Search Results (1 - 25 of 42 Results)

Sort By  
Sort Dir
 
Results per page  

Miracle, Jacob M.De-Anonymization Attack Anatomy and Analysis of Ohio Nursing Workforce Data Anonymization
Master of Science in Cyber Security (M.S.C.S.), Wright State University, 2016, Computer Engineering
Data generalization (anonymization) is a widely misunderstood technique for preserving individual privacy in non-interactive data publishing. Easily avoidable anonymization failures are still occurring 14 years after the discovery of basic techniques to protect against them. Identities of individuals in anonymized datasets are at risk of being disclosed by cyber attackers who exploit these failures. To demonstrate the importance of proper data anonymization we present three perspectives on data anonymization. First, we examine several de-anonymization attacks to formalize the anatomy used to conduct attacks on anonymous data. Second, we examine the vulnerabilities of an anonymous nursing workforce survey to convey how this attack anatomy can still be applied to recently published anonymous datasets. We then analyze the impact proper generalization techniques have on the nursing workforce data utility. Finally, we propose the impact emerging technologies will have on de-anonymization attack sophistication and feasibility in the future.

Committee:

Michelle Cheatham, Ph.D. (Committee Chair); John Gallagher, Ph.D. (Committee Member); Thomas Wischgoll, Ph.D. (Committee Member); Robert Fyffe, Ph.D. (Other); Mateen Rizki, Ph.D. (Other)

Subjects:

Computer Engineering; Computer Science; Information Science; Information Technology

Keywords:

Anonymization; Semantic Web; Privacy; De-Anonymization Attacks; Record Linkage Attacks; Ohio Nursing Workforce; Privacy Attack Survey; Information Privacy; Anonymous Data; Privacy Breach

Dennis Frampton, Bethany R.Managing Facebook Friend Requests in Workplace Relationships: An Application of Communication Privacy Management Theory
MA, Kent State University, 2010, College of Communication and Information / School of Communication Studies
With over 350 million users, Facebook is a popular social networking site individuals utilize to keep in touch with family, friends, and colleagues, yet the study of Facebook use in the workplace is still in its infancy. By employing Communication Privacy Management (CPM) theory as a theoretical framework to explore coworker Facebook friend request decisions and the antecedents that influence those very decisions. Participants most frequently accepted a coworker Facebook friend request; however, this study found that variations in coworker Facebook friend request decisions occurred due to a wide range of factors, including organizational privacy orientation, coworker communication satisfaction, intensity of Facebook use, and current Facebook privacy management practices. Both the need for impression management and impact of organizational socialization influence an individual’s decisions when in receipt of a coworker Facebook friend request. The present study supports CPM theory, as results indicate the influence of privacy orientations and boundary management. This research indicates that as Facebook continues to allow the ability to blur the lines between our personal and professional lives, privacy issues and social media will continue to play a pivotal role in interactions.

Committee:

Jeffrey T. Child, Ph.D. (Advisor); Robyn E. Parker, Ph.D. (Committee Member); Mei-Chen Lin, Ph.D. (Committee Member)

Subjects:

Communication; Information Systems; Mass Media; Personal Relationships

Keywords:

Facebook; social media; Communication Privacy Management (CPM) theory; communication satisfaction; privacy management; boundary management; organizational privacy orientation; intensity of Facebook use; socialization; impression management

Westermann, David A.Mom, Dad, Let’s Be (Facebook) Friends: Exploring Parent/Child Facebook Interaction from a Communication Privacy Management Perspective
MA, Kent State University, 2011, College of Communication and Information / School of Communication Studies
As the use of Facebook continues to grow, individuals aged 35 and older represent the fastest growing demographic. Parents and children now have the opportunity to connect with each other through the website. However, research investigating parent/child Facebook interaction remains scarce. This thesis utilizes Communication Privacy Management (CPM) theory to better understand young adults’ decisions regarding parental Facebook friend requests. In addition, the relational characteristics of parental trust and relational quality are examined in relation to young adults’ decisions. Results indicate young adults generally accept friend requests from their parents while making few, if any, changes to their privacy management practices. Parental trust and relational quality are related to young adults’ decisions when faced with a mother’s friend request, but not those received from a father. Explanations for the differences in results by parent are elucidated. This study adds to a growing body of research demonstrating that individuals use Facebook to connect with a multitude of face-to-face social ties and addresses implications for this phenomenon.

Committee:

Jeffrey Child, Ph.D. (Advisor); Mei-Chen Lin, Ph.D. (Committee Member); Jung Hyun Kim, Ph.D. (Committee Member)

Subjects:

Communication; Families and Family Life; Mass Media

Keywords:

Communication; Communication Privacy Management theory; privacy management; Facebook; family privacy orientation; relational quality; parental trust; role theory; boundary management

Stevens, Arlonda MANTECEDENTS AND OUTCOMES OF PERCEIVED CREEPINESS IN ONLINE PERSONALIZED COMMUNICATIONS
Doctor of Philosophy, Case Western Reserve University, 2016, Management
In an effort to deepen customer relationships (Relationship Marketing), marketers and online firms deliver personalized communications based on a consumers’ digital footprint and other Big Data that they think will improve its effect; but the personalized messages are sometimes perceived to be “creepy” by the recipient. Marketers are admonished to not be creepy, but, there is not a unified definition of what creepy is or isn’t, nor have the factors leading to perceived creepiness been clearly identified—there is a common feeling of discomfort, but no unified definition. The goal of this study is to address three research questions. First, what is creepy? Second, what factors lead to perceived creepiness? And third, can a scale to measure perceived creepiness be operationalized and used to validate those factors? I conducted a three-part; sequential, mixed methods study to define perceived creepiness and to identify the antecedents and consequences of perceived creepiness in personalized online messages. The study confirmed that transparency by the firm about their data collection, use and sharing practices and that enabling the consumer to exercise control over the collection, use and sharing of their personal information (including the ability to opt–out of personalized messages) are antecedents of perceived creepiness. Also, whether the message was “in context” or “out of context” had an effect on if the message was perceived to be creepy. It also suggests that trust in the sender has a direct effect on perceived creepiness; and perceived creepiness has a negative effect on customer satisfaction, which can harm brand reputation, sales, and revenue. This research makes a scholarly contribution by providing a theoretical framework for a Theory of Perceived Creepiness. It also makes a contribution to practice by providing marketers with an understanding of what leads to perceived creepiness, so that they can take action to avoid negative effects of personalized communication on customer satisfaction.

Committee:

Richard Boland, Jr. (Committee Chair); Mary Culnan (Committee Member); Kalle Lyytinen (Committee Member); Casey Newmeyer (Committee Member)

Subjects:

Information Science; Management; Marketing; Mass Media

Keywords:

Creepy; Creepy Marketing; Personalized Communication; Transparency; Control; Creepy Quadrant; Online Information Privacy Concerns; Online Behavioral Advertising; Data Privacy; Trust; Customer Satisfaction

Schwarz, Christopher CharlesAttack-ademically Ineligible: Student Athlete Sex Crimes and the Dangerous Misunderstandings of FERPA
Master of Science, The Ohio State University, 2016, Kinesiology
This thesis discusses privacy rights and university obligations with regard to alleged sex crimes by student-athletes. Sexual assault remains a long-standing problem at universities nationwide, the eradication of which is only just beginning as many schools join the movement to provide safe academic forums for victims to express their experiences. However, we are far from a rape-free collegiate America. When a sex-crime occurs, the treatment by universities of what they must disclose, and to whom, lacks consistency. The problem may be that universities hide behind the Federal Education Rights and Privacy Act (FERPA) more than what may be appropriate; it may be a matter of state law or university policy. This thesis maps out the issues, the governing law, where it is clear and where it is gray, and how to amend the gray areas for the sake of protecting students subjected to sex-crimes. The methods used were case analysis and use of a hypothetical for application. While many cases dot the landscape during the analytical process, the student-athlete as he or she relates to FERPA, served as the cornerstone to understanding FERPA’s effect on university privacy duties and FERPA’s effect on the student body through the student-athlete. The research showed that while FERPA may be ambiguous, universities hide behind FERPA more than what the legislation allows, thus harming school community interests and leaving students vulnerable to potentially dangerous situations, the likelihood of which could be significantly diminished if more universities chose to speak up rather than hide behind FERPA.

Committee:

Brian Turner, Dr. (Advisor); Donna Pastore, Dr. (Committee Member)

Subjects:

Criminology; Education; Education Finance; Education Policy; Higher Education; Kinesiology; Law; Legal Studies; Personal Relationships; Political Science; Public Health; Public Policy; Sports Management; Sports Medicine; Womens Studies

Keywords:

Federal Education Rights and Privacy Act; FERPA; Privacy; Law; Student; Athlete; Student-Athlete; Sex; Crime; Sexual Assault; Assault; Education; Football; Basketball; NCAA; NFL; Ohio State; Florida State; Winston; Rape; HIV; Congress; Safety; Emergency

Sun, TianyiEffects of Social Network Sites on Social Capital and Awareness of Privacy: A Study of Chinese and U.S. College Students' Usage of Social Network Sites
Master of Science (MS), Ohio University, 2014, Journalism (Communication)
This thesis examined the effects of social network sites (SNS) on users' social capital and privacy awareness and tested if differences existed in intensity of SNS usage and its relationship with students' social capital and privacy awareness between Chinese and the U.S. college students. An online survey conducted among Chinese Renren Network users and the U.S. Facebook users showed that the usage of SNSs was positively related to users' social capital (both bridging and partially bonding) and privacy awareness. Significant differences were found in the intensity of SNS usage and bridging social capital between the users of Facebook and Renren Network.

Committee:

Jatin Srivastava (Advisor); Bernhard Debatin (Committee Member); Parul Jain (Committee Member)

Subjects:

Communication; Journalism

Keywords:

social capital; social networking sites; privacy awareness; cultural difference; privacy paradox; friendship

WITTE, NATHAN ALLANPRIVACY: ARCHITECTURE IN SUPPORT OF PRIVACY REGULATION
MARCH, University of Cincinnati, 2003, Design, Architecture, Art, and Planning : Architecture
Architecture often fails to meet people’s need for privacy. This failure is not for a lack of trying, but rather due to a lack of understanding privacy as the process of regulating interaction with others. Privacy is often misconstrued as the shutting out of interaction. Privacy is a dialectic process of increasing and decreasing interaction. Desires for interaction are dynamic and varying, shifting through time and from person to person. Behavioral mechanisms such as personal space, verbal and preverbal communications, and territory are used to regulate privacy. Architecture often fails to respond to the dynamics and variations of privacy desires, rather imposing an environment supporting a fixed level of interaction, against which occupants must struggle. Environments should be supportive of the user’s privacy needs, facilitating the behavioral processes used to regulate interaction.

Committee:

MICHAEL McINTURF (Advisor)

Subjects:

Architecture

Keywords:

privacy regulation; control; architecture; environmental design; student housing

Somasundaram, JyothilakshmiReleasing Recommendation Datasets while Preserving Privacy
Master of Science, Miami University, 2011, Computer Science & Software Engineering

Recommender systems are used to predict the interest of a customer on a particular item based on that customer's ratings on other items. Many websites like Amazon and Netflix use such systems to recommend items of potential interest to their customers. In order to improve their recommendation service, the data owners sometimes publicly release all or part of their recommendation data i.e., the ratings of their customers on various items without any person specific detail like the customer names. Still, this released data could suffer from re-identification attacks compromising the customer's privacy.

However, such releases in the past, like the one by Netflix, proved to be fruitful. So, in our work, we propose a technique to publish these recommendation datasets without compromising the privacy of the customers. The goal of this thesis is to provide better privacy and utility than the current solutions.

Committee:

Keith Frikken, Dr (Advisor); William Brinkman, Dr (Committee Member); Lukasz Opyrchal, Dr (Committee Member)

Subjects:

Computer Science

Keywords:

Privacy; Recommendation datasets; Re-identification; Netflix contest; Utility

Shepard, Samuel StevenAnonymous Opt-Out and Secure Computation in Data Mining
Master of Science (MS), Bowling Green State University, 2007, Computer Science
Privacy preserving data mining seeks to allow users to share data while ensuring individual and corporate privacy concerns are addressed. Recently algorithms have been introduced to maintain privacy even when all but two parties collude. However, exogenous information and unwanted statistical disclosure can weaken collusion requirements and allow for approximation of sensitive information. Our work builds upon previous algorithms, putting cycle-partitioned secure sum into the mathematical framework of edge-disjoint Hamiltonian cycles and providing an additional anonymous “opt-out” procedure to help prevent unwanted statistical disclosure.

Committee:

Ray Kresman (Advisor)

Subjects:

Computer Science

Keywords:

collusion resistance; secure sum; edge-disjoint hamiltonian cycle; bit-partitioned; privacy-preserving data mining; anonymous opt-out; ID assignment

Simmons, NathanielNegotiating Boundaries in a Globalized World: Communication Privacy Management between Foreign English Teachers and Japanese Co-workers in Japan
Doctor of Philosophy (PhD), Ohio University, 2014, Communication Studies (Communication)
In order to better understand ways in which globalization influences intercultural communication, this study examines ways in which foreign English teachers in Japan and Japanese co-workers manage privacy. Using Petronio's (2002) communication privacy management theory, as well as thematic (Lindlof & Taylor, 2002) and cultural discourse analysis (Carbaugh, 2005, 2007), this study analyzed interview transcripts from 77 participants (39 English language teachers, and 38 Japanese co-workers) regarding ways in which (a) privacy is conceptualized and managed, (b) cultural premises guide such negotiations, and (c) larger structures enable and constrain privacy management between foreign English teachers and Japanese co-workers. English language teachers (ELTs) defined privacy as a multi-dimensional construct encompassing personal information, space, and actions. ELTs perceived their privacy boundaries to be breeched when asked about one's: (a) space and place, (b)bodies, (c) sexuality, and (d) dating/romantic relationships. ELTs employed the following management strategies: (a) withdrawal, (b) cognitive restructuring, (c) independent control, (d) lying, (e) omission, (f) avoidance, and (g) gaijin smashing. Japanese co-workers defined privacy as information that should be hidden and managed such information by: (a) drawing clear boundaries by not talking or changing contexts, and (b) being pre-emptive by demarcating privacy boundaries early on within a relationship. In terms of cultural premises, ELTs revealed: (a) they should not be constructed as a "free space" for privacy inquisition by Japanese co-workers, (b) they expected voluntary reciprocity in (egalitarian) workplace relationships, and (c) they expected coworkers to be co-owners who would not share private disclosures. Japanese co-workers revealed: (a) privacy inquisitions are acts of kindness/caring, (b) time matters for privacy disclosure in Japan, (c) age matters for privacy disclosure in Japan, and (d) that ELTs should "Do as Japanese do"; or, in other words, accommodate Japanese cultural norms and regulations for privacy management. Rooted in English hegemonic and xenophobic practices, I identified the ideological construction of ELTs as "not real teachers" which is heightened through the commodification of ELTs' culture. This construction negated opportunities for successful privacy management through co-owner relationships. Similarly, Japanese coworkers viewed ELTs as guests or special visitors which positioned ELTs as inadequate teachers. Theoretical and practical implications are discussed.

Committee:

Yea-Wen Chen (Committee Chair); Claudia Hale (Committee Member); Laura Black (Committee Member); Gregory Janson (Committee Member)

Subjects:

Communication

Keywords:

globalization; English language teachers; Japan; cultural discourse analysis; thematic analysis; communication privacy management; migrant workers; intercultural communication; interpersonal communication; foreign teachers; intercultural workplace

KINSEY, MICHAEL LOYPRIVACY PRESERVING INDUCTION OF DECISION TREES FROM GEOGRAPHICALLY DISTRIBUTED DATABASES
MS, University of Cincinnati, 2005, Engineering : Computer Science
When applying contemporary decision tree construction techniques, such as the commonly used ID3 algorithm, to situational input stored in geographically distributed databases, several problems can arise from the construction process. Previously developed construction algorithms require a complete and local dataset from which a decision tree can be built. This means that all data stored in distributed databases must be transferred to a common site. The danger in this transfer is obvious if the data itself is innately sensitive. The privacy preserving methods described in this thesis will nullify all problems posed from the need to transfer distributed data to a common location before decision tree construction can begin.

Committee:

Dr. Raj Bhatnagar (Advisor)

Subjects:

Computer Science

Keywords:

decision tree; privacy preserving; data mining

Darwish, Roba N.A Detailed Study of User Privacy Behavior in Social Media
MS, Kent State University, 2017, College of Arts and Sciences / Department of Computer Science
Social Networking Sites achieved a breakthrough over the past few years since they allow individuals to be in touch with family and friends, but also raised privacy concerns when it comes to disclosing personal information with others. In spite of the privacy options provided by these sites, studies have shown that almost 25% of the users prefer not to change, or are not even aware of the service's privacy settings. This study investigates users’ behavior in terms of how they choose their privacy settings on Facebook. It examines the impact of faces and tags existence on user’s privacy. Moreover, we extend the work on YourPrivacyProtector, a system for monitoring and recommending privacy settings in Facebook, and enhance the recommendation system by examining photos with faces and tags. We use machine learning techniques to understand privacy settings of different users and recommend them a stronger a privacy setting. We also evaluate our algorithms with a case study.

Committee:

Kambiz Ghazinour (Advisor); Austin Melton (Committee Member); Ye Zhao (Committee Member)

Subjects:

Computer Science

Keywords:

Privacy; Social Media; Tags; Faces; Machine Learning

Hartson, H. RexLanguages for specifying protection requirements in data base systems - a semantic model /
Doctor of Philosophy, The Ohio State University, 1975, Graduate School

Committee:

Not Provided (Other)

Subjects:

Computer Science

Keywords:

Privacy;Electronic data processing

Cohen, DavidDesign of event-driven protection mechanisms /
Doctor of Philosophy, The Ohio State University, 1977, Graduate School

Committee:

Not Provided (Other)

Subjects:

Computer Science

Keywords:

Privacy;Electronic data processing departments

Solic, MargaretA Nation Against Itself: Domestic Violence, Feminism, and the State
Doctor of Philosophy, The Ohio State University, 2015, History
This dissertation examines the history of activism around domestic violence. It looks at how activists defined domestic violence as an abuse of power in the 1970s and how they proposed solutions that sought to empower battered women. It argues that in the post-World War II United States, two related factors kept society from recognizing domestic violence as a social ill and not an individual problem. First, after World War II, the suburban home, and the heterosexual marriages it protected, was shrouded more from public scrutiny than it had been in any earlier period. Second, social workers, judges, and activists defined domestic violence in the late 19th and early 20th century as a problem confined to homes of color, caused by supposed ethnic, racial, and class deficiencies. These two factors worked together to keep domestic violence out of public conversation and to shield white men in particular from accusations of abuse. In the 1970s, however, inspired to make the personal political, battered women began to look inward and critically examine the conditions of their abuse. They began to see their abuse as resulting from a gendered exploitation of power. Using legal records, this dissertation examines the ways in which battered women called on the police to abandon arrest avoidance policies. They argued that such policies violated their right to equal protection under the law and inspired changes to police department policies around the country. This led to the development of mandatory arrest laws, which required police to arrest a perpetrator when they suspect that abuse has taken place. Battered women also tried to propose solutions that existed outside of the state, starting battered women’s shelters and working to empower women to leave abusive relationships. My dissertation explores this movement by examining three case studies. First, I look at two court cases that battered women brought against police departments in New York City and Oakland, respectively, to challenge their arrest-avoidance policies. These cases demonstrate that low-income and women of color led the fight to change police policy on domestic abuse. I also look at a shelter that was founded in Bangor, Maine in the early 1970s. This case gives us insight into how shelters established themselves as alternative institutions, both to state-run shelters and to patriarchal homes. It also demonstrates how feminist activism thrived outside of major east coast cities like New York and Washington, D.C., where much scholarship on the women’s movement is centered.

Committee:

Judy Wu (Advisor)

Subjects:

History; Womens Studies

Keywords:

history; women; domestic violence; social movements; race; privacy

Butauski, MariaYoung Adults' Identity Exploration: Privacy Management and Parent-child Communication on Topics of Career, Religion, and Politics
MA, Kent State University, 2016, College of Communication and Information / School of Communication Studies
This study aimed to highlight the intersections two perspectives, privacy and identity, to explore how young adults share information regarding their identity development with parents across three different areas thought to be central to ego identity development: career, religion, and politics. Parental behaviors perceived as supportive were positively correlated with more openness and less topic avoidance across all three topics (career, religion, politics), while parental behaviors perceived as interference or neglect was correlated to less openness and more topic avoidance across the topics addressed. Additionally, young adults' levels of identity exploration and commitment were investigated as predictors of privacy behaviors. Significant differences between levels of exploration and commitment were found. The investigation provides validation of a new privacy scale measuring interpersonal openness, offers a new way to assess identity exploration and commitment levels, and highlights the relationship between identity exploration and commitment and privacy management.

Committee:

Mei-Chen Lin, PhD (Advisor); Jeffrey T. Child, PhD (Committee Member); Janet Meyer, PhD (Committee Member)

Subjects:

Communication; Families and Family Life

Keywords:

privacy management, career, religion, politics, young adults

Youssef, IngyTrust via Common Languages
Doctor of Philosophy, The Ohio State University, 2016, Computer Science and Engineering
To prove the authenticity of a node X to a node Y that does not know X, the conventional approach is to use X’s knowledge of some certified identity I. The use of knowledge at Y is eschewed, or used only to model adversarial strategies, as opposed to improve the security properties of authentication protocols. In this thesis, we consider using the knowledge at Y along with the knowledge at X to provide an alternative basis of trust; instead of X proving identifying knowledge to Y, both X and Y use their knowledge to prove knowledge commonalities, i.e., that their knowledge is related, which serves as a basis of trust between them. Our approach to establishing trust between X and Y allows us to forgo the use of certified identities. We define relations between the knowledge of X and Y on common values, thereby constituting a common language L of both. Interaction between X and Y on input I yields a proof of membership of I in L allowing X and Y to trust each other on the basis of their related knowledge. To this end, it suffices to design the common language and its corresponding relation to be used as a basis of authentication instead of certified identities. Thus, while authentication has usually been at odds with privacy and anonymity, using proofs on common languages makes it possible to achieve authentication that is privacy and anonymity preserving. We propose the common language model along with a new interactive proof system of membership in the common language. We detail the design of common languages and propose a number of common languages for NP languages. The possibility of nesting common languages is illustrated through a proposal for a co-NP common language. We develop a protocol suite of secure and efficient protocols realizing proofs of membership in the proposed common languages. These protocols can be used when both X and Y have identical or non identical knowledge of the inputs in the common language. The protocols presented are efficient and practical, and can be used for resource constrained networks. This motivates a wide range of applications, including lifetime secrets, and a practical realization of secure two party computation for authentication and others that we propose throughout this thesis.

Committee:

Anish Arora (Advisor); Dong Xuan (Committee Member); Timothy Carlson (Committee Member); Yinqian Zhang (Committee Member)

Subjects:

Computer Science

Keywords:

Proof Systems, Zero Knowledge, Identification, Authentication, Privacy, Trust

Basciftci, Yuksel OPrivate and Secure Data Communication: Information Theoretic Approach
Doctor of Philosophy, The Ohio State University, 2016, Electrical and Computer Engineering
Wireless networks flourishing worldwide enable online services, such as social networks and search engines to serve huge number of users and to collect large amount of data about their users. Sharing of this data has been key driver of innovation and improvement in the quality of these services, but also raised major security and privacy concerns. This thesis aims to address privacy concerns in data sharing as well as security concerns in wireless data communication using information theoretic framework. In the first part of the thesis, we build security establishing algorithms that bring unbreakable security to wireless data communication. The broadcast nature of wireless medium makes data communication susceptible to various security attacks. For instance, an adversary can eavesdrop on confidential data traffic without actually tapping a wire or optical fiber, or block the data traffic by transmitting meaningless but powerful radio signals. First, we study point-to-point communication in the presence of a hybrid adversary. The hybrid half-duplex adversary can choose to either eavesdrop or jam the transmitter-receiver channel in arbitrary manner. The goal of the transmitter is to communicate a message reliably to the receiver while keeping it asymptotically secret from the hybrid adversary. We show that, without any feedback from the receiver, the channel capacity is zero if the transmitter-to-adversary channel stochastically dominates the effective transmitter-to-receiver channel. However, the channel capacity is non-zero even when the receiver is allowed to feedback only one bit periodically, that describes the transmitter-to-receiver channel quality. Our novel achievable strategy improves the rates proposed in the literature for the non-hybrid adversarial model. Then, we study the security of a single-cell downlink massive multiple input multiple output (MIMO) communication in the presence of an adversary capable of jamming and eavesdropping simultaneously. After showing massive MIMO communication is naturally resilient to no training-phase jamming attack in which the adversary jams only the data communication and eavesdrops both the data communication and the training, we evaluate the number of antennas that base station (BS) requires in order to establish information theoretic security without even a need for extra security encoding. Next, we show that things are completely different once the adversary starts jamming the training phase. Specifically, we consider an attack, called training-phase jamming in which the adversary jams and eavesdrops both the training and the data communication. We show that under such an attack, the maximum secure degrees of freedom (DoF) is equal to zero. To counter this attack, we develop a defense strategy in which we use a secret key to encrypt the pilot sequence assignments to hide them from the adversary, rather than encrypt the data. We show that, if the cardinality of the set of pilot signals are scaled appropriately, hiding the pilot signal assignments from the adversary enables the users to achieve secure DoF, identical to the maximum achievable DoF under no attack. The last part of the thesis is devoted to developing a mathematical framework for privacy-preserving data release mechanisms. The objective of privacy-preserving data release is to provide useful data with minimal distortion while simultaneously minimizing the sensitive data revealed. Dependencies between the sensitive and useful data results in a privacy-utility tradeoff that has strong connections to generalized rate-distortion problems. In this work, we study how the optimal privacy-utility tradeoff region is affected by constraints on the data that is directly available as input to the release mechanism. Such constraints are potentially motivated by applications where either the sensitive or useful data is not directly observable. For example, the useful data may be an unknown property that must be inferred from only the sensitive data. In particular, we consider the availability of only sensitive data, only useful data, and both (full data). We show that a general hierarchy holds, that is, the tradeoff region given only the sensitive data is no larger than the region given only the useful data, which in turn is clearly no larger than the region given both sensitive and useful data. In addition, we determine conditions under which the tradeoff region given only the useful data coincides with that given full data.

Committee:

Emre Koksal (Advisor)

Subjects:

Electrical Engineering

Keywords:

Data privacy, data security, information theory, physical layer security, wireless communiation

Al-Shareeda, Sarah Yaseen AbdulrazzaqEnhancing Security, Privacy, and Efficiency of Vehicular Networks
Doctor of Philosophy, The Ohio State University, 2017, Electrical and Computer Engineering
Vehicular Adhoc Networks (VANETs) promises to empower the future autonomous vehicles with a cooperative awareness facility that will help in avoiding accidents and alleviating traffic congestion. The foreseen collective awareness requires the vehicles to communicate with their neighbors and with the infrastructure; such communication will need the fulfillment of many requirements such as security, privacy, and efficiency. The Dedicated Short-Range Communication (DSRC) standard has been formulated to afford these requisites. On one hand, when focusing on the application layer, DSRC adopts the successful Internet-based Public Key Infrastructure (PKI) framework to safeguard the vehicles. However, PKI alone cannot comprehensively meet all of the security and privacy requirements. On the other hand, the DSRC 's Medium Access Control (MAC) layer adopts the IEEE 802.11p access mode, which also needs augmentation to fulfill the efficiency of communication when collisions arise for safety beacons. Since many issues have not been well addressed in DSRC, academic, industrial, and governmental research has flourished over the last two decades to complement the standard. As being part of such large research community, we also have been incentivized to contribute with our own solutions. Our contributions have been ranging between two limits: either finding solutions to acclimate with the available DSRC shortcomings or disregarding the bias that DSRC has towards using only specific standards by bringing other alternative frameworks into scene. With the first direction in mind, our efforts are a mixture of high-level re-arrangement protocols such as grouping and overhead omissions to minimize the PKI and Carrier Sense Multiple Access - Collision Avoidance (CSMA/CA) privacy and efficiency shortcomings. For the other direction, we especially address the application layer level. Since some frameworks have small communication overhead while others have high anonymous traits, we have attempted low-level alternatives to PKI and Elliptic Curve Integrated Encryption Scheme (ECIES) and to overcome their confidentiality, privacy, and efficiency limitations. First, to augment the security of sensitive non-safety applications in PKI, our first research track concerns itself with finding alternatives for the used low-level encryption primitive such as ECIES and Advanced Encryption Standard (AES). The reason behind such effort is the authentication-dependability of ECIES/AES and key management of AES; therefore, we investigate the suitability of using a state-of-the-art low-level partial homomorphic encryption scheme to generate encrypted identities and keys to secure the sensitive non-safety data transfer. Our second research track concerns itself with preserving location privacy of vehicles since PKI does not afford privacy. To avoid the available privacy preservation solutions' covering-encryption overhead and silent-periods' lack of communication, we propose the idea of making vehicles create dynamic mix zones using an alternative super anonymous authentication scheme to hide their pseudonym change. Our third contribution falls within the augmentation of efficiency of communication when safety beacons collisions arise due to limited medium, CSMA/CA access mode, and PKI beaconed overhead. In this regard, we use the concept of grouping and overhead reduction to lower the vehicles' competition for the channel. Rather than having many individual vehicles communicate their information to the infrastructure, group leaders become main figures of communication. Our fourth work focuses on building an efficient identity based alternative authentication for VANETs other than PKI with the goal of having less communication overhead. Our built framework has fast computations, no elliptic curves pairings, smaller communication overhead, and more anonymous usage of pseudo identities to achieve the needed privacy. Focusing on the efficiency aspect of vehicular communication, in the fifth exerted effort, rather than using only PKI to authenticate users, we introduce a context aware authentication interchange protocol to match the situational neighborhood conditions of vehicles. If it is a dense network, our scheme switches to use a lower overhead authentication scheme; if it is a sparse network, the vehicle automatically switches to a more anonymous authentication. In a nutshell, the domain of VANETs offers a unique set of challenges; yet they present immense opportunities for research. We address three major challenges and suggested five research directions that may help in overcoming these limitations. We hope through these tracks of research to cast a light on the suitability of new concepts in affording the security, privacy, and availability of VANETs communications while achieving a comparable performance to the already adopted schemes.

Committee:

Fusun Ozguner, Professor (Advisor); Can Emre Koksal, Professor (Committee Member); Xiaorui Wang, Professor (Committee Member)

Subjects:

Computer Engineering; Computer Science; Electrical Engineering; Transportation

Keywords:

Vehicular Networks; Public Key Infrastructure; Security; Privacy; Cryptography; Elliptic Curves Cryptography; Pairings; Group Signatures; Trust; Authentication; Grouping; Dedicated Short Range Communication; Beaconing Rate

Kwapich, Sally JSmartphone Spying: Uncovering Hidden Dangers
Master of Liberal Studies, University of Toledo, 2013, Liberal Studies
The smartphone’s potent dependency, hyper-connectivity and distracting habits are changing the world at a rapid pace by tracking movement locations or extracting private contact data and ultimately impacting personal privacy. Attention-grabbing stimuli, surveillance ability, software applications (apps) and user practices associated with the smartphone have been presented as evidence of growing concern as causes for privacy erosion. Based on my review and analysis of the limited scholarly discussion available of this new but fast-developing technology, it is my opinion that apps are exploiting smartphone features to unknowingly rob users of their data by assembling travel patterns and viewing search behaviors. Three main theories shroud the causes of dependency and developing user habits which uncover certain reasons (simplicity and impetuses of the device’s functions and features) that legitimizes the enormous acceptance of smartphones even with the risk of privacy loss. The multifaceted smartphone coupled with the speed of change and acceptance has kept researchers and privacy advocates at bay. However, the discovery of hidden surveillance activities and signs of academia’s attention to smartphone security issues is promising. As the mobile industry makes modifications to enable user choice not-to-track or collect data, the scope of data loss would be minimized. In this thesis, I am proposing the smartphone surveillance model which encompasses habits, surveillance and choice evolution with a focus on privacy loss. The proposed surveillance model and following synthesis implies that by integrating the major posture of three theories, which collectively address manipulative software and smartphone user processing fluency, the need for explicit user choice is exposed.

Committee:

Sumitra Srinivasan (Committee Chair); Paul Fritz (Committee Member); Richard Knecht (Committee Member)

Subjects:

Communication; Information Systems; Information Technology; Legal Studies; Mass Communications; Multimedia Communications; Technology

Keywords:

smartphone; privacy loss; human-computer interaction; mobile computing; smartphone addiction; apps

Zhu, JianAccess Control for Cross Organizational Collaboration
Doctor of Philosophy (Ph.D.), University of Dayton, 2012, Electrical Engineering
Access control must provide a secure environment for collaboration among independent organizations with different policies, systems, and locations. In addition, a trust climate needs to be fostered to encourage collaborators to focus more on sharing than on self-protecting. Privacy preservation is also an indispensable part to protect personal information. The objective of this work is to address these requirements by building a comprehensive model that provides flexible and fine-grained access control across organizational boundaries. First the scope of the model is defined according to the discussion of three taxonomies: access control models, the relationships between resources and attacks, and attributes. The core model is then developed based on Attribute Based Access Control (ABAC). A few new concepts including requests, prerequisites, and obligations are introduced. A decision making procedure is designed in a way that pre-determined access control decisions can be revoked during a session, which greatly improves the flexibility of the model. Since conflicting decisions may be drawn from different policies, an analysis of possible reasons is performed. Combination principles are then designed to enable automatic merging of policies without human intervention. Another contribution here is trust based attribute management. Despite of the fact that attributes are important direct impacting factors for access control, few research efforts were made to maintain their correctness and exactness in a timely manner. To address this, a systematic definition of the lifecycle of an attribute is provided along with definitions of management subjects, objects, and operations. Trust levels of subjects are then used to determine who and when to perform these operations. The values of trust levels are determined using algorithms developed based on parameters such as collaboration level, recommendation, and reputation. The trustworthiness of attributes is also discussed. The requirement of privacy preservation is addressed in two stages. First, concepts such as purpose, usage period, and disclosure are defined and incorporated into decision making functions of the model. Second, an object is disintegrated into different views with different levels of specialization and generalization. Each view is then associated with at least one pud (purpose, usage period, and disclosure). The introduction of disclosure provides a paradigm for the second use and dissemination of information. Finally, future research directions and work, including those regarding the implementation, are discussed.

