Global ETD Search

621	The conflict of interest between data sharing and data privacy : a middleware approach Molema, Karabo Omphile January 2016 (has links) Thesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2016. / People who are referred to as data owners in this study, use the Internet for various purposes and one of those is using online services like Gmail, Facebook, Twitter and so on. These online services are offered by organizations which are referred to as data controllers. When data owners use these service provided by data controllers they usually have to agree to the terms and conditions which gives data controllers indemnity against any privacy issues that may be raised by the data owner. Data controllers are then free to share that data with any other organizations, referred to as third parties. Though data controllers are protected from lawsuits it does not necessarily mean they are free of any act that may be considered a privacy violation by the data owner. This thesis aims to arrive at a design proposition using the design science research paradigm for a middleware extension, specifically focused on the Tomcat server which is a servlet engine running on the JVM. The design proposition proposes a client side annotation based API to be used by developers to specify classes which will carry data outside the scope of the data controller's system to a third party system, the specified classes will then have code weaved in that will communicate with a Privacy Engine component that will determine based on data owner's preferences if their data should be shared or not. The output of this study is a privacy enhancing platform that comprises of three components the client side annotation based API used by developers, an extension to Tomcat and finally a Privacy Engine. Computer security Data protection Computer networks -- Security measures Privacy, Right of
622	Titre : sécurité et protection de la vie privée pour le calcul déporté. / Security and privacy for outsourced computations. Kumar, Amrit 20 October 2016 (has links) Les systèmes embarqués comme les smartphones et les tablettes vont devenir à terme nos interfaces privilégiées avec le monde numérique. Ces systèmes n'ont cependant pas encore la puissance de calcul nécessaire pour s'acquitter de toutes les tâches exigées par un utilisateur. De plus, ils ne disposent pas forcement de toutes les connaissances nécessaires pour réaliser certaines opérations. Ceci pour divers raisons: confidentialité, propriété intellectuelle, limitation de la mémoire ou encore difficulté d'accès à l'information. Ainsi de nombreuses données et de nombreux calculs sont stockes et effectués sur des machines distantes. Il peut s'agir de serveur centralisant tous les calculs, d'une grille de calcul distribuée ou d'un cloud. Le résultat est que des entités tiers manipulent des données qui ont un caractère privée. Cette situation n’est pas acceptable en terme de protection de la vie privée sans la mise en place de dispositifs permettant de garantir aux utilisateurs la confidentialité et l'intégrité de leurs données, le respect de leur vie privée. L’objectif de cette thèse est d'analyser les méthodes existantes ainsi que de proposer d'autres mécanismes de sécurité et de protection de la vie privée pour les calculs déportés. / Hashing and hash-based data structures are ubiquitous. Apart from their role inthe design of efficient algorithms, they particularly form the core to manycritical software applications. Whether it be in authentication on theInternet, integrity/identification of files, payment using Bitcoins, webproxies, or anti-viruses, the use of hashing algorithms might only be internalbut yet very pervasive.This dissertation studies the pitfalls of employing hashing and hash-based datastructures in software applications, with a focus on their security and privacyimplications. The mainstay of this dissertation is the security and privacyanalysis of software solutions built atop Bloom filters --- a popularhash-based data structure, and Safe Browsing --- a malicious websitedetection tool developed by Google that uses hash functions. The softwaresolutions studied in this dissertation have billions of clients, which includesoftware developers and end users.For Bloom filters and their privacy, we study a novel use case, where they forman essential tool to privately query leaked databases of personal data. Whilefor security, we study Bloom filters in adversarial settings. The studyencompasses both theory and practice. From a theoretical standpoint, we defineadversary models that capture the different access privileges of an adversary onBloom filters. We put the theory into practice by identifying several securityrelated software solutions (employing Bloom filters) that are vulnerable to ourattacks. This includes: a web crawler, a web proxy, a malware filter, forensictools and an intrusion detection system. Our attacks are similar to traditionaldenial-of-service attacks capable of bringing the concerned infrastructures toknees.As for Safe Browsing, we study vulnerabilities in the architecture that anadversary can exploit. We show several attacks that can simultaneouslyincrease traffic towards both the Safe Browsing server and the client. Ourattacks are highly feasible as they essentially require inverting hash digestsof 32 bits. We also study the privacy achieved by the service by analyzing thepossibility of re-identifying websites visited by a client. Our analysis andexperimental results show that Safe Browsing can potentially be used as a toolto track specific classes of individuals.This dissertation highlights the misunderstandings related to the use of hashingand hash-based data structures in a security and privacy context. Thesemisunderstandings are the geneses of several malpractices that include the useof insecure hash functions, digest truncation among others. Motivated by ourfindings, we further explore several countermeasures to mitigate the ensuingsecurity and privacy risks. Sécurité Calcul Externalisation Security Privacy Computations Outsourcing 004
623	"This is inappropriate! I'm your daughter, not your friend!": South Asian American Daughters' Roles as Reluctant Confidant and Parental Mediator in Emerging Adult Child-Parent Relationships January 2012 (has links) abstract: This dissertation explores South Asian American (SAA) emerging adult daughters' roles as their parents' reluctant confidants and mediators of conflict. Using Petronio's (2002) communication privacy management theory (CPM) as a framework, this dissertation investigates daughters' communicative strategies when engaged in familial roles. Findings from 15 respondent interviews with SAA women between the ages of 18 and 29 reveal daughters' intrinsic and extrinsic motivations for role-playing within their families, such as inherent satisfaction and parental expectations, respectively. Additionally, findings highlight daughters' use of coping and thwarting strategies after they become the recipients of their parents' unsolicited private information. Namely, daughters engaged in coping strategies (e.g., giving advice) to help their parents manage private information. Likewise, they enacted thwarting strategies (e.g., erecting territorial markers) to restore boundaries after their parents (the disclosers) violated them. Consequently, serving as parental confidants and mediators contributed to parent-child boundary dissolution and adversely affected daughters' well-being as well as their progression toward adulthood. This study provides theoretical contributions by extending CPM theory regarding reluctant confidants within the contexts of emerging adult child-parent relationships and ethnic minority groups in America. Practically, this study offers emerging adult children insight into how they might renegotiate boundaries when their parents change the relationship by disclosing personal information. Information gleaned from this study provides SAA emerging adult daughters with an understanding of the ramifications of prioritizing their familial roles and being a reluctant confidant, in addition to potential avenues for remediation. / Dissertation/Thesis / Ph.D. Communication Studies 2012 Communication Communication Privacy Management Emerging Adulthood South Asian American
624	Orkut: o público, o privado e o íntimo na era das novas tecnologias da informação / Orkut: public, private and intimate in the era of new information technology Mariana Zanata Thibes 03 March 2009 (has links) Os conceitos de privado, público e íntimo sofreram transformações importantes a partir do surgimento das novas tecnologias da informação. Se, por um lado, é possível notar um refinamento das técnicas de controle e vigilância, que levariam ao questionamento da privacidade enquanto um direito individual e à violação da esfera privada, por outro, essas tecnologias permitem certo exercício reflexivo que conduz a novas vivências do privado, do público e do íntimo. Partindo, portanto, do exame da sociabilidade que surge no orkut, esta pesquisa tencionou analisar como se configuram essas novas vivências, observando que, embora a dinâmica desta sociabilidade revele afinidades com os objetivos da sociedade de controle, ela também possibilita a liberdade para criar identidades e para redefinir as regras que orientam a vida, estimulando um tipo de reflexão que aponta para o fortalecimento da política. / The concepts of private, public and the intimacy have suffered important changes since the new information technologies took part of the everyday life. If, on the one hand, it is possible to observe a certain refinement of the techniques of control and vigilance, on the other, these technologies allow a reflexive exercise that leads to new experiences of the private, public and the intimacy. Through the examination of the sociability that takes place at orkut, this research tried to analyze how these new experiences have been configured, observing that, despite of the dynamic of this sociability reveals affinities with the objectives of the control society, it also allows the liberty to create identities and to redefine the rules that guide the life, stimulating a kind of reflection that points out the strengthening of the politics. Íntimo Orkut Privacidade Privado Público Intimacy Orkut Privacy Private Public
625	IDeM: an identity-driven middleware for interoperable and heterogeneous systems FERRAZ, Felipe Silva 09 September 2016 (has links) Submitted by Rafael Santana (rafael.silvasantana@ufpe.br) on 2017-08-30T18:59:54Z No. of bitstreams: 2 license_rdf: 811 bytes, checksum: e39d27027a6cc9cb039ad269a5db8e34 (MD5) Thesis_final_v8_final.pdf: 3606329 bytes, checksum: 9eb076ad648eb48bf1a1cac89fb53d9b (MD5) / Made available in DSpace on 2017-08-30T18:59:54Z (GMT). No. of bitstreams: 2 license_rdf: 811 bytes, checksum: e39d27027a6cc9cb039ad269a5db8e34 (MD5) Thesis_final_v8_final.pdf: 3606329 bytes, checksum: 9eb076ad648eb48bf1a1cac89fb53d9b (MD5) Previous issue date: 2016-09-09 / In mid-2000s, for the first time in human history, urban cities started to harbor more than half of world's population. The concept of Smart Cities emerged in such context. Smart Cities can be defined as an urban environment where innovative services under an available infrastructure are provided to citizens with the use of information technology (IT). However, even though people use and take advantage of available information, there is a natural resistance to disclosure and expose personal data, which will get known by other citizens and businesses. This generates a sense of insecurity and privacy loss. This thesis explores information security issues related to identity and identifier management and proposes a solution that guarantees the privacy and anonymity of users within interoperable and heterogeneous environments. This thesis proposes a solution based on the creation of a multi identity environment, in which a user has different identities, for different systems using the same identifier, that way it is possible to connect with different services, solutions and others, using the same login but having different representations within each solution, that will guarantee privacy, different level of security and interoperability. The proposed solution is demonstrated through the creation of a middleware within the context of smart cities. Finally, this thesis presents a set of experiments that use the proposed middleware to protect citizens’ sensitive data. / Em meados dos anos 2000, pela primeira vez na história da humanidade, as grandes cidades começaram a abrigar mais da metade da população mundial. É no contexto dessa mudança que surge o conceito de Smart Cities, tal conceito pode ser definido como um ambiente urbano onde, com uso de tecnologia da informação, serviços inovadores e com infraestrutura disponível, são fornecidos para os cidadãos. Em contra ponto a essa dinâmica está o fato de que essas mesmas pessoas, que fazem uso das informações, tem uma resistência natural relacionada a divulgação de seus dados, e que estes sejam expostos e conhecidos por demais cidadões e empresas, gerando um cenário de insegurança e perda de privacidade. Este trabalho explora problemas de segurança da informação relacionados a gerenciamento de identidade e identificadores, propõe a criação de uma solução que permita manter a privacidade e o anonimato de usuários, ainda que anônimo, dentro de ambientes interoperáveis e heterogêneos. Essa tese propõe um solução baseada na creação de um ambiente multi identidade, no qual um usuário terá diferentes identidades, para diferentes sistemas, usando o mesmo identificador, dessa forma é possivel garantir a conexão com diferentes serviços, soluções e outros componentes, usando o mesmo login, por exemplo, porém tendo diferentes representações em cada solução, isso garantirá, entre outros, privacidade, diferentes niveis de segurança e interoperabilidade. Tal solução será descrita na forma de um middleware explorado dentro do contexto de cidades inteligente. Por fim, este trabalho apresentará um conjuntos de experimentos que utilizam o middleware, para proteger dados confidenciais dos cidadãos.
