جستجوی مقالات مرتبط با کلیدواژه "privacy" در نشریات گروه "فناوری اطلاعات"

Today, social networks have brought a lot of convenience to their users, but there are still problems of not respecting privacy. This has caused the security and privacy protection of social network users to be important. Users share a large amount of personal data on social networks, attackers can obtain sensitive personal information simply by using social networks. and carry out various types of attacks and identity theft. Many social networks do not have their own data centers and usually store user data in third-party data centers. These centers can share this data with others and provide user data to other organizations without their knowledge. Owners of social networks can provide users' data to information agencies or use them for advertising purposes. In this research, in the first part, we have described the introduction of the subject, and then in the second part, we have discussed the literature on the subject, which is mostly focused on the centralized methods of privacy protection, and then in the third part, we have described the research method. And we have presented a method that increases the privacy of users in social networks to a great extent by using blockchain. In the fourth part, we have described the implementation of the research and finally we have concluded and summarized this research.

Due to the increasing amount of data collection and processing in today’s digital world, preserving individual and organizational privacy has become an undeniable necessity. In this regard, alongside the efforts of scientific and research centers to address privacy issues, several laws have been established in different countries. Among these, the General Data Protection Regulation (GDPR) at the European level is widely regarded by researchers as the most significant change in the field of privacy laws in recent decades and serves as a strong model for managing personal data. Based on this, in this article, to explore the multifaceted nature of privacy, we first review the history of privacy protection, then focus on the GDPR law. Some of the most important points and considerations regarding the nature and structure of this law, as well as the necessity and challenges of compliance with it, are presented. Additionally, the extensive measures outlined in this law for the implementation and enforcement of privacy protection mechanisms are discussed. Finally, by mapping the discussed content to the current state of privacy in Iran, some key points for the practical implementation of privacy laws in Iran are highlighted.

Data outsourcing to reliable centers for data maintenance, protection and accessibility is simple and low-cost and does not require physical infrastructure, hardware, software and human resources. However, real-world events and recent researches have shown that even reliable centers can abuse users' trust. For example, 1) make changes in the data they have, 2) delete them, or 3) make them temporarily/permanently unavailable. Data audit methods assure the data owners that the data recorded in the database is the same as the data sent by the user and reveals the changes made in it. But they only solve the first problem. In 2008, the introduction of a technology called blockchain, which had several attractive features such as transparency, immutability, and autonomy, caused the problems of many systems that needed the mentioned features to be solved. In this article, after reviewing and addressing several blockchain-based data auditing architectures and protocols, we review and analyze their general framework. Finally, we compare the reviewed works and specify some future horizons of this field.

Due to the importance of data sharing in the digital era and the two main considerations related to it that are; standardization and privacy protection,this article aims to answer a critical question that is,does standardization play a role in the proposed solutions for health data privacy protection?

The present study is a systematic review conducted by searching databases such as Web of Science, PubMed, ScienceDirect, Springer, Magiran and SID and by applying a time limit filter.After applying the criteria for inclusion and exclusion and evaluating the results,relevant studies were selected.

Articles addressing standardization and privacy protection in health data have been analyzed by taking 5 indicators into account. The need for standardization and its role to preserve privacy in health data have also been explained by examining the findings and discussing various laws related to privacy in the health field and its relationship with standardization.After the investigation,our study reveals that due to the technical structure of the fourth and fifth generation of health care, which has facilitated standardization, privacy protection can also be achieved through standardization.Finally,directions for future research on this topic are also suggested.

The results of this research showed that the fourth- and fifth-generation health care systems that are technology-oriented; are formed based on standards,and these standards provide the possibility of their evaluation. Thus if laws related to health data privacy protection are developed based on standards,they will have a high execution guarantee. This further highlights the critical role of standard development organizations in this field.

Nowadays, information systems as the hub of data processing and knowledge management play a vital and extensive role in digital societies. With the increasing development of technologies and the increase in the amount of information related to users and organizations, the security of information systems has become a complex and multi-dimensional challenge. In the field of security management in our information systems, we need a comprehensive understanding of all types of threats and challenges and providing approaches, policies, procedures and resources that are used to prevent security gaps, as well as protecting the system from all types of attacks affecting data and information. to be It is necessary to adopt a coherent and coordinated method to achieve the security processes of data and systems and it is necessary to understand the complexity of this category and provide comprehensive approaches based on its basic principles. Protection of information systems against unauthorized access or change to information, including storage, processing or transmission, and against denial of service to authorized users, is among the necessary measures to identify, document and deal with security threats in this area. According to the importance of the subject in this article, we will investigate the characteristics of security services of information systems in the environment of distributed networks, their importance and existing challenges and we will express effective policies and procedures to increase security in this area.

Financial transactions in Bitcoin are stored in a distributed database called the block chain. All transactions are publicly available for all network nodes with the aim of transparency and the possibility of verifying the correctness. But this blockchain transparency feature, exploited by transaction analysis techniques, can lead to the violation of users’ privacy and the disclosure of their identities. Researchers have proposed various techniques such as transaction mixing or fair exchange with the aim of improving privacy in Bitcoin transactions. In this paper, we present a new mixing scheme that overcomes some of the weaknesses of previous schemes. Obviously, in the proposed scheme, users can mix different amounts of Bitcoin in each round of the protocol implementation, which leads to achieving the result in a shorter time and at a lower cost. Also, this scheme is more resistant to denial of service attacks by malicious users.

The development and use of electronic health records (EHR) have had remarkable impacts on human life, such as improvements in the quality of medical care, better research results, and enhancements in treatment methods. Despite these improvements, availability, security and privacy concerns have remained to be very important in this field. In this article, we propose a decentralized and distributed system for electronic health records management with the help of the blockchain technology and its potential benefits. In this system, patient information is stored in the cloud. Also, the real owner of the electronic records is the patient, and with the help of smart contracts and encryption, he/she controls how to access his/her health information. In the proposed solution, the problem of sharing and storing the patients’ keys has been solved with the help of smart contracts. In addition, we proposed solutions to special cases which are raised by transferring the control of the records to the patients such as permissions for underage patients, in emergency situations, and after the death of the patient. Comparison of the related works shows that the proposed system has solved the problems of competing systems while maintaining a high level of privacy.

The construction of classification models is widely used in data mining. There are concerns about the privacy of data owners because of the need to collect data to build models. In this paper, a Naïve Bayes classification model construction plan is presented, which performs the model construction operation with the participation of data owners and without the need to collect the original data. Instead of collecting data, the scheme uses encryption of bit strings from counting without disclosing the original data to perform the process of creating the Naïve Bayes model. This design allows the model to be built with appropriate performance without the need for trust in a third party with a minimum number of encryptions, so that in terms of time complexity, up to 87% improvement in time cost can be observed. In addition, memory consumption has not increased significantly when compared to designs that use encryption operations.

The Internet of Things provides instant access to information about the physical world and the objects within it, leading to new services and increasing efficiency and productivity. The wireless sensor network is an important network infrastructure in the Industrial Internet of Things and user authentication is used as a basic security mechanism to authenticate users to wireless sensor networks. In this article, we intend to provide a new way to improve the security of authentication using image processing. The analysis was performed by MATLAB software. The results presented in this article, which includes seven steps, have a 93% correct detection rate in pupil identification. These seven steps are: 1. Noise reduction, 2. Finding the outer border of the pupil, 3. Separating the eyelashes, 4. Finding the border of the eyelids, 5. Finding the outer border of the iris, 6. Separating the iris area and 7. Extracting the feature and encoding the pixels by the elliptic curve cryptography (ECC) method. With the measurements and experiments performed, it was found that the proposed method in identifying the eyelid border by the quadratic equation method is more efficient and faster in terms of time than the third-degree equation and the Huff parabolic conversion method. In order to extract the feature, the effective parameters in the SAIF feature extraction algorithm were examined and measured, and the optimal parameters were selected. The Sigma parameter with a value of 2.5 and the Octave parameter with a value of 4 should be considered as the best values. Also, in order to evaluate the resistance of the proposed method to error factors such as the angle, brightness and scale, the proposed method was tested and it was proved that the method has the appropriate resistance resolution in different conditions.

As the Internet of Things (IoT) expands and becomes more widespread, we will soon see the dependence of human life on its services. At that time, it would be difficult to imagine the survival without the IoT, and disruption of its services would cause great loss of life and property. Disruption of IoT services can occur for two reasons: network errors due to congestion, collision, interruption and noise, and disruption due to the malicious activities of infiltrator. Also, the destructive activities of infiltrators can lead to various cyber attacks and violation of the privacy of individuals. Therefore, before the interdependence between human life and IoT, it is necessary to consider measures to ensure the quality and security of service and privacy. In this study, a solution to reduce service delay (improve quality) and ensure security and privacy of things by relying on the computing power of nodes available in the Fog Layer has been proposed. The proposed solution simultaneously improves service quality and maintains security and privacy. Other features of presented algorithm in proposed solution of fairness between objects are in terms of the quality of service received and minimizing overhead processing and transfer of expired packages (packages that will certainly experience a consumedly threshold delay). Adherence to fairness ensures that the quality of service of any of the things does not be a subject of the reduction of the delay of the service of the entire network; These aforementioned objects may be subjects of critical applications, such as health.

The Internet of Things (IoT) is one of the fastest technologies to be used in a variety of applications in the last decade and is in fact a large distributed network in which billions of intelligent devices are connected. Smart devices connect wirelessly or wirelessly to communicate, process, compute and monitor various real-time scenarios. The Internet of Things promises a world in which intelligent communication from most devices is possible via the Internet anywhere, anytime with the least possible human assistance. However, security and privacy are the main concerns of the Internet of Things that can affect its sustainable development. Inadequate device updates, lack of efficient and robust security protocols, user ignorance, and active device monitoring are some of the major security challenges that the Internet of Things faces. In this article, we have dealt with the issue of IoT security from different dimensions and examined the related challenges and solutions.

With the pervasiveness of social networks and the growing information shared on them, users of these networks are exposed to potential threats to data security and privacy. The privacy settings included in these networks do not give users complete control over the management and privatization of access to their shared information by other users. In this article, using the concept of social graph, a new model of user access control was proposed to the user, which allows the expression of privacy policies and more accurate and professional access control in terms of pattern and depth of relationships between users in social networks. In this article, by using the regular index method, indirect relationships among users are examined and analyzed, and more precise policies than previous models are presented. The evaluation of the results showed that for 10 neighbors for each user, the probability accumulation of a qualified path for the first three counter loops is 1, 10.5 and 67.3%, respectively, and finally for the fourth counter it reaches 100%. As the defined counting characteristic increases, the average execution time of the proposed algorithm and previously proposed algorithms increases. However, for the higher limits of the counting characteristic, the proposed algorithm performs better than the previous ones.

In recent decades, video surveillance systems have an increasing development that are used to prevent crime and manage facilities with rapid diffusion of  (CCTV)cameras to prevent crime and manage facilities. The video stored in the video surveillance system should be managed comfortably, but sometimes the movies are leaking out to unauthorized people or by unauthorized people, thus violating individual boundaries . CCTV cameras and video surveillance systems are needed today because of the increasing number of crimes, These cameras and video surveillance systems. but because of unsafe storage and data sharing methods, access to movies saved by unauthorized people is possible. The use of existing protocols and security techniques has already been defeated several times by the attackers. It requires an alternative system that should not only be highly secure but not changeable. Video stream generated by surveillance cameras play a crucial role in preventing crime in smart cities. CCTV cameras are necessary for a range of public applications in a smart city; they can become smart sensors that help ensure safety and safety. in this paper, we review the methods and articles presented in the context of blockchain application in visual surveillance systems and compare them.

Nowadays, smart home is considered one of the most important applications of the Internet of Things (IoT) which provides efficiency, home security, energy & cost saving to everyone’s life. Despite the advantages of this technology, privacy and security concerns require more considerations. IoT-A is considered in this paper as a reference architecture that follows evaluating protocols, making sure from the consistency of things and protocols, and providing a comprehensive solution for different applications of IoT. This paper works on IoT-A and targets this challenge in IoT and smart home, and proposes a security architecture to improve security in all levels including design, implementation, and protocols. This paper uses the term Security Framework as a way to identify all technologies, procedures, software, and other components for providing security in smart homes. At first, this paper studies all vulnerabilities and threats of the reference architecture, and then propose an improved model to satisfy all security requirements. The proposed model reasonably satisfies all security and privacy requirements of smart homes based on IoT-A.

Online social networks (OSNs) is one of the most popular medium for communicating, sharing, and publishing a considerable amount of information. OSN popularity often faces the challenge of dealing with unwanted messages and hidden malicious purposes in it. Based on recent studies, social network users can easily expose their confidential details with others. Misuse of this information can cause damage in virtual and real world. In this paper, main categories attacks are given on social network online security and privacy in four categories classic, modern, hybrid and children special attacks and ways that can be used to protect against different types of attacks used OSN users is the social network operators, security companies, and researchers are provided. Finally, eight ways to prevent these threats is presented.

The Identity Management System (IDM) is a set of policies, rules, procedures, and systems that manage authentication, access control, and audit activity based on digital identity. In the Identity Management System, given the storage of user identity attributes in the identity provider, users will lose their physical and traditional control over their personal identity, and on the other hand, user attributes are subject to more attacks from The inside of the system and the external attackers. Therefore, to ensure user's privacy control is keeping awareness of the release of his / her identity information, So providing security mechanisms in the area of privacy is essential. The current mechanisms have failed to satisfy users confidence in maintaining the security and privacy associated with their identity information. The designs presented in this area will increase user intervention and involvement during system interactions , and the user must act as an interface role. The Problems of the proposed designs, the high computational burden on a part of the system. In this article, the process of improving privacy control and user awareness for solving problems has been investigated.

Cloud environment are known as a revolution in IT industry in the recent decade and many organizations have used this service for data processing and data storage. Despite of fast growing and numerous advantages, some organizations still do not use this service due to security problems and privacy issues related to storing sensitive data on the untrusted cloud servers. Access control management utilizing encryption techniques is one of the most common methods to solve these kinds of problems. Attribute based encryption is a new cryptographic model which uses descriptive attributes and access structures for managing access control. This article discusses the most recent methods of access control in cloud environment using attribute based encryption. We classify these protocols with respect of efficiently and security features. Finally, all the strengths and weaknesses points of reviewed articles are discussed and a comprehensive security and practical comparison is presented.