Jayati Dev | West Bengal University Of Technology (original) (raw)
Papers by Jayati Dev
Annual Computer Security Applications Conference, 2021
The IETF Manufacturer Usage Description (MUD) standard was designed to protect IoT devices throug... more The IETF Manufacturer Usage Description (MUD) standard was designed to protect IoT devices through network micro-segmentation. In practice, this is implemented using per-device access control that is defined by the manufacturer. This access control is embedded in a "MUD-File", which is transferred to the user's network during the onboarding process, and may contain from one to hundreds of rules. Validating these rules for each device can be a challenge, particularly when devices are interacting. In response, MUD-Visualizer was designed to simplify the validation of individual and interacting MUD-Files through straightforward visualizations. In this work, we report on an evaluation of the usability and efficacy of MUD-Visualizer. The results illustrate that not only it is more usable compared to manual analysis, but the participants that used MUD-Visualizer also had more accurate results in less time. CCS CONCEPTS • Security and privacy → Human and societal aspects of security and privacy; Network security; • Computer systems organization → Embedded and cyber-physical systems.
ArXiv, 2020
Technology is uniquely positioned to help us analyze large amounts of information to provide valu... more Technology is uniquely positioned to help us analyze large amounts of information to provide valuable insight during widespread public health concerns, like the ongoing COVID-19 pandemic. In fact, information technology companies like Apple and Google have recently launched tools for contact tracing-the ability to process location data to determine the people who have been in contact with a possible patient, in order to contain the spread of the virus. While China and Singapore have successfully led the effort, more and more countries are now implementing such surveillance systems, raising potential privacy concerns about this long term surveillance. For example, it is not clear what happens to the information post-pandemic because people are more likely to share their information during a global crisis without governments having to elaborate on their data policies. Digital Ethnography on Twitter, which has over 330 million users worldwide, with a majority in the United States where...
2016 2nd International Conference on Contemporary Computing and Informatics (IC3I), 2016
Present article proposes a closed-form design expression of First Null Beam Width (FNBW) of a bro... more Present article proposes a closed-form design expression of First Null Beam Width (FNBW) of a broadside linear antenna array with Taylor distribution. The design expression is formulated by observing the variation of FNBW with respect to the number of elements, inter-element spacing and side-lobe ratio. Effectiveness of the proposed design expression is illustrated through comparative study.
WhatsApp, a leading platform for mobile messaging, with the largest user base being in India, inc... more WhatsApp, a leading platform for mobile messaging, with the largest user base being in India, incorporates features like Last Seen, Live Location, and sharing defaults which pose privacy challenges. Our study evaluates the risk perception of WhatsApp users in India, by analyzing their perceptions on several features. We implemented a survey, querying both privacy attitudes and privacy behaviors, with 213 Indian participants. We found the majority of participants reported that they actively use the privacy controls to restrict access to their information. We close by evaluating the fit of privacy settings and suggesting additional recommendations to address the privacy concerns of Indian participants.
The purpose of this study is to understand the privacy concerns and behavior of non-WEIRD populat... more The purpose of this study is to understand the privacy concerns and behavior of non-WEIRD populations in online messaging platforms. Analysis of surveys (n = 674) of WhatsApp users in Saudi Arabia and India revealed that Saudis had significantly higher concerns about being contacted by strangers. In contrast, Indians showed significantly higher concerns with respect to social contact from professional colleagues. Demographics impinge privacy preferences in both populations, but in different ways. Results from regression analysis show that there are statistically significant differences between the privacy behaviors of Saudis and Indians. In both cases, privacy concerns were strongly correlated with their reported privacy behaviors. Despite the differences, we identified technical solutions that could address the concerns of both populations of participants. We close by discussing the applicability of our recommendations, specifically those on transparency and consent, to other appli...
Proceedings of the 7th Mexican Conference on Human-Computer Interaction, 2018
Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems, 2020
A large proportion of email messages in an average Internet user's inbox are unwanted commercial ... more A large proportion of email messages in an average Internet user's inbox are unwanted commercial messages from mailing lists, bots, and so on. Although such messages often include instructions to unsubscribe, people still struggle with stopping unwanted email. We investigated the user experience of unsubscribing from unwanted email messages by recruiting 18 individuals for via a lab study followed by semi-structured interviews. Based on unsubscribing practices of the study participants, we synthesized eight common unsubscription mechanisms and identified the corresponding user experience challenges. We further uncovered alternative practices aimed at circumventing the need to unsubscribe. Our findings reveal frustration with the prevailing options for limiting access to the self by managing email boundaries. We apply our insight to offer design suggestions that could help commercial providers improve the user experience of unsubscribing and provide users more control over the email they receive.
XRDS: Crossroads, The ACM Magazine for Students, 2020
XRDS: Crossroads, The ACM Magazine for Students, 2021
XRDS • S P R I N G 2 0 2 1 • V O L . 2 7 • N O . 3 In the past few decades, predictive technology... more XRDS • S P R I N G 2 0 2 1 • V O L . 2 7 • N O . 3 In the past few decades, predictive technology has gained traction across industry and academia alike for gathering valuable insights from data. From predicting weather patterns to financial scores, researchers use predictive analytics on several variables with increasing accuracy. This article briefly introduces the concepts involved in predictive analytics as well as pointers to implementing such algorithms in R and Python. The first step to predictive analytics is data collection. Whether there is already an existing hypothesis or not, the data essentially guides what can be predicted. This makes predictive analytics inductive in nature. A good data set can generate more accurate projections. Once the data set is obtained, analysts need to clean and configure the data; this is done with the purpose of running mathematical operations on the data. For example, responses would need to be converted into numbers to then be classified into variable types. The third step is exploring the available data set to find relationships between variables that suit the research problem. Often, analysts start with an existing hypothesis and try to collect data that would help them answer a particular research question. For predictive analysis, however, it is more common for data exploration to lead toward hypothesis development based on patterns revealed in existing data. An important component of data exploration is visualization. In order to gain meaningful insights from data, it is important analysts are able to find an accurate way to visually represent data that would help them see patterns and form hypotheses. Both Python and R (like ggplot2) [1] have several packages that can be used to visualize data. Once a hypothesis is formed, we need to develop a model that fits relationships between the variables. In order to develop a statistical model that can predict, we first need a portion of our existing dataset to train the model. This training data is used to develop a statistical relationship between the desired variables. For example, if our variables are x and y, the model can be a generated linear relationship y=mx+c. We then test the model with the remaining dataset to check if this model can correctly predict the values of y when provided the corresponding values of x. The accuracy (calculated using a “confusion matrix”) of the model is tested to determine an acceptable level of deviance. There are several statistical and machine learning approaches that can be used to generate a model. While the most common statistical method is regression, several supervised and unsupervised machine-learning approaches have been developed and implemented in languages like R [2] and Python (using the scikit-learn package) [3] to build these models. Once a suitable model is developed, it is deployed as part of a particular software to generate real-time predictions. For example, financial institutions use several variables to generate credit scores, and as the values of the variables change, new scores are generated by projecting the available new data. Finally, the accuracy of the model is tested post-deployment through feedback. This is how these statistical models are validated through continuous testing to check if the available data overfits or underfits the prediction model. Accordingly, this feedback is used to modify future iterations for improvement. Thus, predictive modeling can be used to generate meaningful information from data that can be a beneficial supplement for research and development. However, predictive analytics goes only as far as the data used for modeling. Data quality, source, as well as variable count affect such models and they are not free from biases. There are also several ethical considerations that need to be taken into account as these algorithms are implemented in real-world settings.
Proceedings of the 7th Workshop on Socio-Technical Aspects in Security and Trust - STAST '17, 2018
Individual concerns about account takeover and subversion are well-documented. Surveys indicate t... more Individual concerns about account takeover and subversion are well-documented. Surveys indicate that concerns for the privacy and security of online accounts are widely shared. Adopting Two-Factor Authentication (2FA) is an action that individuals can take to secure their own accounts, including many popular consumerfacing services. Given that, why is two-factor hardware not more widely adopted? What usability and acceptability factors drive the adoption, or lack of adoption of 2FA in the form of trusted hardware? Passwords are inherently misaligned with human cognition, and hardware keys designed for ease of use are readily available in the marketplace. Yet passwords remain the dominant online authentication method. In order to be er understand relevant issues driving or impinging adoption of Two-Factor Authentication, we implemented a two-phase study of the Yubico FIDO U2F security key. e Yubico security key is a 2FA device designed to be user friendly. We examined the usability of the device by implementing a think-aloud protocol, and documented the halt and confusion
Human Aspects of Information Security and Assurance, 2021
Secure installation of Internet of Things (IoT) devices requires configuring access control corre... more Secure installation of Internet of Things (IoT) devices requires configuring access control correctly for each device. In order to enable correct configuration the Manufacturer Usage Description (MUD) has been developed by Internet Engineering Task Force (IETF) to automate the protection of IoT devices by micro-segmentation using dynamic access control lists. The protocol defines a conceptually straightforward method to implement access control upon installation by providing a list of every authorized access for each device. This access control list may contain a few rules or hundreds of rules for each device. As a result, validating these rules is a challenge. In order to make the MUD standard more usable for developers, system integrators, and network operators, we report on an interactive system called MUD-Visualizer that visualizes the files containing these access control rules. We show that, unlike manual analysis, the level of the knowledge and experience does not affect the accuracy of the analysis when MUD-Visualizer is used, indicating that the tool is effective for all participants in our study across knowledge and experience levels.
Human Aspects of Information Security and Assurance, 2021
Secure installation of Internet of Things (IoT) devices requires configuring access control corre... more Secure installation of Internet of Things (IoT) devices requires configuring access control correctly for each device. In order to enable correct configuration the Manufacturer Usage Description (MUD) has been developed by Internet Engineering Task Force (IETF) to automate the protection of IoT devices by micro-segmentation using dynamic access control lists. The protocol defines a conceptually straightforward method to implement access control upon installation by providing a list of every authorized access for each device. This access control list may contain a few rules or hundreds of rules for each device. As a result, validating these rules is a challenge. In order to make the MUD standard more usable for developers, system integrators, and network operators, we report on an interactive system called MUD-Visualizer that visualizes the files containing these access control rules. We show that, unlike manual analysis, the level of the knowledge and experience does not affect the accuracy of the analysis when MUD-Visualizer is used, indicating that the tool is effective for all participants in our study across knowledge and experience levels.
Proceedings of the 2nd Conference on Conversational User Interfaces, 2020
SSRN Electronic Journal, 2021
Willingness-To-Pay (WTP) is the most a person is willing to pay for a good or service. Conversely... more Willingness-To-Pay (WTP) is the most a person is willing to pay for a good or service. Conversely, Willingness-To-Accept (WTA) is the minimum amount a person is willing to accept for giving up a good or service. People often attribute a higher value for privacy in the WTA condition when compared to the WTP condition. In behavioral economics of privacy and security, this discrepancy between WTP and WTA has been explained by the endowment effect and the status-quo bias. In this study, we aim to emulate the effects of WTP and WTA through interface design. Specifically, we employed the principles of status-quo bias to build two versions of the IoT Marketplace. While one design of the marketplace emulated the WTA condition, the other emulated the WTP condition. In both versions of the marketplace, we communicated the aggregate privacy rating associated with the IoT device using the same indicator. We evaluated the effect the two interfaces had on product selection by conducting a study where participants were asked to purchase an IoT device using either a WTA interface or a WTP interface. Our results show that participants using the interface that emulated the WTA condition were more likely to pay a premium to purchase devices with a higher privacy rating when compared to the participants using the interface that emulated the WTP condition. We also append results showing that when asked to select items without making the purchases the same effect was more pronounced.
SSRN Electronic Journal, 2019
SSRN Electronic Journal, 2019
SSRN Electronic Journal, 2019
We offer an analysis of privacy perceptions and behaviors that focus on one of the most popular s... more We offer an analysis of privacy perceptions and behaviors that focus on one of the most popular social networking platforms in cultures where it is heavily used. WhatsApp is the most popular social platform in many parts of the world, specifically on the Arabian peninsula and India. Saudi Arabia has the highest density of WhatsApp adoption, and India has the largest number of WhatsApp adopters. Prior research on security and privacy in social applications have focused primarily on Western users, and thus on Facebook. We report on an analysis of privacy perceptions and behaviors of Arab and Indian WhatsApp users. We examine the results of surveys of a total of 820 Saudis, non-Saudi Arabs, and Indians who use WhatsApp for their daily interactions. Each survey queried participants` use (or avoidance) of features and their concerns about privacy in WhatsApp, as well as asking demographic questions. We report significantly different preferences and influences on behaviors. These differences, especially when it comes to gender, provide a nuanced and complex picture of privacy through the lens of WhatsApp use. We conclude with privacy recommendations for WhatsApp, specifically, and for privacy in social networks generally for Indian and Arabs WhatsApp customers. The recommendations address blocking, location sharing, and group dynamics to empower WhatsApp users in these populations.
X R D S • S U M M E R 2 0 2 1 • V O L . 2 7 • N O .4 T his article describes the efficient implem... more X R D S • S U M M E R 2 0 2 1 • V O L . 2 7 • N O .4 T his article describes the efficient implementation of cryptographic algorithms for message authentication code (MAC) generation using polynomial multiplication over the Galois field, GF (2x). Using intrinsic instructions introduced by Intel for the implementation of mathematical operations, and consequently, cryptographic algorithms on modern Intel Core processor family for the 32 nm Intel microarchitecture, codename “Westmere,” we describe the following: 1. implementation of the Karatsuba algorithm 2. implementation of the Reduction algorithm 3. implementation of Horners’ rule for generation of hash functions that are used for several cryptographic functions, including the Advanced Encryption Standard (AES). GROUPS AND FIELDS Let G be a non-empty set and let # be a binary operation on G. Then, (G,#) is a group if the following conditions are satisfied: (i) Associativity: x#(y#z) = (x#y)#z for all x ,y,z € G (ii) There exists an...
Annual Computer Security Applications Conference, 2021
The IETF Manufacturer Usage Description (MUD) standard was designed to protect IoT devices throug... more The IETF Manufacturer Usage Description (MUD) standard was designed to protect IoT devices through network micro-segmentation. In practice, this is implemented using per-device access control that is defined by the manufacturer. This access control is embedded in a "MUD-File", which is transferred to the user's network during the onboarding process, and may contain from one to hundreds of rules. Validating these rules for each device can be a challenge, particularly when devices are interacting. In response, MUD-Visualizer was designed to simplify the validation of individual and interacting MUD-Files through straightforward visualizations. In this work, we report on an evaluation of the usability and efficacy of MUD-Visualizer. The results illustrate that not only it is more usable compared to manual analysis, but the participants that used MUD-Visualizer also had more accurate results in less time. CCS CONCEPTS • Security and privacy → Human and societal aspects of security and privacy; Network security; • Computer systems organization → Embedded and cyber-physical systems.
ArXiv, 2020
Technology is uniquely positioned to help us analyze large amounts of information to provide valu... more Technology is uniquely positioned to help us analyze large amounts of information to provide valuable insight during widespread public health concerns, like the ongoing COVID-19 pandemic. In fact, information technology companies like Apple and Google have recently launched tools for contact tracing-the ability to process location data to determine the people who have been in contact with a possible patient, in order to contain the spread of the virus. While China and Singapore have successfully led the effort, more and more countries are now implementing such surveillance systems, raising potential privacy concerns about this long term surveillance. For example, it is not clear what happens to the information post-pandemic because people are more likely to share their information during a global crisis without governments having to elaborate on their data policies. Digital Ethnography on Twitter, which has over 330 million users worldwide, with a majority in the United States where...
2016 2nd International Conference on Contemporary Computing and Informatics (IC3I), 2016
Present article proposes a closed-form design expression of First Null Beam Width (FNBW) of a bro... more Present article proposes a closed-form design expression of First Null Beam Width (FNBW) of a broadside linear antenna array with Taylor distribution. The design expression is formulated by observing the variation of FNBW with respect to the number of elements, inter-element spacing and side-lobe ratio. Effectiveness of the proposed design expression is illustrated through comparative study.
WhatsApp, a leading platform for mobile messaging, with the largest user base being in India, inc... more WhatsApp, a leading platform for mobile messaging, with the largest user base being in India, incorporates features like Last Seen, Live Location, and sharing defaults which pose privacy challenges. Our study evaluates the risk perception of WhatsApp users in India, by analyzing their perceptions on several features. We implemented a survey, querying both privacy attitudes and privacy behaviors, with 213 Indian participants. We found the majority of participants reported that they actively use the privacy controls to restrict access to their information. We close by evaluating the fit of privacy settings and suggesting additional recommendations to address the privacy concerns of Indian participants.
The purpose of this study is to understand the privacy concerns and behavior of non-WEIRD populat... more The purpose of this study is to understand the privacy concerns and behavior of non-WEIRD populations in online messaging platforms. Analysis of surveys (n = 674) of WhatsApp users in Saudi Arabia and India revealed that Saudis had significantly higher concerns about being contacted by strangers. In contrast, Indians showed significantly higher concerns with respect to social contact from professional colleagues. Demographics impinge privacy preferences in both populations, but in different ways. Results from regression analysis show that there are statistically significant differences between the privacy behaviors of Saudis and Indians. In both cases, privacy concerns were strongly correlated with their reported privacy behaviors. Despite the differences, we identified technical solutions that could address the concerns of both populations of participants. We close by discussing the applicability of our recommendations, specifically those on transparency and consent, to other appli...
