Arquitectura y modelo de referencia para un ecosistema de intercambio de datos personales centrado en el usuario

Los servicios telemáticos han transformando la mayoría de nuestras actividades cotidianas y ofrecen oportunidades sin precedentes con características como, por ejemplo, el acceso ubicuo, la disponibilidad permanente, la independencia del dispositivo utilizado, la multimodalidad o la gratuidad, entre otros. No obstante, los beneficios que destacan en cuanto se reflexiona sobre estos servicios, tienen como contrapartida una serie de riesgos y amenazas no tan obvios, ya que éstos se nutren de y tratan con datos personales, lo cual suscita dudas respecto a la privacidad de las personas. Actualmente, las personas que asumen el rol de usuarios de servicios telemáticos generan constantemente datos digitales en distintos proveedores. Estos datos reflejan parte de su intimidad, de sus características particulares, preferencias, intereses, relaciones sociales, hábitos de consumo, etc. y lo que es más controvertido, toda esta información se encuentra bajo la custodia de distintos proveedores que pueden utilizarla más allá de las necesidades y el control del usuario. Los datos personales y, en particular, el conocimiento sobre los usuarios que se puede extraer a partir de éstos (modelos de usuario) se han convertido en un nuevo activo económico para los proveedores de servicios. De este modo, estos recursos se pueden utilizar para ofrecer servicios centrados en el usuario basados, por ejemplo, en la recomendación de contenidos, la personalización de productos o la predicción de su comportamiento, lo cual permite a los proveedores conectar con los usuarios, mantenerlos, involucrarlos y en definitiva, fidelizarlos para garantizar el éxito de un modelo de negocio. Sin embargo, dichos recursos también pueden utilizarse para establecer otros modelos de negocio que van más allá de su procesamiento y aplicación individual por parte de un proveedor y que se basan en su comercialización y compartición con otras entidades. Bajo esta perspectiva, los usuarios sufren una falta de control sobre los datos que les refieren, ya que esto depende de la voluntad y las condiciones impuestas por los proveedores de servicios, lo cual implica que habitualmente deban enfrentarse ante la disyuntiva de ceder sus datos personales o no acceder a los servicios telemáticos ofrecidos. Desde el sector público se trata de tomar medidas que protejan a los usuarios con iniciativas y legislaciones que velen por su privacidad y que aumenten el control sobre sus datos personales, a la vez que debe favorecer el desarrollo económico propiciado por estos proveedores de servicios. En este contexto, esta tesis doctoral propone una arquitectura y modelo de referencia para un ecosistema de intercambio de datos personales centrado en el usuario que promueve la creación, compartición y utilización de datos personales y modelos de usuario entre distintos proveedores, al mismo tiempo que ofrece a los usuarios las herramientas necesarias para ejercer su control en cuanto a la cesión y uso de sus recursos personales y obtener, en su caso, distintos incentivos o contraprestaciones económicas. Las contribuciones originales de la tesis son la especificación y diseño de una arquitectura que se apoya en un proceso de modelado distribuido que se ha definido en el marco de esta investigación. Éste se basa en el aprovechamiento de recursos que distintas entidades (fuentes de datos) ofrecen para generar modelos de usuario enriquecidos que cubren las necesidades específicas de terceras entidades, considerando la participación del usuario y el control sobre sus recursos personales (datos y modelos de usuario). Lo anterior ha requerido identificar y caracterizar las fuentes de datos con potencial de abastecer al ecosistema, determinar distintos patrones para la generación de modelos de usuario a partir de datos personales distribuidos y heterogéneos y establecer una infraestructura para la gestión de identidad y privacidad que permita a los usuarios expresar sus preferencias e intereses respecto al uso y compartición de sus recursos personales. Además, se ha definido un modelo de negocio de referencia que sustenta las investigaciones realizadas y que ha sido particularizado en dos ámbitos de aplicación principales, en concreto, el sector de publicidad en redes sociales y el sector financiero para la implantación de nuevos servicios. Finalmente, cabe destacar que las contribuciones de esta tesis han sido validadas en el contexto de distintos proyectos de investigación industrial aplicada y también