Sherry Jeary scite author profile

The publication of increasing amounts of anonymised open source data has resulted in a worryingly rising number of successful re-identification attacks. This has a number of privacy and security implications both on an individual and corporate level. This paper uses a Systematic Literature Review to investigate the depth and extent of this problem as reported in peer reviewed literature. Using a detailed protocol ,seven research portals were explored, 10,873 database entries were searched, from which a subset of 220 papers were selected for further review. From this total, 55 papers were selected as being within scope and to be included in the final review. The main review findings are that 72.7% of all successful re-identification attacks have taken place since 2009. Most attacks use multiple datasets. The majority of them have taken place on global datasets such as social networking data, and have been conducted by US based researchers. Furthermore, the number of datasets can be used as an attribute. Because privacy breaches have security, policy and legal implications (e.g. data protection, Safe Harbor etc.), the work highlights the need for new and improved anonymisation techniques or indeed, a fresh approach to open source publishing.

show abstract

Embedding requirements within Model-Driven Architecture

Fouad

Phalp

Kanyaru

et al. 2010

Software Qual J

View full text Add to dashboard Cite

The Model Driven Architecture (MDA) brings benefits to software development, among them the potential for connecting software models with the business domain. This paper focuses on the upstream or Computation Independent Model (CIM) phase of the MDA. Our contention is that, whilst there are many models and notations available within the CIM Phase, those that are currently popular and supported by the Object Management Group (OMG), may not be the most useful notations for business analysts nor sufficient to fully support software requirements and specification. Therefore, with specific emphasis on the value of the Business Process Modelling Notation (BPMN) for business analysts, this paper provides an example of a typical CIM approach before describing an approach which incorporates specific requirements techniques. A framework extension to the MDA is then introduced; which embeds requirements and specification within the CIM, thus further enhancing the utility of MDA by providing a more complete method for business analysis.1

show abstract

Implementing GDPR in the Charity Sector: A Case Study

Henriksen-Bulmer

Faily

Jeary

2019

View full text Add to dashboard Cite

Due to their organisational characteristics, many charities are poorly prepared for the General Data Protection Regulation (GDPR). We present an exemplar process for implementing GDPR and the DPIA Data Wheel, a DPIA framework devised as part of the case study, that accounts for these characteristics. We validate this process and framework by conducting a GDPR implementation with a charity that works with vulnerable adults. This charity processes both special category (sensitive) and personally identifiable data. This GDPR implementation was conducted and devised for the charity sector, but can be equally applied in any organisation that need to implement GDPR or conduct DPIAs.

show abstract

DPIA in Context: Applying DPIA to Assess Privacy Risks of Cyber Physical Systems

2020

View full text Add to dashboard Cite

Cyber Physical Systems (CPS) seamlessly integrate physical objects with technology, thereby blurring the boundaries between the physical and virtual environments. While this brings many opportunities for progress, it also adds a new layer of complexity to the risk assessment process when attempting to ascertain what privacy risks this might impose on an organisation. In addition, privacy regulations, such as the General Data Protection Regulation (GDPR), mandate assessment of privacy risks, including making Data Protection Impact Assessments (DPIAs) compulsory. We present the DPIA Data Wheel, a holistic privacy risk assessment framework based on Contextual Integrity (CI), that practitioners can use to inform decision making around the privacy risks of CPS. This framework facilitates comprehensive contextual inquiry into privacy risk, that accounts for both the elicitation of privacy risks, and the identification of appropriate mitigation strategies. Further, by using this DPIA framework we also provide organisations with a means of assessing privacy from both the perspective of the organisation and the individual, thereby facilitating GDPR compliance. We empirically evaluate this framework in three different real-world settings. In doing so, we demonstrate how CI can be incorporated into the privacy risk decision-making process in a usable, practical manner that will aid decision makers in making informed privacy decisions.

show abstract

Lightweight Process Modeling for Virtual Enterprise Process Collaboration

Xu¹,

Vrieze²,

Phalp³

et al. 2010

View full text Add to dashboard Cite

Abstract. Mashup is a new web 2.0 technology for data aggregation applications, combining data from different sources to create valuable information. The uses of mashups are often more data related than process related. In this paper, we explore the differences between data-oriented mashups and process-oriented enterprise mashups and consider how process mashups can be used for virtual enterprise collaboration. We highlight the modeling of end users' process mashup applications from both a control flow and a data flow perspective. Based on our analyses, a lightweight process modeling approach is proposed for process enterprise mashup applications. Our approach, illustrated by reference to an example personal collaborative activity, will support collaboration among users with different levels of modeling skills and expertise in a virtual enterprise environment.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Sherry Jeary

Re-identification attacks—A systematic literature review

Embedding requirements within Model-Driven Architecture

Implementing GDPR in the Charity Sector: A Case Study

DPIA in Context: Applying DPIA to Assess Privacy Risks of Cyber Physical Systems

Lightweight Process Modeling for Virtual Enterprise Process Collaboration

Contact Info

Product

Resources

About