scholarly journals GO-E-MON: A New Online Platform for Decentralized Cognitive Science

2021 ◽  
Vol 5 (4) ◽  
pp. 76
Author(s):  
Satoshi Yazawa ◽  
Kikue Sakaguchi ◽  
Kazuo Hiraki
Keyword(s):  
Experimental Data ◽  
Data Distribution ◽  
Personal Data ◽  
Legal Aspects ◽  
Personal Privacy ◽  
Online Experiment ◽  
Sensitive Data ◽  
Experiment Platform ◽  
Security Issues ◽  
Replication Crisis

Advances in web technology and the widespread use of smartphones and PCs have proven that it is possible to optimize various services using personal data, such as location information and search history. While considerations of personal privacy and legal aspects lead to situations where data are monopolized by individual services and companies, a replication crisis has been pointed out for the data of laboratory experiments, which is challenging to solve given the difficulty of data distribution. To ensure distribution of experimental data while guaranteeing security, an online experiment platform can be a game changer. Current online experiment platforms have not yet considered improving data distribution, and it is currently difficult to use the data obtained from one experiment for other purposes. In addition, various devices such as activity meters and consumer-grade electroencephalography meters are emerging, and if a platform that collects data from such devices and tasks online is to be realized, the platform will hold a large amount of sensitive data, making it even more important to ensure security. We propose GO-E-MON, a service that combines an online experimental environment with a distributed personal data store (PDS), and explain how GO-E-MON can realize the reuse of experimental data with the subject’s consent by connecting to a distributed PDS. We report the results of the experiment in a groupwork lecture for university students to verify whether this method works. By building an online experiment environment integrated with a distributed PDS, we present the possibility of integrating multiple experiments performed by different experimenters—with the consent of individual subjects—while solving the security issues.

scholarly journals Secure Cloud Storage using Secret Key Sharing and Proxy Re-Encryption Based Third Party Auditing Service

2019 ◽  
Vol 8 (6) ◽  
pp. 1927-1931
Keyword(s):  
Research Work ◽  
Personal Data ◽  
Cloud Service ◽  
Third Party ◽  
Secret Key ◽  
Sensitive Data ◽  
Cloud Service Provider ◽  
Security Issues ◽  
Secure Cloud Storage ◽  
Third Party Auditing

Cloud Computing (CC) provides an easy way to access and store the information by vast remote servers, instead of using personal computer. There is no physical control over personal data by user, hence some security issues may arise for users and organization to secure the data in cloud. The sensitive data can be hacked by attackers, so the integrity of data stored in cloud is a major concern for users. In this research work, the data integrity can be ensured by using Third Party Storage Auditing Service (TPSAS), where it satisfies all the requirements of users in cloud. The ultimate aim of this research is to avoid the unauthorized access of user’s data stored in the cloud. In this paper, two major problems are considered for attaining the integrity of data in the cloud. The first one is, the unauthorized user tries to modify the data, which is solved by the proposed TPSAS. The second problem considered in this research is, since the Cloud Service Provider (CSP) is semi trustable it can be malfunctioned at any time, which can be solved based on the secure secret key sharing algorithm and proxy re-encryption methodology. The secure secret key sharing is implemented based on the Shamir key sharing algorithm and the proxy re-encryption process is implemented based on the bear and lion proxy re-encryption methodology.

scholarly journals Personas elektroniskās identifikācijas tiesiskā regulējuma problemātika

2020 ◽  
Vol 1 (16) ◽  
pp. 87-99
Author(s):  
Dace Mote
Keyword(s):  
Service Provider ◽  
Data Security ◽  
Information Technologies ◽  
Personal Data ◽  
Legal Regulation ◽  
Legal Aspects ◽  
Security Issues ◽  
Electronic Service ◽  
Master's Thesis ◽  
To Receive

