271 |
Towards a value theory for personal dataSpiekermann-Hoff, Sarah, Korunovska, Jana 03 1900 (has links) (PDF)
Analysts, investors and entrepreneurs have recognized the value of personal data for Internet economics. Personal data is viewed as the "oil" of the digital economy. Yet, ordinary people are barely aware of this. Marketers collect personal data at minimal cost in exchange for free services. But will this be possible in the long term, especially in the face of privacy concerns? Little is known about how users really value their personal data. In this paper, we build a user-centered value theory for personal data. On the basis of a survey experiment with 1269 Facebook users, we identify core constructs that drive the value of volunteered personal data. We find that privacy concerns are less influential than expected and influence data value mainly when people become aware of data markets. In fact, the consciousness of data being a tradable asset is the single most influential factor driving willingness-to-pay for data. Furthermore, we find that people build a sense of psychological ownership for their data and hence value it more. Finally, our value theory helps to unveil market design mechanisms that will influence how personal data markets thrive: First, we observe a majority of users become reactant if they are consciously deprived of control over their personal data; many drop out of the market. We therefore advice companies to consider user-centered data control tools to have them participate in personal data markets. Second, we find that in order to create scarcity in the market, centralized IT architectures (reducing multiple data copies) may be beneficial.
|
272 |
Integration with Outlook CalendarNisstany, Saman January 2018 (has links)
This report will be covering further development of the Realtime-Updated Dashboard made by two students for Flex Applications in VT2017. The task now is to integrate the Dashboard with Outlook calendar. A theoretical deepening into the General Data Protection Regulation was made due to recent development in the European Union. This was used to set strict guidelines for design, consent and security of the application. The application is a back-end service written mostly in C#, however some TypeScript language was used with Angular 2 framework along with LESS and HTML5. The application is developed as a stand-alone project as the Realtime-Updated Dashboard is now live in the system and it would pose a security risk for Flex which was a great opportunity to study and learn more about ASP.NET MVC model along with TypeScript, Angular2, LESS and HTML5. Integrating with Outlook calendar was just the first step, more calendars will be added in time. The main point of the application is to give the Realtime-Updated Dashboard added value and prove/show integration with Outlook calendar was possible.
|
273 |
Challenges Involved in the Implementation of the General Data Protection Regulation (GDPR) in an Information System Development Organization - An Exploratory Study.Kutserenko, Kristiina January 2018 (has links)
The General Data Protection Regulation (GDPR) is a key regulation that deals with the protection of personal data in the European Union. It will be enforced on May 25, 2018. The GDPR brings in significant changes compared to the previous Data Protection Directive 95/46/EC (DIR95). Therefore, the organizations that fall within the scope of the GDPR are required to make their information systems compliant. Due to the complexity of modern software and the magnitude of changes required for the successful adoption of the GDPR, adopting such requirements could be a challenging task. Various works have already been conducted in the past addressing different articles and principles of the GDPR. However, relatively new Legal Technology sector has not been the focus of the GDPR related research. The purpose of the thesis is to investigate how a Legal Technology organization is affected by the challenges of implementing GDPR related requirements into its information system. In order to address the aim of the study, a literature review was conducted, followed by a case study in Assently AB, a small-sized organization belonging to the Legal Technology industry. In order to gather detailed information about the challenges of implementing the GDPR in their information system, semi-structured interviews were conducted with the practitioners at Assently. The result of this study is a collection of challenges. This collection of challenges relates to understanding the regulation in order to implement it into information system, creating new tools and processes, reviewing existing tools and processes, human resource availability for the support, management and development of information system and facing possible customer-related issues. The study contributes to the GDPR and Legal Technology related research. Moreover, it can be used by the industry practitioners to prepare for the similar implementations in the future. Furthermore, it will be useful for the emerging Legal Technology organizations who may need to design their information systems in compliance with the GDPR.
|
274 |
Systèmes de cryptocalculs, compilation et support d’exécution / Cryptocomputing systems, compilation and runtimeFau, Simon 22 March 2016 (has links)
Notre approche dans cette thèse était d'identifier où le chiffrement complètement homomorphe (FHE) pouvait être utilisé pour le domaine des sciences informatiques et de construire une plate-forme expérimentale qui nous permette de tester des algorithmes de traitement de l'information manipulant des données chiffrées. La première partie de cette thèse est consacrée à l'état de l'art. Nous présentons d'abord les systèmes de chiffrement homomorphes conçus avant 2008, puis nous présentons ceux adressant la problématique du chiffrement complètement homomorphe. Nous décrivons plusieurs méthodes de chiffrement d'intérêt pour cette thèse et discutons de leurs implémentations FHE. Enfin, nous présentons des circuits de Yao car ils peuvent résoudre des problèmes similaires que le FHE et nous parlons brièvement du chiffrement fonctionnel (FE). La deuxième partie de cette thèse présente nos contributions. Nous commençons par expliquer comment le FHE peut être utile dans divers scénarios et décrivons plusieurs cas d'utilisation pratique identifiés au cours de la thèse. Ensuite, nous décrivons notre approche pour effectuer des calculs sur des données chiffrées à l'aide du FHE et expliquons comment nous avons pu développer une plate-forme pour l'exécution dans le domaine chiffré d'une large gamme d'algorithmes en s'appuyant seulement sur l'addition et la multiplication homomorphes. Nous détaillons ensuite notre solution pour effectuer des requêtes privées sur une base de données chiffrées en utilisant le chiffrement homomorphe. Dans un dernier chapitre, nous présentons nos résultats expérimentaux. / Our approach in this thesis was to identify where FHE could be used in computer science and to build an experimental platform that allow us to test real-life algorithm running on homomorphically-encrypted data. The first part of this thesis is dedicated to the state of the art. We first present homomorphic encryption schemes designed before 2008 and then move to the Fully Homomorphic Encryption period. We describe several schemes of interest for this thesis and discuss FHE implementations. Finally, we present Yao’s garbled circuits as they can solve similar problems as FHE and briefly talk about Functional Encryption (FE). The second part of this thesis is for our contributions to the subject. We begin by explaining how FHE can be useful in various scenarios and try to provide practical use cases that we identified during the thesis. Then, we describe our approach to perform computations on encrypted data using FHE and explain how we were able to build on just the homomorphic addition and multiplication a platform for the execution in the encrypted domain of a wide range of algorithms. We then detail our solution for performing private queries on an encrypted database using homomorphic encryption. In a final chapter, we present our experimental results.
|
275 |
A insciência do usuário na fase de coleta de dados: privacidade em foco / The lack of awareness of the user in the data collect phase: privacy in focusAffonso, Elaine Parra [UNESP] 05 July 2018 (has links)
Submitted by Elaine Parra Affonso (elaine_affonso@yahoo.com.br) on 2018-07-27T19:40:14Z
No. of bitstreams: 1
TESE_FINAL_27_07.pdf: 7225615 bytes, checksum: d2fc79d0116faacbbf780985663be725 (MD5) / Approved for entry into archive by Satie Tagara (satie@marilia.unesp.br) on 2018-07-27T20:15:34Z (GMT) No. of bitstreams: 1
affonso_ep_dr_mar.pdf: 7225615 bytes, checksum: d2fc79d0116faacbbf780985663be725 (MD5) / Made available in DSpace on 2018-07-27T20:15:34Z (GMT). No. of bitstreams: 1
affonso_ep_dr_mar.pdf: 7225615 bytes, checksum: d2fc79d0116faacbbf780985663be725 (MD5)
Previous issue date: 2018-07-05 / Não recebi financiamento / A coleta de dados tem se tornado uma atividade predominante nos mais diversos meios digitais, em que as redes de computadores, principalmente a Internet, são essenciais para essa fase. A fim de minimizar a complexidade envolvida no uso de aplicações e de meios de comunicação, a relação usuário-tecnologia tem sido apoiada por interfaces cada vez mais amigáveis, o que contribui para que a coleta de dados, muitas vezes, ocorra de forma imperceptível ao usuário, tornando-o insciente sobre a coleta realizada pelos detentores de dados, situação que pode ferir o direito à privacidade de usuários e de referenciados. Para proporcionar consciência sobre a coleta de dados aos usuários, ambientes digitais disponibilizam políticas de privacidade com informações sobre essa fase, buscando conformidade às leis e aos regulamentos que amparam a proteção de dados pessoais, muito representada na literatura acadêmica por meio de modelos e técnicas para anonimização. A insciência sobre a coleta de dados pode estabelecer como o indivíduo se preocupa em relação às ameaças à sua privacidade e quais são as atitudes que ele deveria ter para ampliar a proteção de seus dados, que também pode ser estimulada pela carência de ações e de pesquisas de diversas áreas do conhecimento. Diante do exposto, o objetivo desta tese é caracterizar o contexto que favorece a insciência do usuário enquanto alvo de fases de coleta de dados em ambientes digitais, considerando implicações de privacidade. Para tanto, adotou-se a pesquisa exploratória-descritiva, com abordagem qualitativa. Utilizou-se a triangulação metodológica, a partir do referencial teórico que abarca a anonimização na fase de coleta de dados; legislações que amparam a proteção de dados pessoais e a coleta de dados realizada por tecnologias. Em relação às pesquisas no âmbito de proteção de dados por anonimização, observou-se