en el marco de proyectos fin de carrera que la autora ha tutelado o en los que ha colaborado. Los resultados obtenidos han originado distintos méritos de investigación como dos patentes en explotación, la publicación de un artículo en una revista con índice de impacto y diversos artículos en congresos internacionales de relevancia. Algunos de éstos han sido galardonados con premios de distintas instituciones, así como en las conferencias donde han sido presentados. ABSTRACT Information society services have changed most of our daily activities, offering unprecedented opportunities with certain characteristics, such as: ubiquitous access, permanent availability, device independence, multimodality and free-of-charge services, among others. However, all the positive aspects that emerge when thinking about these services have as counterpart not-so-obvious threats and risks, because they feed from and use personal data, thus creating concerns about peoples’ privacy. Nowadays, people that play the role of user of services are constantly generating digital data in different service providers. These data reflect part of their intimacy, particular characteristics, preferences, interests, relationships, consumer behavior, etc. Controversy arises because this personal information is stored and kept by the mentioned providers that can use it beyond the user needs and control. Personal data and, in particular, the knowledge about the user that can be obtained from them (user models) have turned into a new economic asset for the service providers. In this way, these data and models can be used to offer user centric services based, for example, in content recommendation, tailored-products or user behavior, all of which allows connecting with the users, keeping them more engaged and involved with the provider, finally reaching customer loyalty in order to guarantee the success of a business model. However, these resources can be used to establish a different kind of business model; one that does not only processes and individually applies personal data, but also shares and trades these data with other entities. From that perspective, the users lack control over their referred data, because it depends from the conditions imposed by the service providers. The consequence is that the users often face the following dilemma: either giving up their personal data or not using the offered services. The Public Sector takes actions in order to protect the users approving, for example, laws and legal initiatives that reinforce privacy and increase control over personal data, while at the same time the authorities are also key players in the economy development that derives from the information society services. In this context, this PhD Dissertation proposes an architecture and reference model to achieve a user-centric personal data ecosystem that promotes the creation, sharing and use of personal data and user models among different providers, while offering users the tools to control who can access which data and why and if applicable, to obtain different incentives. The original contributions obtained are the specification and design of an architecture that supports a distributed user modelling process defined by this research. This process is based on leveraging scattered resources of heterogeneous entities (data sources) to generate on-demand enriched user models that fulfill individual business needs of third entities, considering the involvement of users and the control over their personal resources (data and user models). This has required identifying and characterizing data sources with potential for supplying resources, defining different generation patterns to produce user models from scattered and heterogeneous data, and establishing identity and privacy management infrastructures that allow users to set their privacy preferences regarding the use and sharing of their resources. Moreover, it has also been proposed a reference business model that supports the aforementioned architecture and this has been studied for two application fields: social networks advertising and new financial services. Finally, it has to be emphasized that the contributions obtained in this dissertation have been validated in the context of several national research projects and master thesis that the author has directed or has collaborated with. Furthermore, these contributions have produced different scientific results such as two patents and different publications in relevant international conferences and one magazine. Some of them have been awarded with different prizes.

Sistema de ayuda a la selección de soluciones de protección de datos personales, para los productos y servicios en “Internet de las Cosas”

Los nuevos productos y servicios de “Internet de las Cosas” nos harán más eficientes, con una mayor capacidad de actuación y una mejor comprensión de nuestro entorno. Se desarrollarán nuevas ayudas técnicas que permitirán prolongar nuestra vida activa, y muchas ventajas que hoy día nos costaría imaginar. Sin embargo coexistiremos con una gran cantidad de dispositivos que recopilarán información sobre nuestra actividad, costumbres, preferencias, etc., que podrían amenazar nuestra privacidad. La desconfianza que estos riesgos podrían generar en las personas, actuaría como una barrera que podría dificultar el pleno desarrollo de esta nueva gama de productos y servicios. Internet de las Cosas, alcanza su significado más representativo con las Ciudades Inteligentes (Smart Cities) que proporcionan las herramientas necesarias para mejorar la gestión de las ciudades modernas de una manera mucho más eficiente. Estas herramientas necesitan recolectar información de los ciudadanos abriendo la posibilidad de someterlos a un seguimiento. Así, las políticas de seguridad y privacidad deben desarrollarse para satisfacer y gestionar la heterogeneidad legislativa en torno a los servicios prestados y cumplir con las leyes del país en el que se proporcionan estos servicios. El objetivo de esta tesis es aportar una posible solución para la garantizar la seguridad y privacidad de los datos personales en Internet de las Cosas, mediante técnicas que resulten de la colaboración entre las áreas empresarial, legislativa y tecnológica para dar confianza a todos los actores involucrados y resolver la posible colisión de intereses entre ellos, y también debe ser capaz de poder gestionar la heterogeneidad legislativa. Considerando que gran parte de estos servicios se canalizan a través de redes de sensores inalámbricos, y que estas redes tienen importantes limitaciones de recursos, se propone un sistema de gestión que además sea capaz de dar una cobertura de seguridad y privacidad justo a medida de las necesidades. ABSTRACT New products and services offered by the “Internet of Things” will make people more efficient and more able to understand the environment and take better decisions. New assistive technologies will allow people to extend their working years and many other advantages that currently are hard to foreseen. Nonetheless, we will coexist with a large number of devices collecting information about activities, habits, preferences, etc. This situation could threaten personal privacy. Distrust could be a barrier to the full development of these new products and services. Internet of Things reaches its most representative meaning by the Smart Cities providing the necessary solutions to improve the management of modern cities by means of more efficient tools. These tools require gathering citizens’ information about their activity, preferences, habits, etc. opening up the possibility of tracking them. Thus, privacy and security policies must be developed in order to satisfy and manage the legislative heterogeneity surrounding the services provided and comply with the laws of the country where they are provided. The objective of this thesis is to provide a feasible solution to ensure the security and privacy of personal data on the Internet of Things through resulting techniques from the collaboration between business, legislative and technological areas so as to give confidence to all stakeholders and resolve the possible conflict of interest between them, as well as to manage the legislative heterogeneity. Whereas most of these services are based on wireless sensor networks, and these networks have significant resource constraints, the proposed management system is also able to cover the security and privacy requirements considering those constrains.

TRAAC: Trust and Risk Aware Access Control

Postprint

Coleta de dados pessoais e paradoxo da privacidade: um estudo entre usuários de aplicativos móveis

Aplicativos móveis de celulares que coletam dados pessoais estão cada vez mais presentes na rotina do cidadão comum. Associado a estas aplicações, há polêmicas sobre riscos de segurança e de invasão de privacidade, que podem se tornar entraves para aceitação destes sistemas por parte dos usuários. Por outro lado, discute-se o Paradoxo da Privacidade, em que os consumidores revelam mais informações pessoais voluntariamente, apesar de declarar que reconhecem os riscos. Há pouco consenso, nas pesquisas acadêmicas, sobre os motivos deste paradoxo ou mesmo se este fenômeno realmente existe. O objetivo desta pesquisa é analisar como a coleta de informações sensíveis influencia a escolha de aplicativos móveis. A metodologia é o estudo de aplicativos disponíveis em lojas virtuais para celulares através de técnicas qualitativas e quantitativas. Os resultados indicam que os produtos mais populares da loja são aqueles que coletam mais dados pessoais. Porém, em uma análise minuciosa, observa-se que aqueles mais buscados também pertencem a empresas de boa reputação e possuem mais funcionalidades, que exigem maior acesso aos dados privativos do celular. Na survey realizada em seguida, nota-se que os consumidores reduzem o uso dos aplicativos quando consideram que o produto coleta dados excessivamente, mas a estratégia para proteger essas informações pode variar. No grupo dos usuários que usam aplicativos que coletam dados excessivamente, conclui-se que o motivo primordial para compartilhar informações pessoais são as funcionalidades. Além disso, esta pesquisa confirma que comparar os dados solicitados pelos aplicativos com a expectativa inicial do consumidor é um constructo complementar para avaliar preocupações com privacidade, ao invés de simplesmente analisar a quantidade de informações coletadas. O processo desta pesquisa também ilustrou que, dependendo do método utilizado para análise, é possível chegar a resultados opostos sobre a ocorrência ou não do paradoxo. Isso pode dar indícios sobre os motivos da falta de consenso sobre o assunto

¿Qué caracteriza el conocimiento del profesor de matemáticas en la planificación del concepto de límite al infinito de una función para su enseñanza?

