Smart meter privacy by suprression of low power frequency components

This paper focuses on the problems associated with privacy protection in smart grid. We will give an overview of a possible realization of a privacy-preserving approach that encompasses privacy-utility tradeoff into a single model. This approach proposes suppression of low power frequency components as a solution to reduce the amount of information leakage from smart meter readings. We will consider the applicability of the procedure to hide the appliance usage with respect to the type of home devices.

Privacy in the Smart City: Implications of Sensor Network Design, Law, and Policy for Locational Privacy

Thesis (Master's)--University of Washington, 2016-06

Context obfuscation for privacy via ontological descriptions

Context information is used by pervasive networking and context-aware programs to adapt intelligently to different environments and user tasks. As the context information is potentially sensitive, it is often necessary to provide privacy protection mechanisms for users. These mechanisms are intended to prevent breaches of user privacy through unauthorised context disclosure. To be effective, such mechanisms should not only support user specified context disclosure rules, but also the disclosure of context at different granularities. In this paper we describe a new obfuscation mechanism that can adjust the granularity of different types of context information to meet disclosure requirements stated by the owner of the context information. These requirements are specified using a preference model we developed previously and have since extended to provide granularity control. The obfuscation process is supported by our novel use of ontological descriptions that capture the granularity relationship between instances of an object type.

An Examination of Privacy Policies of Global On-line E-pharmacies

This paper investigates the differences in privacy policy functions among 90 online pharmacy websites in nine countries in Europe, Asia and North America. Results from this study show that the majority of websites do have privacy policies, but the level of functional protection of consumers varies widely. Even in those countries where strong privacy laws exist, the level of privacy protection adherence is often very low. Most studies of privacy policy issues have concentrated on websites from developed nations, with few studies of the pharmacy industry. A better understanding of this industry, as well as understanding the differences in privacy policy implementation among developing and developed countries, provides important lessons for both businesses and consumers.

SECURITY, PRIVACY AND APPLICATIONS IN VEHICULAR AD HOC NETWORKS

With wireless vehicular communications, Vehicular Ad Hoc Networks (VANETs) enable numerous applications to enhance traffic safety, traffic efficiency, and driving experience. However, VANETs also impose severe security and privacy challenges which need to be thoroughly investigated. In this dissertation, we enhance the security, privacy, and applications of VANETs, by 1) designing application-driven security and privacy solutions for VANETs, and 2) designing appealing VANET applications with proper security and privacy assurance. First, the security and privacy challenges of VANETs with most application significance are identified and thoroughly investigated. With both theoretical novelty and realistic considerations, these security and privacy schemes are especially appealing to VANETs. Specifically, multi-hop communications in VANETs suffer from packet dropping, packet tampering, and communication failures which have not been satisfyingly tackled in literature. Thus, a lightweight reliable and faithful data packet relaying framework (LEAPER) is proposed to ensure reliable and trustworthy multi-hop communications by enhancing the cooperation of neighboring nodes. Message verification, including both content and signature verification, generally is computation-extensive and incurs severe scalability issues to each node. The resource-aware message verification (RAMV) scheme is proposed to ensure resource-aware, secure, and application-friendly message verification in VANETs. On the other hand, to make VANETs acceptable to the privacy-sensitive users, the identity and location privacy of each node should be properly protected. To this end, a joint privacy and reputation assurance (JPRA) scheme is proposed to synergistically support privacy protection and reputation management by reconciling their inherent conflicting requirements. Besides, the privacy implications of short-time certificates are thoroughly investigated in a short-time certificates-based privacy protection (STCP2) scheme, to make privacy protection in VANETs feasible with short-time certificates. Secondly, three novel solutions, namely VANET-based ambient ad dissemination (VAAD), general-purpose automatic survey (GPAS), and VehicleView, are proposed to support the appealing value-added applications based on VANETs. These solutions all follow practical application models, and an incentive-centered architecture is proposed for each solution to balance the conflicting requirements of the involved entities. Besides, the critical security and privacy challenges of these applications are investigated and addressed with novel solutions. Thus, with proper security and privacy assurance, these solutions show great application significance and economic potentials to VANETs. Thus, by enhancing the security, privacy, and applications of VANETs, this dissertation fills the gap between the existing theoretic research and the realistic implementation of VANETs, facilitating the realistic deployment of VANETs.

