Data Protection Mechanisms Research Articles

Enabling trustworthy personal data protection in eHealth and well-being services through privacy-by-design

Users are each day more aware of their privacy and data protection. Although this problem is transversal to every digital service, it is especially relevant when critical and personal information is managed, as in eHealth and well-being services. During the last years, many different innovative services in this area have been proposed. However, data management challenges are still in need of a solution. In general, data are directly sent to services but no trustworthy instruments to recover these data or remove them from services are available. In this scheme, services become the users’ data owners although users keep the rights to access, modify, and be forgotten. Nevertheless, the adequate implementation of these rights is not guaranteed, as services use the received data with commercial purposes. In order to address and solve this situation, we propose a new trustworthy personal data protection mechanism for well-being services, based on privacy-by-design technologies. This new mechanism is based on Blockchain networks and indirection functions and tokens. Blockchain networks execute transparent smart contracts, where users’ rights are codified, and store the users’ personal data which are never sent or given to external services. Besides, permissions and privacy restrictions designed by users to be applied to their data and services consuming them are also implemented in these smart contracts. Finally, an experimental validation is also described to evaluate the Quality of Experience (in terms of user satisfaction) and Quality of Service (in terms of processing delay) compared to traditional service provision solutions.

Securing Remote Work Environments in Telecom: Implementing Robust Cybersecurity Strategies to Secure Remote Workforce Environments in Telecom, Focusing on Data Protection and Secure Access Mechanisms

Securing Remote Work Environments in Telecom: Implementing Robust Cybersecurity Strategies to Secure Remote Workforce Environments in Telecom, Focusing on Data Protection and Secure Access Mechanisms

ФОРМУВАННЯ ЗМІСТУ КУРСУ «БАЗИ ДАНИХ ТА ІНФОРМАЦІЙНІ СИСТЕМИ» ДЛЯ МАЙБУТНІХ УЧИТЕЛІВ ІНФОРМАТИКИ

The article is devoted to the problems of content formation and software selection for the implementation of the course "Databases and Information Systems" as a necessary component of professional training of bachelors in the specialty 014 Secondary Education (Informatics). The current needs of the country in qualified IT specialists require the formation of computer science teachers' ability to work with popular programming environments and information and communication technologies. In particular, mastering the knowledge of such an important section of ICT as databases will allow pupils to implement the tasks of automating data processing and prepare them for future professional activities. Training of bachelors in the specialty 014 Secondary Education (Informatics) at the Volodymyr Vynnychenko Central Ukrainian State Pedagogical University is carried out on the basis of an educational and professional program, a mandatory component of which includes the discipline "Databases and Information Systems" as a necessary component of training in informatics. The discipline consists of the following thematic sections. Section 1. Basic concepts and architecture of databases and database management systems. Database design. Section 2. Creating and managing a relational database. Section 3. Use of CASE-tools and work in the database management systems terminal. Procedural SQL. Section 4. Database administration. Modern directions of database development. Theoretical and practical provisions of the course from sections 1 and 2, related to the issues of architecture, design and creation of databases, it is proposed to consider the example of Microsoft Office Access. Topics from sections 3 and 4 are offered to be considered on examples of "non-educational" database management systems. Thus, the study of system aspects of SQL, user security and authorization, data protection mechanisms, data backup and recovery, and database administration, it is proposed to carry out using the CASE-tool MySQL Workbench and the client terminal of the MySQL server This program was successfully tested in 2019-2020 academic year, when teaching 3rd year students majoring in 014 Secondary Education (Mathematics), educational program: Secondary Education (Mathematics, Informatics and Economics).

Smart Media Transport: A Burgeoning Intelligent System for Next Generation Multimedia Convergence Service Over Heterogeneous Networks in China

Convergence service (CS), which integrates broadband and broadcast services, is considered promising in bridging the gap between scarce bandwidth and user demands for real-time, immersive, and super high-quality service in a ubiquitous environment. However, many urgent issues remain to be tackled in media transport system (MTS) to support CS. In this paper, the challenges MTS would entail over a heterogeneous network to diverse users are first analyzed. The architecture and functionalities of the smart media transport (SMT) system are then advocated and reviewed. Several key technologies in the SMT system, including hierarchical media-aware data model for content encapsulation, context-aware data protection mechanism for reliable transmission, and media synchronization control based on network condition estimation, are discussed. Field trial results on campus for certain CS are provided to validate the system design and illustrate the performance of the SMT system.

