scholarly journals Up-to-the-Minute Privacy Policies via Gossips in Participatory Epidemiological Studies

2021 ◽  
Vol 4 ◽  
Author(s):  
Aakash Sharma ◽  
Thomas Bye Nilsen ◽  
Katja Pauline Czerwinska ◽  
Daria Onitiu ◽  
Lars Brenna ◽  
...  
Keyword(s):  
Data Processing ◽  
Data Access ◽  
Ethics Committees ◽  
Epidemiological Studies ◽  
Sensitive Information ◽  
Participatory Epidemiology ◽  
Statistical Inferences ◽  
Data Ownership ◽  
Recent Developments ◽  
Access Policies

Researchers and researched populations are actively involved in participatory epidemiology. Such studies collect many details about an individual. Recent developments in statistical inferences can lead to sensitive information leaks from seemingly insensitive data about individuals. Typical safeguarding mechanisms are vetted by ethics committees; however, the attack models are constantly evolving. Newly discovered threats, change in applicable laws or an individual's perception can raise concerns that affect the study. Addressing these concerns is imperative to maintain trust with the researched population. We are implementing Lohpi: an infrastructure for building accountability in data processing for participatory epidemiology. We address the challenge of data-ownership by allowing institutions to host data on their managed servers while being part of Lohpi. We update data access policies using gossips. We present Lohpi as a novel architecture for research data processing and evaluate the dissemination, overhead, and fault-tolerance.

scholarly journals Ciphertext-policy attribute-based encryption with hidden sensitive policy from keyword search techniques in smart city

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
Keyword Search ◽  
Sensitive Information ◽  
Security Model ◽  
Computational Overhead ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Iot Devices ◽  
Ciphertext Policy ◽  
Access Policies

AbstractCountless data generated in Smart city may contain private and sensitive information and should be protected from unauthorized users. The data can be encrypted by Attribute-based encryption (CP-ABE), which allows encrypter to specify access policies in the ciphertext. But, traditional CP-ABE schemes are limited because of two shortages: the access policy is public i.e., privacy exposed; the decryption time is linear with the complexity of policy, i.e., huge computational overheads. In this work, we introduce a novel method to protect the privacy of CP-ABE scheme by keyword search (KS) techniques. In detail, we define a new security model called chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and hidden. If user's attributes don't satisfy the public policy, he/she cannot get any information (attribute name and its values) of the hidden one. Previous CP-ABE schemes with hidden policy only work on the “AND-gate” access structure or their ciphertext size or decryption time maybe super-polynomial. Our scheme is more expressive and compact. Since, IoT devices spread all over the smart city, so the computational overhead of encryption and decryption can be shifted to third parties. Therefore, our scheme is more applicable to resource-constrained users. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

Implementasi Kebijakan Keterbukaan Akses Data Perbankan Dalam Meningkatkan Tax Compliance Di Indonesia

2021 ◽  
Vol 1 (2) ◽  
pp. 89
Author(s):  
Lutfia Rizkyatul Akbar ◽  
Gunadi Gunadi
Keyword(s):  
Banking Sector ◽  
Tax Compliance ◽  
Data Access ◽  
Assessment System ◽  
First Year ◽  
Process Data ◽  
Self Assessment ◽  
Customer Data ◽  
Qualitative Descriptive ◽  
Access Policies

This study aims to assess the implementation of the openness of banking data access policies to improving tax compliance in Indonesia. It cause by the implementation of tax collection using a self-assessment system, thus requiring taxpayer data and information through financial institutions, include banking. Researchers used qualitative descriptive methods. The results of this study are, first, there is support for the implementation of the policy on openness to access to banking data in increasing tax compliance in Indonesia in the form of the issuance of Law Number 9 of 2017 concerning Access to Financial Information. Second, the implementation of banking data disclosure policies to increase tax compliance in Indonesia, including the willingness of target groups to comply with policy outputs, in this case the reporting of customer data by banks to the DGT. Third, the policy of open banking data access does not impede or reduce the number of bank accounts and deposits. Fourth, there are technical obstacles both by the DGT and the banking sector, especially in the first year. Furthermore, there are several inhibiting factors in the implementation of this policy, namely IT factors, and resistance from some circles at the beginning of the emergence of regulations, limited financial resources to process data quickly, so it must be done gradually, in addition to lack of quantity and quality of human resources 

scholarly journals Device-Based Security to Improve User Privacy in the Internet of Things †

Sensors ◽  
2018 ◽  
Vol 18 (8) ◽  
pp. 2664 ◽  
Author(s):  
Luis Belem Pacheco ◽  
Eduardo Pelinson Alchieri ◽  
Priscila Mendez Barreto
Keyword(s):  
Cloud Computing ◽  
Internet Of Things ◽  
Single Point ◽  
Data Access ◽  
Cloud Services ◽  
Sensitive Information ◽  
User Privacy ◽  
Privacy And Security ◽  
Iot Devices ◽  
And Control

