Dissertations / Theses on the topic 'Privacy Calculus'

The aim of this research was to identify the role of brand reputation in encouraging consumer willingness to provide personal data online, for the benefits of personalisation. This study extends on Malhotra, Kim and Agarwal’s (2004) Internet Users Information Privacy Concerns Model, and uses the theoretical underpinning of Social Contract Theory to assess how brand reputation moderates the relationship between trusting beliefs and perceived value (Privacy Calculus framework) with willingness to give personal information. The research is highly relevant as most privacy research undertaken to date focuses on consumer related concerns. Very little research exists examining the role of brand reputation and online privacy. Practical implications of this research include gaining knowledge as to how to minimise online privacy concerns; improve brand reputation; and provide insight on how to reduce consumer resistance to the collection of personal information and encourage consumer opt-in.

Advances in information technology have amplified issues related to privacy and the disclosure of personal information. New technologies have enabled an explosion in the amount and variety of information created, stored, and potentially shared about people, and there has been a corresponding explosion in privacy-related concerns and conversations in academic and non-academic forums. This dissertation contributes to one such conversation, adding to our understanding of the mechanisms that shape individuals' privacy concerns in the context of disclosure of personal information. Individuals must overcome their information privacy concerns in order for personal information disclosure to take place, but the mechanisms surrounding this process are highly dependent on the context of disclosure. Accordingly, this research seeks to build understanding around the ways in which privacy concerns are mitigated or counterbalanced in three different disclosure contexts. Essay 1, positioned in the e-commerce context, contributes uniquely to an emerging stream of disclosure research that considers irrationality within the privacy disclosure decision process. Essay 2 is focused on a less frequently examined disclosure context - online social networks - and examines the tension between individuals' privacy concerns and their desire for social benefits and personal expression, focusing especially on the social network technology's ability to support impression management behavior. Finally, Essay 3 examines the mitigation of privacy concerns in the context of involuntary disclosure - increasingly common in the modern online environment - wherein the primary goal is to reduce concerns or anxiety regarding the information already disclosed. In comparing disclosure processes across these contexts, this research provides insights regarding consistencies and distinctions among the different domains. Insights gained, both within and across these contexts, are valuable to both privacy researchers and professional stakeholders.

The privacy paradox is a phenomenon whereby individuals continue to disclose their personal information, contrary to their claim of concerns for the privacy of their personal information. This study investigated the privacy paradox to better understand individuals' decisions to disclose or withhold their personal information. The study argued that individuals’ decisions are based on a cognitive disposition, which involves both rational and emotional mental processes. While the extended privacy calculus model was used as the theoretical basis for the study, the findings of cognitive neuroscience was applied to it to address its limitation in assuming individuals are purely rational decision-makers. Three within-subjects experiments were conducted whereby each subject participated in all three experiments as if it were one. Experiment 1 captured the neural correlates of mental processes involved in privacy-related decisions, while experiment 2 and 3 were factorial-design experiments used for testing the relationship of neural correlates in predicting privacy concerns and personal information disclosure. The findings of this study indicated that at least one neural correlate of every mental process involved in privacy-related decisions significantly influenced personal information disclosure, except for uncertainty. However, there were no significant relationships between mental processes and privacy concerns, except Brodmann’s Area 13, a neural correlate of distrust. This relationship, however, had a positive relationship with privacy concerns, opposite to what was hypothesized. Furthermore, interaction effects indicated that individuals put more emphasis on negative perceptions in privacy-related situations. This study contributed to the information privacy field by supporting the argument that individuals’ privacy-related decisions are both rational and emotional. Specifically, the privacy paradox cannot be explained through solely rational cost-benefit analysis or through an examination of individuals’ emotions alone.

