scholarly journals My Genome Belongs to Me: Controlling Third Party Computation on Genomic Data

2019 ◽  
Vol 2019 (1) ◽  
pp. 108-132 ◽  
Author(s):  
Dominic Deuber ◽  
Christoph Egger ◽  
Katharina Fech ◽  
Giulio Malavolta ◽  
Dominique Schröder ◽  
...  
Keyword(s):  
Communication Complexity ◽  
Personal Information ◽  
Genomic Data ◽  
Computable Function ◽  
Third Party ◽  
Cryptographic Protocol ◽  
Time Data ◽  
Critical Feature ◽  
Garbled Circuits ◽  
Data Owner

Abstract An individual’s genetic information is possibly the most valuable personal information. While knowledge of a person’s DNA sequence can facilitate the diagnosis of several heritable diseases and allow personalized treatment, its exposure comes with significant threats to the patient’s privacy. Currently known solutions for privacy-respecting computation require the owner of the DNA to either be heavily involved in the execution of a cryptographic protocol or to completely outsource the access control to a third party. This motivates the demand for cryptographic protocols which enable computation over encrypted genomic data while keeping the owner of the genome in full control. We envision a scenario where data owners can exercise arbitrary and dynamic access policies, depending on the intended use of the analysis results and on the credentials of who is conducting the analysis. At the same time, data owners are not required to maintain a local copy of their entire genetic data and do not need to exhaust their computational resources in an expensive cryptographic protocol. In this work, we present METIS, a system that assists the computation over encrypted data stored in the cloud while leaving the decision on admissible computations to the data owner. It is based on garbled circuits and supports any polynomially-computable function. A critical feature of our system is that the data owner is free from computational overload and her communication complexity is independent of the size of the input data and only linear in the size of the circuit’s output. We demonstrate the practicality of our approach with an implementation and an evaluation of several functions over real datasets.

Social Engineering Techniques and Password Security

2013 ◽  
Vol 3 (2) ◽  
pp. 58-70 ◽  
Author(s):  
B. Dawn Medlin
Keyword(s):  
Health Care ◽  
Health Care Workers ◽  
Personal Information ◽  
Social Engineering ◽  
Third Party ◽  
The Internet ◽  
Time Data ◽  
Password Security ◽  
Care Workers ◽  
Actual Health

Due to the Internet and applications that can access the Internet, healthcare employees can benefit from the ability to view patient data almost anywhere and at any time. Data and information is also being shared among third party vendors, partners and supplies. With this type of accessibility of information which generally does include very personal information such as diagnosis and social security numbers, data can easily be obtained either through social engineering techniques or weak password usage. In this paper, a presentation of social engineering techniques is explored as well as the password practices of actual health care workers.

scholarly journals A Secure Key Aggregate Searchable Encryption with Multi Delegation in Cloud Data Sharing Service

2021 ◽  
Vol 11 (19) ◽  
pp. 8841
Author(s):  
JoonYoung Lee ◽  
MyeongHyun Kim ◽  
JiHyeon Oh ◽  
YoungHo Park ◽  
KiSung Park ◽  
...  
Keyword(s):  
Data Sharing ◽  
Keyword Search ◽  
Personal Information ◽  
Formal Analysis ◽  
Searchable Encryption ◽  
Third Party ◽  
Security Evaluation ◽  
Cloud Data ◽  
Delegation Of Authority ◽  
Data Owner

As the amount of data generated in various distributed environments is rapidly increasing, cloud servers and computing technologies are attracting considerable attention. However, the cloud server has privacy issues, including personal information and requires the help of a Trusted Third Party (TTP) for data sharing. However, because the amount of data generated and value increases, the data owner who produces data must become the subject of data sharing. In this study, we use key aggregate searchable encryption (KASE) technology, which enables keyword search, to efficiently share data without using TTP. The traditional KASE scheme approach only discusses the authority delegation from the data owner to another user. The traditional KASE scheme approach only discusses delegation of authority from the data owner to another user. However, if the delegated entity cannot perform time-critical tasks because the shared data are unavailable, the delegate must further delegate the rights given to other users. Consequently, this paper proposes a new KASE scheme that enables multi-delegation without TTP and includes an authentication technique between the user and the server. After that, we perform informal and formal analysis using BAN logic and AVISPA for security evaluation, and compare the security and performance aspects with existing schemes.

