Zhi-Yu Peng,Shan-Ping Li

DOI: https://doi.org/10.1109/icmlc.2008.4620616

2008-01-01

Abstract:As pervasive computing leading to an increased collection of information in the computational world as well as the real world, privacy leaking becomes a serious issue. Although privacy protection has drawn great attention in recent years, the privacy-preserving trust management has not been brought forward. Credential chain discovery problem is the key issue in trust management, and traditionally credentials are full open in the whole system. This could expose users' access control policies as well as other private information, and leads to a great risk of being cheated by malicious users. This paper advocates a privacy-preserving credential chain discovery mechanism, in which credentials are no longer available to everyone. By merely learning credentials of one's logic neighbors, this mechanism still achieves good results. The simulations show that this mechanism is practical.

Chao Wu,Yike Guo

DOI: https://doi.org/10.1109/bigdata.2013.6691688

2013-01-01

Abstract:Personal data collection is becoming pervasive these days, these data has the risk of being abused by current application and application marketplace model, because only the price of application is explicitly indicated without clear agreement on usage of data, and the granularity of data access authentication is not enough to protect users privacy. In this short paper, we propose a new model of user data privacy. Data usage of the application is explicitly shown, and controlled by an authentication service, to protect users from the abuse of their data, especially in mobile application.

Yajin Zhou,Xinwen Zhang,Xuxian Jiang,Vincent W. Freeh

DOI: https://doi.org/10.1007/978-3-642-21599-5_7

2011-01-01

Abstract:Smartphones have been becoming ubiquitous and mobile users are increasingly relying on them to store and handle personal information. However, recent studies also reveal the disturbing fact that users' personal information is put at risk by (rogue) smartphone applications. Existing solutions exhibit limitations in their capabilities in taming these privacy-violating smartphone applications. In this paper, we argue for the need of a new privacy mode in smartphones. The privacy mode can empower users to flexibly control in a fine-grained manner what kinds of personal information will be accessible to an application. Also, the granted access can be dynamically adjusted at runtime in a fine-grained manner to better suit a user's needs in various scenarios (e.g., in a different time or location). We have developed a system called TISSA that implements such a privacy mode on Android. The evaluation with more than a dozen of information-leaking Android applications demonstrates its effectiveness and practicality. Furthermore, our evaluation shows that TISSA introduces negligible performance overhead.

Wentian Lu,Jun Li,Xianping Tao,Xiaoxing Ma,Jian Lu

DOI: https://doi.org/10.1007/11907503_11

2006-01-01

Abstract:In ubiquitous and pervasive computing, after data owner’s information is collected, data collector should be careful of disclosing data owner’s information for privacy reasons. In this paper, we present requirements and challenges when designing solutions for such data collector end protection. Policies, accuracy and anonymity of context should be all taken into account. Based on this, we design a middleware Shadow for user controllable privacy protection, which is deployed on data collectors who have large volume of data and powerful computation abilities. Shadow has a contextual rule based access control policy mechanism, enriched with methods of generating blurred context and guaranteeing information anonymous, and we implement it under an ontology based context model.

Zhihui Wang,Siqin Li,Xuchen Zhou,Yu Wang,Wenbiao Xing,Yun Zhu,Zijing Tan,Wei Wang

DOI: https://doi.org/10.1007/978-3-030-59419-0_59

2020-01-01

Abstract:The wide spread and sharing of considerable information promotes the development of many industries such as the health care and so on. However, data owners should pay attention to the problem of privacy preservation during the sharing of data. A risk assessment system is presented in this paper. The system can assess the risk of privacy disclosure due to the sharing of data, and help data owners to evaluate whether it is safe or not to share the data.

Edoardo M Airoldi,Xue Bai,Bradley A Malin

DOI: https://doi.org/10.1016/j.dss.2010.11.014

2011-04-01

Abstract:We live in an increasingly mobile world, which leads to the duplication of information across domains. Though organizations attempt to obscure the identities of their constituents when sharing information for worthwhile purposes, such as basic research, the uncoordinated nature of such environment can lead to privacy vulnerabilities. For instance, disparate healthcare providers can collect information on the same patient. Federal policy requires that such providers share "de-identified" sensitive data, such as biomedical (e.g., clinical and genomic) records. But at the same time, such providers can share identified information, devoid of sensitive biomedical data, for administrative functions. On a provider-by-provider basis, the biomedical and identified records appear unrelated, however, links can be established when multiple providers' databases are studied jointly. The problem, known as trail disclosure, is a generalized phenomenon and occurs because an individual's location access pattern can be matched across the shared databases. Due to technical and legal constraints, it is often difficult to coordinate between providers and thus it is critical to assess the disclosure risk in distributed environments, so that we can develop techniques to mitigate such risks. Research on privacy protection has so far focused on developing technologies to suppress or encrypt identifiers associated with sensitive information. There is growing body of work on the formal assessment of the disclosure risk of database entries in publicly shared databases, but a less attention has been paid to the distributed setting. In this research, we review the trail disclosure problem in several domains with known vulnerabilities and show that disclosure risk is influenced by the distribution of how people visit service providers. Based on empirical evidence, we propose an entropy metric for assessing such risk in shared databases prior to their release. This metric assesses risk by leveraging the statistical characteristics of a visit distribution, as opposed to person-level data. It is computationally efficient and superior to existing risk assessment methods, which rely on ad hoc assessment that are often computationally expensive and unreliable. We evaluate our approach on a range of location access patterns in simulated environments. Our results demonstrate the approach is effective at estimating trail disclosure risks and the amount of self-information contained in a distributed system is one of the main driving factors.

Yang Lu,Shujun Li,Athina Ioannou,Iis Tussyadiah

DOI: https://doi.org/10.48550/arXiv.1909.09942

2019-09-22

Cryptography and Security

Abstract:Although there are privacy-enhancing tools designed to protect users' online privacy, it is surprising to see a lack of user-centric solutions allowing privacy control based on the joint assessment of privacy risks and benefits, due to data disclosure to multiple platforms. In this paper, we propose a conceptual framework to fill the gap: aiming at the user-centric privacy protection, we show the framework can not only assess privacy risks in using online services but also the added values earned from data disclosure. Through following a human-in-the-loop approach, it is expected the framework provides a personalized solution via preference learning, continuous privacy assessment, behavior monitoring and nudging. Finally, we describe a case study towards "leisure travelers" and several future areas to be studied in the ongoing project.

Zike Cao,Kai-Lung Hui,Hong Xu

DOI: https://doi.org/10.1287/isre.2017.0744

IF: 4.9

2018-01-01

Information Systems Research

Abstract:We study a novel privacy concern, i.e., peer disclosure of sensitive personal information in online social communities. We model peer disclosure as the imposition of a negative externality on other people. Our model encompasses the benefits of posting information, positive externalities in the form of recognition and entertainment benefits due to others' sharing of information, and heterogeneous privacy preferences. We find that regulation of peer disclosure is necessary. We consider two candidate regulations, i.e., nudging and quotas. Nudging reduces user participation and privacy harm and sometimes improves social welfare. By contrast, imposing a quota often improves user participation, privacy protection, and social welfare. Adding a nudge on top of a quota does not bring additional benefits. We show that any regulation that uniformly controls the disclosure of sensitive and nonsensitive information will not serve the triple objectives of reducing privacy harm, increasing social welfare, and increasing information contribution. We derive a necessary condition for solutions that can fulfill these three objectives. We also compare the incentives of the platform owner and social planner and draw related managerial and policy implications.The online appendix is available at https://doi.org/10.1287/isre.2017.0744.

Zude Li,Xiaojun Ye

DOI: https://doi.org/10.4018/jisp.2008100101

2008-01-01

International Journal of Information Security and Privacy

Abstract:This article introduces a formal study on access-unrestricted data anonymity. It includes four aspects: (1) analyzes the impacts of anonymity on data usability; (2) quantitatively measures privacy disclosure risks in practical environment; (3) discusses the factors resulting in privacy disclosure; and (4) proposes the improved anonymity solutions within typical k-anonymity model, which can effectively prevent privacy disclosure that is related with the published data properties, anonymity principles, and anonymization rules. With the experiments, the authors have proven the existence of these potential privacy inference violations as well as the enhanced privacy effect by the new anti-inference policies for access-unrestricted data publication.

