| 1. |
- Colesky, Michael, et al.
(författare)
-
Helping Software Architects Familiarize with the General Data Protection Regulation
- 2019
-
Ingår i: 2019 IEEE International Conference on Software Architecture Companion (ICSA-C). - : IEEE. - 9781728118772 - 9781728118765 ; , s. 226-229
-
Konferensbidrag (refereegranskat)abstract
- Abstract—The General Data Protection Regulation (GDPR)impacts any information systems that process personal datain or from the European Union. Yet its enforcement is stillrecent. Organizations under its effect are slow to adopt itsprinciples. One particular difficulty is the low familiarity withthe regulation among software architects and designers. Thedifficulty to interpret the content of the legal regulation ata technical level adds to that. This results in problems inunderstanding the impact and consequences that the regulationmay have in detail for a particular system or project context.In this paper we present some early work and emergingresults related to supporting software architects in this situation.Specifically, we target those who need to understand how theGDPR might impact their design decisions. In the spirit ofarchitectural tactics and patterns, we systematically identifiedand categorized 155 forces in the regulation. These results formthe conceptual base for a first prototypical tool. It enablessoftware architects to identify the relevant forces by guidingthem through an online questionnaire. This leads them to relevantfragments of the GDPR and potentially relevant privacy patterns.We argue that this approach may help software professionals,in particular architects, familiarize with the GDPR and outlinepotential paths for evaluation.
|
|
| 2. |
- Deng, Ming, et al.
(författare)
-
Personal rights management : Taming camera-phones for individual privacy enforcement
- 2006
-
Ingår i: Privacy Enhancing Technologies. - Berlin, Heidelberg : Springer. - 9783540687900 ; , s. 172-189
-
Konferensbidrag (refereegranskat)abstract
- With ubiquitous use of digital camera devices, especially in mobile phones, privacy is no longer threatened by governments and companies only. The new technology creates a new threat by ordinary people, who could take and distribute pictures of an individual with no risk and little cost in any situation in public or private spaces. Fast distribution via web based photo albums, online communities and web pages expose an individual's private life to the public. Social and legal measures are increasingly taken to deal with this problem, but they are hard to enforce in practice. In this paper, we proposed a model for privacy infrastructures aiming for the distribution channel such that as soon as the picture is publicly available, the exposed individual has a chance to find it and take proper action in the first place. The implementation issues of the proposed protocol are discussed. Digital rights management techniques are applied in our proposed infrastructure, and data identification techniques such as digital watermarking and robust perceptual hashing are proposed to enhance the distributed content identification.
|
|
| 3. |
- Fischer-Hübner, Simone, 1963-, et al.
(författare)
-
A MOOC on Privacy by Design and the GDPR
- 2018
-
Ingår i: Information Security Education. - Cham, Switzerland : Springer. - 9783319997346 ; , s. 95-107
-
Konferensbidrag (refereegranskat)abstract
- In this paper we describe how we designed a massive open online course (mooc) on Privacy by Design with a focus on how to achieve compliance with the eu gdpr principles and requirements in it engineering and management. This mooc aims at educating both professionals and undergraduate students, i.e., target groups with distinct educational needs and requirements, within a single course structure. We discuss why developing and publishing such a course is a timely decision and fulfills the current needs of the professional and undergraduate education. The mooc is organized in five modules, each of them with its own learning outcomes and activities. The modules focus on different aspects of the gdpr that data protection officers have to be knowledgeable about, ranging from the legal basics, to data protection impact assessment methods, and privacy-enhancing technologies. The modules were delivered using hypertext, digital content and three video production styles: slides with voice-over, talking heads and interviews. The main contribution of this work is the roadmap on how to design a highly relevant mooc on privacy by design and the gdpr aimed at an heterogeneous audience.
|
|
| 4. |
- Fritsch, Lothar, 1970-, et al.
(författare)
-
A holistic approach to Open-Source VoIP security : Preliminary results from the EUX2010sec project
- 2009
-
Ingår i: Networks, 2009. ICN '09. Eighth International Conference on. - : IEEE. ; , s. 275-280
-
Konferensbidrag (refereegranskat)abstract
- This paper describes the approach and preliminary results from the research project EUX2010sec. The project works closely with Voice-over-IP (VoIP) companies and users. It aims at providing better security of opera source VoIP installations. The work towards this goal is organized by gathering researchers and practitioners around several scientific activities that range from security modeling and verification up to testbed testing. The expected outcomes of the project are a solid scientific and practical understanding of the security options for setting tip VoIP infrastructures, particular guidance on secure, typical setups of such infrastructures, The project's special focus is on producing results relevant to the practitioners in the project, aiming at the stimulation of innovation and the provision of highest quality in open-source based VoIP products and services.
|
|
| 5. |
- Fritsch, Lothar, 1970-, et al.
(författare)
-
Applications of Privacy and Security Research in the Upcoming Battlefield of Things
- 2018
-
Ingår i: Proceedings of the 17th European Conference on Cyber Warfare and Security. - Reading : Academic Conferences and Publishing International Limited. - 9781911218852 - 9781911218869
-
Konferensbidrag (refereegranskat)abstract
- This article presents the results of a trend scouting study on the applicability of contemporary information privacy and information security research in future defence scenarios in a 25-year-horizon. We sketch the expected digital warfare and defence environment as a “battlefield of things” where connected objects, connected soldiers and automated and autonomous sensing and acting systems are core elements. Based on this scenario, we discuss current research in information security and information privacy and their relevance and applicability for the future scenario.
|
|
| 6. |
- Fritsch, Lothar, 1970-
(författare)
-
Comments on ”The grant life cycle – a researcher’s handbook”
- 2017
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- The grant proposing introduction tutorial for young researchers is undergoing revision at Karlstad University. The Grants and Innovation Office (GIO) has requested suggestions for improvements from researchers. This document is a review of the existing document, including suggestions, critique and recommendations for complementary information in support of the GIO presentation at the Computer Science Department on March 29, 2017.
|
|
| 7. |
- Fritsch, Lothar, 1970-, et al.
(författare)
-
Derived Partial Identities Generated from App Permissions
- 2017
-
Ingår i: Open Identity Summit 2017. - Bonn : Gesellschaft für Informatik. - 9783885796718 ; , s. 117-130
-
Konferensbidrag (refereegranskat)abstract
- This article presents a model of partial identities derived from app permissions that is based on Pfitzmann and Hansen’s terminology for privacy [PH10]. The article first shows how app permissions accommodate the accumulation of identity attributes for partial digital identities by building a model for identity attribute retrieval through permissions. Then, it presents an experimental survey of partial identity access for selected app groups. By applying the identity attribute retrieval model on the permission access log from the experiment, we show how apps’ permission usage is providing to identity profiling.
|
|
| 8. |
|
|
| 9. |
- Fritsch, Lothar, 1970-, et al.
(författare)
-
I’m Not That Old Yet! The Elderly and Us in HCI and Assistive Technology
- 2018
-
Ingår i: Proceedings of the Mobile Privacy and Security for an Ageing Population workshop at the 20th International Conference on Human-Computer Interaction with Mobile Devices and Services (MobileHCI) 2018. - Barcelona : University of Bath; Cranfield university; Northumbria university, Newcastle; University of Portsmouth.
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)abstract
- Recent HCI research in information security and privacy focuses on the Elderly. It aims at the provision of inclu-sive, Elderly-friendly interfaces for security and data protection features. Much attention is put on care situa-tions where the image of the Elderly is that of sick or disabled persons not mastering contemporary infor-mation technology. That population is however a frac-tion of the group called the Elderly. In this position pa-per, we argue that the Elderly are a very diverse popu-lation. We discuss issues rising from researchers and software architects’ misconception of the Elderly as technology-illiterate and unable. We suggest a more nuanced approach that includes changing personal abil-ities over the course of life.
|
|
| 10. |
- Fritsch, Lothar, 1970-, et al.
(författare)
-
Implications of Privacy & Security Research for the Upcoming Battlefield of Things
- 2019
-
Ingår i: Journal of Information Warfare. - : Peregrine Technical Solutions, LLC. - 1445-3312. ; 17:4, s. 72-87
-
Tidskriftsartikel (refereegranskat)abstract
- This article presents the results of a trend-scouting study on the applicability of contemporary information privacy and information security research in future defence scenarios in a 25-year-horizon. The authors sketch the expected digital warfare and defence environment as a‘Battlefield of Things’ in which connected objects, connected soldiers, and automated and autonomous sensing and acting systems are core elements. Based on this scenario, the authors discuss current research in information security and information privacy and their relevance and applicability for the future scenario.
|
|
