Examining the Impact of E-privacy Risk Concerns on Citizens' Intentions to use E-government Services: An Oman Perspective

d.alabri@murdoch.edu.au, Dhiyab Al Abri

January 2009

E-privacy concerns are among the online transactions risks that influence the use of e-services and e-government services. Whilst there have been studies that have analysed the impact of e-privacy on the willingness of people to utilize the Internet, especially in e-commerce, there has been limited research in relation to e-government services for a specific demographic group. This study has examined the impact of e-privacy risk concerns on the acceptance of e-government services in Oman using an integrated model. The model is based on Liu et al.‟s (2005) privacy-trust-behavioral intention model, the broader technology acceptance literature, and recent work on e-privacy awareness and protection. The research used both quantitative and qualitative approaches: data collection by questionnaire and a series of semi-structured interviews. The sampling frame for the study was civil services government employees in Oman. The model was tested using partial least squares and the results were compared to those obtained from the interview data. The study found that e-privacy awareness significantly impacts the level of e-privacy risk concerns. Social norms and perceived usefulness were found to play a significant role in influencing the intention to use e-government services. The study also found that e-privacy concerns and perceptions of the protection available against risks influence citizens‟ intentions to use e-government services via their influence on the perceived trustworthiness of these services. Thus trustworthiness is a factor that could be an obstacle to successful e-government services project implementation. Therefore the thesis recommends that governments pay greater attention to the role of e-privacy concerns and put in place security and e-privacy controls. Citizens should then be made aware of these in order to build the required level of trust and confidence in these services.

E-privacy Risk Concerns

Trustworthiness of E-government Services

E privacy Protection

Oman

E-privacy Awareness

Privacy issues in health care and security of statistical databases

King, Tatiana

January 2008

Research Doctorate - Doctor of Philosophy (PhD) / Privacy of personal information is becoming a major problem in health care, in the light of coming implementation of electronic health record (EHR)systems. There is evidence of increasing public concern over privacy of personal health information that is to be stored in EHRs and widely used within the interconnected systems. The issues for the health care system include inadequate legislation for privacy in health care, as well as deficiency of effective technical and security measures. The work in the thesis is part of a larger project which aims to offer a comprehensive set of new techniques for protection of confidential individual's health data used for statistical purposes. The research strategy is to explore concerns about privacy in relation to legislation, attitudes to health care and technical protections in statistical databases. It comprised two different approaches: * content analysis of legal frameworks addressing protection of privacy in Australian health care, and * social research to explore privacy concerns in health care by Australians 18 years and over. This thesis presents a new multi-stage research to explore privacy concerns in health care raised by the development of EHR systems. Stage one involved 23 participants within four focus groups. Stage two was a national sample survey conducted with 700 respondents 18 years and over. The results of analysis are presented. They are compared with the results of other studies. The main findings of this thesis are: * revealing the main inadequacies in the Australian legal system for protecting privacy of health information in electronic health records; * determining characteristics of people who have concerns about the privacy of their health information; * identifying items of a health record which have to be protected and some reasons for that. The findings of the study will assist with the decision and solution for appropriate technical measures in statistical databases as well as issues of inadequacy in the existing privacy legislation. Furthermore, the work in this thesis confirmed a low awareness of public in relation to statistical use of personal health information and a low level of trust to automated systems of electronic health records which are initiated by the government. In conclusion, attitude towards privacy depends on individual's characteristics but also on existing legislation, public's awareness of this legislation,the means of resolving complaints, and awareness of technical means for privacy protection. Therefore, it is important to educate public in order for EHR system function to the full of its potential and the future innovations of information technology to strengthen health care and medical research.

