900 resultados para Security, Privacy, Trust, Reputation
Resumo:
Alison Macrina is the founder and director of the Library Freedom Project, an initiative that aims to make real the promise of intellectual freedom in libraries. The Library Freedom Project trains librarians on the state of global surveillance, privacy rights, and privacy-protecting technology, so that librarians may in turn teach their communities about safeguarding privacy. In 2015, Alison was named one of Library Journal‘s Movers and Shakers. Read more about the Library Freedom Project at libraryfreedomproject.org.
Resumo:
O status tecnológico da sociedade contemporânea, imersa no mundo virtual, ao mesmo tempo que cria novas oportunidades para as empresas e mais comodidade aos usuários, também gera interesses conflitantes entre essas duas partes e incita ao surgimento de paradoxos na relação de ambas com a privacidade. Um dos reflexos desse cenário é a falta de confiança do consumidor em expor seus dados pessoais no ambiente on-line, o que, por sua vez, atua como um obstáculo ao pleno potencial do comércio eletrônico. Uma das possíveis saídas para o dilema, apontada por vários estudiosos, estaria na busca do chamado caminho virtuoso do meio, representado por soluções eficazes e satisfatórias para todas as instâncias envolvidas. Como parte de tal caminho, que configura um processo de conhecimento do sentido e do valor da privacidade nos dias atuais, encontram-se os estudos de tipologia, que, apesar de numericamente pequenos — sobretudo tendo a Internet como foco —, representam esforços para se chegar a uma conceituação sobre o que é a natureza do privado. Desse entendimento dependem a elaboração e a fundamentação de estratégias para o implemento de soluções em sintonia com as inúmeras demandas sociais de hoje. O objetivo do presente trabalho, portanto, é replicar um determinado modelo de tipologia de privacidade no cenário do Brasil após pesquisa do tema em nível global. A escolha recaiu sobre um estudo de Sheehan (2002), desenvolvido nos Estados Unidos junto a um público de intermautas. Na transposição do modelo para um grupo de 190 indivíduos no Brasil, verificou-se que, dentre as quatro variáveis abordadas no estudo original (gênero, idade, grau de escolaridade e renda familiar), apenas a idade teve significância para a privacidade, com pouco mais de 20% de variabilidade. Já o nível de escolaridade, que se mostrou importante no trabalho norte-americano, não apresentou qualquer relevância entre o público brasileiro. As divergências nos resultados podem ser atribuídas a diferentes fatores, com ênfase ao papel exercido pelos sistemas culturais. Considerá-las, pois, pode embasar futuros estudos que, à semelhança deste, procurem responder ao desafio da privacidade no campo virtual e beneficiem tanto indivíduos como o fortalecimento do e-commerce.
Resumo:
There is substantially more trade within national borders than across borders. An important explanation for this fact is the weak enforcement of international contracts. We develop a model in which agents build reputations to overcome this institutional failure. The model describes the interplay between institutional quality, reputations and the dynamics of international trade. It also rationalizes several empirical regularities. We find that history matters for trade volumes, but that its effects vary with the institutional setting of the country. The same is true for the efticacy of trade liberalization programs. Moreover, while stricter enforcement of contracts enhances trade in the short run, it makes it harder for individual traders to develop good reputations. We show that this indirect negative effect may produce an "institutional trap": for sufliciently low initial levels of contract enforcement, a small tightening in enforcement reduces future trade fiows. We find also that search frictions aggravate the problems created by weak enforceability of contracts, even if they impose no direct cost on agents. The model allows extensions in several directions. We outline two of them, indicating how one could study transnational networks and the effects of firm heterogeneity within our structure.
Resumo:
The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness. Security testing methodologies are the first step towards standardized security evaluation processes and understanding of how the security threats evolve over time. This dissertation analyzes some of the most used identifying differences and commonalities, useful to compare them and assess their quality. The dissertation then proposes a new enhanced methodology built by keeping the best of every analyzed methodology. The designed methodology is tested over different systems with very effective results, which is the main evidence that it could really be applied in practical cases. Most of the dissertation discusses and proves how the presented testing methodology could be applied to such different systems and even to evade security measures by inverting goals and scopes. Real cases are often hard to find in methodology' documents, in contrary this dissertation wants to show real and practical cases offering technical details about how to apply it. Electronic voting systems are the first field test considered, and Pvote and Scantegrity are the two tested electronic voting systems. The usability and effectiveness of the designed methodology for electronic voting systems is proved thanks to this field cases analysis. Furthermore reputation and anti virus engines have also be analyzed with similar results. The dissertation concludes by presenting some general guidelines to build a coordination-based approach of electronic voting systems to improve the security without decreasing the system modularity.
Resumo:
In the twenty-first century, the issue of privacy--particularly the privacy of individuals with regard to their personal information and effects--has become highly contested terrain, producing a crisis that affects both national and global social formations. This crisis, or problematic, characterizes a particular historical conjuncture I term the namespace. Using cultural studies and the theory of articulation, I map the emergent ways that the namespace articulates economic, juridical, political, cultural, and technological forces, materials, practices and protocols. The cohesive articulation of the namespace requires that privacy be reframed in ways that make its diminution seem natural and inevitable. In the popular media, privacy is often depicted as the price we pay as citizens and consumers for security and convenience, respectively. This discursive ideological shift supports and underwrites the interests of state and corporate actors who leverage the ubiquitous network of digitally connected devices to engender a new regime of informational surveillance, or dataveillance. The widespread practice of dataveillance represents a strengthening of the hegemonic relations between these actors--each shares an interest in promoting an emerging surveillance society, a burgeoning security politics, and a growing information economy--that further empowers them to capture and store the personal information of citizens/consumers. In characterizing these shifts and the resulting crisis, I also identify points of articulation vulnerable to rearticulation and suggest strategies for transforming the namespace in ways that might empower stronger protections for privacy and related civil rights.
Resumo:
The development of the Internet has made it possible to transfer data ‘around the globe at the click of a mouse’. Especially fresh business models such as cloud computing, the newest driver to illustrate the speed and breadth of the online environment, allow this data to be processed across national borders on a routine basis. A number of factors cause the Internet to blur the lines between public and private space: Firstly, globalization and the outsourcing of economic actors entrain an ever-growing exchange of personal data. Secondly, the security pressure in the name of the legitimate fight against terrorism opens the access to a significant amount of data for an increasing number of public authorities.And finally,the tools of the digital society accompany everyone at each stage of life by leaving permanent individual and borderless traces in both space and time. Therefore, calls from both the public and private sectors for an international legal framework for privacy and data protection have become louder. Companies such as Google and Facebook have also come under continuous pressure from governments and citizens to reform the use of data. Thus, Google was not alone in calling for the creation of ‘global privacystandards’. Efforts are underway to review established privacy foundation documents. There are similar efforts to look at standards in global approaches to privacy and data protection. The last remarkable steps were the Montreux Declaration, in which the privacycommissioners appealed to the United Nations ‘to prepare a binding legal instrument which clearly sets out in detail the rights to data protection and privacy as enforceable human rights’. This appeal was repeated in 2008 at the 30thinternational conference held in Strasbourg, at the 31stconference 2009 in Madrid and in 2010 at the 32ndconference in Jerusalem. In a globalized world, free data flow has become an everyday need. Thus, the aim of global harmonization should be that it doesn’t make any difference for data users or data subjects whether data processing takes place in one or in several countries. Concern has been expressed that data users might seek to avoid privacy controls by moving their operations to countries which have lower standards in their privacy laws or no such laws at all. To control that risk, some countries have implemented special controls into their domestic law. Again, such controls may interfere with the need for free international data flow. A formula has to be found to make sure that privacy at the international level does not prejudice this principle.
Resumo:
The ever increasing popularity of apps stems from their ability to provide highly customized services to the user. The flip side is that in order to provide such services, apps need access to very sensitive private information about the user. This leads to malicious apps that collect personal user information in the background and exploit it in various ways. Studies have shown that current app vetting processes which are mainly restricted to install time verification mechanisms are incapable of detecting and preventing such attacks. We argue that the missing fundamental aspect here is a comprehensive and usable mobile privacy solution, one that not only protects the user's location information, but also other equally sensitive user data such as the user's contacts and documents. A solution that is usable by the average user who does not understand or care about the low level technical details. To bridge this gap, we propose privacy metrics that quantify low-level app accesses in terms of privacy impact and transforms them to high-level user understandable ratings. We also provide the design and architecture of our Privacy Panel app that represents the computed ratings in a graphical user-friendly format and allows the user to define policies based on them. Finally, experimental results are given to validate the scalability of the proposed solution.
Resumo:
Since the emergence of the Internet and Social Media, privacy concerns and need for regulation in this area have been a frequent subject on the agenda of numerous stakeholders and policy-makers worldwide. Contributing to this debate, this paper builds on the responses of 553 Internet users to uncover users’ current privacy concerns and their attitudes towards legal assurances in this context. Our findings suggest that users have a complex attitude towards these issues. While they express strong concerns about privacy when asked directly, they often have difficulties formulating the exact nature of these concerns. In the Facebook context, Facebook itself is often mentioned as the primary source of threat, closely followed by marketing organizations. Users feel ill-protected by existing legal framework, especially when using Social Networking Sites. Reasons include common beliefs that the law is unable to address complexities of the Internet; local character of laws; possibilities to disregard the law, particularly since enforcement is difficult. Overall, positive changes in legal framework are desirable, with many respondents willing to pay more in taxes to ensure progress in this area.
Resumo:
Worldwide social networks, like Facebook, face fierce competition from local platforms when expanding globally. To remain attractive social network providers need to encourage user self-disclosure. Yet, little research exists on how cultural differences impact selfdisclosure on these platforms. Addressing this gap, this study explores the differences in perceptions of disclosure-relevant determinants between German and US users. Survey of Facebook members indicates that German users expect more damage and attribute higher probability to privacy-related violations. On the other hand, even though American users show higher level of privacy concern, they extract more benefits from their social networking activities, have more trust in the service provider and legal assurances as well as perceive more control. These factors may explain a higher level of self-disclosure indicated by American users. Our results provide relevant insights for the social network providers who can adjust their expansion strategy with regard to cultural differences.
Resumo:
Theoretical propositions stressing the importance of trust, reciprocity, and reputation for cooperation in social exchange relations are deeply rooted in classical sociological thought. Today’s online markets provide a unique opportunity to test these theories using unobtrusive data. Our study investigates the mechanisms promoting cooperation in an online-auction market where most transactions can be conceived as one-time-only exchanges. We first give a systematic account of the theoretical arguments explaining the process of cooperative transactions. Then, using a large dataset comprising 14,627 mobile phone auctions and 339,517 DVD auctions, we test key hypotheses about the effects of traders’ reputations on auction outcomes and traders’ motives for leaving feedback. Our statistical analyses show that sellers with better reputations have higher sales and obtain higher prices. Furthermore, we observe a high rate of participation in the feedback system, which is largely consistent with strong reciprocity—a predisposition to unconditionally reward (or punish) one’s interaction partner’s cooperation (or defection)—and altruism—a predisposition to increase one’s own utility by elevating an interaction partner’s utility. Our study demonstrates how strong reciprocity and altruism can mitigate the free-rider problem in the feedback system to create reputational incentives for mutually beneficial online trade.
Resumo:
Equipped with state-of-the-art smartphones and mobile devices, today's highly interconnected urban population is increasingly dependent on these gadgets to organize and plan their daily lives. These applications often rely on current (or preferred) locations of individual users or a group of users to provide the desired service, which jeopardizes their privacy; users do not necessarily want to reveal their current (or preferred) locations to the service provider or to other, possibly untrusted, users. In this paper, we propose privacy-preserving algorithms for determining an optimal meeting location for a group of users. We perform a thorough privacy evaluation by formally quantifying privacy-loss of the proposed approaches. In order to study the performance of our algorithms in a real deployment, we implement and test their execution efficiency on Nokia smartphones. By means of a targeted user-study, we attempt to get an insight into the privacy-awareness of users in location-based services and the usability of the proposed solutions.
Resumo:
BACKGROUND Record linkage of existing individual health care data is an efficient way to answer important epidemiological research questions. Reuse of individual health-related data faces several problems: Either a unique personal identifier, like social security number, is not available or non-unique person identifiable information, like names, are privacy protected and cannot be accessed. A solution to protect privacy in probabilistic record linkages is to encrypt these sensitive information. Unfortunately, encrypted hash codes of two names differ completely if the plain names differ only by a single character. Therefore, standard encryption methods cannot be applied. To overcome these challenges, we developed the Privacy Preserving Probabilistic Record Linkage (P3RL) method. METHODS In this Privacy Preserving Probabilistic Record Linkage method we apply a three-party protocol, with two sites collecting individual data and an independent trusted linkage center as the third partner. Our method consists of three main steps: pre-processing, encryption and probabilistic record linkage. Data pre-processing and encryption are done at the sites by local personnel. To guarantee similar quality and format of variables and identical encryption procedure at each site, the linkage center generates semi-automated pre-processing and encryption templates. To retrieve information (i.e. data structure) for the creation of templates without ever accessing plain person identifiable information, we introduced a novel method of data masking. Sensitive string variables are encrypted using Bloom filters, which enables calculation of similarity coefficients. For date variables, we developed special encryption procedures to handle the most common date errors. The linkage center performs probabilistic record linkage with encrypted person identifiable information and plain non-sensitive variables. RESULTS In this paper we describe step by step how to link existing health-related data using encryption methods to preserve privacy of persons in the study. CONCLUSION Privacy Preserving Probabilistic Record linkage expands record linkage facilities in settings where a unique identifier is unavailable and/or regulations restrict access to the non-unique person identifiable information needed to link existing health-related data sets. Automated pre-processing and encryption fully protect sensitive information ensuring participant confidentiality. This method is suitable not just for epidemiological research but also for any setting with similar challenges.
Resumo:
PURPOSE The implementation of genomic-based medicine is hindered by unresolved questions regarding data privacy and delivery of interpreted results to health-care practitioners. We used DNA-based prediction of HIV-related outcomes as a model to explore critical issues in clinical genomics. METHODS We genotyped 4,149 markers in HIV-positive individuals. Variants allowed for prediction of 17 traits relevant to HIV medical care, inference of patient ancestry, and imputation of human leukocyte antigen (HLA) types. Genetic data were processed under a privacy-preserving framework using homomorphic encryption, and clinical reports describing potentially actionable results were delivered to health-care providers. RESULTS A total of 230 patients were included in the study. We demonstrated the feasibility of encrypting a large number of genetic markers, inferring patient ancestry, computing monogenic and polygenic trait risks, and reporting results under privacy-preserving conditions. The average execution time of a multimarker test on encrypted data was 865 ms on a standard computer. The proportion of tests returning potentially actionable genetic results ranged from 0 to 54%. CONCLUSIONS The model of implementation presented herein informs on strategies to deliver genomic test results for clinical care. Data encryption to ensure privacy helps to build patient trust, a key requirement on the road to genomic-based medicine.Genet Med advance online publication 14 January 2016Genetics in Medicine (2016); doi:10.1038/gim.2015.167.
Resumo:
The federal government is currently developing the Nationwide Health Information Network (NHIN). Described as a “network of networks,” the NHIN seeks to provide a nationwide, interoperable health information infrastructure that will securely connect consumers with those involved in health care. As part of the national health information technology (HIT) agenda, the NHIN aims to improve individual and population health by enabling health information to follow the consumer, be available for clinical decision-making, and support important public health measures such as biosurveillance. While the NHIN promises to improve clinical care to individuals and to reduce U.S. health care system costs overall, this electronic environment presents novel challenges for protecting individually identifiable health information. A major barrier to achieving public trust in the NHIN is the development of, and adherence to, a consistent and coordinated approach to privacy and security of health information. This paper will analyze the policy framework for electronic health information exchange with the NHIN. This exercise will demonstrate that the current policy is an effective framework for achieving effective biosurveillance with the NHIN. ^