Committee:

John S. Loomis (Advisor)

Subjects:

Computer Engineering; Computer Science; Electrical Engineering

Keywords:

Access control; Attribute management; Trust; Privacy preservation; Collaboration; Policy combination and conflict resolution

Bobade, Kailas B.Personalized Credential Negotiation Based on Policy Individualization in Federation
MS, Kent State University, 2009, College of Arts and Sciences / Department of Computer Science
In virtual business place, organizations store information of its members. Federated Access Control Systems such as Shibboleth, Active Directory Federation Service allow virtual organizations to share their member’s information. Based on this information, members enjoy seamless access to federated resources. However in this federated world, a member’s information is divulged by her home organization. The member has little say in it. We have presented an extension to this work where members can personalize their own attribute release policy. As opposed to simple request reply based communication, such personalization inherently necessitates a mechanism of negotiation. To facilitate such personalization, we have presented negotiation enabled framework in federation which allows selection of negotiation flavor on per-need-basis i.e. Personalized Negotiation. This is supported by negotiation protocol which defines the ordering of the messages and unique message structure that carries negotiation information.

Committee:

Dr. Javed Khan, Phd (Advisor); Dr. Peyravi Hassan, Phd (Committee Member); Dr. Austin Melton, Phd (Committee Member)

Subjects:

Computer Science; Information Systems

Keywords:

Personalization; Federation; Privacy; Negotiation; Security

Liu, MenghanPULMONARY FUNCTION MONITORING USING PORTABLE ULTRASONOGRAPHY AND PRIVACY-PRESERVING LEARNING
Master of Sciences, Case Western Reserve University, 2017, EECS - Computer Engineering
Personal health monitoring system in home environment has gained more and more attention. In the personal data transmission and analysis, privacy is an important con- cern. In this thesis, I present a privacy-preserving health monitoring architecture, which can extract respiratory signs from ultrasound images and collaboratively build deep learning model for classifying health status. The architecture contains a global server and several local sites. Each local site consists of an ultrasound probe and a tablet. Per- formance of the system is evaluated with several experiments. The error of respiratory rate measurement is less than 0.5 time/minute, and the average error of tidal volume estimation is about 0.1 L. Performance of privacy-preserving deep learning architecture is tested using a human activity recognition dataset. The reconstructed rate could keep 90% in different scenarios. In conclusion, the proposed monitoring system is feasible for personal health monitoring.

Committee:

Huang Ming-Chun (Committee Chair); Danel Saab, G. (Committee Member); Soumyajit Mandal (Committee Member)

Subjects:

Computer Engineering; Health Care

Keywords:

Ultrasonography, Personal healthcare, Pulmonary function, Privacy-preserving deep learning

Jones, Melanie AnneMitigating Uncertainty Through Government Intervention-exploring the Impact of Public Policy on Internet Privacy Concerns
PhD, University of Cincinnati, 2002, Business Administration : Marketing
Despite the rapid growth and penetration of the Internet into an increasing number of businesses and households, its use by consumers as a shopping medium remains severely limited when compared to both business-to-business (b-to-b) sales over the Internet and to traditional retail and catalog sales (OECD, 1998). Accordingly, the primary goal of this research was to contribute to our current understanding of online consumer behavior by identifying how online privacy and security concerns impact participation likelihood, and by testing two policy mechanisms that can be used effectively by governments and businesses to increase current participation levels. To address these issues, the Judgment Uncertainty and Magnitude Parameters Model (JUMP) developed by Chandrashekaran and Marinova (1998) was employed. The JUMP procedure increases the power of behavioral models by statistically and simultaneously considering the impact of both intention magnitude and intention uncertainty in the generation of an overt response or behavior. Because JUMP estimates the impact of both intention magnitude (IM) and intention uncertainty (IU), it enables researchers to more accurately account for much of the heterogeneity observed in overt behavior. Further, JUMP enables researchers to gain a more complete understanding of the process by which intentions are formed in that researchers are able to specify and estimate both the unique and shared impact of antecedents on IM and IU. The outcome of the research provides some interesting results. First, although privacy concerns have a negative impact on a consumer's IM to shop online, these concerns can be mitigated by the two policy mechanisms tested in this paper. In addition, negative attitudes about online shopping and price also have a negative impact on IM. The quality of a consumer's online experience, on the other hand increases IM as well as moderates the negative impact of price on IM. Further, JUMP testing indicates that uncertainty plays a significant role in the formation of a consumer's intention to shop online. IU, however, appears to be reduced in the presence of positive attitudes about online shopping, prior e-commerce experience, and policy mechanisms designed to protect online privacy and security.

Committee:

Dr. Raj Mehta (Advisor); Dr. Murali Chandrashekaran (Other)

Subjects:

Business Administration, Marketing

Keywords:

internet; public policy; E-commerce; privacy

Muftic, SeadDesign and operations of a secure computer system /
Doctor of Philosophy, The Ohio State University, 1976, Graduate School

Committee:

Not Provided (Other)

Subjects:

Computer Science

Keywords:

Information storage and retrieval systems;Privacy

Next Page