Topic and advisor of the study
Since the beginning of the digital area, privacy and anonymity have been impacted drastically (both, positively and negatively), by the different technologies developed for communications purposes. The broad possibilities that the Internet offers since its conception, makes it an attractive target for those entities that are aiming to know and control the different channels of communication and the information that flows through them. The lack of privacy of the data of the individuals in our society is creating many problems including hacking. The data of the individuals are being accessed by the organizations they work, the malls they and other places. The data of the employees are very much assessable for the organizations as their personal data are stored in the portal of the organization. In case of malls, the personal data of the buyers get stored as they goes into the membership schemes of the malls. In this paper, we address the current threats against privacy and anonymity on the Internet and analyze why privacy management is so important in our society.
The Professor who advises me is AngelosStavrou who is under the Department of the Computer Science, Volgenau school of Engineering of George Mason Engineering. His researches are mainly on the areas of Large Systems Security & Survivability, Intrusion Detection Systems, Privacy and Anonymity, Security for MANETs and Mobile Devices
The topic for the research paper for the research paper is Privacy and Anonymity of Computer Science. The topic that is chosen for the paper has been consulted with the professional.
Key Question: Why privacy management is important?
For all human beings, privacy and the protection is highly valued in both their personal and professional lives (Parra-Arnau et al. 2015). They generally do not want that any of their personal information become easily accessible to any nonprofessional. However, several recent advances tell that the information technology has been in the key role to threaten the privacy and have generally reduced the huge amount of control over the personal form of data and open up the possibility of a range of negative consequences because of access to personal data of the employees of the firm. For example, when the individuals are going for shopping in the malls they have to share their personal mobile numbers and data for getting a membership in specific clothing or grocery shops. However, the exposure of personal information is seen vastly, when the individuals are employed in an organization and their personal data are all synced with the organization portals. Therefore, the organization can get access to their personal data anytime. During the twenty first century, there are big data and that are responsible for the advancement of the Information Technology that allows the storage and the processing of the several exabytes of the data (Parra-Arnau et al. 2015). The data of the employees are very much assessable for the organizations as their personal data are stored in the portal of the organization. Therefore, it becomes the responsibility of the organization to secure the data of their employees. The combination of the increasing power of the new technology and the declining clarity and agreement on privacy give rise to problems concerning law, policy and ethics. The focus of this study is to explore the relationship between the information technology (IT) and privacy.
There are several organizations that have increased their reliance on the possibly of the distributed, information systems for the daily business and collecting the data from it. They have now become more and more vulnerable for breaching the security. According to Choudhry et al., (2015), several techniques including the encryption and the electronic signatures, are thus currently available for protecting the data when they are transmitted across sites, consider it. It has been very well understood that today the semantics of the data must be taken into account in order to specify the effectiveness to access the control policies (Chaudhry et al. 2015). The techniques that are used to protect the integrity and the availability of the data are specifically tailored to the system of the database should be adopted. Over the years, the security of the database security has been developed through the various different techniques that ensure the availability, integrity and confidentiality of the data hat are stored in any public portals. Chaudhry et al., (2015), claimed that the enhanced scheme of the advanced technology is to provide anonymity while resisting all known attacks. However, after having all the advances, there are various new challenges that are faced by the security of the database. Privacy-preservation is a concept for the sensitive data that can require the enforcement of the policies of privacy or the protection against the identity disclosure by satisfying some of the privacy constraints. According to Solove, Daniel and Paul (2014), the sensitive form of information, even after the removal of identifying attributes, is still susceptible to linking attacks by the authorized users. This means the personal data that are given by the individuals to the network manager or the administration manager are not always safe (Solove, Daniel J and Paul, 2014). This is because the network and the administrative managers can get access to the personal data of the employees and they can easily tamper with their data if they have a wrong intention. This has created a problem in the area of micro data publishing and privacy definitions, e.g., k-anonymity, and variance diversity (Solove, Daniel J and Paul, 2014). The anonymity techniques may be used with an access control mechanism to ensure both security and privacy of the sensitive information. There are some situations when the individuals share sensitive information to authorized person for some authentication, verification or authorization purpose (Solove, Daniel J and Paul, 2014). A set of control mechanism protects the sensitive information from the unauthorized users. Many databases contain sensitive information, and it could be very harmful if this information were to fall in the wrong hands. For example, someone gets hold of another person’s social security number, date of birth, address and bank information. It would be relatively easy for someone to open up a credit card under the other person’s name and start spending without their knowledge. Whenever sensitive information is shared, the authorized user can still compromise the privacy of a person such as identity disclosure.
In the fields of computer science, are several protection mechanisms that are built into the architecture of the computer for supporting the security policies. According to Dinev et al., (2013), the individuals should not post something in social media if they do not want to make it public. The individuals should make strong passwords that are hard to crack. They should implement internet firewall to guard the information in their computer. They should also use antivirus in their computer for further safety.
A simple definition of the security policy is to set that which individual can access the specific information from the computer. Privacy Protection Mechanism (PPM) can satisfy privacy requirements such as anonymity and diversity with its suppression and generalization of relational data. While satisfying the privacy requirement, k-anonymity or l-diversity, the access control policies define selection predicates available to rolls. The k-anonymity privacy model is used to prevent the linking form of attacks. Sweeney and Samarati (2013), proposed the k-anonymity principle. According to k-anonymity principle, a tuple in the published data set is indistinguishable from k-1 other tuples in that data set. Therefore, an attacker who knows the values of quasiidentifier attributes of an individual are not able to distinguish his record from the k-1 other records. The k-anonymity uses generalization and suppression techniques to hide the identity of an individual. However, privacy is achieved at the cost of precision of authorized information. Thus, access control mechanism protects the sensitive information from unauthorized user, but Privacy Protection Mechanism (PEM) protects the privacy of users from both unauthorized and authorized user.
Computer Security and Ethics
Computer security is a field of computer science concerned with the application of security features to computer systems to provide protection against the unauthorized disclosure, manipulation, or deletion of information, and against denial of service. The condition resulting from these efforts is also called computer security. The aim of computer security professionals is to attain protection of valuable information and system resources. A distinction can be made between the security of system resources and the security of information or data. Information technology has acquired a dual role in this quest for national security. Firstly, computer security has become a major priority, particularly the protection of critical information infrastructure from external threats. Government computers, but also other public and private infrastructure, including the Internet and telephone network, have been subjected to stepped-up security measures. Secondly, governments have attempted to gain more control over public and private information infrastructures. They have done this through wiretapping and data interception, by requiring Internet providers and telephone companies to store phone and e-mail communications records and make them available to law enforcement officials, by attempting to outlaw certain forms of encryption, or even through attempts to require companies to reengineer Internet so that eavesdropping by the government is made easier. The government have appointed hackers for protecting the information of the nation of the outsource hackers. The governments appointed hackers are not selected from normal recruitment. They are basically some criminals who are given a chance to have a fresh start and do something for the nation.
A large part of computer security is concerned with the protection of computer resources and data against unauthorized, intentional break-ins or disruptions. Such actions are often called hacking. Hacking, as defined in this essay, is the use of computer skills to gain unauthorized access to computer resources. Hackers are highly skilled computer users that use their talents to gain such access, and often form communities or networks with other hackers to share knowledge and data. Hacking is often also defined, more negatively, as the gaining of such unauthorized access for malicious purposes: to steal information and software or to corrupt data or disrupt system operations. Self-identified hackers, however, make a distinction between non-malicious break-ins, which they describe as hacking, and malicious and disruptive break-ins, which they call cracking. Information security (IS) professionals are individuals whose job it is to maintain system and information security. By standing of their profession, they have a professional responsibility to assure the correctness, reliability, availability, safety and security of all aspects of information and information systems.
The privacy from the Internet depends on the ability of the individuals to control both the amount of personal information that they have provided and who have access to that information. Therefore, there are various tools that been implemented for the protecting the personal data of the individuals. The individuals should not post something in social media if they do not want to make it public. The individuals should make strong passwords that are hard to crack. They should implement internet firewall to guard the information in their computer. They should also use antivirus in their computer for further safety.
The discussion in section makes this clear that this responsibility has a moral dimension: professional activities in computer security may protect people from morally important harms but could also cause such harms, and may either protect or violate people’s moral rights. In case of safety-critical systems, the decisions of information security professionals may even be a matter of life or death.
Application of Appropriate scholarly conventions
Through several ways the most essentially implications for gathering the information in the context are by controlling the privacy of the information. For the first case scenario, it is very important to use the computerized version of the database that is provided in the right kind of the home (Nissenbaum 2016). According to Tang et al., (2013), information can be drawn based on their physical world that are been harbored in the databases that are electronic that gives the records of the permanence that are malleable and are transportable in nature that can become the trademark of the information technology. Without the information technology, the users and the gatherers of the information technology neither to conduct the surveillance nor to create the database of the great magnitude and power that motivates the activities. In the unfolding of the recent developments the information technology are the comprehensive forms of digital networks that can be harvested through the process of information (Scott & Orlikowski, 2014). Governments and as well private institutional agents encourage the participation by their explicit expressions of approval.
The analysis of the information by facilitating the surveillance by vastly enhancing the collection, storage and the analysis of the information by enabling the profiling, data mining and aggregation that has significantly altered for the meaning of the information that are public. As a result, this phenomenon gives a satisfactory form of the legal and the philosophical understandings of the rights. This have the privacy controls that are being capable for protecting the important values that are at stake due to the for protecting the privacy that must be incorporated for the in addition to the other aspects of the of privacy to maintain the degree of protection of the privacy in the public environment (Nissenbaum 2016).
The protection of the privacy is a complicated form of the social issue that involves policy-making, technology, psychology, and politics. The researches on the protection of the privacy protection in the field of computer science have only provided the solutions that are technical to the problem (Hoffman, Novak & Peralta, 2014). There is successful form of application on preserving the privacy of the technology that will completely rely on the various forms of cooperation with the several makers of the policy in the agencies of the government and the several decision makers of the companies and the organizations. Unfortunately, while there are deployments going on the technologies that are threatening that include the social networks, their real-life applications are very limited. As there exists major gaps that have been observed in the number of incidents including the scope of the breaching in privacy will surely increase in the near future (Acquisti, Brandimarte & Loewenstein, 2015). According to Frost, Vermeulen, & Beekers, (2014), most of the preservation of the previous techniques that were proposed for the data publishers, however, there are individual record owners should also have the right and responsibility to protect their information that is private. There exists an extensive need in the personalized form of preserving the privacy tools that operates for the preserving the privacy of the web browsers and the disclosure of the information about the protocols for the activities that are centered to the e-commerce (Hoffman, Novak & Peralta, 2014). Privacy protection in the fields of emerging technologies, as they have location based services in bioinformatics, and mash up of the several web applications, enhancing the quality of life of the individuals. These new technologies allow the corporations and the individuals to have access to the previously information and knowledge that were unavailable. However, such benefits have also brought several issues regarding the new privacy.
The access and the privacy protection is a combination of both, access control and privacy the protection mechanisms. The access control mechanism thus allows only the authorized query of the predicates on the sensitive data. The privacy-preserving module anonymizes its generated data to meet the requirements of the privacy and its imprecision constraints on the predicates that are set by the access of the control mechanism. The proposed privacy-preserving access is extended to control the incremental data and cell level access to the management of the data control. Therefore, the current paper discuss about the benefits using computers to promote the importance of privacy and anonymity of the data. The paper provides enough evidences of the positive results showing various methods through which the privacy of the data can be maintained.
Acquisti, A., Brandimarte, L., & Loewenstein, G. (2015). Privacy and human behavior in the age of information. Science, 347(6221), 509-514.
Chaudhry, S. A., Farash, M. S., Naqvi, H., Kumari, S., & Khan, M. K. (2015). An enhanced privacy preserving remote user authentication scheme with provable security. Security and Communication Networks, 8(18), 3782-3795.
Dinev, T., Xu, H., Smith, J. H., & Hart, P. (2013). Information privacy and correlates: an empirical attempt to bridge and distinguish privacy-related concepts. European Journal of Information Systems, 22(3), 295-316.
Frost, J., Vermeulen, I. E., & Beekers, N. (2014). Anonymity versus privacy: selective information sharing in online cancer communities. Journal of medical Internet research, 16(5).
Hoffman, D. L., Novak, T. P., & Peralta, M. A. (1999). Information privacy in the marketspace: Implications for the commercial uses of anonymity on the Web. The Information Society, 15(2), 129-139.
Nissenbaum, H. (2016). Must Privacy Give Way to Use Regulation?. Lecture at the Watson Institute, Brown University, March, 15, 2016.
Parra-Arnau, J., Rebollo-Monedero, D., & Forné, J. (2014). Measuring the privacy of user profiles in personalized information systems. Future Generation Computer Systems, 33, 53-63.
Scott, S. V., & Orlikowski, W. J. (2014). Entanglements in practice: Performing anonymity through social media.
Solove, D. J., & Schwartz, P. (2014). Information privacy law. Wolters Kluwer Law & Business.
Tang, Q., Wu, Y., Liao, S., & Wang, X. (2013, October). Improving Strict Partition for Privacy Preserving Data Publishing. In Networking and Distributed Computing (ICNDC), 2010 First International Conference on (pp. 207-212). IEEE.
Theoharidou, M., Tsalis, N., & Gritzalis, D. (2014). Smart home solutions for healthcare: privacy in ubiquitous computing infrastructures. Handbook of smart homes, health care and well-being.