共查询到20条相似文献,搜索用时 27 毫秒
1.
Ubiquitous computing contains a huge promise for more intelligent services that are available anywhere and are able to dynamically
adapt to the users’ current context. However, what necessarily follows such an environment is the compromising of the users’
privacy. We aim at analyzing this complex issue by applying and extending Altman’s theoretical privacy framework, well known
in social sciences, to privacy in ubicomp. Altman understands privacy as a two-way interactive process, which makes the approach
promising in analyzing ubicomp where people, devices and the environment interact with each other. We point out similarities
between the existing model and the features of ubicomp environment, and verify the results by applying and analyzing the resulting
extended framework to typical ubicomp use cases. Based on the analysis, we argue that privacy in ubicomp can be modeled similarly
to privacy in general by extending the model to cover such factors as mediation and non-human actors.
相似文献
2.
The increasing use of personal information on Web-based applications can result in unexpected disclosures. Consumers often have only the stated Web site policies as a guide to how their information is used, and thus on which to base their browsing and transaction decisions. However, each policy is different, and it is difficult—if not impossible—for the average user to compare and comprehend these policies. This paper presents a taxonomy of privacy requirements for Web sites. Using goal-mining, the extraction of pre-requirements goals from post-requirements text artefacts, we analysed an initial set of Internet privacy policies to develop the taxonomy. This taxonomy was then validated during a second goal extraction exercise, involving privacy policies from a range of health care related Web sites. This validation effort enabled further refinement to the taxonomy, culminating in two classes of privacy requirements: protection goals and vulnerabilities. Protection goals express the desired protection of consumer privacy rights, whereas vulnerabilities describe requirements that potentially threaten consumer privacy. The identified taxonomy categories are useful for analysing implicit internal conflicts within privacy policies, the corresponding Web sites, and their manner of operation. These categories can be used by Web site designers to reduce Web site privacy vulnerabilities and ensure that their stated and actual policies are consistent with each other. The same categories can be used by customers to evaluate and understand policies and their limitations. Additionally, the policies have potential use by third-party evaluators of site policies and conflicts. 相似文献
3.
A bewildering number of proposals have offered solutions to the privacy problems inherent in RFID communication. This article
tries to give an overview of the currently discussed approaches and their attributes.
相似文献
4.
The class of software which is “surreptitiously installed on a user’s computer and monitors a user’s activity and reports
back to a third party on that behavior” is referred to as spyware “(Stafford and Urbaczewski in Communications of the AIS
14:291–306, 2004)”. It is a strategic imperative that software vendors, who either embed surreptitious data collection and
other operations in legitimate software applications or whose software is unwittingly used as a delivery vehicle for surreptitious
operations, understand users’ perceptions of trust, privacy, and legal protection of such software to remain competitive.
This paper develops and tests a research model to explore application software users’ perceptions in the use of software with
embedded surreptitious operations. An experiment was undertaken to examine whether the presence of spyware in application
software impacts users’ perceptions and beliefs about trustworthiness of the application software, privacy control of the
software vendor, United States legal protection, and overall trust of the software vendor. The results indicate users of software
with spyware, versus users of software without spyware, have lower trust perceptions of a software vendor. Further examination
of trustworthiness as a multi-dimensional construct reveals a software vendor’s competence in appropriately using private
user information collected and the user’s belief that the vendor will abide by acceptable principles in information exchange
are important influences in gaining users’ overall trust in a vendor. User trust in software utilization is critical for a
software vendor’s success because without it, users may avoid a vendor’s software should the presence of spyware be discovered.
Software vendors should respond to the strategic necessity to gain users’ trust. Vendors must institute proactive and protective
measures to demonstrate that their software should be trusted. These protections could take the form of technological approaches
or government legislation, or both.
相似文献
5.
A number of mobile applications have emerged that allow users to locate one another. However, people have expressed concerns
about the privacy implications associated with this class of software, suggesting that broad adoption may only happen to the
extent that these concerns are adequately addressed. In this article, we report on our work on P eopleF inder, an application that enables cell phone and laptop users to selectively share their locations with others (e.g. friends,
family, and colleagues). The objective of our work has been to better understand people’s attitudes and behaviors towards
privacy as they interact with such an application, and to explore technologies that empower users to more effectively and
efficiently specify their privacy preferences (or “policies”). These technologies include user interfaces for specifying rules
and auditing disclosures, as well as machine learning techniques to refine user policies based on their feedback. We present
evaluations of these technologies in the context of one laboratory study and three field studies.
相似文献
6.
This viewpoint argues that the introduction of most computer-based system to an organization transforms the organization and
changes the work patterns of the system’s users in the organization. These changes interact with the users’ values and beliefs
and trigger emotional responses which are sometimes directed against the software system and its proponents. A requirements
engineer must be aware of these emotions.
相似文献
7.
Hitchcock (2001a) argues that the distinction between singular and general causation conflates the two distinctions ‘actual causation vs. causal tendencies’ and ‘wide vs. narrow causation’. Based on a recent regularity account of causation I will show that Hitchcock’s introduction of the two distinctions is an unnecessary multiplication of causal concepts. 相似文献
8.
Collaboration and coordination between organizations are necessary in today’s business environment, and are enabled by inter-organizational
processes. Many approaches for the construction of such processes have been proposed in recent years. However, due to the
lack of standard terminology it is hard to evaluate and select a solution that fits a specific business scenario. The paper
proposes a conceptual model which depicts the nature of interaction between organizations through business processes under
specific business requirements that emphasize the privacy and autonomy of the participating organizations. The model is generic,
and relies on the generic process model (GPM) framework and on Bunge’s ontology. Being generic and theory-based, we propose
to use the model as a basis for comparing and evaluating design and implementation-level approaches for inter-organizational
processes. We demonstrate the evaluation procedure by applying it to three existing approaches.
Johny Ghattas
is currently a PhD student in the Management Information Systems department in the University of Haifa in Israel. He has an
M.Sc. in Telecommunication Engineering from the University of Valladolid in Spain, and an MBA from the Edinburgh Business
College. In his professional life, Johny specializes in business process management, requirement engineering, and enterprise
architecture design and implementation. His current research deals with the establishment of a business process learning framework.
Pnina Soffer
is a lecturer in the Management Information Systems department in the University of Haifa in Israel. She received her Ph.D.
from the Technion—Israel Institute of Technology in 2002. In her Ph.D. thesis she developed a requirement-driven approach
to the alignment of enterprise processes and an ERP system. Pnina also has industrial experience as a production engineer
and as an ERP consultant. Her current research areas are formal methods for business process modeling, conceptual modeling,
and requirements engineering. 相似文献
9.
With the recent adoption of service outsourcing, there have been increasing general demands and concerns for privacy control,
in addition to basic requirement of integration. The traditional practice of a bulk transmission of the customers’ information
to an external service provider is no longer adequate, especially in the finance and healthcare sectors. From our consultancy
experience, application-to-application privacy protection technologies at the middleware layer alone are also inadequate to
solve this problem, particularly when human service providers are heavily involved in the outsourced process. Therefore, we
propose a layered architecture and a development methodology for enforcing end-to-end privacy control policies of enterprises
over the export of personal information. We illustrate how Web services, augmented with updated privacy facilities such as
Service Level Agreement (SLA), Platform for Privacy Preferences Project (P3P), and the P3P Preference Exchange Language (APPEL),
can provide a suitable interoperation platform for service outsourcing. We further develop a conceptual model and an interaction
protocol to send only the required part of a customer’s record at a time. We illustrate our approach for end-to-end privacy
control in service outsourcing with a tele-marketing case study and show how the software of the outsourced call center can
be integrated effectively with the Web services of a bank to protect privacy.
相似文献
10.
