The advent of Industry 5.0 marks a transformative era where Cyber-Physical Systems(CPSs)seamlessly integrate physical processes with advanced digital technologies.However,as industries become increasingly interconnect...The advent of Industry 5.0 marks a transformative era where Cyber-Physical Systems(CPSs)seamlessly integrate physical processes with advanced digital technologies.However,as industries become increasingly interconnected and reliant on smart digital technologies,the intersection of physical and cyber domains introduces novel security considerations,endangering the entire industrial ecosystem.The transition towards a more cooperative setting,including humans and machines in Industry 5.0,together with the growing intricacy and interconnection of CPSs,presents distinct and diverse security and privacy challenges.In this regard,this study provides a comprehensive review of security and privacy concerns pertaining to CPSs in the context of Industry 5.0.The review commences by providing an outline of the role of CPSs in Industry 5.0 and then proceeds to conduct a thorough review of the different security risks associated with CPSs in the context of Industry 5.0.Afterward,the study also presents the privacy implications inherent in these systems,particularly in light of the massive data collection and processing required.In addition,the paper delineates potential avenues for future research and provides countermeasures to surmount these challenges.Overall,the study underscores the imperative of adopting comprehensive security and privacy strategies within the context of Industry 5.0.展开更多
The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremel...The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremely important role in promoting the development of the digital economy,the legalization of socialism with Chinese characteristics and social public security,and marks a new historical development stage in the protection of personal information in China.However,the awareness of privacy protection and privacy protection behavior of the public in personal information privacy protection is weak.Based on the literature review and in-depth understanding of current legal regulations,this study integrates the relevant literature and theoretical knowledge of the Personal Protection Law to construct a conceptual model of“privacy information protection willingness-privacy information protection behavior”.Taking the residents of Foshan City as an example,this paper conducts a questionnaire survey on their attitudes toward the Personal Protection Law,analyzes the factors influencing their willingness to protect their privacy and their behaviors,and explores the mechanisms of their influencing variables,to provide advice and suggestions for promoting the protection of privacy information and building a security barrier for the high-quality development of public information security.展开更多
COVID-19 has swept the whole our country and the world in the beginning of 2020.31 provinces and municipalities across the country have launched the first-level response to major public health emergencies since Januar...COVID-19 has swept the whole our country and the world in the beginning of 2020.31 provinces and municipalities across the country have launched the first-level response to major public health emergencies since January 24,and China has carried out intensive epidemic control.It is critical for effectively responding to COVID-19 to collect,collate and analyze people’s personal data.What’s more,obtaining identity information,travel records and health information of confirmed cases,suspected cases and close contacts has become a crucial step in epidemic investigation.All regions have made full use of big data to carry out personnel screening,travel records analysis and other related work in epidemic prevention and control,effectively improving the efficiency of epidemic prevention and control.However,data leakage,personnel privacy data exposure,and personal attack frequently occurred in the process of personnel travel records analysis and epidemic prevention and control.It even happened in the WeChat group to forward a person’s name,phone number,address,ID number and other sensitive information.It brought discrimination,telephone and SMS harassment to the parties,which caused great harm to individuals.Based on these,lack of information security and data security awareness and other issues were exposed.Therefore,while big data has been widely concerned and applied,attention should be paid to protecting personal privacy.It is urgent to pay more attention to data privacy and information security in order to effectively protect the legitimate rights of the people.Therefore,measures can be taken to achieve this goal,such as improving the relevant legal system,strengthening technical means to enhance the supervision and management of information security and data protection.展开更多
Medical institution data compliance is an exogenous product of the digital society,serving as a crucial means to maintain and balance the relationship between data protection and data sharing,as well as individual int...Medical institution data compliance is an exogenous product of the digital society,serving as a crucial means to maintain and balance the relationship between data protection and data sharing,as well as individual interests and public interests.The implementation of the Healthy China Initiative greatly benefits from its practical significance.In practice,data from medical institutions takes varied forms,including personally identifiable data collected before diagnosis and treatment,clinical medical data generated during diagnosis and treatment,medical data collected in public health management,and potential medical data generated in daily life.In the new journey of comprehensively promoting the Chinese path to modernization,it is necessary to clarify the shift from an individual-oriented to a societal-oriented value system,highlighting the reinforcing role of the trust concept.Guided by the principle of minimizing data utilization,the focus is on the new developments and changes in medical institution data in the postpandemic era.This involves a series of measures such as fulfilling the obligation of notification and consent,specifying the scope of data collection and usage,strengthening the standardized use of relevant technical measures,and establishing a sound legal responsibility system for data compliance.Through these measures,a flexible and efficient medical institution data compliance system can be constructed.展开更多
Purpose: This research aims to evaluate the potential threats to patient privacy and confidentiality posed by mHealth applications on mobile devices. Methodology: A comprehensive literature review was conducted, selec...Purpose: This research aims to evaluate the potential threats to patient privacy and confidentiality posed by mHealth applications on mobile devices. Methodology: A comprehensive literature review was conducted, selecting eighty-eight articles published over the past fifteen years. The study assessed data gathering and storage practices, regulatory adherence, legal structures, consent procedures, user education, and strategies to mitigate risks. Results: The findings reveal significant advancements in technologies designed to safeguard privacy and facilitate the widespread use of mHealth apps. However, persistent ethical issues related to privacy remain largely unchanged despite these technological strides.展开更多
