| 1. |
- Bisztray, Tamas, et al.
(author)
-
Data Protection Impact Assessment in Identity Control Management with a Focus on Biometrics
- 2020
-
In: Open Identity Summit 2020. - Bonn : Gesellschaft für Informatik e.V.. - 9783885796992 ; , s. 185-192
-
Conference paper (peer-reviewed)abstract
- Privacy issues concerning biometric identification are becoming increasingly relevant due to their proliferation in various fields, including identity and access control management (IAM). The General Data Protection Regulation (GDPR) requires the implementation of a data protection impact assessment for privacy critical systems. In this paper, we analyse the usefulness of two different privacy impact assessment frameworks in the context of biometric data protection. We use experiences from the SWAN project that processes four different biometric characteristics for authentication purposes. The results of this comparison elucidate how useful these frameworks are in identifying sector-specific privacy risks related to IAM and biometric identification.
|
|
| 2. |
- Fritsch, Lothar
(author)
-
Identification collapse - contingency in Identity Management
- 2020
-
In: Open Identity Summit 2020. - Bonn : Gesellschaft für Informatik e.V.. - 9783885796992 ; , s. 15-26
-
Conference paper (peer-reviewed)abstract
- Identity management (IdM) facilitates identification, authentication and authorization inmost digital processes that involve humans. Digital services as well as work processes, customerrelationship management, telecommunications and payment systems rely on forms of IdM. IdMis a business-critical infrastructure. Organizations rely on one specific IdM technology chosen tofit a certain context. Registration, credential issuance and deployment of digital identities are thenbound to the chosen technology. What happens if that technology is disrupted? This article discussesconsequences and mitigation strategies for identification collapse based on case studies and literaturesearch. The result is a surprising shortage of available documented mitigation and recovery strategiesfor identification collapse.
|
|
| 3. |
- Fritsch, Lothar
(author)
-
Identity Management as a target in cyberwar
- 2020
-
In: Open Identity Summit 2020. - Bonn : Gesellschaft für Informatik e.V.. - 9783885796992 ; , s. 61-70
-
Conference paper (peer-reviewed)abstract
- This article will discuss Identity Management (IdM) and digital identities in the context ofcyberwar. Cyberattacks that target or exploit digital identities in this context gain leverage throughthe central position of IdM digital infrastructures. Such attacks will compromize service operations,reduce the security of citizens and will expose personal data - those of military personell included. Thearticle defines the issue, summarizes its background and then discusses the implications of cyberwarfor vendors and applicants digital identity management infrastructures where IdM is positioned as acritical infrastructure in society.
|
|
| 4. |
- Hatamian, Majid, et al.
(author)
-
A privacy and security analysis of early-deployed COVID-19 contact tracing Android apps
- 2021
-
In: Empirical Software Engineering. - : Springer Nature. - 1382-3256 .- 1573-7616. ; 26:3
-
Journal article (peer-reviewed)abstract
- As this article is being drafted, the SARS-CoV-2/COVID-19 pandemic is causing harm and disruption across the world. Many countries aimed at supporting their contact tracers with the use of digital contact tracing apps in order to manage and control the spread of the virus. Their idea is the automatic registration of meetings between smartphone owners for the quicker processing of infection chains. To date, there are many contact tracing apps that have already been launched and used in 2020. There has been a lot of speculations about the privacy and security aspects of these apps and their potential violation of data protection principles. Therefore, the developers of these apps are constantly criticized because of undermining users’ privacy, neglecting essential privacy and security requirements, and developing apps under time pressure without considering privacy- and security-by-design. In this study, we analyze the privacy and security performance of 28 contact tracing apps available on Android platform from various perspectives, including their code’s privileges, promises made in their privacy policies, and static and dynamic performances. Our methodology is based on the collection of various types of data concerning these 28 apps, namely permission requests, privacy policy texts, run-time resource accesses, and existing security vulnerabilities. Based on the analysis of these data, we quantify and assess the impact of these apps on users’ privacy. We aimed at providing a quick and systematic inspection of the earliest contact tracing apps that have been deployed on multiple continents. Our findings have revealed that the developers of these apps need to take more cautionary steps to ensure code quality and to address security and privacy vulnerabilities. They should more consciously follow legal requirements with respect to apps’ permission declarations, privacy principles, and privacy policy contents.
|
|
| 5. |
- Iwaya, Leonardo H, et al.
