Abstract
While the sharing of information has turned into a typical practice for governments and organizations, numerous datasets are as yet not openly published since they may violate users’ privacy. The hazard on data protection infringement is a factor that regularly hinders the distribution of information and results in a push back from governments and organizations. Moreover, even published information, which may appear safe, can disregard client security because of the uncovering of users’ personalities. This paper proposes a privacy risk assessment model for open data structures to break down and diminish the dangers related with the opening of data. The key components are privacy attributes of open data reflecting privacy risks versus benefits exchanges-off related with the utilization situations of the information to be open. Further, these attributes are assessed using a decision engine into a privacy risk indicator value and a privacy risk mitigation measure. Privacy risk indicator expresses the anticipated estimation of data protection dangers related with opening such information and privacy risk mitigation measure expresses the estimations that should be connected on the information to evade the expected security risks. The model is exemplified through five genuine scenarios concerning open datasets.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Janssen, M., van den Hoven, J.: Big and Open Linked Data (BOLD) in government: a challenge to transparency and privacy? Gov. Inf. Q. 32(4), 363–368 (2015)
European Parliament and the Council of the European Union: Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (1995)
European_Commission: Communication from the commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions. Towards better access to scientific information: Boosting the benefits of public investments in research (2012). Accessed 6 Oct 2013
OECD: OECD recommendation of the council for enhanced access and more effective use of on Public Sector Information (2008). http://www.oecd.org/dataoecd/41/52/44384673.pdf. Accessed 8 Nov 2011
ISO/IEC-29100: INTERNATIONAL STANDARD ISO/IEC Information technology - Security techniques - Privacy framework (2011)
Kroener, I., Wright, D.: A strategy for operationalizing privacy by design. Inf. Soc. 30(5), 355–365 (2014)
ISACA AICPA/CICA: Privacy Maturity Model (2011)
Revoredo, M., et al.: A privacy maturity model for cloud storage services. In: Proceedings of the 7th International Conference on Cloud Computing (2014)
Wright, D.: The state of the art in privacy impact assessment. Comput. Law Secur. Rev. 28(1), 54–61 (2012)
Blackmer, W.S.: GDPR: getting ready for the new EU general data protection regulation. In: Information Law Group (2016)
James, T.L., Warkentin, M., Collignon, S.E.: A dual privacy decision model for online social networks. Inf. Manag. 52, 893–908 (2015)
Narayanan, A., Shmatikov, V.: Robust de-anonymization of large sparse datasets. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 111–125 (2008)
Zuiderwijk, A., Janssen, M.: Towards decision support for disclosing data: closed or open data? Inf. Polit. 20(2), 103–117 (2015)
Xu, L., et al.: Information security in big data: privacy and data mining. IEEE Access 2, 1149–1176 (2014)
Randall, S.M., et al.: Privacy-preserving record linkage on large real world datasets. J. Biomed. Inform. 50, 205–212 (2014)
Eldin, A., Wagenaar, R.: Towards autonomous user privacy control. Int. J. Inf. Sec. Priv. 1(4), 24–46 (2007)
Jones, J.A.: An Introduction to Factor Analysis of Information Risk (Fair) (2005). http://www.fairinstitute.org/. Accessed 13 Dec 2016
Ali-Eldin, A., Wagenaar, R.: A fuzzy logic based approach to support users self control of their private contextual data retrieval, In: European Conference on Information Systems (ECIS). Association for Information Systems (AISeL), Turku (2004)
Ali-Eldin, A., van den Berg, J., Ali, H.: A risk evaluation approach for authorization decisions in social pervasive applications. Computer and Electrical Engineering 55, 59–72 (2016)
Government_of_the_Netherlands: Risk of an attack (threat level). https://www.government.nl/topics/counterterrorism-and-national-security/risk-of-an-attack-threat-level. Accessed 28 Jan 2018
Anonymizer. http://www.eyedea.cz/image-data-anonymization/. Accesed 1 Mar 2017
ARX: Data Anonymization Tool. http://arx.deidentifier.org/. Accessed 1 Mar 2017
Camouflage’s-CX-Mask: https://datamasking.com/products/static-masking/. Accessed 1 Mar 2017
Fung, B.C., et al.: Privacy preserving data publishing: a survey of recent developments. ACM Comput. Surv. 42(4) (2010)
Shi, P., Xiong, L., Fung, B.: Anonymizing data with quasi-sensitive attribute value. In: Proceedings of the 19th ACM International Conference (2010)
Motwani, R., Xu, Y.: Efficient algorithms for masking and finding quasi-identifiers (PDF). In: Proceedings of the Conference on Very Large Data Bases (VLDB) (2007)
Shadish, W.R., Cook, T.D., Campbell, D.T.: Experimental and Quasi-Experimental Designs for Generalized Causal Inference. Houghton-Mifflin, Boston (2002)
Nessus: Nessus Vulnerability Scanner. https://www.tenable.com/products/nessus-vulnerability-scanner. Accessed 1 Mar 2017
Ali-Eldin, A.M.T., Hafez, E.A.: Towards a universal architecture for disease data models sharing and evaluation. In: 2017 International Symposium on Networks, Computers and Communications (ISNCC) (2017)
Josuttis, N.M.: SOA in Practice: The Art of Distributed System Design. O’Reilly, Sebastopol (2007)
Ali-Eldin, A.M.T.: Towards a shared public electronic services framework. Int. J. Comput. Appl. 93(14), 48–52 (2014)
Abeysinghe, S.: Restful PHP Web Services. PACKT Publishing, Birmingham (2008)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Ali-Eldin, A., Zuiderwijk, A., Janssen, M. (2018). A Privacy Risk Assessment Model for Open Data. In: Shishkov, B. (eds) Business Modeling and Software Design. BMSD 2017. Lecture Notes in Business Information Processing, vol 309. Springer, Cham. https://doi.org/10.1007/978-3-319-78428-1_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-78428-1_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-78427-4
Online ISBN: 978-3-319-78428-1
eBook Packages: Computer ScienceComputer Science (R0)