertising and analytics). We propose the development of compliance-aware cloud application engineering, which is able to improve transparency of personal data use -- particularly with reference to the European GDPR regulation. Key compliance operations and the perceived implementation challenges for the realization of these operations in current cloud infrastructure are outlined

Decline in subarachnoid haemorrhage volumes associated with the first wave of the COVID-19 pandemic

BACKGROUND: During the COVID-19 pandemic, decreased volumes of stroke admissions and mechanical thrombectomy were reported. The study\u27s objective was to examine whether subarachnoid haemorrhage (SAH) hospitalisations and ruptured aneurysm coiling interventions demonstrated similar declines. METHODS: We conducted a cross-sectional, retrospective, observational study across 6 continents, 37 countries and 140 comprehensive stroke centres. Patients with the diagnosis of SAH, aneurysmal SAH, ruptured aneurysm coiling interventions and COVID-19 were identified by prospective aneurysm databases or by International Classification of Diseases, 10th Revision, codes. The 3-month cumulative volume, monthly volumes for SAH hospitalisations and ruptured aneurysm coiling procedures were compared for the period before (1 year and immediately before) and during the pandemic, defined as 1 March-31 May 2020. The prior 1-year control period (1 March-31 May 2019) was obtained to account for seasonal variation. FINDINGS: There was a significant decline in SAH hospitalisations, with 2044 admissions in the 3 months immediately before and 1585 admissions during the pandemic, representing a relative decline of 22.5% (95% CI -24.3% to -20.7%, p\u3c0.0001). Embolisation of ruptured aneurysms declined with 1170-1035 procedures, respectively, representing an 11.5% (95%CI -13.5% to -9.8%, p=0.002) relative drop. Subgroup analysis was noted for aneurysmal SAH hospitalisation decline from 834 to 626 hospitalisations, a 24.9% relative decline (95% CI -28.0% to -22.1%, p\u3c0.0001). A relative increase in ruptured aneurysm coiling was noted in low coiling volume hospitals of 41.1% (95% CI 32.3% to 50.6%, p=0.008) despite a decrease in SAH admissions in this tertile. INTERPRETATION: There was a relative decrease in the volume of SAH hospitalisations, aneurysmal SAH hospitalisations and ruptured aneurysm embolisations during the COVID-19 pandemic. These findings in SAH are consistent with a decrease in other emergencies, such as stroke and myocardial infarction