Protect You More Than Blank: Anti-Learning Sensitive User Information in the Social Networks

Social networks are getting more and more attention in recent years. People join social networks to share their information with others. However, due to the different cultures and backgrounds, people have different requirements on what kind of information should be published. Currently, when social network websites publish data, they just leave the information that a user feels sensitive blank. This is not enough due to the existence of the label-structure relationship. A group of analyzing algorithms can be used to learn the blank information with high accuracy. In this paper, we propose a personalized model to protect private information in social networks. Specifically, we break the label-structure association by slightly changing the edges in some users’ neighborhoods. More importantly, in order to increase the usability of the published graph, we also preserve the influence value of each user during the privacy protection. We verify the effectiveness of our methods through extensive experiments. The results show that the proposed methods can protect sensitive labels against learning algorithms and at the same time, preserve certain graph utilities.     

ANGEL: Enhancing the Utility of Generalization for Privacy Preserving Publication

Generalization is a well-known method for privacy preserving data publication. Despite its vast popularity, it has several drawbacks such as heavy information loss, difficulty of supporting marginal publication, and so on. To overcome these drawbacks, we develop ANGEL,1 a new anonymization technique that is as effective as generalization in privacy protection, but is able to retain significantly more information in the microdata. ANGEL is applicable to any monotonic principles (e.g., l-diversity, t-closeness, etc.), with its superiority (in correlation preservation) especially obvious when tight privacy control must be enforced. We show that ANGEL lends itself elegantly to the hard problem of marginal publication. In particular, unlike generalization that can release only restricted marginals, our technique can be easily used to publish any marginals with strong privacy guarantees.     

Information Privacy and the MIS Manager

As major vendors ready their distributed computing strategies and products, commercial users are attempting to define their own architectural directions. And, depending on a business's current and future systems and the degree of integration pursued, the road to cooperative, distributed systems may prove lengthy and costly. This column examines the distributed systems strategies of some vendors and the requirements of the business market they are fighting for.     

Information systems support for healthcare quality: Part II

In the second and final part of his series of quality management, healthcare information systems consultant Peter Spitzer, M.D., describes how I/S can support quality healthcare services by improving the care-delivery process and by providing the data needed for quality support, monitoring and management.     

On the Battlefield and in the Marketplace,Information Warfare is Much More Than Attacking Computers: Part 2 of 4

Although the government hasn’t declared war, your information environment (IE) is under siege. Attacks against and defence of the IE, from mundane physical to sophisticated virtual, is Information Warfare (IW). The competition and others are using a vast array of tools and techniques to probe, steal, degrade, deny and/or destroy your IE’s physical and virtual realms on a daily — even hourly — basis.     

The InfoSec Officer and Protecting Online Privacy: Part 2

In last month’s column we discussed the topic of InfoSec officer and online privacy. It is an important subject and possibly more important than protecting the ‘crown jewels’ of the corporation. Some reading the column maybe thought that yes, it was important, but I had overdone it a bit — life and death and all that sort of rot. Well, like it or not, it is true. Once more, look at history and what compiled lists of personal information in the wrong hands led to in the past. Just ask any of the Jewish people who lived in Europe in the 1930s and 1940s.     

The InfoSec Officer and Protecting Online Privacy: Part 1

Today, because of computer networks and especially the Internet, many people are talking about privacy — the right to keep your personal information private. However, like InfoSec, everyone is talking about it but it is still a low priority for businesses and government agencies. In fact, for some, obtaining private information is a lucrative business and often a necessity in the competitive world for customers.     

Opportunistic Encryption: A Trade-Off between Security and Throughput in Wireless Networks

Wireless network security based on encryption is widely prevalent at this time. However, encryption techniques do not take into account wireless network characteristics such as random bit errors due to noise and burst errors due to fading. We note that the avalanche effect that makes a block cipher secure also causes them to be sensitive to bit errors. This results in a fundamental trade-off between security and throughput in encryption based wireless security.1 Further, if there is an adversary with a certain attack strength present in the wireless network, we see an additional twist to the security-throughput trade-off issue. In this paper, we propose a framework called opportunistic encryption that uses channel opportunities (acceptable signal to noise ratio) to maximize the throughput subject to desired security constraints. To illustrate this framework and compare it with some current approaches, this paper presents the following: 1) mathematical models to capture the security-throughput trade-off, 2) adversary models and their effects, 3) joint optimization of encryption and modulation (single and multirate), 4) the use of forward error correcting (FEC) codes to protect encrypted packets from bit errors, and 5) simulation results for Rijndael cipher. We observe that opportunistic encryption produces significant improvement in the performance compared to traditional approaches.     

Privacy on the Web: facts, challenges, and solutions

Despite important regulatory and technical efforts aimed at tackling aspects of the problem, privacy violation incidents on the Web continue to hit the headlines. The authors outline the salient issues and proposed solutions, focusing on generic Web user's Web privacy.     

医疗信息隐私保护的研究进展

近年来,医疗数据的泄露事件频发,人们越来越关注医疗数据的信息安全问题。医疗信息隐私保护的相关研究也在逐渐增多,但是文献回顾的文章十分匮乏。本文首先厘清了隐私、患者隐私和患者隐私权的相关概念,然后通过梳理医疗隐私保护伦理、法律法规及隐私保护技术三个方面的成果,阐述当前的研究进展,最后,对医疗隐私保护研究中存在的问题进行简要总结,以期为后续研究提供参考。     

Information Seeking Spoken Dialogue Systems— Part II: Multimodal Dialogue

For pt.1see ibid., vol. 9, p. 3 (2007). In this paper, the task and user interface modules of a multimodal dialogue system development platform are presented. The main goal of this work is to provide a simple, application-independent solution to the problem of multimodal dialogue design for information seeking applications. The proposed system architecture clearly separates the task and interface components of the system. A task manager is designed and implemented that consists of two main submodules: the electronic form module that handles the list of attributes that have to be instantiated by the user, and the agenda module that contains the sequence of user and system tasks. Both the electronic forms and the agenda can be dynamically updated by the user. Next a spoken dialogue module is designed that implements the speech interface for the task manager. The dialogue manager can handle complex error correction and clarification user input, building on the semantics and pragmatic modules presented in Part I of this paper. The spoken dialogue system is evaluated for a travel reservation task of the DARPA Communicator research program and shown to yield over 90% task completion and good performance for both objective and subjective evaluation metrics. Finally, a multimodal dialogue system which combines graphical and speech interfaces, is designed, implemented and evaluated. Minor modifications to the unimodal semantic and pragmatic modules were required to build the multimodal system. It is shown that the multimodal system significantly outperforms the unimodal speech-only system both in terms of efficiency (task success and time to completion) and user satisfaction for a travel reservation task     

Self-Smart, Part II: Career Smart

In the last issue, the author described how to be self-smart, with an emphasis on being work smart. In this issue, we focus on being career smart, which consists of the following mantras: "a big fish in a small pond beats the reverse," "hop to a more opportune pond," and "don't polish a sneaker." The aim is to find organizations and specialties in which your strength gives you the opportunity to jump onto a career fast track.     

Who Are the Experts, and What Have They Done for Us Lately?

Gaining the recognition for the security and privacy field as an assemblage of experts requires more than a simple assertion of expertise and a declaration of standards. We must be able to objectively assess our own performance, individually and as a whole, and determine if we are, as a field, improving computer security.