Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 15 of 15
Full-Text Articles in Entire DC Network
Micro-Blogging In The Workplace, Chia Yao Lee, Matthew Warren
Micro-Blogging In The Workplace, Chia Yao Lee, Matthew Warren
Australian Information Security Management Conference
Micro-blogging services such as Twitter, Yammer, Plurk and Google Buzz have generated substantial interest among members of the business community in recent years. Many CEOs, managers and front-line employees have embraced micro-blogs as a tool for interacting with colleagues, employees, customers, suppliers and investors. Micro-blogs are considered a more informal channel than emails and official websites, and thus present a different set of challenges to businesses. As a positional paper, this paper uses a case study of a bogus Twitter account to emphasise security and ethical issues relating to (i) Trust, Accuracy and Authenticity of Information, (ii) Privacy and Confidentiality, …
A Correlation Attack Against User Mobility Privacy In A Large-Scale Wlan Network, Keren Tan, Guanhua Yan, Jihwang Yeo, David Kotz
A Correlation Attack Against User Mobility Privacy In A Large-Scale Wlan Network, Keren Tan, Guanhua Yan, Jihwang Yeo, David Kotz
Dartmouth Scholarship
User association logs collected from real-world wireless LANs have facilitated wireless network research greatly. To protect user privacy, the common practice in sanitizing these data before releasing them to the public is to anonymize users' sensitive information such as the MAC addresses of their devices and their exact association locations. In this work,we demonstrate that these sanitization measures are insufficient in protecting user privacy from a novel type of correlation attack that is based on CRF (Conditional Random Field). In such a correlation attack, the adversary observes the victim's AP (Access Point) association activities for a short period of time …
Embellishing Text Search Queries To Protect User Privacy, Hwee Hwa Pang, Xuhua Ding, Xiaokui Xiao
Embellishing Text Search Queries To Protect User Privacy, Hwee Hwa Pang, Xuhua Ding, Xiaokui Xiao
Research Collection School Of Computing and Information Systems
Users of text search engines are increasingly wary that their activities may disclose confidential information about their business or personal profiles. It would be desirable for a search engine to perform document retrieval for users while protecting their intent. In this paper, we identify the privacy risks arising from semantically related search terms within a query, and from recurring highspecificity query terms in a search session. To counter the risks, we propose a solution for a similarity text retrieval system to offer anonymity and plausible deniability for the query terms, and hence the user intent, without degrading the system’s precision-recall …
Is Bluetooth The Right Technology For Mhealth?, Shrirang Mare, David Kotz
Is Bluetooth The Right Technology For Mhealth?, Shrirang Mare, David Kotz
Dartmouth Scholarship
Many people believe mobile healthcare (mHealth) would help alleviate the rising cost of healthcare and improve the quality of service. Bluetooth, which is the most popular wireless technology for personal medical devices, is used for most of the mHealth sensing applications. In this paper we raise the question – Is Bluetooth the right technology for mHealth? To instigate the discussion we discuss some shortcomings of Bluetooth and also point out an alternative solution.
A New Hardware-Assisted Pir With O(N) Shuffle Cost, Xuhua Ding, Yanjiang Yang, Robert H. Deng, Shuhong Wang
A New Hardware-Assisted Pir With O(N) Shuffle Cost, Xuhua Ding, Yanjiang Yang, Robert H. Deng, Shuhong Wang
Research Collection School Of Computing and Information Systems
Since the concept of private information retrieval (PIR) was first formalized by Chor et al., various constructions have been proposed with a common goal of reducing communication complexity. Unfortunately, none of them is suitable for practical settings mainly due to the prohibitively high cost for either communications or computations. The booming of the Internet and its applications, especially, the recent trend in outsourcing databases, fuels the research on practical PIR schemes. In this paper, we propose a hardware-assisted PIR scheme with a novel shuffle algorithm. Our PIR construction entails O(n) offline computation cost, and constant online operations and O(log n) …
On Usable Authentication For Wireless Body Area Networks, Cory Cornelius, David Kotz
On Usable Authentication For Wireless Body Area Networks, Cory Cornelius, David Kotz
Dartmouth Scholarship
We examine a specific security problem in wireless body area networks (WBANs), what we call the ıt one body authentication problem. That is, how can we ensure that the wireless sensors in a WBAN are collecting data about one individual and not several individuals. We explore existing solutions to this problem and provide some analysis why these solutions are inadequate. Finally, we provide some direction towards a promising solution to the problem and how it can be used to create a usably secure WBAN.
An Efficient Signcryption Scheme With Key Privacy And Its Extension To Ring Signcryption, Chung Ki Li, Guomin Yang, Duncan S. Wong, Xiaotie Deng, Sherman S. M. Chow
An Efficient Signcryption Scheme With Key Privacy And Its Extension To Ring Signcryption, Chung Ki Li, Guomin Yang, Duncan S. Wong, Xiaotie Deng, Sherman S. M. Chow
Research Collection School Of Computing and Information Systems
In Information Processing Letters (2006), Tan pointed out that the anonymous signcryption scheme proposed by Yang, Wong and Deng (YWD) in ISC 2005 provides neither confidentiality nor anonymity. However, no discussion has been made on how a secure scheme can be made and there is no secure scheme available to date. In this paper, we propose a modification of YWD scheme which resolves the security issues of the original scheme without sacrificing its high efficiency and simple design. Indeed, we show that our scheme achieves confidentiality, existential unforgeability and anonymity with more precise reduction bounds. We also give a variation …
Can I Access Your Data? Privacy Management In Mhealth, Aarathi Prasad, David Kotz
Can I Access Your Data? Privacy Management In Mhealth, Aarathi Prasad, David Kotz
Dartmouth Scholarship
Mobile health (mHealth) has become important in the field of healthcare information technology, as patients begin to use mobile medical sensors to record their daily activities and vital signs. Since their medical data is collected by their sensors, the patients may wish to control data collection and distribution, so as to protect their data and share it only when the need arises. It must be possible for patients to grant or deny access to the data on the storage unit (mobile phones or personal health records (PHR)). Thus, an efficient framework is required for managing patient consent electronically, i.e.to allow …
Correlation-Based Traffic Analysis Attacks On Anonymity Networks, Ye Zhu, Xinwen Fu, Byran Gramham, Riccardo Bettati, Wei Zhao
Correlation-Based Traffic Analysis Attacks On Anonymity Networks, Ye Zhu, Xinwen Fu, Byran Gramham, Riccardo Bettati, Wei Zhao
Electrical and Computer Engineering Faculty Publications
In this paper, we address attacks that exploit the timing behavior of TCP and other protocols and applications in low-latency anonymity networks. Mixes have been used in many anonymous communication systems and are supposed to provide countermeasures to defeat traffic analysis attacks. In this paper, we focus on a particular class of traffic analysis attacks, flow-correlation attacks, by which an adversary attempts to analyze the network traffic and correlate the traffic of a flow over an input link with that over an output link. Two classes of correlation methods are considered, namely time-domain methods and frequency-domain methods. Based on our …
Revisiting Unpredictability-Based Rfid Privacy Models, Junzuo Lai, Robert Huijie Deng, Yingjiu Li
Revisiting Unpredictability-Based Rfid Privacy Models, Junzuo Lai, Robert Huijie Deng, Yingjiu Li
Research Collection School Of Computing and Information Systems
Recently, there have been several attempts in establishing formal RFID privacy models in the literature. These models mainly fall into two categories: one based on the notion of indistinguishability of two RFID tags, denoted as ind-privacy, and the other based on the unpredictability of the output of an RFID protocol, denoted as unp-privacy. Very recently, at CCS’09, Ma et al. proposed a modified unp-privacy model, referred to as unp ′-privacy. In this paper, we first revisit the existing RFID privacy models and point out their limitations. We then propose a new RFID privacy model, denoted as …
K-Anonymity In The Presence Of External Databases, Dimitris Sacharidis, Kyriakos Mouratidis, Dimitris Papadias
K-Anonymity In The Presence Of External Databases, Dimitris Sacharidis, Kyriakos Mouratidis, Dimitris Papadias
Research Collection School Of Computing and Information Systems
The concept of k-anonymity has received considerable attention due to the need of several organizations to release microdata without revealing the identity of individuals. Although all previous k-anonymity techniques assume the existence of a public database (PD) that can be used to breach privacy, none utilizes PD during the anonymization process. Specifically, existing generalization algorithms create anonymous tables using only the microdata table (MT) to be published, independently of the external knowledge available. This omission leads to high information loss. Motivated by this observation we first introduce the concept of k-join-anonymity (KJA), which permits more effective generalization to reduce the …