(author)
-
Early Labour App: Developing a practice-based mobile health application for digital early labour support
- 2023
-
In: International Journal of Medical Informatics. - : Elsevier. - 1386-5056 .- 1872-8243. ; 177
-
Journal article (peer-reviewed)abstract
- Background: Pregnant women in early labour have felt excluded from professional care, and their partners have been restricted from being involved in the birthing process. Expectant parents must be better prepared to deal with fear and stress during early labour. There is a need for evidence-based information and digital applications that can empower couples during childbirth.Objective: To develop and identify requirements for a practice-based mobile health (mHealth) application for Digital Early Labour Support.Methods: This research started with creating an expert group composed of a multidisciplinary team capable of informing the app development process on evidence-based practices. In consultation with the expert group, the app was built using an agile development approach (i.e., Scrum) within a continuous software engineering setting (i.e., CI/CD, DevOps), also including user and security tests.Results: During the development of the Early Labour App, two main types of challenges emerged: (1) user challenges, related to understanding the users’ needs and experience with the app, and (2) team challenges, related to the software development team in particular, and the necessary skills for translating an early labour intervention into a digital solution. This study reaffirms the importance of midwife support via blended care and the opportunity of complementing it with an app. The Early Labour App was easy to use, the women needed little to no help, and the partner's preparation was facilitated. The combination of the app together with blended care opens up awareness, thoughts and feelings about the method and provides good preparation for the birth.Conclusion: We propose the creation of the Early Labour App, a mHealth app for early labour support. The preliminary tests conducted for the Early Labour App show that the app is mature, allowing it to be used in the project's Randomised Control Trial, which is already ongoing.
|
|
| 6. |
- Kävrestad, Joakim, 1989-
(author)
-
Context-Based Micro-Training : Enhancing cybersecurity training for end-users
- 2022
-
Doctoral thesis (other academic/artistic)abstract
- This research addresses the human aspect of cybersecurity by developing a method for cybersecurity training of end-users. The reason for addressing that area is that human behaviour is widely regarded as one of the most used attack vectors. Exploiting human behaviour through various social engineering techniques, password guessing, and more is a common practice for attackers. Reports even suggest that human behaviour is exploited in 95% of all cybersecurity attacks. Human behaviour with regard to cybersecurity has been long discussed in the research. It is commonly suggested that users need support to behave securely. Training is often suggested as the way to improve user behaviour, and there are several different training methods available. The available training methods include instructor-led training, game-based training, eLearning, etc. However, even with the diversity of existing training methods, the effectiveness of such training has been questioned by recent research. Research suggests that existing training does not facilitate knowledge retention and user participation to a high enough degree. This research aims to address the problems with current training practices by developing a new method for cybersecurity training of end-users. The research used a design science (DS) approach to develop the new method in three increasingly complex design cycles. Principles for cybersecurity training were developed based on previous research and the Technology Acceptance Model and made the theoretical foundation of the reserach. The result is a theoretically grounded method for cybersecurity training that outlines goals and guidelines for how such training should be implemented. It has been evaluated in several steps with more than 1800 survey participants and 300 participants in various experiments. The evaluations have shown that it can both support users towards secure behaviour and be appreciated by its users. The main contribution of this research is the method for cybersecurity training, Context-Based Micro-Training (CBMT). CBMT is a theoretical contribution that describes good practices for cybersecurity training for end-users. Practitioners can adopt it as a guide on how to implement such training or to support procurement decisions. The research also shows the importance of integrating usability into the development of security practices. Users must positively receive both training and the guidelines imposed by training since positive user perception increases user adoption. Finally, the research shows that following security guidelines is difficult. While training is essential, this research suggests that training alone is not enough, and future research should consider the interplay between training and other support mechanisms.
|
|
| 7. |
- Momen, Nurul, 1988-, et al.