[EN] Nowadays, online social networks (OSNs) have become a mainstream cultural phenomenon for millions of Internet users. Social networks are an ideal environment for generating all kinds of social benefits for users. Users share experiences, keep in touch with their family, friends and acquaintances, and earn economic benefits from the power of their influence (which is translated into new job opportunities). However, the use of social networks and the action of sharing information imply the loss of the users’ privacy. Recently, a great interest in protecting the privacy of users has emerged. This situation has been due to documented cases of regrets in users’ actions, company scandals produced by misuse of personal information, and the biases introduced by privacy mechanisms. Social network providers have included improvements in their systems to reduce users’ privacy risks; for example, restricting privacy policies by default, adding new privacy settings, and designing quick and easy shortcuts to configure user privacy settings. In the privacy researcher area, new advances are proposed to improve privacy mechanisms, most of them focused on automation, fine-grained systems, and the usage of features extracted from the user’s profile information and interactions to recommend the best privacy policy for the user. Despite these advances, many studies have shown that users’ concern for privacy does not match the decisions they ultimately make in social networks. This misalignment in the users’ behavior might be due to the complexity of the privacy concept itself. This drawback causes users to disregard privacy risks, or perceive them as temporarily distant. Another cause of users’ behavior misalignment might be due to the complexity of the privacy decision-making process. This is because users should consider all possible scenarios and the factors involved (e.g., the number of friends, the relationship type, the context of the information, etc.) to make an appropriate privacy decision. The main contributions of this thesis are the development of metrics to assess privacy risks, and the proposal of explainable privacy mechanisms (using the developed metrics) to assist and raise awareness among users during the privacy decision process. Based on the definition of the concept of privacy, the dimensions of information scope and information sensitivity have been considered in this thesis to assess privacy risks. For explainable privacy mechanisms, soft paternalism techniques and gamification elements that make use of the proposed metrics have been designed. These mechanisms have been integrated into the social network PESEDIA and evaluated in experiments with real users. PESEDIA is a social network developed in the framework of the Master’s thesis of the Ph.D. student [15], this thesis, and the national projects “Privacy in Social Educational Environments during Childhood and Adolescence” (TIN2014-55206- R) and “Intelligent Agents for Privacy Advice in Social Networks” (TIN2017-89156-R). The findings confirm the validity of the proposed metrics for computing the users’ scope and the sensitivity of social network publications. For the scope metric, the results also showed the possibility of estimating it through local and social centrality metrics for scenarios with limited information access. For the sensitivity metric, the results also remarked the users’ misalignment for some information types and the consensus for a majority of them. The usage of these metrics as part of messages about potential consequences of privacy policy choices and information sharing actions to users showed positive effects on users’ behavior regarding privacy. Furthermore, the findings of exploring the users’ trade-off between costs and benefits during disclosure actions of personal information showed significant relationships with the usual social circles (family members, friends, coworkers, and unknown users) and their properties. This allowed designing better privacy mechanisms that appropriately restrict access to information and reduce regrets. Finally, gamification elements applied to social networks and users’ privacy showed a positive effect on the users’ behavior towards privacy and safe practices in social networks.
[ES] En la actualidad, las redes sociales se han convertido en un fenómeno cultural dominante para millones de usuarios de Internet. Las redes sociales son un entorno ideal para la generación de todo tipo de beneficios sociales para los usuarios. Los usuarios comparten experiencias, mantienen el contacto con sus familiares, amigos y conocidos, y obtienen beneficios económicos gracias al poder de su influencia (lo que se traduce en nuevas oportunidades de trabajo). Sin embargo, el uso de las redes sociales y la acción de compartir información implica la perdida de la privacidad de los usuarios. Recientemente ha emergido un gran interés en proteger la privacidad de los usuarios. Esta situación se ha debido a los casos de arrepentimientos documentados en las acciones de los usuarios, escándalos empresariales producidos por usos indebidos de la información personal, y a los sesgos que introducen los mecanismos de privacidad. Los proveedores de redes sociales han incluido mejoras en sus sistemas para reducir los riesgos en privacidad de los usuarios; por ejemplo, restringiendo las políticas de privacidad por defecto, añadiendo nuevos elementos de configuración de la privacidad, y diseñando accesos fáciles y directos para configurar la privacidad de los usuarios. En el campo de la investigación de la privacidad, nuevos avances se proponen para mejorar los mecanismos de privacidad la mayoría centrados en la automatización, selección de grano fino, y uso de características extraídas de la información y sus interacciones para recomendar la mejor política de privacidad para el usuario. A pesar de estos avances, muchos estudios han demostrado que la preocupación de los usuarios por la privacidad no se corresponde con las decisiones que finalmente toman en las redes sociales. Este desajuste en el comportamiento de los usuarios podría deberse a la complejidad del propio concepto de privacidad. Este inconveniente hace que los usuarios ignoren los riesgos de privacidad, o los perciban como temporalmente distantes. Otra causa del desajuste en el comportamiento de los usuarios podría deberse a la complejidad del proceso de toma de decisiones sobre la privacidad. Esto se debe a que los usuarios deben considerar todos los escenarios posibles y los factores involucrados (por ejemplo, el número de amigos, el tipo de relación, el contexto de la información, etc.) para tomar una decisión apropiada sobre la privacidad. Las principales contribuciones de esta tesis son el desarrollo de métricas para evaluar los riesgos de privacidad, y la propuesta de mecanismos de privacidad explicables (haciendo uso de las métricas desarrolladas) para asistir y concienciar a los usuarios durante el proceso de decisión sobre la privacidad. Atendiendo a la definición del concepto de la privacidad, las dimensiones del alcance de la información y la sensibilidad de la información se han considerado en esta tesis para evaluar los riesgos de privacidad. En cuanto a los mecanismos de privacidad explicables, se han diseñado utilizando técnicas de paternalismo blando y elementos de gamificación que hacen uso de las métricas propuestas. Estos mecanismos se han integrado en la red social PESEDIA y evaluado en experimentos con usuarios reales. PESEDIA es una red social desarrollada en el marco de la tesina de Master del doctorando [15], esta tesis y los proyectos nacionales “Privacidad en Entornos Sociales Educativos durante la Infancia y la Adolescencia” (TIN2014-55206-R) y “Agentes inteligentes para asesorar en privacidad en redes sociales” (TIN2017-89156-R). Los resultados confirman la validez de las métricas propuestas para calcular el alcance de los usuarios y la sensibilidad de las publicaciones de las redes sociales. En cuanto a la métrica del alcance, los resultados también mostraron la posibilidad de estimarla mediante métricas de centralidad local y social para escenarios con acceso limitado a la información. En cuanto a la métrica de sensibilidad, los resultados también pusieron de manifiesto la falta de concordancia de los usuarios en el caso de algunos tipos de información y el consenso en el caso de la mayoría de ellos. El uso de estas métricas como parte de los mensajes sobre las posibles consecuencias de las opciones de política de privacidad y las acciones de intercambio de información a los usuarios mostró efectos positivos en el comportamiento de los usuarios con respecto a la privacidad. Además, los resultados de la exploración de la compensación de los usuarios entre los costos y los beneficios durante las acciones de divulgación de información personal mostraron relaciones significativas con los círculos sociales habituales (familiares, amigos, compañeros de trabajo y usuarios desconocidos) y sus propiedades. Esto permitió diseñar mejores mecanismos de privacidad que restringen adecuadamente el acceso a la información y reducen los arrepentimientos. Por último, los elementos de gamificación aplicados a las redes sociales y a la privacidad de los usuarios mostraron un efecto positivo en el comportamiento de los usuarios hacia la privacidad y las prácticas seguras en las redes sociales.
[CA] En l’actualitat, les xarxes socials s’han convertit en un fenomen cultural dominant per a milions d’usuaris d’Internet. Les xarxes socials són un entorn ideal per a la generació de tota mena de beneficis socials per als usuaris. Els usuaris comparteixen experiències, mantenen el contacte amb els seus familiars, amics i coneguts, i obtenen beneficis econòmics gràcies al poder de la seva influència (el que es tradueix en noves oportunitats de treball). No obstant això, l’ús de les xarxes socials i l’acció de compartir informació implica la perduda de la privacitat dels usuaris. Recentment ha emergit un gran interès per protegir la privacitat dels usuaris. Aquesta situació s’ha degut als casos de penediments documentats en les accions dels usuaris, escàndols empresarials produïts per usos indeguts de la informació personal, i als caires que introdueixen els mecanismes de privacitat. Els proveïdors de xarxes socials han inclòs millores en els seus sistemes per a reduir els riscos en privacitat dels usuaris; per exemple, restringint les polítiques de privacitat per defecte, afegint nous elements de configuració de la privacitat, i dissenyant accessos fàcils i directes per a configurar la privacitat dels usuaris. En el camp de la recerca de la privacitat, nous avanços es proposen per a millorar els mecanismes de privacitat la majoria centrats en l’automatització, selecció de gra fi, i ús de característiques extretes de la informació i les seues interaccions per a recomanar la millor política de privacitat per a l’usuari. Malgrat aquests avanços, molts estudis han demostrat que la preocupació dels usuaris per la privacitat no es correspon amb les decisions que finalment prenen en les xarxes socials. Aquesta desalineació en el comportament dels usuaris podria deure’s a la complexitat del propi concepte de privacitat. Aquest inconvenient fa que els usuaris ignorin els riscos de privacitat, o els percebin com temporalment distants. Una altra causa de la desalineació en el comportament dels usuaris podria deure’s a la complexitat del procés de presa de decisions sobre la privacitat. Això es deu al fet que els usuaris han de considerar tots els escenaris possibles i els factors involucrats (per exemple, el nombre d’amics, el tipus de relació, el context de la informació, etc.) per a prendre una decisió apropiada sobre la privacitat. Les principals contribucions d’aquesta tesi són el desenvolupament de mètriques per a avaluar els riscos de privacitat, i la proposta de mecanismes de privacitat explicables (fent ús de les mètriques desenvolupades) per a assistir i conscienciar als usuaris durant el procés de decisió sobre la privacitat. Atesa la definició del concepte de la privacitat, les dimensions de l’abast de la informació i la sensibilitat de la informació s’han considerat en aquesta tesi per a avaluar els riscos de privacitat. Respecte als mecanismes de privacitat explicables, aquests s’han dissenyat utilitzant tècniques de paternalisme bla i elements de gamificació que fan ús de les mètriques propostes. Aquests mecanismes s’han integrat en la xarxa social PESEDIA i avaluat en experiments amb usuaris reals. PESEDIA és una xarxa social desenvolupada en el marc de la tesina de Màster del doctorant [15], aquesta tesi i els projectes nacionals “Privacitat en Entorns Socials Educatius durant la Infància i l’Adolescència” (TIN2014-55206-R) i “Agents Intel·ligents per a assessorar en Privacitat en xarxes socials” (TIN2017-89156-R). Els resultats confirmen la validesa de les mètriques propostes per a calcular l’abast de les accions dels usuaris i la sensibilitat de les publicacions de les xarxes socials. Respecte a la mètrica de l’abast, els resultats també van mostrar la possibilitat d’estimarla mitjançant mètriques de centralitat local i social per a escenaris amb accés limitat a la informació. Respecte a la mètrica de sensibilitat, els resultats també van posar de manifest la falta de concordança dels usuaris en el cas d’alguns tipus d’informació i el consens en el cas de la majoria d’ells. L’ús d’aquestes mètriques com a part dels missatges sobre les possibles conseqüències de les opcions de política de privacitat i les accions d’intercanvi d’informació als usuaris va mostrar efectes positius en el comportament dels usuaris respecte a la privacitat. A més, els resultats de l’exploració de la compensació dels usuaris entre els costos i els beneficis durant les accions de divulgació d’informació personal van mostrar relacions significatives amb els cercles socials habituals (familiars, amics, companys de treball i usuaris desconeguts) i les seves propietats. Això ha permés dissenyar millors mecanismes de privacitat que restringeixen adequadament l’accés a la informació i redueixen els penediments. Finalment, els elements de gamificació aplicats a les xarxes socials i a la privacitat dels usuaris van mostrar un efecte positiu en el comportament dels usuaris cap a la privacitat i les pràctiques segures en les xarxes socials.
Alemany Bordera, J. (2020). Measures of Privacy Protection on Social Environments [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/151456
TESIS