A comprehensive analysis of the impact privacy incidents on its market value is given.A broad set of instances of the exposure of personal information from a summary of some security mechanisms and the corresponding r...A comprehensive analysis of the impact privacy incidents on its market value is given.A broad set of instances of the exposure of personal information from a summary of some security mechanisms and the corresponding results are presented. The cumulative effect increases in magnitude over day following the breach announcement, but then decreases. Besides, a new privacy protection property, that is, p-sensitive k-anonymity is presented in this paper to protect against identity disclosure. We illustrated the inclusion of the two necessary conditions in the algorithm for computing a p-k-minimal generalization. Algorithms such as k-anonymity and l-diversity remain all sensitive attributes intact and apply generalization and suppression to the quasi-identifiers. This will keep the data "truthful" and provide good utility for data-mining applications, while achieving less perfect privacy. We aim to get the problem based on the prior analysis, and study the issue of privacy protection from the perspective of the model-benefit.展开更多
With its untameable and traceable properties,blockchain technology has been widely used in the field of data sharing.How to preserve individual privacy while enabling efficient data queries is one of the primary issue...With its untameable and traceable properties,blockchain technology has been widely used in the field of data sharing.How to preserve individual privacy while enabling efficient data queries is one of the primary issues with secure data sharing.In this paper,we study verifiable keyword frequency(KF)queries with local differential privacy in blockchain.Both the numerical and the keyword attributes are present in data objects;the latter are sensitive and require privacy protection.However,prior studies in blockchain have the problem of trilemma in privacy protection and are unable to handle KF queries.We propose an efficient framework that protects data owners’privacy on keyword attributes while enabling quick and verifiable query processing for KF queries.The framework computes an estimate of a keyword’s frequency and is efficient in query time and verification object(VO)size.A utility-optimized local differential privacy technique is used for privacy protection.The data owner adds noise locally into data based on local differential privacy so that the attacker cannot infer the owner of the keywords while keeping the difference in the probability distribution of the KF within the privacy budget.We propose the VB-cm tree as the authenticated data structure(ADS).The VB-cm tree combines the Verkle tree and the Count-Min sketch(CM-sketch)to lower the VO size and query time.The VB-cm tree uses the vector commitment to verify the query results.The fixed-size CM-sketch,which summarizes the frequency of multiple keywords,is used to estimate the KF via hashing operations.We conduct an extensive evaluation of the proposed framework.The experimental results show that compared to theMerkle B+tree,the query time is reduced by 52.38%,and the VO size is reduced by more than one order of magnitude.展开更多
This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends t...This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].展开更多
Many organizations have datasets which contain a high volume of personal data on individuals,e.g.,health data.Even without a name or address,persons can be identified based on the details(variables)on the dataset.This...Many organizations have datasets which contain a high volume of personal data on individuals,e.g.,health data.Even without a name or address,persons can be identified based on the details(variables)on the dataset.This is an important issue for big data holders such as public sector organizations(e.g.,Public Health Organizations)and social media companies.This paper looks at how individuals can be identified from big data using a mathematical approach and how to apply this mathematical solution to prevent accidental disclosure of a person’s details.The mathematical concept is known as the“Identity Correlation Approach”(ICA)and demonstrates how an individual can be identified without a name or address using a unique set of characteristics(variables).Secondly,having identified the individual person,it shows how a solution can be put in place to prevent accidental disclosure of the personal details.Thirdly,how to store data such that accidental leaks of the datasets do not lead to the disclosure of the personal details to unauthorized users.展开更多
Privacy-preserving data publishing (PPDP) is one of the hot issues in the field of the network security. The existing PPDP technique cannot deal with generality attacks, which explicitly contain the sensitivity atta...Privacy-preserving data publishing (PPDP) is one of the hot issues in the field of the network security. The existing PPDP technique cannot deal with generality attacks, which explicitly contain the sensitivity attack and the similarity attack. This paper proposes a novel model, (w,γ, k)-anonymity, to avoid generality attacks on both cases of numeric and categorical attributes. We show that the optimal (w, γ, k)-anonymity problem is NP-hard and conduct the Top-down Local recoding (TDL) algorithm to implement the model. Our experiments validate the improvement of our model with real data.展开更多
文摘The advent of Industry 5.0 marks a transformative era where Cyber-Physical Systems(CPSs)seamlessly integrate physical processes with advanced digital technologies.However,as industries become increasingly interconnected and reliant on smart digital technologies,the intersection of physical and cyber domains introduces novel security considerations,endangering the entire industrial ecosystem.The transition towards a more cooperative setting,including humans and machines in Industry 5.0,together with the growing intricacy and interconnection of CPSs,presents distinct and diverse security and privacy challenges.In this regard,this study provides a comprehensive review of security and privacy concerns pertaining to CPSs in the context of Industry 5.0.The review commences by providing an outline of the role of CPSs in Industry 5.0 and then proceeds to conduct a thorough review of the different security risks associated with CPSs in the context of Industry 5.0.Afterward,the study also presents the privacy implications inherent in these systems,particularly in light of the massive data collection and processing required.In addition,the paper delineates potential avenues for future research and provides countermeasures to surmount these challenges.Overall,the study underscores the imperative of adopting comprehensive security and privacy strategies within the context of Industry 5.0.
