scholarly journals A Systematic Literature Review of Empirical Methods and Risk Representation in Usable Privacy and Security Research

2021 ◽  
Vol 28 (6) ◽  
pp. 1-50
Author(s):  
Verena Distler ◽  
Matthias Fassl ◽  
Hana Habib ◽  
Katharina Krombholz ◽  
Gabriele Lenzini ◽  
...  
Keyword(s):  
Literature Review ◽  
Systematic Literature Review ◽  
Human Subjects ◽  
Security And Privacy ◽  
Empirical Methods ◽  
Privacy Risk ◽  
Privacy And Security ◽  
Security Research ◽  
Human Participants ◽  
Risk Representation

Usable privacy and security researchers have developed a variety of approaches to represent risk to research participants. To understand how these approaches are used and when each might be most appropriate, we conducted a systematic literature review of methods used in security and privacy studies with human participants. From a sample of 633 papers published at five top conferences between 2014 and 2018 that included keywords related to both security/privacy and usability, we systematically selected and analyzed 284 full-length papers that included human subjects studies. Our analysis focused on study methods; risk representation; the use of prototypes, scenarios, and educational intervention; the use of deception to simulate risk; and types of participants. We discuss benefits and shortcomings of the methods, and identify key methodological, ethical, and research challenges when representing and assessing security and privacy risk. We also provide guidelines for the reporting of user studies in security and privacy.

Data usage-based privacy and security issues in mobile app recommendation (MAR): a systematic literature review

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Saira Beg ◽  
Saif Ur Rehman Khan ◽  
Adeel Anjum
Keyword(s):  
Literature Review ◽  
Systematic Literature Review ◽  
Homomorphic Encryption ◽  
Data Encryption ◽  
Mobile App ◽  
Security And Privacy ◽  
Personalized Recommendation ◽  
Privacy And Security ◽  
Content Type ◽  
Redundant Data

PurposeSimilarly, Zhu et al. (2014) and Zhang et al. (2014) stated that addressing privacy concerns with the recommendation process is necessary for the healthy development of app recommendation. Recently, Xiao et al. (2020) mentioned that a lack of effective privacy policy hinders the development of personalized recommendation services. According to the reported work, privacy protection technology methods are too limited for mobile focusing on data encryption, anonymity, disturbance, elimination of redundant data to protect the recommendation process from privacy breaches. So, this situation motivated us to conduct a systematic literature review (SLR) to provide the viewpoint of privacy and security concerns as mentioned in current state-of-the-art in the mobile app recommendation domain.Design/methodology/approachIn this work, the authors have followed Kitchenham guidelines (Kitchenham and Charters, 2007) to devise the SLR process. According to the guidelines, the SLR process has three main phases: (1) define, (2) conduct the search and (3) report the results. Furthermore, the authors used systematic mapping approach as well to ensure the whole process.FindingsBased on the selected studies, the authors proposed three main thematic taxonomies, including architectural style, security and privacy strategies, and user-usage in the mobile app recommendation domain. From the studies' synthesis viewpoint, it is observed that the majority of the research efforts have focused on the movie recommendation field, while the mainly used privacy scheme is homomorphic encryption. Finally, the authors suggested a set of future research dimensions useful for the potential researchers interested to perform the research in the mobile app recommendation domain.Originality/valueThis is an SLR article, based on existing published research, where the authors identified key issues and future directions.

scholarly journals Informed Consent in the U.S. Indigenous Peoples Context: A Systematic Literature Review 

2021 ◽  
Author(s):  
Tasha Gross ◽  
Clarita Lefthand-Begay
Keyword(s):  
Informed Consent ◽  
Literature Review ◽  
Cultural Values ◽  
Systematic Literature Review ◽  
Human Subjects ◽  
The United States ◽  
Inclusion Criteria ◽  
Research Practices ◽  
The Individual ◽  
The U.S

Abstract BACKGROUND: Tribal communities in the United States (U.S.) have a long history of subjection to unethical and exploitive medical and research practices. Today, many Tribal nations are establishing procedures in order to protect themselves from further harm and to advance culturally informed research practices. These procedures are also meant to ensure that their communities benefit from research conducted within their communities. Informed consent is a key element in protecting human subjects, but it may not be sufficient in the tribal context, as its conception is rooted in Western understandings of protection. Specifically, the informed consent emphasizes the individual, rather than the community as a whole, which is just as important in the context of conducting research with Native communities.METHODS: We conduct a systematic literature review to answer two related questions: How is informed consent being conceived of by U.S. tribes? And how is informed consent being required by U.S. tribes? Our inclusion criteria include articles focusing on informed consent within the U.S. tribal context, written in English in 2010-2020. Articles that did not fit our inclusion criteria were excluded. Two reviewers independently reviewed and coded 30 peer-reviewed articles by using content analysis and, in an iterative process, agreed on emerging codes and themes. RESULTS: A number of themes arise in the selected literature, including the conception of informed consent as a process, its operation at various levels (individual, collective, and government-to-government), possible alternatives to informed consent, and the need for specificity about ownership of samples and data, benefits and/or risks, and the methods and procedures that researchers use in the course of study.CONCLUSIONS: Our key results point to a need for clear and transparent information for prospective research participants and for consent forms and processes to include the collective, as well as the individual. This will better align with the cultural values and political standing of sovereign tribes in the U.S.

scholarly journals Structural equation modeling in cloud computing studies: a systematic literature review

Kybernetes ◽  
2019 ◽  
Vol 49 (3) ◽  
pp. 982-1019
Author(s):  
Erhan Pişirir ◽  
Erkan Uçar ◽  
Oumout Chouseinoglou ◽  
Cüneyt Sevgi
Keyword(s):  
Cloud Computing ◽  
Structural Equation Modeling ◽  
Literature Review ◽  
Systematic Literature Review ◽  
Structural Equation ◽  
Security And Privacy ◽  
Equation Modeling ◽  
Content Type ◽  
Current State ◽  
Sem Studies

Purpose This study aims to examine the current state of literature on structural equation modeling (SEM) studies in “cloud computing” domain with respect to study domains of research studies, theories and frameworks they use and SEM models they design. Design/methodology/approach Systematic literature review (SLR) protocol is followed. In total, 96 cloud computing studies from 2009 to June 2018 that used SEM obtained from four databases are selected, and relevant data are extracted to answer the research questions. Findings A trend of increasing SEM usage over years in cloud studies is observed, where technology adoption studies are found to be more common than the use studies. Articles appear under four main domains, namely, business, personal use, education and health care. Technology acceptance model (TAM) is found to be the most commonly used theory. Adoption, intention to use and actual usage are the most common selections for dependent variables in SEM models, whereas security and privacy concerns, costs, ease of use, risks and usefulness are the most common selections for causal factors. Originality/value Previous cloud computing SLR studies did not focus on statistical analysis method used in primary studies. This review will display the current state of SEM studies in cloud domain for all future academics and practical professionals.

scholarly journals Mobile Government Applications Based on Security and Privacy: A Literature Review

2018 ◽  
Vol 7 (4.1) ◽  
pp. 51
Author(s):  
Ala'a Saeb Al-Sherideh ◽  
Roesnita Ismail ◽  
Fauziah Abdul Wahid ◽  
Norasikin Fabil ◽  
Waidah Ismail
Keyword(s):  
Literature Review ◽  
Mobile Applications ◽  
Public Services ◽  
Security Requirements ◽  
Security And Privacy ◽  
Privacy And Security ◽  
The Public ◽  
Privacy Requirements ◽  
Security Issues ◽  
The Government

Mobile applications available in anytime and from anywhere. The utilizing of mobile governmental applications is significant to reduce the efforts and time that are required to accomplish the public services by citizens. The main challenges that face the acceptance and adoption of mobile governmental applications are the privacy and security issues. The users, who do not trust the security of mobile governmental applications, may reject the use of these applications which discourages the government to adopt the mobile services. This study focuses in investigating the security and privacy requirements of mobile government applications. Many related works are reviewed and discussed to understand the important security requirements of mobile government applications. The main results indicate that effective privacy and security of mobile government applications should be assured so as to enhance the level of adopting and using these applications. The security requirements involve many considerations such as the hardware characteristics, software characteristics, and communication characteristics. This article mainly gives better understanding of security requirements of mobile government applications.   

