An extended attribute based access control model with trust and privacy: Application to a collaborative crisis management system

Many efforts in the area of computer security have been drawn to attribute-based access control (ABAC). Compared to other adopted models, ABAC provides more granularity, scalability, and flexibility. This makes it a valuable access control system candidate for securing platforms and environments used for coordination and cooperation among organizations and communities, especially over open networks such as the Internet. On the other hand, the basic ABAC model lacks provisions for context, trust and privacy issues, all of which are becoming increasingly critical, particularly in high performance distributed collaboration environments. This paper presents an extended access control model based on attributes associated with objects and subjects. It incorporates trust and privacy issues in order to make access control decisions sensitive to the cross-organizational collaboration context. Several aspects of the proposed model are implemented and illustrated by a case study that shows realistic ABAC policies in the domain of distributed multiple organizations crisis management systems. Furthermore, the paper shows a collaborative graphical tool that enables the actors in the emergency management system to make better decisions. The prototype shows how it guarantees the privacy of object’s attributes, taking into account the trust of the subjects. This tool incorporates a decision engine that relies on attribute based policies and dynamic trust and privacy evaluation. The resulting platform demonstrates the integration of the ABAC model, the evolving context, and the attributes of actors and resources.     

“I agree to the terms and conditions”: (How) do users read privacy policies online? An eye-tracking experiment

Privacy policies are widely used by online service providers to regulate the use of personal data they collect, but users often skip on reading them and are unaware of the way information about them is being treated, and how they can control the ways in which that information is collected, stored or shared. Eye tracking methodology was used to test if a default presentation of a policy encourages reading it, and how the document is being read by users. Results show that when a privacy policy is presented by default, participants tend to read it quite carefully, while when given the option to sign their agreement without reading the policy, most participants skip the policy altogether. Surprisingly, participants who actively choose to read the policy spend significantly less time and effort on reading it than participants in the default condition. Finally, default policy presentation was significantly related to understanding user rights and restrictions on the use of personal data.     

Understanding the privacy behavior of adolescents on Facebook: The role of peers,popularity and trust

We study whether peer influence processes, popularity and trust predict privacy settings on Facebook. We use large-scale survey data from 3434 Dutch adolescents combined with observed privacy behavior on Facebook. The findings show that peer influence processes play a role and that adolescents imitate the privacy settings of their peers in the classroom. Such imitation processes are particularly pronounced for highly connected classrooms. The results show that more popular adolescents in the classroom are more likely to publicly display their Facebook profiles. Furthermore, we find that low-trust groups (ethnic minorities, lower educated and younger adolescents, and girls) more frequently opt for private Facebook profiles.     

Trust, privacy, and legal protection in the use of software with surreptitiously installed operations: An empirical evaluation

The class of software which is “surreptitiously installed on a user’s computer and monitors a user’s activity and reports back to a third party on that behavior” is referred to as spyware “(Stafford and Urbaczewski in Communications of the AIS 14:291–306, 2004)”. It is a strategic imperative that software vendors, who either embed surreptitious data collection and other operations in legitimate software applications or whose software is unwittingly used as a delivery vehicle for surreptitious operations, understand users’ perceptions of trust, privacy, and legal protection of such software to remain competitive. This paper develops and tests a research model to explore application software users’ perceptions in the use of software with embedded surreptitious operations. An experiment was undertaken to examine whether the presence of spyware in application software impacts users’ perceptions and beliefs about trustworthiness of the application software, privacy control of the software vendor, United States legal protection, and overall trust of the software vendor. The results indicate users of software with spyware, versus users of software without spyware, have lower trust perceptions of a software vendor. Further examination of trustworthiness as a multi-dimensional construct reveals a software vendor’s competence in appropriately using private user information collected and the user’s belief that the vendor will abide by acceptable principles in information exchange are important influences in gaining users’ overall trust in a vendor. User trust in software utilization is critical for a software vendor’s success because without it, users may avoid a vendor’s software should the presence of spyware be discovered. Software vendors should respond to the strategic necessity to gain users’ trust. Vendors must institute proactive and protective measures to demonstrate that their software should be trusted. These protections could take the form of technological approaches or government legislation, or both.

