Tools for responsible decision-making in machine learning

Rastegarpanah, Bashir

03 March 2022

Machine learning algorithms are increasingly used by decision making systems that affect individual lives in a wide variety of ways. Consequently, in recent years concerns have been raised about the social and ethical implications of using such algorithms. Particular concerns include issues surrounding privacy, fairness, and transparency in decision systems. This dissertation introduces new tools and measures for improving the social desirability of data-driven decision systems, and consists of two main parts. The first part provides a useful tool for an important class of decision making algorithms: collaborative filtering in recommender systems. In particular, it introduces the idea of improving socially relevant properties of a recommender system by augmenting the input with additional training data, an approach which is inspired by prior work on data poisoning attacks and adapts them to generate `antidote data' for social good. We provide an algorithmic framework for this strategy and show that it can efficiently improve the polarization and fairness metrics of factorization-based recommender systems. In the second part, we focus on fairness notions that incorporate data inputs used by decision systems. In particular, we draw attention to `data minimization', an existing principle in data protection regulations that restricts a system to use the minimal information that is necessary for performing the task at hand. First, we propose an operationalization for this principle that is based on classification accuracy, and we show how a natural dependence of accuracy on data inputs can be expressed as a trade-off between fair-inputs and fair-outputs. Next, we address the problem of auditing black- box prediction models for data minimization compliance. For this problem, we suggest a metric for data minimization that is based on model instability under simple imputations, and we extend its applicability from a finite sample model to a distributional setting by introducing a probabilistic data minimization guarantee. Finally, assuming limited system queries, we formulate the problem of allocating a query budget to simple imputations for investigating model instability as a multi-armed bandit framework, for which we design efficient exploration strategies.

Computer science

Data minimization

Fairness

Privacy

Recommender systems

Responsible AI

Testing Fuzzy Extractors for Face Biometrics: Generating Deep Datasets

Tambay, Alain Alimou

11 November 2020

Biometrics can provide alternative methods for security than conventional authentication methods. There has been much research done in the field of biometrics, and efforts have been made to make them more easily usable in practice. The initial application for our work is a proof of concept for a system that would expedite some low-risk travellers’ arrival into the country while preserving the user’s privacy. This thesis focuses on the subset of problems related to the generation of cryptographic keys from noisy data, biometrics in our case. This thesis was built in two parts. In the first, we implemented a key generating quantization-based fuzzy extractor scheme for facial feature biometrics based on the work by Dodis et al. and Sutcu, Li, and Memon. This scheme was modified to increased user privacy, address some implementation-based issues, and add testing-driven changes to tailor it towards its expected real-world usage. We show that our implementation does not significantly affect the scheme's performance, while providing additional protection against malicious actors that may gain access to the information stored on a server where biometric information is stored. The second part consists of the creation of a process to automate the generation of deep datasets suitable for the testing of similar schemes. The process led to the creation of a larger dataset than those available for free online for minimal work, and showed that these datasets can be further expanded with only little additional effort. This larger dataset allowed for the creation of more representative recognition challenges. We were able to show that our implementation performed similarly to other non-commercial schemes. Further refinement will be necessary if this is to be compared to commercial applications.

Biometric

Fuzzy Extractor

Privacy

Dataset

Authentication

Face Image

An analysis of the doctor-patient relationship with reference to the celebrity or famous patient-issues pertaining to privacy and confidentiality

Mbedzi, Lufuno Kenneth

January 2019

No abstract / Mini Dissertation (MPhil)--University of Pretoria, 2019. / Public Law / MPhil / Unrestricted

UCTD

Celebrity or Famous patient

Confidentialty

Doctor patient relationship

Privacy

Surveillance Capitalism and Privacy: Exploring Explanations for the Failure of Privacy to Contest Surveillance Capitalism and the Implications for Democracy

Wohnhas, Lukas

January 2019

This paper explores the tension between privacy and surveillance capitalism and seeks to give explanations why privacy is not effective in limiting the influence of surveillance capitalism on personal autonomy and democracy. The methodology involves a deconstructive reading of the theories of privacy and surveillance capitalism. The analysis finds that there are (I) lacking means to control one’s subjection to data extraction that lead to a loss of privacy and autonomy, (II) social, psychological, or cultural influences determine the conception of privacy, (III) privacy management is individualistic and needs transparency of data-processing to function, and (IV) what constitutes a private situation is dependent on existing norms. The analysis further establishes that the foundation of democracy is at risk when privacy, and as such personal autonomy, are threatened. The analysis utilizes, among others, ideas of Marx and Foucault to explain the weakness of privacy. The findings suggest that the threat posed by surveillance capitalism towards autonomy and democracy should be framed as problem of liberty instead of privacy.

surveillance capitalism

privacy

autonomy

democracy

Social Sciences

Samhällsvetenskap

Exécutions de requêtes respectueuses de la vie privée par utilisation de composants matériels sécurisés / Privacy-Preserving Query Execution using Tamper Resistant Hardware

To, Quoc-Cuong

16 October 2015

Les applications actuelles, des systèmes de capteurs complexes (par exemple auto quantifiée) aux applications de e-commerce, acquièrent de grandes quantités d'informations personnelles qui sont habituellement stockées sur des serveurs centraux. Cette quantité massive de données personnelles, considéré comme le nouveau pétrole, représente un important potentiel pour les applications et les entreprises. Cependant, la centralisation et le traitement de toutes les données sur un serveur unique, où elles sont exposées aux indiscrétions de son gestionnaire, posent un problème majeur en ce qui concerne la vie privée.Inversement, les architectures décentralisées aident les individus à conserver le plein de contrôle sur leurs données, toutefois leurs traitements en particulier le calcul de requêtes globales deviennent complexes.Dans cette thèse, nous visons à concilier la vie privée de l'individu et l'exploitation de ces données, qui présentent des avantages manifestes pour la communauté (comme des études statistiques) ou encore des perspectives d'affaires. Nous promouvons l'idée de sécuriser l'acquisition des données par l'utilisation de matériel sécurisé. Grâce à ces éléments matériels tangibles de confiance, sécuriser des protocoles d'interrogation distribués permet d'effectuer des calculs globaux, tels que les agrégats SQL, sans révéler d'informations sensibles à des serveurs centraux.Cette thèse étudie le sous-groupe de requêtes SQL sans jointures et montre comment sécuriser leur exécution en présence d'attaquants honnêtes-mais-curieux. Cette thèse explique également comment les protocoles d'interrogation qui en résultent peuvent être intégrés concrètement dans une architecture décentralisée. Nous démontrons que notre approche est viable et peut passer à l'échelle d'applications de la taille d'un pays par un modèle de coût et des expériences réelles sur notre prototype, SQL/AA. / Current applications, from complex sensor systems (e.g. quantified self) to online e-markets acquire vast quantities of personal information which usually end-up on central servers. This massive amount of personal data, the new oil, represents an unprecedented potential for applications and business. However, centralizing and processing all one's data in a single server, where they are exposed to prying eyes, poses a major problem with regards to privacy concern.Conversely, decentralized architectures helping individuals keep full control of their data, but they complexify global treatments and queries, impeding the development of innovative services.In this thesis, we aim at reconciling individual's privacy on one side and global benefits for the community and business perspectives on the other side. It promotes the idea of pushing the security to secure hardware devices controlling the data at the place of their acquisition. Thanks to these tangible physical elements of trust, secure distributed querying protocols can reestablish the capacity to perform global computations, such as SQL aggregates, without revealing any sensitive information to central servers.This thesis studies the subset of SQL queries without external joins and shows how to secure their execution in the presence of honest-but-curious attackers. It also discusses how the resulting querying protocols can be integrated in a concrete decentralized architecture. Cost models and experiments on SQL/AA, our distributed prototype running on real tamper-resistant hardware, demonstrate that this approach can scale to nationwide applications.

Confidentialité

Matériel sécurisé

Protocole

Privacy

Secure hardware

Protocol

The influence of work station architecture on work perceptions and work behavior

true, Connie L.

01 January 1988

A field study was conducted to find whether open office architecture is related to employees' perceptions of their jobs and their work groups, and to their behavior in and around their work stations. Fifty-two employees in the administrative division of a large manufacturing operation volunteered to participate by answering a questionnaire and allowing their work stations to be analyzed for levels of visual access and visual exposure, the two independent variables. Access and exposure, at first theorized to be independent and interacting functions, were found to be too highly correlated in this open off ice setting to test as originally planned. The design was modified by combining the measures of access and exposure, thereby creating a new independent variable called visual information. Under the modified design, results supported a prediction that less visual information would correlate with more positive responses to survey items about employees' job characteristics, and a prediction that less visual information would correlate with higher rates of work station occupancy. But there was no support for a prediction that more visual information would correlate with more positive responses to survey items about employees' work groups, nor was there support for a prediction that more visual information would correlate with fewer numbers of personal items displayed at employees' work stations. Suggestions were made for more appropriate tests of the original design in order to determine whether visual access and visual exposure operate as independent and interacting dynamics.