The Internet of Things (IoT) has been acknowledged as one of the most innovative forms of technology since the computer, because of the influence it can have on multiple sectors of physical and virtual environments. The growth of IoT is expected to continue, by 2020 the number of connected devices is estimated to reach 50 billion. Recent developments in IoT provide an unprecedented opportunity for personalised services and other benefits. To exploit these potential benefits as best as possible, individuals are willing to provide their personal information despite potential privacy breaches. Therefore, this paper examines factors that influence the willingness to disclose personal information in the use of IoT in South Africa (SA) with the use of the privacy calculus as the theoretical underpinnings of this research. The privacy calculus accentuates that a risk-benefit trade off occurs when an individual decides to disclose their personal information, however, it is assumed that there are more factors than perceived risks and perceived benefits that influence information disclosure. After analysing previous literature, this study identified the following factors; information sensitivity, privacy concerns, social influence, perceived benefits, (perceived) privacy risks and privacy knowledge as possible key tenants in relation to willingness to disclose personal information. This research took on an objective ontological view, with the underlying epistemological stance being positivistic. The research incorporated a deductive approach, employing the use of a conceptual model which was constructed from a combination of studies orientated around privacy, the privacy calculus and the privacy paradox. Data for this research was collected using the quantitative research approach, through the use of an anonymous online questionnaire, where the targeted population was narrowed down to the general public residing within SA that make use of IoT devices and/or services. Data was collected using Qualtrics and analysed using SmartPLS 3. SmartPLS 3 was used to test for correlations between the factors which influence information disclosure in the use of IoT by utilising the complete bootstrapping method. A key finding was that the privacy paradox is apparent within SA, where individuals pursue enjoyment and predominantly use IoT for leisure purposes, while individuals are more likely to adopt self-withdrawal tendencies when faced with heightened privacy concerns or potential risks.

Facebook is an integral part of today’s social landscape, but Facebook use involves compromising one’s privacy in relation to both other users and to the Facebook corporation and its affiliated businesses. This analysis explores respondents’ reasons for using Facebook together with their Facebook-related privacy concerns, and how these factors influence self-disclosures and privacy management strategies on the site. Also explored are respondents’ perceptions both of what the Facebook corporation ‘knows’ about them and with whom it shares their data. The research is based on the concepts of user-user and user-corporate privacy concerns versus the social needs of self-portrayal and belonging. Self-portrayal (inspired by Friedlander, 2011) is explored in the contexts of both strategic self-presentation and expression of the true self, and belonging is explored in the contexts of both intimacy and affiliation. These concepts have been drawn from a combination of psychological theories together with existing research on privacy concerns and social needs on social networking sites. Respondents completed an online questionnaire over a six week period from late August to early October 2014, and a focus group was held in November 2014. The questionnaire was largely quantitative but allowed for qualitative input via text boxes. There were 404 completed and valid responses, and of the demographic factors tested, gender was most strongly associated with Facebook-related privacy concerns and age was most strongly associated with reasons for using Facebook. Respondents indicated a clash between fulfilling their social needs on Facebook and their privacy concerns on the site. However, these concerns did not, for the most part, stop them using Facebook, although in certain instances respondents employed tactics to minimise their privacy concerns. This thesis argues that, when using Facebook, respondents resolved the privacy paradox to the best of their ability. It is anticipated that the findings of this thesis will contribute to the ongoing dialogue surrounding the benefits and drawbacks of social media use.

Cette thèse est consacrée à une exploration des schémas de preuve de connaissance succincts, les SNARKs. S’inscrivant dans un contexte marqué par le développement du Cloud et des technologies Blockchain, les SNARKs sont des primitives cryptographiques permettant la vérification de l’intégrité des calculs. Dans un modèle de type client-serveur, où un client à faible puissance de calcul délègue une tache à un serveur à forte puissance de calcul, les SNARKs lui permettent de verifier efficacement si le serveur a bien exécuté la tache demandée. Notre attention se porte en particulier sur des sujets comme la sécurité post-quantique des SNARKs, la propriété d'extractabilité, qui fait du SNARK un outil si puissant dans des protocoles cryptographiques, la composition de ces preuves avec d'autres primitives cryptographiques et la construction d'un protocole cryptographique basé sur des preuves SNARKs qui garantit non seulement l'intégrité du résultat, mais aussi la confidentialité des données représentant l'entrée du calcul à vérifier
The contributions detailed in this thesis focus on the design and the analysis of Succinct non-interactive arguments of knowledge, known as SNARKs. SNARKs enable a party with large computational resources to prove to a weaker party that a particular statement is true in an efficient way without further interaction and under a minimal communication requirement. Our results deal with three different aspects of SNARK protocols: the postquantum security of SNARKs, the composability of SNARKs with other cryptographic primitives and the confidentiality of the inputs in the computations verified by SNARKs. First, we propose a new framework that allows the instantiation of a quantumresilient SNARK scheme from lattice assumptions. We also study the notion of extractability that is part of the soundness definition for SNARKs. We remark some limitations of this definition and we address this problem, by introducing and studying a new notion, O-SNARKs. Finally, to achieve data privacy in delegated computation, we study the possibility of constructing SNARKs that enables verification of computations over encrypted data

Les systèmes embarqués comme les smartphones et les tablettes vont devenir à terme nos interfaces privilégiées avec le monde numérique. Ces systèmes n'ont cependant pas encore la puissance de calcul nécessaire pour s'acquitter de toutes les tâches exigées par un utilisateur. De plus, ils ne disposent pas forcement de toutes les connaissances nécessaires pour réaliser certaines opérations. Ceci pour divers raisons: confidentialité, propriété intellectuelle, limitation de la mémoire ou encore difficulté d'accès à l'information. Ainsi de nombreuses données et de nombreux calculs sont stockes et effectués sur des machines distantes. Il peut s'agir de serveur centralisant tous les calculs, d'une grille de calcul distribuée ou d'un cloud. Le résultat est que des entités tiers manipulent des données qui ont un caractère privée. Cette situation n’est pas acceptable en terme de protection de la vie privée sans la mise en place de dispositifs permettant de garantir aux utilisateurs la confidentialité et l'intégrité de leurs données, le respect de leur vie privée. L’objectif de cette thèse est d'analyser les méthodes existantes ainsi que de proposer d'autres mécanismes de sécurité et de protection de la vie privée pour les calculs déportés
Hashing and hash-based data structures are ubiquitous. Apart from their role inthe design of efficient algorithms, they particularly form the core to manycritical software applications. Whether it be in authentication on theInternet, integrity/identification of files, payment using Bitcoins, webproxies, or anti-viruses, the use of hashing algorithms might only be internalbut yet very pervasive.This dissertation studies the pitfalls of employing hashing and hash-based datastructures in software applications, with a focus on their security and privacyimplications. The mainstay of this dissertation is the security and privacyanalysis of software solutions built atop Bloom filters --- a popularhash-based data structure, and Safe Browsing --- a malicious websitedetection tool developed by Google that uses hash functions. The softwaresolutions studied in this dissertation have billions of clients, which includesoftware developers and end users.For Bloom filters and their privacy, we study a novel use case, where they forman essential tool to privately query leaked databases of personal data. Whilefor security, we study Bloom filters in adversarial settings. The studyencompasses both theory and practice. From a theoretical standpoint, we defineadversary models that capture the different access privileges of an adversary onBloom filters. We put the theory into practice by identifying several securityrelated software solutions (employing Bloom filters) that are vulnerable to ourattacks. This includes: a web crawler, a web proxy, a malware filter, forensictools and an intrusion detection system. Our attacks are similar to traditionaldenial-of-service attacks capable of bringing the concerned infrastructures toknees.As for Safe Browsing, we study vulnerabilities in the architecture that anadversary can exploit. We show several attacks that can simultaneouslyincrease traffic towards both the Safe Browsing server and the client. Ourattacks are highly feasible as they essentially require inverting hash digestsof 32 bits. We also study the privacy achieved by the service by analyzing thepossibility of re-identifying websites visited by a client. Our analysis andexperimental results show that Safe Browsing can potentially be used as a toolto track specific classes of individuals.This dissertation highlights the misunderstandings related to the use of hashingand hash-based data structures in a security and privacy context. Thesemisunderstandings are the geneses of several malpractices that include the useof insecure hash functions, digest truncation among others. Motivated by ourfindings, we further explore several countermeasures to mitigate the ensuingsecurity and privacy risks

Un service du nuage peut employer des techniques de sécurités pour assurer la sécurité de l’information. Ces techniques protègent une donnée personnelle en la rendant inintelligible pour toutes personnes autres que l’utilisateur du service. En contrepartie, certaines fonctionnalités ne peuvent plus être implémentées. Par exemple, la technique du chiffrement symétrique rend les données inintelligibles, mais empêche le calcul sur ces données.Cette thèse avance qu’un service du nuage doit composer les techniques pour assurer la sécurité de l’information sans perdre de fonctionnalités. Elle se base sur l’étude de la composition de trois techniques qui sont le chiffrement, la fragmentation verticale et les calculs côté client. Cette étude montre que la composition sécurise sans perdre de fonctionnalités, mais complexifie l’écriture du service. La thèse propose alors un nouveau langage pour l’écriture de services du nuage qui assurent la sécurité des données personnelles par compositions des techniques de sécurité.Ce langage est muni de lois algébriques pour dériver,systématiquement, un service local sans protection vers son équivalent sécurisé du nuage. Le langage est implémenté en Idris et profite de son système de type expressif pour vérifier la composition correcte des techniques de cryptographie. Dans le même temps, un encodage traduit le langage en ProVerif, un vérificateur de modèle pour l’analyse automatique des propriétés de sécurité sur les protocoles cryptographiques. Cette traduction vérifie alors la sécurité des données personnelles dans le service
A cloud service can use security techniques to ensure information privacy. These techniques protect privacy by converting the client’s personal data into unintelligible text. But they can also cause the loss of some functionalities of the service. For instance, a symmetric-key cipher protects privacy by converting readable personal data into unreadable one. However, this causes the loss of computational functionalities on this data.This thesis claims that a cloud service has to compose security techniques to ensure information privacy without the loss of functionalities. This claim is based on the study of the composition of three techniques: symmetric cipher, vertical data fragmentation and client-side computation. This study shows that the composition makes the service privacy preserving, but makes its formulation overwhelming. In response, the thesis offers a new language for the writing of cloud services that enforces information privacy using the composition of security techniques. This language comes with a set of algebraic laws to systematically transform a local service without protection into its cloud equivalent protected by composition. An Idris implementation harnesses the Idris expressive type system to ensure the correct composition of security techniques. Furthermore, an encoding translates the language intoProVerif, a model checker for automated reasoning about the security properties found in cryptographic protocols. This translation checks that the service preserves the privacy of its client

Les grilles de calcul et les grille de PC sur Internet offrent des alternatives intéressantes pour le calcul scientifique à grande échelle, qui demande des ressources de calcul importantes. Toutefois, l’adaptation des applications pour ces systèmes est difficile à cause des facteurs nombreux tels que l'interface complexe de programmation. L'objectif de cette thèse est de trouver une solution pour faciliter le calcul scientifique à grande échelle. Pour ce faire, j’ai travaillé sur l’algorithme de Gauss Jordan et une nouvelle version d’un schéma de parallélisme. Ce schéma peut exploiter le maximum de parallélisme entre des opérations. Comme un exemple excellent, l'algorithme de Gauss Jordan est également utilisé pour évaluer des environnements expérimentaux et des outils différents. Les expérimentations avec YML, OmniRPC et XtremWeb sur les grilles et les grilles de PC montrent que YML peut être une bonne solution pour que les utilisateurs fassent du calcul scientifique à grande échelle, à cause des bonnes caractéristiques comme « l’interface d'abstraction de haut niveau», « les composants réutilisables » et «le surcoût acceptable». Pour obtenir les meilleures performances de cette plate-forme, les questions concernées, telles que la granularité des tâches, la persistance des données et le mécanisme d’ordonnancement, sont également abordés dans cette thèse. Selon les analyses faites ci-dessus et les caractéristiques communes des nuages informatiques ciblés, YML-PC, une architecture de référence basée sur les workflows pour les constructions de nuages informatiques privés scientifique est proposée. YML-PC hérite les bonnes caractéristiques présentées ci-dessus et des autres technologies clefs telles que « la persistance des données », « La prévision du temps disponible » et « l'évaluation sur des nœuds de calcul hétérogènes » pour YML-PC, qui sont également abordées dans cette thèse. Les évaluations sur l'algorithme de Gauss Jordan sont réalisées sur les grilles, les grilles de PC et les nuages informatiques privés qui sont implantés sur la plate-forme Grid5000, la plateforme de calcul de Polytech Lille en France et la plateforme de calcul de Hohai, en Chine
Grid computing and Desktop Grid computing provide interesting alternatives for large scale scientific computing which needs very large scale computing resources. However gridification is hard to develop because of series of factors such as complex programming interface. The aim of this dissertation is to find a solution to make large scientific computing in an easy way. To do that, research on Gauss Jordan algorithm is made and a new parallel programming version is presented. The parallel version can achieve maximum degree parallelism between operations. Also the Gauss Jordan algorithm as an excellent example is used to evaluate different experimental environments and tools. Experiments with YML, OmniRPC and XtremWeb on Grid and Desktop Grid environments testify YML can be a good solution for end users to make large scale scientific computing for its series of good features such as higher level interface, component reuse and acceptable overhead. To get better performance of platform, related issues such as task granularity, data persistence and schedule mechanism are also discussed in this dissertation. According to analysis made above and the common features of Clouds possessed, YML-PC a reference architecture based on workflow for building scientific Private Clouds is proposed. YML-PC inherits those good features presented above and some other key technologies such as “data persistence”, “available time prediction” and “evaluation on heterogeneous computing nodes” for YML-PC are also discussed in this dissertation. Evaluations are made based on Gauss Jordan algorithm on Grids, Desktop Grids and Private Clouds which build on Grid5000, Polytech Lille platform, France and Hohai platform, China

Dans cette thèse, on s’intéresse aux contrats de partenariat public-privé (PPP). Un PPP est un contrat à long terme entre une entité publique et une partie privée, aussi appelée consortium, dans lequel le public externalise la construction et/ou la gestion d’un bien public. Le consortium prend le risque et la responsabilité de gérer le projet. Le public s’engage en contre partie à lui verser une rente. Cependant, les efforts du consortium pour améliorer la valeur sociale du projet ne sont pas observables par le public. C’est un problème de principal agent avec aléa moral où le principal est le public et l’agent est le privé. On suppose que le public paie le consortium continûment et l’effort de l’agent affecte le drift de la valeur sociale du projet. On suppose que le public est neutre au risque et le consortium est adverse au risque. Dans le chapitre 2 de la thèse, on considère un contrat perpétuel entre une entité publique et un consortium. On caractérise le contrat optimal dans ce cadre d’aléa moral. On utilise une formulation forte : on considère différentes filtrations correspondant à différents niveaux d’informations comme dans le contexte de contrôle stochastique avec observation partielle. Dans cette approche, on utilise des méthodes de martingale et de contrôle stochastique. Dans le chapitre 3, on considère un problème du partenariat public-privé avec horizon aléatoire, dans lequel le public a la possibilité d’arrêter le contrat à une date aléatoire et donne une compensation au consortium. On résout ce problème de contrôle stochastique avec un problème d’arrêt optimal dans ce cadre d’aléa moral. Dans ce chapitre, on utilise la formulation faible : on suppose que le consortium change la distribution de la valeur sociale du projet en changeant son drift et cela revient à considérer une nouvelle mesure de probabilité qui dépend de l’effort de l’agent. Dans le chapitre 4, on s’intéresse aussi au problème de partenariat public-privé avec un horizon aléatoire mais en utilisant la formulation forte. Puis, on traite la cadre de partage de risque : on suppose que le public et le consortium ont les mêmes informations. On analyse numériquement la valeur d’information. Dans le chapitre 5, on étudie l’existence d’une solution de l’équation d’Hamilton-Jacobi-Bellman qui apparaît dans notre étude théorique. Puis, on développe des résultats numériques pour la résolution numérique d’une équation Hamilton Jacobi-Bellman et l’inéquation variationnelle dans le cadre de notre étude numérique
In this thesis, we are interested in the contract with moral hazard for public private partnerships (PPP). PPP is defined as a long-term contract between a private party and a public entity, for the construction and/or the management of an asset or public service, in which the consortium takes the risks and a responsibility to manage the project. The public undertakes to pay him a rent. However, the effort that the consortium does to improve the social value of the project is not observable by the public. It is a principal-agent problem with moral hazard, in which the principal is the public and the agent is the consortium. We assume that the public pays the consortium continuously and the effort of the consortium affects the drift of the social value of the project. We assume that the agent is risk averse and the public is risk-neutral. In chapter 2 of the thesis, we consider a perpetual contract between a public entity and a consortium. We characterize the optimal contract in this moral hazard framework. We use the strong formulation : we consider different filtrations corresponding to the different level of information as in the context of stochastic control under partial observation. In this approach, we use martingale methods and stochastic control techniques. In chapter 3, we consider a public-private partnership problem with a random horizon, in which the public has the possibility to stop the contract at a fixed or a random time and gives compensation to the consortium. We solve this optimal stochastic control with optimal stopping problem in this context of moral hazard. We use the weak approach, that is the agent changes the distribution of the social value of the project by changing the drift and this amounts to considering a new probability that depends on the effort of the consortium. In the chapter 4, we also consider the problem of public-private partnership with a random horizon but using the strong formulation. Then, we deal with the risk-sharing framework, we assume that the public and the consortium have the same information. We analyze numerically the value of information. Chapter 5 focuses on the existence of a solution of the Hamilton Jacobi-Bellman equation that appears in our theoretical study. Then, we detail the numerical results for the numerical resolution of a Hamilton Jacobi-Bellman equation and variational inequality as part of our numerical study

Three issues will be elaborated and disussed in the proposed thesis. The first isadministration and control of data access rights in networks with XML data, withemphasis on data security. The second is the administration and control ofaccess rights to data in computer networks with RDF data, with emphasis ondata privacy. The third is prevention of errors and memory leaks, as well ascommunication errors, generated by programs written in Sing # language in thepresence of exceptions. For all three issues, there will be presented formalmodels with corresponding type systems and showed the absence of undesiredbehavior i.e. errors in networks or programs.
У тези су разматрана три проблема. Први је администрација и контролаправа приступа података у рачунарској мрежи са XML подацима, санагласком на безбедости посматраних података. Други је администрација икотрола права приступа подацима у рачунарској мрежи са RDF подацима,са нагласком на приватности посматраних података. Трећи је превенцијагрешака и цурења меморије, као и грешака у комуникацији генерисанимпрограмима написаних на језику Sing# у којима су присутни изузеци. За сватри проблема биће предложени формални модели и одговарајући типскисистеми помоћу којих се показује одсуство неповољних понашања тј.грешака у мрежама односно програмима.
U tezi su razmatrana tri problema. Prvi je administracija i kontrolaprava pristupa podataka u računarskoj mreži sa XML podacima, sanaglaskom na bezbedosti posmatranih podataka. Drugi je administracija ikotrola prava pristupa podacima u računarskoj mreži sa RDF podacima,sa naglaskom na privatnosti posmatranih podataka. Treći je prevencijagrešaka i curenja memorije, kao i grešaka u komunikaciji generisanimprogramima napisanih na jeziku Sing# u kojima su prisutni izuzeci. Za svatri problema biće predloženi formalni modeli i odgovarajući tipskisistemi pomoću kojih se pokazuje odsustvo nepovoljnih ponašanja tj.grešaka u mrežama odnosno programima.

Grâce aux “smart disclosure initiatives”, traduit en français par « ouvertures intelligentes » et aux nouvelles réglementations comme le RGPD, les individus ont la possibilité de reprendre le contrôle sur leurs données en les stockant localement de manière décentralisée. En parallèle, les solutions dites de clouds personnels ou « système personnel de gestion de données » se multiplient, leur objectif étant de permettre aux utilisateurs d'exploiter leurs données personnelles pour leur propre bien.Cette gestion décentralisée des données personnelles offre une protection naturelle contre les attaques massives sur les serveurs centralisés et ouvre de nouvelles opportunités en permettant aux utilisateurs de croiser leurs données collectées auprès de différentes sources. D'un autre côté, cette approche empêche le croisement de données provenant de plusieurs utilisateurs pour effectuer des calculs distribués.L'objectif de cette thèse est de concevoir un protocole de calcul distribué, générique, qui passe à l’échelle et qui permet de croiser les données personnelles de plusieurs utilisateurs en offrant de fortes garanties de sécurité et de protection de la vie privée. Le protocole répond également aux deux questions soulevées par cette approche : comment préserver la confiance des individus dans leur cloud personnel lorsqu'ils effectuent des calculs croisant des données provenant de plusieurs individus ? Et comment garantir l'intégrité du résultat final lorsqu'il a été calculé par une myriade de clouds personnels collaboratifs mais indépendants ?
Thanks to smart disclosure initiatives and new regulations like GDPR, individuals are able to get the control back on their data and store them locally in a decentralized way. In parallel, personal data management system (PDMS) solutions, also called personal clouds, are flourishing. Their goal is to empower users to leverage their personal data for their own good. This decentralized way of managing personal data provides a de facto protection against massive attacks on central servers and opens new opportunities by allowing users to cross their data gathered from different sources. On the other side, this approach prevents the crossing of data from multiple users to perform distributed computations. The goal of this thesis is to design a generic and scalable secure decentralized computing framework which allows the crossing of personal data of multiple users while answering the following two questions raised by this approach. How to preserve individuals' trust on their PDMS when performing global computations crossing data from multiple individuals? And how to guarantee the integrity of the final result when it has been computed by a myriad of collaborative but independent PDMSs?

碩士
國立臺灣大學
資訊管理學研究所
102
NFC payment is a new form of mobile payment with the advantage of being quick and versatile. However, the use of NFC payment would involve in the storage and transmission of user’s personal data and financial data. This has been evident in a number of NFC research and survey indicating that privacy concern may inhabit the development of NFC payment. Therefore, this research attempts to understand how benefit and risk may influence the intention to adopt NFC payment. In the past literature, user’s intention to adopt has been seen as the outcome of privacy calculus. In this research, we draw on privacy calculus theory and add some characteristics of NFC payment to understand user’s intention to adopt NFC payment. For empirical analysis, we distribute online questionnaire to collect data and use Structural Equation Modeling to analyze our model. Results show that the benefits of using NFC payment－ease of use, compatibility, and relative advantage have significant positive relationship with intention to adopt. The risk of using NFC payment－perceived privacy risk has significant negative relationship with intention to adopt. And the antecedent of perceived privacy risk－trust in service provider has significant negative relationship with privacy risk. Based on our results, we suggest that when designing NFC payment application, it should be not only compatible with user experience but ease of use. Therefore, service providers should formulate a complete privacy policy to protect users’ data in order to reduce users’ privacy concern and increase the intention to adopt NFC payment.

Self-disclosure is ubiquitous in today’s digitized world as Internet users are constantly sharing their personal information with other users and providers online, for example when communicating via social media or shopping online. Despite offering tremendous benefits (e.g., convenience, personalization, and other social rewards) to users, the act of self-disclosure also raises massive privacy concerns. In this regard, Internet users often feel they have lost control over their privacy because sophisticated technologies are monitoring, processing, and circulating their personal information in real-time. Thus, they are faced with the challenge of making intelligent privacy decisions about when, how, to whom, and to what extent they should divulge personal information. They feel the tension between being able to obtain benefits from online disclosure and wanting to protect their privacy. At the same time, firms rely on massive amounts of data divulged by their users to offer personalized services, perform data analytics, and pursue monetization. Traditionally, privacy research has applied the privacy calculus model when studying self-disclosure decisions online. It assumes that self-disclosure (or, sometimes, usage) is a result of a rational privacy risk–benefit analysis. Even though the privacy calculus is a plausible model that has been validated in many cases, it does not reflect the complex nuances of privacy-related judgments against the background of real-life behavior, which sometimes leads to paradoxical research results. This thesis seeks to understand and disentangle the complex nuances of Internet users’ privacy-related decision making to help firms designing data gathering processes, guide Internet users wishing to make sound privacy decisions given the background of their preferences, and lay the groundwork for future research in this field. Using six empirical studies and two literature reviews, this thesis presents additional factors that influence self-disclosure decisions beyond the well-established privacy risk–benefit analysis. All the studies have been published in peer-reviewed journals or conference proceedings. They focus on different contexts and are grouped into three parts accordingly: monetary valuation of privacy, biases in disclosure decisions, and social concerns when self-disclosing on social networking sites. The first part deals with the value Internet users place on their information privacy as a proxy for their perceived privacy risks when confronted with a decision to self-disclose. A structured literature review reveals that users’ monetary valuation of privacy is very context-dependent, which leads to scattered or occasionally even contradictory research results. A subsequent conjoint analysis supplemented by a qualitative pre-study shows that the amount of compensation, the type of data, and the origin of the platform are the major antecedents of Internet users’ willingness to sell their data on data selling platforms. Additionally, an experimental survey study contrasts the value users ascribe to divulging personal information (benefits minus risks) with the value the provider gets from personal information. Building on equity theory, the extent to which providers monetize the data needs to be taken into account apart from a fair data handling process. In other words, firms cannot monetize their collected user data indefinitely without compensating their users, because users might feel exploited and thus reject the service afterwards. The second part delineates the behavioral and cognitive biases overriding the rational tradeoff between benefits and privacy risks that has traditionally been assumed in privacy research. In particular, evaluability bias and overconfidence are identified as moderators of the link between privacy risks and self-disclosure intentions. In single evaluation mode (i.e., no reference information available) and when they are overconfident, Internet users do not take their perceived privacy risks into account when facing a self-disclosure decision. By contrast, in joint evaluation mode of two information systems and when users are realistic about their privacy-related knowledge, the privacy risks that they perceive play a major role. This proof that mental shortcuts interact with privacy-related judgments adds to studies that question the rational assumption of the privacy calculus. Moving beyond privacy risks, the third part examines the social factors influencing disclosure decisions. A structured literature review identifies privacy risks as the predominantly studied impediment to self-disclosure on social networking sites (SNS). However, a subsequent large scale survey study shows that on SNS, privacy risks play no role when users decide whether to self-disclose. It is rather the social aspects, such as the fear of receiving a negative evaluation from others, that inform disclosure decisions. Furthermore, based on a dyadic study among senders and receivers of messages on SNS, it is shown that senders are subject to a perspective-taking bias: They overestimate the hedonic and utilitarian value of their message for others. In this vein, these studies combine insights from social psychology literature with the uniqueness of online data disclosure and show that, beyond the potential misuse of personal information from providers, the risk of misperception in the eyes of other users is crucial when explaining self-disclosure decisions. All in all, this thesis draws from different perspectives – including value measuring approaches, behavioral economics, and social psychology – to explain self-disclosure decisions. Specifically, it shows that the privacy calculus is oversimplified and, ultimately, needs to be extended with other factors like mental shortcuts and social concerns to portray Internet users’ actual privacy decision making.

碩士
國立中山大學
資訊管理學系研究所
103
Mobile devices have become the most popular personal communication devices to date. The popularity of the smartphone has increased the diversity of location based services (LBS). Many apps have added location information based functions. Despite the growth of the LBS market and LBS technology, privacy concerns have arisen around the possibility of inappropriate use of the personal location information. When deciding whether or not to allow the use of their personal information in exchange for the LBS app’s benefits, users will first weigh the benefits and risks. This measurement is referred to as a “privacy calculus.” When downloading apps, users evaluate the app’s benefits and risks using their observations of the permissions requested by the app, the vendor’s reputation, the comments of other users, and the app’s ratings and number of downloads. This research intends to determine whether or not, in addition to the factors noted above, the app cost (paid or free) and the app category (hedonic or utilitarian) influence users’ privacy calculus. The core of this research is privacy calculus theory, which we combine with the TAM to develop our research model. The results show that users pay more attention to the benefits of the app if it is utilitarian as opposed to hedonic. Conversely, users pay more attention to the potential risks of a hedonic app. Users attach greater importance to the benefits of a paid app.

