IBM Journal of Research and Development

Volume 53 Issue 2 • March 2009

Filter Results

Displaying Results 1 - 11 of 11
  • Preface

    Publication Year: 2009, Page(s):1 - 2
    IEEE is not the copyright holder of this material | PDF file iconPDF (35 KB)
    Freely Available from IEEE
  • A technology perspective on worldwide privacy regulations

    Publication Year: 2009, Page(s):1:1 - 1:17
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (442 KB)

    In this paper we provide an overview of the worldwide privacy regulatory landscape from a technology perspective. We focus on data-centric definitions of personal information and then examine how these differ across different regulatory frameworks, such as the ones issued by the Organization for Economic Cooperation and Development, the European Union, the Asia Pacific Economic Cooperation, and th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Data-centric security: Integrating data privacy and data security

    Publication Year: 2009, Page(s):2:1 - 2:12
    Cited by:  Papers (4)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (854 KB)

    Classifying data according to its permissible use, appropriate handling, and business value is critical for data privacy and security protection. This is essential for compliance with the constantly evolving regulatory landscape concerning protected data. Problems arise when users compromise data privacy and security by overlooking the critical need to manage data according to these requirements. ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Analysis of privacy and security policies

    Publication Year: 2009, Page(s):3:1 - 3:18
    Cited by:  Papers (6)  |  Patents (1)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (342 KB)

    The distributed nature of the environment in which privacy and security policies operate requires tools that help enforce consistency of policy rules across different domains. Furthermore, because changes to policy rules are required as policies evolve over time, such tools can be used by policy administrators to ensure the consistency of policy changes. In this paper, we describe a number of diff... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Policy framework for security and privacy management

    Publication Year: 2009, Page(s):4:1 - 4:14
    Cited by:  Papers (1)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (367 KB)

    Policies that address security and privacy are pervasive parts of both technical and social systems, and technology that enables both organizations and individuals to create and manage such policies is a critical need in information technology (IT). This paper describes the notion of end-to-end policy management and advances a framework that can be useful in understanding the commonality in IT sec... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Privacy is essential for secure mobile devices

    Publication Year: 2009, Page(s):5:1 - 5:17
    Cited by:  Papers (1)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (343 KB)

    This paper contradicts the commonly held view that privacy and security of data must sometimes be sacrificed for the sake of national security. We demonstrate that for specific examples of real mobile devices, such as mobile phones, Wi-Fit®, electronic passports, and electronic government-employee ID cards, lack of sufficient attention to privacy actually harms the intended national securit... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Harmonizing privacy with security principles and practices

    Publication Year: 2009, Page(s):6:1 - 6:12
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (110 KB)

    During the development of a software system, the process of requirements elicitation gathers both functional requirements (i.e., what the system should do) and nonfunctional requirements (i.e., what the system should be). Computer science and software engineering education have traditionally addressed the former more than the latter, because it is easier to test that functional requirements have b... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A privacy-aware architecture for a Web rating system

    Publication Year: 2009, Page(s):7:1 - 7:16
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (2145 KB)

    Net Trust is a fraud-detection application that enhances security while protecting privacy. Net Trust identifies fraudulent Web sites by aggregating individual opinions, user-selected browsing histories, and third-party information. In this paper, we examine the security properties intrinsic to the implementation of the Net Trust ratings system. The ratings system protects against attacks by limit... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Privacy-value-control harmonization for RFID adoption in retail

    Publication Year: 2009, Page(s):8:1 - 8:14
    Cited by:  Papers (2)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (402 KB)

    Privacy concerns have, at least in part, impeded the adoption of radio frequency identification (RFID) in retail. The adoption of other automatic identification (auto-ID) applications shows that consumers often are willing to trade their privacy or their control of personal information against some value afforded by the application. In this paper, the interplay between privacy, value, and control ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Recovery scopes, recovery groups, and fine-grained recovery in enterprise storage controllers with multi-core processors

    Publication Year: 2009, Page(s):9:1 - 9:16
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (396 KB)

    In this paper we extend a previously published approach to error recovery in enterprise storage controllers with multi-core processors. Our approach first involves the partitioning of the set of tasks in the runtime of the controller software into clusters (recovery scopes) of dependent tasks. Then, these recovery scopes are mapped into a set of recovery groups, on which the scheduling of tasks, b... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Letter

    Publication Year: 2009, Page(s):1 - 2
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (65 KB)

    First Page of the Article
    View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.

Aims & Scope

Meet Our Editors

Editor-in-Chief
Rachel D'Annucci Henriquez
IBM T. J. Watson Research Center