Václav Jirovský

Department of Security Technologies and Engineering

Faculty of Transportation Sciences

Czech Technical University in Prague

Czech Republic

© VJJ ETSI Human factors in ICT 2014 2

Safety

Security

Technology

© VJJ ETSI Human factors in ICT 2014 3

Security

Privacy

ReliabilityTechnology

• SECURITY– set of measures leading to human survival in a

system that is located in a hostile environment, under the influence of external forces

– when considering of security, there must be external – when considering of security, there must be external force primarily applied

• PRIVACY– ability to selectively revealing himself to the

environment

– ability to control the availability of information about themselves and their mediation into the environment

© VJJ ETSI Human factors in ICT 2014 4

Oth

e

© VJJ ETSI Human factors in ICT 2014 5

er S

erv

ice

s P

ro

vid

ed

Hig

h

Internet impact

© VJJ ETSI Human factors in ICT 2014 6

Semantic of the

information

Low

Internet impact

• is the great equalizer ... flatters the world• open-source flatteners

– open source software (e.g. Appache)– blogs– wiki– outsourcing, offshoring, insourcing– supply chaining

• changes our language

Let us build a global community in which the

people of neighboring countries view each

other not as potential enemies, but as potential

partners, as members of the same family in the • changes our language

– abbreviates complete sentence (like AA 635 @ 7:42 PM DFW)– joke in a chat room to response LOL or ROFL– etc.

• influences the market and globalization• creates „wisdom of the crowd“ instead of expertize • leading towards a more homogenous culture and society• controls the society, e.g. global enterprises and governments

cooperation

© VJJ ETSI Human factors in ICT 2014 7

other not as potential enemies, but as potential

partners, as members of the same family in the

vast, increasingly interconnected human family.

(Al Gore)

• gets addicted to the IT– according to research, one third higher than dependency on

heroin

• core symptoms– continuous thought of being on the net– decreased level of self-control– the escape from cruel reality

decreased level of self-control– the escape from cruel reality

• no need for compromises• simple, understandable world – for the price of total absorption of its

personality

• dependency supported by compulsory use of computer application while working

• cannot live without IT and Internet– continuously increase revealing private information into

Internet e.g. social network

© VJJ ETSI Human factors in ICT 2014 8

• the amount private information existing along the Internet is increasing every day ...

• user does not classify the value of the private information– usually user decreases value of its privacy

• Why do we seem to value privacy so little? • Why do we seem to value privacy so little? – in part, it’s because user are told to– Facebook and other social network has more than once

overridden its users’ privacy preferences, replacing them with new default settings

• with more technology entering the everyday life, users are push to release more and more private info

• with new IT services and Internet, the privacy, as we know it, will have to be completely redefined (IoT)

© VJJ ETSI Human factors in ICT 2014 9

• private information is less valuable to user than to the firms that siphon it out– they turn it into value

• rise of electronic communication leads to increase of collecting and using the private informationcollecting and using the private information– Echelon, FAPSI– web banners etc.

• even trends to protect privacy are manifested, the „train goes on“– Data Protection Directive 95/46/EC replaced by General

Data Protection Regulation (GDPR)• EU proposal would "break the internet“ - Eric Schmidt,

chairman of Google (Davos)

© VJJ ETSI Human factors in ICT 2014 10

• User itself

• Service provider

• Service Charger

• Hacker

... to securityExample when attacker

• acquire knowledge of sample of

population

• gets knowledge of target system• Hacker

• Communication Provider

• Other Enterprise

• Government or NGO

• Foreign Power

© VJJ ETSI Human factors in ICT 2014 11

... to privacy

• gets knowledge of target system

• is able to manipulate perception

of users

• RUSSIA 2008• attacker posted false report at several internet forums

mostly used by population in the area – „There are ongoing radioactive emissions from Leningrad

Nuclear Power Plant“

• at the same time DoS attack done to ASKRO system• at the same time DoS attack done to ASKRO system– information on environment are not accessible

• confirmed by forged emails from know addresses• consequences

– evacuation of local residents is planned– panic and chaos in region– dozens people overdosed by iodine in panic

• similar attack in 2007 (Volgodonsk Nuclear Power Plant)

© VJJ ETSI Human factors in ICT 2014 12

• all users are “experts”– wiki– buzzwords– cut & paste

• dismissing of the expertizeHow to present the “big data”

information to very diverse • dismissing of the expertize

– expert opinion is less weighted

• users can be easily manipulated– knowledge of behavior and habits– knowledge of personal information– trust to “democratic media”

• lost of personality of the user• population (community) management

© VJJ ETSI Human factors in ICT 2014 13

information to very diverse

community of users?

Thank you

© VJJ ETSI Human factors in ICT 2014 14

jirovsky@fd.cvut.cz