Se reportan avances de una investigación que se interesa por determinar las características del conocimiento matemático para la enseñanza del concepto de límite al infinito de una función que pone en acción el profesor en la planificación del tópico. El estudio se fundamenta en el modelo Conocimiento Matemático para la Enseñanza (MKT). En el estudio participan dos profesores de matemáticas de España y uno de México. Los datos se obtienen mediante una entrevista semiestructurada que involucró aspectos sobre los datos personales, el aula de clases, la planificación del profesor y del investigador sobre el tópico. El análisis de los daros se realiza en tres fases: generación de las unidades de análisis, agrupamiento en categorías de dichas unidades y determinación de las características del conocimiento del profesor. Los resultados evidencian que el profesor pone en acción los subdominios del MKT cuando planifica la enseñanza del concepto de límite al infinito de una función.

BMI and physical activity in diabetic adolescents followed Hospital Barcelos

Introduction: Physical activity is related to health and lifestyle and should be part of the daily routine of all individuals since it brings many benefits to the body. Ains: To study the adolescent population‘s body mass index (BMI). To study the relation between physical activity and gender. Materials and Methods: We performed a quantitative, observational, analytic and cross-sectional study. After the use of exclusion criteria, a sample of 36 individuals was selected from a population of diabetic adolescents. A validated questionnaire was applied to collected physical activity and personal data. SPSS 22.0 was used to treat the data. The chi-square test was applied to study the relation between the level of physical activity and gender; Fisher’s exact test was applied to study the relation between level of physical activity and BMI. Results and discussion: The chi-square test showed a significant relation between the level of physical activity and gender (p-value = 0.018) with moderate intensity (phi = .4), which corroborates other national and worldwide studies. Fisher’s exact test showed no relation between BMI and the level of physical activity (p-value=0,646). Conclusion: 86,1% of the sampled diabetic adolescents are eutrophic, and 66,7% are considered insufficient active. A significant relation was found between gender and the level of physical activity. No relation was found between BMI and level of physical activity.

Gestionnaire de vie privée : un cadre pour la protection de la vie privée dans les interactions entre apprenants

