DCISSP 2015 Abstracts

Short Papers
Paper Nr: 3

User-friendly and Tailored Policy Administration Points


Manuel Rudolph

Abstract: Nowadays, more and more data are collected and processed including sensitive private and business-critical data. Also the need of their protection is increasing. Therefore, we must first know precisely how access and usage constraints must look like. Thus, users with varying levels of security expertise must be enabled to specify their security demands for protecting sensitive data. Security policies are an adequate instrument for specifying security demands, but policies can become very complex and therefore hard to understand and to specify. An error-prone specification can cause immense damage due to unintended data leakage and mistakenly perceived security. Current policy specification interfaces, so called Policy Administration Points (PAPs), are neither easy to use nor understandable by less experienced users. Currently, a systematic approach for developing user-friendly PAPs tailored to the specific needs of individual users and domains does not exist. With current engineering methods, such a tailoring of PAPs would be a very effort-consuming task. For tackling the problem, a novel approach for engineering user-friendly and tailored Policy Administration Points is tackled in the authors PhD and presented in this paper.

Paper Nr: 4

User-defined Privacy Preferences for k-Anonymization in Electronic Crime Reporting Systems for Developing Nations


Aderonke Busayo Sakpere

Abstract: Existing approaches that protect data from honest-but-curious data mining service providers include k-anonymity technique, which is considered a better alternative to previously proposed techniques. However k-anonymity technique adopts a generic paradigm approach to privacy enforcement in its model. Owing to the fact that real-life users have different privacy requirements, there is need to address this generic paradigm approach in K-anonymity in order to improve its efficiency. Our proposed approach integrates the concept of a three tier-privacy level (low, medium and high) into k-anonymity to achieve anonymization. This helps us to identify individual users’ best choice and how users’ privacy preference can be incorporated into the K-anonymity model, as opposed to the generic approach currently adopted. Our preliminary survey presents facts that help to understand factors that influence the choice of users’ privacy preference during crime reporting. Results also show that the following factors affect people’s privacy choice: Age Group, Personality, Community Need and Cultural Background (Adaptive).

Paper Nr: 5

Trust-aware Social Recommender System Design


Peixin Gao, John S. Baras and Jennifer Golbeck

Abstract: Recommender systems are designed to overcome the problem of information overload created by the Internet. However, current approaches for recommender system still suffer from the problems such as sparse information, cold start, and adversary attacks. On the other hand, social network sites (SNS), like Facebook and Epinions, offer a good source of knowledge for recommendation. The idea of integrating signals from social network to improve the performance of the recommendation algorithm has been well accepted and has attracted an increasing amount of research in both academia and industry. In this work, we develop a trust-aware recommender system. We interpret connections in SNS as trust relationships among users, and establish a trust network based on the social graph aligned with the recommender system. Specially, we handle indirect trust in our model, which could enlarge the information source to a large amount. We also discuss the issue of distrust and propose a way to consider both trust and distrust in our model. We also consider integrating our trust-aware recommendation framework with classic collaborative filtering to take advantage of both approaches and further improve the performance in rating prediction and item recommendation.