PERSONAL DATA PROTECTION IN THE FIELD OF HEALTHCARE (CRIMINAL-LEGAL ASPECTS)

Objective : the research paper discloses the issue of personal data protection in the field of healthcare, legislative consolidation of such protection and liability in case of violation of the legislation. Research methodology: analysis, synthesis, generalization, deductive method, identification, logical approach, definition, description. Findings : the provisions of the current legislation on the personal data protection in the field of healthcare are determined and it is concluded that some of them need to be improved. The rules of the laws are generalized, according to which administrative, criminal and civil liability for violation of the legislation on personal data processing in the field of healthcare are established. Discussion : the existing mechanism for personal data protection in the field of healthcare and legislative novelties in connection with the implementation of the electronic healthcare system. The conducted research allows to state that personal data in the field of health care should be considered as a collection of information about the person (patient) that allows her to identify and information about her state of health, medical examinations, therapeutic measures, prognosis of the disease, as well as information, which are related to genetic data. Currently, the mechanism for protecting personal data is regulated by numerous legal acts, but there are provisions that need to be finalized and clarified. Reforms in the health system regarding the functioning of the electronic system generate the need for additional measures to protect the personal data that are being added to it. Administrative, criminal and civil liability has been established for violation of the legislation on the processing of personal data in the field of health care.

Collaborative Cloud IDS in Detecting Denial of Service by Dendritic Cell Mechanism

The term Cloud computing is not new anymore in computing technology. This form of computing technology previously considered only as marketing term, but today Cloud computing not only provides innovative improvements in resource utilisation but it also creates a new opportunity in data protection mechanisms where the advancement of intrusion detection technologies are blooming rapidly. From the perspective of security, Cloud computing also introduces concerns about data protection and intrusion detection mechanism. This paper aims to provide Denial of Service (DoS) detection for Cloud computing environment. As a result, we provide an experiment to examine the capability of the proposed system. The result shows that the proposed system was able to detect all types of attacks that conducted during the experiment. We conclude the paper with a discussion on the results, then we include together with a graphical summary of the experiment's result.

European Streams of Protection for Right to Privacy and Right to Protection of Personal Data, and Their Connection in the EU Gonzales Case and Beyond

Protections of the to privacy concerning publications have a relatively long history in Europe. The first part of the article explores comparatively and historically, the mechanisms of such protections originated in the XIXth century Germany and synthesized brilliantly by Brandeis and Warren in the US. This part includes a brief overview of European supranational protection of the to privacy, as framed in article 8 of the European Convention of Human Rights and, more recently, in article 7 of the EU Charter of Fundamental Rights. The protections of the to personal data in digital processing is a more recent occurrence in Europe. Few national constitutions or international instruments recognize such rights, and even fewer jurisdictional remedies are associated with it. There are some significant exceptions, mainly at the supranational level, such as the EU Data Protection Directive (recently replaced by the EU General Data Protection Regulation) and Article 8 of the EU Charter of Fundamental Rights. The second part of the article briefly explores these protections, their inherent logic, and the implementing mechanisms as clearly different from those characterizing the protections of the to privacy. The third part examines the articulation between the two protection mechanisms, as reflected by the reasoning of the European Union Court of Justice on the famous Gonzales case. The decision implemented a of de-listing as right to be forgotten on the Internet, by the search engines. We propose a new reading for the reasoning of the Court, which underlines the essential role of protections of the to privacy in grounding and circumscribing the data protection mechanisms of the EU Data Protection Directive within the decision. Last but not least, the article asses that the newly adopted EU General Data Protection Regulation will not affect the precedent created by the Gonzales and the adequate remedies it implemented.

Data access control in data exchanging supporting big data arena

A big data arena (BDA) is proposed to offer an effective trial-and-error environment for analysis algorithm design and application exploration through the provision of computational resources and intensive data. It is expected to innovate the theories and technologies of, e.g. management analytics, when a huge volume of data are shared in the BDA. How to provide an effective data protection mechanism, however, is one of the most serious challenges that the BDA faces. Motivated to resolve the above issues, this paper analyzes potential security threats that the data in the BDA face at four different processing stages, and puts forward effective access control mechanisms with their design and implementation, to resist the threats from different stages.

Semantic Disclosure Control: semantics meets data privacy

PurposeTo overcome the limitations of purely statistical approaches to data protection, the purpose of this paper is to propose Semantic Disclosure Control (SeDC): an inherently semantic privacy protection paradigm that, by relying on state of the art semantic technologies, rethinks privacy and data protection in terms of the meaning of the data.Design/methodology/approachThe need for data protection mechanisms able to manage data from a semantic perspective is discussed and the limitations of statistical approaches are highlighted. Then, SeDC is presented by detailing how it can be enforced to detect and protect sensitive data.FindingsSo far, data privacy has been tackled from a statistical perspective; that is, available solutions focus just on the distribution of the data values. This contrasts with the semantic way by which humans understand and manage (sensitive) data. As a result, current solutions present limitations both in preventing disclosure risks and in preserving the semantics (utility) of the protected data.Practical implicationsSeDC captures more general, realistic and intuitive notions of privacy and information disclosure than purely statistical methods. As a result, it is better suited to protect heterogenous and unstructured data, which are the most common in current data release scenarios. Moreover, SeDC preserves the semantics of the protected data better than statistical approaches, which is crucial when using protected data for research.Social implicationsIndividuals are increasingly aware of the privacy threats that the uncontrolled collection and exploitation of their personal data may produce. In this respect, SeDC offers an intuitive notion of privacy protection that users can easily understand. It also naturally captures the (non-quantitative) privacy notions stated in current legislations on personal data protection.Originality/valueOn the contrary to statistical approaches to data protection, SeDC assesses disclosure risks and enforces data protection from a semantic perspective. As a result, it offers more general, intuitive, robust and utility-preserving protection of data, regardless their type and structure.

A semantic-preserving differentially private method for releasing query logs

Query logs are of great interest for data analysis. They allow characterizing user profiles, user behaviors and search habits. However, since query logs usually contain personal information, data controllers should implement appropriate data protection mechanisms before releasing them for secondary use. In the past, the anonymization of query logs was tackled from the perspective of statistical disclosure control and by relying on privacy models such as k-anonymity, which do not scale well with the high dimensionality and dynamicity of query logs. To offer better privacy protection, some authors have recently embraced the robust privacy guarantees of ɛ-differential privacy. However, this comes at the cost of limiting the number and types of analyses that can be made on the protected queries. To tackle this issue, in this paper we propose a privacy protection method for query logs that joins the flexibility and convenience of privacy-preserving data releases with the strong privacy guarantees of ɛ-differential privacy. Moreover, to retain the analytical utility of the protected query, we have put special care in capturing, managing and preserving the semantics of the queries during the protection process. The empirical experiments we report show that our method produces differentially private query logs that are more useful for analysis than related works.

Utility-preserving privacy protection of nominal data sets via semantic rank swapping

Personal data are of great interest for research but, at the same time, they pose a serious privacy risk. Therefore, appropriate data protection measures should be undertaken by the data controller before making personal data available for secondary use. Also, such data protection should be done in a way that data are still useful for analysis. In the last years, a plethora of data protection mechanisms have been proposed. Among them, rank swapping is considered one of the best with respect to disclosure risk minimization and data utility preservation. Because rank swapping is based on sorting input data to swap values that are close to each other, in principle, it is a method restricted to numerical and ordinal categorical data. However, a significant amount of personal data currently compiled and used in data analysis are nominal, and their utility depends on the semantics they convey. To properly cope with this type of data, in this paper, we present rank swapping methods capable of protecting nominal data from a semantic perspective. Specifically, by exploiting ontologies, our methods are able to protect nominal data while properly preserving their semantics and, thus, their analytical utility. For that, we provide a suitable binary relation to semantically sort nominal data. Our proposal is capable of managing both independent individual attributes and non-independent multivariate data sets, being the latter especially relevant for data analysis. Empirical experiments carried on real clinical records and using a standard medical ontology show that our methods are able to preserve the semantic features of nominal data significantly better than standard permutation mechanisms.