Attīstoties informācijas tehnoloģijām un digitālajiem risinājumiem, pieaug iedzīvotāju vēlme saņemt pakalpojumus elektroniski – vai tie būtu sadzīviska rakstura pakalpojumi vai valsts un pašvaldības iestāžu piedāvātie elektroniskie pakalpojumi. Lai persona varētu saņemt attālinātus iestāžu pakalpojumus, tai ir nepieciešams elektroniski identificēties. Personas veiksmīgas elektroniskās identifikācijas būtiskākās komponentes ir abu pušu saistību izpilde personas datu drošības jautājumos un pakalpojumu sniedzēja spēja tehniski nodrošināt personas elektronisko identifikāciju. Rakstā tiek apskatīti elektroniskās identifikācijas veidi, to raksturojums un tiesiskie aspekti, izvērtējot tiesisko regulējumu, pieejamo literatūru un aktuālo tiesu praksi elektroniskās identificēšanas jautājumos. Raksts ir balstīts uz autores izstrādāto maģistra darbu, kurā tika pētīti personas elektroniskās identifikācijas riski un tiesiskā regulējuma problemātika. With the development of information technologies and digital solutions, desire of people to receive services electronically increases – whether it is a domestic or an electronic service offered by state or municipal authorities. In order to receive services of authorities remotely, a person needs to be identified electronically. The most important components of a person’s successful electronic identification are the fulfillment of both parties’ obligations on personal data security issues and the ability of the service provider to technically secure the person’s electronic identification. The Author of the paper has analysed types of person’s electronic identification, their characterisation and legal aspects, evaluating legal regulation, available literature and current court practice in electronic identification issues. The article is based on the author’s Master’s thesis, which explored the risks of electronic identification of a person and the issues of legal regulation.

scholarly journals LEGAL BASIS FOR DATA PROCESSING RELATED TO THE EMPLOYEES' ADDICTIONS BY EMPLOYERS IN POLAND

2021 ◽  
Author(s):  
Małgorzata Mędrala
Keyword(s):  
Data Processing ◽  
Personal Data ◽  
Legal Aspects ◽  
Legal Obligation ◽  
Legal Basis ◽  
Labour Law ◽  
Sensitive Data ◽  
Labour Relations ◽  
Polish Law

The aim of this article is the analysis of possible legal basics for processing of personal data on employees’ addictions in Polish labour law. The Author analyses the concept of “addiction” in social, medical and legal aspects. She qualifies the data on addictions as the sensitive data. It is connected with strict regime of processing them in labour relations. In most situations in Polish law the processing of personal data on addiction of employees is done in indirect way. The most common legal basis of processing of personal data on addictions in serious cases is legal obligation of employer connected with ensuring health and life of people in the workplace. It is also possible to process the data on addictions on the basis of some other legal basics analized by Author.

A security study in Portuguese Public Hospitals - GDPR perspective (Preprint)

2020 ◽  
Author(s):  
Cátia Santos-Pereira
Keyword(s):  
Information Systems ◽  
Identity Management ◽  
Personal Data ◽  
Public Hospitals ◽  
Hospital Environment ◽  
Security Measures ◽  
Eu Member States ◽  
Security Issues ◽  
Management Processes ◽  
Authentication Security

BACKGROUND GDPR was scheduled to be formally adopted in 2016 with EU member states being given two years to implement it (May 2018). Given the sensitive nature of the personal data that healthcare organization process on a 24/7 basis, it is critical that the protection of that data in a hospital environment is given the high priority that data protection legislation (GDPR) requires. OBJECTIVE This study addresses the state of Public Portuguese hospitals regarding GDPR compliance in the moment of GDPR preparation period (2016-2018) before the enforcement in 25 May 2018, and what activities have started since then. The study focuses in three GDPR articles namely 5, 25 and 32, concerning authentication security, identity management processes and audit trail themes. METHODS The study was conducted between 2017 and 2019 in five Portuguese Public Hospitals (each different in complexity). In each hospital, six categories of information systems critical to health institutions were included in the study, trying to cover the main health information systems available and common to hospitals (ADT, EPR, PMS, RIS, LIS and DSS). It was conducted interviews in two phases (before and after GDPR enforcement) with the objective to identify the maturity of information systems of each hospital regarding authentication security, identity management processes and traceability and efforts in progress to avoid security issues. RESULTS A total of 5 hospitals were included in this study and the results of this study highlight the hospitals privacy maturity, in general, the hospitals studied where very far from complying with the security measures selected (before May 2018). Session account lock and password history policy were the poorest issues, and, on the other hand, store encrypted passwords was the best issue. With the enforcement of GDPR these hospitals started a set of initiatives to fill this gap, this is made specifically for means of making the whole process as transparent and trustworthy as possible and trying to avoid the huge fines. CONCLUSIONS We are still very far from having GDPR compliant systems and Institutions efforts are being done. The first step to align an organization with GDPR should be an initial audit of all system. This work collaborates with the initial security audit of the hospitals that belong to this study.

scholarly journals An Autonomous Cybersecurity Framework for Next-generation Digital Service Chains

2021 ◽  
Vol 29 (4) ◽  
Author(s):  
Matteo Repetto ◽  
Domenico Striccoli ◽  
Giuseppe Piro ◽  
Alessandro Carrega ◽  
Gennaro Boggia ◽  
...  
Keyword(s):  
Business Models ◽  
Identity Management ◽  
Methodological Approach ◽  
Value Chains ◽  
Sensitive Data ◽  
Digital Service ◽  
Security Issues ◽  
Security Services ◽  
New Business ◽  
Access Control Management

AbstractToday, the digital economy is pushing new business models, based on the creation of value chains for data processing, through the interconnection of processes, products, services, software, and things across different domains and organizations. Despite the growing availability of communication infrastructures, computing paradigms, and software architectures that already effectively support the implementation of distributed multi-domain value chains, a comprehensive architecture is still missing that effectively fulfills all related security issues: mutual trustworthiness of entities in partially unknown topologies, identification and mitigation of advanced multi-vector threats, identity management and access control, management and propagation of sensitive data. In order to fill this gap, this work proposes a new methodological approach to design and implement heterogeneous security services for distributed systems that combine together digital resources and components from multiple domains. The framework is designed to support both existing and new security services, and focuses on three novel aspects: (i) full automation of the processes that manage the whole system, i.e., threat detection, collection of information and reaction to attacks and system anomalies; (ii) dynamic adaptation of operations and security tasks to newest attack patterns, and (iii) real-time adjustment of the level of detail of inspection and monitoring processes. The overall architecture as well as the functions and relationships of its logical components are described in detail, presenting also a concrete use case as an example of application of the proposed framework.

scholarly journals A Secure Ciphertext Retrieval Scheme against Insider KGAs for Mobile Devices in Cloud Storage

2018 ◽  
Vol 2018 ◽  
pp. 1-7 ◽  
Author(s):  
Run Xie ◽  
Chanlian He ◽  
Dongqing Xie ◽  
Chongzhi Gao ◽  
Xiaojun Zhang
Keyword(s):  
Cloud Computing ◽  
Mobile Devices ◽  
Data Privacy ◽  
Security Analysis ◽  
Data Retrieval ◽  
Sensitive Data ◽  
Encrypted Data ◽  
Security Issues ◽  
Efficiency Comparison ◽  
Cloud Servers

With the advent of cloud computing, data privacy has become one of critical security issues and attracted much attention as more and more mobile devices are relying on the services in cloud. To protect data privacy, users usually encrypt their sensitive data before uploading to cloud servers, which renders the data utilization to be difficult. The ciphertext retrieval is able to realize utilization over encrypted data and searchable public key encryption is an effective way in the construction of encrypted data retrieval. However, the previous related works have not paid much attention to the design of ciphertext retrieval schemes that are secure against inside keyword-guessing attacks (KGAs). In this paper, we first construct a new architecture to resist inside KGAs. Moreover we present an efficient ciphertext retrieval instance with a designated tester (dCRKS) based on the architecture. This instance is secure under the inside KGAs. Finally, security analysis and efficiency comparison show that the proposal is effective for the retrieval of encrypted data in cloud computing.

scholarly journals Privacy and Security Issues in Online Social Networks

2018 ◽  
Vol 10 (12) ◽  
pp. 114 ◽  
Author(s):  
Shaukat Ali ◽  
Naveed Islam ◽  
Azhar Rauf ◽  
Ikram Din ◽  
Mohsen Guizani ◽  
...  
Keyword(s):  
Social Networks ◽  
Online Social Networks ◽  
Virtual Communities ◽  
Service Providers ◽  
Security And Privacy ◽  
Security Issue ◽  
Sensitive Data ◽  
Privacy And Security ◽  
Security Issues ◽  
Social Sphere

The advent of online social networks (OSN) has transformed a common passive reader into a content contributor. It has allowed users to share information and exchange opinions, and also express themselves in online virtual communities to interact with other users of similar interests. However, OSN have turned the social sphere of users into the commercial sphere. This should create a privacy and security issue for OSN users. OSN service providers collect the private and sensitive data of their customers that can be misused by data collectors, third parties, or by unauthorized users. In this paper, common security and privacy issues are explained along with recommendations to OSN users to protect themselves from these issues whenever they use social media.

scholarly journals REGISTRATION ON THE WEBSITE OF THE MEDIA AND REQUIREMENTS FOR PERSONAL DATA IN RUSSIAN LEGISLATION

2020 ◽  
pp. 72-82
Author(s):  
П.В. Ивлиев
Keyword(s):  
Dispute Resolution ◽  
Personal Data ◽  
Legal Aspects ◽  
The Media

Аннотация. В статье рассматриваются нормы российского законодательства, регламентирующие правовые аспекты работы с персональными данными. Освещены термины сопутствующие персональным данным, исследуются актуальные проблемы работы средств массовой информации с персональными данными. Затрагиваются некоторые особенности разрешения споров относительно незаконного использования персональных данных. Annotation. The article examines the norms of Russian legislation that regulate the legal aspects of working with personal data. The terms related to personal data are highlighted; the actual problems of the work of the media with personal data are investigated. Some features of dispute resolution regarding the illegal use of personal data are touched upon.

scholarly journals Solutions to Big Data Privacy and Security Challenges Associated With COVID-19 Surveillance Systems

2021 ◽  
Vol 4 ◽  
Author(s):  
Vibhushinie Bentotahewa ◽  
Chaminda Hewage ◽  
Jason Williams
Keyword(s):  
Big Data ◽  
Data Privacy ◽  
Personal Data ◽  
Surveillance Systems ◽  
Privacy Rights ◽  
Personal Privacy ◽  
Privacy And Security ◽  
Digital Surveillance ◽  
Feasible Solutions ◽  
The Impact

The growing dependency on digital technologies is becoming a way of life, and at the same time, the collection of data using them for surveillance operations has raised concerns. Notably, some countries use digital surveillance technologies for tracking and monitoring individuals and populations to prevent the transmission of the new coronavirus. The technology has the capacity to contribute towards tackling the pandemic effectively, but the success also comes at the expense of privacy rights. The crucial point to make is regardless of who uses and which mechanism, in one way another will infringe personal privacy. Therefore, when considering the use of technologies to combat the pandemic, the focus should also be on the impact of facial recognition cameras, police surveillance drones, and other digital surveillance devices on the privacy rights of those under surveillance. The GDPR was established to ensure that information could be shared without causing any infringement on personal data and businesses; therefore, in generating Big Data, it is important to ensure that the information is securely collected, processed, transmitted, stored, and accessed in accordance with established rules. This paper focuses on Big Data challenges associated with surveillance methods used within the COVID-19 parameters. The aim of this research is to propose practical solutions to Big Data challenges associated with COVID-19 pandemic surveillance approaches. To that end, the researcher will identify the surveillance measures being used by countries in different regions, the sensitivity of generated data, and the issues associated with the collection of large volumes of data and finally propose feasible solutions to protect the privacy rights of the people, during the post-COVID-19 era.

scholarly journals Factors that Influence the Android Apps Permissions

2016 ◽  
Vol 1 (2) ◽  
pp. 59
Author(s):  
Normi Sham Awang Abu Bakar ◽  
Iqram Mahmud
Keyword(s):  
Not Given ◽  
Sensitive Data ◽  
Security Issues ◽  
Android Apps ◽  
Android Applications ◽  
Android Market ◽  
Malicious Apps ◽  
The Right ◽  
User Ratings ◽  
Average User

The Android Market is the official (and primary) storefor Android applications. The Market provides users with average user ratings, user reviews, descriptions, screenshots,and permissions to help them select applications. Generally, prior to installation of the apps, users need to agree on the permissions requested by the apps, they are not given any other option. Essentially, users may not aware on some security issues that may arise from the permissions. Some apps request the right to manipulate sensitive data, such as GPS location, photos, calendar, contact, email and files. In this paper, we explain the sources of sensitive data, what the malicious apps can do to the data, and apply the empirical software engineering analysis to find the factors that could potentially influence the permissions in Android apps. In addition, we also highlight top ten most implemented permissions in Android apps and also analyse the permissions for the apps categories in Android.

Sign in / Sign up

Export Citation Format

Share Document