A Survey on Privacy Preservation in Location-Based Mobile Business

2021 ◽  
Vol 13 (1) ◽  
pp. 20-39
Author(s):  
Ahmed Aloui ◽  
Okba Kazar
Keyword(s):  
Privacy Protection ◽  
Privacy Preservation ◽  
Service Providers ◽  
Personal Information ◽  
Third Party ◽  
Mobile Business ◽  
Protection Measures ◽  
System Architectures ◽  
Protection Goals ◽  
Privacy Issues

In mobile business (m-business), a client sends its exact locations to service providers. This data may involve sensitive and private personal information. As a result, misuse of location information by the third party location servers creating privacy issues for clients. This paper provides an overview of the privacy protection techniques currently applied by location-based mobile business. The authors first identify different system architectures and different protection goals. Second, this article provides an overview of the basic principles and mechanisms that exist to protect these privacy goals. In a third step, the authors provide existing privacy protection measures.

scholarly journals Decentralized collaborative TTP free approach for privacy preservation in location based services

2019 ◽  
Vol 9 (6) ◽  
pp. 5376
Author(s):  
Ajaysinh Devendrasinh Rathod ◽  
Saurabh Shah ◽  
Vivaksha J. Jariwala
Keyword(s):  
Privacy Preservation ◽  
Location Privacy ◽  
Emergency Services ◽  
Personal Information ◽  
Personal Digital Assistant ◽  
Minimum Cost ◽  
Location Based Services ◽  
Third Party ◽  
Trusted Third Party ◽  
Recent Trends

In recent trends, growth of location based services have been increased due to the large usage of cell phones, personal digital assistant and other devices like location based navigation, emergency services, location based social networking, location based advertisement, etc. Users are provided with important information based on location to the service provider that results the compromise with their personal information like user’s identity, location privacy etc. To achieve location privacy of the user, cryptographic technique is one of the best technique which gives assurance. Location based services are classified as Trusted Third Party (TTP) & without Trusted Third Party that uses cryptographic approaches. TTP free is one of the prominent approach in which it uses peer-to-peer model. In this approach, important users mutually connect with each other to form a network to work without the use of any person/server. There are many existing approaches in literature for privacy preserving location based services, but their solutions are at high cost or not supporting scalability.  In this paper, our aim is to propose an approach along with algorithms that will help the location based services (LBS) users to provide location privacy with minimum cost and improve scalability.

scholarly journals Controlled Functional Encryption Revisited: Multi-Authority Extensions and Efficient Schemes for Quadratic Functions

2021 ◽  
Vol 2021 (1) ◽  
pp. 21-42
Author(s):  
Miguel Ambrona ◽  
Dario Fiore ◽  
Claudio Soriente
Keyword(s):  
Homomorphic Encryption ◽  
Linear Functions ◽  
Quadratic Functions ◽  
Functional Encryption ◽  
Fine Grained ◽  
Multiple Data ◽  
Garbled Circuits ◽  
Private Data ◽  
Data Owner ◽  
Single Data

AbstractIn a Functional Encryption scheme (FE), a trusted authority enables designated parties to compute specific functions over encrypted data. As such, FE promises to break the tension between industrial interest in the potential of data mining and user concerns around the use of private data. FE allows the authority to decide who can compute and what can be computed, but it does not allow the authority to control which ciphertexts can be mined. This issue was recently addressed by Naveed et al., that introduced so-called Controlled Functional encryption (or C-FE), a cryptographic framework that extends FE and allows the authority to exert fine-grained control on the ciphertexts being mined. In this work we extend C-FE in several directions. First, we distribute the role of (and the trust in) the authority across several parties by defining multi-authority C-FE (or mCFE). Next, we provide an efficient instantiation that enables computation of quadratic functions on inputs provided by multiple data-owners, whereas previous work only provides an instantiation for linear functions over data supplied by a single data-owner and resorts to garbled circuits for more complex functions. Our scheme leverages CCA2 encryption and linearly-homomorphic encryption. We also implement a prototype and use it to showcase the potential of our instantiation.

OBJECTIVE SIGNS OF CRIMES AGAINST PROPERTY: THEFT OF FUNDS FROM A BANK CARD

2021 ◽  
pp. 14-19
Author(s):  
A. A. Goncharov ◽  
◽  
A. I. Boyko ◽  
Keyword(s):  
Direct Contact ◽  
Personal Information ◽  
Third Party ◽  
Electronic Payment ◽  
Bank Account ◽  
The Past ◽  
Bank Card ◽  
Definition Of ◽  
Monetary Assets ◽  
Two Bodies

The relevance of scientific research is caused primarily by the general transition of the society to the funds’ transfer network. Physical money is replaced by virtual one, the access to which is granted remotely. Therefore, in some situations, a lawbreaker can gain possession of non-cash resources far easier than stealing the cash of a possible victim. For the past two decades, lawbreakers successfully apply lots of ways allowing a lawbreaker both to possess personal information of another person – bank cardholder and, subsequently, to steal money from a holder’s account. The paper determines the objective signs of a crime against property and the list of attributes typical for stealing money funds from a bank card. The authors distinguish the objective signs of two bodies of a crime, which can fall within the definition of embezzlement from a bank card: a theft from a bank account, and fraud using electronic payment facilities. The authors conclude that the embezzlement from a bank card throw the commission of fraudulent acts is possible only when interacting with a third party. The actual presence of another person (a victim or an employee of credit, bank, commercial, or other organization) and the interaction of a criminal with this person is a prerequisite for classifying a crime as a fraud. Any actions aimed at the unlawful seizure of non-cash monetary assets and not accompanied by direct contact with a third party should be classified as theft.

An Analysis of Online Privacy Policies of Fortune 100 Companies

2009 ◽  
pp. 269-283
Author(s):  
Suhong Li
Keyword(s):  
Personal Information ◽  
Online Privacy ◽  
Third Party ◽  
Security Requirements ◽  
Current Status ◽  
Safe Harbor ◽  
Privacy Policy ◽  
Privacy Policies ◽  
Fair Information Practices ◽  
Fortune 100

The purpose of this chapter is to investigate the current status of online privacy policies of Fortune 100 Companies. It was found that 94% of the surveyed companies have posted an online privacy policy and 82% of them collect personal information from consumers. The majority of the companies only partially follow the four principles (notice, choice, access, and security) of fair information practices. For example, most of the organizations give consumers some notice and choice in term of the collection and use of their personal information. However, organizations fall short in security requirements. Only 19% of organizations mention that they have taken steps to provide security for information both during transmission and after their sites have received the information. The results also reveal that a few organizations have obtained third-party privacy seals including TRUSTe, BBBOnline Privacy, and Safe Harbor.

scholarly journals ACCESS TO DIGITAL CAR DATA AND COMPETITION IN AFTERMARKET MAINTENANCE SERVICES

2020 ◽  
Vol 16 (1) ◽  
pp. 116-141
Author(s):  
Bertin Martens ◽  
Frank Mueller-Langer
Keyword(s):  
Real Time ◽  
Network Effects ◽  
Economies Of Scale ◽  
Service Providers ◽  
Data Access ◽  
Third Party ◽  
Similar Data ◽  
Time Data ◽  
Price Discriminate ◽  
Data Portability

Abstract Before the arrival of digital car data, car manufacturers had already partly foreclosed the maintenance market through franchising contracts with a network of exclusive official dealers. EU regulation endorsed this foreclosure but mandated access to maintenance data for independent service providers to keep competition in these markets. The arrival of digital car data upsets this balance because manufacturers can collect real-time maintenance data on their servers and send messages to drivers. These can be used to price discriminate and increase the market share of official dealers. There are at least four alternative technical gateways that could give independent service providers similar data access options. However, they suffer in various degrees from data portability issues, switching costs and weak network effects, and insufficient economies of scale and scope in data analytics. Multisided third-party consumer media platforms appear to be better placed to overcome these economic hurdles, provided that an operational real-time data portability regime could be established.

Sealing One's Online Wall Off From Outsiders

2016 ◽  
Vol 12 (1) ◽  
pp. 21-34 ◽  
Author(s):  
Ardion Beldad
Keyword(s):  
Technology Acceptance ◽  
Technology Acceptance Model ◽  
Personal Information ◽  
Online Social Network ◽  
Social Network Sites ◽  
Third Party ◽  
Hierarchical Regression ◽  
Future Research ◽  
Privacy Settings ◽  
Acceptance Model

Pieces of personal information (e.g. contact details, photos, thoughts and opinions on issues and things) on online social network sites are susceptible to third-party surveillance. While users are provided with the possibility to prevent unwarranted access using available privacy settings, such settings may not often be adequately used. This research investigated the factors influencing the use of Facebook's privacy settings among young Dutch users based on the premises of Protection Motivation Theory and Technology Acceptance Model. A paper-based survey was implemented with 295 students in a vocational school in the eastern part of the Netherlands. Results of hierarchical regression analysis indicate that privacy valuation, self-efficacy, and respondents' age positively influenced the use of Facebook's privacy settings. Furthermore, the size of Facebook users' network negatively influences the use of those settings. Important results and points for future research are discussed in the paper.

Sign in / Sign up

Export Citation Format

Share Document