in 2003, waters, felten and sahai introduced a novel cryptographic primitive called incomparable public key cryptosystem to protect anonymity of message receivers in an untrusted network. in this setting, a receiver is allowed to create many anonymous identities for himself without divulging the fact that all these identities refer to the same receiver. recently, lee and lim improved the soluti...

Security risk assessment identifies the threats to systems, while privacy risk assessment identifies data sensitivities in systems. The Security Quality Requirements Engineering (SQUARE) method is used to identify software security issues in the early stages of the development lifecycle. We propose combining the existing security risk assessment techniques in SQAURE with the Privacy Impact Asse...

Consumer disposition to the information quality of the website, trust, privacy concerns, reputation, security concerns, and the company’s reputation have strong effects on Internet consumers’ trust in the website. Major two critical problems for both e-commerce consumers and sites are privacy and security. Privacy is the control over one’s personal data whereas; security is the attempted access...

This essay reviews ethical aspects of computer and information security and privacy. After an introduction of ethical approaches to information technology , the focus is first on ethical aspects of computer security. These include the moral importance of computer security, the relation between computer security and national security, the morality of hacking and computer crime, the nature of cyb...

In this paper we examine a method for identifying privacy requirements within the context of a security requirements engineering method. We briefly describe the security quality requirements engineering (SQUARE) methodology. Next we discuss our definition of privacy and the associated privacy concerns. We discuss the challenges of privacy requirements engineering and the need for incorporating ...

Information security policies play an important role in achieving information security. Confidentiality, Integrity, and Availability are classic information security goals attained by enforcing appropriate security policies. Workflow Management Systems (WfMSs) also benefit from inclusion of these policies to maintain the security of business-critical data. However, in typical WfMSs these polici...