L’évolution continue des besoins d’apprentissage vers plus d’efficacité et plus de personnalisation a favorisé l’émergence de nouveaux outils et dimensions dont l’objectif est de rendre l’apprentissage accessible à tout le monde et adapté aux contextes technologiques et sociaux. Cette évolution a donné naissance à ce que l’on appelle l'apprentissage social en ligne mettant l'accent sur l’interaction entre les apprenants. La considération de l’interaction a apporté de nombreux avantages pour l’apprenant, à savoir établir des connexions, échanger des expériences personnelles et bénéficier d’une assistance lui permettant d’améliorer son apprentissage. Cependant, la quantité d'informations personnelles que les apprenants divulguent parfois lors de ces interactions, mène, à des conséquences souvent désastreuses en matière de vie privée comme la cyberintimidation, le vol d’identité, etc. Malgré les préoccupations soulevées, la vie privée en tant que droit individuel représente une situation idéale, difficilement reconnaissable dans le contexte social d’aujourd’hui. En effet, on est passé d'une conceptualisation de la vie privée comme étant un noyau des données sensibles à protéger des pénétrations extérieures à une nouvelle vision centrée sur la négociation de la divulgation de ces données. L’enjeu pour les environnements sociaux d’apprentissage consiste donc à garantir un niveau maximal d’interaction pour les apprenants tout en préservant leurs vies privées. Au meilleur de nos connaissances, la plupart des innovations dans ces environnements ont porté sur l'élaboration des techniques d’interaction, sans aucune considération pour la vie privée, un élément portant nécessaire afin de créer un environnement favorable à l’apprentissage. Dans ce travail, nous proposons un cadre de vie privée que nous avons appelé « gestionnaire de vie privée». Plus précisément, ce gestionnaire se charge de gérer la protection des données personnelles et de la vie privée de l’apprenant durant ses interactions avec ses co-apprenants. En s’appuyant sur l’idée que l’interaction permet d’accéder à l’aide en ligne, nous analysons l’interaction comme une activité cognitive impliquant des facteurs contextuels, d’autres apprenants, et des aspects socio-émotionnels. L'objectif principal de cette thèse est donc de revoir les processus d’entraide entre les apprenants en mettant en oeuvre des outils nécessaires pour trouver un compromis entre l’interaction et la protection de la vie privée. ii Ceci a été effectué selon trois niveaux : le premier étant de considérer des aspects contextuels et sociaux de l’interaction telle que la confiance entre les apprenants et les émotions qui ont initié le besoin d’interagir. Le deuxième niveau de protection consiste à estimer les risques de cette divulgation et faciliter la décision de protection de la vie privée. Le troisième niveau de protection consiste à détecter toute divulgation de données personnelles en utilisant des techniques d’apprentissage machine et d’analyse sémantique.

Fatores de risco em saúde mental : contributos para o bem-estar biopsicossocial dos profissionais da saúde

CONTEXTO: A nossa investigação estuda o stress no trabalho e a sua relação com a saúde mental. Descrevemos fatores específicos e de risco psicossocial no trabalho, particularmente no trabalho dos enfermeiros, e as suas implicações para a saúde mental e para o bem-estar biopsicossocial, tais como: Tipo de trabalho; Conteúdo do trabalho; Desempenho de papel; Relações interpessoais e grupais; Desenvolvimento da carreira; Novas tecnologias e Aspetos organizacionais. OBJETIVO(S): O objetivo fundamental foi estudar a influência de algumas variáveis pessoais e situacionais de risco biopsicossocial na saúde mental e no bem-estar dos profissionais de saúde, em contexto hospitalar METODOLOGIA: Trata-se de um estudo quantitativo, transversal e descritivo, do tipo correlacional. A recolha de informação obedeceu a um protocolo constituído por dados pessoais e as escalas: Satisfação geral do trabalho, Questionário geral de saúde, Questionário de saúde, Escala de fadiga crónica, Escala de ansiedade cognitiva-somática, Inventário de personalidade de Eysenck, Inventário clínico de autoconceito, Inventário de resolução de problemas, Questionário de vulnerabilidade ao stress e Questionário de stress ao trabalho. A amostra foi não probabilística intencional, constituída por 570 enfermeiros, a laborarem por turnos e em regime normal, no contexto hospitalar, perfazendo, no final, 360 enfermeiros. RESULTADOS: Os principais resultados apontam o seguinte: Os enfermeiros manifestam algum descontentamento com o ambiente de trabalho; A globalidade da amostra demonstra índices de saúde baixos; Regra geral, todos os enfermeiros estão vulneráveis ao stress; Em relação ao stress produzido pelas circunstâncias organizacionais, a totalidade da amostra revela elevados índices de stress e o seu bem-estar biopsicossocial, manifestamente afetado. CONCLUSÕES: Destes resultados fomos levados a concluir que quanto maior for a fadiga crónica, o neuroticíssimo e a ansiedade cognitiva, maior será a tendência dos enfermeiros para diminuírem a autorresponsabilização e o medo. Esta relação pode tornar-se circular e levar a comportamentos desajustados como, por exemplo, indiferença, desinteresse, relações interpessoais conflituosas, entre outros aspetos. As consequências de tais comportamentos poderão traduzir-se em absentismo, erros de desempenho ou vontade de abandonar a instituição.