A systematic literature review of incidence and predictors of headache and migraine in survivors of haemorrhagic stroke

2021 ◽  
Vol 17 (2) ◽  
pp. S26-S31
Author(s):  
Rachael Suzanne Jones
Keyword(s):  
Literature Review ◽  
Systematic Literature Review ◽  
Intracranial Haemorrhage ◽  
Human Subjects ◽  
Data Extraction ◽  
Haemorrhagic Stroke ◽  
True Incidence ◽  
Study Selection ◽  
Online Library

Background: Headache is a frequent symptom of stroke, but little is known about the true incidence of headache following a haemorrhagic stroke, or if there are any risk factors for experiencing stroke-related headache. A systematic literature review was undertaken to examine the burden of headache in haemorrhagic stroke. Methods: A systematic search of electronic databases, including MEDLINE, CINAHL, Embase, SAGE Premier, Wiley Online Library and Elsevier's ScienceDirect, with a date range of January 1990 to October 2016, for human subjects and written in English was performed. Study selection using clear criteria was undertaken, and data extraction and assessment of quality was performed. Results: Some five from a total of 27 studies met the selection criteria. A total of 483 participants were included. The pooled random effects model showed 0.5528 (95% CI 0.3756-0.7235) had headache at onset, and 0.3917 (95% CI 0.1156-0.7108) had long-term headaches. A pooled estimate for gender as a risk factor showed women had an odds ratio (OR) of 1.93 (95% CI 1.16-3.22). Conclusions: Approximately 55% of patients with intracranial haemorrhage will experience headaches at stroke onset, with a further 39% experiencing long-term headaches. Women are nearly twice as likely as men to experience headache post-intracranial haemorrhage.

A decade of security research in ubiquitous computing: results of a systematic literature review

2016 ◽  
Vol 12 (2) ◽  
pp. 216-259 ◽  
Author(s):  
Ema Kusen ◽  
Mark Strembeck
Keyword(s):  
Literature Review ◽  
Ubiquitous Computing ◽  
Systematic Literature Review ◽  
Resource Constraints ◽  
General Interest ◽  
Comprehensive Overview ◽  
Content Type ◽  
The Past ◽  
Security Research ◽  
Security Challenges

Purpose Ever since Mark Weiser coined the term “ubiquitous computing” (ubicomp) in 1988, there has been a general interest in proposing various solutions that would support his vision. However, attacks targeting devices and services of a ubicomp environment have demonstrated not only different privacy issues, but also a risk of endangering user’s life (e.g. by modifying medical sensor readings). Thus, the aim of this paper is to provide a comprehensive overview of security challenges of ubicomp environments and the corresponding countermeasures proposed over the past decade. Design/methodology/approach The results of this paper are based on a literature review method originally used in evidence-based medicine called systematic literature review (SLR), which identifies, filters, classifies and summarizes the findings. Findings Starting from the bibliometric results that clearly show an increasing interest in the topic of ubicomp security worldwide, the findings reveal specific types of attacks and vulnerabilities that have motivated the research over the past decade. This review describes most commonly proposed countermeasures – context-aware access control and authentication mechanisms, cryptographic protocols that account for device’s resource constraints, privacy-preserving mechanisms, and trust mechanisms for wireless ad hoc and sensor networks. Originality/value To the best of our knowledge, this is the first SLR on security challenges in ubicomp. The findings should serve as a reference to an extensive list of scientific contributions, as well as a guiding point for the researchers’ novel to the security research in ubicomp.

scholarly journals Deep and Meaningful E-Learning with Social Virtual Reality Environments in Higher Education: A Systematic Literature Review

2021 ◽  
Vol 11 (5) ◽  
pp. 2412
Author(s):  
Stylianos Mystakidis ◽  
Eleni Berki ◽  
Juri-Petri Valtanen
Keyword(s):  
Higher Education ◽  
Virtual Reality ◽  
Literature Review ◽  
Systematic Literature Review ◽  
Ethical Issues ◽  
Empirical Studies ◽  
Emotional Engagement ◽  
Privacy And Security ◽  
E Learning ◽  
Learner Agency

Deep and meaningful learning (DML) in distant education should be an essential outcome of quality education. In this literature review, we focus on e-learning effectiveness along with the factors and conditions leading to DML when using social virtual reality environments (SVREs) in distance mode higher education (HE). Hence, a systematic literature review was conducted summarizing the findings from thirty-three empirical studies in HE between 2004 (appearance of VR) and 2019 (before coronavirus appearance). We searched for the cognitive, social, and affective aspects of DML in a research framework and studied their weight in SVREs. The findings suggest that the use of SVREs can provide authentic, simulated, cognitively challenging experiences in engaging, motivating environments for open-ended social and collaborative interactions and intentional, personalized learning. Furthermore, the findings indicate that educators and SVRE designers need to place more emphasis on the socio-cultural semiotics and emotional aspects of e-learning and ethical issues such as privacy and security. The mediating factors for DML in SVREs were accumulated and classified in the resultant Blended Model for Deep and Meaningful e-learning in SVREs. Improvement recommendations include meaningful contexts, purposeful activation, learner agency, intrinsic emotional engagement, holistic social integration, and meticulous user obstacle removal.

scholarly journals A Perfect Match: Converging and Automating Privacy and Security Impact Assessment On-the-Fly

2021 ◽  
Vol 13 (2) ◽  
pp. 30
Author(s):  
Dimitrios Papamartzivanos ◽  
Sofia Anna Menesidou ◽  
Panagiotis Gouvas ◽  
Thanassis Giannetsos
Keyword(s):  
Risk Assessment ◽  
Impact Assessment ◽  
Information And Communication Technologies ◽  
Perfect Match ◽  
Assessment Process ◽  
Security And Privacy ◽  
Full Potential ◽  
Privacy Risk ◽  
Privacy And Security ◽  
Ict Infrastructure

As the upsurge of information and communication technologies has become the foundation of all modern application domains, fueled by the unprecedented amount of data being processed and exchanged, besides security concerns, there are also pressing privacy considerations that come into play. Compounding this issue, there is currently a documented gap between the cybersecurity and privacy risk assessment (RA) avenues, which are treated as distinct management processes and capitalise on rather rigid and make-like approaches. In this paper, we aim to combine the best of both worlds by proposing the APSIA (Automated Privacy and Security Impact Assessment) methodology, which stands for Automated Privacy and Security Impact Assessment. APSIA is powered by the use of interdependency graph models and data processing flows used to create a digital reflection of the cyber-physical environment of an organisation. Along with this model, we present a novel and extensible privacy risk scoring system for quantifying the privacy impact triggered by the identified vulnerabilities of the ICT infrastructure of an organisation. We provide a prototype implementation and demonstrate its applicability and efficacy through a specific case study in the context of a heavily regulated sector (i.e., assistive healthcare domain) where strict security and privacy considerations are not only expected but mandated so as to better showcase the beneficial characteristics of APSIA. Our approach can complement any existing security-based RA tool and provide the means to conduct an enhanced, dynamic and generic assessment as an integral part of an iterative and unified risk assessment process on-the-fly. Based on our findings, we posit open issues and challenges, and discuss possible ways to address them, so that such holistic security and privacy mechanisms can reach their full potential towards solving this conundrum.

Sign in / Sign up

Export Citation Format

Share Document