The use of Internet of Things (IoT) is rapidly growing and a huge amount of data is being generated by IoT devices. Cloud computing is a natural candidate to handle this data since it has enough power and capacity to process, store and control data access. Moreover, this approach brings several benefits to the IoT, such as the aggregation of all IoT data in a common place and the use of cloud services to consume this data and provide useful applications. However, enforcing user privacy when sending sensitive information to the cloud is a challenge. This work presents and evaluates an architecture to provide privacy in the integration of IoT and cloud computing. The proposed architecture, called PROTeCt—Privacy aRquitecture for integratiOn of internet of Things and Cloud computing, improves user privacy by implementing privacy enforcement at the IoT devices instead of at the gateway, as is usually done. Consequently, the proposed approach improves both system security and fault tolerance, since it removes the single point of failure (gateway). The proposed architecture is evaluated through an analytical analysis and simulations with severely constrained devices, where delay and energy consumption are evaluated and compared to other architectures. The obtained results show the practical feasibility of the proposed solutions and demonstrate that the overheads introduced in the IoT devices are worthwhile considering the increased level of privacy and security.

scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy for Recruitment in Smart City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Computational Overhead ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city, as a promising technical tendency, greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company's future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy for recruitment in smart city. Specifically, we introduce a new security model chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user's attributes satisfy the public policy, it's possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme supports a more expressive access policy, since the access policy of their schemes only work on the ``AND-gate'' structure. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud. Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals DEVELOPMENT OF A HETEROGENIC DISTRIBUTED ENVIRONMENT FOR SPATIAL DATA PROCESSING USING CLOUD TECHNOLOGIES

2016 ◽  
Vol XLI-B4 ◽  
pp. 385-390
Author(s):  
A. S. Garov ◽  
I. P. Karachevtseva ◽  
E. V. Matveev ◽  
A. E. Zubarev ◽  
I. V. Florinsky
Keyword(s):  
Data Processing ◽  
Spatial Data ◽  
3D Visualization ◽  
New Technology ◽  
Main Idea ◽  
Remote Sensing Data ◽  
Data Access ◽  
Working Environment ◽  
Software Environment ◽  
Spatial Data Processing

We are developing a unified distributed communication environment for processing of spatial data which integrates web-, desktop- and mobile platforms and combines volunteer computing model and public cloud possibilities. The main idea is to create a flexible working environment for research groups, which may be scaled according to required data volume and computing power, while keeping infrastructure costs at minimum. It is based upon the "single window" principle, which combines data access via geoportal functionality, processing possibilities and communication between researchers. Using an innovative software environment the recently developed planetary information system (<a href="http://cartsrv.mexlab.ru/geoportal"target="_blank">http://cartsrv.mexlab.ru/geoportal</a>) will be updated. The new system will provide spatial data processing, analysis and 3D-visualization and will be tested based on freely available Earth remote sensing data as well as Solar system planetary images from various missions. Based on this approach it will be possible to organize the research and representation of results on a new technology level, which provides more possibilities for immediate and direct reuse of research materials, including data, algorithms, methodology, and components. The new software environment is targeted at remote scientific teams, and will provide access to existing spatial distributed information for which we suggest implementation of a user interface as an advanced front-end, e.g., for virtual globe system.

The Dutch Participation Society Needs Open Data, but What is Meant by Open?

2017 ◽  
pp. 304-322
Author(s):  
Roel During ◽  
Marcel Pleijte ◽  
Rosalie I. van Dam ◽  
Irini E. Salverda
Keyword(s):  
Social Action ◽  
Web Sites ◽  
Information Exchange ◽  
Personal Information ◽  
Open Data ◽  
Data Access ◽  
Representative Democracy ◽  
Sensitive Information ◽  
Data Governance ◽  
Societal Benefit

Open data and citizen-led initiatives can be both friends and foes. Where it is available and ‘open', official data not only encourages increased public participation but can also generate the production and scrutiny of new material, potentially of benefit to the original provider and others, official or otherwise. In this way, official open data can be seen to improve democracy or, more accurately, the so-called ‘participative democracy'. On the other hand, the public is not always eager to share their personal information in the most open ways. Private and sometimes sensitive information however is required to initiate projects of societal benefit in difficult times. Many citizens appear content to channel personal information exchange via social media instead of putting it on public web sites. The perceived benefits from sharing and complete openness do not outweigh any disadvantages or fear of regulation. This is caused by various sources of contingency, such as the different appeals on citizens, construed in discourses on the participation society and the representative democracy, calling for social openness in the first and privacy protection in the latter. Moreover, the discourse on open data is an economic argument fighting the rules of privacy instead of the promotion of open data as one of the prerequisites for social action. Civil servants acknowledge that access to open data via all sorts of apps could contribute to the mushrooming of public initiatives, but are reluctant to release person-related sensitive information. The authors will describe and discuss this dilemma in the context of some recent case studies from the Netherlands concerning governmental programmes on open data and citizens' initiatives, to highlight both the governance constraints and uncertainties as well as citizens' concerns on data access and data sharing. It will be shown that openness has a different meaning and understanding in the participation society and representative democracy: i.e. the tension surrounding the sharing of private social information versus transparency. Looking from both sides at openness reveals double contingency: understanding and intentions on this openness invokes mutual enforcing uncertainties. This double contingency hampers citizens' eagerness to participate. The paper will conclude with a practical recommendation for improving data governance.

Privacy Aware Access Control

2017 ◽  
Vol 10 (2) ◽  
pp. 17-30
Author(s):  
Rekha Bhatia ◽  
Manpreet Singh Gujral
Keyword(s):  
Web Services ◽  
Access Control ◽  
Research Work ◽  
Data Access ◽  
The Internet ◽  
Sensitive Information ◽  
Human Right ◽  
Ready Availability ◽  
Control Technologies ◽  
Technical Solutions

Due to the ever increasing number of web services available through the Internet, the privacy as a fundamental human right is endangered. Informed consent and collection of information are two important aspects while interacting on the Internet through web services. The ease of data access and the ready availability of it through Internet, made it easier for interested parties to intrude into the individual's privacy in unprecedented ways. The regulatory and technical solutions adopted to curb this have achieved only a limited success. The main culprits in this regard are the incompatibilities in the regulatory measures and standards. This research work focuses on privacy preserving access control for sharing sensitive information in the arena of web services, provides some recent outlooks towards the critical need of privacy aware access control technologies and a comprehensive review of the existing work in this arena. Besides, a novel framework for privacy aware access to web services is also provided.

scholarly journals Biomarkers of exposure and early effect in three contaminated sites of southern Italy: protocols for etiological epidemiological studies

BMJ Open ◽  
2020 ◽  
Vol 10 (5) ◽  
pp. e036160
Author(s):  
Francesca Gorini ◽  
Elisa Bustaffa ◽  
Davide Bolignano ◽  
Liliana Cori ◽  
Francesco Faita ◽  
...  
Keyword(s):  
Risk Factors ◽  
Biological Markers ◽  
Ethics Committees ◽  
Epidemiological Studies ◽  
Ethics Committee ◽  
Contaminated Sites ◽  
Environmental Toxicants ◽  
University Hospitals ◽  
Early Effect ◽  
Early Effects

IntroductionEnvironmental pollution has been progressively becoming one of the main risk factors to human diseases. In particular, populations living in high-contaminated sites are particularly exposed to environmental toxicants, with consequent increased risks to human health. In Italy, there are currently ongoing three epidemiological etiological studies aimed at evaluating the association between exposure to inorganic and organic chemicals and presence of biological markers of early effects in population living in three National Priority Contaminated Sites (NPCSs). Specifically, the correlations concern preclinical indicators of liver disease in Priolo NPCS, thyroid diseases in Milazzo-Valle del Mela NPCS and cardiovascular risk and kidney damage in Crotone NPCS.Methods and analysisOverall, approximately 1300 subjects of both sexes will be enrolled in the three NPCSs according to specific inclusion criteria. For each subject, serum and urine specimens are collected, on which the determination of biological markers of exposure and early effects for the selected outcomes are performed. Individual information on environmental and occupational exposure, medical history, diet and life habits is obtained through questionnaires provided by web platform. In Milazzo-Valle del Mela and Crotone NPCSs, not invasive instrumental and imaging examinations are performed in order to evaluate further risk factors of thyroid carcinoma and cardiovascular disease, respectively.Ethics and disseminationThe protocol studies have been approved by the Ethics Committees responsible for the three involved NPCSs: the Ethics Committee ‘Catania 2’ for the NPCS of Priolo (21 July 2017, n. 500/2017/CECT2), the Ethics Committee of the University Hospitals of Messina for the NPCS of Milazzo-Valle del Mela (19 February 2018, n.2/2018); the Ethics Committee of the Region of Calabria for the NPCS of Crotone (20 July 2017, n. 174). Results will be disseminated among policy-makers, citizens, stakeholders and scientific community through the organisation of conferences and events, and the publication on international peer/reviewed journals.

Sign in / Sign up

Export Citation Format

Share Document