| 1. |
- Ahmadi Mehri, Vida, 1980-
(författare)
-
Towards Secure Collaborative AI Service Chains
- 2019
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- At present, Artificial Intelligence (AI) systems have been adopted in many different domains such as healthcare, robotics, automotive, telecommunication systems, security, and finance for integrating intelligence in their services and applications. The intelligent personal assistant such as Siri and Alexa are examples of AI systems making an impact on our daily lives. Since many AI systems are data-driven systems, they require large volumes of data for training and validation, advanced algorithms, computing power and storage in their development process. Collaboration in the AI development process (AI engineering process) will reduce cost and time for the AI applications in the market. However, collaboration introduces the concern of privacy and piracy of intellectual properties, which can be caused by the actors who collaborate in the engineering process. This work investigates the non-functional requirements, such as privacy and security, for enabling collaboration in AI service chains. It proposes an architectural design approach for collaborative AI engineering and explores the concept of the pipeline (service chain) for chaining AI functions. In order to enable controlled collaboration between AI artefacts in a pipeline, this work makes use of virtualisation technology to define and implement Virtual Premises (VPs), which act as protection wrappers for AI pipelines. A VP is a virtual policy enforcement point for a pipeline and requires access permission and authenticity for each element in a pipeline before the pipeline can be used. Furthermore, the proposed architecture is evaluated in use-case approach that enables quick detection of design flaw during the initial stage of implementation. To evaluate the security level and compliance with security requirements, threat modeling was used to identify potential threats and vulnerabilities of the system and analyses their possible effects. The output of threat modeling was used to define countermeasure to threats related to unauthorised access and execution of AI artefacts.
|
|
| 2. |
- Berthold, Stefan, 1982-
(författare)
-
Towards Inter-temporal Privacy Metrics
- 2011
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Informational privacy of individuals has significantly gained importance after information technology has become widely deployed. Data, once digitalised, can be copied and distributed at negligible costs. This has dramatic consequences for individuals that leave traces in form of personal data whenever they interact with information technology. The right of individuals for informational privacy, in particular to control the flow and use of their personal data, is easily undermined by those controlling the information technology. The objective of this thesis is the measurement of informational privacy with a particular focus on scenarios where an individual discloses personal data to a second party, the data controller, which uses this data for re-identifying the individual within a set of others, the population. Several instances of this scenario are discussed in the appended papers, most notably one which adds a time dimension to the scenario for modelling the effects of the time passed between data disclosure and usage. This extended scenario leads to a new framework for inter-temporal privacy metrics. The common dilemma of all privacy metrics is their dependence on the information available to the data controller. The same information may or may not be available to the individual and, as a consequence, the individual may be misguided in his decisions due to his limited access to the data controller’s information when using privacy metrics. The goal of this thesis is thus not only the specification of new privacy metrics, but also the contribution of ideas for mitigating this dilemma. However a solution will rather be a combination of technological, economical and legal means than a purely technical solution.
|
|
| 3. |
- Angulo, Julio, 1980-
(författare)
-
Usable privacy for digital transactions : Exploring the usability aspects of three privacy enhancing mechanisms
- 2012
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- The amount of personal identifiable information that people distribute over different online services has grown rapidly and considerably over the last decades. This has led to increased probabilities for identity theft, profiling and linkability attacks, which can in turn not only result in a threat to people’s personal dignity, finances, and many other aspects of their lives, but also to societies in general. Methods and tools for securing people’s online activities and protecting their privacy on the Internet, so called Privacy Enhancing Technologies (PETs), are being designed and developed. However, these technologies are often seen by ordinary users as complicated and disruptive of their primary tasks. In this licentiate thesis, I investigate the usability aspects of three main privacy and security enhancing mechanisms. These mechanisms have the goal of helping and encouraging users to protect their privacy on the Internet as they engage in some of the steps necessary to complete a digital transaction. The three mechanisms, which have been investigated within the scope of different research projects, comprise of (1) graphical visualizations of service providers’ privacy policies and user-friendly management and matching of users’ privacy preferences “on the fly”, (2) methods for helping users create appropriate mental models of the data minimization property of anonymous credentials, and (3) employing touch-screen biometrics as a method to authenticate users into mobile devices and verify their identities during a digital transaction. Results from these investigations suggest that these mechanisms can make digital transactions privacy-friendly and secure while at the same time delivering convenience and usability for ordinary users.