626	Enforcing Privacy on the Internet. Lategan, Frans Adriaan 02 June 2008 (has links) Privacy of information is becoming more and more important as we start trusting unknown computers, servers and organisations with more and more of our personal information. We distribute our private information on an ever-increasing number of computers daily, and we effectively give target organisations carte blanche to do what they want with our private information once they have collected it. We have only their privacy policy as a possible safeguard against misuse of our private information. Thus far, no reliable and practical method to enforce privacy has been discovered. In this thesis we look at ways to enforce the privacy of information. In order to do this, we first present a classification of private information based on the purpose it is acquired for. This will then enable us to tailor protection methods in such a way that the purpose the information is acquired for can still be fulfilled. We propose three distinct methods to protect such information. The first method, that of nondisclosure, is where private information is required not for the contents, but as input to verify calculations. We shall present an encryption method to protect private information where the private information consists of a set of numeric values S on which some function G has to be applied and the result = G(S) has to be supplied to a target organisation. The calculation of the result must be verifiable by the target organisation, without disclosing S. The second method, that of retaining control is a method by which we can grant limited access to our private information, and thus enforce the terms of privacy policies. The final method we present is a conceptual method to extend P3P in order to add more flexibility to the decision on whether or not a given item of private information will be supplied to a target organisation by using the Chinese Wall security policy. This will enable a user to not only define rules as to which items of private information he would disclose, but also to define what collection of private information any given organisation would be able to build about him. / Olivier, M.S., Prof. internet internet security computer security data protection right of privacy
627	About the Importance of Interface Complexity and Entropy for Online Information Sharing Spiekermann-Hoff, Sarah, Korunovska, Jana January 2014 (has links) (PDF) In this paper, we describe two experiments that show the powerful influence of interface complexity and entropy on online information sharing behaviour. 134 participants were asked to do a creativity test and answer six open questions against three different screen backgrounds of increasing complexity. Our data shows that, as an interface becomes more complex and has more entropy users refer less to themselves and show less information sharing breadth. However, their verbal creativity and information sharing depth do not suffer in the same way. Instead, an inverse U shaped relationship between Interface complexity and creativity as well as information sharing depth can be observed: Users become more creative and thoughtful until a certain tipping point of interface complexity is reached. At that point, creativity and th inking suffer, leading to significantly less disclosure. This result challenges the general HCI assumption that simplicity is always best for computers interface design , as users'creativity and information sharing depth initially increases with more interface complexity. Our results suggest that the Yerkes Dodson Law may be a key theory underlying online creativity and depth of online disclosures.
628	Cloud Computing – A review of Confidentiality and Privacy Lindén, Simon January 2016 (has links) With the introduction of cloud computing the computation got distributed, virtualized and scalable. This also meant that customers of cloud computing gave away some of their control of their system. That led to a heighten importance of how to handle security in the cloud, for both provider and customer. Since security is such a big subject the focus of this thesis is on confidentiality and privacy, both closely related to how to handle personal data. With the help of a systematic literature review in this thesis, current challenges and possible mitigations are presented in some different areas and concerning both the cloud provider and the cloud customer. The conclusion of the thesis is that cloud computing in itself have matured a lot since the early 2000’s and all of the challenges provided have possible mitigations. However, the exact implementation of said mitigation will differ depending on cloud customer and the exact application developed as well as the exact service provided by the cloud provider. In the end it will all boil down to a process that involves technology, employees and policies and with that can any user secure its cloud application. Cloud computing security confidentiality privacy mitigation Computer Sciences Datavetenskap (datalogi)
629	Investigating Spyware in Peer-to-Peer Tools Boldt, Martin, Wieslander, Johan January 2003 (has links) Peer-to-Peer (P2P) tools are used exclusively when their users are connected to the Internet, thus constituting a good foundation for online commercials to help finance further tool development. Although software that displays ads (adware) is very common, activity monitoring or information collecting software that spies on the users (spyware) may be installed together with the P2P tool. This paper will present a method for examining P2P tool installations and present test results from a few of the most common P2P tools. It will also discuss whether these tools, with their bundled software, make any privacy intrusions. Finally, the method itself will be evaluated and suggestions of refinements will be proposed. Peer-to-Peer Spyware Adware Privacy Computer Sciences Datavetenskap (datalogi)
630	Implementing Transparency Logging for an Issue Tracking System Grahn, Christian January 2012 (has links) On the Internet today, users are accustomed to disclosing personal information when accessing a new service. When a user does so, there is rarely a system in place which allows the user to monitor how his or her information is actually shared or used by services. One proposed solution to this problem is to have services perform transparency logging on behalf of users, informing them how their data is processed as processing is taking place. We have recently participated in a collaboration to develop a privacy-preserving secure logging scheme that can be used for the purpose of transparency logging. As part of that collaboration we created a proof of concept implementation. In this thesis, we elaborate on that implementation and integrate it with a minimalistic open source issue-tracking system. We evaluate the amount of work required to integrate the logging system and attempt to identify potential integration problems. Using this issue-tracking system we then design and implement a scenario that demonstrates the value of the logging system to the average user. logging transparency PET privacy enhancing technologies Computer Sciences Datavetenskap (datalogi)

Search results