Theft Preventive Measures for Interconnected Personal Computer Devices as Proactive Physical Security of Data

This article is concerned with the arising problems and implications of physical security and privacy of personal and control data on portable computer devices, especially smartphones. The authors consider various classifications of portable computer devices, isolate smartphones as a most common device, and study types of user behavior regarding the involved security risks of unauthorized access to the data stored both locally and remotely with accent of physical data access via device theft. Based on provided categorization the researchers discuss the factors and criteria suitable to generalize user patterns and evaluate the corresponding vulnerability level against specified statistics. The considered statistical criteria can be formulated as a mathematical model of relative risks and implemented as a service or an application to be used for improving user awareness on current threats to his personal data and respective interconnected personal portable devices.

Download Full-text

A Blockchain-Enabled Approach for Online Stream Sensor Data Protection in Cyber-Physical Manufacturing Systems

10.1115/detc2021-72023 ◽

2021 ◽

Author(s):

Zhangyue Shi ◽

Chenang Liu ◽

Chen Kan ◽

Wenmeng Tian ◽

Yang Chen

Keyword(s):

Information Technologies ◽

Manufacturing Systems ◽

Rapid Development ◽

Data Access ◽

Sensor Data ◽

False Alarms ◽

Monitoring And Control ◽

Stream Data ◽

Physical Security ◽

And Control

Abstract With the rapid development of the Internet of Things and information technologies, more and more manufacturing systems become cyber-enabled, which significantly improves the flexibility and productivity of manufacturing. Furthermore, a large variety of online sensors are also commonly incorporated in the manufacturing systems for online quality monitoring and control. However, the cyber-enabled environment may pose the collected online stream sensor data under high risks of cyber-physical attacks as well. Specifically, cyber-physical attacks could occur during the manufacturing process to maliciously tamper the sensor data, which could result in false alarms or failures of anomaly detection. In addition, the cyber-physical attacks may also illegally access the collected data without authorization and cause leakage of key information. Therefore, it becomes critical to develop an effective approach to protect online stream data from these attacks so that the cyber-physical security of the manufacturing systems could be assured. To achieve this goal, an integrative blockchain-enabled method, is proposed by leveraging both asymmetry encryption and camouflage techniques. A real-world case study that protects cyber-physical security of collected stream data in additive manufacturing is provided to demonstrate the effectiveness of the proposed method. The results demonstrate that malicious tampering could be detected in a relatively short time and the risk of unauthorized data access is significantly reduced as well.

Download Full-text

Book Reviews

Journal of Economic Literature ◽

10.1257/jel.52.4.1160.r10 ◽

2014 ◽

Vol 52 (4) ◽

pp. 1177-1178

Keyword(s):

Information Security ◽

Credit Card ◽

Personal Data ◽

Security And Privacy ◽

Management Tool ◽

Security Risks ◽

Economics Of Information ◽

Security Costs ◽

The Cost ◽

The University

Shane Greenstein of Northwestern University reviews “The Economics of Information Security and Privacy”, by Rainer Bohme. The Econlit abstract of this book begins: “Thirteen papers, revised and previously presented at the 11th Workshop on the Economics of Information Security held in Berlin in June 2012, explore the economics of information security and privacy, focusing on the management of information security, the economics of information security, the economics of privacy, and the economics of cybercrime. Papers discuss information security costs; whether to invest or not to invest--assessing the economic viability of a policy and security configuration management tool; ad-blocking games--monetizing online content under the threat of ad avoidance; software security economics--theory, in practice; an empirical study on information security behaviors and awareness; sectoral and regional interdependency of Japanese firms under the influence of information security risks; whether we can afford integrity by proof-of-work--scenarios inspired by the Bitcoin currency; online promiscuity--prophylactic patching and the spread of computer transmitted infections; the privacy economics of voluntary overdisclosure in web forms; choice architecture and smartphone privacy--there's a price for that; personal data disclosure in a simulated credit card application; measuring the cost of cybercrime; and an analysis of e-crime in crowd-sourced labor markets--Mechanical Turk versus Freelancer. Böhme is with the European Research Center for Information Systems at the University of Münster.”

Download Full-text

Open Humans: A platform for participant-centered research and personal data exploration

10.1101/469189 ◽

2018 ◽

Author(s):

Bastian Greshake Tzovaras ◽

Misha Angrist ◽

Kevin Arvai ◽

Mairi Dulaney ◽

Vero Estrada-Galiñanes ◽

...

