Bundle Security: Verifying Confidentiality and Integrity for the Interplanetary Overlay Network

Lindner, Patricia J.

11 June 2019

No description available.

Computer Science

delay tolerant networking

DTN

security

confidentiality

integrity

Private Interests in the Public Domain: Provacy and Confidentiality in Observational Health Research

Emerson, Claudia I. A.

09 1900

The expectation of privacy and confidentiality in health care presents a unique dilemma for public health interests. A great deal of observational health research such as epidemiological studies, disease surveillance, and quality assurance depends on access and use of personal information in the absence of individual consent. Understandably, this raises concerns about personal privacy since sensitive disclosures of information can result in harm such as stigma, discrimination, and loss of socio-economic goods. However, the issue has been largely framed and discussed as a dichotomy: the privacy interest of the individual versus the social interest in research. to individualist paradigm informed by a traditional liberal conception of privacy that emphasizes autonomy drives this dichotomy and inevitably leads to an intractable conflict. In this thesis, I attempt to re-frame the issue by moving away from individualism in shifting the focus towards confidentiality which is relational and founded on trust. I argue that confidentiality is broader than the concern for individual privacy and is thus capable of capturing other relevant interests, such as collective and social interests. I advance a broad conception of confidentiality grounded in a mixed deontic-consequentialist moral framework that can account for respect for persons and social interests. / Thesis / Doctor of Philosophy (PhD)

privacy

confidentiality

health care

observational health research

individual consent

Article IV: Confidentiality Provisions

Pearson, Graham S., Sims, N.A.

January 2000

Yes

BTWC

Biological and Toxin Weapons Convention

Protocol

Article IV

Confidentiality

Confidentiality Among 18- to 24-Year-Old College Students: Exploring Strategies for Optimal Health Care Service Delivery

Tshireletso, Tapedza

20 September 2017

No description available.

Health Sciences

Public Health

Confidentiality

College students

Healthcare

Breaking Privacy in Model-Heterogeneous Federated Learning

Haldankar, Atharva Amit

14 May 2024

Federated learning (FL) is a communication protocol that allows multiple distrustful clients to collaboratively train a machine learning model. In FL, data never leaves client devices; instead, clients only share locally computed gradients or model parameters with a central server. As individual gradients may leak information about a given client's dataset, secure aggregation was proposed. With secure aggregation, the server only receives the aggregate gradient update from the set of all sampled clients without being able to access any individual gradient. One challenge in FL is the systems-level heterogeneity that is quite often present among client devices. Specifically, clients in the FL protocol may have varying levels of compute power, on-device memory, and communication bandwidth. These limitations are addressed by model-heterogeneous FL schemes, where clients are able to train on subsets of the global model. Despite the benefits of model-heterogeneous schemes in addressing systems-level challenges, the implications of these schemes on client privacy have not been thoroughly investigated. In this thesis, we investigate whether the nature of model distribution and the computational heterogeneity among client devices in model-heterogeneous FL schemes may result in the server being able to recover sensitive information from target clients. To this end, we propose two novel attacks in the model-heterogeneous setting, even with secure aggregation in place. We call these attacks the Convergence Rate Attack and the Rolling Model Attack. The Convergence Rate Attack targets schemes where clients train on the same subset of the global model, while the Rolling Model Attack targets schemes where model-parameters are dynamically updated each round. We show that a malicious adversary is able to compromise the model and data confidentiality of a target group of clients. We evaluate our attacks on the MNIST dataset and show that using our techniques, an adversary can reconstruct data samples with high fidelity. / Master of Science / Federated learning (FL) is a communication protocol that allows multiple distrustful users to collaboratively train a machine learning model together. In FL, data never leaves user devices; instead, users only share locally computed gradients or model parameters (e.g. weight and bias values) with an aggregation server. As individual gradients may leak information about a given user's dataset, secure aggregation was proposed. Secure aggregation is a protocol that users and the server run together, where the server only receives the aggregate gradient update from the set of all sampled users instead of each individual user update. In FL, users often have varying levels of compute power, on-device memory, and communication bandwidth. These differences between users are collectively referred to as systems-level (or system) heterogeneity. While there are a number of techniques to address system heterogeneity, one popular approach is to have users train on different subsets of the global model. This approach is known as model-heterogeneous FL. Despite the benefits of model-heterogeneous FL schemes in addressing systems-level challenges, the implications of these schemes on user privacy have not been thoroughly investigated. In this thesis, we investigate whether the nature of model distribution and the differences in compute power between user devices in model-heterogeneous FL schemes may result in the server being able to recover sensitive information. To this end, we propose two novel attacks in the model-heterogeneous setting with secure aggregation in place. We call these attacks the Convergence Rate Attack and the Rolling Model Attack. The Convergence Rate Attack targets schemes where users train on the same subset of the global model, while the Rolling Model Attack targets schemes where model-parameters may change each round. We first show that a malicious server is able to obtain individual user updates, despite secure aggregation being in place. Then, we demonstrate how an adversary can utilize those updates to reverse engineer data samples from users. We evaluate our attacks on the MNIST dataset, a commonly used dataset of handwritten digits and their labels. We show that by running our attacks, an adversary can accurately identify what images a user trained on.

Model-Heterogeneous FL

Secure Aggregation

Privacy

Confidentiality

Gradient Inversion

Telecommunication Network Security

Adeka, Muhammad I., Shepherd, Simon J., Abd-Alhameed, Raed

January 2015

Yes / Our global age is practically defined by the ubiquity of the Internet; the worldwide interconnection of cyber networks that facilitates accessibility to virtually all ICT and other elements of critical infrastructural facilities, with a click of a button. This is regardless of the user’s location and state of equilibrium; whether static or mobile. However, such interconnectivity is not without security consequences. A telecommunication system is indeed a communication system with the distinguishing key word, the Greek tele-, which means "at a distance," to imply that the source and sink of the system are at some distance apart. Its purpose is to transfer information from some source to a distant user; the key concepts being information, transmission and distance. These would require a means, each, to send, convey and receive the information with safety and some degree of fidelity that is acceptable to both the source and the sink. Chapter K begins with an effort to conceptualise the telecommunication network security environment, using relevant ITU-T2* recommendations and terminologies for secure telecommunications. The chapter is primarily concerned with the security aspect of computer-mediated telecommunications. Telecommunications should not be seen as an isolated phenomenon; it is a critical resource for the functioning of cross-industrial businesses in connection with IT. Hence, just as information, data or a computer/local computer-based network must have appropriate level of security, so also a telecommunication network must have equivalent security measures; these may often be the same as or similar to those for other ICT resources, e.g., password management. In view of the forgoing, the chapter provides a brief coverage of the subject matter by first assessing the context of security and the threat-scape. This is followed by an assessment of telecommunication network security requirements; identification of threats to the systems, the conceivable counter or mitigating measures and their implementation techniques. These bring into focus various cryptographic/crypt analytical concepts, vis a vis social engineering/socio-crypt analytical techniques and password management. The chapter noted that the human factor is the most critical factor in the security system for at least three possible reasons; it is the weakest link, the only factor that exercises initiatives, as well as the factor that transcends all the other elements of the entire system. This underscores the significance of social 2*International Telecommunications Union - Telecommunication Standardisation Sector 12 engineering in every facet of security arrangement. It is also noted that password security could be enhanced, if a balance is struck between having enough rules to maintain good security and not having too many rules that would compel users to take evasive actions which would, in turn, compromise security. The chapter is of the view that network security is inversely proportional to its complexity. In addition to the traditional authentication techniques, the chapter gives a reasonable attention to locationbased authentication. The chapter concludes that security solutions have a technological component, but security is fundamentally a people problem. This is because a security system is only as strong as its weakest link, while the weakest link of any security system is the human infrastructure. A projection for the future of telecommunication network security postulates that, network security would continue to get worse unless there is a change in the prevailing practice of externality or vicarious liability in the computer/security industry; where consumers of security products, as opposed to producers, bear the cost of security ineffectiveness. It is suggested that all transmission devices be made GPS-compliant, with inherent capabilities for location-based mutual authentication. This could enhance the future of telecommunication security. / Petroleum Technology Development Fund

Communication

Information

Transmission

Distance

Security

Confidentiality

Integrity

Availability

Authenticity

Access to Government Micro-data for SME Internationalization Research

Niroui, Fariba

January 2012

International entrepreneurship (IE) is “a combination of innovative, proactive and risk-seeking behaviour that crosses national borders and is intended to create value in organizations”. The IE literature has been concerned with entrepreneurial behaviour in multiple countries and cross-border studies of entrepreneurship and international activities of small and medium-sized enterprises (SME). Due to the potential for SMEs to serve as significant sources of export, considerable research has been conducted regarding their internationalization. However, despite attempts to integrate concrete frameworks of international entrepreneurship, some primary issues have not been adequately addressed and IE researchers are faced with challenges including insufficient micro-data for advancing quality research. The main objective of this thesis is to study and explore the limitations on researchers to access governmental data regarding small firms operating internationally and use it for scientific purposes. Despite company data being compiled and publicly available in some countries, such as Germany, other countries, including Canada, have not made any such efforts in a coherent way. There is a significant disconnect in the Canadian context between internationalization and firms’ data. This shortcoming may stem from various sources, including the legal framework in Canada for accessing data and a lack of sufficient financial support and expertise to gather and integrate such data. Furthermore, the type of data available to the research community through statistical institutions were identified and analyzed, as were access methods. With the increasing interest of researchers in accessing data gathered by the government, the formation of anonymized records or anonymized micro-datasets has acquired great importance. Therefore, the primary approach is to explore the extent to which data regarding firms’ characteristics and internationalization activities are currently available to the research community, as well as to ensure the confidentiality of official statistics, most notably in the Canadian context. The research resulted in the confirmation of data availability in Canada through government and statistical organizations. The latter bodies can provide researchers and research organizations access to some data but limitations arise in providing micro-datasets to researchers due to confidentiality issues; these constraints were identified and further analyzed. Moreover, this research has studied methods to overcome these limitations and assess the shortcomings in micro-data in order to advance quality research. Methods and recommendations were introduced and studied to allow researchers access to essential data and information while maintaining confidentiality.

International Entrepreneurship

Small and Medium-sized Enterprises

Internationalization

Government Micro-data

Business Micro-data

Micro-data Confidentiality

Confidentiality Protection

Management Sciences

Access to Government Micro-data for SME Internationalization Research

Niroui, Fariba

January 2012

International entrepreneurship (IE) is “a combination of innovative, proactive and risk-seeking behaviour that crosses national borders and is intended to create value in organizations”. The IE literature has been concerned with entrepreneurial behaviour in multiple countries and cross-border studies of entrepreneurship and international activities of small and medium-sized enterprises (SME). Due to the potential for SMEs to serve as significant sources of export, considerable research has been conducted regarding their internationalization. However, despite attempts to integrate concrete frameworks of international entrepreneurship, some primary issues have not been adequately addressed and IE researchers are faced with challenges including insufficient micro-data for advancing quality research. The main objective of this thesis is to study and explore the limitations on researchers to access governmental data regarding small firms operating internationally and use it for scientific purposes. Despite company data being compiled and publicly available in some countries, such as Germany, other countries, including Canada, have not made any such efforts in a coherent way. There is a significant disconnect in the Canadian context between internationalization and firms’ data. This shortcoming may stem from various sources, including the legal framework in Canada for accessing data and a lack of sufficient financial support and expertise to gather and integrate such data. Furthermore, the type of data available to the research community through statistical institutions were identified and analyzed, as were access methods. With the increasing interest of researchers in accessing data gathered by the government, the formation of anonymized records or anonymized micro-datasets has acquired great importance. Therefore, the primary approach is to explore the extent to which data regarding firms’ characteristics and internationalization activities are currently available to the research community, as well as to ensure the confidentiality of official statistics, most notably in the Canadian context. The research resulted in the confirmation of data availability in Canada through government and statistical organizations. The latter bodies can provide researchers and research organizations access to some data but limitations arise in providing micro-datasets to researchers due to confidentiality issues; these constraints were identified and further analyzed. Moreover, this research has studied methods to overcome these limitations and assess the shortcomings in micro-data in order to advance quality research. Methods and recommendations were introduced and studied to allow researchers access to essential data and information while maintaining confidentiality.

International Entrepreneurship

Small and Medium-sized Enterprises

Internationalization

Government Micro-data

Business Micro-data

Micro-data Confidentiality

Confidentiality Protection

Management Sciences

CRM-system och utmaningar för dataskydd inom detaljhandel

Radvärn, Johan

January 2021

The purpose of this study is to investigate what new challenges CRM systems, Customer Relationship Management, have for the protection of personal data and security in retail. Today's IT development offers companies effective solutions for acquiring new customers and for retaining current customers. IT solutions such as data collection, data storage and analysis of data in real time are just a few examples of what a successfully implemented IT system can offer. CRM systems are the overall IT system solution that companies use, or show interest in using, to be competitive and ultimately achieve higher profits. The method chosen for this study is the research philosophy of pragmatism because it enables the use of different research methods which give a more accurate result. The study is mainly based on surveys and interviews and therefore both qualitative and quantitative methods are used. This study has examined four important variables, ie Privacy, Confidentiality, Integrity and Data Protection, to interpret and explain how these significantly affect the protection of personal data in the retail trade. Another result that emerged from the study is that the overall goal of CRM systems is to develop a strong and long-term customer relationship that minimizes costs and improves efficiency to meet and meet customer needs. Finally, the results of the study show that there is a great deal of awareness about the protection of personal data among consumers and in doing so it is concluded that the lack of protection of personal data among companies will lead to consumers choosing to leave companies. / Syftet med denna studie är att undersöka vilka nya utmaningar CRM-system, Customer Relationship Management, har för skyddet av personliga data och säkerhet inom detaljhandeln. Dagens IT-utveckling erbjuder företagen effektiva lösningar för att skaffa nya kunder samt för att behålla aktuella kunder. IT-lösningar såsom datainsamling, datalagring och analys av data i realtid är bara några exempel på vad ett lyckat implementerat IT-system kan erbjuda. CRM-system är den övergripande IT-systemlösningen som företagen använder, eller visar intresse för att använda, för att vara konkurrenskraftiga och slutligen uppnå högre vinster. Metoden som valts för denna studie är pragmatismens forskningsfilosofi eftersom den möjliggör användningen av olika forskningsmetoder vilka ger ett mer rättvisande resultat. Studien bygger huvudsakligen på undersökningar och intervjuer och därför används både kvalitativa och kvantitativa metoder. Denna studie har undersökt fyra viktiga variabler, det vill säga Privacy, Confidentiality, Integrity och Data Protection för att tyda och förklara hur dessa på ett väsentligt sätt påverkar skyddet av personliga data inom detaljhandeln. Ett till resultat som framkommit av studien är att det övergripande målet med CRM-system är att utveckla en stark och långsiktig kundrelation som minimerar kostnaderna och förbättrar effektiviteten för att möta och tillgodose kundens behov. Slutligen visar resultaten från studien att det finns stor medvetenhet kring skyddet av personliga data hos konsumenterna och därvid dras slutsatsen att det bristande skydd av personliga data hos företagen kommer att leda till att konsumenterna väljer att lämna företagen

Retail

Privacy

Confidentiality

Integrity

Data Protection and CRM

Detaljhandel

Privacy

Confidentiality

Integrity

Data Protection och CRM

Computer Sciences

Datavetenskap (datalogi)

Tystnadsplikt och en “professionell sköld” : - En kvalitativ studie om kuratorers och prästers upplevelser av att arbeta under tystnadsplikt.

Albihn, Ellen, Bäckström Östrand, Moa

January 2023

Syftet med denna kvalitativa studie är att undersöka yrkesverksamma kuratorers och prästers upplevelser och erfarenheter av att arbeta under tystnadsplikt. Utgångspunkten är att synliggöra och diskutera prästernas absoluta tystnadsplikt jämfört med kuratorernas tystnadsplikt som har vissa undantag. Empirin har samlats in genom semistrukturerade intervjuer med sex respondenter, tre från respektive yrkesgrupp. Empirin har sedan analyserats utifrån Hochschilds teori om emotionellt lönearbete samt Lazarus och Folkmans teori om coping. Studiens resultat visar att de olika typerna av tystnadsplikt både har för- och nackdelar och där stor vikt läggs vid de förväntningar som fanns innan de yrkesverksamma tog sig an rollen som kurator respektive präst. Båda yrkesgrupperna är nöjda med hur deras tystnadsplikt är utformad och de har funnit strategier för att hantera problem och känslor som kan uppstå relaterat till deras respektive tystnadsplikt. / The purpose of this qualitative study is to investigate the experiences of professional curators and priests in working under confidentiality. The starting point is to make visible and discuss the priests' absolute confidentiality compared to the curators' confidentiality, which has certain exceptions. The empirical data has been collected through semi-structured interviews with six respondents, three from each professional group. The empirical data has then been analyzed based on Hochschild's theory of emotional labor and Lazarus and Folkman's theory of coping. The results of the study show that the different types of confidentiality both have advantages and disadvantages, and where great emphasis is placed on the expectations that existed before the professionals took on the role of curator or priest. Both professional groups are satisfied with how their confidentiality is designed and they have found strategies to deal with problems and feelings that may arise related to their respective confidentiality.

Professional confidentiality

absolute confidentiality

coping

emotional labor.

Tystnadsplikt

absolut tystnadsplikt

coping

emotionellt lönearbete.

Social Work

Socialt arbete