碩士
國立成功大學
國際經營管理研究所碩士班
101
In the context of social network location service, privacy concern consisting of three dimensions: collection, control, and awareness, still becomes a major hindrance in location information disclosure intention. Even though privacy concern would inhibit location information disclosure intention, the trend of social network use is still growing in Indonesia. This is because when people want to share their personal information, they also would think about the benefit that they could get. This study finds that usefulness and enjoyment as beneficial factors of disclosing information have a positive effect towards intention to disclose information location. Furthermore, it appears that religious values play a role in affecting information disclosure intention. The finding of this study also shows that one of Islamic values which is silaturrahim values, has a positive indirect relationship toward intention to disclose location information and this relationship is mediated by trusting beliefs. Therefore, despite of concern over privacy, Indonesian Muslims are still willing to disclose their location information because they see that social relationship is more important.

碩士
國立成功大學
企業管理學系
102
Self-disclosure is a way to help e-retailers receive customer information that contributes to building good relationships. This study tries to provide a better understanding on the effect of customer willingness on self-disclosure. The objective of this study is to investigate the role of e-retailers and the customers themselves with regard to their willingness toward self-disclosure. To achieve this goal, this study adopts privacy calculus theory to explain the process of forming customer willingness. However, privacy calculus theory only considers one’s own perception; therefore, social influence is integrated into privacy calculus theory to examine the moderating effect of surrounding people. 405 valid questionnaires were collected from the Internet. Data consists of respondents who have both independent online shopping experience and online privacy invasion experience. The data results demonstrate that an e-retailer’s responsiveness and compensation provisions can increase perceived benefits and reduce customer privacy concerns. It was also found that previous privacy experience plays an important role in the perception of risk. In addition, perceived benefits can increase perceived value, which further increases self-disclosure willingness, but perceived risk shows the contrary result with regard to increasing willingness. Furthermore, the moderating effect of normative social influence and informational social influence on belief were proven. Based on the findings, e-retailers should respond to customers rapidly and offer compensations to encourage information sharing; in addition, e-retailers should create a good store image and put understandable privacy protection remarks on their websites to make customers trust them.

博士
元智大學
資訊管理學系
107
It is inevitable that the exponential growth of mobile location-based service (LBS) will continue to change the way we live and work. With the LBS-enabled device and an Internet connection, anyone at anytime and anywhere can instantly access real-time location-based information or services. The convenience of accessing LBS coupled with the abundant benefits of using LBS is likely to attract more people to use LBSs and in turn, drive the growth of the LBS market. Yet, in spite of the benefits, there are also privacy risks involved in using LBS. Thus, it is not surprising that privacy is the major inhibiting factor in the adoption of LBS. Since the LBS-enabled device is required to access LBS and privacy is a fundamental issue, this study aims to investigate the influence of the user’s trust toward the LBS-enabled device on information privacy concerns (IPC), and on the user’s perceived trade-off between the benefits and privacy risks of using a specific LBS (privacy calculus). Hence, drawing upon the technology trust lens, this empirical study explores the role of technology trust in LBS-enabled device—cognitive trust in LBS-enabled device (CTT) and affective trust in LBS-enabled device (ATT)—in its relationship with the psychological and economic perspectives of privacy, IPC and privacy calculus respectively, to explain location disclosure intention. Additionally, IPC and privacy calculus are investigated to determine their potential impacts on location disclosure intention. Partial Least Squares Structural Equation Modeling (PLS-SEM) is employed to analyze the data collected from 460 users of mobile LBS in Taiwan R.O.C. The results of the analysis reveal that CTT has no negative influence on IPC as expected, ATT has a negative impact on IPC and both have a significant positive influence on privacy calculus. In addition, the findings also demonstrate that IPC have negative impact on location disclosure intention, while privacy calculus has a positive impact on location disclosure intention. Lastly, the results show that technology trust in LBS-enabled device has an indirect impact on users’ inclination to disclose their location information.

Privacy has been discussed throughout the ages as the world has developed and changed however privacy concerns have been reignited by the development of technology. One of these technologies, Location Based Services (LBS), together with how organisations are using these technologies is pushing the consumers’ privacy boundaries. In order for this technology to become widely adopted these privacy concerns need to be understood and addressed. It is therefore the purpose of this research to examine whether consumers’ privacy concern can be negated through consumers receiving a benefit which caused them to forego this concern.The research used scenarios to evaluate consumers’ comfort levels for four different intrusion levels and five different discounts offered. Due to the nature of the scenarios a repeated measures ANOVA design was used in order to allow for the analysis of each of the scenarios, intrusion levels and discount offered for each respondent.It was found that although privacy concerns can and were influenced by the offers made to the respondents, consumers have not yet gained a complete sense of comfort with the privacy boundaries that are being challenged.
Dissertation (MBA)--University of Pretoria, 2013.
Gordon Institute of Business Science (GIBS)
unrestricted

碩士
國立成功大學
企業管理學系
106
In the virtual brand community, customer disclosures related to product usage experience not only enable the product’s brand company to obtain customer information, but also attract potential customers to participate in brand community discussions. This research adopted the privacy calculus theory to explore customer usage experience disclosure and to understand the roles that the virtual brand community and customers play in the disclosure process. Therefore, sense of virtual community and brand community engagement were adopted to discuss customer disclosure emotional elicitation, and privacy calculus factors were treated as antecedents of a sense of virtual community and brand community engagement. Moreover, brand community was also adopted as a moderator in the model. The survey focused on members of a virtual brand community, and a total of 944 valid questionnaires were collected. Structural equation modeling was adopted for the data analyses. The results showed that socialization and self-expression increased a sense of virtual community and brand community engagement, but pleasing others only positively affected the sense of virtual community. Reward and flaming (a hostile and insulting interaction between persons over the Internet) had a significant impact on the sense of virtual community and brand community engagement on the part of customers. In addition, a high level of brand community engagement and sense of virtual community increased intention toward customer disclosure related to product experience. Finally, this study suggested that brand community managers should not only provide a two-way communication platform for customers, but also need to manage and regulate the use of hostile, negative responses. In addition, some tokens can be provided as a reward to encourage customer willingness toward disclosure of experiences. Further, managers also can establish a good virtual brand community culture that encourages customers to participate in the discussion and increases engagement rates in their virtual brand communities.

碩士
國立屏東大學
國際貿易學系碩士班
103
The development of mobile telecommunication technology increases the demand of mobile shopping rapidly, thus it is an important issue to investigate the factors which may influence consumers’ shopping behaviors via mobile devices. The study examined the relationship among privacy risk, privacy benefit, privacy experience, user interface design, electronic word of mouth, perceived value and usage intention of mobile shopping. Through online and offline survey, this study collected 228 valid responses from Taiwanese who have ever used mobile devices to test the hypotheses. The result of PLS (partial least squares) showed that: (1) perceived value, privacy value and user interface design positively affected the intention of mobile shopping; (2) privacy value user interface design and electronic word of mouth positively impacted perceived value in shopping via mobile devices; (3) privacy benefit, privacy experience and electronic word of mouth have positive influences on privacy value; whereas (4) privacy risk has a negative effect on privacy value in shopping via mobile devices; (5) surprisingly, user interface design influences privacy value with negative effect. The findings provide several significant implications and suggestions for marketing strategy and managerial practice.

Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Information Systems and Technologies Management
Videoconferencing (VC) applications (apps) are getting notable attention worldwide, from common citizens to professionals as an alternative to vis-à-vis communication specifically during COVID-19. The growth of VC apps is expected to rise even more in the future with the prediction that widespread adoption of remote work will continue to hold even after the pandemic. This research investigates the key drivers for individuals’ intentions into continuing to use this technology in professional settings. Considering the importance of professionals’ perceptions of privacy in professionals’ settings, this study proposes a conceptual model rooted in the theoretical foundations of privacy calculus theory, extended with the conceptualization of privacy concerns for mobile users (MUIPC), ubiquity, and theoretical underpinnings from social presence theory. The conceptual research model was empirically tested by using data collected from a survey of 487 actual users of videoconferencing apps across Europe. Structural equation modeling (SEM) is performed to test the model. The study revealed several findings (1) perceived value in using VC apps motivates the professionals to continue using VC apps and shapes their perception as they evaluate the risk-benefit trade-off they are making when using VC apps. (2) professionals’ indeed form and articulate their own assessment of value based on the perceived risks and benefits associated with using VC apps. However, professionals' perceptions of value are strongly influenced by potential benefits received from using VC apps than by potential risks associated with using VC apps. (3) professionals’ perceived risk is determined by MUIPC and trust. (4) professionals’ perceived benefits are shaped by ubiquity and social presence. For researchers, this study highlights the usefulness of integrating privacy calculus theory, social presence theory and trust in studying the individuals’ behavioral intentions towards new technologies. For practitioners, understanding the key determinants is pivotal to design and build mobile video-conferencing apps that achieve higher consumer acceptance and higher rates of continued usage of VC apps in professional settings.

碩士
銘傳大學
國際企業學系碩士班
104
Nowadays, a lot of consumer spends a lot of time on smartphone. A lot of company are design the Apps for themselves to create the opportunity for consumer to purchase from the Apps. Yet, it really convenience however, not a lot of consumers are willing to give their personal information towards companies because of privacy concern. This research paper is standing in the consumer position to discussion about their purchased behavior on the smartphone. Researcher used LISREL to analysis the questionnaire, and gets the following result: 1. Mobile marketing perceived interactivity is positively related to perceived benefit of info disclosure. 2. Mobile marketing perceived interactivity is positively related to perceived risk of info disclosure. 3. Perceived benefit of info disclosure is positively related to perceived value of info disclosure. 4. Perceived value of info disclosure is positively related perceived risk of info disclosure. 5. Perceived value of info disclosure is positively related to willingness to have info used for app of the brand. 6. Willingness to have information used for app of the brand is positively related to consumer purchase intention.

碩士
中原大學
企業管理研究所
106
With the rapid development of Smart Car, people have begun to consider the Internet of Vehicle develop products as the basis for car purchases. As a result, Car Vendors have begun to develop the Internet of Vehicle products, such as: Tesla, Benz, BMW, and Toyota have all launched Internet of Vehicle products to seize the market. However, under this rapid development, people began to realize that their privacy has been continuously exposed. Therefore, people began to pay attention to their privacy, especially in terms of personal information privacy and personal location privacy disclosure. Countries and Car Venders have started to redesign the privacy of Internet of Vehicle products, hoping to grasp this trend and become a leader in the market. Therefore, this research attempts to use privacy as a starting point to observe the relationship between the consumer''s perception of Internet of Vehicle, the risk of perceived exposure, and the behavior of exposing willingness. This research refers to the literature review of previous scholars and finds that most scholars have researched the "protection mechanism" or "how to avoid" information leakage of Internet of Things information and privacy in the Internet of Things. Few scholars focus on the right of privacy. Therefore, the research refers to the content of previous scholars'' research. It develops the research structure and questionnaires of the study. Take perceive disclosed benefits and perceived disclosed risks as self-variables to explore the degree of willingness to expose and the main factor of influence. This search conducted random surveys of physical and online questionnaire surveys, and conducted research hypotheses and verifications through reliability analysis, Pearson correlation analysis, T verification, and regression analysis. The results of the search found that both perceived exposure benefit and perceived exposure risk have a significant impact on the willingness to disclose. Among them, “personalized services” and “self-presentation” are the main factors that affect consumers’ self-disclosure. So if vender provides personalized services and self-presenting products or services, consumers will be willing to expose more privacy. In addition, under different car purchase experiences, consumers'' perceptions of disclosure of interest and perceived exposure to risk exposure will be different due to differences in car purchase experience. The "interests" of consumers who have "car buying experience" are their concerns, and the "interests" and "risks" of consumers who have "no car buying experience but have willing to buy car" are their concerns. Therefore, this research suggests that future internet of car vendors can use the above viewpoints when referring to the promotion and acquisition of consumer information, hoping to provide an indicator of the development of future products and services by car makers.

Yes
Location-based advertising is an entrepreneurial and innovative means for advertisers to reach out through personalised messages sent directly to mobile phones using their geographic location. The mobile phone users' willingness to disclose their location and other personal information is essential for the successful implementation of mobile location-based advertising (MLBA). Despite the potential enhancement of the user experience through such personalisation and the improved interaction with the marketer, there is an increasing tension between that personalisation and mobile users' concerns about privacy. While the privacy calculus theory (PCT) suggests that consumers make privacy-based decisions by evaluating the benefits any information may bring against the risk of its disclosure, this study examines the specific risks and benefits that influence consumers' acceptance of MLBA. A conceptual model is proposed based on the existing literature and a standardised survey was developed and targeted at individuals with known interests in the subject matter. From these requests, 252 valid responses were received and used to evaluate the key benefits and risks of MLBA from the users' perspectives. While the results confirmed the importance of internet privacy concerns (IPC) as an important determinant, they also indicate that monetary rewards and intrusiveness have a notably stronger impact on acceptance intentions towards MLBA. Intrusiveness is the most important risk factor in determining mobile users' intentions to accept MLBA and therefore establishing effective means of minimising the perceived intrusiveness of MLBA can be expected to have the greatest impact on achieving effective communications with mobile phone users.

碩士
國立成功大學
國際經營管理研究所
102
Although privacy concern has been paid great attention over time and across disciplines, it is still considered as main inhibitor for disclosure decision, especially in mobile environment where smartphones, wearable devices and location-based services bring it to a new level. In this study we employ privacy calculus perspective framework to reaffirm effects motivators and inhibitors on disclosure intention of location information. Also, Big Five model is used to examine the impacts of disposition factors, such as personality traits, on concern for privacy. Data were collected from 298 respondents, who are representatives for social network users using smartphones. Our findings reaffirm privacy calculus perspective framework in a different culture and environment. Also, effects from personality on privacy concerns are giving interesting theoretical and practical implications for service vendors as well as legislators.

碩士
國立成功大學
經營管理碩士學位學程(AMBA)
104
Thanks to the rapid development and popularization of smartphone and high-speed cellular networks, more and more people today are using mobile applications (apps) to conduct their sport and health management. At the same time, the European Commission has recognized the acute importance of investing in mobile health (mHealth), a kind of medical and public health practice supported by mobile devices, to address the shortage of healthcare workers in the EU countries. While mHealth holds great promise in this field, it should not also be ignored that mHealth has created a new set of risk to privacy and security since personal health information can be stored on mobile devices or shared via networks that are not secure. Drawing on the literatures of privacy calculus theory and risk-as-feelings perspective as the conceptual foundation, this study attempts to understand how privacy perceptions and calculus may influence individuals’ intention to adopt mHealth apps with a particular focus on ResearchKit, which is a killer application introduced by Apple that allows scientists and doctors to create powerful apps for medical research. In this study, 517 measurable samples were collected to empirically verify the research model and partial least squares (PLS) approach was employed as the data analysis tool. The results show that trust in app developer is the key variable to individuals’ adoption intention, and perceived risk and health status emotion both effectively moderate individuals’ adoption intention. The theoretical and practical implications, limitations, and future research directions in mHealth apps are then discussed at the end of this article.