Skip to main content
SpringerLink
Log in

A Privacy Risk Assessment Model for Open Data

  • Conference paper
  • First Online:
Business Modeling and Software Design (BMSD 2017)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 309))

Included in the following conference series:

Abstract

While the sharing of information has turned into a typical practice for governments and organizations, numerous datasets are as yet not openly published since they may violate users’ privacy. The hazard on data protection infringement is a factor that regularly hinders the distribution of information and results in a push back from governments and organizations. Moreover, even published information, which may appear safe, can disregard client security because of the uncovering of users’ personalities. This paper proposes a privacy risk assessment model for open data structures to break down and diminish the dangers related with the opening of data. The key components are privacy attributes of open data reflecting privacy risks versus benefits exchanges-off related with the utilization situations of the information to be open. Further, these attributes are assessed using a decision engine into a privacy risk indicator value and a privacy risk mitigation measure. Privacy risk indicator expresses the anticipated estimation of data protection dangers related with opening such information and privacy risk mitigation measure expresses the estimations that should be connected on the information to evade the expected security risks. The model is exemplified through five genuine scenarios concerning open datasets.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Janssen, M., van den Hoven, J.: Big and Open Linked Data (BOLD) in government: a challenge to transparency and privacy? Gov. Inf. Q. 32(4), 363–368 (2015)

    Article  Google Scholar 

  2. European Parliament and the Council of the European Union: Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (1995)

    Google Scholar 

  3. European_Commission: Communication from the commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions. Towards better access to scientific information: Boosting the benefits of public investments in research (2012). Accessed 6 Oct 2013

    Google Scholar 

  4. OECD: OECD recommendation of the council for enhanced access and more effective use of on Public Sector Information (2008). http://www.oecd.org/dataoecd/41/52/44384673.pdf. Accessed 8 Nov 2011

  5. ISO/IEC-29100: INTERNATIONAL STANDARD ISO/IEC Information technology - Security techniques - Privacy framework (2011)

    Google Scholar 

  6. Kroener, I., Wright, D.: A strategy for operationalizing privacy by design. Inf. Soc. 30(5), 355–365 (2014)

    Article  Google Scholar 

  7. ISACA AICPA/CICA: Privacy Maturity Model (2011)

    Google Scholar 

  8. Revoredo, M., et al.: A privacy maturity model for cloud storage services. In: Proceedings of the 7th International Conference on Cloud Computing (2014)

    Google Scholar 

  9. Wright, D.: The state of the art in privacy impact assessment. Comput. Law Secur. Rev. 28(1), 54–61 (2012)

    Article  Google Scholar 

  10. Blackmer, W.S.: GDPR: getting ready for the new EU general data protection regulation. In: Information Law Group (2016)

    Google Scholar 

  11. James, T.L., Warkentin, M., Collignon, S.E.: A dual privacy decision model for online social networks. Inf. Manag. 52, 893–908 (2015)

    Article  Google Scholar 

  12. Narayanan, A., Shmatikov, V.: Robust de-anonymization of large sparse datasets. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 111–125 (2008)

    Google Scholar 

  13. Zuiderwijk, A., Janssen, M.: Towards decision support for disclosing data: closed or open data? Inf. Polit. 20(2), 103–117 (2015)

    Article  Google Scholar 

  14. Xu, L., et al.: Information security in big data: privacy and data mining. IEEE Access 2, 1149–1176 (2014)

    Article  Google Scholar 

  15. Randall, S.M., et al.: Privacy-preserving record linkage on large real world datasets. J. Biomed. Inform. 50, 205–212 (2014)

    Article  Google Scholar 

  16. Eldin, A., Wagenaar, R.: Towards autonomous user privacy control. Int. J. Inf. Sec. Priv. 1(4), 24–46 (2007)

    Article  Google Scholar 

  17. Jones, J.A.: An Introduction to Factor Analysis of Information Risk (Fair) (2005). http://www.fairinstitute.org/. Accessed 13 Dec 2016

