Privacy-aware electronic society

Abstract

Our electronic society is making fast progress for offering users greater comfort in their daily activities. Users can benefit from fast access to services; better reactivity of their physical, computing, and networking environments to their own needs and habits; and preselection of information flows and relationships in which they are interested. Our digital society is eager to collect and analyze information for serving users as best as possible. Profiling users is a usual marketing activity, but new lucrative applications exploiting the huge amount of available information are emerging. The trend of Big Data has been accompanied by concerns regarding the aggregation, dissemination, and re-identification of personal identifiable information. This special issue contributes to address these privacy issues, proposing privacy-enhancing technologies and solutions suited to the today’s electronic society. The majority of the selected papers in this issue propose techniques and/or models for supporting privacy preferences and privacy-aware access control. The special issue also includes a contribution illustrating how the web browsing history can uniquely identify users for profiling purpose. Finally, there is a usercentered study discussing how much privacy people are willing to lose in order to gain some utilities. Collectively, these papers consider diverse contexts, ranging from social networks and web browsing to medical/social environments and Internet of Things (IoT). Said Oulmakhzoune, Nora Cuppens-Boulahia, Frederic Cuppens, Stephane Morucci, Mahmoud Barhamgi, and Djamal Benslimane propose a lightweight vocabulary for the fine-grained definition of privacy preferences in the paper titled “Privacy Query Rewriting Algorithm Instrumented by a Privacy-Aware Access Control Model.” Data owners express their privacy requirements through the PrivOrBAC privacy-aware model, in terms of restrictions on consent, accuracy, purpose, and recipients. SPARQL queries submitted by users are then rewritten in such a way that the query results comply with data owners’ privacy preferences. This rewriting process exploits PrivOrBAC privacy-aware model by decomposing SPARQL queries into a set of PrivOrBAC web services representing privacy preferences that must be satisfied. An interesting use case is also illustrated, showing the applicability of the approach in a healthcare scenario. The paper “PriMa: A Comprehensive Approach to Privacy Protection in Social Network Sites” by Anna Squicciarini, Federica Paci, and Smitha Sundareswaran, proposes a privacy protection mechanism for social network (SN) users named “Privacy Manager” (PriMa). PriMa helps users, through dynamically generated access rules, to preserve the privacy of their traits, that is, their pieces of information exposed to other SN users. The rules are generated based on three criteria as follows: (1) the level of accessibility of the user’s traits, (2) the profile of the owner’s privacy preference for the specific trait or for the trait’s category, and (3) the risks of unwanted or uncontrolled leakage of traits resulting from connected users who are eligible to access the profile owner’s traits. PriMa is implemented and the performance evaluation demonstrates that access rule generation takes reasonable time less than 0.7 ms for 150 traits and 260 users. The paper “Improving the User Content Privacy on Social Networks Using Rights Management Systems,” by Joaquim Marques and Carlos Serrao, aims at protecting users’ privacy in SNs. To overcome privacy issues arising when users share M. Laurent (*) Telecom SudParis, Evry, France e-mail: maryline.laurent@telecom-sudparis.eu