Printer Friendly

Information Protection - A Comparative Analysis of Popular Models.

1. INTRODUCTION

Sensitive information is an information that must be protected against unnecessary disclosure and it should be safeguarded Sensitive information may be any data such as biometric data, medical information, personally identifiable financial information and unique identifiers such as passport or social security number that can be traced back to an individual and if such information is disclosed, it could result in harm to that person. In case of business, sensitive information includes anything that poses a risk to the company in question if discovered by a competitor or the general public. Such information includes trade secrets, acquisition plans, financial data and supplier and customer information, among other possibilities. With the increasing of businesses, methods of protecting such as metadata management and document sanitization corporate information from unauthorized access are being integral to corporate security (Martin, Ben, & John, 2001).

Sensitive information sharing is an imperative part of communication and cognition. In some situations, protection of sensitive information may be required for legal or ethical reasons for issues pertaining to personal privacy or for proprietary considerations. Information sensitivity is the control of access to information or knowledge that might result in loss of an advantage or level of security if disclosed to others. Loss, misuse, modification or unauthorized access to sensitive information can adversely affect the privacy or welfare of an individual, trade secrets of a business or even the security and international relations of a nation depending on the level of sensitivity and nature of the information (Izuma, 2013). Threats to such sensitive information not only as identity theft but also disclosure of personal information that the individual would prefer remained private. Security is a condition that is perceived or confirmed to protect an individual or an organization's previous data from threats. These threats may be in the form of intruders, disasters or terrorism. Cognitive theory differentiates the concept of human nature on the basis of their motivations and changing of their behavior.

In cognitive theory, human capabilities can play an important role to acquire new skills and knowledge for understanding the behavior of an agent [3].

In the cognitive agent, Artificial Intelligence (AI), provides the human-like capabilities such as ability to think, learn by experience, doubt, act, see and speak to the computer accessories. AI can also help to solve different problems in many fields such as economy, commerce and educational institutions [4]. In neuroscience, neural correlates of mind are responsible to identify the processes that are related to the past experiences such as will, agency etc. Neuroscience may also be used to infer the people's mental state as well as the pre-dispositions to particular behavior [5].

A. Privacy

Privacy is a state of keeping control over who knows or does not know about the private information. A user's secrets are protected by his right to be in a state, where others are not actively trying to determine his secrets. We all have an option to kept personal information private, keeping it private from some people or in specific situation, does not mean we are keeping it secured. Continuing to maintain too much privacy in a close relationship, however, does send message about trust which eventually impacts the closeness of the relationship [6].

B. Secrecy

Secret information involves information relevant to your relationship to others. The reason to disclose a secret information is to affect the decisions or actions that may be taken by you as well as the others. Lack of disclosing the sensitive information is risky because actions might be change if the information is already known. To keep the sensitive information secret in a relationship is not only stressful to maintain but can be damage in various ways. There are many secrets such as alcoholism or abuses, which are required to keep secret from others [7].

C. Hypothesis

A cognitive information protection agent is proposed to overcome the cognition problem of Lord's model and Hampshire's children trust model.

2. METHODOLOGY

In our proposed cognitive agent, perception, intention, motivation, emotions, phylogenetic and ontogenetic modules, Situatory responses influence each other bi-directionally. In this model, implicit and explicit learning are used to understand information patterns received from external environment about some events by comparing it with already existed patterns in the memory [8].

A. Lord's model

According to Lord's model, we must know already, how, when and to whom, we can share sensitive information. According to him, we must be open, honest to whom; we want to share sensitive information. We must also have trust on the others to whom we want to share sensitive information.

In case of sharing sensitive information, we need consent of other person to whom we want to share sensitive information and in this case, we must respect their wishes. But in some situations, where the importance is given to save the life of anybody or to protect any child which is at risk, we can share the sensitive information to others without their consent and in this case, we must keep the record of the information to be shared [9]. Before sharing sensitive information with anybody, we must ensure that the information is up-to-date and information is shared at the right time and information is to be shared with the desired person. We must also clear that what is the purpose of the information to be shared and how much the information is necessary to be shared. We must also keep the track of the information to be shared with others [10].