Laws set requirements that force organizations to assess the security and privacy of their IT systems and impose them to implement
minimal precautionary security measures. Several IT solutions (e.g., Privacy Enhancing Technologies, Access Control Infrastructure,
etc.) have been proposed to address security and privacy issues. However, understanding why, and when such solutions have
to be adopted is often unanswered because the answer comes only from a broader perspective, accounting for legal and organizational
issues. Security engineers and legal experts should analyze the business goals of a company and its organizational structure
and derive from there the points where security and privacy problems may arise and which solutions best fit such (legal) problems.
The paper investigates the methodological support for capturing security and privacy requirements of a concrete health care
provider.
相似文献
11.
This paper reports on a survey amongst software groups in a multinational organization. The survey was initiated by the Software
Process Improvement (SPI) Steering Committee of Philips, a committee that monitors the status and quality of software process
improvement in the global organization. The paper presents and discusses improvement targets, improvement drivers, and metrics,
and the degree to that they are being recognized in the software groups. The improvement targets ‘increase predictability’
and ‘reduce defects’ are being recognized as specifically important, joined for Capability Maturity Model (CMM) level three
groups by ‘increase productivity’ and ‘reduce lead time’. The set of improvement drivers that was used in the survey appears
to be valid. Three improvement drivers that were rated highest were: ‘commitment of engineering management’, ‘commitment of
development staff, and ‘sense of urgency’. Finally, it could be seen that metrics activity, both in size and in quality, increases
significantly for CMM level three groups. However, no consensus regarding what metrics should be used can be seen.
相似文献
12.
This paper discusses how a new technology (designed to help pupils with learning about Shakespeare’s Macbeth) is introduced and integrated into existing classroom practices. It reports on the ways through which teachers and pupils
figure out how to use the software as part of their classroom work. Since teaching and learning in classrooms are achieved
in and through educational tasks (what teachers instruct pupils to do) the analysis explicates some notable features of a particular task (storyboarding one
scene from the play). It is shown that both ‘setting the task’ and ‘following the task’ have to be locally and practically
accomplished and that tasks can operate as a sense-making device for pupils’ activities. Furthermore, what the task ‘is’,
is not entirely established through the teacher’s initial formulation, but progressively clarified through pupils’ subsequent
work, and in turn ratified by the teacher.
相似文献
13.
This paper gives a simple benchmarking procedure for companies wishing to develop measures for software quality attributes
of software artefacts. The procedure does not require that a proposed measure is a consistent measure of a quality attribute.
It requires only that the measure shows agreement most of the time. The procedure provides summary statistics for measures of quality attributes of a software artefact. These statistics can
be used to benchmark subjective direct measurement of a quality attribute by a company’s software developers. Each proposed
measure is expressed as a set of error rates for measurement on an ordinal scale and these error rates enable simple benchmarking
statistics to be derived. The statistics can also be derived for any proposed objective indirect measure or prediction system
for the quality attribute. For an objective measure or prediction system to be of value to the company it must be ‘better’
or ‘more objective’ than the organisation’s current measurement or prediction capability; and thus confidence that the benchmark’s
objectivity has been surpassed must be demonstrated. By using Bayesian statistical inference, the paper shows how to decide whether a
new measure should be considered ‘more objective’ or whether a prediction system’s predictive capability can be considered
‘better’ than the current benchmark. Furthermore, the Bayesian inferential approach is easy to use and provides clear advantages
for quantifying and inferring differences in objectivity.
相似文献
14.
Nowadays data mining plays an important role in decision making. Since many organizations do not possess the in-house expertise
of data mining, it is beneficial to outsource data mining tasks to external service providers. However, most organizations
hesitate to do so due to the concern of loss of business intelligence and customer privacy. In this paper, we present a Bloom
filter based solution to enable organizations to outsource their tasks of mining association rules, at the same time, protect
their business intelligence and customer privacy. Our approach can achieve high precision in data mining by trading-off the
storage requirement.
This research was supported by the USA National Science Foundation Grants CCR-0310974 and IIS-0546027.
相似文献
15.
To get the maximum benefit from ambient intelligence (AmI), we need to anticipate and react to possible drawbacks and threats
emerging from the new technologies in order to devise appropriate safeguards. The SWAMI project took a precautionary approach
in its exploration of the privacy risks in AmI and sought ways to reduce them. It constructed four “dark scenarios” showing
possible negative implications of AmI, notably for privacy protection. Legal analysis of the depicted futures showed the shortcomings
of the current legal framework in being able to provide adequate privacy protection in the AmI environment. In this paper,
the authors, building upon their involvement in SWAMI research as well as the further advancement of EU privacy analysis,
identify various outstanding issues regarding the legal framework that still need to be resolved in order to deal with AmI
in an equitable and efficacious way. This article points out some of the lacunae in the legal framework and postulates several
privacy-specific safeguards aimed at overcoming them.
相似文献
16.
Japan has more robots than any other country with robots contributing to many areas of society, including manufacturing, healthcare,
and entertainment. However, few studies have examined Japanese attitudes toward robots, and none has used implicit measures.
This study compares attitudes among the faculty of a US and a Japanese university. Although the Japanese faculty reported
many more experiences with robots, implicit measures indicated both faculties had more pleasant associations with humans.
In addition, although the US faculty reported people were more threatening than robots, implicit measures indicated both faculties
associated weapons more strongly with robots than with humans. Despite the media’s hype about Japan’s robot ‘craze,’ response
similarities suggest factors other than attitude better explain robot adoption. These include differences in history and religion,
personal and human identity, economic structure, professional specialization, and government policy. Japanese robotics offers
a unique reference from which other nations may learn.
相似文献
17.
Operations Support Systems (OSS) have been a critical component of any telecommunications company’s business plan. In this
paper we examine the history of OSS from the perspectives of maturing support for problem domains, enabling technologies,
and system integration. Finally, we will look at the problems posed by the coming “everything over IP” networks, the changing
communications provider landscape and the impact on operations support systems.
相似文献
18.
We consider the emergence of hybrid ecologies, which marry mixed reality environments and ubiquitous computing environments
together to bridge the physical-digital divide. Hybrid ecologies are new class of digital ecology that merge multiple environments,
physical and digital, together. Collaboration in these emerging environments is characterized by ‘fragmented interaction’
in that it is mediated by interaction mechanisms that are differentially distributed. Unpacking the collaborative nature of
fragmented interaction requires that we uncover the ordinary interactional competences that users exploit to make differentially
distributed mechanisms of interaction work and the distributed practices that articulate ‘seamful’ representations and provide
for awareness and coordination.
相似文献
19.
This paper presents the results of case studies evaluating a method of unifying use cases (UCs) to derive a unified statechart
model of the behavior of the domain of a proposed computer-based system. An evaluation of the unification method, the obtained
statechart model of the domain, the method’s and model’s feedback on the UCs themselves, and how the method is used in requirements
engineering practice was carried out by examining 58 software requirements specifications produced by 189 upper-year undergraduate
and graduate students. The results of these studies independently confirm some of the benefits of building a unified SC mentioned
in the works of Glinz; Whittle and Schumann; and Harel, Kugler, and Pnueli.
相似文献
20.
To participate in meaningful privacy practice in the context of technical systems, people require opportunities to understand the extent of the systems alignment with relevant practice and to conduct discernible social action through intuitive or sensible engagement with the system. It is a significant challenge to design for such understanding and action through the feedback and control mechanisms of todays devices. To help designers meet this challenge, we describe five pitfalls to beware when designing interactive systems—on or off the desktop—with personal privacy implications. These pitfalls are: (1) obscuring potential information flow, (2) obscuring actual information flow, (3) emphasizing configuration over action, (4) lacking coarse-grained control, and (5) inhibiting existing practice. They are based on a review of the literature, on analyses of existing privacy-affecting systems, and on our own experiences in designing a prototypical user interface for managing privacy in ubiquitous computing. We illustrate how some existing research and commercial systems—our prototype included—fall into these pitfalls and how some avoid them. We suggest that privacy-affecting systems that heed these pitfalls can help users appropriate and engage them in alignment with relevant privacy practice. 相似文献
|