Publications tagged with Privacy
Published:
Publications tagged with "Privacy"
- DetailsCampanile, L., Di Bonito, L. P., Marulli, F., Balzanella, A., & Verde, R. (2026). Toward Privacy-Aware Environmental Monitoring of CO2 and Air Pollutants in Southern Italy [Conference paper]. Lecture Notes in Computer Science, 15893 LNCS, 317–333. https://doi.org/10.1007/978-3-031-97645-2_21
Abstract
The increasing levels of CO2 and air pollutants represent a major challenge to environmental sustainability and public health, particularly in regions characterized by complex geographic and socio-economic dynamics. This work proposes a study focused on the Southern Italy regions, where environmental vulnerabilities are displayed, along with a limited availability of high-granularity data. The main aim of this work is to build and provide a comprehensive and detailed dataset tailored to the region’s unique needs, by leveraging datasets from EDGAR for greenhouse gases and air pollutants, integrated with demographic and territorial morphology data from ISTAT. The creation of composite indicators to monitor trends in emissions and pollution on a fine spatial scale is supported by the data set. These indicators enable initial insight into spatial disparities in pollutant concentrations, offering valuable data to inform targeted policy interventions. The work provided a foundation for next analytical studies, integrating different datasets and highlighting the potential for complex spatiotemporal analysis. The study provides a robust dataset and preliminary insights, enhancing the understanding of environmental dynamics in Southern Italy. Subsequent efforts will focus on extending this methodology to more extensive geographic contexts and incorporating real-time data for adaptive monitoring. The proposed framework also lays the groundwork for privacy-aware environmental monitoring solutions, enabling future integration with edge and IoT-based architectures while addressing privacy and data protection concerns. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2026. - DetailsCampanile, L., Iacono, M., Mastroianni, M., Riccio, C., & Viscardi, B. (2026). A TOPSIS-Based Approach to Evaluate Alternative Solutions for GDPR-Compliant Smart-City Services Implementation [Conference paper]. Lecture Notes in Computer Science, 15893 LNCS, 303–316. https://doi.org/10.1007/978-3-031-97645-2_20
Abstract
Adapting or designing a system which operates on personal data in EU is impacted by the privacy-by-design and privacy-by-default principles because of the prescriptions of the GDPR. In this paper we propose an approach to decision making which is based on TOPSIS (Technique for Order Preference by Similarity to Ideal Solution). The approach is applied to a GDPR system compliance design process, based on a case study about system performance evaluation by means of queuing networks, but is absolutely general with respect to analogous problems, in which cost issues should be balanced with technical performances and risk exposure. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2026. - DetailsBarzegar, A., Campanile, L., Marrone, S., Marulli, F., Verde, L., & Mastroianni, M. (2024). Fuzzy-based Severity Evaluation in Privacy Problems: An Application to Healthcare [Conference paper]. Proceedings - 2024 19th European Dependable Computing Conference, EDCC 2024, 147–154. https://doi.org/10.1109/EDCC61798.2024.00037
Abstract
The growing diffusion of smart pervasive applications is starting to mine personal privacy: from Internet of Things to Machine Learning, the opportunities for privacy loss are many. As for other concerns involving people and goods as financial, safety and security, researchers and practitioners have defined in time different risk assessment procedures to have repeatable and accurate ways of detecting, quantifying and managing the (possible) source of privacy loss. This paper defines a methodology to deal with privacy risk assessment, overcoming the traditional dichotomy between qualitative (easy to apply) and quantitative (accurate) approaches. The present paper introduces an approach based on fuzzy logic, able to conjugate the benefits of both techniques. The feasibility of the proposed methodology is demonstrated using a healthcare case study. © 2024 IEEE. - DetailsCampanile, L., Iacono, M., & Mastroianni, M. (2022). Towards privacy-aware software design in small and medium enterprises. Proceedings of the 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022. https://doi.org/10.1109/DASC/PiCom/CBDCom/Cy55231.2022.9927958
Abstract
The legal definition of privacy regulations, like GDPR in the European Union, significantly impacted on the way in which software, systems and organizations should be designed or maintained to be compliant to rules. While the privacy community stated proper risk assessment and mitigation approaches to be applied, literature seems to suggest that the software engineering community, with special reference to companies, did actually concentrate on the specification phase, with less attention for the test phase of products. In coherence with the privacy-by-design approach, we believe that a bigger methodological effort must be put in the systematic adaptation of software development cycles to privacy regulations, and that this effort might be promoted in the industrial community by focusing on the relation between organizational costs vs technical features, also leveraging the benefits of targeted testing as a mean to lower operational privacy enforcement costs. © 2022 IEEE. - DetailsCampanile, L., Forgione, F., Mastroianni, M., Palmiero, G., & Sanghez, C. (2022). Evaluating the Impact of Data Anonymization in a Machine Learning Application [Conference paper]. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 13380 LNCS, 389–400. https://doi.org/10.1007/978-3-031-10542-5_27
Abstract
The data protection impact assessment is used to verify the necessity, proportionality and risks of data processing. Our work is based on the data processed by the technical support of a Wireless Service Provider. The team of WISP tech support uses a machine learning system to predict failures. The goal of our the experiments was to evaluate the DPIA with personal data and without personal data. In fact, in a first scenario, the experiments were conducted using a machine learning application powered by non-anonymous personal data. Instead in the second scenario, the data was anonymized before feeding the machine learning system. In this article we evaluate how much the Data Protection Impact Assessment changes when moving from a scenario with raw data to a scenario with anonymized data. © 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG. - DetailsCampanile, L., de Biase, M. S., Marrone, S., Marulli, F., Raimondo, M., & Verde, L. (2022). Sensitive Information Detection Adopting Named Entity Recognition: A Proposed Methodology [Conference paper]. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 13380 LNCS, 377–388. https://doi.org/10.1007/978-3-031-10542-5_26
Abstract
Protecting and safeguarding privacy has become increasingly important, especially in recent years. The increasing possibilities of acquiring and sharing personal information and data through digital devices and platforms, such as apps or social networks, have increased the risks of privacy breaches. In order to effectively respect and guarantee the privacy and protection of sensitive information, it is necessary to develop mechanisms capable of providing such guarantees automatically and reliably. In this paper we propose a methodology able to automatically recognize sensitive data. A Named Entity Recognition was used to identify appropriate entities. An improvement in the recognition of these entities is achieved by evaluating the words contained in an appropriate context window by assessing their similarity to words in a domain taxonomy. This, in fact, makes it possible to refine the labels of the recognized categories using a generic Named Entity Recognition. A preliminary evaluation of the reliability of the proposed approach was performed. In detail, texts of juridical documents written in Italian were analyzed. © 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG. - DetailsBarbierato, E., Campanile, L., Gribaudo, M., Iacono, M., Mastroianni, M., & Nacchia, S. (2021). Performance evaluation for the design of a hybrid cloud based distance synchronous and asynchronous learning architecture [Article]. Simulation Modelling Practice and Theory, 109. https://doi.org/10.1016/j.simpat.2021.102303
Abstract
The COVID-19 emergency suddenly obliged schools and universities around the world to deliver on-line lectures and services. While the urgency of response resulted in a fast and massive adoption of standard, public on-line platforms, generally owned by big players in the digital services market, this does not sufficiently take into account privacy-related and security-related issues and potential legal problems about the legitimate exploitation of the intellectual rights about contents. However, the experience brought to attention a vast set of issues, which have been addressed by implementing these services by means of private platforms. This work presents a modeling and evaluation framework, defined on a set of high-level, management-oriented parameters and based on a Vectorial Auto Regressive Fractional (Integrated) Moving Average based approach, to support the design of distance learning architectures. The purpose of this framework is to help decision makers to evaluate the requirements and the costs of hybrid cloud technology solutions. Furthermore, it aims at providing a coarse grain reference organization integrating low-cost, long-term storage management services to implement a viable and accessible history feature for all materials. The proposed solution has been designed bearing in mind the ecosystem of Italian universities. A realistic case study has been shaped on the needs of an important, generalist, polycentric Italian university, where some of the authors of this paper work. © 2021 Elsevier B.V. - DetailsCampanile, L., Iacono, M., Marulli, F., & Mastroianni, M. (2021). Designing a GDPR compliant blockchain-based IoV distributed information tracking system [Article]. Information Processing and Management, 58(3). https://doi.org/10.1016/j.ipm.2021.102511
Abstract
Blockchain technologies and distributed ledgers enable the design and implementation of trustable data logging systems that can be used by multiple parties to produce a non-repudiable database. The case of Internet of Vehicles may greatly benefit of such a possibility to track the chain of responsibility in case of accidents or damages due to bad or omitted maintenance, improving the safety of circulation and helping granting a correct handling of related legal issues. However, there are privacy issues that have to be considered, as tracked information potentially include data about private persons (position, personal habits), commercially relevant information (state of the fleet of a company, freight movement and related planning, logistic strategies), or even more critical knowledge (e.g., considering vehicles belonging to police, public authorities, governments or officers in sensible positions). In the European Union, all this information is covered by the General Data Protection Regulation (GDPR). In this paper we propose a reference model for a system that manages relevant information to show how blockchain can support GDPR compliant solutions for Internet of Vehicles, taking as a reference an integrated scenario based on Italy, and analyze a subset of its use cases to show its viability with reference to privacy issues. © 2021 Elsevier Ltd - DetailsCampanile, L., Cantiello, P., Iacono, M., Marulli, F., & Mastroianni, M. (2021). Risk Analysis of a GDPR-Compliant Deletion Technique for Consortium Blockchains Based on Pseudonymization [Conference paper]. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 12956 LNCS, 3–14. https://doi.org/10.1007/978-3-030-87010-2_1
Abstract
Blockchains provide a valid and profitable support for the implementation of trustable and secure distributed ledgers, in support to groups of subjects that are potentially competitors in conflict of interest but need to share progressive information recording processes. Blockchains prevent data stored in blocks from being altered or deleted, but there are situations in which stored information must be deleted or made inaccessible on request or periodically, such as the ones in which GDPR is applicable. In this paper we present literature solutions and design an implementation in the context of a traffic management system for the Internet of Vehicles based on the Pseudonymization/Cryptography solution, evaluating its viability, its GDPR compliance and its level of risk. © 2021, Springer Nature Switzerland AG. - DetailsCampanile, L., Iacono, M., Levis, A. H., Marulli, F., & Mastroianni, M. (2021). Privacy regulations, smart roads, blockchain, and liability insurance: Putting technologies to work [Article]. IEEE Security and Privacy, 19(1), 34–43. https://doi.org/10.1109/MSEC.2020.3012059
Abstract
Smart streets promise widely available traffic information to help improve people’s safety. Unfortunately, gathering that data may threaten privacy. We describe an architecture that exploits a blockchain and the Internet of Vehicles and show its compliance with the General Data Protection Regulation. © 2003-2012 IEEE. - DetailsCampanile, L., Iacono, M., Marulli, F., & Mastroianni, M. (2020). Privacy regulations challenges on data-centric and iot systems: A case study for smart vehicles [Conference paper]. IoTBDS 2020 - Proceedings of the 5th International Conference on Internet of Things, Big Data and Security, 507–520. https://www.scopus.com/inward/record.uri?eid=2-s2.0-85089476036&partnerID=40&md5=c18dd73c221ec312a330521bf03d332e
Abstract
Internet of Things (IoTs) services and data-centric systems allow smart and efficient information exchanging. Anyway, even if existing IoTs and cyber security architectures are enforcing, they are still vulnerable to security issues, as unauthorized access, data breaches, intrusions. They can’t provide yet sufficiently robust and secure solutions to be applied in a straightforward way, both for ensuring privacy preservation and trustworthiness of transmitted data, evenly preventing from its fraudulent and unauthorized usage. Such data potentially include critical information about persons’ privacy (locations, visited places, behaviors, goods, anagraphic data and health conditions). So, novel approaches for IoTs and data-centric security are needed. In this work, we address IoTs systems security problem focusing on the privacy preserving issue. Indeed, after the European Union introduced the General Data Protection Regulation (GDPR), privacy data protection is a mandatory requirement for systems producing and managing sensible users’ data. Starting from a case study for the Internet of Vehicles (IoVs), we performed a pilot study and DPIA assessment to analyze possible mitigation strategies for improving the compliance of IoTs based systems to GDPR requirements. Our preliminary results evidenced that the introduction of blockchains in IoTs systems architectures can improve significantly the compliance to privacy regulations. Copyright © 2020 by SCITEPRESS - Science and Technology Publications, Lda. All rights reserved.