Abstract
Privacy protection within Cloud Computing Environments (CCE) is extremely complex to be realized, due to multiple stakeholders’ interactions that lead to several privacy risks and leaks. Therefore, the necessity for self-adaptive privacy preserving schemes, in order to safeguard users’ privacy by considering their social and technological context within CCE is highlighted. Our analysis has indicated that a group of criteria should be satisfied in order to support this aim. However, it is pointed out that the criteria concerning the identification of users’ social needs and stakeholders’ technical privacy needs are not sufficiently satisfied, failing to determine which stakeholders’ privacy aspects should be examined and how. Towards this, the paper points out that Self Adaptive Privacy within CCE should be addressed as an emerged interdisciplinary research area, since the identified criteria concern both users’ social norms and technical privacy artifacts. Based on these criteria, the social and technical privacy aspects that should be considered from both users’ and developers’ perspective are discussed, leading to the identification of the socio-technical concepts and their interdependencies that should be taken into account. It proposes that a proper research design regarding Self Adaptive Privacy within CCE should be built, based on an interrelated three-layered examination that concerns users’, developers’ and CCE context, aiming to lay the ground for the identification of the Self-Adaptive Privacy related requirements within CCE.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Martin, K.: Understanding privacy online: development of a social contract approach to privacy. J. Bus. Ethics 137(3), 551–569 (2016)
Kitsiou, A., Tzortzaki, E., Kalloniatis, C., Gritzalis, S.: Towards an integrated socio-technical approach for designing adaptive privacy aware services in cloud computing. In: Benson, V. (ed.) Cyber Influence and Cognitive Threats, pp. 9–32. Elsevier (2020)
Sujon, Z.: The triumph of social privacy: understanding the privacy logics of sharing behaviors across social media. Int. J. Commun. 12, 3751–3771 (2018)
Marwick, A.E., Boyd, D.: Networked privacy: how teenagers negotiate context in social media. New Media Soc. 16(7), 1051–1067 (2014)
Badidi, E., Atif, Y., Sheng, Q.Z., Maheswaran, Muthucumaru: On personalized cloud service provisioning for mobile users using adaptive and context-aware service composition. Computing 101(4), 291–318 (2018). https://doi.org/10.1007/s00607-018-0631-8
Abowd, G.D.: Beyond weiser: from ubiquitous to collective computing. Computer 49(1), 17–23 (2016)
Cook, A., et al.: Internet of cloud: Security and privacy issues. In: Shankar, B., et al. (eds.) Cloud Computing for Optimization: Foundations, Applications, and Challenges, pp. 271–301. Springer (2018)
Knijnenburg, B.: Privacy in social information access. In: Brusilovsky, P., He, D. (eds.) Social Information Access, pp. 19–74. Springer, Cham (2018)
Omoronyia, I.: Reasoning with imprecise privacy preferences. In: Proceedings of the 24th International Symposium on Foundations of Software Engineering, pp. 920–923. ACM, Seattle (2016)
Taddicken, M.: The ‘privacy paradox in the social web: the impact of privacy concerns, individual characteristics, and the perceived social relevance on different forms of self disclosure. J. Comput.-Med. Commun. 19(2), 248–273 (2014)
Poller, A., Ilyes, P., Kramm, A.: Designing privacy-aware online social networks-a reflective socio-technical approach. In: Proceedings of the Conference on Computer-Supported Cooperative Work and Social Computing, pp. 23–27. ACM, Texas (2013)
Belk, M., et al.: Adaptive & personalized privacy & security workshop chairs’ welcome and organization. In: 27th Conference on User Modeling, Adaptation and Personalization, pp. 191–192. ACM, Cyprus (2019)
De Wolf, R., Pierson, J.: Researching social privacy on SNS through developing and evaluating alternative privacy technologies. In: Proceedings of the Conference on Computer-Supported Cooperative Work and Social Computing. ACM, Texas (2013)
Nissenbaum, H.: Privacy in Context: Technology, Policy and the Integrity of Social Life. Stanford University Press, California (2009)