In some cases, when we want to share sensitive information to others, we must also keep in mind that the other person may not have expectation to receive such sensitive information. In this situation, we must ensure that after receiving sensitive information, the other person may not violate the information and may not harm anyone. In some cases, where there is a doubt to further sharing the sensitive information and effect of anybody, we must take an advice of any senior person who give guarantee of that person before sharing the information [11].

B. Hampshire's Child Trust Model

Hampshire's Child Trust Model contains two main factors i.e. need a consent of the other person to whom information is to be shared as well as we should have legal rights to share a sensitive information with others. According to the model, before sharing sensitive information, we must ensure that why it is necessary to share sensitive information and what is the aim behind to share sensitive information with others? According to the model, we must ensure that the information is up-to-date and share at a right time to the right person who desires it. If the person to whom information is to be shared, have no prior intimation about receiving a sensitive information, then before sharing a sensitive information with such person, we must ensure that he will not affect anybody after receiving the sensitive information [12].

C. Cognitive Agent Model

Cognitive information protection agent is based on four cognitive factors i.e. intention, perception, motivation and emotions. All these factors are communicated with each other to protect the sensitive information before sharing it to other agents in the system. Cognitive agent receives information patterns about some events occurred in the external environment through some medium, stores these information patterns for taking an action i.e. either to share or not share the information with others agents within the system [13].

If the cognitive agent will decide the share the information with another agent in the system, it will check whether the information patterns received from external environment, need any kind of learning or not. If it considers that these information patterns do not need any kind of learning then it will forward these information patterns to the learning controlling agent, otherwise, it will forward these information patterns for checking the motivation and emotions level for protecting sensitive information. If the motivation level is less than the emotions level, then the cognitive agent's behavior will be rational. On the other hand, if motivation level is greater than the emotions level then the agent's behavior will be disappointing and if the motivation level is equal to the emotions level then the agent's behavior will be normal [14] as shown in Table 1.

Where:

0 = No behavior

0.3 = Disappointment

0.5 = Normal behavior

1 = Rational behavior

On the basis of motivation and emotions level, it analyzes the trust and expectation level to the agent to whom it is required to share sensitive information. If the trust level is less than the expectation level then information will not be shared and if the trust level is higher than the expectation level, then it will share partially information to other agent and if the trust level is higher than the expectation level then it will share the complete information to other agent. Whereas, while looking at the trust and expectation, the security agent might distribute the sensitive information into four categories i.e. less sensitive less effective, less sensitive more effective, more sensitive less effective, more sensitive more effective. If the information is less sensitive less effective or less sensitive more effective, it will not share to other agent. In some situations, if the information is not so sensitive but the agent considers it to be a sensitive information and if such information is shared to other agent, there may be choice of violation of information. If the level of sensitivity of information is high, although the level of its effectiveness to others is less, such information will be shared definitely to other agent [15].

3. COMPARATIVE ANALYSIS

The comparative analysis shows the three models incorporated and compared for various dependence factors and their mode of action. From comparative analysis, we have found that the Lord's model contains all factors for sharing information to other modules in the system, but there is no need of legal rights to share a sensitive information as well as this model is not a cognitive model. Similarly, from Hampshire's Child Trust Model, we have found that there is required legal rights to share a sensitive information along with all others parameters but in this system, there is a lack of agency. At the end, from Cognitive agent's model, we have found that it contains all parameters of previous two models as well as cognitive correlates like human brain correlates such as intention, perception, emotions and motivation for sharing sensitive information to other agents in the system.