Data Security And Information Privacy For Pda Accessible Clinical-Log For Medical Education In Problem-Based Learning (Pbl) Approach, Rattiporn Luanrattana, Khin Than Win, John A. Fulcher
Data Security And Information Privacy For Pda Accessible Clinical-Log For Medical Education In Problem-Based Learning (Pbl) Approach, Rattiporn Luanrattana, Khin Than Win, John A. Fulcher
Faculty of Informatics - Papers (Archive)
Data security and information privacy are the important aspects to consider for the use of mobile technology for recording clinical experience and encounter in medical education. Objective: This study aims to address the qualitative findings of the appropriate data security and information privacy for PDA accessible clinical-log in problem-based learning (PBL) approach in medical education. Method: The semi-structured interviews were conducted with the medical faculty members, honorary clinical academics and medical education technology specialists. Results: Data security and information access plan were determined for managing clinical-log data. The results directed the guideline for the future development and implementation of clinical-log …
Privometer: Privacy Protection In Social Networks, Nilothpal Talukder, Mourad Ouzzani, Ahmed Elmagarmid, Hazem Elmeleegy
Privometer: Privacy Protection In Social Networks, Nilothpal Talukder, Mourad Ouzzani, Ahmed Elmagarmid, Hazem Elmeleegy
Cyber Center Publications
The increasing popularity of social networks, such as Facebook and Orkut, has raised several privacy concerns. Traditional ways of safeguarding privacy of personal information by hiding sensitive attributes are no longer adequate. Research shows that probabilistic classification techniques can effectively infer such private information. The disclosed sensitive information of friends, group affiliations and even participation in activities, such as tagging and commenting, are considered background knowledge in this process. In this paper, we present a privacy protection tool, called Privometer, that measures the amount of sensitive information leakage in a user profile and suggests selfsanitization actions to regulate the amount …
A New Class Of Attacks On Time Series Data Mining, Ye Zhu, Yongjian Fu, Huirong Fu
A New Class Of Attacks On Time Series Data Mining, Ye Zhu, Yongjian Fu, Huirong Fu
Electrical and Computer Engineering Faculty Publications
Traditional research on preserving privacy in data mining focuses on time-invariant privacy issues. With the emergence of time series data mining, traditional snapshot-based privacy issues need to be extended to be multi-dimensional with the addition of time dimension. We find current techniques to preserve privacy in data mining are not effective in preserving time-domain privacy. We present the data flow separation attack on privacy in time series data mining, which is based on blind source separation techniques from statistical signal processing. Our experiments with real data show that this attack is effective. By combining the data flow separation method and …
The 2009 Analysis Of Information Remaining On Disks Offered For Sale On The Second Hand Market, Andy Jones, Craig Valli, Glenn S. Dardick, Iain Sutherland, G. Dabibi, Gareth Davies
The 2009 Analysis Of Information Remaining On Disks Offered For Sale On The Second Hand Market, Andy Jones, Craig Valli, Glenn S. Dardick, Iain Sutherland, G. Dabibi, Gareth Davies
Australian Digital Forensics Conference
The ever increasing use and reliance upon computers in both the public and private sector has led to enormous numbers of computers being disposed of at the end of their useful life within an organisation. As the cost of computers has dropped, their use in the home has also continued to increase. In most organisations, computers have a relatively short life and are replaced on a regular basis with the result that, if not properly cleansed of data, they are released into the public domain containing data that can be relatively up to date. This problem is exacerbated by the …