Keyword(s):

Data Streams ◽

Academic Research ◽

Personal Data ◽

Data Access ◽

Continuous Glucose Monitor ◽

Activity Monitors ◽

The Social ◽

Human Participant ◽

Data Collections ◽

And Control

AbstractBackgroundMany aspects of our lives are now digitized and connected to the internet. As a result, individuals are now creating and collecting more personal data than ever before. This offers an unprecedented chance for human-participant research ranging from the social sciences to precision medicine. With this potential wealth of data come practical problems (such as how to merge data streams from various sources), as well as ethical problems (such as how to best balance risks and benefits when enabling personal data sharing by individuals).ResultsTo begin to address these problems in real time, we present Open Humans, a community-based platform that enables personal data collections across data streams, giving individuals more personal data access and control of sharing authorizations, and enabling academic research as well as patient-led projects. We showcase data streams that Open Humans combines (e.g. personal genetic data, wearable activity monitors, GPS location records and continuous glucose monitor data), along with use cases of how the data facilitates various projects.ConclusionsOpen Humans highlights how a community-centric ecosystem can be used to aggregate personal data from various sources as well as how these data can be used by academic and citizen scientists through practical, iterative approaches to sharing that strive to balance considerations with participant autonomy, inclusion, and privacy.

Download Full-text

EID System's Privacy Protection Enhancement Design

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.411-414.192 ◽

2013 ◽

Vol 411-414 ◽

pp. 192-198

Author(s):

Qiu Yun Lv ◽

Xiang Hong Tang ◽

Qiu Hua Wang

Keyword(s):

Privacy Protection ◽

Personal Data ◽

Security And Privacy ◽

The Internet ◽

Service Program ◽

Protection Measures ◽

Government Administration ◽

Data Process ◽

Access Service ◽

And Control

Recently, eID system is proposed to settle security problems and even more important to fulfill the need of government administration and control. But the main obstacle of spreading eID systems is privacy worrying though they possessed some security and privacy protection measures. In this paper, we provided the enhancement design for protecting citizen privacy in an eID system (taking German eID system as analysis object).Firstly, we suggested to separate authorization eID server and authentication eID server physically to reduce the possibility of personal data breach since eID server could not avoid to be attacked if it was one part of the internet ; Secondly, we put forward that privacy data should be double-encrypted in the stage of applying service, and should be remain encryption except the service program using it, and more importantly , it should be deleted when service is ending ; Thirdly, in order to prevent fake eID server plus fake service provider attack, we devised the authentication flow when citizen access service which let citizen to take part in the authentication process actively. In addition, we present the remote delete personal data process which invoked by citizen to further privacy protection.

Download Full-text

Is There a Predisposition towards the Use of New Technologies within the Traffic Field of Emerging Countries? The Case of the Dominican Republic

Electronics ◽

10.3390/electronics10101208 ◽

2021 ◽

Vol 10 (10) ◽

pp. 1208

Author(s):

Francisco Alonso ◽

Mireia Faus ◽

Cristina Esteban ◽

Sergio A. Useche

Keyword(s):

Dominican Republic ◽

Road Safety ◽

New Technologies ◽

Technological Development ◽

Personal Data ◽

Emerging Countries ◽

Level Of Knowledge ◽

One Year ◽

The One ◽

And Control

Technological devices are becoming more and more integrated in the management and control of traffic in big cities. The population perceives the benefits provided by these systems, and, therefore, citizens usually have a favorable opinion of them. However, emerging countries, which have fewer available infrastructures, could present a certain lack of trust. The objective of this work is to detect the level of knowledge and predisposition towards the use of new technologies in the transportation field of the Dominican Republic. For this study, the National Survey on Mobility was administered to a sample of Dominican citizens, proportional to the ONE census and to sex, age and province. The knowledge of ITS topics, as well as the use of mobile applications for mobility, are scarce; however, there was a significant increase that can be observed in only one year. Moreover, technology is, in general, positively assessed for what concerns the improvement of the traffic field, even though there is a lack of predisposition to provide one’s personal data, which is necessary for these devices. The process of technological development in the country must be backed up by laws that protect the citizens’ privacy. Thus, technologies that can improve road safety, mobility and sustainability can be implemented in the country.