  18. Ali-Eldin, A., Wagenaar, R.: A fuzzy logic based approach to support users self control of their private contextual data retrieval, In: European Conference on Information Systems (ECIS). Association for Information Systems (AISeL), Turku (2004)

    Google Scholar 

  19. Ali-Eldin, A., van den Berg, J., Ali, H.: A risk evaluation approach for authorization decisions in social pervasive applications. Computer and Electrical Engineering 55, 59–72 (2016)

    Article  Google Scholar 

  20. Government_of_the_Netherlands: Risk of an attack (threat level). https://www.government.nl/topics/counterterrorism-and-national-security/risk-of-an-attack-threat-level. Accessed 28 Jan 2018

  21. Anonymizer. http://www.eyedea.cz/image-data-anonymization/. Accesed 1 Mar 2017

  22. ARX: Data Anonymization Tool. http://arx.deidentifier.org/. Accessed 1 Mar 2017

  23. Camouflage’s-CX-Mask: https://datamasking.com/products/static-masking/. Accessed 1 Mar 2017

  24. Fung, B.C., et al.: Privacy preserving data publishing: a survey of recent developments. ACM Comput. Surv. 42(4) (2010)

    Google Scholar 

  25. Shi, P., Xiong, L., Fung, B.: Anonymizing data with quasi-sensitive attribute value. In: Proceedings of the 19th ACM International Conference (2010)

    Google Scholar 

  26. Motwani, R., Xu, Y.: Efficient algorithms for masking and finding quasi-identifiers (PDF). In: Proceedings of the Conference on Very Large Data Bases (VLDB) (2007)

    Google Scholar 

  27. Shadish, W.R., Cook, T.D., Campbell, D.T.: Experimental and Quasi-Experimental Designs for Generalized Causal Inference. Houghton-Mifflin, Boston (2002)

    Google Scholar 

  28. Nessus: Nessus Vulnerability Scanner. https://www.tenable.com/products/nessus-vulnerability-scanner. Accessed 1 Mar 2017

  29. Ali-Eldin, A.M.T., Hafez, E.A.: Towards a universal architecture for disease data models sharing and evaluation. In: 2017 International Symposium on Networks, Computers and Communications (ISNCC) (2017)

    Google Scholar 

  30. Josuttis, N.M.: SOA in Practice: The Art of Distributed System Design. O’Reilly, Sebastopol (2007)

    Google Scholar 

  31. Ali-Eldin, A.M.T.: Towards a shared public electronic services framework. Int. J. Comput. Appl. 93(14), 48–52 (2014)

    Google Scholar 

  32. Abeysinghe, S.: Restful PHP Web Services. PACKT Publishing, Birmingham (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Leiden Institute of Advanced Computer Science, Leiden University, Leiden, The Netherlands

    Amr Ali-Eldin

  2. Computer and Control Systems Department, Faculty of Engineering, Mansoura University, Mansoura, Egypt

    Amr Ali-Eldin

  3. Faculty of Technology, Policy and Management, Delft University of Technology, Delft, The Netherlands

    Anneke Zuiderwijk & Marijn Janssen

Authors
  1. Amr Ali-Eldin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anneke Zuiderwijk
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Marijn Janssen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Amr Ali-Eldin .

Editor information

Editors and Affiliations

  1. Bulgarian Academy of Sciences, Institute of Mathematics and Informatics (IMI)/Interdisciplinary Institute for Collaboration and Research on Enterprise Systems and Technology (IICREST), Sofia, Bulgaria

    Boris Shishkov

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ali-Eldin, A., Zuiderwijk, A., Janssen, M. (2018). A Privacy Risk Assessment Model for Open Data. In: Shishkov, B. (eds) Business Modeling and Software Design. BMSD 2017. Lecture Notes in Business Information Processing, vol 309. Springer, Cham. https://doi.org/10.1007/978-3-319-78428-1_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-78428-1_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-78427-4

  • Online ISBN: 978-3-319-78428-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation