Global ETD Search

321	Regulating Data in the European Union and United States: Privacy, Access, Portability & APIs Woodall, Angela January 2023 (has links) This dissertation examines the way that demands for more control over the collection, processing, and sharing of personal data are being managed by both government and industry leaders with strategies that appear to comply with regulations, but that fail to do so. These are “by-design” strategies used by individuals to unilaterally manage their data with automated tools. I take a multimethod approach that combines autoethnography, reverse engineering techniques, and data analysis to assess the implementation of by-design services implemented by Facebook, Twitter, and Instagram in compliance with current European Union regulations for access and portability. I also employ archival research, discourse analysis, interviews, and participant observation. I argue that self-led, by-design approaches do not answer the demands for more control over personal data. The regulatory and technical resources put in place for individuals to control their data are not effective because they turn over decisions about execution to an industry with no interest in sharing that data or being regulated. If policymakers continue to pursue by-design approaches, they will need to learn how to test the techniques, and the execution of the techniques, provided by industry. They will need to assess the impact on data that is made available. So that results can be evaluated, by-design tools like the ones I assessed must be accompanied by clear and detailed details about design choices and procedures. In this vein, I offer directions for critical scrutiny, including standards and measuring the impact of APIs. I conclude that self-managed, by-design approaches are not the source of the problem. But they are a symptom of the need for critical scrutiny over the execution of tools like the ones offered by Facebook, Twitter, and Instagram. Ultimately, I found that portability and access are legally and technically fraught. However, despite the shortcomings of by-design approaches, personal data can be more effectively regulated in Europe than in the United States as the result of current regulations. Communication Data protection--Government policy Personal information management Privacy Facebook (Firm) Twitter (Firm)
322	Priority-Based Data Transmission in Wireless Networks using Network Coding Ostovari, Pouya January 2015 (has links) With the rapid development of mobile devices technology, they are becoming very popular and a part of our everyday lives. These devices, which are equipped with wireless radios, such as cellular and WiFi radios, affect almost every aspect of our lives. People use smartphone and tablets to access the Internet, watch videos, chat with their friends, and etc. The wireless connections that these devices provide is more convenient than the wired connections. However, there are two main challenges in wireless networks: error-prone wireless links and network resources limitation. Network coding is widely used to provide reliable data transmission and to use the network resources efficiently. Network coding is a technique in which the original packets are mixed together using algebraic operations. In this dissertation, we study the applications of network coding in making the wireless transmissions robust against transmission errors and in efficient resource management. In many types of data, the importance of different parts of the data are different. For instance, in the case of numeric data, the importance of the data decreases from the most significant to the least significant bit. Also, in multi-layer videos, the importance of the packets in different layers of the videos are not the same. We propose novel data transmission methods in wireless networks that considers the unequal importance of the different parts of the data. In order to provide robust data transmissions and use the limited resources efficiently, we use random linear network coding technique, which is a type of network coding. In the first part of this dissertation, we study the application of network coding in resource management. In order to use the the limited storage of cache nodes efficiently, we propose to use triangular network coding for content distribution. We also design a scalable video-on-demand system, which uses helper nodes and network coding to provide users with their desired video quality. In the second part, we investigate the application of network coding in providing robust wireless transmissions. We propose symbol-level network coding, in which each packet is partitioned to symbols with different importance. We also propose a method that uses network coding to make multi-layer videos robust against transmission errors. / Computer and Information Science Computer Science Network Coding Performance Evaluation Triangular Network Coding Unequal Data Protection Wireless Networks
323	Adults who grew up in care: constructing the self and accessing care files. Horrocks, Christine, Goddard, James A. January 2006 (has links) No / Past research on care leavers has, understandably, tended to focus on those who are in their mid- to late-teens or early 20s. This reflects the profound impact of central and local government policy on those young people. It also reflects their prominence in contemporary analyses of most of the indicators of social exclusion among young people in the UK - unemployment, homelessness and lack of educational qualifications among them. However, some issues affecting adults who grew up in care apply across the life course. One such issue is the access that former care adults have to their child care files. Indeed, as we shall see, this issue has particular importance for many older adults (in their 30s and upwards). Policy and practice in this field has changed significantly during the past 20¿years and there is a growing awareness of the needs of former care adults in this area. Access to such files can be a significant element in the process of seeking to address identity concerns centring around family and childhood experiences. This paper explores some of these identity concerns and analyses how access to care files both reflects such concerns and attempts to address them. Access Care files Childhood Data Protection Act 1998 Leaving care Social Services Memory