que existe uma carência de trabalhos na fase de coleta de dados, uma vez que, muitas pesquisas têm concentrado esforços no contexto de medidas para compartilhar dados anonimizados, e quando a anonimização se efetua na coleta de dados, a ênfase tem sido em relação a dados de localização. Muitas vezes, as legislações ao abordarem elementos que estão envolvidos com a fase de coleta, apresentam esses conceitos de modo generalizado, principalmente em relação ao consentimento sobre a coleta, inclusive, a própria menção a atividade de coleta, emerge na maioria das leis por meio do termo tratamento. A maior parte das leis não possui um tópico específico para a coleta de dados, fator que pode fortalecer a insciência do usuário no que tange a coleta de seus dados. Os termos técnicos como anonimização, cookies e dados de tráfego são mencionados nas leis de modo esparso, e muitas vezes não estão vinculados especificamente a fase de coleta. Os dados semi-identificadores se sobressaem na coleta de dados pelos ambientes digitais, cenário que pode ampliar ainda mais as ameaças a privacidade devido à possibilidade de correlação desses dados, e com isso, a construção de perfis de indivíduos. A opacidade promovida pela abstração na coleta de dados pelos dispositivos tecnológicos vai além da insciência do usuário, ocasionando incalculáveis ameaças à privacidade e ampliando, indubitavelmente, a assimetria informacional entre detentores de dados e usuários. Conclui-se que a insciência do usuário sobre sua interação com os ambientes digitais pode diminuir a autonomia para controlar seus dados e acentuar quebras de privacidade. No entanto, a privacidade na coleta de dados é fortalecida no momento em que o usuário tem consciência sobre as ações vinculadas aos seus dados, que devem ser determinadas pelas políticas de privacidade, pelas leis e pelas pesquisas acadêmicas, três elementos evidenciados neste trabalho que se configuram como participativos no cenário que propicia a insciência do usuário. / Data collection has become a predominant activity in several digital media, in which computer networks, especially the internet, are essential for this phase. In order to minimize the complexity involved in the use of applications and media, the relationship between user and technology has been supported by ever more friendly interfaces, which oftentimes contributes to that data collection often occurs imperceptibly. This procedure leads the user to lack of awareness about the collection performed by the data holders, a situation that may harm the right to the privacy of this user and the referenced users. In order to provide awareness about the data collection to the user, digital environments provide privacy policies with information on this phase, seeking compliance with laws and regulations that protect personal data, widely represented in the academic literature through models and techniques to anonymization in the phase of data recovery. The lack of awareness on the data collection can establish how the individual is concerned about threats to its privacy and what actions it should take to extend the protection of its data, which can also be stimulated by the lack of action and researches in several areas of the knowledge. In view of the above, the objective of this thesis is to characterize the context that favors the lack of awareness of the user while the target of data collection phases in digital environments, considering privacy implications. For that, the exploratory research was adopted, with a qualitative approach. The methodological triangulation was used, from the theoretical referential that includes the anonymization in the phase of the data collection; the legislation that supports the protection of personal data and the data collection performed by technologies. The results show that, regarding researches on data protection by anonymization, it was observed that there is an absence of works about the data collection phase, since many researches have concentrated efforts in the context of measures to share anonymized data. When anonymization is done in data collection, the emphasis has been on location data. Often, legislation when addressing elements that are involved with the collection phase, present these concepts in a generalized way, mainly in relation to the consent on the collection, including the very mention of the collection activity, emerges in most laws through the term treatment. Most laws do not have a specific topic for data collection, a factor that can strengthen user insight regarding the collection of their data. Technical terms such as anonymization, cookies and traffic data emerge in the laws sparingly and are often not specifically linked to the collection phase. The quasi-identifiers data stands out in the data collected by the digital environments, a scenario that can further extend the threats to privacy due to the possibility of a correlation of this data, and with this, the construction of profiles of individuals. The opacity promoted by abstraction in data collection by computer networks goes beyonds the lack of awareness of the user, causing incalculable threats to its privacy and undoubtedly widening the informational asymmetry among data keepers and users. It is concluded that user insight about their interaction with digital environments can reduce the autonomy to control their data and accentuates privacy breaches. However, privacy in data collection is strengthened when the user is aware of the actions linked to its data, which should be determined by privacy policies, laws and academic research, i.e, three elements evidenced in this work that are constitute as participatory in the scenario that provides the lack of awareness of the user.