Li Kuang,Yujia Zhu,Shuqi Li,Xuejin Yan,Han Yan,Shuiguang Deng

DOI: https://doi.org/10.1155/2018/3486529

IF: 1.968

2018-01-01

Security and Communication Networks

Abstract:With the rapid development of sensor acquisition technology, more and more data are collected, analyzed, and encapsulated into application services. However, most of applications are developed by untrusted third parties. Therefore, it has become an urgent problem to protect users’ privacy in data publication. Since the attacker may identify the user based on the combination of user’s quasi-identifiers and the fewer quasi-identifier fields result in a lower probability of privacy leaks, therefore, in this paper, we aim to investigate an optimal number of quasi-identifier fields under the constraint of trade-offs between service quality and privacy protection. We first propose modelling the service development process as a cooperative game between the data owner and consumers and employing the Stackelberg game model to determine the number of quasi-identifiers that are published to the data development organization. We then propose a way to identify when the new data should be learned, as well, a way to update the parameters involved in the model, so that the new strategy on quasi-identifier fields can be delivered. The experiment first analyses the validity of our proposed model and then compares it with the traditional privacy protection approach, and the experiment shows that the data loss of our model is less than that of the traditional k-anonymity especially when strong privacy protection is applied.

Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/tvt.2006.877704

2005-01-01

Abstract:Privacy and security are two important but seemingly contradict objectives in pervasive computing environments (PCEs). On the one hand, service providers want to authenticate service users and make sure they are accessing only authorized services in a legitimate way. On the other hand, users want to maintain necessary privacy without being tracked down for wherever they are and whatever they are doing. In this paper we propose a novel privacy enhanced authentication and access control scheme to secure the interactions between mobile users and services in PCEs. The proposed scheme seamlessly integrates two underlying cryptographic primitives, blind signature and hash chain, into a highly flexible and lightweight authentication and key establishment protocol. It provides explicit mutual authentication between a user and a service, while allowing the user to anonymously interact with the service. Differentiated service access control is also enabled in the proposed scheme by classifying mobile users into different service groups.

Ron S. Jarmin,John M. Abowd,Robert Ashmead,Ryan Cumings-Menon,Nathan Goldschlag,Michael B. Hawes,Sallie Ann Keller,Daniel Kifer,Philip Leclerc,Jerome P. Reiter,Rolando A. Rodríguez,Ian Schmutte,Victoria A. Velkoff,Pavel Zhuravlev

DOI: https://doi.org/10.1073/pnas.2220558120

2023-10-14

Abstract:The use of formal privacy to protect the confidentiality of responses in the 2020 Decennial Census of Population and Housing has triggered renewed interest and debate over how to measure the disclosure risks and societal benefits of the published data products. Following long-established precedent in economics and statistics, we argue that any proposal for quantifying disclosure risk should be based on pre-specified, objective criteria. Such criteria should be used to compare methodologies to identify those with the most desirable properties. We illustrate this approach, using simple desiderata, to evaluate the absolute disclosure risk framework, the counterfactual framework underlying differential privacy, and prior-to-posterior comparisons. We conclude that satisfying all the desiderata is impossible, but counterfactual comparisons satisfy the most while absolute disclosure risk satisfies the fewest. Furthermore, we explain that many of the criticisms levied against differential privacy would be levied against any technology that is not equivalent to direct, unrestricted access to confidential data. Thus, more research is needed, but in the near-term, the counterfactual approach appears best-suited for privacy-utility analysis.

Cryptography and Security,Econometrics,Methodology

S. Shyam Sundar,Jinyoung Kim,Mary Beth Rosson,Maria D. Molina

DOI: https://doi.org/10.1145/3313831.3376854

2020-04-21

Abstract:Online users' attitudes toward privacy are context-dependent. Studies show that contextual cues are quite influential in motivating users to disclose personal information. Increasingly, these cues are embedded in the interface, but the mechanisms of their effects (e.g., unprofessional design contributing to more disclosure) are not fully understood. We posit that each cue triggers a specific "cognitive heuristic" that provides a rationale for decision-making. Using a national survey (N = 786) that elicited participants' disclosure intentions in common online scenarios, we identify 12 distinct heuristics relevant to privacy, and demonstrate that they are systematically associated with information disclosure. Data show that those with a higher accessibility to a given heuristic are more likely to disclose information. Design implications for protection of online privacy and security are discussed.

Kai Li,Liangqi Cheng,Ching-I Teng

DOI: https://doi.org/10.1016/j.ipm.2019.102128

2020-01-01

Abstract:Private information disclosure on social networking sites (SNS) is one of the most important and active issues in the information management arena. The growing phenomenon of platforms requiring users to disclose personal information exposes the limitations of previous studies that only focus on users' voluntary disclosure. In this study, we define two modes of users' private information disclosure behavior: voluntary sharing and mandatory provision. Using the Communication Privacy Management theory, we built a framework to explain the impact of individual characteristics, context, motivation, and benefit–risk ratio on the user's willingness to disclose voluntarily or mandatorily. Our research shows that voluntary sharing is more likely to be driven by positive factors, such as perceived benefits, social network size, and personalization, while mandatory provision is affected by individual characteristics such as age, privacy policy, and perceived risks. One of our interesting findings is that perceived risk has less impact on voluntary sharing than previous studies suggested. When encouraging users to share information voluntarily, platforms do not need to pay as much attention to reducing perceived risk as in the mandatory providing mode, but should focus on improving perceived benefits. Being the first to classify and compare the private information disclosure modes of SNS users, our research enriches the existing literature and opens up new avenues for researchers and social networking platforms.

computer science, information systems,information science & library science

Xiang Gong,Kem Z.K. Zhang,Chongyang Chen,Christy M.K. Cheung,Matthew K.O. Lee

DOI: https://doi.org/10.1108/itp-03-2018-0132

2019-11-05

Information Technology and People

Abstract:Purpose Drawing on the control agency theory and the network effect theory, the purpose of this paper is to examine the effect of privacy assurance approaches, network externality and technology complementarity on consumers’ self-disclosure in mobile payment (MP) applications. The authors identify four types of privacy assurance approaches: perceived effectiveness of privacy setting, perceived effectiveness of privacy policy, perceived effectiveness of industry self-regulation and perceived effectiveness of government legislation. The research model considers how these privacy assurance approaches influence privacy concerns and consumers’ self-disclosure in MP applications under boundary conditions of network externality and technology complementarity. Design/methodology/approach An online survey with 647 sample users was conducted to empirically validate the model. The target respondents were current consumers of a popular MP application. The empirical data were analyzed by a structural equation modeling approach. Findings The empirical results reveal several major findings. First, privacy assurance approaches can effectively decrease privacy concerns, which ultimately formulates consumers’ self-disclosure in MP applications. Second, network externality and technology complementarity weaken the effect of perceived effectiveness of privacy setting on privacy concerns. Third, network externality and technology complementarity strengthen the relationship between perceived effectiveness of government legislation and privacy concerns, while they have non-significant interaction effect with perceived effectiveness of privacy policy and industry self-regulation on privacy concerns. Practical implications MP providers and stakeholders can harness the efficacy of privacy assurance approaches in alleviating privacy concerns and promoting consumers’ self-disclosure in MP applications. Originality/value The authors’ work contributes to the information privacy literature by identifying effective privacy assurance approaches in promoting consumers’ self-disclosure in MP applications, and by highlighting boundary conditions of these privacy assurance approaches.

Yang Xu,Quanrun Zeng,Guojun Wang,Cheng Zhang,Ju Ren,Yaoxue Zhang

DOI: https://doi.org/10.1007/978-3-030-05345-1_31

2018-01-01

Abstract:The emerging attribute-based access control (ABAC) mechanism is an expressive, flexible, and manageable authorization technique that is particularly suitable for current distributed, inconstant and complex service-oriented scenarios. Unfortunately, the inevitable disclosure of attributes that carry sensitive information bring significant risks to users' privacy, which obstructs the further development and popularization of the ABAC severely. In this paper, we propose an effective privacy-preserving ABAC (P-ABAC) scheme to defend against privacy leakage risks of users' attributes. In the P-ABAC approach, the necessary sensitive attributes are securely handled on the service requester side by using the homomorphic encryption method for privacy protection. And meanwhile, the service provider is still able to make accurate access decisions according to the received attribute ciphertext and pre-set policies with the help of the homomorphic encryption-based secure multi-party computation techniques, while learning no privacy information. The theoretical analysis proves that our model contributes to making an efficient and effective ABAC model with the enhanced privacy-protection feature.

Xiao-Bai Li,Srinivasan Raghunathan

DOI: https://doi.org/10.1016/j.dss.2013.10.006

IF: 6.969

2014-03-01

Decision Support Systems

Abstract:Organizations today regularly share their customer data with their partners to gain competitive advantages. They are also often requested or even required by a third party to provide customer data that are deemed sensitive. In these circumstances, organizations are obligated to protect the privacy of the individuals involved while still benefiting from sharing data or meeting the requirement for releasing data. In this study, we analyze the tradeoff between privacy and data utility from the perspective of the data owner. We develop an incentive-compatible mechanism for the data owner to price and disseminate private data. With this mechanism, a data user is motivated to reveal his true purpose of data usage and acquire the data that suits to that purpose. Existing economic studies of information privacy primarily consider the interplay between the data owner and the individuals, focusing on problems that occur in the <i>collection</i> of private data. This study, however, examines the privacy issue facing a data owner organization in the <i>distribution</i> of private data to a third party data user when the real purpose of data usage is unclear and the released data could be misused.

computer science, information systems, artificial intelligence,operations research & management science

Jin Chen,Jerry Wenjie Ping,Yunjie (Calvin) Xu,Bernard C. Y. Tan

DOI: https://doi.org/10.1109/tem.2015.2432117

IF: 8.702

2015-01-01

IEEE Transactions on Engineering Management

Abstract:In online social networks, because one's private information can be co-owned and disclosed by peers, a new type of privacy concern, i.e., information privacy concern about peer disclosure (IPCPD), looms large. Should a member of an online social network be offered decision control to veto ex-ante the disclosure of his/her information by peers? There has been no theoretical research on the effectiveness of decisional control to alleviate such a privacy concern. Drawing on the communication privacy management perspective and the impression management theory, this study proposes a three-way interaction effect among three important antecedents of IPCPD: 1) decisional control; 2) image discrepancy (i.e., the degree to which the disclosed information portrays an unfavorable image of the disclosed person); and 3) social network overlap between the disclosed person and the discloser. Our experimental study reveals significant findings. When image discrepancy is low, decisional control is helpful only when the social network overlap between the disclosed one and the discloser is low. When image discrepancy is high, decisional control is helpful only when the social network overlap between the disclosed one and the discloser is high. This study contributes to a theory of privacy concern about peer disclosure in the context of online social networks.

Yang Shengyong

DOI: https://doi.org/10.1155/2022/7501906

2022-08-08

Mobile Information Systems

Abstract:With the development of information and cloud computing technology, the global data volume shows an explosive growth trend. Information has become the “circulating currency” supporting the data operation analysis of various industries, and it is the key for the website platform to obtain the core competitiveness. However, with the expansion of network transaction scale, information disclosure problems between various network platforms begin to appear. Users will continue to receive various marketing emails, SMS, and even harassing calls, which has brought great problems to users’ life and led to users’ refusal to disclose personal information. The network platform cannot obtain accurate information from users, so it cannot analyze and predict the bias of user behavior to provide personalized services, which undoubtedly hinders the development of the network platform. Therefore, how to promote users’ information disclosure has become an urgent problem for network platform managers. Based on the multidimensional development theory, combined with the factors at the website and user level, this paper discusses its influencing factors and mechanism and develops the relevant research on privacy disclosure in a more in-depth and comprehensive way. Then, this paper studies corporate social responsibility. Stakeholders such as the government, the media, consumers, and the public all hope that enterprises will bear more social responsibility while obtaining economic benefits. Based on the analysis of relevant technologies of cloud computing network platform, this paper studies the information disclosure and corporate social responsibility of network platform so as to solve the existing problems.

computer science, information systems,telecommunications

Shugang Li,Ruoxuan Li,Boyi Zhu,Beiyan Zhang,Jiayi Li,Fang Liu,Yanfang Wei

DOI: https://doi.org/10.1177/20552076231219444

2023-01-01

Digital Health

Abstract:Objective The aim is to investigate the determinants and mechanisms that influence user's highly sensitive privacy disclosure intention (HSPDI) in home intelligent health service system (HIHSS). Methods This study improves the privacy calculus theory by considering the influence of service providers’ trust enhancement mechanism besides benefit and risk factors and investigates their impact on users’ HSPDIs. This study takes perceived valence and perceived security as the trade-off result among perceived benefits, perceived risks, financial trust enhancement mechanism, and the technical trust enhancement mechanism and suggests that perceived valence and perceived security further affect users’ HSPDI in HIHSS. Moreover, the common and differential effects of the perceived justice of privacy violation compensation (PJOPVC) and the perceived effectiveness of privacy protection technologies (PEOPPTs) are studied. The structural equation model is used to analyze 204 valid samples to test the proposed model. Results The results show that perceived benefits and perceived risks are important predictors of perceived valence and perceived security, and further affect users’ HSPDI. We find PJOPVC has a greater impact on perceived valence while PEOPPT has a greater impact on perceived security. Conclusions We recommend that the HSPDI of users with low perceived valence can be improved by providing privacy violation compensation while the HSPDI of users with low perceived security can be enhanced by popularizing relevant knowledge of privacy protection technologies.

public, environmental & occupational health,health care sciences & services,medical informatics,health policy & services