文摘The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremely important role in promoting the development of the digital economy,the legalization of socialism with Chinese characteristics and social public security,and marks a new historical development stage in the protection of personal information in China.However,the awareness of privacy protection and privacy protection behavior of the public in personal information privacy protection is weak.Based on the literature review and in-depth understanding of current legal regulations,this study integrates the relevant literature and theoretical knowledge of the Personal Protection Law to construct a conceptual model of“privacy information protection willingness-privacy information protection behavior”.Taking the residents of Foshan City as an example,this paper conducts a questionnaire survey on their attitudes toward the Personal Protection Law,analyzes the factors influencing their willingness to protect their privacy and their behaviors,and explores the mechanisms of their influencing variables,to provide advice and suggestions for promoting the protection of privacy information and building a security barrier for the high-quality development of public information security.
基金This paper is support by:In 2019,Liaoning Provincial Department of Education Project named“Study on the Path Selection of Rural Revitalization in Ethnic Autonomous Areas of Liaoning Province”The 3rd Azure Talent Project of Dalian Ocean University in 2018+1 种基金In 2019,Liaoning Province’s overseas training project“China-Canada Cooperation Research Plan on Marine Law and Policy”(2019GJWYB019)The Ministry of Education filed the 2017 National and Regional Research Center Project“Northeast Asia Research Center for Marine Law and Policy”(GQ17091).
文摘COVID-19 has swept the whole our country and the world in the beginning of 2020.31 provinces and municipalities across the country have launched the first-level response to major public health emergencies since January 24,and China has carried out intensive epidemic control.It is critical for effectively responding to COVID-19 to collect,collate and analyze people’s personal data.What’s more,obtaining identity information,travel records and health information of confirmed cases,suspected cases and close contacts has become a crucial step in epidemic investigation.All regions have made full use of big data to carry out personnel screening,travel records analysis and other related work in epidemic prevention and control,effectively improving the efficiency of epidemic prevention and control.However,data leakage,personnel privacy data exposure,and personal attack frequently occurred in the process of personnel travel records analysis and epidemic prevention and control.It even happened in the WeChat group to forward a person’s name,phone number,address,ID number and other sensitive information.It brought discrimination,telephone and SMS harassment to the parties,which caused great harm to individuals.Based on these,lack of information security and data security awareness and other issues were exposed.Therefore,while big data has been widely concerned and applied,attention should be paid to protecting personal privacy.It is urgent to pay more attention to data privacy and information security in order to effectively protect the legitimate rights of the people.Therefore,measures can be taken to achieve this goal,such as improving the relevant legal system,strengthening technical means to enhance the supervision and management of information security and data protection.
文摘Medical institution data compliance is an exogenous product of the digital society,serving as a crucial means to maintain and balance the relationship between data protection and data sharing,as well as individual interests and public interests.The implementation of the Healthy China Initiative greatly benefits from its practical significance.In practice,data from medical institutions takes varied forms,including personally identifiable data collected before diagnosis and treatment,clinical medical data generated during diagnosis and treatment,medical data collected in public health management,and potential medical data generated in daily life.In the new journey of comprehensively promoting the Chinese path to modernization,it is necessary to clarify the shift from an individual-oriented to a societal-oriented value system,highlighting the reinforcing role of the trust concept.Guided by the principle of minimizing data utilization,the focus is on the new developments and changes in medical institution data in the postpandemic era.This involves a series of measures such as fulfilling the obligation of notification and consent,specifying the scope of data collection and usage,strengthening the standardized use of relevant technical measures,and establishing a sound legal responsibility system for data compliance.Through these measures,a flexible and efficient medical institution data compliance system can be constructed.
文摘Purpose: This research aims to evaluate the potential threats to patient privacy and confidentiality posed by mHealth applications on mobile devices. Methodology: A comprehensive literature review was conducted, selecting eighty-eight articles published over the past fifteen years. The study assessed data gathering and storage practices, regulatory adherence, legal structures, consent procedures, user education, and strategies to mitigate risks. Results: The findings reveal significant advancements in technologies designed to safeguard privacy and facilitate the widespread use of mHealth apps. However, persistent ethical issues related to privacy remain largely unchanged despite these technological strides.
基金Introduction of Talents Lavnching Fund Project of Anhui Polytechnic University,China(No.2015YQ008)
文摘A comprehensive analysis of the impact privacy incidents on its market value is given.A broad set of instances of the exposure of personal information from a summary of some security mechanisms and the corresponding results are presented. The cumulative effect increases in magnitude over day following the breach announcement, but then decreases. Besides, a new privacy protection property, that is, p-sensitive k-anonymity is presented in this paper to protect against identity disclosure. We illustrated the inclusion of the two necessary conditions in the algorithm for computing a p-k-minimal generalization. Algorithms such as k-anonymity and l-diversity remain all sensitive attributes intact and apply generalization and suppression to the quasi-identifiers. This will keep the data "truthful" and provide good utility for data-mining applications, while achieving less perfect privacy. We aim to get the problem based on the prior analysis, and study the issue of privacy protection from the perspective of the model-benefit.
文摘With its untameable and traceable properties,blockchain technology has been widely used in the field of data sharing.How to preserve individual privacy while enabling efficient data queries is one of the primary issues with secure data sharing.In this paper,we study verifiable keyword frequency(KF)queries with local differential privacy in blockchain.Both the numerical and the keyword attributes are present in data objects;the latter are sensitive and require privacy protection.However,prior studies in blockchain have the problem of trilemma in privacy protection and are unable to handle KF queries.We propose an efficient framework that protects data owners’privacy on keyword attributes while enabling quick and verifiable query processing for KF queries.The framework computes an estimate of a keyword’s frequency and is efficient in query time and verification object(VO)size.A utility-optimized local differential privacy technique is used for privacy protection.The data owner adds noise locally into data based on local differential privacy so that the attacker cannot infer the owner of the keywords while keeping the difference in the probability distribution of the KF within the privacy budget.We propose the VB-cm tree as the authenticated data structure(ADS).The VB-cm tree combines the Verkle tree and the Count-Min sketch(CM-sketch)to lower the VO size and query time.The VB-cm tree uses the vector commitment to verify the query results.The fixed-size CM-sketch,which summarizes the frequency of multiple keywords,is used to estimate the KF via hashing operations.We conduct an extensive evaluation of the proposed framework.The experimental results show that compared to theMerkle B+tree,the query time is reduced by 52.38%,and the VO size is reduced by more than one order of magnitude.
文摘This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].
文摘Many organizations have datasets which contain a high volume of personal data on individuals,e.g.,health data.Even without a name or address,persons can be identified based on the details(variables)on the dataset.This is an important issue for big data holders such as public sector organizations(e.g.,Public Health Organizations)and social media companies.This paper looks at how individuals can be identified from big data using a mathematical approach and how to apply this mathematical solution to prevent accidental disclosure of a person’s details.The mathematical concept is known as the“Identity Correlation Approach”(ICA)and demonstrates how an individual can be identified without a name or address using a unique set of characteristics(variables).Secondly,having identified the individual person,it shows how a solution can be put in place to prevent accidental disclosure of the personal details.Thirdly,how to store data such that accidental leaks of the datasets do not lead to the disclosure of the personal details to unauthorized users.
基金supported in part by Research Fund for the Doctoral Program of Higher Education of China(No.20120009110007)Program for Innovative Research Team in University of Ministry of Education of China (No.IRT201206)+3 种基金Program for New Century Excellent Talents in University(NCET-110565)the Fundamental Research Funds for the Central Universities(No.2012JBZ010)the Open Project Program of Beijing Key Laboratory of Trusted Computing at Beijing University of TechnologyBeijing Higher Education Young Elite Teacher Project(No. YETP0542)
文摘Privacy-preserving data publishing (PPDP) is one of the hot issues in the field of the network security. The existing PPDP technique cannot deal with generality attacks, which explicitly contain the sensitivity attack and the similarity attack. This paper proposes a novel model, (w,γ, k)-anonymity, to avoid generality attacks on both cases of numeric and categorical attributes. We show that the optimal (w, γ, k)-anonymity problem is NP-hard and conduct the Top-down Local recoding (TDL) algorithm to implement the model. Our experiments validate the improvement of our model with real data.
基金The National Social Science Foundation"Research on the Private Law Resolution Path of Conflicts of Interest among Stakeholders in the Use of Data"(21BFX077)。
