Search results

1 – 7 of 7
Article
Publication date: 13 November 2017

Christos Kalloniatis

The purpose of this paper is to extend PriS (privacy safeguard), a privacy requirements engineering method for eliciting and modelling privacy requirements during system design…

Abstract

Purpose

The purpose of this paper is to extend PriS (privacy safeguard), a privacy requirements engineering method for eliciting and modelling privacy requirements during system design, with the addition of privacy-aware cloud-based concepts to assist analysts to reason and model about privacy in cloud environments.

Design/methodology/approach

An analysis of previous findings on the file of cloud privacy based on previous work has been conducted and a set of privacy-related concepts that need to be considered during privacy analysis for cloud-based systems have been revealed. These concepts were used for extending the conceptual model of PriS.

Findings

The main finding of the paper is the design of a new, novel conceptual model that assists analysts and designers in reasoning about privacy in cloud environments. A new template using the JSON (Javascript notation object) format has been introduced for better expressing the privacy requirements along with the related concepts presented through the conceptual model, thus letting the developers to better understand the findings during the design stage and better guide them to the implementation of the respective solution.

Research limitations/implications

The design of a cloud-based process that will guide analysts in detail for eliciting and modelling the identified privacy-related requirements is the limitation and in parallel the next step of the specific work presented here.

Practical implications

The conceptual model has been applied on a real case scenario regarding its efficiency on capturing and mapping all necessary concepts for assisting analysts proceed with the design of the privacy-aware system. The results were positive, all concepts were easy to use and totally understandable from the design team and the stakeholders and the use of the JSON template received very positive comments, especially from the developer’s team.

Originality/value

The paper presents a novel conceptual model for reasoning about privacy requirements in the cloud. The applicability of the proposed model has also been tested on a real case study.

Details

Information & Computer Security, vol. 25 no. 5
Type: Research Article
ISSN: 2056-4961

Keywords

Article
Publication date: 19 May 2022

Katerina Vgena, Angeliki Kitsiou and Christos Kalloniatis

The purpose of this paper is to establish reciprocity among socio-location attributes while underlining the additional users’ privacy implications on social media (SM).

182

Abstract

Purpose

The purpose of this paper is to establish reciprocity among socio-location attributes while underlining the additional users’ privacy implications on social media (SM).

Design/methodology/approach

Digital identity theories, social software engineering theory and the Privacy Safeguard (PriS) methodology were considered while reviewing 32 papers for identifying users’ SM attributes. After proposing interrelations among socio-location attributes, the PriS method was used to match social aspects of privacy in designing case studies to illustrate the associations through potential users’ privacy implications.

Findings

Eighteen users’ SM attributes were collected and correlated to the Face, Frame, Activity, Time and Stage (FFrATS) 4 W (socio-location attributes), which provoke further privacy implications due to the notions of self-determination and self-disclosure on SM. The authors draw on the PriS methodology to address privacy’s multidimensionality while creating case studies to examine privacy issues arising due to socio-location attribute disclosure and users’ trajectories and normativity lines.

Research limitations/implications

Supplementary case studies and research are needed to enable the design of a socio-spatially and privacy-aware designing methodology.

Practical implications

Designing proper methodologies and techniques to address users’ privacy implications deriving from socio-location attributes can provide designers with a technical solution to SM platforms.

Social implications

Socio-location attribute disclosure constructs representative SM profiles; however, the revelation of attributes and their interrelations create additional privacy implications for SM users.

Originality/value

Deepening the understanding of disclosing socio-location attributes on SM while bridging the socio-technical gap will provide the necessary background for proposing technical solutions to protecting users’ privacy.

Details

Information & Computer Security, vol. 30 no. 5
Type: Research Article
ISSN: 2056-4961

Keywords

Article
Publication date: 30 January 2019

Maria Sideri, Angeliki Kitsiou, Ariadni Filippopoulou, Christos Kalloniatis and Stefanos Gritzalis

Even though social media are nowadays used in the frame of public governance to ensure citizens’ major participation, enhance e-dialogue and e-democracy consequently, this…

Abstract

Purpose

Even though social media are nowadays used in the frame of public governance to ensure citizens’ major participation, enhance e-dialogue and e-democracy consequently, this utilization has not been expanded yet in the field of education, whose key role focuses on the cultivation of active citizenship, as it is promoted through participation. The purpose of this paper is to examine leadership’s views of Greek Secondary and Tertiary Education on the potential use of social media for participatory decision-making processes in order to identify if the e-participation model could be implemented in the Greek education field as in other public domains.

Design/methodology/approach

An exploratory research was elaborated, employing a survey design of quantitative method in order to explore Greek educational organizations leadership’s perspectives toward social media usage in participatory decision-making processes.

Findings

The research reveals Greek educational leadership’s positive view on the potential effects of social media usage in participatory decision-making processes and highlights anticipated benefits as well as problems to be faced, indicating the foundation for Greek leaders to implement social media in their leadership practices and exploit their affordances as in e-governance shifts.

Practical implications

Bringing the concept of e-participation and crowd sourcing model – key features in e-governance initiatives through social media usage – in education field, Greek educational leadership is informed to consider social media utilization more methodically in the context of participatory decision-making processes, updating simultaneously existing leadership practices.

Originality/value

Up till now, social media usage in participatory decision-making processes in educational settings has hardly received attention.

Details

Internet Research, vol. 29 no. 4
Type: Research Article
ISSN: 1066-2243

Keywords

Article
Publication date: 1 March 2006

Evangelia Kavakli, Christos Kalloniatis, Pericles Loucopoulos and Stefanos Gritzalis

To present a new methodology for incorporating privacy requirements into the system design process called PriS, and describe its applicability in the e‐VOTE system for presenting…

1209

Abstract

Purpose

To present a new methodology for incorporating privacy requirements into the system design process called PriS, and describe its applicability in the e‐VOTE system for presenting methodology's way‐of‐working.

Design/methodology/approach

PriS is a requirement engineering methodology focused on privacy issues. It provides a set of concepts for modelling privacy requirements (anonymity, pseudonymity, unlinkability and unobservability) in the organisation domain and a systematic way‐of‐working for translating these requirements into system models. The conceptual model used in PriS is based on the Enterprise Knowledge Development (EKD) framework. PriS models privacy requirements as a special type of goal.

Findings

Based on the analysis of a number of well‐known privacy‐enhancing technologies as well as of existing security requirement engineering methodologies, this paper pinpoints the gap between system design methodologies and technological solutions. To this end, PriS is suggested, with a view to providing a methodological framework for matching privacy‐related requirements with the proper implementation techniques.

Originality/value

This paper proposes a new methodology for addressing privacy requirements during the design process. It guides developers to choose the most appropriate implementation techniques for realising the identified privacy issues. PriS methodology has a high degree of applicability on Internet systems that wish to provide services that ensure users privacy, such as anonymous browsing, untraceable transactions, etc.

Details

Internet Research, vol. 16 no. 2
Type: Research Article
ISSN: 1066-2243

Keywords

Article
Publication date: 1 December 2007

Evangelia Kavakli, Stefanos Gritzalis and Kalloniatis Christos

The purpose of the paper is to present Privacy Safeguard (PriS) a formal security requirements engineering methodology which, incorporates privacy requirements in the system…

Abstract

Purpose

The purpose of the paper is to present Privacy Safeguard (PriS) a formal security requirements engineering methodology which, incorporates privacy requirements in the system design process and to demonstrate its applicability in an e‐voting case.

Design/methodology/approach

PriS provides a methodological framework for addressing privacy‐related issues during system development. It provides a set of concepts for formally expressing privacy requirements (authentication, authorisation, identification, data protection, anonymity, pseudonymity, unlinkability and unobservability) and a systematic way‐of‐working for translating these requirements into system models. The main activities of the PriS way‐of‐working are: elicit privacy‐related goals, analyse the impact of privacy goals on processes, model affected processes using privacy process patterns and identify the technique(s) that best support/implement the above‐process patterns.

Findings

Analysis of a number of well known privacy‐enhancing technologies, as well as of existing security requirement engineering methodologies, pinpoints the gap between system design methodologies and technological solutions. To this end, PriS provides an integrated approach for matching privacy‐related requirements to proper implementation techniques. Experimentation with the e‐voting case suggests that PriS has a high degree of applicability on internet systems that wish to provide services that ensure users privacy, such as anonymous browsing, untraceable transactions, etc.

Originality/value

The paper proposes a new methodology for addressing privacy requirements during the design process. Instead of prescribing a single solution, PriS guides developers to choose the most appropriate implementation techniques for realizing the identified privacy issues. In addition, due to its formal definition it facilitates control of the accuracy and precision of the results and enables the development of automated tools for assisting its application.

Details

Transforming Government: People, Process and Policy, vol. 1 no. 4
Type: Research Article
ISSN: 1750-6166

Keywords

Article
Publication date: 1 June 2010

Eleni Kosta, Christos Kalloniatis, Lilian Mitrou and Stefanos Gritzalis

The purpose of this paper is to examine how the introduction of new communication channels facilitates interactive information sharing and collaboration between various actors…

1628

Abstract

Purpose

The purpose of this paper is to examine how the introduction of new communication channels facilitates interactive information sharing and collaboration between various actors over social networking services and how social networking fits in the existing European legal framework on data protection. The paper also aims to discuss some specific data protection issues, focusing on the role of the relevant actors, using the example of photo tagging.

Design/methodology/approach

Privacy in social networks is one of the main concerns for providers and users. This paper examines the role of the main actors in social networking, i.e. the providers and the users, scrutinised under the light of the European data protection legislation. Specifically, how social networking service providers deal with users' privacy and how users handle their personal information, if this manipulation is complied with the respective legislation and how “tagging”, one of the most familiar services provided by the social networking providers, may cause privacy risks.

Findings

Social networking is one of the most remarkable cultural phenomena that has blossomed in the Web 2.0 era. They enable the connection of users and they facilitate the exchange of information among them. However, the users reveal vast amounts of personal information over social networking services, without realising the privacy and security risks arising from their actions. The European data protection legislation could be used as a means for protecting the users against the unlawful processing of their personal information, although a number of problems arise regarding its applicability.

Originality/value

The paper discusses some privacy concerns involved in social networks and examines how social networking service providers and users deal with personal information with regard to the European data protection legislation.

Details

Transforming Government: People, Process and Policy, vol. 4 no. 2
Type: Research Article
ISSN: 1750-6166

Keywords

Content available
Article
Publication date: 1 June 2010

Zahir Irani and Yogesh Dwivedi

352

Abstract

Details

Transforming Government: People, Process and Policy, vol. 4 no. 2
Type: Research Article
ISSN: 1750-6166

1 – 7 of 7