CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Envisioning Usable Privacy in Smart Environments: A Technical and Intercultural Perspective
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).ORCID iD: 0000-0002-5717-8649
2024 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Smart environments provide users with a large number of new services that will improve their lives, such as smarter and more efficient transportation, advanced smart home services, and pervasive healthcare. Yet, they also have the potential for collecting staggering amounts of personal information, which, if misused, poses a multitude of privacy threats to users ranging from tracking, stalking to monitoring and profiling. Consequently, the users’ right to informational self-determination is at stake in smart environments. Therefore, there is a need for solutions that empower individuals with control over their data in smart environments. Privacy-Enhancing Technologies (PETs) and privacy by design and by default can help to protect users’ privacy. In particular, usable Privacy-Enhancing Identity Management (PE-IdM) can re-establish user control and, thus, informational self-determination by offering users a selection of meaningful preference-based privacy settings that they could choose from to lessen the configuration burden of privacy settings. However, different privacy trade-offs need to be considered and managed for the configuration of the identity management system, as well as various factors influencing users’ privacy preferences. Guidelines for the design of usable management of privacy settings that address varying end-user preferences for control, location sharing and privacy conflicting goals are needed. The objective of this thesis is to propose viable approaches for enforcing usable PE-IdM for smart environments, with a focus on vehicular ad hoc networks (VANETs). To that end, we unravel the technical state of the art regarding the problem space and solutions. We employ qualitative and quantitative empirical Human-Computer Interaction (HCI) research methods to investigate different users’ privacy preferences and factors affecting such preferences. Our results demonstrate a cultural and regional influence on willingness to share location data and preferences for trade-offs for location privacy. Based on our results, we elicit end-users and design requirements and propose high-level design guidelines for usable PE-IdM for VANETs. These guidelines aim to simplify privacy and identity management for users by offering selectable settings that will cater for their different privacy needs and preferences.

Abstract [en]

Smart environments offer users enhanced services like efficient transportation, smart home features, and pervasive healthcare, but also pose privacy risks by collecting extensive personal information. Consequently, the users’ right to informational self-determination is at stake in smart environments. Privacy-Enhancing Technologies (PETs) and privacy by design and by default can help to protect users’ privacy. In particular, usable Privacy-Enhancing Identity Management (PE-IdM) can re-establish user control by providing preference-based privacy settings to reduce the configuration burden. However, the design of these systems need to consider various privacy trade-offs and the factors influencing users’ preferences. This thesis proposes viable approaches for enforcing usable PE-IdM in smart environments, with a focus on vehicular ad hoc networks (VANETs). We examine the technical state of the art, employ qualitative and quantitative empirical Human-Computer Interaction (HCI) research methods to investigate different users’ privacy preferences and factors affecting such preferences. Based on our results, we elicit end-user design requirements and propose high-level design guidelines for usable PE-IdM for VANETs, aiming to simplify privacy and identity management with selectable settings tailored to diverse privacy needs.

Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2024. , p. 46
Series
Karlstad University Studies, ISSN 1403-8099 ; 2024:18
Keywords [en]
privacy-enhancing technologies (PETs), privacy-enhancing identity management (PE-IdM), usability, smart environments, intelligent transportation systems (ITS), privacy, human aspects
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-99464DOI: 10.59217/jeqv6736ISBN: 978-91-7867-467-1 (print)ISBN: 978-91-7867-468-8 (electronic)OAI: oai:DiVA.org:kau-99464DiVA, id: diva2:1855649
Public defence
2024-06-14, Nyqvistsalen, 9C 203, Karlstad, 08:30 (English)
Opponent
Supervisors
Available from: 2024-05-22 Created: 2024-05-02 Last updated: 2024-05-28Bibliographically approved
List of papers
1. Privacy-Preserving Identifiers for IoT: A Systematic Literature Review
Open this publication in new window or tab >>Privacy-Preserving Identifiers for IoT: A Systematic Literature Review
Show others...
2020 (English)In: IEEE Access, E-ISSN 2169-3536, Vol. 8, p. 168470-168485Article, review/survey (Refereed) Published
Abstract [en]

The Internet of Things (IoT) paves the way for smart applications such as in E-health, E-homes, transportation, or energy production. However, IoT technologies also pose privacy challenges for their users, as they allow the tracking and monitoring of the users' behavior and context. The EU General Data Protection Regulation (GDPR) mandates data controller to follow a data protection by design and default approach by implementing for instance pseudonymity for achieving data minimisation. This paper provides a systematic literature review for answering the question of what types of privacy-preserving identifiers are proposed by the literature in IoT environments for implementing pseudonymity. It contributes with classifications and analyses of IoT environments for which privacy-preserving identifiers have been proposed and of the pseudonym types and underlying identity management architectures used. Moreover, it discusses trends and gaps in regard to addressing privacy trade-offs.

Place, publisher, year, edition, pages
IEEE, 2020
Keywords
Databases, Bibliographies, Privacy, Internet of Things, Computer architecture, Libraries, identity, pseudonym, anonymous credential, the IoT, systematic literature review
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-80766 (URN)10.1109/ACCESS.2020.3023659 (DOI)000572968500001 ()2-s2.0-85102783212 (Scopus ID)
Available from: 2020-10-12 Created: 2020-10-12 Last updated: 2024-05-02Bibliographically approved
2. Stakeholder perspectives and requirements on cybersecurity in Europe
Open this publication in new window or tab >>Stakeholder perspectives and requirements on cybersecurity in Europe
Show others...
2021 (English)In: Journal of Information Security and Applications, ISSN 2214-2134, E-ISSN 2214-2126, Vol. 61, article id 102916Article in journal (Refereed) Published
Abstract [en]

This article presents an overview and analysis of the key cybersecurity problems, challenges and requirements to be addressed in the future, which we derived through 63 interviews with European stakeholders from security-critical sectors including Open Banking, Supply Chain, Privacy-preserving Identity Management, Security Incident Reporting, Maritime Transport, Medical Data Exchange, and Smart Cities. We show that common problems, challenges and requirements across these sectors exist in relation to building trust, implementing privacy and identity management including secure and useable authentication, building resilient systems, standardisation and certification, achieving security and privacy by design, secure and privacy-compliant data and information sharing, and government regulations. Our results also indicate cybersecurity trends and allow to derive directions for future research and innovation activities that will be of high importance for Europe.

Place, publisher, year, edition, pages
Elsevier, 2021
Keywords
Cybersecurity, Requirements, Stakeholder engagement, Research & innovation roadmap
National Category
Computer and Information Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-88670 (URN)10.1016/j.jisa.2021.102916 (DOI)000695027300011 ()
Projects
CyberSec4Europe
Funder
European Commission, 830929EU, Horizon 2020
Available from: 2022-02-21 Created: 2022-02-21 Last updated: 2024-05-02Bibliographically approved
3. Analysing Drivers’ Preferences for Privacy Enhancing Car-to-Car Communication Systems: A Study from South-Africa
Open this publication in new window or tab >>Analysing Drivers’ Preferences for Privacy Enhancing Car-to-Car Communication Systems: A Study from South-Africa
2021 (English)In: IFIP Advances in Information and Communication Technology, Springer Science+Business Media B.V., 2021, p. 115-133Conference paper, Published paper (Refereed)
Abstract [en]

While privacy-enhancing solutions for car-to-car communication are increasingly researched, end user aspects of such solutions have not been in the focus. In this paper, we present a qualitative study with 16 car drivers in South Africa for analysing their privacy perceptions and preferences for control and privacy trade-offs, which will allow to derive end user requirements for privacy and identity management for vehicular communication systems. Our results show that while the South African participants are willing to share their location data with family and close friends, they often lack trust in external entities. They perceive safety implications from criminals and hackers and therefore dispel constant location tracking. Usability, privacy and safety are top priorities, with differing privacy – usability trade-offs for different users. The results show that participants demand more control over their privacy and seek usable privacy notices, transparency and fine-grained controls.

Place, publisher, year, edition, pages
Springer Science+Business Media B.V., 2021
Keywords
Privacy perception, Privacy preferences, Privacy-enhancing technologies (PETs), Usable privacy and identity management, Vehicular communication, Commerce, Economic and social effects, Personal computing, Car-to-car communication, End user requirements, Fine-grained control, Identity management, Location data, Qualitative study, Usable privacy, Vehicular communications, Privacy by design
National Category
Computer Sciences
Identifiers
urn:nbn:se:kau:diva-85363 (URN)10.1007/978-3-030-72465-8_7 (DOI)2-s2.0-85107323752 (Scopus ID)9783030724641 (ISBN)
Conference
15th IFIP Summer School on Privacy and Identity Management 21 September 2020 through 23 September 2020
Available from: 2021-07-02 Created: 2021-07-02 Last updated: 2024-05-02Bibliographically approved
4. Capturing drivers’ privacy preferences for intelligent transportation systems: An intercultural perspective
Open this publication in new window or tab >>Capturing drivers’ privacy preferences for intelligent transportation systems: An intercultural perspective
2022 (English)In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 123, article id 102913Article in journal (Refereed) Published
Abstract [en]

While recent research on intelligent transportation systems including vehicular communication systems has focused on technical aspects, little research work has been conducted on drivers’ privacy perceptions and preferences. Understanding the driver’s privacy perceptions and preferences will allow researchers to design usable privacy and identity management systems offering user privacy choices and controls for intelligent transportation systems. We conducted in-depth semi-structured interviews with 17 Swedish drivers to analyse their privacy perceptions and preferences for intelligent transportation systems, particularly for user control and for privacy trade-offs with cost, safety and usability. We also compare our results from the interviews with Swedish drivers with results from interviews that we conducted previously with South African drivers. Our cross-cultural comparison shows that perceived privacy implications, the drivers’ willingness to share location information under certain conditions with other parties, as well as their appreciation of Privacy Enhancing Technologies differ significantly across drivers with different cultural backgrounds. We further discuss the cultural impact on privacy preferences, including those for privacy trade-offs, and the implications of our results for usable privacy-enhancing Identity Management for future vehicular communication systems. In particular, we provide recommendations for suitable pre-defined privacy options to be offered to users with different cultural backgrounds enabling them to easily make privacy-related control choices.

Place, publisher, year, edition, pages
Elsevier, 2022
Keywords
Intelligent transportation, Vehicular communication, Privacy preferences, Privacy perceptions, Intercultural comparison, Privacy-enhancing technologies (PETs)
National Category
Computer and Information Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-92109 (URN)10.1016/j.cose.2022.102913 (DOI)000863330300004 ()2-s2.0-85138414531 (Scopus ID)
Funder
Swedish Foundation for Strategic Research
Available from: 2022-10-04 Created: 2022-10-04 Last updated: 2024-05-02Bibliographically approved
5. Inter-regional Lens on the Privacy Preferences of Drivers for ITS and Future VANETs
Open this publication in new window or tab >>Inter-regional Lens on the Privacy Preferences of Drivers for ITS and Future VANETs
2024 (English)In: CHI '24: Proceedings of the CHI Conference on Human Factors in Computing Systems, Association for Computing Machinery (ACM), 2024, article id 255Conference paper, Published paper (Refereed)
Abstract [en]

Intelligent Transportation Systems (ITS) are on the rise, yet the knowledge about privacy preferences by different types of drivers in this context needs to be improved. This paper presents survey-based research (N = 528) focusing on preferences of drivers from South Africa and the Nordic countries for data processing and sharing by ITS, including future vehicular ad hoc networks. Our results indicate regionally framed drivers’ privacy attitudes and behaviours. South African participants have higher privacy concerns and risk perception. However, their preferences to share location data with police, family and friends, emergency services, and insurance companies are higher. Moreover, the region significantly affects preferences for transparency and control and sharing frequency, as well as willingness to pay for privacy, which are higher among the South Africans. We discuss how our results on factors, including region, impacting drivers’ privacy preferences can contribute to the design of usable privacy and identity management for ITS.

Place, publisher, year, edition, pages
Association for Computing Machinery (ACM), 2024
Keywords
Intelligent transportation, vehicular communication, privacy preferences, cross-regional comparison, privacy-enhancing technologies (PETs)
National Category
Human Computer Interaction
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-99463 (URN)10.1145/3613904.3641997 (DOI)2-s2.0-85194875475 (Scopus ID)
Conference
CHI Conference on Human Factors in Computing Systems (CHI ’24), Honolulu, USA, May 11-16, 2024. 
Available from: 2024-04-25 Created: 2024-04-25 Last updated: 2024-06-18Bibliographically approved

Open Access in DiVA

fulltext-KAPPAN(1749 kB)94 downloads
File information
File name FULLTEXT04.pdfFile size 1749 kBChecksum SHA-512
7b278462afaf92c9b637d0fea89e426d641375353f1473b65460c3fb62a5fff474de618777b8b240077280b0d00e0b271ce33eff6dd7be36bb88183318ca9dbf
Type fulltextMimetype application/pdf

Other links

Publisher's full text

Authority records

Islami, Lejla

Search in DiVA

By author/editor
Islami, Lejla
By organisation
Department of Mathematics and Computer Science (from 2013)
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 95 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 595 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf