The legality of online Privacy-Enhancing Technologies

L’utilisation d’Internet prend beaucoup d’ampleur depuis quelques années et le commerce électronique connaît une hausse considérable. Nous pouvons présentement acheter facilement via Internet sans quitter notre domicile et avons accès à d’innombrables sources d’information. Cependant, la navigation sur Internet permet également la création de bases de données détaillées décrivant les habitudes de chaque utilisateur, informations ensuite utilisées par des tiers afin de cerner le profil de leur clientèle cible, ce qui inquiète plusieurs intervenants. Les informations concernant un individu peuvent être récoltées par l’interception de données transactionnelles, par l’espionnage en ligne, ainsi que par l’enregistrement d’adresses IP. Afin de résoudre les problèmes de vie privée et de s’assurer que les commerçants respectent la législation applicable en la matière, ainsi que les exigences mises de l’avant par la Commission européenne, plusieurs entreprises comme Zero-knowledge Systems Inc. et Anonymizer.com offrent des logiciels permettant la protection de la vie privée en ligne (privacy-enhancing technologies ou PETs). Ces programmes utilisent le cryptage d’information, une méthode rendant les données illisibles pour tous à l’exception du destinataire. L’objectif de la technologie utilisée a été de créer des systèmes mathématiques rigoureux pouvant empêcher la découverte de l’identité de l’auteur même par le plus déterminé des pirates, diminuant ainsi les risques de vol d’information ou la divulgation accidentelle de données confidentielles. Malgré le fait que ces logiciels de protection de la vie privée permettent un plus grand respect des Directives européennes en la matière, une analyse plus approfondie du sujet témoigne du fait que ces technologies pourraient être contraires aux lois concernant le cryptage en droit canadien, américain et français.

Efficient Security and Privacy Enhancing Solutions in Untrusted Environments

Thesis (Ph.D.)--University of Washington, 2016-08

On the adoption of privacy-enhancing technologies

We propose a model, based on the work of Brock and Durlauf, which looks at how agents make choices between competing technologies, as a framework for exploring aspects of the economics of the adoption of privacy-enhancing technologies. In order to formulate a model of decision-making among choices of technologies by these agents, we consider the following: context, the setting in which and the purpose for which a given technology is used; requirement, the level of privacy that the technology must provide for an agent to be willing to use the technology in a given context; belief, an agent’s perception of the level of privacy provided by a given technology in a given context; and the relative value of privacy, how much an agent cares about privacy in this context and how willing an agent is to trade off privacy for other attributes. We introduce these concepts into the model, admitting heterogeneity among agents in order to capture variations in requirement, belief, and relative value in the population. We illustrate the model with two examples: the possible effects on the adoption of iOS devices being caused by the recent Apple–FBI case; and the recent revelations about the non-deletion of images on the adoption of Snapchat.

The Right to Be Forgotten More Than a Pandora’s Box?

Recently, political voices have stressed the need to introduce a right to be forgotten as new human right. Individuals should have the right to make potentially damaging information disappear after a certain time has elapsed. Such new right, however, can come in conflict with the principle of free speech. Therefore, its scope needs to be evaluated in the light of appropriate data protection rules. Insofar, a more user-centered approach is to be realized. “Delete” can not be a value as such, but must be balanced within a new legal framework.

Multi-Party Trust Computation in Decentralized Environments

In this paper, we describe a decentralized privacy-preserving protocol for securely casting trust ratings in distributed reputation systems. Our protocol allows n participants to cast their votes in a way that preserves the privacy of individual values against both internal and external attacks. The protocol is coupled with an extensive theoretical analysis in which we formally prove that our protocol is resistant to collusion against as many as n-1 corrupted nodes in the semi-honest model. The behavior of our protocol is tested in a real P2P network by measuring its communication delay and processing overhead. The experimental results uncover the advantages of our protocol over previous works in the area; without sacrificing security, our decentralized protocol is shown to be almost one order of magnitude faster than the previous best protocol for providing anonymous feedback.

Enhancing Cloud Security and Privacy: Broadening the Service Level Agreement

Postprint

Enhancing Cloud Security and Privacy: The Cloud Audit Problem

Postprint

Enhancing Cloud Security and Privacy: The Power and the Weakness of the Audit Trail

Winner of best paper award.

Virtual Environment: assistance in nursing care for the deaf based on the protocol of Primary Care

Objective: Presenting a Virtual Environment (VE) based on the Protocol of Treatment of Hypertension and Diabetes Mellitus type 2, used in Primary Care for evaluation of dietary habits in nursing consultations. Method: An experimental study applied by two nurses and a nurse manager, in a sample of 30 deaf patients aged between 30 and 60 years. The environment was built in Visual Basic NET and offered eight screens about feeding containing food pictures, videos in Libras (Brazilian sign language) and audio. The analysis of the VE was done through questionnaires applied to patients and professionals by the Poisson statistical test. Results: The VE shows the possible diagnostics in red, yellow, green and blue colors, depending on the degree of patients’ need. Conclusion: The environment obtained excellent acceptance by patients and nurses, allowing great interaction between them, even without an interpreter. The time in consultation was reduced to 15 minutes, with the preservation of patient privacy.

A Secure and Anonymous Cooperative Sensing Protocol for Cognitive Radio Networks

Spectrum is an essential resource for the provision of mobile services. In order to control and delimit its use, governmental agencies set up regulatory policies. Unfortunately, such policies have led to a deficiency of spectrum as only few frequency bands are left unlicensed, and these are used for the majority of new emerging wireless applications. One promising way to alleviate the spectrum shortage problem is adopting a spectrum sharing paradigm in which frequency bands are used opportunistically. Cognitive radio is the key technology to enable this shift of paradigm.Cognitive radio networks are self-organized systems in which devices cooperate to use those spectrum ranges that are not occupied by licensed users. They carry out spectrum sensing in order to detect vacant channels that can be used for communication. Even though spectrum sensing is an active area of research, an important issue remains unsolved: the secure authentication of sensing reports. Not providing security enables the input of false data in the system thus empowering false results. This paper presents a distributed protocol based on wireless physical layer security, symmetric cryptography and one-way functions that allows determining a final sensing decision from multiple sources in a quick and secure way, as well as it preserves users¿ privacy.

Enhancing Security of Linux OS against Administrators

Inside cyber security threats by system administrators are some of the main concerns of organizations about the security of systems. Since operating systems are controlled and managed by fully trusted administrators, they can negligently or intentionally break the information security and privacy of users and threaten the system integrity. In this thesis, we propose some solutions for enhancing the security of Linux OS by restricting administrators’ access to superuser’s privileges while they can still manage the system. We designed and implemented an interface for administrators in Linux OS called Linux Admins’ User Interface (LAUI) for managing the system in secure ways. LAUI along with other security programs in Linux like sudo protect confidentiality and integrity of users’ data and provide a more secure system against administrators’ mismanagement. In our model, we limit administrators to perform managing tasks in secure manners and also make administrators accountable for their acts. In this thesis we present some scenarios for compromising users’ data and breaking system integrity by system administrators in Linux OS. Then we evaluate how our solutions and methods can secure the system against these administrators’ mismanagement.

A Study of Privacy Preserving Queries with Bloom Filters

This thesis focuses on the private membership test (PMT) problem and presents three single server protocols to resolve this problem. In the presented solutions, a client can perform an inclusion test for some record x in a server's database, without revealing his record. Moreover after executing the protocols, the contents of server's database remain secret. In each of these solutions, a different cryptographic protocol is utilized to construct a privacy preserving variant of Bloom filter. The three suggested solutions are slightly different from each other, from privacy perspective and also from complexity point of view. Therefore, their use cases are different and it is impossible to choose one that is clearly the best between all three. We present the software developments of the three protocols by utilizing various pseudocodes. The performance of our implementation is measured based on a real case scenario. This thesis is a spin-off from the Academy of Finland research project "Cloud Security Services".

Understanding consumer evaluations of personalised nutrition services in terms of the privacy calculus: a qualitative study

Background: Personalised nutrition (PN) may provide major health benefits to consumers. A potential barrier to the uptake of PN is consumers’ reluctance to disclose sensitive information upon which PN is based. This study adopts the privacy calculus to explore how PN service attributes contribute to consumers’ privacy risk and personalisation benefit perceptions. Methods: Sixteen focus groups (n = 124) were held in 8 EU countries and discussed 9 PN services that differed in terms of personal information, communication channel, service provider, advice justification, scope, frequency, and customer lock-in. Transcripts were content analysed. Results: The personal information that underpinned PN contributed to both privacy risk perception and personalisation benefit perception. Disclosing information face-to-face mitigated the perception of privacy risk and amplified the perception of personalisation benefit. PN provided by a qualified expert and justified by scientific evidence increased participants’ value perception. Enhancing convenience, offering regular face-to face support, and employing customer lock-in strategies were perceived as beneficial. Conclusion: This study suggests that to encourage consumer adoption, PN has to account for face-to-face communication, expert advice providers, support, a lifestyle-change focus, and customised offers. The results provide an initial insight into service attributes that influence consumer adoption of PN.

Managerial leadership for research use in nursing and allied health care professions : a narrative synthesis protocol

BACKGROUND: Nurses and allied health care professionals (physiotherapists, occupational therapists, speech and language pathologists, dietitians) form more than half of the clinical health care workforce and play a central role in health service delivery. There is a potential to improve the quality of health care if these professionals routinely use research evidence to guide their clinical practice. However, the use of research evidence remains unpredictable and inconsistent. Leadership is consistently described in implementation research as critical to enhancing research use by health care professionals. However, this important literature has not yet been synthesized and there is a lack of clarity on what constitutes effective leadership for research use, or what kinds of intervention effectively develop leadership for the purpose of enabling and enhancing research use in clinical practice. We propose to synthesize the evidence on leadership behaviours amongst front line and senior managers that are associated with research evidence by nurses and allied health care professionals, and then determine the effectiveness of interventions that promote these behaviours.Methods/design: Using an integrated knowledge translation approach that supports a partnership between researchers and knowledge users throughout the research process, we will follow principles of knowledge synthesis using a systematic method to synthesize different types of evidence involving: searching the literature, study selection, data extraction and quality assessment, and analysis. A narrative synthesis will be conducted to explore relationships within and across studies and meta-analysis will be performed if sufficient homogeneity exists across studies employing experimental randomized control trial designs. DISCUSSION: With the engagement of knowledge users in leadership and practice, we will synthesize the research from a broad range of disciplines to understand the key elements of leadership that supports and enables research use by health care practitioners, and how to develop leadership for the purpose of enhancing research use in clinical practice.

Application Platforms for the Internet of Things: Theory, Architecture, Protocols, Data Formats, and Privacy

The Internet of Things (IoT) is the next industrial revolution: we will interact naturally with real and virtual devices as a key part of our daily life. This technology shift is expected to be greater than the Web and Mobile combined. As extremely different technologies are needed to build connected devices, the Internet of Things field is a junction between electronics, telecommunications and software engineering. Internet of Things application development happens in silos, often using proprietary and closed communication protocols. There is the common belief that only if we can solve the interoperability problem we can have a real Internet of Things. After a deep analysis of the IoT protocols, we identified a set of primitives for IoT applications. We argue that each IoT protocol can be expressed in term of those primitives, thus solving the interoperability problem at the application protocol level. Moreover, the primitives are network and transport independent and make no assumption in that regard. This dissertation presents our implementation of an IoT platform: the Ponte project. Privacy issues follows the rise of the Internet of Things: it is clear that the IoT must ensure resilience to attacks, data authentication, access control and client privacy. We argue that it is not possible to solve the privacy issue without solving the interoperability problem: enforcing privacy rules implies the need to limit and filter the data delivery process. However, filtering data require knowledge of how the format and the semantics of the data: after an analysis of the possible data formats and representations for the IoT, we identify JSON-LD and the Semantic Web as the best solution for IoT applications. Then, this dissertation present our approach to increase the throughput of filtering semantic data by a factor of ten.