Gestionnaire de vie privée : un cadre pour la protection de la vie privée dans les interactions entre apprenants

L’évolution continue des besoins d’apprentissage vers plus d’efficacité et plus de personnalisation a favorisé l’émergence de nouveaux outils et dimensions dont l’objectif est de rendre l’apprentissage accessible à tout le monde et adapté aux contextes technologiques et sociaux. Cette évolution a donné naissance à ce que l’on appelle l'apprentissage social en ligne mettant l'accent sur l’interaction entre les apprenants. La considération de l’interaction a apporté de nombreux avantages pour l’apprenant, à savoir établir des connexions, échanger des expériences personnelles et bénéficier d’une assistance lui permettant d’améliorer son apprentissage. Cependant, la quantité d'informations personnelles que les apprenants divulguent parfois lors de ces interactions, mène, à des conséquences souvent désastreuses en matière de vie privée comme la cyberintimidation, le vol d’identité, etc. Malgré les préoccupations soulevées, la vie privée en tant que droit individuel représente une situation idéale, difficilement reconnaissable dans le contexte social d’aujourd’hui. En effet, on est passé d'une conceptualisation de la vie privée comme étant un noyau des données sensibles à protéger des pénétrations extérieures à une nouvelle vision centrée sur la négociation de la divulgation de ces données. L’enjeu pour les environnements sociaux d’apprentissage consiste donc à garantir un niveau maximal d’interaction pour les apprenants tout en préservant leurs vies privées. Au meilleur de nos connaissances, la plupart des innovations dans ces environnements ont porté sur l'élaboration des techniques d’interaction, sans aucune considération pour la vie privée, un élément portant nécessaire afin de créer un environnement favorable à l’apprentissage. Dans ce travail, nous proposons un cadre de vie privée que nous avons appelé « gestionnaire de vie privée». Plus précisément, ce gestionnaire se charge de gérer la protection des données personnelles et de la vie privée de l’apprenant durant ses interactions avec ses co-apprenants. En s’appuyant sur l’idée que l’interaction permet d’accéder à l’aide en ligne, nous analysons l’interaction comme une activité cognitive impliquant des facteurs contextuels, d’autres apprenants, et des aspects socio-émotionnels. L'objectif principal de cette thèse est donc de revoir les processus d’entraide entre les apprenants en mettant en oeuvre des outils nécessaires pour trouver un compromis entre l’interaction et la protection de la vie privée. ii Ceci a été effectué selon trois niveaux : le premier étant de considérer des aspects contextuels et sociaux de l’interaction telle que la confiance entre les apprenants et les émotions qui ont initié le besoin d’interagir. Le deuxième niveau de protection consiste à estimer les risques de cette divulgation et faciliter la décision de protection de la vie privée. Le troisième niveau de protection consiste à détecter toute divulgation de données personnelles en utilisant des techniques d’apprentissage machine et d’analyse sémantique.

Attributes of identity document credibility: A synthesis of expert knowledge

In broad terms — including a thief's use of existing credit card, bank, or other accounts — the number of identity fraud victims in the United States ranges 9-10 million per year, or roughly 4% of the US adult population. The average annual theft per stolen identity was estimated at $6,383 in 2006, up approximately 22% from $5,248 in 2003; an increase in estimated total theft from $53.2 billion in 2003 to $56.6 billion in 2006. About three million Americans each year fall victim to the worst kind of identity fraud: new account fraud. Names, Social Security numbers, dates of birth, and other data are acquired fraudulently from the issuing organization, or from the victim then these data are used to create fraudulent identity documents. In turn, these are presented to other organizations as evidence of identity, used to open new lines of credit, secure loans, “flip” property, or otherwise turn a profit in a victim's name. This is much more time consuming — and typically more costly — to repair than fraudulent use of existing accounts. ^ This research borrows from well-established theoretical backgrounds, in an effort to answer the question – what is it that makes identity documents credible? Most importantly, identification of the components of credibility draws upon personal construct psychology, the underpinning for the repertory grid technique, a form of structured interviewing that arrives at a description of the interviewee’s constructs on a given topic, such as credibility of identity documents. This represents substantial contribution to theory, being the first research to use the repertory grid technique to elicit from experts, their mental constructs used to evaluate credibility of different types of identity documents reviewed in the course of opening new accounts. The research identified twenty-one characteristics, different ones of which are present on different types of identity documents. Expert evaluations of these documents in different scenarios suggest that visual characteristics are most important for a physical document, while authenticated personal data are most important for a digital document. ^