medical research

privacy

privacy protection

statistical databases

public's attitude towards privacy

health care

Distributed Electronic Health Record System based on Middleware

Xin, Zhang

January 2013

With the fast development of information technology, traditional healthcare is evolving to a more digital and electronic stage. Electronic HealthRecord (EHR) is residents’ basic information and health care relatedinformation conforming to standard. It can not only provide usefulinformation to medical workers, but also exchange resources with otherinformation systems. But with the growing complexity of electronichealth record data sources, it becomes a big challenge to set up a structurewhich allows different types of data sharing and exchanging inmulti-platform applications. It’s even more important to find out amethod to support great amount of users from different applicationplatform to sharing and exchanging data at the same time.In this paper, we proposed a distributed electronic health record systembased on middleware to address the problem. Both permanent and realtimedata should pass through the middleware provided by the system,and will be transformed into standard format for storage. Multi-threadand distributed server group design will let the system be more flexibleand scalable, and will be able to provide service to users concurrently.The system creates a standard data format for data transferring andstorage. All raw data collected from different kinds of sensor system willbe formatted with application programming interface (API) or softwaredevelopment kit (SDK) system provided before upload to the system.Encryption methods are also implemented to ensure data security andprivacy protection.

electronic health record

distributed system

middleware

privacy protection

Computer Engineering

Datorteknik

Darknet sítě jako způsob ochrany soukromí uživatelů internetu / Darknet networks as a way of protecting internet users' privacy

Plevný, Marek

January 2017

In this age when information technologies became inseparable parts of our lives we can hardly imagine for example living without internet. There is a phenomenon connected with internet and that is large scale collection of data about internet users and their activities. Because of this fact, it is important to protect our internet privacy as a very important aspect of our lives. This work examines large scale collection of data about users internet activities. During this work, different methods and reasons for this largescale data collection are examined. Later, different ways how internet users are protected by law or how they can protect themselves are examined. One of the ways how internet users can protect their internet privacy is by using so-called anonymizing networks connected with a phenomenon called Darknet. This work examines if it is possible by ordinary internet users to adapt this method of internet privacy protection.

Protecting User Privacy with Social Media Data and Mining

January 2020

abstract: The pervasive use of the Web has connected billions of people all around the globe and enabled them to obtain information at their fingertips. This results in tremendous amounts of user-generated data which makes users traceable and vulnerable to privacy leakage attacks. In general, there are two types of privacy leakage attacks for user-generated data, i.e., identity disclosure and private-attribute disclosure attacks. These attacks put users at potential risks ranging from persecution by governments to targeted frauds. Therefore, it is necessary for users to be able to safeguard their privacy without leaving their unnecessary traces of online activities. However, privacy protection comes at the cost of utility loss defined as the loss in quality of personalized services users receive. The reason is that this information of traces is crucial for online vendors to provide personalized services and a lack of it would result in deteriorating utility. This leads to a dilemma of privacy and utility. Protecting users' privacy while preserving utility for user-generated data is a challenging task. The reason is that users generate different types of data such as Web browsing histories, user-item interactions, and textual information. This data is heterogeneous, unstructured, noisy, and inherently different from relational and tabular data and thus requires quantifying users' privacy and utility in each context separately. In this dissertation, I investigate four aspects of protecting user privacy for user-generated data. First, a novel adversarial technique is introduced to assay privacy risks in heterogeneous user-generated data. Second, a novel framework is proposed to boost users' privacy while retaining high utility for Web browsing histories. Third, a privacy-aware recommendation system is developed to protect privacy w.r.t. the rich user-item interaction data by recommending relevant and privacy-preserving items. Fourth, a privacy-preserving framework for text representation learning is presented to safeguard user-generated textual data as it can reveal private information. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2020

Artificial intelligence

Computer science

Machine Learning

Privacy Protection

Social Media Mining

User Behavioral Modeling

GDPR - Are We Ready? A Comparative and Explorative Study of the Changes in Personal Data Privacy and Its Impact on ICT Companies