|
276 |
Dataskyddsförordningens påverkan på företags marknadsföringsarbete : Nya regler för företag som hanterar personuppgifter / The impact of GDPR on companies’ marketing: New rules for companies that handle personal dataAndersson, Ellinor, Wessberger, Fredrika January 2018 (has links)
Inledning: Det har blivit allt svårare att skydda personuppgifter på grund av den snabbt växande tekniska utvecklingen. Personuppgifter flödar mellan länder i stor utsträckning vilket ställer krav på ett mer sammanhängande dataskydd inom Europeiska unionen. Den 25 maj 2018 kommer en ny EU-förordning att träda i kraft. Förordningen kommer att gälla i alla EU:s medlemsländer och heter GDPR som står för General Data Protection Regulation. Lagändringen kommer att bidra till en striktare hantering och behandling av personuppgifter och därav stärka den enskilda personens integritet. Hur lagändringen kommer att påverka företags arbete med marknadsföring är en fråga som har växt fram. Syfte : Syftet med kandidatuppsatsen är att få kunskap om hur företagen anpassar sig efter den förändring som GDPR medför och om förändringar behöver göras i företagens marknadsföringsarbete på grund av GDPR. Metod : Uppsatsens angreppssätt är induktivt och det empiriska materialet är insamlat med hjälp av kvalitativa intervjuer. Totalt har nio intervjuer utförts, tre mailintervjuer och sex telefonintervjuer. Företagen som har medverkat i den här studien arbetar med marknadsföring och hanterar personuppgifter. Resultat : De intervjuade företagen tror inte att deras marknadsföring kommer att påverkas avsevärt. Några företag har och kommer att ändra vissa delar i kommunikationen till kunden, som till exempel ändra medlemsvillkor, rensa personuppgifter samt förändringar i utskick och nyhetsbrev. För att förbereda sig inför lagändringen har de flesta företagen arbetat med att utbilda anställda samt rensa i sina register. / Introduction : It has become increasingly difficult to protect personal data due to the rapidly evolving technological development. Personal data flow between countries to a large extent, which requires more coherent data protection within the European Union. In May 25th 2018, a new EU regulation will come into force. The regulation will apply in all EU member states and is called GDPR, the General Data Protection Regulation. The regulation will contribute to an increasingly rigorous handling and processing of personal data and hence strengthen the individual's integrity. How the change of law will affect business's marketing efforts is a matter that has emerged. Purpose: The purpose of this bachelor thesis is to gain knowledge of how companies adapt to the change that GDPR entails and whether changes need to be made in corporate marketing efforts due to GDPR. Method: The bachelor thesis is inductive and the empirical material is collected using qualitative interviews. A total of nine interviews have been conducted, three mail interviews and six telephone interviews. The companies that have participated in this study works with marketing and handles personal data. Results: The interviewed companies in the study do not believe that their marketing will be significantly affected. Some companies have and will change certain parts of the communication to the customer, such as changing member terms, clearing personal information, and changes in email and newsletters. In order to get GDPR compliant, most companies educate their employees and clean and enhance their registers.
|
277 |
User control of personal data : A study of personal data management in a GDPR-compliant grahpical user interface / Användares kontroll över personuppgifter : En studie i hanteringen av personuppgifter i ett GDPR-kompatibelt grafiskt användargränssnittOlausson, Michaela January 2018 (has links)
The following bachelor thesis explores the design of a GDPR (General Data Protection Regulation) compliant graphical user interface, for an administrative school system. The work presents the process of developing and evaluating a web-based prototype, a platform chosen because of its availability. The aim is to investigate if the design increases the caregivers perception of being in control over personal data, both their own and data related to children in their care. The methods for investigating this subject are grounded in real world research, using both quantitative and qualitative methods. The results indicate that the users perceive the prototype to be useful, easy to use, easy to learn and that they are satisfied with it. The results also point towards the users feeling of control of both their own and their child’s personal data when using the prototype. The users agree that a higher sense of control also increases their sense of security.
|
278 |
Analysmodell för inbyggt dataskydd och dataskydd som standardÖkvist, Nicklas, Furberg, Max January 2017 (has links)
No description available.
|
279 |
Möjligheter och utmaningar för företag i systemutvecklingsbranschen med införandet av GDPRLång, Anders, Lindstedt, Viktor January 2017 (has links)
Den 25 Maj 2018 kommer det två decennier gamla dataskyddsdirektivet att ersättas av EU:s nya dataskyddsförordning, General Data Protection Regulation (GDPR). Förordningens syfte är att ge ett skydd för fysiska personers personuppgifter vid hantering av sådana. Förordningen har för avsikt att harmonisera lagstiftningen gällande dataskydd mellan medlemsländer i unionen. I dagsläget är det svårt att tyda vad som gäller rättsligt länder emellan. Det råder även en oklarhet kring förordningen och hur företag ser på dess utmaningar och eventuella möjligheter samt vad som motiverar företagen till efterlevnad. För att uppnå efterlevnad krävs åtgärder inom en rad olika områden, däribland utbildning av personal vilket kommer behandlas mer utförligt i denna studie. Syftet med denna studie är att undersöka hur företag inom branschen bemöter förordningen idag. Mer specifikt, vilka möjligheter och utmaningar företag ser med förordningen, problematiken med lagtolkning, vad som motiverar dem till efterlevnad samt hur de hanterar utbildning av sina anställda för att uppnå detta. Studien är en kvalitativ studie som utförts genom semi-strukturerade intervjuer. Informanter från tre systemutvecklande företag har intervjuats och den data som samlades in har sedan analyserat med hjälp av studiens teoretiska ram. Denna ram består av en sammanfattning av den nya dataskyddsförordningen samt teorier kring efterlevnad, lagtolkning och utbildning av anställda. Slutligen kommer studien fram till att de olika företagen ser i stort likadant på vad som motiverar dem till efterlevnad. Det är den sociala faktorn som är den primära drivkraften till att uppnå efterlevnad för företagen. De alla tar även upp den ekonomiska faktorn vilket kan ses som naturligt med tanke på de sanktioner förordningen medför vid ett lagbrott. När det kommer till lagtolkning och utbildning är företag A och B identiska medans företag C skiljer sig helt. Vilka möjligheter och utmaningar som nämns av de olika företagen presenteras i en tabell i textens sjätte kapitel.
|
280 |
Marcas d'agua visuais em mapas vetoriais / Visual watermarks in vector mapsMarques, Douglas Aurelio 18 August 2005 (has links)
Orientador: Ricardo Dahab / Dissertação (mestrado profissional) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-05T07:11:57Z (GMT). No. of bitstreams: 1
Marques_DouglasAurelio_M.pdf: 13879454 bytes, checksum: 61f725430da8735d7655d56cf241e32b (MD5)
Previous issue date: 2005 / Resumo: Com a proliferação dos sistemas de informação geográfica (GIS) e a disponibilidade crescente de dados espaciais, empresas de vários segmentos têm tido a oportunidade de criar bases de dados geográficas para uso próprio ou fornecimento de serviços. A representação de informações nessas bases de dados se dá através de mapas em formato vetorial, produzidos geralmente a um alto custo, mas de fácil reprodução. Este trabalho tem como objetivo a apresentação de um novo método para inserção de marcas d'água visuais em mapas vetoriais digitais, para combater a cópia e a distribuição ilegais desse tipo de mídia. Neste novo método, a marca d'água, formada pelos pixels de uma imagem, é inserida em um mapa através de deslocamentos controlados de suas coordenadas. A detecção da marca d'água em um mapa é feita com a extração da imagem inserida e sua comparação com a original. Vários experimentos práticos mostram que o método é bastante resistente a diversos tipos de ataque, como cropping, adição de coordenadas, alteração da ordem das entidades, inserção de ruído, transformações locais e globais e combinações desses ataques / Abstract: The proliferation of geographic information systems (GIS) and the increasing availability of spatial data makes it possible to create geographic databases for a large variety of ends and services. The information in these databases is represented by digital vector maps which are expensive to produce, but easy to copy. In this work we present a new method for embedding visual watermarks into digital vector maps to counter illegal copying and distribution of these digital contents. In this new method, the watermark, formed by pixels of an image, is embedded within a map by controlled displacements of its coordinates. The detection of the watermark within a map is accomplished by extracting the embedded image and comparing it with the original one. Many experiments show that the method has good resiliency against attacks such as cropping, coordinate addition, entity order scrambling, random noise insertion, global and local transformations and some combinations of these attacks / Mestrado / Engenharia de Computação / Mestre Profissional em Computação
|
Page generated in 0.1325 seconds