324	Compliance to GDPR Data Protection and Privacy in Artificial Intelligence Technology: Legal and Ethical Ramifications in Malaysia Kamaruddin, S., Mohammad, A.M., Mohd Saufi, N.N., Wan Rosli, Wan R., Othman, M.B., Hamin, Z. 25 September 2023 (has links) No / AI is becoming increasingly important in cybersecurity. AI-based products detect risks and secure systems and data. Cybercriminals can use technology to launch more sophisticated attacks. AI-based security is in demand due to cyberattacks. With the adoption of AI technology, GDPR requires most countries to have legal measures to protect their citizens' data and privacy. Data protection and privacy issues arise when using AI technology. AI use must comply with GDPR, including obtaining consent for data processing, ensuring data accuracy, and giving individuals the right to access, correct, or delete their data. Organisations must also be transparent about how their AI makes decisions and not discriminate against individuals or groups. This study examines Malaysia's GDPR compliance on AI usage, data protection, and privacy in light of current concerns. This study analyses primary and secondary sources using doctrinal research. In 2022, Malaysia's banking, healthcare, and telecommunications sectors were hit by data breaches, indicating that AI is increasing data breaches. Thus, the government must examine citizen data protection and privacy concerns and re-examine its governance, including legal and regulatory mechanisms, to see if it conforms to international norms and consider reforms. / This research was supported by the Ministry of Education (MOE) through the Fundamental Research Grant Scheme (FRGS/1/2020/SSI0/UPSI/02/12). Computer crime Data governance Law Legislation Data protection GDPR Artificial intelligence Privacy Malaysia
325	A protection model for distributed data base management systems Laribi, Atika January 1985 (has links) Security is important for Centralized Data Base Management Systems (CDBMS) and becomes crucial for Distributed Data Base Management Systems (DDBMS) when different organizations share information. Secure cooperation can be achieved only if each participating organization is assured that the data it makes available will not be abused by other users. In this work differences between CDBMS and DDBMS that characterize the nature of the protection problem in DDBMS are identified. These differences are translated into basic protection requirements. Policies that a distributed data base management protection system should allow are described. The system proposed in this work is powerful enough to satisfy the stated requirements and allow for variations on the policies. This system is a hybrid one where both authorizations and constraints can be defined. The system is termed hybrid because it combines features of both open and closed protection systems. In addition the hybrid system, although designed to offer the flexibility of discretionary systems, incorporates the flow control of information between users, a feature found only in some nondiscretionary systems. Furthermore, the proposed system is said to be integrated because authorizations and constraints can be defined on any of the data bases supported by the system including the data bases containing the authorizations, and the constraints themselves. The hybrid system is incorporated in a general model of DDBMS protection. A modular approach is taken for the design of the model. This approach allows us to represent the different options for the model depending on the set of policy choices taken. Three levels of abstraction describing different aspects of DDBMS protection problems are defined. The conceptual level describes the protection control of the DDBMS transactions and information flows. The logical level is concerned with the interaction between the different organizations participating in the DDBMS. The physical level is involved with the architectural implementation of the logical level. / Ph. D. LD5655.V856 1985.L374 Database management Data protection
326	Software-related challenges in Swedish healthcare through the lens of incident reports: A desktop study Md Shafiqur Rahman, Jabin,, Pan, D. 25 September 2023 (has links) Yes / To identify a subset of software issues occurring in daily Swedish healthcare practice and devise a set of local solutions to overcome the challenges. Methods: A sample of 46 incident reports was collected from one of Sweden's national incident reporting repositories, ranging from June 2019 to December 2021. The reports were first subjected to an algorithm to identify if they were health information technology-related incidents and were analysed using an existing framework, i.e., the Health Information Technology Classification System, to identify the software-related incidents. The incidents associated with software issues were then subjected to thematic analysis, in which themes were extracted and presented under the category assigned by the existing framework used. Results: Of 46 reports, 45 (with one exception) were included using the algorithm. Of 45 incidents, 31 software-related incidents were identified using the classification system. Six types of