Therése Nielsen, Johannes Wind

January 2018

Personlig data genomsyrar hela vårt samhälle och hanteras digitalt via informationsteknologi. Detta försvårar för individer att ha kontroll över den personliga data som hanteras av företag. Den 25 maj 2018 ersätts den svenska Personuppgiftslagen (PuL) med den nya Dataskyddsförordningen GDPR. Förordningen är utformad för att sätta en enhetlig standard gällande hur vi samlar in, hanterar och delar europeiska medborgares personliga data. Den här forskningen är uppdelad i två steg. I det första steget genomförs en komparativ undersökning av de två lagtexterna för att identifiera de nya lagkraven som Dataskyddsförordningen medför. I det andra steget används resultatet från den komparativa jämförelsen som grund för en explorativ undersökning av hur ICT-företag förbereder sig inför de nya lagkraven. Vårt resultat visar att de deltagande ICT-företagen förbereder sig genom att implementera nya processer och åtgärder för att följa förordningen. Inga av de deltagande företagen är vid tiden av denna undersökning fullständigt kompatibla med de krav den nya förordningen ställer. Vår forskning visar att svårigheterna med att bli fullständigt kompatibel ligger i bristen på resurser och tvetydigheten i tolkningen av förordningen. / Personal data flows through our entire society in the shape of technological processing. This makes it difficult for individuals to have control over their personal data being processed by companies. On the 25th of May 2018 the Swedish Personal Data Act (PuL) is replaced by the General Data Protection Regulation (GDPR). The regulation is designed to set a uniform standard with regards to the way we collect, use and share personal data of European citizens. This research uses a two-step research approach. The first step is to perform a comparative legal research to identify the new requirements that comes with the upcoming Regulation in relation to the current Swedish legislation. The second step is to use the findings of the comparative legal research as a foundation for an explorative survey of how ICT companies are preparing for the new requirements of the GDPR. Our result shows that the participating ICT companies are preparing by implementing new processes and measures in order to comply with the Regulation. Additionally, all of the participating companies are at the time of our research not fully compliant with the Regulation. Our research concludes that the difficulties in achieving full compliance lies in the lack of resources and ambiguities of the interpretation of the Regulation.

GDPR

PuL

Personal Data

Privacy Protection

GDPR-compliance

ICT Companies

Engineering and Technology

Teknik och teknologier

Web browser privacy: Popular desktop web browsers ability to continuously spoof their fingerprint

Henningsson, Sebastian, Karlsson, Anton

January 2022

Background. Web tracking is a constant threat to our privacy when browsing the web. There exist multiple methods of tracking, but browser fingerprinting is more elusive and difficult to control. Browser fingerprinting works by a website collecting all kinds of browser and system information on visiting clients and then combining those into one set of information that can uniquely identify users. Objectives. In this thesis, we tested three of today's most used web browsers for the desktop platform to determine their ability to utilize one type of countermeasure, attribute spoofing. We aimed at determining how the browsers perform in two cases. The first case is when running with a default configuration. The second case is when the attribute spoofing is improved with the help of both altered settings and installed extensions. We also aimed at determining if the choice of browser matters in this aspect. Methods. The method for determining these goals was to conduct an experiment to collect 60 fingerprints from each browser and determine the effectiveness of the attribute spoofing via a weight-based system. We also used statistics to see the value range for spoofed attributes and to determine if any browser restart is required for certain spoofing to occur. Results. Our results show little to no attribute spoofing when browsers run in their default configuration. However, significant improvements were made through anti-fingerprint extensions. Conclusions. Our conclusion is, if the tested browsers' do not utilize any other type of countermeasure than attribute spoofing, using browsers at their default configuration can result in a user being alarmingly vulnerable to browser fingerprinting. Installing extensions aimed at improving our protection is therefore advised.

Web Browsers

Browser Fingerprinting

Privacy

Privacy Protection

Computer Sciences

Datavetenskap (datalogi)

Spectrum Management Issues in Centralized and Distributed Dynamic Spectrum Access

Lin, Yousi

22 July 2021

Dynamic spectrum access (DSA) is a powerful approach to mitigate the spectrum scarcity problem caused by rapid increase in wireless communication demands. Based on architecture design, DSA systems can be categorized as centralized and distributed. To successfully enable DSA, both centralized and distributed systems have to deal with spectrum management issues including spectrum sensing, spectrum decision, spectrum sharing and spectrum mobility. Our work starts by investigating the challenges of efficient spectrum monitoring in centralized spectrum sensing. Since central controllers usually require the presence information of incumbent users/primary users (IUs) for decision making, which is obtained during spectrum sensing, privacy issues of IUs become big concerns in some DSA systems where IUs have strong operation security needs. To aid in this, we design novel location privacy protection schemes for IUs. Considering the general drawbacks of centralized systems including high computational overhead for central controllers, single point failure and IU privacy issues, in many scenarios, a distributed DSA system is required. In this dissertation, we also cope with the spectrum sharing issues in distributed spectrum management, specifically the secondary user (SU) power control problem, by developing distributed and secure transmit power control algorithms for SUs. In centralized spectrum management, the common approach for spectrum monitoring is to build infrastructures (e.g. spectrum observatories), which cost much money and manpower yet have relatively low coverage. To aid in this, we propose a crowdsourcing based spectrum monitoring system to capture the accurate spectrum utilization at a large geographical area, which leverages the power of masses of portable mobile devices. The central controller can accurately predict future spectrum utilization and intelligently schedule the spectrum monitoring tasks among mobile SUs accordingly, so that the energy of mobile devices can be saved and more spectrum activities can be monitored. We also demonstrate our system's ability to capture not only the existing spectrum access patterns but also the unknown patterns where no historical spectrum information exists. The experiment shows that our spectrum monitoring system can obtain a high spectrum monitoring coverage with low energy consumption. Environmental Sensing Capability (ESC) systems are utilized in DSA in 3.5 GHz to sense the IU activities for protecting them from SUs' interference. However, IU location information is often highly sensitive in this band and hence it is preferable to hide its true location under the detection of ESCs. As a remedy, we design novel schemes to preserve both static and moving IU's location information by adjusting IU's radiation pattern and transmit power. We first formulate IU privacy protection problems for static IU. Due to the intractable nature of this problem, we propose a heuristic approach based on sampling. We also formulate the privacy protection problem for moving IUs, in which two cases are analyzed: (1) protect IU's moving traces; (2) protect its real-time current location information. Our analysis provides insightful advice for IU to preserve its location privacy against ESCs. Simulation results show that our approach provides great protection for IU's location privacy. Centralized DSA spectrum management systems has to bear several fundamental issues, such as the heavy computational overhead for central controllers, single point failure and privacy concerns of IU caused by large amounts of information exchange between users and controllers and often untrusted operators of the central controllers. In this dissertation, we propose an alternative distributed and privacy-preserving spectrum sharing design for DSA, which relies on distributed SU power control and security mechanisms to overcome the limitations of centralized DSA spectrum management. / Doctor of Philosophy / Due to the rapid growth in wireless communication demands, the frequency spectrum is becoming increasingly crowded. Traditional spectrum allocation policy gives the unshared access of fixed bands to the licensed users, and there is little unlicensed spectrum left now to allocate to newly emerged communication demands. However, studies on spectrum occupancy show that many licensed users who own the license of certain bands are only active for a small percentage of time, which results in plenty of underutilized spectrum. Hence, a new spectrum sharing paradigm, called dynamic spectrum access (DSA), is proposed to mitigate this problem. DSA enables the spectrum sharing between different classes of users, generally, the unlicensed users in the DSA system can access the licensed spectrum opportunistically without interfering with the licensed users. Based on architecture design, DSA systems can be categorized as centralized and distributed. In centralized systems, a central controller will make decisions on spectrum usage for all unlicensed users. Whereas in distributed systems, unlicensed users can make decisions for themselves independently. To successfully enable DSA, both centralized and distributed DSA systems need to deal with spectrum management issues, such as resource allocation problems and user privacy issues, etc. The resource allocation problems include, for example, the problems to discover and allocate idle bands and the problems to control users' transmit power for successful coexistence. Privacy issues may also arise during the spectrum management process since certain information exchange is inevitable for global decision making. However, due to the Federal Communications Commission's (FCC) regulation, licensed users' privacy such as their location information must be protected in any case. As a result, dynamic and efficient spectrum management techniques are necessary for DSA users. In this dissertation, we investigate the above-mentioned spectrum management issues in both types of DSA systems, specifically, the spectrum sensing challenges with licensed user location privacy issues in centralized DSA, and the spectrum sharing problems in distributed DSA systems. In doing so, we propose novel schemes for solving each related spectrum management problem and demonstrate their efficacy through the results from extensive evaluations and simulations. We believe that this dissertation provides insightful advice for DSA users to solve different spectrum management issues for enabling DSA implementation, and hence helps in a wider adoption of dynamic spectrum sharing.

dynamic spectrum access

spectrum monitoring

location privacy protection

transmit power control

Exploiting Competition Relationship for Robust Visual Recognition

DU, LIANG

January 2015

Leveraging task relatedness has been proven to be beneficial in many machine learning tasks. Extensive researches has been done to exploit task relatedness in various forms. A common assumption for the tasks is that they are intrinsically similar to each other. Based on this assumption, joint learning algorithms are usually implemented via some forms of information sharing. Various forms of information sharing have been proposed, such as shared hidden units of neural networks, common prior distribution in hierarchical Bayesian model, shared weak learners of a boosting classifier, distance metrics and a shared low rank structure for multiple tasks. However, another very common and important task relationship, i.e., task competition, has been largely overlooked. Task competition means that tasks are competing with each other if there are competitions or conflicts between their goals. Considering that tasks with competition relationship are universal, this dissertation is to accommodate this intuition from an algorithmic perspectives and apply the algorithms to various visual recognition problems. Focus on exploiting the task competition relationships in visual recognition, the dissertation presents three types of algorithms and applied them to different visual recognition tasks. First, hypothesis competition has been exploited in a boosting framework. The proposed algorithm CompBoost jointly model the target and auxiliary tasks with a generalized additive regression model regularized by competition constraints. This model treats the feature selection as the weak learner (\ie, base functions) selection problem, and thus provides a mechanism to improve feature filtering guided by task competition. More specifically, following a stepwise optimization scheme, we iteratively add a new weak learner that balances between the gain for the target task and the inhibition on the auxiliary ones. We call the proposed algorithm CompBoost, since it shares similar structures with the popular AdaBoost algorithm. In this dissertation, we use two test beds for evaluation of CompBoost: (1) content-independent writer identification by exploiting competing tasks of handwriting recognition, and (2) actor-independent facial expression recognition by exploiting competing tasks of face recognition. In the experiments for both applications, the approach demonstrates promising performance gains by exploiting the between-task competition relationship. Second, feature competition has been instantiated through an alternating coordinate gradient algorithm. Sharing the same feature pool, two tasks are modeled together in a joint loss framework, with feature interaction encouraged via an orthogonal regularization over feature importance vectors. Then, an alternating greedy coordinate descent learning algorithm (AGCD) is derived to estimate the model. The algorithm effectively excludes distracting features in a fine-grained level for improving face verification. In other words, the proposed algorithm does not forbid feature sharing between competing tasks in a macro level; it instead selectively inhibits distracting features while preserving discriminative ones. For evaluation, the proposed algorithm is applied to two widely tested face-aging benchmark datasets: FG-Net and MORPH. On both datasets, our algorithm achieves very promising performances and outperforms all previously reported results. These experiments, together with detailed experimental analysis, show clearly the benefit of coordinating conflicting tasks for improving visual recognition. Third, two ad-hoc feature competition algorithms have been proposed to apply to visual privacy protection problems. Visual privacy protection problem is a practical case of competition factors in real world application. Algorithms are specially designed to achieve best balance between competing factors in visual privacy protection based on different modeling frameworks. Two algorithms are developed to apply to two applications, license plate de-identification and face de-identification. / Computer and Information Science

Computer Science

Information Science

Information Technology

Competition Relationship

Face Analysis

Visual Privacy Protection

Visual Recognition

Ochrana soukromí v cloudu / Privacy protection in cloud

Chernikau, Ivan

Unknown Date

In the Master’s thesis were described privacy protection problems while using cloud technologies. Some of the problems can be solved with help of homomorphic encryption, data splitting or searchable encryption. These techniques were described and compared by provided security, privacy protection and efficiency. The data splitting technique was chosen and implemented in the C language. Afterwards a performance of the implemented solution was compared to AES encryption/decryption performance. An application for secured data storing in cloud was designed and implemented. This application is using the implemented data splitting technique and third-party application CloudCross. The designed application provides command line interface (CLI) and graphical user interface (GUI). GUI extends the capabilities of CLI with an ability to register cloud and with an autodetection of registered clouds. The process of uploading/downloading the data to/from cloud storage is transparent and it does not overload the user with technical details of used data splitting technique.