Download Full-text

Behavioral Economics Issues for Software Requirements Optimization for Personal Data Security and Privacy

10.1145/3477911.3477918 ◽

2021 ◽

Author(s):

Shatadru Shikta ◽

Somania Nur Mahal ◽

Kazi Bushra Al Jannat ◽

MAHADY HASAN ◽

M. ROKONUZZAMAN

Keyword(s):

Behavioral Economics ◽

Data Security ◽

Personal Data ◽

Security And Privacy ◽

Software Requirements

Download Full-text

Industry 4.0 Digital Technologies for data collection and control

10.33920/pro-2-2106-04 ◽

2021 ◽

pp. 43-58

Author(s):

S. S. Yudachev ◽

P. A. Monakhov ◽

N. A. Gordienko

Keyword(s):

Data Collection ◽

Open Source ◽

Software Defined Radio ◽

Block Diagram ◽

Data Access ◽

Gnu Radio ◽

Time Data ◽

Object A ◽

Data Propagation ◽

And Control

This article describes an attempt to create open source LabVIEW software, equivalent to data collection and control software. The proposed solution uses GNU Radio, OpenCV, Scilab, Xcos, and Comedi in Linux. GNU Radio provides a user-friendly graphical interface. Also, GNU Radio is a software-defined radio that conducts experiments in practice using software rather than the usual hardware implementation. Blocks for data propagation, code deletion with and without code tracking are created using the zero correlation zone code (ZCZ, a combination of ternary codes equal to 1, 0, and –1, which is specified in the program). Unlike MATLAB Simulink, GNU Radio is open source, i. e. free, and the concepts can be easily accessed by ordinary people without much programming experience using pre-written blocks. Calculations can be performed using OpenCV or Scilab and Xcos. Xcos is an application that is part of the Scilab mathematical modeling system, and it provides developers with the ability to design systems in the field of mechanics, hydraulics and electronics, as well as queuing systems. Xcos is a graphical interactive environment based on block modeling. The application is designed to solve problems of dynamic and situational modeling of systems, processes, devices, as well as testing and analyzing these systems. In this case, the modeled object (a system, device or process) is represented graphically by its functional parametric block diagram, which includes blocks of system elements and connections between them. The device drivers listed in Comedi are used for real-time data access. We also present an improved PyGTK-based graphical user interface for GNU Radio. English version of the article is available at URL: https://panor.ru/articles/industry-40-digital-technology-for-data-collection-and-management/65216.html

Download Full-text

A HIPAA Security and Privacy Compliance Audit and Risk Assessment Mitigation Approach

International Journal of Cyber Research and Education ◽

10.4018/ijcre.2021070103 ◽

2021 ◽

Vol 3 (2) ◽

pp. 28-45

Author(s):

Young B. Choi ◽

Christopher E. Williams

Keyword(s):

Healthcare System ◽

Information Assurance ◽

Healthcare Providers ◽

Security And Privacy ◽

Privacy Requirements ◽

Security Controls ◽

The Us ◽

Compliance Audit ◽

And Control ◽

Health Laws

Data breaches have a profound effect on businesses associated with industries like the US healthcare system. This task extends more pressure on healthcare providers as they continue to gain unprecedented access to patient data, as the US healthcare system integrates further into the digital realm. Pressure has also led to the creation of the Health Insurance Portability and Accountability Act, Omnibus Rule, and Health Information Technology for Economic and Clinical Health laws. The Defense Information Systems Agency also develops and maintains security technical implementation guides that are consistent with DoD cybersecurity policies, standards, architectures, security controls, and validation procedures. The objective is to design a network (physician's office) in order to meet the complexity standards and unpredictable measures posed by attackers. Additionally, the network must adhere to HIPAA security and privacy requirements required by law. Successful implantation of network design will articulate comprehension requirements of information assurance security and control.

Download Full-text

Cyber-Physical Security and Privacy in the Electric Smart Grid

Synthesis Lectures on Information Security Privacy and Trust ◽

10.2200/s00784ed1v01y201706spt021 ◽

2017 ◽

Vol 9 (2) ◽

pp. 1-64 ◽

Cited By ~ 4

Author(s):

Bruce McMillin ◽

Thomas Roth

Keyword(s):

Smart Grid ◽

Security And Privacy ◽

Physical Security

Download Full-text