|
|
| 4. |
- Islami, Lejla
(författare)
-
Towards Usable Privacy and Identity Management for Smart Environments
- 2022
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Smart environments provide users with a large number of new services that will improve their lives, however, they also have the potential for collecting staggering amounts of personal information, which, if misused, poses a multitude of privacy threats to users ranging from identification, tracking, stalking, monitoring and profiling. Consequently, the users’ right to informational self-determination is at stake in smart environments. Usable Privacy-Enhancing Identity Management (PE-IdM) can re-establish user control by offering users a selection of meaningful privacy preference settings that they could choose from. However, different privacy trade-offs need to be considered and managed for the configuration of the identity management system as well as cultural privacy aspects influencing user's privacy preferences. Guidelines for usable management of privacy settings that address varying end user preferences for control and privacy conflicting goals are needed. The objective of this thesis is to explore approaches for enforcing usable PE-IdM for smart environments, with a focus on vehicular ad hoc networks (VANETs). To that end, we unravel the technical state of the art regarding the problem space and solutions, as well as investigating users’ privacy preferences cross-culturally in Sweden and South Africa. We elicit requirements for achieving usable PE-IdM, which are based on usable configuration options, offering suitable selectable privacy settings that will cater for the needs and preferences of users with different cultural backgrounds.
|
|
| 5. |
- Iwaya, Leonardo H
(författare)
-
Secure and Privacy-aware Data Collection and Processing in Mobile Health Systems
- 2016
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Healthcare systems have assimilated information and communication technologies in order to improve the quality of healthcare and patient's experience at reduced costs. The increasing digitalization of people's health information raises however new threats regarding information security and privacy. Accidental or deliberate data breaches of health data may lead to societal pressures, embarrassment and discrimination. Information security and privacy are paramount to achieve high quality healthcare services, and further, to not harm individuals when providing care. With that in mind, we give special attention to the category of Mobile Health (mHealth) systems. That is, the use of mobile devices (e.g., mobile phones, sensors, PDAs) to support medical and public health. Such systems, have been particularly successful in developing countries, taking advantage of the flourishing mobile market and the need to expand the coverage of primary healthcare programs. Many mHealth initiatives, however, fail to address security and privacy issues. This, coupled with the lack of specific legislation for privacy and data protection in these countries, increases the risk of harm to individuals. The overall objective of this thesis is to enhance knowledge regarding the design of security and privacy technologies for mHealth systems. In particular, we deal with mHealth Data Collection Systems (MDCSs), which consists of mobile devices for collecting and reporting health-related data, replacing paper-based approaches for health surveys and surveillance. This thesis consists of publications contributing to mHealth security and privacy in various ways: with a comprehensive literature review about mHealth in Brazil; with the design of a security framework for MDCSs (SecourHealth); with the design of a MDCS (GeoHealth); with the design of Privacy Impact Assessment template for MDCSs; and with the study of ontology-based obfuscation and anonymisation functions for health data.
|
|
| 6. |
- Karegar, Farzaneh
(författare)
-
Towards Improving Transparency, Intervenability, and Consent in HCI
- 2018
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Transparency of personal data processing is enforced by most Western privacy laws, including the new General Data Protection Regulation (GDPR) which will be effective from May 2018. The GDPR specifies that personal data shall be processed lawfully, fairly, and in a transparent manner. It strengthens people's rights for both ex-ante and ex-post transparency and intervenability. Equally important is the strict legal requirements for informed consent established by the GDPR.On the other hand, the legal privacy principles have Human-Computer Interaction (HCI) implications. People should comprehend the principles, be aware of when the principles may be used, and be able to use them. Transparent information about personal data processing should be concise, intelligible, and provided in an easily accessible form, pursuant to the GDPR. Nonetheless, the answer to the question about how HCI implications can be addressed depends on the attempts to decrease the gap between legal and user-centric transparency, intervenability, and consent. Enhancing individuals' control in a usable way helps people to be aware of the flow of their personal information, control their data, make informed decisions, and finally preserve their privacy.The objective of this thesis is to propose usable tools and solutions, to enhance people's control and enforce legal privacy principles, especially transparency, intervenability, and informed consent. To achieve the goal of the thesis, different ways to improve ex-ante transparency and informed consent are investigated by designing and testing new solutions to make effective consent forms. Moreover, ex-post transparency and intervenability are improved by designing a transparency enhancing tool and investigating users' perceptions of data portability and transparency in the tool. The results of this thesis contribute to the body of knowledge by mapping legal privacy principles to HCI solutions, unveiling HCI problems and answers when aiming for legal compliance, and proposing effective designs to obtain informed consent.
|
|
| 7. |
- Khan, Md Sakib Nizam, 1990-
(författare)
-
Privacy in the Age of Autonomous Systems
- 2020
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Autonomous systems have progressed from theory to application especially in the last decade, thanks to the recent technological evolution. The number of autonomous systems in our surroundings is increasing rapidly. Since these systems in most cases handle privacy-sensitive data, the privacy concerns are also increasing at a similar rate. However, privacy research has not been in sync with these developments. Moreover, the systems are heterogeneous in nature and continuously evolving which makes the privacy problem even more challenging. The domain poses some unique privacy challenges which are not always possible to solve using existing solutions from other related fields. In this thesis, we identify open privacy challenges of autonomous systems and later propose solutions to some of the most prominent challenges. We investigate the privacy challenges in the context of smart home-based systems including Ambient Assisted Living (AAL) systems as well as autonomous vehicles. In the case of smart home, we propose a framework to enhance the privacy of owners during ownership change of IoT devices and conduct a systematic literature review to identify the privacy challenges of home-based health monitoring systems. For autonomous vehicles, we quantify, improve, and tune the privacy utility trade-off of the image de-identification process. Our investigation reveals that there is a lack of consideration when it comes to the privacy of autonomous systems and there are several open research questions in the domain regarding, for instance, privacy-preserving data management, quantification of privacy utility trade-off, and compliance with privacy laws. Since the field is evolving, this work can be seen as a step towards privacy preserving autonomous systems. The identified privacy concerns and their corresponding solutions presented in this thesis will help the research community to identify and address existing privacy concerns of autonomous systems. Solving the concerns will encourage the end-users to adopt the systems and enjoy the benefits without bothering about privacy.
|
|
| 8. |
- Martucci, Leonardo Augusto, 1977-
(författare)
-
Identity and Anonymity in Ad Hoc Networks
- 2009
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- In ad hoc networks every device is responsible for its own basic computer services, including packet routing, data forwarding, security, and privacy. Most of the protocols used in wired networks are not suitable for ad hoc networks, since they were designed for static environments with defined borders and highly specialized devices, such as routers, authentication servers, and firewalls. This dissertation concentrates on the achievement of privacy-friendly identifiersand anonymous communication in ad hoc networks. In particular, the objective is to offer means for better anonymous communication in such networks. Two research questions were formulated to address the objective: I. How to design proper and trusted privacy-friendly digital identifiers to beused in ad hoc network environments? II. How to provide anonymous communication in ad hoc networks and whatis the performance cost in relation to the obtained degree of anonymity? To address the first research question we studied and classified the security and privacy threats, enhancements, and requirements in ad hoc networks and analyzed the need for privacy and identification. The analysis led us to the relationship between security, identification, and anonymous communication that we refer to as the “identity-anonymity paradox”. We further identifiedthe requirements for privacy-friendly identifiers and proposed the self-certified Sybil-free pseudonyms to address such requirements. The second research question was addressed with the design and implementation of the Chameleon protocol, an anonymous communication mechanism for ad hoc networks. The performance of Chameleon was evaluated using a network simulator. The results were used to find out the trade-off between anonymity and performance in terms of the expected end-to-end delay. The solutions proposed in this dissertation are important steps towards the achievement of better anonymous communications in ad hoc networks andcomplement other mechanisms required to prevent leaks of personal data.
|
|
| 9. |
- Pulls, Tobias, 1985-
(författare)
-
Preserving Privacy in Transparency Logging
- 2015
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- The subject of this dissertation is the construction of privacy-enhancing technologies (PETs) for transparency logging, a technology at the intersection of privacy, transparency, and accountability. Transparency logging facilitates the transportation of data from service providers to users of services and is therefore a key enabler for ex-post transparency-enhancing tools (TETs). Ex-post transparency provides information to users about how their personal data have been processed by service providers, and is a prerequisite for accountability: you cannot hold a controller accountable for what is unknown.We present three generations of PETs for transparency logging to which we contributed. We start with early work that defined the setting as a foundation and build upon it to increase both the privacy protections and the utility of the data sent through transparency logging. Our contributions include the first provably secure privacy-preserving transparency logging scheme and a forward-secure append-only persistent authenticated data structure tailored to the transparency logging setting. Applications of our work range from notifications and deriving data disclosures for the Data Track tool (an ex-post TET) to secure evidence storage.
|
|
| 10. |
- Vapen, Anna, 1983-
(författare)
-
Contributions to Web Authentication for Untrusted Computers
- 2011
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Authentication methods offer varying levels of security. Methods with one-time credentials generated by dedicated hardware tokens can reach a high level of security, whereas password-based authentication methods have a low level of security since passwords can be eavesdropped and stolen by an attacker. Password-based methods are dominant in web authentication since they are both easy to implement and easy to use. Dedicated hardware, on the other hand, is not always available to the user, usually requires additional equipment and may be more complex to use than password-based authentication.Different services and applications on the web have different requirements for the security of authentication. Therefore, it is necessary for designers of authentication solutions to address this need for a range of security levels. Another concern is mobile users authenticating from unknown, and therefore untrusted, computers. This in turn raises issues of availability, since users need secure authentication to be available, regardless of where they authenticate or which computer they use.We propose a method for evaluation and design of web authentication solutions that takes into account a number of often overlooked design factors, i.e. availability, usability and economic aspects. Our proposed method uses the concept of security levels from the Electronic Authentication Guideline, provided by NIST.We focus on the use of handheld devices, especially mobile phones, as a flexible, multi-purpose (i.e. non-dedicated) hardware device for web authentication. Mobile phones offer unique advantages for secure authentication, as they are small, flexible and portable, and provide multiple data transfer channels. Phone designs, however, vary and the choice of channels and authentication methods will influence the security level of authentication. It is not trivial to maintain a consistent overview of the strengths and weaknesses of the available alternatives. Our evaluation and design method provides this overview and can help developers and users to compare and choose authentication solutions.
|
|