(author)
-
Accept - Maybe - Decline : Introducing Partial Consent for the Permission-based Access Control Model of Android
- 2020
-
In: SACMAT '20: Proceedings of the 25th ACM Symposium on Access Control Models and Technologies. - New York, NY, USA : ACM Digital Library. ; , s. 71-80
-
Conference paper (peer-reviewed)abstract
- The consent to personal data sharing is an integral part of modern access control models on smart devices. This paper examines the possibility of registering conditional consent which could potentially increase trust in data sharing. We introduce an indecisive state of consenting to policies that will enable consumers to evaluate data services before fully committing to their data sharing policies. We address technical, regulatory, social, individual and economic perspectives for inclusion of partial consent within an access control mechanism. Then, we look into the possibilities to integrate it within the access control model of Android by introducing an additional button in the interface---\emph{Maybe}. This article also presents a design for such implementation and demonstrates feasibility by showcasing a prototype built on Android platform. Our effort is exploratory and aims to shed light on the probable research direction.
|
|
| 8. |
- Momen, Nurul, 1988-, et al.
(author)
-
App-generated digital identities extracted through Androidpermission-based data access - a survey of app privacy
- 2020
-
In: Sicherheit 2020. - : Gesellschaft für Informatik. - 9783885796954 ; , s. 15-28
-
Conference paper (peer-reviewed)abstract
- Smartphone apps that run on Android devices can access many types of personal information. Such information can be used to identify, profile and track the device users when mapped into digital identity attributes. This article presents a model of identifiability through access to personal data protected by the Android access control mechanism called permissions. We present an abstraction of partial identity attributes related to such personal data, and then show how apps accumulate such attributes in a longitudinal study that was carried out over several months. We found that apps' successive access to permissions accumulates such identity attributes, where different apps show different interest in such attributes.
|
|
| 9. |
- Momen, Nurul, 1988-
(author)
-
Measuring Apps' Privacy-Friendliness : Introducing transparency to apps' data access behavior
- 2020
-
Doctoral thesis (other academic/artistic)abstract
- Mobile apps brought unprecedented convenience to everyday life, and nowadays, hardly any interactive service exists without having an interface through an app. The rich functionalities of apps rely on the pervasive capabilities of the mobile device, such as its cameras and other types of sensors. Consequently, apps generate a diverse and large amount of data, which can often be deemed as privacy-sensitive data. As the mobile device is also equipped with several means to transmit the collected data, such as WiFi and 4G, it brings further concerns about individuals' privacy.Even though mobile operating systems use access control mechanisms to guard system resources and sensors, apps exercise their granted privileges in an opaque manner. Depending on the type of privilege, apps require explicit approval from the user in order to acquire access to them through permissions. Nonetheless, granting permission does not put constraints on the access frequency. Granted privileges allow the app to access users' personal data for a long period of time, typically until the user explicitly revokes the access. Furthermore, available control tools lack monitoring features, and therefore, the user faces hindrances to comprehend the magnitude of personal data access. Such circumstances can erode intervenability from the interface of the phone, lead to incomprehensible handling of personal data, and thus, create privacy risks for the user.This thesis covers a long-term investigation of apps' data access behavior and makes an effort to shed light on various privacy implications. It also shows that app behavior analysis yields information that has the potential to increase transparency, to enhance privacy protection, to raise awareness regarding consequences of data disclosure, and to assist the user in informed decision-making while selecting apps or services. We introduce models, methods, and demonstrate the data disclosure risks with experimental results. Finally, we show how to communicate privacy risks through the user interface by taking the results of app behavior analyses into account.
|
|
| 10. |
- Momen, Nurul, 1988-, et al.
(author)
-
Smartphone-Apps unter Beobachtung
- 2020
-
In: digma - Zeitschrift für Datenrecht und Informationssicherheit. - Zürich (CH) : Schulthess Juristische Medien AG. - 1424-9944. ; 20:3, s. 152-155
-
Journal article (other academic/artistic)abstract
- Smartphones mit Android-Betriebssystem haben ein Zugriffskontrollsystem, welches auf Zugriffsrechten – zugeteilt per App – basiert. Damit werden Zugriffe von Android-Anwendungen Dritter auf kritische Ressourcen einschränkt. Einige dieser Rechte – von Google als sogenannte «dangerous permissions» definiert – bedürfen vor ihrer Aktivierung der Zustimmung des Nutzers. Dies geschieht durch ein Anklicken einer Zustimmung nach Start der App. Danach kann die App nach Belieben auf die jeweilige Datenquelle, beispielsweise Standortdaten (GPS), Kamera, Telefonstatus oder Adressbuch, zugreifen. Verlangt eine App Zugriff beispielsweise auf das Adressbuch, so muss vom Nutzer der Adressbuch-Zugriff beim ersten Versuch genehmigt werden. Diese Genehmigung wird dann ohne zeitliche Einschränkung in der App für zukünftige Zugriffe hinterlegt.Eine Verweigerung der Rechte in den Einstellungen führt oft zu Fehlfunktionen der Apps.Laufzeitberechtigungen werden auf Gruppenbasis erteilt. Um zum Beispiel Bluetooth verwenden zu können, wie es die Covid App benötigt, muss der Nutzer die Zustimmung zur Gruppe «Standort» geben. Wenn eine Anwendung erneut Laufzeitberechtigungen anfordert, die sich auf dieselbe Berechtigungsgruppe beziehen, werden, sobald eine davon erteilt ist, auch alle anderen erteilt. In unserer Forschung stellten wir uns die Aufgabe, die Zugriffsfrequenzen auf datenschutzrelevante Datenquellen zu messen. Ziel war die Quantifizierung des Risikos für den Nutzer und die Schaffung von Transparenz über Datensammlungen sowohl in wissenschaftlicher Perspektive also auch zur Information von Endnutzern. Im Folgenden beschreiben wir Ergebnisse und Vorgehensweise unserer Studien.
|
|
| 11. |
- Nordin, Anna, 1972-, et al.
(author)
-
Body-Area Sensing in Maternity Care : Evaluation of Commercial Wristbands for Pre-birth Stress Management
- 2022
-
In: Lecture Notes of the Institute for Computer Sciences Social Informatics and Telecommunications Engineering. - Cham : Springer. - 9783030955922 ; , s. 168-175
-
Conference paper (peer-reviewed)abstract
- Many women use digital tools during pregnancy and birth. There are many existing mobile applications to measure quantity and length of contractions during early labour, but there is a need to offer evidence-based, credible electronic and digital solutions to parents-to-be. This article presents ongoing research work in a research project regarding mobile telemetric supported maternity care. It summarizes an approach for stress management in late maternity and under birth preparation that is based on body area sensing, our investigation of the properties of commercially available wearable wristbands for body sensing, and the insights gained from testing the wristbands from the project's perspective. We found that sensing precision is very variable depending on the wristband model, while the flows of medical personal data exclusively are routed through vendor cloud platforms outside the EU. The impact of our findings for the use of commercial wristbands in European medical research and practice is discussed in the conclusion.
|
|
| 12. |
- Toresson, Ludwig, et al.
(author)
-
PISA : A Privacy Impact Self-assessment App Using Personas to Relate App Behavior to Risks to Smartphone Users
- 2020
-
In: Communications in Computer and Information Science, CCIS. - Cham : Springer. - 9783030507312 - 9783030507329 ; , s. 613-621
-
Conference paper (peer-reviewed)abstract
- We present an educative self-assessment app intended to increase awareness of app-related privacy risks. The privacy impact self-assessment (PISA) app is intended to stimulate smartphone user reflection over risks of data sharing and data extraction from their smartphones. An interactive user interface performs an end-user targeted dialogue about apps using personas with a variety of vulnerabilities. The guided dialogue about threats is intended to engage the user’s reflection about own app risk. We describe the underlying model and interaction design, summarize the personas and discuss the user interfaces implemented in the app.
|
|
| 13. |
- Wairimu, Samuel, 1988-, et al.
