Suchergebnisse

These days the digitization process is everywhere, spreading also across central governments and local authorities. It is hoped that, using open government data for scientific research purposes, the public good and social justice might be enhanced. Taking into account the European General Data Protection Regulation recently adopted, the big challenge in Portugal and other European countries, is how to provide the right balance between personal data privacy and data value for research. This work presents a sensitivity study of data anonymization procedure applied to a real open government data available from the Brazilian higher education evaluation system. The ARX k-anonymization algorithm, with and without generalization of some research value variables, was performed. The analysis of the amount of data / information lost and the risk of re-identification suggest that the anonymization process may lead to the under-representation of minorities and sociodemographic disadvantaged groups. It will enable scientists to improve the balance among risk, data usability, and contributions for the public good policies and practices. ; info:eu-repo/semantics/publishedVersion

Recent case law from the Court of justice of the European Union, such as the case of Google Spain SL and Google Inc. v Agencia Espanola de Protección de Datos (AEPD) and Mario Costeja González indicates that the repositories of grey literature may be qualified as institutions processing the personal data of the subjects mentioned in the documents stored in repositories. These repositories may face requests for the anonymization or even the removal of their documents. The purpose of this paper is to outline the legal framework and suggest procedures to approach this issue in compliance with the EU legislation. ; Článek pojednává o dopadech aktuálních rozhodnutích ESD o ochraně soukromí (Google Spain SL and Google Inc. v Agencia Espanola de Protección de Datos) na repozitáře šedé literatury. Cílem článku je vymezit právní rámec a navrhnout interní procedury, jak přistupovat k otázkám anonymizace a soukromí osob zmíněných v dokumentech.

In recent years, the use of personal data in marketing, scientific and medical investigation, and forecasting future trends has really increased. This information is used by the government, companies, and individuals, and should not contain any sensitive information that allows the identification of an individual. Therefore, data anonymization is essential nowadays. Data anonymization changes the original data to make it difficult to identify an individual. ARX Data Anonymization and Amnesia are two popular open-source tools that simplify this process. In this paper, we evaluate these tools in two ways: with the OSSpal methodology, and using a public dataset with the most recent tweets about the Pfizer and BioNTech vaccine. The assessment with the OSSpal methodology determines that ARX Data Anonymization has better results than Amnesia. In the experimental evaluation using the public dataset, it is possible to verify that Amnesia has some errors and limitations, but the anonymization process is simpler. Using ARX Data Anonymization, it is possible to upload big datasets and the tool does not show any error in the anonymization process. We concluded that ARX Data Anonymization is the one recommended to use in data anonymization.

Abstract Tor is a well-known anonymous communication system used by millions of users, including journalists and civil rights activists all over the world. The Tor Browser gives non-technical users an easy way to access the Tor Network. However, many government organizations are actively trying to compromise Tor not only in regions with repressive regimes but also in the free world, as the recent FBI incidents clearly demonstrate. Exploiting software vulnerabilities in general, and browser vulnerabilities in particular, constitutes a clear and present threat to the Tor software. The Tor Browser shares a large part of its attack surface with the Firefox browser. Therefore, Firefox vulnerabilities (even patched ones) are highly valuable to attackers trying to monitor users of the Tor Browser. In this paper, we present selfrando-an enhanced and practical load-time randomization technique for the Tor Browser that defends against exploits, such as the one FBI allegedly used against Tor users. Our solution significantly improves security over standard address space layout randomization (ASLR) techniques currently used by Firefox and other mainstream browsers. Moreover, we collaborated closely with the Tor Project to ensure that selfrando is fully compatible with AddressSanitizer (ASan), a compiler feature to detect memory corruption. ASan is used in a hardened version of Tor Browser for test purposes. The Tor Project decided to include our solution in the hardened releases of the Tor Browser, which is currently undergoing field testing.

Different types of data privacy techniques have been applied to graphs and social networks. They have been used under different assumptions on intruders' knowledge. i.e., different assumptions on what can lead to disclosure. The analysis of different methods is also led by how data protection techniques influence the analysis of the data. i.e., information loss or data utility. One of the techniques proposed for graph is graph perturbation. Several algorithms have been proposed for this purpose. They proceed adding or removing edges, although some also consider adding and removing nodes. In this paper we propose the study of these graph perturbation techniques from a different perspective. Following the model of standard database perturbation as noise addition, we propose to study graph perturbation as noise graph addition. We think that changing the perspective of graph sanitization in this direction will permit to study the properties of perturbed graphs in a more systematic way. ; CC BY 4.0 Also part of the Security and Cryptology book sub series (LNSC, volume 11737) This work was partially supported by the Swedish Research Council (Vetenskapsrådet) project DRIAT (VR 2016-03346), the Spanish Government under grants RTI2018-095094-B-C22 "CONSENT" and TIN2014-57364-C2-2-R "SMARTGLACIS", and the UOC postdoctoral fellowship program.

Medical and genetic information from medical research must be protected against unauthorized access and replication. This book is a practical guide demonstrating how coding methods, providing the required high degree of data protection, can be integrated into respective applications dealing with patient related medical and genetic data. K.-H. Schriever, University of Applied Sciences at Biberach, Germany; M. Schröder, Tembit Software GmbH, Berlin, Germany