software issues were identified, including software functionality (n = 10), interface with other software systems or components (n = 10), system configuration (n = 7), interface with devices (n = 2), record migration (n = 1) and increased volume of transactions (n = 1). Each issue was further categorised into different themes; for example, software interface-related problems were grouped into ‘two patients being active in the system simultaneously’ (n = 6) and ‘transfer of patient information’ (n = 4). Conclusions: The study provided some insights into software issues and relevant consequences. A set of local solutions were devised to overcome the present challenges encountered in Swedish healthcare in their daily clinical practice. Systematic identification and characterisation of such software challenges should be a routine part of clinical practice for all major health information technology implementations. / This work has been part of being an Affiliated Researcher at the Department of Medicine and Optometry, Linnaeus University, Sweden. A publishing grant was received from Linnaeus University as a part of the University Library's research support. Software interface System configuration System design Data protection legislation Software functionality Decision-support system
327	Protection of security information within goverments department in South Africa Nkwana, Mokata Johannes 02 1900 (has links) The protection of security information in government departments requires the active engagement of executive management to assess emerging threats and provide strong security risk control measures. For most government departments, establishing effective protection of security information is a major initiative, given the often continuous, strategic nature of typical security efforts. This requires commitments or support from senior management and adequate resources. It necessitates the elevation of information security management to positions of authority commensurate to the required responsibilities. This has been the trend in recent years as government departments are increasingly dependent on their information assets and resources, while threats and disruptions continue to escalate in frequency and cost. It is clear from numerous recent studies that organisations that have taken the steps described in this research document and have implemented effective information security risk control measures have achieved significant results in reduced losses and improved resource management. Given the demonstrable benefits, it is surprising that there have not been greater progress in effectively managing information assets. Although regulatory compliance has been a major driver in improving the protection of security information overall, this study has also shown that nearly half of all government departments are failing to initiate meaningful compliance efforts. Failure to address the identified vulnerabilities by government departments will result in espionage, covert influencing manipulation, fraud, sabotage and corruption. Information security risk control measures include the elements required to provide senior management assurance that its direction and intent are reflected in the security posture of the organisation by utilising a structured approach to implement an information security programme. Once those elements are in place, senior management can be confident that adequate and effective protection of security information will protect, as far as possible, the department’s vital information assets. / Criminology and Security Science / M.Tech (Security Management) Government department Information security Protective security 352.387682 Data protection -- South Africa Data protection
328	Redéfinir la notion de donnée personnelle dans le contexte des nouvelles technologies de l'Internet / Redefining Personal Information in the Context of the Internet Gratton, Eloïse 30 October 2012 (has links) Vers la fin des années soixante, face à l’importance grandissante de l’utilisation des ordinateurs par les organisations, une définition englobante de la notion de donnée personnelle a été incorporée dans les lois en matière de protection de données personnelles (« LPDPs »). Avec Internet et la circulation accrue de nouvelles données (adresse IP, données de géolocalisation, etc.), il y a lieu de s’interroger quant à l’adéquation entre cette définition et cette réalité. Aussi, si la notion de donnée personnelle, définie comme étant « une donnée concernant un individu identifiable » est toujours applicable à un tel contexte révolutionnaire, il n’en demeure pas moins qu’il importe de trouver des principes interprétatifs qui puissent intégrer ces changements factuels. La présente thèse vise à proposer une interprétation tenant compte de l’objectif recherché par les LPDPs, à savoir protéger les individus contre les risques de dommage découlant de la collecte, de l’utilisation ou de la divulgation de leurs données. Alors que la collecte et la divulgation des données entraîneront surtout un risque de dommage de nature subjective (la collecte, un sentiment d’être sous observation et la divulgation, un sentiment d’embarras et d’humiliation), l’utilisation de ces données causera davantage un dommage objectif (dommage de nature financière, physique ou discriminatoire). La thèse propose plusieurs critères qui devraient être pris en compte pour évaluer ce risque de dommage ; elle servira de guide afin de déterminer quelles données doivent être qualifiées de personnelles, et fera en sorte que les LPDPs soient le plus efficaces possibles dans un contexte de développements technologiques grandissants. / In the late sixties, with the growing use of computers by organizations, a very broad definition of personal information as “information about an