Attributes of Identity Document Credibility: A Synthesis of Expert Knowledge

In broad terms — including a thief's use of existing credit card, bank, or other accounts — the number of identity fraud victims in the United States ranges 9-10 million per year, or roughly 4% of the US adult population. The average annual theft per stolen identity was estimated at $6,383 in 2006, up approximately 22% from $5,248 in 2003; an increase in estimated total theft from $53.2 billion in 2003 to $56.6 billion in 2006. About three million Americans each year fall victim to the worst kind of identity fraud: new account fraud. Names, Social Security numbers, dates of birth, and other data are acquired fraudulently from the issuing organization, or from the victim then these data are used to create fraudulent identity documents. In turn, these are presented to other organizations as evidence of identity, used to open new lines of credit, secure loans, “flip” property, or otherwise turn a profit in a victim's name. This is much more time consuming — and typically more costly — to repair than fraudulent use of existing accounts. This research borrows from well-established theoretical backgrounds, in an effort to answer the question – what is it that makes identity documents credible? Most importantly, identification of the components of credibility draws upon personal construct psychology, the underpinning for the repertory grid technique, a form of structured interviewing that arrives at a description of the interviewee’s constructs on a given topic, such as credibility of identity documents. This represents substantial contribution to theory, being the first research to use the repertory grid technique to elicit from experts, their mental constructs used to evaluate credibility of different types of identity documents reviewed in the course of opening new accounts. The research identified twenty-one characteristics, different ones of which are present on different types of identity documents. Expert evaluations of these documents in different scenarios suggest that visual characteristics are most important for a physical document, while authenticated personal data are most important for a digital document.

Domain-driven classification based on multiple criteria and multiple constraint-level programming for intelligent credit scoring

Extracting knowledge from the transaction records and the personal data of credit card holders has great profit potential for the banking industry. The challenge is to detect/predict bankrupts and to keep and recruit the profitable customers. However, grouping and targeting credit card customers by traditional data-driven mining often does not directly meet the needs of the banking industry, because data-driven mining automatically generates classification outputs that are imprecise, meaningless, and beyond users' control. In this paper, we provide a novel domain-driven classification method that takes advantage of multiple criteria and multiple constraint-level programming for intelligent credit scoring. The method involves credit scoring to produce a set of customers' scores that allows the classification results actionable and controllable by human interaction during the scoring process. Domain knowledge and experts' experience parameters are built into the criteria and constraint functions of mathematical programming and the human and machine conversation is employed to generate an efficient and precise solution. Experiments based on various data sets validated the effectiveness and efficiency of the proposed methods. © 2006 IEEE.