Tikkinen-Piri, C., Rohunen, A., Markkula, J.: EU general data protection regulation: changes and implications for personal data collecting companies. Comput. Law Secur. Rev. 34(1), 134–153 (2018)
Pearson, S.: Taking account of privacy when designing cloud computing services. In: Proceedings of the Workshop on Software Engineering Challenges of Cloud Computing, pp. 44–52. IEEE Computer Society, Canada (2009)
Liu, Y., Sun, Y., Ryoo, J., Rizvi, S., Vasilakos, A.V.: A survey of security and privacy challenges in cloud computing: solutions and future directions. J. Comput. Sci. Eng. 9(3), 119–133 (2015)
Takabi, H., Joshi, J.B., Ahn, G.J.: Security and privacy challenges in cloud computing environments. IEEE Secur. Priv. 8(6), 24–31 (2010)
Toch, E., Wang, Y., Cranor, L.F.: Personalization and privacy: a survey of privacy risks and remedies in personalization-based systems. User Model. User-Adap. Inter. 22(1–2), 203–220 (2012)
Lahlou, S.: Identity, social status, privacy and face-keeping in digital society. Soc. Sci. Inform. 47(3), 299–330 (2008)
Solove, D.J.: Understanding Privacy. Harvard University Press, Cambridge (2008)
Acquisti, A., Brandimarte, L., Loewenstein, G.: Privacy and human behavior in the age of information. Science 347(6221), 509–514 (2015)
Nissim, K., Wood, A.: Is privacy privacy?. Philos. Trans. Roy. Soc. A: Math. Phys. Eng. Sci. 376(2128) (2018)
Bennaceur, A., et al.: Feed me, feed me: an exemplar for engineering adaptive software. In: Proceedings of 11th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, pp. 89–95. ACM, Texas (2016)
Cerf, V.G: Prospects for the internet of things. XRDS: crossroads. The ACM Mag. Stud. 22(2), 28–31 (2015)
Poslad, S., Hamdi, M., Abie, H.: Adaptive security and privacy management for the internet of things. In: Proceedings of International Joint Conference on Pervasive and Ubiquitous Computing, pp. 373–378. ACM, Switzerland (2013)
Schaub, F., Könings, B., Dietzel, S., Weber, M., Kargl, F.: Privacy context model for dynamic privacy adaptation in ubiquitous computing. In: Proceedings of the 2012 ACM Conference on Ubiquitous Computing, UbiComp, pp. 752–757. ACM, Pittsburgh (2012)
Schaub, F., Könings, B., Weber, M.: Context-adaptive privacy: leveraging context aware-ness to support privacy decision making. IEEE Pervasive Comput. 14(1), 34–43 (2015)
Phan, N., Wu, X., Hu, H., Dou, D.: Adaptive laplace mechanism: differential privacy preservation in deep learning. In: International Conference on Data Mining, pp. 385–394. IEEE, New Orleans, USA (2017)
Schaub, F., et al.: PriCal: context-adaptive privacy in ambient calendar displays. In: International Joint Conference on Pervasive and Ubiquitous Computing, pp. 499–510. ACM, USA (2014)
Pallapa, G., et al.: Adaptive and context-aware privacy preservation exploiting user interactions in smart environments. Pervasive Mob. Comput. 12, 232–243 (2014)
Agir, B., Papaioannou, T.G., Narendula, R., Aberer, K., Hubaux, J.-P.: User-side adaptive protection of location privacy in participatory sensing. GeoInformatica 18(1), 165–191 (2013). https://doi.org/10.1007/s10707-013-0193-z
Kumar, R., Naik, M.V.: Adaptive privacy policy prediction system for user-uploaded images on content sharing sites. Int. Res. J. Eng. Technol. 5(7), 148–154 (2018)
Calikli, G., et al.: Privacy dynamics: learning privacy norms for social software. In: Proceedings of 11th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, pp. 47–56. ACM, Texas (2016)
Hoang, L.N., Jung, J.J.: Privacy-aware framework for matching online social identities in multiple social networking services. Cybern. Syst. 46(1–2), 69–83 (2015)
Bilogrevic, I., Huguenin, K., Agir, B., Jadliwala, M., Hubaux, J.P.: Adaptive information-sharing for privacy-aware mobile social networks. In: Proceedings of International Joint Conference on Pervasive and Ubiquitous Computing, pp. 657–666. ACM, Switzerland (2013)
Stutzman, F., Vitak, J., Ellison, N. B., Gray, R., Lampe, C.: Privacy in interaction: exploring disclosure and social capital in facebook. In: Proceedings of 6th Annual International Conference on Weblogs and Social Media, pp. 330–337. AAAI Publications, Ireland (2012)
Patkos, T., et al.: Privacy-by-norms privacy expectations in online interactions. In: Proceedings of 2015 IEEE International Conference on Self-Adaptive and Self-Organizing Systems Workshops, pp. 1–6. IEEE Computer Science, USA (2015)
Shane-Simpson, C., Manago, A., Gaggi, N., Gillespie-Lynch, K.: Why do college students prefer Facebook, Twitter, or Instagram? Site affordances, tensions between privacy and self-expression, and implications for social capital. Comput. Hum. Behav. 86, 276–288 (2018)
Shafie, L., Nayan, S., Osman, N.: Constructing identity through Facebook profiles: online identity and visual impression management of university students in Malaysia. Soc. Behav. Sci. 65, 134–140 (2012)
Hogg, M., Abrams, D., Brewer, M.: Social identity: the role of self in group processes and intergroup relations. Group Processes Intergroup Relat. 20(5), 570–581 (2017)
Kramer, R.M.: Social identity and social capital: the collective self at work. Int. Public Manage. J. 9(1), 25–45 (2006)
Wessels, B.: Identification and the practices of identity and privacy in everyday digital communication. New Media Soc. 14(8), 1251–1268 (2012)
Hadar, I., et al.: Privacy by designers: software developers’ privacy mindset. Empirical Softw. Eng. 23(1), 259–289 (2017). https://doi.org/10.1007/s10664-017-9517-1
Kalloniatis, C.: Increasing internet users trust in the cloud computing era: the role of privacy. J. Mass Commun. J. 6(3) (2016)
Kalloniatis, C.: Incorporating privacy in the design of cloud-based systems: a conceptual meta-model. Inform. Comput. Secur. 25(5), 614–633 (2017)
Kalloniatis, C., Mouratidis, H., Vassilis, M., Islam, S., Gritzalis, S., Kavakli, E.: Towards the design of secure and privacy-oriented information systems in the cloud: identifying the major concepts. Comput. Stand. Interfaces 36(4), 759–775 (2014)
Islam, S., Mouratidis, H., Weippl, E.R.: A goal-driven risk management approach to support security and privacy analysis of cloud-based system. In: Security Engineering for Cloud Computing: Approaches and Tools, pp. 97–122. IGI Global (2013)
Poisel, R., Tjoa, S.: Discussion on the challenges and opportunities of cloud forensics. In: Quirchmayr, G., Basl, J., You, I., Xu, L., Weippl, E. (eds.) CD-ARES 2012. LNCS, vol. 7465, pp. 593–608. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32498-7_45
Romanou, A.: The necessity of the implementation of privacy by design in sectors where data protection concerns arise. Comput. Law Secur. Rev. 34(1), 99–110 (2018)
Notario, N., et al.: PRIPARE: Integrating privacy best practices into a privacy engineering methodology. In: Proceedings of the Security and Privacy Workshops,, pp. 151–158. ACM, California (2015)
Pattakou, A., Mavroeidi, A.G., Diamantopoulou, V., Kalloniatis, C., Gritzalis, S.: Towards the design of usable privacy by design methodologies. In: Proceedings of the 5th International Workshop on Evolving Security & Privacy Requirements Engineering, pp. 1–8. IEEE, Canada (2018)
Li, T., Horkoff, J., Mylopoulos, J.: Holistic security requirements analysis for socio-technical systems. Softw. Syst. Model. 17(4), 1253–1285 (2016). https://doi.org/10.1007/s10270-016-0560-y
Anthonysamy, P., Rashid, A., Chitchyan, R.: Privacy requirements: present & future. In: Proceedings of the 39th International Conference on Software Engineering: Software Engineering in Society Track, pp 13–22. IEEE Press, Piscataway (2017)
Hassan, M.U., Rehmani, M.H., Chen, J.: Differential privacy techniques for cyber physical systems: a survey. IEEE Commun. Surv. Tutorials 22(1), 746–789 (2020)
Acknowledgments
This research is co-financed by Greece and the European Union (European Social Fund- ESF) through the Operational Programme “Human Resources Development, Education and Lifelong Learning 2014-2020” in the context of the project “Adaptive Privacy-aware Cloud-based Systems: Socio-technical requirements” (MIS:5047231)”.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Kitsiou, A., Tzortzaki, E., Kalloniatis, C., Gritzalis, S. (2020). Self Adaptive Privacy in Cloud Computing Environments: Identifying the Major Socio-Technical Concepts. In: Katsikas, S., et al. Computer Security. CyberICPS SECPRE ADIoT 2020 2020 2020. Lecture Notes in Computer Science(), vol 12501. Springer, Cham. https://doi.org/10.1007/978-3-030-64330-0_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-64330-0_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-64329-4
Online ISBN: 978-3-030-64330-0
eBook Packages: Computer ScienceComputer Science (R0)