Dear SIGCHI Community on Human-Computer Interaction,
Please let me kindly ask for your attention on :
A Toolset for Usable Security with ICT Service Networks
This research-in-progress is joint work with Dr. Kazuo TAKARAGI (Deputy Director, Information Technology Research Institute, National Institute of Advanced Industrial Science and Technology (AIST), Japan, http://www.itri.aist.go.jp/ <http://www.itri.aist.go.jp/en/> )
Please find below the abstract.
The poster with contact details is available
@ResearchGate: https://www.researchgate.net/publication/308204104_A_Toolset_for_Usable_Security_with_ICT_Service_Networks <https://www.researchgate.net/publication/308204104_A_Toolset_for_Usable_Security_with_ICT_Service_Networks>
@SlideShare: http://www.slideshare.net/swohlge/a-toolset-for-usable-security-with-ict-service-networks <http://www.slideshare.net/swohlge/a-toolset-for-usable-security-with-ict-service-networks>
Thank you very much in advance for your consideration.
==== BEGIN ABSTRACT ====
At IWSEC 2016 in Tokyo (http://www.iwsec.org/2016/ <http://www.iwsec.org/2016/>), we have presented a Toolset for Usable Security especially beneficial for the secondary use of personal information.
Thanks to the audience for the valuable feedback.
At Great Hanshin Earthquake occurred in Kansai area, Japan in 1995, it was shown that the sharing of personal information was very important in order to maintain health and property of people who were affected by the disaster.
Those were biometric authentication information, medical records, passbook, and so on.
Similar problems have occurred at the Great East Japan Earthquake in 2011 and the 2016 Kumamoto Earthquake.
Conventionally and presumably in future, when the secondary use of personal information should be carried out, this data controller usually plays an important role.
For example, it is a government.
It approves an access to that secondary use of personal information with a limited condition.
Usually from this point of time, the owner of the personal information loses control over his or her information. It may be against the regulation or compliance, so the data controller is usually reluctant to give permission.
One of the basic ideas for solving the problem is to provide a sufficient judgment material information to the data controller in a timely manner by which the data controller can properly give a permission for the secondary use of the personal information.
Ideally in order for the perfect judgement for the data controller, it is desirable to give all the states of artifacts, natural products, all the memory of the computer, the human condition and so on. In general, it is not possible.
The first idea is that some part of personal information is anonymized and sometimes subjected to a treatment with artificial intelligence, then sent to the data controller.
Some privacy enhancing techniques are used in the process.
Thus, it will enable a fast and rational judgement by the data controller.
The second basic idea is to provide a means that the user does not lose control on his own data even after the secondary use of personal information has been carried out.
For this, it is important to let the user know the data provenance.
We are developing a mechanism using block chain where people can obtain the provenance of anonymous data without central authority.
Furthermore, by referring to the block chain as open data, we get an effect of being able to obtain the transparency and compliance through the process.
Currently, we are developing a set of tools necessary in order to realize these ideas. We aim to lead it to an implementation in a real society through a proof of concept in future.
Thank you very much.
==== END ABSTRACT ====
To unsubscribe, send an empty email to
mailto:[log in to unmask]
For further details of CHI lists see http://listserv.acm.org