Improving IoT Privacy, Data Protection and Security Concerns

IoT has continued to evolve over the years with a promise to provide the users with effective means to interact, communicate, transact and create strong relationship. The invention and the development of IoT have created benefits for many businesses and individuals. However, as the IoT continues to evolve and develop, it has been subjected to certain threats and vulnerabilities. The common vulnerabilities notable in IoT include the security, privacy and data protection concerns. These issues have not been addressed by many scholars thus necessitated the need for this research study. Therefor the research study was concerned with the developed of a new IoT model that can enhance the security and privacy of the users of the IoT. The results indicate that the new model can be effective in addressing the needs of the IoT users. However, it noted that future research studies are still needed to improve the performance of the IoT security models.

Download Full-text

OpenEHR and General Data Protection Regulation: Evaluation of Principles and Requirements (Preprint)

10.2196/preprints.9845 ◽

2018 ◽

Author(s):

Duarte Gonçalves-Ferreira ◽

Mariana Sousa ◽

Gustavo M Bacelar-Silva ◽

Samuel Frade ◽

Luís Filipe Antunes ◽

...

Keyword(s):

Data Protection ◽

Personal Data ◽

Design Principles ◽

Security And Privacy ◽

The European Union ◽

Health Records ◽

General Data Protection Regulation ◽

Personal Data Protection ◽

General Data ◽

The Common

BACKGROUND Concerns about privacy and personal data protection resulted in reforms of the existing legislation in the European Union (EU). The General Data Protection Regulation (GDPR) aims to reform the existing directive on the topic of personal data protection of EU citizens with a strong emphasis on more control of the citizens over their data and in the establishment of rules for the processing of personal data. OpenEHR is a standard that embodies many principles of interoperable and secure software for electronic health records (EHRs) and has been advocated as the best approach for the development of hospital information systems. OBJECTIVE This study aimed to understand to what extent the openEHR standard can help in the compliance of EHR systems to the GDPR requirements. METHODS A list of requirements for an EHR to support GDPR compliance and also a list of the openEHR design principles were made. The requirements were categorized and compared with the principles by experts on openEHR and GDPR. RESULTS A total of 50 GDPR requirements and 8 openEHR design principles were identified. The openEHR principles conformed to 30% (15/50) of GDPR requirements. All the openEHR principles were aligned with GDPR requirements. CONCLUSIONS This study showed that the openEHR principles conform well to GDPR, underlining the common wisdom that truly realizing security and privacy requires it to be built in from the start. By using an openEHR-based EHR, the institutions are closer to becoming compliant with GDPR while safeguarding the medical data.

Download Full-text

Protecting a new Achilles heel: the role of auditors within the practice of data protection

Managerial Auditing Journal ◽

10.1108/maj-03-2018-1836 ◽

2019 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Matteo La Torre ◽

Vida Lucia Botes ◽

John Dumay ◽

Elza Odendaal

Keyword(s):

Big Data ◽

Data Protection ◽

Data Security ◽

Security And Privacy ◽

Legal Responsibility ◽

Future Research ◽

Content Type ◽

Privacy Concerns ◽

Digital Ecosystem

Purpose Privacy concerns and data security are changing the risks for businesses and organisations. This indicates that the accountability of all governance participants changes. This paper aims to investigate the role of external auditors within data protection practices and how their role is evolving due to the current digital ecosystem. Design/methodology/approach By surveying the literature, the authors embrace a practice-oriented perspective to explain how data protection practices emerge, exist and occur and examine the auditors’ position within data protection. Findings Auditors need to align their tasks to the purpose of data protection practices. Accordingly, in accessing and using data, auditors are required to engage moral judgements and follow ethical principles that go beyond their legal responsibility. Simultaneously, their accountability extends to data protection ends for instilling confidence that security risks are properly managed. Due to the changing technological conditions under, which auditors operate, the traditional auditors’ task of hearing and verifying extend to new phenomena that create risks for businesses. Thus, within data protection practices, auditors have the accountability to keep interested parties informed about data security and privacy risks, continue to transmit signals to users and instill confidence in businesses. Research limitations/implications The normative level of the study is a research limitation, which calls for future empirical research on how Big Data and data protection is reshaping accounting and auditing practices. Practical implications This paper provides auditing standard setters and practitioners with insights into the redefinitions of auditing practices in the era of Big Data. Social implications Recent privacy concerns at Facebook have sent warning signals across the world about the risks posed by in Big Data systems in terms of privacy, to those charged with governance of organisations. Auditors need to understand these privacy issues to better serve their clients. Originality/value This paper contributes to triggering discussions and future research on data protection and privacy in accounting and auditing research, which is an emerging, yet unresearched topic.

Download Full-text

IoT Security and Privacy Concern A systematic Mapping Study

International Journal of Hyperconnectivity and the Internet of Things ◽

10.4018/ijhiot.285589 ◽

2022 ◽

Vol 6 (1) ◽

pp. 0-0

Keyword(s):

Radio Frequency Identification ◽

Security And Privacy ◽

Future Research ◽

The Internet ◽

Systematic Mapping Study ◽

Privacy Concern ◽

Systematic Mapping ◽

Iot Security ◽

Identification Tags ◽

Use Of The Internet

The extend of clever gadgets has accelerated touchy statistics trade on the Internet the usage of most of the time unsecured channels. Since a large use of RFID (Radio-frequency Identification) tags in the transportation and development industries from 1980 to 1990, with the multiplied use of the Internet with 2G/3G or 4G when you consider that 2000, we are witnessing a new generation of related objects. . This paper aims to understand and additionally grant continuing doe’s research topic, challenge, and Future Direction related to Iot security. A systematic mapping finds out about (SMS) is thus utilized on the way to organize the chosen Articles into the following classification: contribution type, Type of Research, Iot Security, and their approach. We take out an overall of twenty-four Articles in support of this systematic discover out about also they categorize the following described criterion. The findings of this SMS are mentioned and the researcher was once given hints on the possible route for future research

Download Full-text

Research on Key Security Strategies of Cloud Computing

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.756-759.1185 ◽

2013 ◽

Vol 756-759 ◽

pp. 1185-1189

Author(s):

Duan Yang Zhao ◽

Qing Xiang Xu ◽

Xia Xia Hu

Keyword(s):

Cloud Computing ◽

Data Security ◽

Large Scale ◽

Security And Privacy ◽

Security Threats ◽

Incident Response ◽

Security Incident ◽

Security Issues ◽

Security Models ◽

The Common

More and more organizations and individuals outsource their storage and computing business into cloud computing, which is a representation of a movement towards the intensive, large scale specialization and economy. Cloud computing brings about convenience and efficiency, but challenges in the areas of data security and privacy protection. This paper identifies the most vulnerable security threats in cloud computing, which will enable both end users and vendors to know about the key security threats associated with cloud computing, and to know about critical analysis about the different security models and tools proposed. Key security strategies from the infrastructure, operation and security incident response relieve the common security issues of cloud computing.

Download Full-text

A Study on Security and Privacy Guidelines, Countermeasures, Threats: IoT Data at Rest Perspective

Symmetry ◽

10.3390/sym11060774 ◽

2019 ◽

Vol 11 (6) ◽

pp. 774 ◽

Cited By ~ 6

Author(s):

Hezam Akram Abdulghani ◽

Niels Alexander Nijdam ◽

Anastasija Collen ◽

Dimitri Konstantas

Keyword(s):

Data Protection ◽

Smart Grids ◽

Smart Cities ◽

Internet Security ◽

Security And Privacy ◽

Battery Life ◽

Privacy By Design ◽

Protection Measures ◽

Iot Security ◽

Smart Cars

The Internet of Things (IoT) makes our lives much easier, more valuable, and less stressful due to the development of many applications around us including smart cities, smart cars, and smart grids, offering endless services and solutions. Protecting IoT data of such applications at rest either on the objects or in the cloud is an indispensable requirement for achieving a symmetry in the handling and protection of the IoT, as we do with data created by persons and applications. This is because unauthorised access to such data may lead to harmful consequences such as linkage attacks, loss of privacy, and data manipulation. Such undesired implications may jeopardise the existence of IoT applications if protection measures are not taken, and they stem from two main factors. One is that IoT objects have limited capabilities in terms of memory capacity, battery life, and computational power that hamper the direct implementation of conventional Internet security solutions without some modifications (e.g., traditional symmetric algorithms). Another factor is the absence of widely accepted IoT security and privacy guidelines for IoT data at rest and their appropriate countermeasures, which would help IoT stakeholders (e.g., developers, manufacturers) to develop secure IoT systems and therefore enhance IoT security and privacy by design. Toward this end, we first briefly describe the main IoT security goals and identify IoT stakeholders. Moreover, we briefly discuss the most well-known data protection frameworks (e.g., General Data Protection Regulation (GDPR), Health Insurance Portability (HIPAA)). Second, we highlight potential attacks and threats against data at rest and show their violated security goals (e.g., confidentiality and integrity). Third, we review a list of protection measures by which our proposed guidelines can be accomplished. Fourth, we propose a framework of security and privacy guidelines for IoT data at rest that can be utilised to enhance IoT security and privacy by design and establish a symmetry with the protection of user-created data. Our framework also presents the link between the suggested guidelines, mitigation techniques, and attacks. Moreover, we state those IoT stakeholders (e.g., manufacturers, developers) who will benefit most from these guidelines. Finally, we suggest several open issues requiring further investigation in the future, and we also discuss the limitations of our suggested framework.

Download Full-text

COMPARING AGILE LEADERSHIP WITH BIOMIMICRY-BASED GRAY WOLF: PROPOSING A NEW MODEL

Business And Management Studies An International Journal ◽

10.15295/bmij.v8i2.1480 ◽

2020 ◽

Vol 8 (2) ◽

pp. 1455-1478

Author(s):

Bülent AKKAYA ◽

Ayşe MERİÇ YAZICI

Keyword(s):

Social Sciences ◽

Interdisciplinary Approach ◽

Strong Relationship ◽

Gray Wolf ◽

Analysis Method ◽

Differential Impact ◽

New Model ◽

Leadership Models ◽

The Common ◽

The Impact

Biomimicry is a modern interdisciplinary approach that motivates leaders by nature to use its applications. Leadership is not only a subject of study in biology but also in all social sciences. This research focuses on understanding the mechanism behind the coordinated behaviour observed in mobile animal groups in order to assess the impact of leadership models in biology and sociology on group behaviours. In this context, this study aims to reveal the common grounds and to establish bridges between agile leadership and biomimicry by using a new model on grey wolves. The research was done by qualitative analysis method including current literature. The findings reveal that there is a strong relationship between characteristics and qualities agile leadership and of wolves. It is resulted that natural and biological cycles inspire on the leadership models. Understanding this differential impact and the ability of leadership is the key to appreciate the function of group organizations in collective animal systems.

Download Full-text

A Pilot Study of Mobile Telephone Message Interventions with Suicide Attempters in China

Crisis ◽

10.1027/0227-5910/a000017 ◽

2010 ◽

Vol 31 (2) ◽

pp. 109-112 ◽

Cited By ~ 35

Author(s):

Hui Chen ◽

Brian L. Mishara ◽

Xiao Xian Liu

Keyword(s):

Pilot Study ◽

Effective Means ◽

Text Message ◽

Text Messages ◽

Mobile Telephone ◽

Future Research ◽

Quick Method ◽

Suicide Attempters ◽

To Receive

Background: In China, where follow-up with hospitalized attempters is generally lacking, there is a great need for inexpensive and effective means of maintaining contact and decreasing recidivism. Aims: Our objective was to test whether mobile telephone message contacts after discharge would be feasible and acceptable to suicide attempters in China. Methods: Fifteen participants were recruited from suicide attempters seen in the Emergency Department in Wuhan, China, to participate in a pilot study to receive mobile telephone messages after discharge. All participants have access to a mobile telephone, and there is no charge for the user to receive text messages. Results: Most participants (12) considered the text message contacts an acceptable and useful form of help and would like to continue to receive them for a longer period of time. Conclusions: This suggests that, as a low-cost and quick method of intervention in areas where more intensive follow-up is not practical or available, telephone messages contacts are accessible, feasible, and acceptable to suicide attempters. We hope that this will inspire future research on regular and long-term message interventions to prevent recidivism in suicide attempters.

Download Full-text

Website Information Security and Privacy Concerns in 4IR: The Moderating Role of Trust in B2C e-Commerce

10.29007/jlq6 ◽

2019 ◽

Author(s):

Thabang Mofokeng

Keyword(s):

South Africa ◽

Customer Satisfaction ◽

Customer Loyalty ◽

Success Factors ◽

Industrial Revolution ◽

Emerging Market ◽

Security And Privacy ◽

Future Research ◽

Privacy And Security ◽

Customer Trust

The technology devices introduced in recent years are not only vulnerable to Internet risks but are also unable to elevate the growth of B2C e-commerce. These concerns are particularly relevant today, as the world transitions into the Fourth Industrial Revolution. To date, existing research has largely focused on obstacles to customer loyalty. Studies have tested e-commerce models guided by the establishment of trusting, satisfied and loyal consumers in various international contexts. In South Africa, however, as an emerging market, there has been limited research on the success factors of online shopping.This study examines the influence of security and privacy on trust, seen as a moderator of customer satisfaction, which in turn, has an effect on loyalty towards websites. Based on an exhaustive review of literature, a conceptual model is proposed on the relationships between security and privacy on the one hand, and customer trust, satisfaction and loyalty on the other. A total of 250 structured, self-administered questionnaires was distributed to a purposively selected sample of respondents using face-to-face surveys in Johannesburg, South Africa. A multivariate data analysis technique was used to draw inferences from the data. With an 80.1% response rate, the findings showed that privacy and security do influence customer trust; security strongly influences customer trust and weakly influences satisfaction. In South Africa, customer loyalty towards websites is strongly determined by satisfaction and weakly determined by trust. Trust significantly moderates the effect of customer satisfaction on loyalty. The study implications and limitations are presented and future research directions are suggested.

Download Full-text

Mix Networks: Existing Scenarios and Future Directions on Security and Privacy

Recent Patents on Engineering ◽

10.2174/1872212114666191223125619 ◽

2019 ◽

Vol 14 ◽

Author(s):

Khaleel Ahmad ◽

Afsar Kamal

Keyword(s):

Security And Privacy ◽

Research Progress ◽

Future Research ◽

Future Directions ◽

Practical Solution ◽

Research Gap ◽

The Web ◽

Privacy Enhancing Techniques

Background: Privacy enhancing techniques are developed in order to provide strong protection to cyberspace. These techniques aim to allow users to keep their identities hidden during the communication when they are sending email, making payments online, browsing the Web or posting to newsgroups. MixNet is the most practical solution for concealing identities of message and sender’s identities. Objective: It provides sender and receiver anonymity as well as message security. The main goal of MixNet is to overcome vulnerability and enhance the performance of communication. It can efficiently handle the messages of various length and produce desirable results with privacy. The main objective of this paper is to acquire information and concepts regarding MixNet. We also provide guidelines for future research and references. Methods : The designing of MixNet depends on what cryptosystem method is used. Symmetric and Asymmetric both are used. Other methods could be also used such as PIR, CSP and FDR model, RPC, Token-based approach or others. Result: In this paper we provide an overview of MixNet approaches and presented a survey on MixNet based techniques and different models. We also constructed the comparison tables as per our requirements for better understanding. For this purpose, we found a total of 120 articles related to the MixNet published between 1990 and 2018 from the most relevant scientific resources. However, only 86 papers were analyzed due to comprehensiveness and relevancy to this article. Conclusion: Focused on the security and privacy of communication and how it can be achieved. This survey also reveals research progress and research gap on MixNet.

Download Full-text

‘CTRL’: an online, Dynamic Consent and participant engagement platform working towards solving the complexities of consent in genomic research

European Journal of Human Genetics ◽

10.1038/s41431-020-00782-w ◽

2021 ◽

Author(s):

Matilda A. Haas ◽

Harriet Teare ◽

Megan Prictor ◽

Gabi Ceregra ◽

Miranda E. Vidgen ◽

...

Keyword(s):

Large Scale ◽

Genomic Medicine ◽

International Standards ◽

Security And Privacy ◽

Genomic Research ◽

Return Of Results ◽

Future Research ◽

Design And Development ◽

Participant Engagement ◽

Dynamic Consent

AbstractThe complexities of the informed consent process for participating in research in genomic medicine are well-documented. Inspired by the potential for Dynamic Consent to increase participant choice and autonomy in decision-making, as well as the opportunities for ongoing participant engagement it affords, we wanted to trial Dynamic Consent and to do so developed our own web-based application (web app) called CTRL (control). This paper documents the design and development of CTRL, for use in the Australian Genomics study: a health services research project building evidence to inform the integration of genomic medicine into mainstream healthcare. Australian Genomics brought together a multi-disciplinary team to develop CTRL. The design and development process considered user experience; security and privacy; the application of international standards in data sharing; IT, operational and ethical issues. The CTRL tool is now being offered to participants in the study, who can use CTRL to keep personal and contact details up to date; make consent choices (including indicate preferences for return of results and future research use of biological samples, genomic and health data); follow their progress through the study; complete surveys, contact the researchers and access study news and information. While there are remaining challenges to implementing Dynamic Consent in genomic research, this study demonstrates the feasibility of building such a tool, and its ongoing use will provide evidence about the value of Dynamic Consent in large-scale genomic research programs.

Download Full-text