TY - GEN
T1 - Computer security for data collection technologies
AU - Cobb, Camille
AU - Sudar, Samuel
AU - Reiter, Nicholas
AU - Anderson, Richard
AU - Roesner, Franziska
AU - Kohno, Tadayoshi
N1 - Funding Information:
The authors thank the survey and interview respondents that made this work possible. The authors also thank Yaw Anokwa, Waylon Brunette, and Carl Hartung for sharing their ODK expertise, and Waylon Brunette, Carl Hartung, Kiron Lebeck, Adam Lerner, Lucy Simko, and Anna Ko- rnfeld Simpson for reading drafts of this paper and provid- ing feedback. This work was supported in part by NSF Grant CNS-0846065, NSF Grant CNS-1513575, the Bill and Melinda Gates Foundation, the Short-Dooley Professorship, and Google Research.
Publisher Copyright:
© Copyright 2016 ACM.
PY - 2016/6/3
Y1 - 2016/6/3
N2 - Many organizations in the developing world (e.g., NGOs), include digital data collection in their workow. Data collected can include information that may be considered sensitive, such as medical or socioeconomic data, and which could be affected by computer security attacks or uninten- Tional mishandling. The attitudes and practices of organi- zations collecting data have implications for confidentiality, availability, and integrity of data. This work, a collaboration between computer security and ICTD researchers, explores security and privacy attitudes, practices, and needs within organizations that use Open Data Kit (ODK), a prominent digital data collection platform. We conduct a detailed threat modeling exercise to inform our view on potential se- curity threats, and then conduct and analyze a survey and interviews with technology experts in these organizations to ground this analysis in real deployment experiences. We then reect upon our results, drawing lessons for both organizations collecting data and for tool developers.
AB - Many organizations in the developing world (e.g., NGOs), include digital data collection in their workow. Data collected can include information that may be considered sensitive, such as medical or socioeconomic data, and which could be affected by computer security attacks or uninten- Tional mishandling. The attitudes and practices of organi- zations collecting data have implications for confidentiality, availability, and integrity of data. This work, a collaboration between computer security and ICTD researchers, explores security and privacy attitudes, practices, and needs within organizations that use Open Data Kit (ODK), a prominent digital data collection platform. We conduct a detailed threat modeling exercise to inform our view on potential se- curity threats, and then conduct and analyze a survey and interviews with technology experts in these organizations to ground this analysis in real deployment experiences. We then reect upon our results, drawing lessons for both organizations collecting data and for tool developers.
KW - Data collection
KW - ICTD
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=84977142668&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84977142668&partnerID=8YFLogxK
U2 - 10.1145/2909609.2909660
DO - 10.1145/2909609.2909660
M3 - Conference contribution
AN - SCOPUS:84977142668
T3 - ACM International Conference Proceeding Series
BT - Proceedings of the 8th International Conference on Information and Communication Technologies and Development, ICTD 2016
PB - Association for Computing Machinery
T2 - 8th International Conference on Information and Communication Technologies and Development, ICTD 2016
Y2 - 3 June 2016 through 6 June 2016
ER -