La protection des données personnelles en droit international privé

Les nouvelles technologies et l’arrivée de l’Internet ont considérablement facilité les échanges transnationaux de données entre les entreprises publiques et/ou privées et également entre les personnes elles-mêmes. Cependant cette révolution numérique n’a pas été sans conséquences sur l’utilisation de nos données personnelles puisque cette abondance de données à la portée de tiers peut conduire à des atteintes : la commercialisation des données personnelles sans le consentement de l’intéressé par des entreprises ou encore la diffusion de sa photographie, de son nom, de son prénom à son insu en sont des exemples. La question qui vient alors se poser est en cas de litige, c’est-à-dire en cas d’atteintes au droit à la protection de nos données personnelles, présentant un ou des éléments d’extranéité, quels tribunaux pouvons-nous saisir ? Et quelle est la loi qui sera applicable ? Les droits québécois, de l’Union européenne, et suisse présentent différents critères de rattachement intéressants et adaptés à des situations prenant place hors et sur internet. Le droit commun de chacun de ces systèmes est envisagé, puis appliqué aux données personnelles dans le cadre d’une situation normale, et ensuite à internet si la situation diffère. La doctrine est également analysée dans la mesure où certaines solutions sont tout à fait intéressantes, et cela notamment sur internet. Un premier chapitre est consacré à la compétence internationale des tribunaux et aux critères de rattachement envisageables en droit commun à savoir notamment : le tribunal de l’État de survenance du préjudice, le tribunal de l’État de la faute ou encore le tribunal du domicile de la victime. Et ceux prévus ou non par la doctrine tels que l’accessibilité et le ciblage par exemple. Les conflits de lois sont étudiés dans un deuxième chapitre avec également l’énumération les différents facteurs de rattachement envisageables en droit commun comme la loi de l’État du préjudice, la loi de l’État de la faute ou encore la loi de l’État favorisant la victime. Et également ceux prévus par la doctrine : la loi de l’État « offrant la meilleure protection des données à caractère personnel » ou encore la loi de l’État où est établi le « maître du fichier ». Le tribunal le plus compétent au regard des principes généraux de droit international privé en cas d’atteintes au droit de la protection des données personnelles hors et sur internet est le tribunal de l’État du domicile de la victime. Et la meilleure loi applicable est la loi de l’État du domicile ou de la résidence principale du demandeur et du défendeur à l’instance, et dans le cas où la situation ne présente pas d’éléments d’extranéité, la meilleure loi est la loi favorisant la victime.

User interaction monitoring and analysis framework

An overview is given of a user interaction monitoring and analysis framework called BaranC. Monitoring and analysing human-digital interaction is an essential part of developing a user model as the basis for investigating user experience. The primary human-digital interaction, such as on a laptop or smartphone, is best understood and modelled in the wider context of the user and their environment. The BaranC framework provides monitoring and analysis capabilities that not only records all user interaction with a digital device (e.g. smartphone), but also collects all available context data (such as from sensors in the digital device itself, a fitness band or a smart appliances). The data collected by BaranC is recorded as a User Digital Imprint (UDI) which is, in effect, the user model and provides the basis for data analysis. BaranC provides functionality that is useful for user experience studies, user interface design evaluation, and providing user assistance services. An important concern for personal data is privacy, and the framework gives the user full control over the monitoring, storing and sharing of their data.

A service-oriented user interaction analysis framework supporting adaptive applications

A comprehensive user model, built by monitoring a user's current use of applications, can be an excellent starting point for building adaptive user-centred applications. The BaranC framework monitors all user interaction with a digital device (e.g. smartphone), and also collects all available context data (such as from sensors in the digital device itself, in a smart watch, or in smart appliances) in order to build a full model of user application behaviour. The model built from the collected data, called the UDI (User Digital Imprint), is further augmented by analysis services, for example, a service to produce activity profiles from smartphone sensor data. The enhanced UDI model can then be the basis for building an appropriate adaptive application that is user-centred as it is based on an individual user model. As BaranC supports continuous user monitoring, an application can be dynamically adaptive in real-time to the current context (e.g. time, location or activity). Furthermore, since BaranC is continuously augmenting the user model with more monitored data, over time the user model changes, and the adaptive application can adapt gradually over time to changing user behaviour patterns. BaranC has been implemented as a service-oriented framework where the collection of data for the UDI and all sharing of the UDI data are kept strictly under the user's control. In addition, being service-oriented allows (with the user's permission) its monitoring and analysis services to be easily used by 3rd parties in order to provide 3rd party adaptive assistant services. An example 3rd party service demonstrator, built on top of BaranC, proactively assists a user by dynamic predication, based on the current context, what apps and contacts the user is likely to need. BaranC introduces an innovative user-controlled unified service model of monitoring and use of personal digital activity data in order to provide adaptive user-centred applications. This aims to improve on the current situation where the diversity of adaptive applications results in a proliferation of applications monitoring and using personal data, resulting in a lack of clarity, a dispersal of data, and a diminution of user control.