Office layout

Visibility

Privacy

Organizational behavior

Architecture

Industrial and Organizational Psychology

Privacy-preserving and secure location authentication / Protocoles de sécurité pour établir les distances et authentifier la position pour les appareils mobiles

Traore, Moussa

07 July 2015

Avec l'avènement des systèmes basées sur la position, les systèmes d'aide au positionnement doivent répondre à de nouvelles exigences sécuritaires: authentifier la positon géographique annoncée par un utilisateur avant qu'il lui soit octroyé accès à une ressource géolocalisée. Dans cette thèse, nous nous intéressons à l'étude de protocoles de sécurité pouvant garantir l'authenticité de la position annoncée par un utilisateur sans la disponibilité au préalable d'une architecture de confiance. Un premier résultat de notre étude est la proposition d'un protocole délimiteur de distance basée sur la cryptographie asymétrique permettant à un noeud possédant une clé publique d'authentifier la partie détentrice de la clé privée associée, tout établissant une mesure de confiance sur la distance les séparant. La mesure de distance est résistante aux attaques par relais, par distance et aux attaques terroristes. Nous utilisons ensuite ce premier ré! sultat de recherche afin définir une architecture générique pour la collecte de preuves de localisation respectueuses de la vie privée. Nous définissons une preuve de localisation comme étant un certificat numérique attestant de la présence effective d'un individu à une position géographique à un instant donné. Les propriétés de la vie privée que nous garantissons par le biais de notre système sont: l'anonymat des utilisateurs, la non-chaînabilité de leurs actions à l'intérieur du système et une liaison forte entre chaque utilisateur et la preuve de localisation qui lui est associée. De plus, les preuves récoltées peuvent servir à prouver différentes granularité de la position associée. / With the advent of Location-Based-Systems, positioning systems must face new security requirements: how to guarantee the authenticity of the geographical positon announced by a user before granting him access to location-restricted! resources. In this thesis, we are interested in the study of ! security ! protocols that can ensure autheniticity of the position announced by a user without the prior availability of any form of trusted architecture. A first result of our study is the proposal for a distance-bounding protocol based on asymmetric cryptography which allows a node knowing a public key to authenticate the holder of the associated private key, while establishing confidence in the distance between them. The distance measurement procedure is sufficently secure to resist to well-known attacks such as relay attacks, distance-, mafia- and terrorist-attacks. We then use such distance-bounding protocol to define an architecture for gathering privacy friendly location proofs. We define a location proof as a digital certificate attesting of presence of an individual at a location at a given time. The privacy properties we garanty through the use of our system are: the anonymity of users, un-linkability of their actions within the system and a strong binding between each user ! and the localization proof it is associated. on last property of our system is the possibility to use the same location proof to demonstrate different granularity of the associated position.

Cryptographie

Localisation

Mobilité

Vie privée

Cryptograpy

Positioning

Mobility

Privacy

Analysis of key security and privacy concerns and viable solutions in Cloud computing

Ali, Ayaz

January 2019

Cloud Security and Privacy is the most concerned area in the development of newly advance technological domains like cloud computing, the cloud of things, the Internet of Things. However, with the growing popularity and diverse nature of these technologies, security and privacy are becoming intricate matters and affect the adoption of cloud computing. Many small and large enterprises are in conflict while migrating towards cloud technology and this is because of no proper cloud adoption policy guideline, generic solutions for system migration issues, systematic models to analyze security and privacy performance provided by different cloud models. Our proposed literature review focuses on the problems and identifies solutions in the category of security and privacy. A comprehensive analysis of various identified techniques published during 2010 – 2018 has been presented. We have reviewed 51 studies including research papers and systematic literature reviews on the factors of security and privacy. After analyzing, the papers have been classified into 5 major categories to get an appropriate solution for our required objectives of this study. This work will facilitate the researchers and as well the companies to select appropriate guideline while adopting cloud services.

Cloud computing

security

privacy

Hybrid

Engineering and Technology

Teknik och teknologier

Privacy Protection and Mobility Enhancement in Internet

Zhang, Ping

05 1900

Indiana University-Purdue University Indianapolis (IUPUI) / The Internet has substantially embraced mobility since last decade. Cellular data network carries majority of Internet mobile access traffic and become the de facto solution of accessing Internet in mobile fashion, while many clean-slate Internet mobility solutions were proposed but none of them has been largely deployed. Internet mobile users increasingly concern more about their privacy as both researches and real-world incidents show leaking of communication and location privacy could lead to serious consequences. Just the communication itself between mobile user and their peer users or websites could leak considerable privacy of mobile user, such as location history, to other parties. Additionally, comparing to ordinary Internet access, connecting through cellular network yet provides equivalent connection stability or longevity. In this research we proposed a novelty paradigm that leverages concurrent far-side proxies to maximize network location privacy protection and minimize interruption and performance penalty brought by mobility.To avoid the deployment feasibility hurdle we also investigated the root causes impeding popularity of existing Internet mobility proposals and proposed guidelines on how to create an economical feasible solution for this goal. Based on these findings we designed a mobility support system offered as a value-added service by mobility service providers and built on elastic infrastructure that leverages various cloud aided designs, to satisfy economic feasibility and explore the architectural trade-offs among service QoS, economic viability, security and privacy.

Internet

Cloud Computing

Edge Computing

Mobility Support

Privacy Protection

Modeling and Quantification of Profile Matching Risk in Online Social Networks

Halimi, Anisa

01 September 2021

No description available.

Computer Science