(author)
-
Modelling privacy harms of compromised personal medical data - Beyond data breach
- 2022
-
In: ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security. - New York, NY, USA : Association for Computing Machinery (ACM). - 9781450396707
-
Conference paper (peer-reviewed)abstract
- What harms and consequences do patients experience after a medical data breach? This article aims at the improvement of privacy impact analysis for data breaches that involve personal medical data. The article has two major findings. First, scientific literature does not mention consequences and harms to the data subjects when discussing data breaches in the healthcare sector. For conceptualizing actual documented harm, we had to search court rulings and popular press articles instead. We present the findings of our search for empirically founded harms in the first part of the article. Second, we present a modified PRIAM assessment method with the goal of better assessment of harms and consequences of such data breaches for the patient/employee data subject in healthcare. We split the risk assessment into parallel categories of assessment rather than calculating a single risk score. In addition, we quantify the original PRIAM categories into a calculus for risk assessment. The article presents our modified PRIAM which is the result of these modifications. Our overall contribution is the collection of actual harms and consequences of e-health data breaches that complement the overly theoretical discussion in publications. With our operationalization of PRIAM and by providing a catalog of real harms examples, we focus privacy impact assessment on actual harms to persons.
|
|
| 14. |
- Wairimu, Samuel, 1988-, et al.
(author)
-
On the Evaluation of Privacy Impact Assessment and Privacy Risk Assessment Methodologies : A Systematic Literature Review
- 2024
-
In: IEEE Access. - : IEEE. - 2169-3536. ; 12, s. 19625-19650
-
Research review (peer-reviewed)abstract
- Assessing privacy risks and incorporating privacy measures from the onset requires a comprehensive understanding of potential impacts on data subjects. Privacy Impact Assessments (PIAs) offer a systematic methodology for such purposes, which are closely related to Data Protection Impact Assessments (DPIAs), particularly outlined in Article 35 of the General Data Protection Regulation (GDPR). The core of a PIA is a Privacy Risk Assessment (PRA). PRAs can be integrated as part of full-fledged PIAs or independently developed to support PIA processes. Although these methodologies have been identified as essential enablers of privacy by design, their effectiveness has been criticized because of the lack of evidence of their rigorous and systematic evaluation. Hence, we conducted a Systematic Literature Review (SLR) to identify published PIA and PRA methodologies and assess how and to what extent they have been scientifically validated or evaluated. We found that these methodologies are rarely evaluated for their performance in practice, and most of them have only been validated in limited studies. Most validation evidence is found with PRA methodologies. Of the evaluated methodologies, PIAs were the most evaluated, where case studies were the predominant evaluation method. These evaluated methodologies can be easily transferred to an industrial setting or used by practitioners, as they provide evidence of their use in practice. In addition, the findings in this study can be used to inform researchers of the current state-of-the-art, and practitioners can understand the benefits and current limitations of the methodologies and adopt evidence-based practices.
|
|
| 15. |
- Wairimu, Samuel, 1988-
(author)
-
Privacy and Security Analysis : Assessing Risks and Harm to Patients
- 2022
-
Licentiate thesis (other academic/artistic)abstract
- Disruptive technologies in the form of e-Health or electronic healthcare (the use of information technology in health) have the ability to provide positive implications to both patients and healthcare professionals. Recently, public health agencies deployed contact tracing apps with the aim of curbing the spread of COVID-19, by aiding manual contact tracing, and lifting restrictions. Despite this, their ubiquitous nature in the sector has opened doors to new threats in the area of information security and privacy, where these apps, for instance, contain security and privacy risks such as violation of the principle of least privilege, which when exploited can cause privacy harms to the user, for example, re-identification of users.In general, information security and privacy in the healthcare sector is essential due to the nature of the data they process, and the need to keep the patient safe. While this is so, the general security posture of the sector, which is poor due to its under-financing in IT security among other reasons such as the use of legacy systems, makes it vulnerable to cyber-attacks that end up with exfiltration of personal health data, among other data, for instance, relevant research data. Such data can be misused incurring privacy harm to patients that have been affected by the breach.This thesis follows an experimental approach to assess the privacy and security risks of m-Health apps, with the selected case study of these m-Health apps, that is, COVID-19 contact tracing apps. In addition, it also contributes with a theoretical approach to assessing impacts and consequences in the healthcare sector, including what harms patients could face in the event of a state-sponsored cyber-attack. In addition, the research aims at contributing to the field by proposing a sector-specific model that can be used to evaluate the impact on the privacy of patients affected by a data breach.
|
|