4. CONCLUSION

In this paper, a comparison of three models i.e. Lord's model, Hampshire's child trust model and Cognitive agent model is used to analyze the factors that are used to protect sensitive information before sharing to other persons or agents. From Lord's model, we have analyzed that to share sensitive information to another person; his consent is required, because without his consent, we cannot share any kind of information with him. But in some cases, there is a situation to save the life of a person, we can share a sensitive to another person without his consent. In the process, we ensure that the information is up-to-date and shares at right time to right person. In Hampshire's children trust model, we have analyzed that for sharing a sensitive information, we require the consent of the other person to whom we want to share a sensitive information as well as we should have legal rights to share a sensitive information. In some cases, where there is a situation to protect a child that is in danger, we can share a sensitive information to anybody without his consent, but in this case, we ensure that the other person to whom a sensitive information is to be shared, may not violate it and may not affect anybody. In cognitive information protection agent model, we have analyzed that the information patterns about some events occurred in the external environment are distributed into four categories i.e. less sensitive less effective, less sensitive more effective, more sensitive less effective and more sensitive more effective on the basis of motivation and emotions. Then, these information patterns are used for generating Situatory responses on the basis of trust and expectation that are used to facilitate the cognitive agent to make further decision wither to share or not share the information to the other agents. In this comparative study, we have found that the factors that are used in the Lord's model and Hampshire's child trust model are not cognitive factors, whereas the factors that are proposed in the cognitive information protection agent are cognitive factors that are used like human cognition factors.

REFERENCES

[1] S. Martin, G. Ben and P. John, "The cognitive neuroscience of sustained attention: where top-down meets bottom-up," Brain Research Reviews, pp. 146-160, 2001.

[2] K. Izuma, "The neural basis of social influence and attitude change," Current Opinin in Neurobiology, pp. 456-462, 2013.

[3] G. Ali, "Security and Privacy of Sensitive Data in Cloud Computing," 2016. [Online].

[4] G Alexander and M. Raul, "Advanced in Artificial Intelligence Applications," Center for Computing Research, 2005.

[5] F. Thomas, "Ethical issues in neuroscience," 2008.

[6] A. Acquisti, "Privacy and Secracy of Personal Information," 2004. [Online]. Available: http://www.heing.cmu.edu/~acquisti/papers/acquisti_cis_refs. Pdf.

[7] A. Gholami and E. Laure, "Security and Privacy of Sensitive Data in Clouding Computing," 2015. [Online]. Available: http://arxiv.org/1601.01498.

[8] W. Jeffrey, "A review of cognitive decision making within future mission systems," in 18th Interntional Conference on Knoweldge based and Intelligent Information and Engineering Systems, Poland, 2014.

[9] L. Lord, "Information Sharing: Advice for practitionerrs providing safegarding services to children,young people, parents and careers," HM Government, 2015.

[10] E. Cristofaro, Y. Lu and G. Tsudik, "Efficient techniques for privacy, preserving sharing of sensitive information," TRUST, 2011.

[11] H. Andrew, "Information Sharing," Safeguarding in Schools, London, 2015.

[12] C. C. Hampshire, "Hampshire's Childrens Trust: Information Sharing and Confidentiality Policy," May 2010. [Online].

[13] M. Zadelhoff, "Cognitive Security Helps Defend against Cybercrime," Security Intelligence, 2016.

[14] A. Gutnik, A. Farogh, A. Yeskewitz and V. Patel, "The role of emotion in decision making: A cognitive neuroeconomic approach towards understanding sexual risk behavior.," Biomedical Informatics, vol. 39, no. 6, pp. 720-736, 2006.

[15] I. Kruger and M. Evans, "Outcomes and Expectation in dilemmas of trust," Judgement and Decision Making, vol. 9, no. 2, pp. 90-103, 2014.