Assessing the Evolution of Cryptocurrency: Demand Factors, Latent Value and Regulatory Developments

The purpose of this paper is to assess the evolution of cryptocurrency including its demand factors, latent value propositions and regulatory developments. The cryptocurrency market has experienced unprecedented growth driven by improved ease of access, speculation, familiarity, media attention, network effects, mining activity, distrust of traditional banking, global instability hedging, and a demand effect from the initial coin offering (ICO) market. This had led to wide asset bubble speculation. The future of cryptocurrency is impossible to predict, and although it is unlikely that cryptocurrency will eliminate trusted intermediaries, and replace sovereign fiat altogether, it has numerous latent value propositions and long-term use cases including distributed ledger technology (DLT) and blockchain innovations (particularly in financial payments, settlements, clearing, supply chain, agriculture, and voting), identity and data protection mechanisms, crowd-funding, and decentralized business applications and services.There may also be benefits to a bubble including “long tail” successes, hype-financed research and development in DLT and blockchain infrastructure (that wouldn’t have otherwise received funding in a reticent market), and consumer familiarity benefits. The regulatory response to date has largely been enforcement based (emphasizing fraud detection and criminal deterrence), with public statements and interest across a diverse range of regulatory bodies, rather than unified rules. There are however inherent difficulties in regulating the cryptocurrency market, which will be discussed in detail in this paper.

Fine-Grained Two-Factor Protection Mechanism for Data Sharing in Cloud Storage

Data sharing in cloud storage is receiving substantial attention in information communications technology because it can provide users with efficient and effective storage services. To protect the confidentiality of the shared sensitive data, cryptographic techniques are usually applied. However, the data protection is still posing significant challenges in cloud storage for data sharing. Among them, how to protect and revoke the cryptographic key is the fundamental challenge. To tackle this, we propose a new data protection mechanism for cloud storage, which holds the following properties. First, the cryptographic key is protected by the two factors. Only if one of the two factors works, the secrecy of the cryptographic key is held. Second, the cryptographic key can be revoked efficiently by integrating the proxy re-encryption and key separation techniques. Finally, the data is protected in a fine-grained way by adopting the attribute-based encryption technique. Furthermore, the security analysis and performance evaluation show that our proposal is secure and efficient, respectively.

Cybersecurity Insurance: Incentive Alignment Solution to Weak Corporate Data Protection

Cybersecurity is becoming imperative as data breaches and information theft occur frequently and impact an immense number of people. The current federal regulatory scheme fails to hold corporations accountable for negligent data management and victims of these deficiencies face several obstacles to litigation. The quantity of both class actions and derivative suits, however, will increase in the near future. Large scale adoption of cybersecurity insurance will create a market solution to corporate data theft by aligning incentives for businesses to maintain a robust set of data protection mechanisms. This in turn will reduce the burden on the corporations as data breach litigation becomes proliferate, while simultaneously creating a strong data protection infrastructure and a compensation system for victims.

Data Sharing in Cloud Computing Based On Attribute Based Encryption System

A data owner (DO) is usually store large amounts of data in cloud for saving the cost on local data management. Without any data protection mechanism, cloud service provider (CSP), however, can fully gain access to all data of the user. Data owner can fully control the access policy associated with his data which to be shared. However, CP-ABE is limited to a potential security risk that is known as key escrow problem whereby the secret keys of users have to be issued by a trusted key authority. The proposed system revisits the attribute-based data sharing scheme in order to not only to solve the key escrow issue but also to improve the expressiveness of attribute, so that the resulting scheme is friendly to cloud computing applications. The proposed system has an improved two-party key issuing protocol that can guarantee that neither key authority nor cloud service provider can compromise the whole secret key of a user individually. This brings a potential security risk to the user, since CSP may compromise the data for commercial benefits. Ciphertext-policy attribute-based encryption (CP-ABE) has turned to be an important encryption technology to tackle the challenge of secure data sharing.

Personalized privacy in open data sharing scenarios

PurposeThe purpose of this paper is to propose a privacy-preserving paradigm for open data sharing based on the following foundations: subjects have unique privacy requirements; personal data are usually published incrementally in different sources; and privacy has a time-dependent element.Design/methodology/approachThis study first discusses the privacy threats related to open data sharing. Next, these threats are tackled by proposing a new privacy-preserving paradigm. The main challenges related to the enforcement of the paradigm are discussed, and some suitable solutions are identified.FindingsClassic privacy-preserving mechanisms are ineffective against observers constantly monitoring and aggregating pieces of personal data released through the internet. Moreover, these methods do not consider individual privacy needs.Research limitations/implicationsThis study characterizes the challenges to the tackled by a new paradigm and identifies some promising works, but further research proposing specific technical solutions is suggested.Practical implicationsThis work provides a natural solution to dynamic and heterogeneous open data sharing scenarios that require user-controlled personalized privacy protection.Social implicationsThere is an increasing social understanding of the privacy threats that the uncontrolled collection and exploitation of personal data may produce. The new paradigm allows subjects to be aware of the risks inherent to their data and to control their release.Originality/valueContrary to classic data protection mechanisms, the new proposal centers privacy protection on the individuals, and considers the privacy risks through the whole life cycle of the data release.

Photomodulated Hysteresis Behaviors in Perovskite Phototransistors with Ultra-Low Operating Voltage

Hysteresis behaviors in the current curves of perovskite-based devices have been widely observed and directly affect the device performances. Phototransistors with a channel material of CH3NH3PbI3 were fabricated, and they showed ambipolar transport characteristics with anticlockwise hysteresis hoops. Electric field and monochromatic light can narrow the wide hysteresis window from 2.1 V in the dark to only 0.5 V under the illumination. A photoexcited high-field-effect carrier mobility of 1.05 cm2 V–1 s–1 was achieved at a low-operating voltage. The responsivity and photosensitivity of the phototransistor were calculated to be 1 AW–1 and 18 000%, respectively. The modulation effect of voltage bias and monochromatic lights on such hysteresis behaviors has been demonstrated. By investigating the photo-sensitive carrier-transport characteristics in perovskite channel, the origin of hysteresis can be attributed to the charge-trapping process. This work also provides an effective approach to achieve a photocontrolled temporary erasing process as a data protection mechanism in future photomemory devices.

A private user data protection mechanism in trustzone architecture based on identity authentication

In TrustZone architecture, the Trusted Application (TA) in the secure world does not certify the identity of Client Applications (CA) in the normal world that request data access, which represents a user data leakage risk. This paper proposes a private user data protection mechanism in TrustZone to avoid such risks. We add corresponding modules to both the secure world and the normal world and authenticate the identity of CA to prevent illegal access to private user data. Then we analyze the system security, and perform validity and performance tests. The results show that this method can perform effective identity recognition and control of CA to protect the security of private user data. After adding authentication modules, the data operation time of system increases by about 0.16 s, an acceptable price to pay for the improved security.

Concepts and Tools for Protecting Sensitive Data in the IT Industry: A Review of Trends, Challenges and Mechanisms for Data-Protection

Advancements in storage, dissemination and access of multimedia data content on the Internet continues to grow at exponential rates, while individuals, organizations and governments spend huge efforts to exert their fingerprint in this information age through the use of online multimedia resources to propagate thoughts, services, policies, ecommerce and other types of information. Furthermore, information at different levels may be classified into confidential, sensitive and critical data types. Such data has been subject to numerous tools and techniques for providing automated information processing, information management and storage mechanisms. Consequently, numerous security tools and techniques have also emerged for the protection of data at the various organizational levels and according to different requirements. This paper discusses three important types of information security aspects that includes; data-storage, in-transit data and data access-prevention for unauthorized users. In particular, the paper reviews and presents the latest trends and most common challenges in information security with regards to data-breaches and vulnerabilities found in industry today using simple brief summaries for the benefit of IT practitioners and academics. Thereafter, state-of-the-art techniques used to secure information content commonly required in applications-software, in-house operations software or websites are given. Mechanisms for enhancing data-protection under the given set of challenges and vulnerabilities are also discussed. Finally, the importance of using information security policies and standards for protecting organizational data content is discussed along with foreseeable open issues for future work.

An Accurate and Efficient User Authentication Mechanism on Smart Glasses Based on Iris Recognition

In modern society, mobile devices (such as smart phones and wearable devices) have become indispensable to almost everyone, and people store personal data in devices. Therefore, how to implement user authentication mechanism for private data protection on mobile devices is a very important issue. In this paper, an intelligent iris recognition mechanism is designed to solve the problem of user authentication in wearable smart glasses. Our contributions include hardware and software. On the hardware side, we design a set of internal infrared camera modules, including well-designed infrared light source and lens module, which is able to take clear iris images within 2~5 cm. On the software side, we propose an innovative iris segmentation algorithm which is both efficient and accurate to be used on smart glasses device. Another improvement to the traditional iris recognition is that we propose an intelligent Hamming distance (HD) threshold adaptation method which dynamically fine-tunes the HD threshold used for verification according to empirical data collected. Our final system can perform iris recognition with 66 frames per second on a smart glasses platform with 100% accuracy. As far as we know, this system is the world’s first application of iris recognition on smart glasses.