Enforcing P3P policies using a digital rights management system

The protection of privacy has gained considerable attention recently. In response to this, new privacy protection systems are being introduced. SITDRM is one such system that protects private data through the enforcement of licenses provided by consumers. Prior to supplying data, data owners are expected to construct a detailed license for the potential data users. A license specifies whom, under what conditions, may have what type of access to the protected data. The specification of a license by a data owner binds the enterprise data handling to the consumer’s privacy preferences. However, licenses are very detailed, may reveal the internal structure of the enterprise and need to be kept synchronous with the enterprise privacy policy. To deal with this, we employ the Platform for Privacy Preferences Language (P3P) to communicate enterprise privacy policies to consumers and enable them to easily construct data licenses. A P3P policy is more abstract than a license, allows data owners to specify the purposes for which data are being collected and directly reflects the privacy policy of an enterprise.

Information accountability for online healthcare social networks

Online social networking has become one of the most popular Internet applications in the modern era. They have given the Internet users, access to information that other Internet based applications are unable to. Although many of the popular online social networking web sites are focused towards entertainment purposes, sharing information can benefit the healthcare industry in terms of both efficiency and effectiveness. But the capability to share personal information; the factor which has made online social networks so popular, is itself a major obstacle when considering information security and privacy aspects. Healthcare can benefit from online social networking if they are implemented such that sensitive patient information can be safeguarded from ill exposure. But in an industry such as healthcare where the availability of information is crucial for better decision making, information must be made available to the appropriate parties when they require it. Hence the traditional mechanisms for information security and privacy protection may not be suitable for healthcare. In this paper we propose a solution to privacy enhancement in online healthcare social networks through the use of an information accountability mechanism.

Security analysis of Australian and E.U. e-passport implementation

This paper makes a formal security analysis of the current Australian e-passport implementation using model checking tools CASPER/CSP/FDR. We highlight security issues in the current implementation and identify new threats when an e-passport system is integrated with an automated processing system like SmartGate. The paper also provides a security analysis of the European Union (EU) proposal for Extended Access Control (EAC) that is intended to provide improved security in protecting biometric information of the e-passport bearer. The current e-passport specification fails to provide a list of adequate security goals that could be used for security evaluation. We fill this gap; we present a collection of security goals for evaluation of e-passport protocols. Our analysis confirms existing security weaknesses that were previously identified and shows that both the Australian e-passport implementation and the EU proposal fail to address many security and privacy aspects that are paramount in implementing a secure border control mechanism. ACM Classification C.2.2 (Communication/Networking and Information Technology – Network Protocols – Model Checking), D.2.4 (Software Engineering – Software/Program Verification – Formal Methods), D.4.6 (Operating Systems – Security and Privacy Protection – Authentication)

Robust iris recognition using decision fusion and degradation modelling

This thesis investigates the use of fusion techniques and mathematical modelling to increase the robustness of iris recognition systems against iris image quality degradation, pupil size changes and partial occlusion. The proposed techniques improve recognition accuracy and enhance security. They can be further developed for better iris recognition in less constrained environments that do not require user cooperation. A framework to analyse the consistency of different regions of the iris is also developed. This can be applied to improve recognition systems using partial iris images, and cancelable biometric signatures or biometric based cryptography for privacy protection.