Shahid Naseem (1), Zeashan Hameed Khan (2) and Muhammad Irfan Abid (3)

(1) University of Sargodha, Lahore Campus, University Road, Azmir Town, Lahore, Pakistan

(2) Department of Electrical Engineering, Bahria University, E-8, Islamabad, Pakistan

(3) Department of Electrical Engineering, Riphah International University, Faisalabad Campus, Pakistan

Received 13 Dec. 2017, Revised 12 Feb. 2018, Accepted 9 Mar. 2018, Published 1 July 2018

E-mail: shahid.naseem@gmail.com,engrzee@gmail.com,mirfanabid@hotmail.com

Naseem, Ph.D. is working as Assistant Professor in the Department of Computer Sciences, University of Sargodha, Lahore Campus, Lahore, Pakistan. His area of interest is Information Security, Artificial Intelligence, and Artificial General Intelligence. He is currently serving as a senior member with International Engineering and Technology Institute, Vietnam.

Zeashan Hameed Khan, Ph.D. is affiliated with the Department of Electrical Engineering, Bahria University, Islamabad, Pakistan. His interests include computational intelligence, cyber physical systems and control of dynamical systems etc. He is an IEEE member.

Muhammad Irfan Abid, Ph.D. is with the Department of Electrical Engineering, Riphah International University, Faisalabad Campus, Faisalabad, Pakistan. He is currently working as the Head of Department.

http://dx.doi.org/10.12785/ijcds/070408
TABLE 1. BEHAVIOR OF COGNITIVE AGENT

No. of Rules Motivation Emotions Behavior

 1 0 0 0
 2 0 0.3 0.3
 3 0 0.5 0.3
 4 0 1 0.5
 5 0.3 0 0
 6 0.3 0.3 0.3
 7 0.3 0.5 0.3
 8 0.3 1 0.5
 9 0.5 0 0.3
 10 0.5 0.3 0.3
 11 0.5 0.5 0.5
 12 0.5 1 1
 13 1 0 0.3
 14 1 0.3 0.3
 15 1 0.5 0.5
 16 1 1 1

TABLE 1. COMPARATIVE ANALYSIS OF THREE MODEL'S FACTORS

Model Factors
 Open Honest Consent Seek Intention Perception
 Advice


Lord's Clear the purpose of
 ? ? ? x sharing information


 ? x ? ?


 ? ? ? x ,,


 ? ? ? x ,,
Hamp-
shire's
Child ? x ? ?
Trust
Model
 ? ? ? x ,,


 ? ? ? ?

 ,,
Cognitiv ? ? ? ?
e Agent

 ? ? ? ?


 ? ? ? ? ,,


Model
 Motivatio Emotion Legal Sensitivit Effectivene
 n s Right y ss
 s

Lord's
 x x x x x


 ? ? x ? ?


 ? ? x ? ?


 x x ? x x
Hamp-
shire's
Child ? ? ? ? ?
Trust
Model
 ? ? ? ? ?


 ? ? ? Less Less


Cognitiv ? ? ? Less More
e Agent

 ? ? ? More Less


 ? ? ? More More

Model Action




Lord's Not share
 information
 Share the
 information
 Share the
 information
 Not share
Hamp- information
shire's Share the
Child information
Trust Share the
Model information
 Not share
 information
 Not share
Cognitiv the information
e Agent Share the
 information
 Share the
 information
COPYRIGHT 2018 University of Bahrain, Deanship of Graduate Studies and Scientific Research
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2021 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Author:Naseem, Shahid; Khan, Zeashan Hameed; Abid, Muhammad Irfan
Publication:International Journal of Computing and Digital Systems
Article Type:Report
Date:Jul 1, 2018
Words:2969
Previous Article:Asymmetric Coding of Stereoscopic 3D Images with Perceptual Quality Control.
Next Article:Proposed Simulator Based on Developed Lightweight Authentication and Key Management Protocol for Wireless Sensor Network.
Topics:

Terms of use | Privacy policy | Copyright © 2022 Farlex, Inc. | Feedback | For webmasters |