identifiable individual” was elaborated and has been incorporated in data protection laws (“DPLs”). In more recent days, with the Internet and the circulation of new types of information (IP addresses, location information, etc), the efficiency of this definition may be challenged. This thesis aims at proposing a new way of interpreting personal information. Instead of using a literal interpretation, an interpretation which takes into account the purpose behind DPLs will be proposed, in order to ensure that DPLs do what they are supposed to do: address or avoid the risk of harm to individuals triggered by organizations handling their personal information. While the collection or disclosure of information may trigger a more subjective kind of harm (the collection, a feeling of being observed and the disclosure, embarrassment and humiliation), the use of information will trigger a more objective kind of harm (financial, physical, discrimination, etc.). Various criteria useful in order to evaluate this risk of harm will be proposed. The thesis aims at providing a guide that may be used in order to determine whether certain information should qualify as personal information. It will provide for a useful framework under which DPLs remain efficient in light of modern technologies and the Internet. Renseignements personnels Données personnelles Protection Vie privée Internet Risque de dommage Interprétation Definition of personal information Data protection Privacy Internet Risk of harm Purpose of data protection laws Interprétation
329	An empirical study of the impact of the Personal Data (Privacy) Ordinance on human resource management. January 1998 (has links) by Fung Cheuk-Hing, Wang Suk-Ching Anita. / Thesis (M.B.A.)--Chinese University of Hong Kong, 1998. / Includes bibliographical references (leaves 87-89). / ABSTRACT --- p.ii / TABLE OF CONTENTS --- p.iii / LIST OF TABLES --- p.vi / LIST OF ABBREVIATIONS --- p.vii / ACKNOWLEDGMENT --- p.viii / Chapter / Chapter I. --- INTRODUCTION --- p.1 / Chapter II. --- LITERATURE REVIEW --- p.4 / Privacy Protection Act --- p.4 / A Survey of Privacy in the Workplace --- p.5 / Chapter III. --- PERSONAL DATA (PRIVACY) ORDINANCE --- p.8 / Events that led to the Enactment of the Ordinance --- p.8 / An Overview of the Ordinance --- p.10 / Chapter IV. --- METHODOLOGY --- p.14 / Chapter V. --- RESULTS --- p.17 / Privacy Commissioner's Office (PCO) --- p.17 / The Hong Kong Institute of Human Resource Management (IHRM) --- p.23 / Bank A --- p.26 / Recruitment and Selection --- p.26 / References --- p.27 / Employee Records --- p.28 / Data Relating to Ex-employees --- p.28 / Training and Development --- p.29 / Compensation and Benefits --- p.30 / Data Storage and Security --- p.30 / Data Transfer and Transmission --- p.30 / Appraisal and Potential Assessment --- p.30 / Disciplinary Records --- p.31 / Exit Interview --- p.31 / Others --- p.32 / Bank B --- p.33 / Recruitment and Selection --- p.33 / References --- p.34 / Employee Records --- p.34 / Data Relating to Ex-employees --- p.35 / Training and Development --- p.35 / Compensation and Benefits --- p.35 / Data Storage and Security --- p.35 / Data Transfer and Transmission --- p.36 / Appraisal and Potential Assessment/Disciplinary Records --- p.36 / Exit Interview --- p.36 / Others --- p.36 / Bank C --- p.37 / Recruitment and Selection --- p.38 / References --- p.38 / Employee Records --- p.38 / Data Relating to Ex-employees --- p.39 / Training and Development --- p.39 / Compensation and Benefits --- p.39 / Data Storage and Security --- p.39 / Data Transfer and Transmission --- p.40 / Appraisal and Potential Assessment --- p.40 / Disciplinary Records --- p.40 / Exit Interview --- p.40 / Others --- p.41 / Chapter VI. --- ANALYSIS OF RESULTS --- p.43 / "Overview of Bank A, B and C's Interview Results" --- p.43 / Evaluation on Compliance Level --- p.45 / Recruitment and Selection --- p.46 / References --- p.47 / Employee Records --- p.48 / Data Relating to Ex-employees --- p.48 / Training and Development --- p.49 / Compensation and Benefits --- p.49 / Data Storage and Security --- p.50 / Data Transfer and Transmission --- p.50 / Appraisal and Potential Assessment/Disciplinary Records --- p.50 / Exit Interview --- p.50 / General --- p.50 / Dynamics Between the PCO and Human Resource Practitioners --- p.51 / Dynamics Between the PCO and IHRM --- p.53 / Dynamics Between IHRM and Human Resource Practitioners --- p.53 / Comparison with Linowes' Survey Results --- p.54 / Chapter VII. --- RECOMMENDATIONS --- p.56 / Privacy Commissioner's Office (PCO) --- p.56 / The Hong Kong Institute of Human Resource Management (IHRM) --- p.57 / "Bank A, B and C" --- p.57 / Chapter VIII. --- LIMITATIONS --- p.59 / IX. CONCLUSIONS --- p.60 / APPENDIX --- p.62 / BIBLIOGRAPHY --- p.87 Privacy, Right of Privacy, Right of--China--Hong Kong Data protection--Law and legislation Banks and banking--Personnel management
330	MiniCA: A web-based certificate authority Macdonell, James Patrick 01 January 2007 (has links) The MiniCA project is proposed and developed to address growing demand for inexpensive access to security features such as privacy, strong authentication, and digital signatures. These features are integral to public-key encryption technologies. The audience for whom the software project is intended includes, technical staff requiring certificates for use in SSL applications (i.e. a secure web-site) at California State University, San Bernardino. Computer networks Security measures Computer networks Access control Public key cryptography Data encryption (Computer science) Data protection Computer networks Access control Computer networks Security measures Data encryption (Computer science) Data protection Public key cryptography. Information Security

Search results