Endre søk
Link to record
Permanent link

Direct link
BETA
Fischer-Hübner, SimoneORCID iD iconorcid.org/0000-0002-6938-4466
Alternativa namn
Publikasjoner (10 av 173) Visa alla publikasjoner
Zhang, G. & Fischer-Hübner, S. (2019). A survey on anonymous voice over IP communication: attacks and defenses. Electronic Commerce Research, 19(3), 655-687
Åpne denne publikasjonen i ny fane eller vindu >>A survey on anonymous voice over IP communication: attacks and defenses
2019 (engelsk)Inngår i: Electronic Commerce Research, ISSN 1389-5753, E-ISSN 1572-9362, ISSN 1389-5753, Vol. 19, nr 3, s. 655-687Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

Anonymous voice over IP (VoIP) communication is important for many users, in particular, journalists, human rights workers and themilitary. Recent research work has shown an increasing interest in methods of anonymous VoIP communication. This survey starts by introducing and identifying the major concepts and challenges in this field. Then we review anonymity attacks on VoIP and the existing work done to design defending strategies. We also propose a taxonomy of attacks and defenses. Finally, we discuss possible future work.

sted, utgiver, år, opplag, sider
Springer, 2019
Emneord
SIP, VoIP, Anonymity, Privacy
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-38927 (URN)10.1007/s10660-014-9157-0 (DOI)000482479500009 ()
Tilgjengelig fra: 2015-12-20 Laget: 2015-12-20 Sist oppdatert: 2019-09-16bibliografisk kontrollert
Iwaya, L. H., Li, J., Fischer-Hübner, S., Åhlfeldt, R.-M. & Martucci, L. (2019). E-Consent for Data Privacy: Consent Management for Mobile Health Technologies in Public Health Surveys and Disease Surveillance. In: Lucila Ohno-Machado, Brigitte Séroussi (Ed.), MEDINFO 2019: Health and Wellbeing e-Networks for All. Paper presented at MEDINFO 2019, the 17th World Congress on Medical and Health Informatics, Lyon, France, 25-30 August 2019 (pp. 1224-1227). IOS Press, 264
Åpne denne publikasjonen i ny fane eller vindu >>E-Consent for Data Privacy: Consent Management for Mobile Health Technologies in Public Health Surveys and Disease Surveillance
Vise andre…
2019 (engelsk)Inngår i: MEDINFO 2019: Health and Wellbeing e-Networks for All / [ed] Lucila Ohno-Machado, Brigitte Séroussi, IOS Press, 2019, Vol. 264, s. 1224-1227Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Community health workers in primary care programs increasingly use Mobile Health Data Collection Systems (MDCSs) to report their activities and conduct health surveys, replacing paper-based approaches. The mHealth systems are inherently privacy invasive, thus informing individuals and obtaining their consent is important to protect their right to privacy. In this paper, we introduce an e-Consent tool tailored for MDCSs. It is developed based on the requirement analysis of consent management for data privacy and built upon the solutions of Participant-Centered Consent toolkit and Consent Receipt specification. The e-Consent solution has been evaluated in a usability study. The study results show that the design is useful for informing individuals on the nature of data processing, privacy and protection and allowing them to make informed decisions

sted, utgiver, år, opplag, sider
IOS Press, 2019
Serie
Studies in Health Technology and Informatics, ISSN 0926-9630, E-ISSN 1879-8365
Emneord
mobile health, privacy, public health surveillance
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-70211 (URN)10.3233/SHTI190421 (DOI)978-1-64368-002-6 (ISBN)978-1-64368-003-3 (ISBN)
Konferanse
MEDINFO 2019, the 17th World Congress on Medical and Health Informatics, Lyon, France, 25-30 August 2019
Tilgjengelig fra: 2018-11-21 Laget: 2018-11-21 Sist oppdatert: 2019-10-28bibliografisk kontrollert
Fritsch, L. & Fischer-Hübner, S. (2019). Implications of Privacy & Security Research for the Upcoming Battlefield of Things. Journal of Information Warfare, 17(4), 72-87
Åpne denne publikasjonen i ny fane eller vindu >>Implications of Privacy & Security Research for the Upcoming Battlefield of Things
2019 (engelsk)Inngår i: Journal of Information Warfare, ISSN 1445-3312, Vol. 17, nr 4, s. 72-87Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

This article presents the results of a trend-scouting study on the applicability of contemporary information privacy and information security research in future defence scenarios in a 25-year-horizon. The authors sketch the expected digital warfare and defence environment as a‘Battlefield of Things’ in which connected objects, connected soldiers, and automated and autonomous sensing and acting systems are core elements. Based on this scenario, the authors discuss current research in information security and information privacy and their relevance and applicability for the future scenario.

sted, utgiver, år, opplag, sider
Peregrine Technical Solutions, LLC, 2019
Emneord
Internet of Things, Autonomous Systems, Digital Warfare, Transfer of Research, Information Privacy, Information Security, Trend Scouting, Cyberwar, Cybersecurity, Weaponisation of Smart Systems
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-71893 (URN)
Prosjekter
Totalförsvarets forskningsinstitut, FOI
Tilgjengelig fra: 2019-04-24 Laget: 2019-04-24 Sist oppdatert: 2019-05-08bibliografisk kontrollert
Framner, E., Fischer-Hübner, S., Lorünser, T., Alaqra, A. & Pettersson, J. S. (2019). Making secret sharing based cloud storage usable. Information and Computer Security, 27(5), 647-667
Åpne denne publikasjonen i ny fane eller vindu >>Making secret sharing based cloud storage usable
Vise andre…
2019 (engelsk)Inngår i: Information and Computer Security, E-ISSN 2056-4961, Vol. 27, nr 5, s. 647-667Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

The purpose of this paper is to develop a usable configuration management for Archistar, whichutilizes secret sharing for redundantly storing data over multiple independent storage clouds in a secure andprivacy-friendly manner. Selecting the optimal secret sharing parameters, cloud storage servers and othersettings for securely storing the secret data shares, while meeting all of end user’s requirements and otherrestrictions, is a complex task. In particular, complex trade-offs between different protection goals and legalprivacy requirements need to be made.

sted, utgiver, år, opplag, sider
Emerald Group Publishing Limited, 2019
Emneord
Privacy, Decision support systems, Usability, Security, Cloud computing, Secret sharing
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-75182 (URN)10.1108/ICS-01-2019-0016 (DOI)
Prosjekter
Prismacloud (4805)
Forskningsfinansiär
EU, Horizon 2020
Tilgjengelig fra: 2019-10-09 Laget: 2019-10-09 Sist oppdatert: 2019-11-07bibliografisk kontrollert
Iwaya, L. H., Fischer-Hübner, S., Åhlfeldt, R.-M. & Martucci, L. (2019). Mobile Health Systems for Community-Based Primary Care: Identifying Controls and Mitigating Privacy Threats. JMIR mhealth and uhealth, 7(3), 1-16, Article ID e11642.
Åpne denne publikasjonen i ny fane eller vindu >>Mobile Health Systems for Community-Based Primary Care: Identifying Controls and Mitigating Privacy Threats
2019 (engelsk)Inngår i: JMIR mhealth and uhealth, E-ISSN 2291-5222, Vol. 7, nr 3, s. 1-16, artikkel-id e11642Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

Background: Community-based primary care focuses on health promotion, awareness raising, and illnesses treatment and prevention in individuals, groups, and communities. Community Health Workers (CHWs) are the leading actors in such programs, helping to bridge the gap between the population and the health system. Many mobile health (mHealth) initiatives have been undertaken to empower CHWs and improve the data collection process in the primary care, replacing archaic paper-based approaches. A special category of mHealth apps, known as mHealth Data Collection Systems (MDCSs), is often used for such tasks. These systems process highly sensitive personal health data of entire communities so that a careful consideration about privacy is paramount for any successful deployment. However, the mHealth literature still lacks methodologically rigorous analyses for privacy and data protection.

Objective: In this paper, a Privacy Impact Assessment (PIA) for MDCSs is presented, providing a systematic identification and evaluation of potential privacy risks, particularly emphasizing controls and mitigation strategies to handle negative privacy impacts.

Methods: The privacy analysis follows a systematic methodology for PIAs. As a case study, we adopt the GeoHealth system, a large-scale MDCS used by CHWs in the Family Health Strategy, the Brazilian program for delivering community-based primary care. All the PIA steps were taken on the basis of discussions among the researchers (privacy and security experts). The identification of threats and controls was decided particularly on the basis of literature reviews and working group meetings among the group. Moreover, we also received feedback from specialists in primary care and software developers of other similar MDCSs in Brazil.

Results: The GeoHealth PIA is based on 8 Privacy Principles and 26 Privacy Targets derived from the European General Data Protection Regulation. Associated with that, 22 threat groups with a total of 97 subthreats and 41 recommended controls were identified. Among the main findings, we observed that privacy principles can be enhanced on existing MDCSs with controls for managing consent, transparency, intervenability, and data minimization.

Conclusions: Although there has been significant research that deals with data security issues, attention to privacy in its multiple dimensions is still lacking for MDCSs in general. New systems have the opportunity to incorporate privacy and data protection by design. Existing systems will have to address their privacy issues to comply with new and upcoming data protection regulations. However, further research is still needed to identify feasible and cost-effective solutions.

sted, utgiver, år, opplag, sider
JMIR Publications, 2019
Emneord
Mobile health, mHealth, information security, information privacy, data protection, privacy impact assessment, community-based primary care, family health strategy
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-70212 (URN)10.2196/11642 (DOI)2-s2.0-85067895402 (Scopus ID)
Tilgjengelig fra: 2018-11-21 Laget: 2018-11-21 Sist oppdatert: 2019-07-10bibliografisk kontrollert
Murmann, P., Reinhardt, D. & Fischer-Hübner, S. (2019). To Be, or Not to Be Notified: Eliciting Privacy Notification Preferences for Online mHealth Services. In: Gurpreet Dhillon, Fredrik Karlsson, Karin Hedström, André Zúquete (Ed.), ICT Systems Security and Privacy Protection: . Paper presented at 34th IFIP TC 11 International Conference, SEC 2019, Lisbon, Portugal, June 25-27, 2019 (pp. 209-222). Springer
Åpne denne publikasjonen i ny fane eller vindu >>To Be, or Not to Be Notified: Eliciting Privacy Notification Preferences for Online mHealth Services
2019 (engelsk)Inngår i: ICT Systems Security and Privacy Protection / [ed] Gurpreet Dhillon, Fredrik Karlsson, Karin Hedström, André Zúquete, Springer, 2019, s. 209-222Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Millions of people are tracking and quantifying their fitness and health, and entrust online mobile health (mhealth) services with storing and processing their sensitive personal data. Ex post transparency-enhancing tools (TETs) enable users to keep track of how their personal data are processed, and represent important building blocks to understand privacy implications and control one’s online privacy. Particularly, privacy notifications provide users of TETs with the insight necessary to make informed decision about controlling their personal data that they have disclosed previously. To investigate the notification preferences of users of online mhealth services, we conducted an online study. We analysed how notification scenarios can be grouped contextually, and how user preferences with respect to being notified relate to intervenability. Moreover, we examined to what extent ex post notification preferences correlate with privacy personas established in the context of trust in and reliability of online data services. Based on our findings, we discuss the implications for the design of usable ex post TETs.

sted, utgiver, år, opplag, sider
Springer, 2019
Emneord
privacy, transparency-enhancing tool, usability, personas, mhealth
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-74439 (URN)10.1007/978-3-030-22312-0_15 (DOI)978-3-030-22312-0 (ISBN)
Konferanse
34th IFIP TC 11 International Conference, SEC 2019, Lisbon, Portugal, June 25-27, 2019
Tilgjengelig fra: 2019-08-21 Laget: 2019-08-21 Sist oppdatert: 2019-08-23
Fischer-Hübner, S., Martucci, L., Fritsch, L., Pulls, T., Herold, S., Iwaya, L. H., . . . Albin, Z. (2018). A MOOC on Privacy by Design and the GDPR. In: Lynette Drevin, Marianthi Theocharidou (Ed.), Information Security Education: Towards a Cybersecure Society. Paper presented at 11th IFIP World Conference on Information Security Education (WISE 11), Held at the 24th IFIP World Computer Congress, WCC 2018, Poznan, Poland, September 18–20, 2018, Proceedings (pp. 95-107). Cham, Switzerland: Springer
Åpne denne publikasjonen i ny fane eller vindu >>A MOOC on Privacy by Design and the GDPR
Vise andre…
2018 (engelsk)Inngår i: Information Security Education: Towards a Cybersecure Society / [ed] Lynette Drevin, Marianthi Theocharidou, Cham, Switzerland: Springer, 2018, s. 95-107Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

In this paper we describe how we designed a massive open online course (mooc) on Privacy by Design with a focus on how to achieve compliance with the eu gdpr principles and requirements in it engineering and management. This mooc aims at educating both professionals and undergraduate students, i.e., target groups with distinct educational needs and requirements, within a single course structure. We discuss why developing and publishing such a course is a timely decision and fulfills the current needs of the professional and undergraduate education. The mooc is organized in five modules, each of them with its own learning outcomes and activities. The modules focus on different aspects of the gdpr that data protection officers have to be knowledgeable about, ranging from the legal basics, to data protection impact assessment methods, and privacy-enhancing technologies. The modules were delivered using hypertext, digital content and three video production styles: slides with voice-over, talking heads and interviews. The main contribution of this work is the roadmap on how to design a highly relevant mooc on privacy by design and the gdpr aimed at an heterogeneous audience.

sted, utgiver, år, opplag, sider
Cham, Switzerland: Springer, 2018
Serie
IFIP Advances in Information Technology (AICT) ; 531
Emneord
privacy, teaching, mooc, course design
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-69413 (URN)10.1007/978-3-319-99734-6_8 (DOI)978-3-319-99734-6 (ISBN)
Konferanse
11th IFIP World Conference on Information Security Education (WISE 11), Held at the 24th IFIP World Computer Congress, WCC 2018, Poznan, Poland, September 18–20, 2018, Proceedings
Prosjekter
WISR
Forskningsfinansiär
Knowledge Foundation, NU16
Tilgjengelig fra: 2018-09-27 Laget: 2018-09-27 Sist oppdatert: 2019-07-11bibliografisk kontrollert
Fischer-Hübner, S. (2018). Anonymity (2ed.). In: Ling Liu och M. Tamer Özsu (Ed.), Encyclopedia of Database Systems: (pp. 111-112). New York, NY: Springer
Åpne denne publikasjonen i ny fane eller vindu >>Anonymity
2018 (engelsk)Inngår i: Encyclopedia of Database Systems / [ed] Ling Liu och M. Tamer Özsu, New York, NY: Springer, 2018, 2, s. 111-112Kapittel i bok, del av antologi (Fagfellevurdert)
sted, utgiver, år, opplag, sider
New York, NY: Springer, 2018 Opplag: 2
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65655 (URN)10.1007/978-1-4614-8265-9_80600 (DOI)978-1-4614-8266-6 (ISBN)978-1-4614-8265-9 (ISBN)
Tilgjengelig fra: 2018-01-18 Laget: 2018-01-18 Sist oppdatert: 2019-11-07bibliografisk kontrollert
Fritsch, L. & Fischer-Hübner, S. (2018). Applications of Privacy and Security Research in the Upcoming Battlefield of Things. In: Audun Jøsang (Ed.), Proceedings of the 17th European Conference on Cyber Warfare and Security: . Paper presented at The 17th European Conference on Cyber Warfare and Security. Reading: Academic Conferences and Publishing International Limited
Åpne denne publikasjonen i ny fane eller vindu >>Applications of Privacy and Security Research in the Upcoming Battlefield of Things
2018 (engelsk)Inngår i: Proceedings of the 17th European Conference on Cyber Warfare and Security / [ed] Audun Jøsang, Reading: Academic Conferences and Publishing International Limited, 2018Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

This article presents the results of a trend scouting study on the applicability of contemporary information privacy and information security research in future defence scenarios in a 25-year-horizon. We sketch the expected digital warfare and defence environment as a “battlefield of things” where connected objects, connected soldiers and automated and autonomous sensing and acting systems are core elements. Based on this scenario, we discuss current research in information security and information privacy and their relevance and applicability for the future scenario.

sted, utgiver, år, opplag, sider
Reading: Academic Conferences and Publishing International Limited, 2018
Emneord
internet of things, autonomous systems, digital warfare, transfer of research, information privacy, information security, trend scouting, cyberwar, cybersecurity, weaponization of smart systems
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-68386 (URN)978-1-911218-85-2 (ISBN)978-1-911218-86-9 (ISBN)
Konferanse
The 17th European Conference on Cyber Warfare and Security
Tilgjengelig fra: 2018-07-04 Laget: 2018-07-04 Sist oppdatert: 2018-07-05bibliografisk kontrollert
Fischer-Hübner, S. & Hermann, D. (2018). Benutzbare Lösungen für den Datenschutz. In: Christian Reuter (Ed.), Sicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement (pp. 119-138). Wiesbaden, Tyskland: Springer
Åpne denne publikasjonen i ny fane eller vindu >>Benutzbare Lösungen für den Datenschutz
2018 (engelsk)Inngår i: Sicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement / [ed] Christian Reuter, Wiesbaden, Tyskland: Springer, 2018, s. 119-138Kapittel i bok, del av antologi (Fagfellevurdert)
sted, utgiver, år, opplag, sider
Wiesbaden, Tyskland: Springer, 2018
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-66470 (URN)10.1007/978-3-658-19523-6 (DOI)9783658195229 (ISBN)9783658195236 (ISBN)
Tilgjengelig fra: 2018-02-23 Laget: 2018-02-23 Sist oppdatert: 2019-11-05bibliografisk kontrollert
Organisasjoner
Identifikatorer
ORCID-id: ORCID iD iconorcid.org/0000-0002-6938-4466