The personalization privacy paradox: An exploratory study of decision making process for location-aware marketing

Despite the vast opportunities offered by location-aware marketing (LAM), mobile customers' privacy concerns appear to be a major inhibiting factor in their acceptance of LAM. This study extends the privacy calculus model to explore the personalization-privacy paradox in LAM, with considerations of personal characteristics and two personalization approaches (covert and overt). Through an experimental study, we empirically validated the proposed model. Results suggest that the influences of personalization on the privacy risk/benefit beliefs vary upon the type of personalization systems (covert and overt), and that personal characteristics moderate the parameters and path structure of the privacy calculus model.     

Examining the impact of privacy, trust and risk perceptions beyond monetary transactions: An integrated model

Much interest in privacy and trust studies is about shopping, but privacy research in other forms of online activities is beginning to emerge. This study examined the antecedents of privacy, trust and risk as well as their joint effect on two similar but fundamentally different activities: online transactions and retrieval of privileged information. Both activities involve the delivery of private user information, but the latter gives some leeway for users to control (or even falsify) their true identity. User shopping experience in the present study moderated the relationships and strengths of constructs. The effect of Internet literacy, social awareness and disposition to trust on privacy concern and trust was weaker for experienced shoppers. Privacy concern, trust and risk assessment played a lesser role on the two activity variables for those who were more experienced. Perceived privacy risk stood out as a strong antecedent for respondents in both experience groups, but the effect of Internet literacy, social awareness and disposition on trust was statistically insignificant for the same group. Further practical and managerial implications are provided.     

Privacy is dead,get over it! 1 Information privacy and the dream of a risk-free society

The use of information and communications technology and the ‘digitalisation’ of everyday tasks has resulted in a paradigm shift where vast amounts of personal information about individuals, their opinions and habits is generated and stored in the databases of those providing online services. The mere existence of those data pools has created ‘unwholesome’ desires in both private and public organisations which cover that data for their own purposes. This article looks at the way in which the ‘market value’ of privacy seems to be falling as individuals are persuaded to disclose information about themselves in order to minimise real or perceived risks. It examines the way in which our perception of risk has changed in recent years and the way in which that perception may be manipulated. It analyses the link between risk perception, data processing and individual concepts of privacy as well as the dangers that increased privacy intrusion represents for the relationship between the individual and the state and the relationship between citizens.     

Institutional boundaries and trust of virtual teams in collaborative design: An experimental study in a virtual world environment

Members of virtual teams often collaborate within and across institutional boundaries. This research investigates the effects of boundary spanning conditions on the development of team trust and team satisfaction. Two hundred and eighty-two participants carried out a collaborative design task over several weeks in a virtual world, Second Life. Multigroup structural equation modeling was used to examine our research model, which compares individual level measurement between two boundary spanning team conditions. The results indicate that trusting beliefs have a positive impact on team trust, which in turn, influences team satisfaction. Further, we found that, compared to cross-boundary teams, within-boundary teams exhibited not only higher trusting beliefs and higher satisfaction with the collaboration process but also a stronger relationship between team trust and team satisfaction. These results suggest that trust and group theories need to be interpreted in light of institutional affiliation and contextual variables. An important practical implication is that trust can be fostered in a virtual world environment and collaboration on complex tasks can be carried out effectively in virtual worlds. However, within-boundary virtual teams are preferred over cross-boundary virtual teams if satisfaction with the collaboration process is of the highest priority.     

Synthetic data generation: State of the art in health care domain

Recent progress in artificial intelligence and machine learning has led to the growth of research in every aspect of life including the health care domain. However, privacy risks and legislations hinder the availability of patient data to researchers. Synthetic data (SD) has been regarded as a privacy-safe alternative to real data and has lately been employed in many research and academic endeavors. This growing body of research needs to be consolidated for the researchers and practitioners to gain a quick and fruitful comprehension of the state of the art in synthetic data generation in health care. The purpose of this study is to collate and synthesize the current state of synthetic data generation following a narrative review of 70 peer-reviewed studies discussing privacy-preserving synthetic medical data generation techniques. The literature shows the effectiveness of synthetic datasets for different applications in research, academics, and testing according to existing statistical and task-based utility metrics. However, the focus on longitudinal synthetic data seems deficient. Moreover, a unified metric for generic quality assessment of synthetic data is lacking. The results of this review will serve as a quick reference guide for the researchers and practitioners in the healthcare domain to select a suitable synthetic data strategy for their application based on its strengths and weaknesses and pave the path for further research and development in healthcare.     

Trust in automation: Part I. Theoretical issues in the study of trust and human intervention in automated systems

Abstract

Today many systems are highly automated. The human operator's role in these systems is to supervise the automation and intervene to take manual control when necessary. The operator's choice of automatic or manual control has important consequences for system performance, and therefore it is important to understand and optimize this decision process. One important determinant of operators' choice of manual or automatic control may be their degree of trust in the automation. However, there have been no experimental tests of this hypothesis until recently, nor is there a model of human trust in machines to form a theoretical foundation for empirical studies. In this paper a model of human trust in machines is developed, taking models of trust between people as a starting point, and extending them to the human-machine relationship. The resulting model defines human trust in machines and specifies how trust changes with experience on a system, providing a framework for experimental research on trust and human intervention in automated systems.     

ePASS: An expressive attribute-based signature scheme with privacy and an unforgeability guarantee for the Internet of Things

The Internet of Things (IoT) provides anywhere, anything, anytime connections, for which user privacy is vulnerable and authentication methods that favor policy over attributes are essential. Thus, a signature scheme that considers user privacy and implements an attributes policy is required. Emerging attribute-based signature (ABS) schemes allow a requester of a resource to generate a signature with attributes satisfying the policy without leaking more information. However, few existing approaches simultaneously achieve an expressive policy and security under the standard Diffie–Hellman assumption. Here we describe ePASS, a novel ABS scheme that uses an attribute tree and expresses any policy consisting of AND, OR threshold gates under the computational Diffie–Hellman problem. Users cannot forge signatures with attributes they do not possess, and the signature provides assurance that only a user with appropriate attributes satisfying the policy can endorse the message, resulting in unforgeability. However, legitimate signers remain anonymous and are indistinguishable among all users whose attributes satisfy the policy, which provides attribute privacy for the signer. Compared to existing schemes, our approach delivers enhanced performance by reducing the computational cost and signature size.     

Hierarchical entity-relationship diagrams: the model,method of creation and experimental evaluation

A bottom-up method for creating a hierarchy of entity-relationship diagrams (HERD) from a given, flat ER diagram (ERD) is proposed. The hierarchy consists of simple and interrelated diagrams—ER structures—with external relationships to other structures. The HERD-tree diagram, which provides the most general view of the conceptual schema, is located at the top of the hierarchy. The method is based on packaging operations, which group entities and relationships according to certain criteria. These operations are applied in several steps on a given (presumably large-scale) ERD. We describe the new constructs, which are added to the ER model to enable the creation of HERD, and a bottom-up method for creating HERD. We also evaluate HERD from the point of view of user comprehension and preference, based on an experimental comparison to flat ERDs.

A step toward STEP-compatible engineering data management: the data models of product structure and engineering changes

In an iterative design process, there is a large amount of engineering data to be processed. Well-managed engineering data can ensure the competitiveness of companies in the competitive market. It has been recognized that a product data model is the basis for establishing engineering database. To fully support the complete product data representation in its life cycle, an international product data representation and exchange standard, STEP, is applied to model the representation of a product. In this paper, the architecture of an engineering data management (EDM) system is described, which consists of an integrated product database. There are six STEP-compatible data models constructed to demonstrate the integratibility of EDM system using common data modeling format. These data models are product definition, product structure, shape representation, engineering change, approval, and production scheduling. These data models are defined according to the integrated resources of STEP/ISO 10303 (Parts 41-44), which support a complete product information representation and a standard data format. Thus, application systems, such as CAD/CAM and MRP systems, can interact with the EDM system by accessing the database based on the STEP data exchange standard.