BPMN process views construction

Process view technology is catching more attentions in modern business process management, as it enables the customisation of business process representation. This capability helps improve the privacy protection, authority control, flexible display, etc., in business process modelling. One of approaches to generate process views is to allow users to construct an aggregate on their underlying processes. However, most aggregation approaches stick to a strong assumption that business processes are always well-structured, which is over strict to BPMN. Aiming to build process views for non-well-structured BPMN processes, this paper investigates the characteristics of BPMN structures, tasks, events, gateways, etc., and proposes a formal process view aggregation approach to facilitate BPMN process view creation. A set of consistency rules and construction rules are defined to regulate the aggregation and guarantee the order preservation, structural and behaviour correctness and a novel aggregation technique, called EP-Fragment, is developed to tackle non-well-structured BPMN processes.

Role-based process view derivation and composition

The process view concept deploys a partial and temporal representation to adjust the visible view of a business process according to various perception constraints of users. Process view technology is of practical use for privacy protection and authorization control in process-oriented business management. Owing to complex organizational structure, it is challenging for large companies to accurately specify the diverse perception of different users over business processes. Aiming to tackle this issue, this article presents a role-based process view model to incorporate role dependencies into process view derivation. Compared to existing process view approaches, ours particularly supports runtime updates to the process view perceivable to a user with specific view merging operations, thereby enabling the dynamic tracing of process perception. A series of rules and theorems are established to guarantee the structural consistency and validity of process view transformation. A hypothetical case is conducted to illustrate the feasibility of our approach, and a prototype is developed for the proof-of-concept purpose.

Face Recognition in the Scrambled Domain via Salience-Aware Ensembles of Many Kernels

With the rapid development of internet-of-things (IoT), face scrambling has been proposed for privacy protection during IoT-targeted image/video distribution. Consequently in these IoT applications, biometric verification needs to be carried out in the scrambled domain, presenting significant challenges in face recognition. Since face models become chaotic signals after scrambling/encryption, a typical solution is to utilize traditional data-driven face recognition algorithms. While chaotic pattern recognition is still a challenging task, in this paper we propose a new ensemble approach – Many-Kernel Random Discriminant Analysis (MK-RDA) to discover discriminative patterns from chaotic signals. We also incorporate a salience-aware strategy into the proposed ensemble method to handle chaotic facial patterns in the scrambled domain, where random selections of features are made on semantic components via salience modelling. In our experiments, the proposed MK-RDA was tested rigorously on three human face datasets: the ORL face dataset, the PIE face dataset and the PUBFIG wild face dataset. The experimental results successfully demonstrate that the proposed scheme can effectively handle chaotic signals and significantly improve the recognition accuracy, making our method a promising candidate for secure biometric verification in emerging IoT applications.

Protecting Genetic Information: A Comparison of Normative Approaches

The increasing use of genetic information has emerged as an important concern worldwide as scientific and technological advances continue to advance at lightening speed and as governments struggle to develop appropriate policy frameworks. While most countries clearly recognize that genetic information warrants some form of privacy protection, the underlying rationale for providing that protection and the approach which is ultimately adopted vary significantly across the board. As a result, a medley of laws, policy statements and guidelines currently exist to protect genetic information, each with its inherent assumptions, concepts and terminology.

Le statut juridique du courriel au Canada et aux États-Unis

Cet article aborde le degré de protection en matière de vie privée accordé au courrier électronique par les tribunaux nord-américains. L’auteur dresse un portrait général de la jurisprudence canadienne et américaine actuellement disponible en la matière, en concentrant ses propos sur l’expectative de vie privée des employés ainsi que sur les droits de l’employeur d’accéder à leurs courriels dans un contexte de relations de travail. Alors que les tribunaux canadiens abordent la problématique en procédant par analogie, c’est-à-dire par comparaison du courriel avec des modes de communication plus traditionnels (i.e. le téléphone et le courrier), les tribunaux américains font une analyse interprétative du 4ème amendement de la constitution des États-Unis et des droits statutaires accordés par l’Electronic Communications Privacy Act de 1986 et le Privacy Protection Act de 1986. L’auteur précise que les dispositions législatives actuelles présentent d’importantes lacunes rendant difficile leur application aux courriels.