short-paper

Hey, my data are mine!: active data to empower the user

Authors:

Gian Luca Scoccia,

Patrizio Pelliccione,

Paola Inverardi,

Matteo Maria Fiore,

Alejandro RussoAuthors Info & Claims

ICSE-NIER '20: Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: New Ideas and Emerging Results

Pages 5 - 8

https://doi.org/10.1145/3377816.3381726

Published: 18 September 2020 Publication History

Abstract

Privacy is increasingly getting importance in modern systems. As a matter of fact, personal data are out of the control of the original owner and remain in the hands of the software-systems producers. In this new ideas paper, we drastically change the nature of data from passive to active as a way to empower the user and preserve both the original ownership of the data and the privacy policies specified by the data owner. We demonstrate the idea of active data in the mobile domain.

References

[1]

2009. Protecting Confidential Data on Personal Computers with Storage Capsules. In 18th USENIX Security Symposium. USENIX Association, Montreal, Quebec.

[2]

2018. https://standards.ieee.org/develop/indconn/ec/autonomous_systems.html.

[3]

2018. EC. General Data Protection Regulation.

[4]

2018. Ofcom Communications Market Report 2018. https://www.ofcom.org.uk/data/assets/pdf_file/0028/155278/communications-market-report-2019.pdf.

[5]

2018. Partnership on AI. https://www.partnershiponai.org/.

[6]

(Last access January 2020). DECODE. https://decodeproject.eu.

[7]

(Last access January 2020). IRMA. https://privacybydesign.foundation/irma-en/.

[8]

(Last access January 2020). Right to be forgotten GDPR vs Blockchain. https://archer-soft.com/en/blog/right-be-forgotten-gdpr-vs-blockchain-technology.

[9]

(Last access January 2020). Vision. http://www.visioneuproject.eu/.

[10]

A. Acquisti et al. 2017. Nudges for Privacy and Security: Understanding and Assisting Users' Choices Online. ACM Comput. Surv. 50, 3, Article 44 (2017).

[11]

M. Autili, L. Grunske, M. Lumpe, P. Pelliccione, and A. Tang. 2015. Aligning Qualitative, Real-Time, and Probabilistic Property Specification Patterns Using a Structured English Grammar. IEEE TSE 41, 7 (July 2015), 620--638.

[12]

A. Beimel. 2011. Secret-Sharing Schemes: A Survey. In Coding and Cryptology.

[13]

A. Bielenberg, L. Helm, A. Gentilucci, D. Stefanescu, and H. Zhang. 2012. The growth of diaspora-a decentralized online social network in the wild. In 2012 Proceedings IEEE INFOCOM Workshops. IEEE, 13--18.

[14]

A. Cavoukian. 2009. Privacy by Design. Ottawa: Information and Privacy Commissioner of Ontario, Canada (2009).

[15]

Yu-Yuan Chen, Pramod A. Jamkhedkar, and Ruby B. Lee. 2012. A Software-Hardware Architecture for Self-Protecting Data. In Proc. of the ACM Conference on Computer and Communications Security (CCS '12). ACM.

[16]

R. Cheng, F. Zhang, J. Kos, W. He, N. Hynes, N. Johnson, A. Juels, A. Miller, and D. Song. 2019. Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contracts. In EuroS P.

[17]

M. R. Clarkson, B. Finkbeiner, M. Koleini, K. K. Micinski, M. N. Rabe, and C. Sánchez. 2014. Temporal Logics for Hyperproperties. In POST 2014. 265--284.

[18]

M. R. Clarkson and F. B. Schneider. 2010. Hyperproperties. Journal of Computer Security 18, 6 (2010), 1157--1210.

[19]

P. Dixit, A. K. Gupta, M. C. Trivedi, and V. K. Yadav. 2018. Traditional and Hybrid Encryption Techniques: A Survey. In Networking Communication and Data Knowledge Engineering.

[20]

M. B. Dwyer, G. S. Avrunin, and J. C. Corbett. 1999. Property specification patterns for finite-state verification. In ICSE99. ACM Press, 411--420.

[21]

J. Larus et al. 2018. When Computers Decide: European Recommendations on Machine-Learned Automated Decision Making. http://www.acm.org/binaries/content/assets/public-policy/ie-euacm-adm-report-2018.pdf.

[22]

R. Geambasu, T. Kohno, Amit A. Levy, and H. M. Levy. 2009. Vanish: increasing data privacy with self-destructing data. In USENIX security. 18.

[23]

S. Hunt and David Sands. 2008. Just Forget it - The Semantics and Enforcement of Information Erasure. In ESOP 2008 (LNCS). 239--253.

[24]

P. Inverardi. 2019. The European Perspective on Responsible Computing. Commun. ACM 62, 4 (March 2019), 64--64.

[25]

M. Madden, L. Rainie, K. Zickuhr, M. Duggan, and A. Smith. 2014. Public perceptions of privacy and security in the post-Snowden era. Pew Res. Center (2014).

[26]

P. Maniatis, D. Akhawe, K. Fall, Elaine Shi, S. McCamant, and D. Song. 2011. Do You Know Where Your Data Are? Secure Data Capsules for Deployable Data Protection. In USENIX HotOS.

[27]

S. K. D. Maram, F. Zhang, L. Wang, A. Low, Y. Zhang, A. Juels, and D. Song. 2019. CHURP: Dynamic-Committee Proactive Secret Sharing. In SIGSAC.

Digital Library

[28]

D. Miorandi, A. Rizzardi, and S. Sicari andpa A. Coen-Porisini. 2019. Sticky Policies: A survey. IEEE Transactions on Knowledge and Data Engineering (2019).

[29]

OASIS. 2016. Privacy Management Reference Model and Methodology (PMRM).

[30]

High-Level Expert Group on Artificial Intelligence (AI HLEG). access Sep. '19. The Ethics Guidelines for Trustworthy Artificial Intelligence (AI).

[31]

R. Perlman. 2005. The Ephemerizer: Making Data Disappear. Journal of Information System Security 1 (2005), 51--68.

[32]

Qi Zhang R. Janakiraman, M. Waldvogel. 2003. Indra: a peer-to-peer approach to network intrusion detection and prevention. WETICE 2003. (11 Jun 2003).

[33]

A. Sabelfeld and A. C. Myers. 2003. Language-Based Information-Flow Security. IEEE J. Selected Areas in Communications 21, 1 (Jan. 2003), 5--19.

Digital Library

[34]

A. De Salve, P. Mori, and L. Ricci. 2018. A survey on privacy in decentralized online social networks. Computer Science Review 27 (2018), 154 -- 176.

[35]

N. Santos, R. Rodrigues, K. P. Gummadi, and S. Saroiu. 2012. Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services. In Security'12.

[36]

G. L. Scoccia, I. Malavolta, M. Autili, A. Di Salle, and P. Inverardi. 2019. Enhancing Trustability of Android Applications via User-Centric Flexible Permissions. IEEE Transactions on Software Engineering (2019).

[37]

G. L. Scoccia, S. Ruberto, I. Malavolta, M. Autili, and P. Inverardi. 2018. An Investigation into Android Run-time Permissions from the End Users' Perspective. In MOBILESoft 2018.

[38]

A. Shamir. 1979. How to Share a Secret. Commun. ACM 22, 11 (1979), 612--613.

Digital Library

[39]

B. Shishkov and M. Janssen. 2018. Enforcing Context-Awareness and Privacy-by-Design in the Specification of Information Systems. In Business Modeling and Software Design.

[40]

I. Wagner and D. Eckhoff. 2018. Technical Privacy Metrics: A Systematic Survey. ACM Comput. Surv. 51, 3, Article 57 (2018), 57:1--57:38 pages.

[41]

Lun Wang, Joseph P. Near, Neel Somani, Peng Gao, Andrew Low, David Dao, and Dawn Song. 2019. Data Capsule: A New Paradigm for Automatic Compliance with Data Privacy Regulations. LNCS (2019).

[42]

Z. Zheng, S. Xie, H. Dai, X. Chen, and H. Wang. 2017. An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends. In BigData Congress.

[43]

M. Zignani, S. Gaito, and G. P. Rossi. 2018. Follow the "Mastodon": Structure and Evolution of a Decentralized Online Social Network. In AAAI Conference on Web and Social Media.

[44]

G. Zyskind, O. Nathan, and A. Pentland. 2015. Decentralizing Privacy: Using Blockchain to Protect Personal Data. In IEEE Security and Privacy Workshops.

Cited By

Pelliccione PBuhnova BGottschalk SWeber IEngels G(2023)Architecting and Engineering Value-Based EcosystemsSoftware Architecture10.1007/978-3-031-36847-9_3(41-68)Online publication date: 3-Jun-2023
https://doi.org/10.1007/978-3-031-36847-9_3

Hey, my data are mine!: active data to empower the user
1. Social and professional topics
  1. Computing / technology policy

Recommendations

Hey, that's personal!
UM'05: Proceedings of the 10th international conference on User Modeling

Personalized online commerce systems, context-aware pervasive computing applications, and other personalized computing systems often sacrifice privacy for added convenience or improved service. Some systems provide users with substantial benefits from ...
Haphazard, enhanced haphazard and personalised anonymisation for privacy preserving data mining on sensitive data sources

Privacy preserving data mining is a fast growing new era of research due to recent advancements in information, data mining, communications and security technologies. Government agencies and many other non-governmental organisations often need to ...
Differentially private data release for data mining
KDD '11: Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining

Privacy-preserving data publishing addresses the problem of disclosing sensitive data when mining for useful information. Among the existing privacy models, ∈-differential privacy provides one of the strongest privacy guarantees and has no assumptions ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ICSE-NIER '20: Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: New Ideas and Emerging Results

June 2020

128 pages

ISBN:9781450371261

DOI:10.1145/3377816

General Chairs:
Gregg Rothermel
North Carolina State University
,
Doo-Hwan Bae
KAIST, South Korea

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering

In-Cooperation

KIISE: Korean Institute of Information Scientists and Engineers
IEEE CS

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 September 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Short-paper

Conference

ICSE '20

Sponsor:

SIGSOFT

ICSE '20: 42nd International Conference on Software Engineering

June 27 - July 19, 2020

Seoul, South Korea

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
205
Total Downloads

Downloads (Last 12 months)18
Downloads (Last 6 weeks)0

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Pelliccione PBuhnova BGottschalk SWeber IEngels G(2023)Architecting and Engineering Value-Based EcosystemsSoftware Architecture10.1007/978-3-031-36847-9_3(41-68)Online publication date: 3-Jun-2023
https://doi.org/10.1007/978-3-031-36847-9_3

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents