The Law of privacy in South Africa.

McQuoid-Mason, David Jan.

January 1977

No abstract available. / Thesis (LL.M.)-University of Natal, Durban, 1977.

Privacy, right of--South Africa.

Theses--Law.

Mitigating the Risks of Smartphone Data Sharing: Identifying Opportunities and Evaluating Notice

Balebako, Rebecca

01 September 2014

As smartphones become more ubiquitous, increasing amounts of information about smartphone users are created, collected, and shared. This information may pose privacy and security risks to the smartphone user. The risks may vary from government surveillance to theft of financial information. Previous work in the area of smartphone privacy and security has both identified specific security flaws and examined users’ expectations and behaviors. However, there has not been a broad examination of the smartphone ecosystem to determine the risks to users from smartphone data sharing and the possible mitigations. Two of the five studies in this work examine the smartphone data sharing ecosystem to identify risks and mitigations. The first study uses multi-stakeholder expert interviews to identify risks to users and the mitigations. A second study examines app developers in order to quantify the risky behaviors and identify opportunities to improve security and privacy. In the remaining three of five studies discussed in this work, we examine one specific risk mitigation that has been popular with policy-makers: privacy notices for consumers. If done well, privacy notices should inform smartphone users about the risks and allow them to make informed decisions about data collection. Unfortunately, previous research has found that existing privacy notices do not help smartphone users, as they are neither noticed nor understood. Through user studies, we evaluate options to improve notices. We identify opportunities to capture the attention of users and improve understanding by examining the timing and content of notices. Overall, this work attempts to inform public policy around smartphone privacy and security. We find novel opportunities to mitigate risks by understanding app developers’ work and behaviors. Also, recognizing the current focus on privacy notices, we attempt to frame the debate by examining how users’ attention to and comprehension of notices can be improved through content and timing.

privacy

mobile

smartphone

usability

user experience

notifications

Improving understanding of website privacy policies

2004 August 1900

Machine-readable privacy policies have been developed to help reduce user effort in understanding how websites will use personally identifiable information (PII). The goal of these policies is to enable the user to make informed decisions about the disclosure of personal information in web-based transactions. However, these privacy policies are complex, requiring that a user agent evaluate conformance between the user’s privacy preferences and the site’s privacy policy, and indicate this conformance information to the user. The problem addressed in this thesis is that even with machine-readable policies and current user agents, it is still difficult for users to determine the cause and origin of a conflict between privacy preferences and privacy policies. The problem arises partly because current standards operate at the page level: they do not allow a fine-grained treatment of conformance down to the level of a specific field in a web form. In this thesis the Platform for Privacy Preferences (P3P) is extended to enable field-level comparisons, field-specific conformance displays, and faster access to additional field-specific conformance information. An evaluation of a prototype agent based on these extensions showed that they allow users to more easily understand how the website privacy policy relates to the user’s privacy preferences, and where conformance conflicts occur.

Usability

Human-Computer Interaction

P3P

Privacy

E-commerce

Information oversight: archives and recordkeeping practices in Manitoba municipalities

Martin, Andrea

22 April 2014

Every municipality in Manitoba has a distinct and valuable history, but many stories are already lost, and many more are at risk due to poor recordkeeping and archiving. Municipal records document local decisions, actions, finances, the relationship between governments and citizens, and much more. Most of this information is only available in municipal government records; it does not exist anywhere else. Additionally, despite municipal reliance on local records and archives in their day-to-day operations, and as a key source in constructing specific community identities, many municipal government offices have neglected, forgotten, or no longer see the value in maintaining an archive. As a result, municipal governments cannot be held fully accountable for their actions and are unable to abide by the archival requirements of the Municipal Act and the access and privacy provisions outlined in the Freedom of Information and Protection of Privacy Act. They are also thereby failing to take advantage of the archival services offered through the Archives of Manitoba as outlined in the province’s Archives and Recordkeeping Act. This project examines how municipal employees and citizens view recordkeeping, particularly how archival records are considered. In order to learn how municipal officials deal with both their current and archival records a survey was sent to all the municipalities in Manitoba outside of Winnipeg, which was excluded because it had made considerable recent progress by establishing a city archives. Driven by a concern that municipal records outside of Winnipeg are not being adequately managed and archived, this thesis studies the way municipalities are treating both their operational and archival records. These findings are contextualized by looking at municipal archives and archival practices across Canada. Finally, the thesis provides some suggestions for improving recordkeeping practices in Manitoba’s municipalities.

archives

access

records management

privacy

municipalities

governance

Cryptographic Credentials with Privacy-preserving Biometric Bindings

Bissessar, David

22 January 2013

Cryptographic credentials allow user authorizations to be granted and verified. and have such applications as e-Passports, e-Commerce, and electronic cash. This thesis proposes a privacy protecting approach of binding biometrically derived keys to cryptographic credentials to prevent unauthorized lending. Our approach builds on the 2011 work of Adams, offering additional benefits of privacy protection of biometric information, generality on biometric modalities, and performance. Our protocol integrates into Brands’ Digital Credential scheme, and the Anonymous Credentials scheme of Camenisch and Lysyanskaya. We describe a detailed integration with the Digital Credential Scheme and sketch the integration into the Anonymous Credentials scheme. Security proofs for non-transferability, correctness of ownership, and unlinkability are provided for the protocol’s instantiation into Digital Credentials. Our approach uses specialized biometric devices in both the issue and show protocols. These devices are configured with our proposed primitive, the fuzzy ex-tractor indistinguishability adaptor which uses a traditional fuzzy extractor to create and regenerate cryptographic keys from biometric data and IND-CCA2 secure en-cryption protect the generated public data against multiplicity attacks. Pedersen commitments are used to hold the key at issue and show time, and A zero-knowledge proof of knowledge is used to ensure correspondence of key created at issue-time and regenerated at show-time. The above is done in a manner which preserves biometric privacy, as and delivers non-transferability of digital credentials. The biometric itself is not stored or divulged to any of the parties involved in the protocol. Privacy protection in multiple enrollments scenarios is achieved by the fuzzy extractor indistinguishability adapter. The zero knowledge proof of knowledge is used in the showing protocol to prove knowledge of values without divulging them.

Cryptography

Privacy Enhancing Techniques

Biometrics

Fuzzy Extractors

Cloud security mechanisms

January 2014

Cloud computing has brought great benefits in cost and flexibility for provisioning services. The greatest challenge of cloud computing remains however the question of security. The current standard tools in access control mechanisms and cryptography can only partly solve the security challenges of cloud infrastructures. In the recent years of research in security and cryptography, novel mechanisms, protocols and algorithms have emerged that offer new ways to create secure services atop cloud infrastructures. This report provides introductions to a selection of security mechanisms that were part of the "Cloud Security Mechanisms" seminar in summer term 2013 at HPI. / Cloud Computing hat deutliche Kostenersparnisse und verbesserte Flexibilität bei der Bereitstellung von Computer-Diensten ermöglicht. Allerdings bleiben Sicherheitsbedenken die größte Herausforderung bei der Nutzung von Cloud-Diensten. Die etablierten Mechanismen für Zugriffskontrolle und Verschlüsselungstechnik können die Herausforderungen und Probleme der Sicherheit von Cloud-Infrastrukturen nur teilweise lösen. In den letzten Jahren hat die Forschung jedoch neue Mechanismen, Protokolle und Algorithmen hervorgebracht, welche neue Möglichkeiten eröffnen die Sicherheit von Cloud-Anwendungen zu erhöhen. Dieser technische Bericht bietet Einführungen zu einigen dieser Mechanismen, welche im Seminar "Cloud Security Mechanisms" im Sommersemester 2013 am HPI behandelt wurden.

Cloud

Sicherheit

Privacy

Bitcoin

Homomorphe Verschlüsselung

Differential Privacy

cloud

security

privacy

confidentiality

threshold cryptography

bitcoin

homomorphic encryption

differential privacy

Data processing Computer science

Next Generation RFID Randomization Protocol

LaValley, Jason

06 December 2011

Radio Frequency IDentification (RFID) is a wireless communications technology which allows companies to secure their assets and increase the portability of information. This research was motivated by the increased commercial use of RFID technology. Existing security protocols with high levels of security have high computation requirements, and less intensive protocols can allow a tag to be tracked. The techniques proposed in this thesis result in the increase of ciphertexts available without a significant increase in processing power or storage requirements. The addition of random inputs to the generation of ciphertexts will increase the number of possible results without requiring a more advanced encryption algorithm or an increased number of stored encryption keys. Four methods of altering the plaintext/ciphertext pair (random block, set pattern, random pattern, and indexed placement) are analyzed to determine the effectiveness of each method. The number of ciphertexts generated, generation time, and generation errors were recorded to determine which of the four proposed methods would be the most beneficial in a RFID system. The comparison of these method characteristics determined that the set pattern placement method provided the best solution. The thesis also discusses how RFID transmissions appear to attackers and explains how the random inputs reduce effectiveness of current system attacks. In addition to improving the anonymity of RFID tag transmissions, the concept of authenticating random inputs is also introduced in this thesis. These methods help prevent an adversary from easily associating a tag with its transmissions, thus increasing the security of the RFID system.

RFID

Radio Frequency Identification

Randomization

Security

Privacy

Aggregation and Privacy in Multi-Relational Databases

Jafer, Yasser

11 April 2012

Most existing data mining approaches perform data mining tasks on a single data table. However, increasingly, data repositories such as financial data and medical records, amongst others, are stored in relational databases. The inability of applying traditional data mining techniques directly on such relational database thus poses a serious challenge. To address this issue, a number of researchers convert a relational database into one or more flat files and then apply traditional data mining algorithms. The above-mentioned process of transforming a relational database into one or more flat files usually involves aggregation. Aggregation functions such as maximum, minimum, average, standard deviation, count and sum are commonly used in such a flattening process. Our research aims to address the following question: Is there a link between aggregation and possible privacy violations during relational database mining? In this research we investigate how, and if, applying aggregation functions will affect the privacy of a relational database, during supervised learning, or classification, where the target concept is known. To this end, we introduce the PBIRD (Privacy Breach Investigation in Relational Databases) methodology. The PBIRD methodology combines multi-view learning with feature selection, to discover the potentially dangerous sets of features as hidden within a database. Our approach creates a number of views, which consist of subsets of the data, with and without aggregation. Then, by identifying and investigating the set of selected features in each view, potential privacy breaches are detected. In this way, our PBIRD algorithm is able to discover those features that are correlated with the classification target that may also lead to revealing of sensitive information in the database. Our experimental results show that aggregation functions do, indeed, change the correlation between attributes and the classification target. We show that with aggregation, we obtain a set of features which can be accurately linked to the classification target and used to predict (with high accuracy) the confidential information. On the other hand, the results show that, without aggregation we obtain another different set of potentially harmful features. By identifying the complete set of potentially dangerous attributes, the PBIRD methodology provides a solution where the database designers/owners can be warned, to subsequently perform necessary adjustments to protect the privacy of the relational database. In our research, we also perform a comparative study to investigate the impact of aggregation on the classification accuracy and on the time required to build the models. Our results suggest that in the case where a database consists only of categorical data, aggregation should especially be used with caution. This is due to the fact that aggregation causes a decrease in overall accuracies of the resulting models. When the database contains mixed attributes, the results show that the accuracies without aggregation and with aggregation are comparable. However, even in such scenarios, schemas without aggregation tend to slightly outperform. With regard to the impact of aggregation on the model building time, the results show that, in general, the models constructed with aggregation require shorter building time. However, when the database is small and consists of nominal attributes with high cardinality, aggregation causes a slower model building time.

Aggregation

Privacy

Relational Database

Data Mining

Privacy in row houses of Montreal

Rahbar, Mehrdad

January 1996

The purpose of this thesis is to explore the concepts of privacy and to propose design patterns for providing privacy for individuals and families in the context of Montreal row houses. / The study examines and explores the notion of privacy through a multidisciplinary literature review and links this notion to the row houses. The morphogenesis of row houses, the role of occupants and the built environment in the evolution of privacy issues in this housing type is investigated through a broad historical review and site surveys. The research leads to a series of proposed design patterns which can be used as tools for provision and maintenance of privacy in row houses. Specific consideration is given to present and future housing requirements.

Privacy

Managing and Complementing Public Key Infrastructure for Securing Vehicular Ad Hoc Networks

Wasef, Albert

January 2011

Recently, vehicular ad-hoc network (VANET) has emerged as an excellent candidate to change the life style of the traveling passengers along the roads and highways in terms of improving the safety levels and providing a wide range of comfort applications. Due to the foreseen impact of VANETs on our lives, extensive attentions in industry and academia are directed towards bringing VANETs into real life and standardizing its network operation. Unfortunately, the open medium nature of wireless communications and the high-speed mobility of a large number of vehicles in VANETs pose many challenges that should be solved before deploying VANETs. It is evident that any malicious behavior of a user, such as injecting false information, modifying and replaying the disseminated messages, could be fatal to other legal users. In addition, users show prime interest in protecting their privacy. The privacy of users must be guaranteed in the sense that the privacy-related information of a vehicle should be protected to prevent an observer from revealing the real identities of the users, tracking their locations, and inferring sensitive data. From the aforementioned discussion, it is clear that security and privacy preservation are among the critical challenges for the deployment of VANETs. Public Key Infrastructure (PKI) is a well-recognized solution to secure VANETs. However, the traditional management of PKI cannot meet the security requirements of VANETs. In addition, some security services such as location privacy and fast authentication cannot be provided by the traditional PKI. Consequently, to satisfy the security and privacy requirements, it is prerequisite to elaborately design an efficient management of PKI and complementary mechanisms for PKI to achieve security and privacy preservation for practical VANETs. In this thesis, we focus on developing an efficient certificate management in PKI and designing PKI complementary mechanisms to provide security and privacy for VANETs. The accomplishments of this thesis can be briefly summarized as follows. Firstly, we propose an efficient Distributed Certificate Service (DCS) scheme for vehicular networks. The proposed scheme offers a flexible interoperability for certificate service in heterogeneous administrative authorities, and an efficient way for any On-Board Units (OBUs) to update its certificate from the available infrastructure Road-Side Units (RSUs) in a timely manner. In addition, the DCS scheme introduces an aggregate batch verification technique for authenticating certificate-based signatures, which significantly decreases the verification overhead. Secondly, we propose an Efficient Decentralized Revocation (EDR) protocol based on a novel pairing-based threshold scheme and a probabilistic key distribution technique. Because of the decentralized nature of the EDR protocol, it enables a group of legitimate vehicles to perform fast revocation of a nearby misbehaving vehicle. Consequently, the EDR protocol improves the safety levels in VANETs as it diminishes the revocation vulnerability window existing in the conventional Certificate Revocation Lists (CRLs). Finally, we propose complementing PKI with group communication to achieve location privacy and expedite message authentication. In specific, the proposed complemented PKI features the following. First, it employs a probabilistic key distribution to establish a shared secret group key between non-revoked OBUs. Second, it uses the shared secret group key to perform expedite message authentication (EMAP) which replaces the time-consuming CRL checking process by an efficient revocation checking process. Third, it uses the shared secret group key to provide novel location privacy preservation through random encryption periods (REP) which ensures that the requirements to track a vehicle are always violated. Moreover, in case of revocation an OBU can calculate the new group key and update its compromised keys even if the OBU missed previous rekeying process. For each of the aforementioned accomplishments, we conduct security analysis and performance evaluation to demonstrate the reliable security and efficiency of the proposed schemes.

Security

Privacy

VANET

PKI

Electrical and Computer Engineering