Proceedings of the 7th Mexican Conference on Human-Computer Interaction, 2018
Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems, 2020
A large proportion of email messages in an average Internet user's inbox are unwanted commercial ... more A large proportion of email messages in an average Internet user's inbox are unwanted commercial messages from mailing lists, bots, and so on. Although such messages often include instructions to unsubscribe, people still struggle with stopping unwanted email. We investigated the user experience of unsubscribing from unwanted email messages by recruiting 18 individuals for via a lab study followed by semi-structured interviews. Based on unsubscribing practices of the study participants, we synthesized eight common unsubscription mechanisms and identified the corresponding user experience challenges. We further uncovered alternative practices aimed at circumventing the need to unsubscribe. Our findings reveal frustration with the prevailing options for limiting access to the self by managing email boundaries. We apply our insight to offer design suggestions that could help commercial providers improve the user experience of unsubscribing and provide users more control over the email they receive.
XRDS: Crossroads, The ACM Magazine for Students, 2020
XRDS: Crossroads, The ACM Magazine for Students, 2021
XRDS • S P R I N G 2 0 2 1 • V O L . 2 7 • N O . 3 In the past few decades, predictive technology... more XRDS • S P R I N G 2 0 2 1 • V O L . 2 7 • N O . 3 In the past few decades, predictive technology has gained traction across industry and academia alike for gathering valuable insights from data. From predicting weather patterns to financial scores, researchers use predictive analytics on several variables with increasing accuracy. This article briefly introduces the concepts involved in predictive analytics as well as pointers to implementing such algorithms in R and Python. The first step to predictive analytics is data collection. Whether there is already an existing hypothesis or not, the data essentially guides what can be predicted. This makes predictive analytics inductive in nature. A good data set can generate more accurate projections. Once the data set is obtained, analysts need to clean and configure the data; this is done with the purpose of running mathematical operations on the data. For example, responses would need to be converted into numbers to then be classified into variable types. The third step is exploring the available data set to find relationships between variables that suit the research problem. Often, analysts start with an existing hypothesis and try to collect data that would help them answer a particular research question. For predictive analysis, however, it is more common for data exploration to lead toward hypothesis development based on patterns revealed in existing data. An important component of data exploration is visualization. In order to gain meaningful insights from data, it is important analysts are able to find an accurate way to visually represent data that would help them see patterns and form hypotheses. Both Python and R (like ggplot2) [1] have several packages that can be used to visualize data. Once a hypothesis is formed, we need to develop a model that fits relationships between the variables. In order to develop a statistical model that can predict, we first need a portion of our existing dataset to train the model. This training data is used to develop a statistical relationship between the desired variables. For example, if our variables are x and y, the model can be a generated linear relationship y=mx+c. We then test the model with the remaining dataset to check if this model can correctly predict the values of y when provided the corresponding values of x. The accuracy (calculated using a “confusion matrix”) of the model is tested to determine an acceptable level of deviance. There are several statistical and machine learning approaches that can be used to generate a model. While the most common statistical method is regression, several supervised and unsupervised machine-learning approaches have been developed and implemented in languages like R [2] and Python (using the scikit-learn package) [3] to build these models. Once a suitable model is developed, it is deployed as part of a particular software to generate real-time predictions. For example, financial institutions use several variables to generate credit scores, and as the values of the variables change, new scores are generated by projecting the available new data. Finally, the accuracy of the model is tested post-deployment through feedback. This is how these statistical models are validated through continuous testing to check if the available data overfits or underfits the prediction model. Accordingly, this feedback is used to modify future iterations for improvement. Thus, predictive modeling can be used to generate meaningful information from data that can be a beneficial supplement for research and development. However, predictive analytics goes only as far as the data used for modeling. Data quality, source, as well as variable count affect such models and they are not free from biases. There are also several ethical considerations that need to be taken into account as these algorithms are implemented in real-world settings.
Proceedings of the 7th Workshop on Socio-Technical Aspects in Security and Trust - STAST '17, 2018
Individual concerns about account takeover and subversion are well-documented. Surveys indicate t... more Individual concerns about account takeover and subversion are well-documented. Surveys indicate that concerns for the privacy and security of online accounts are widely shared. Adopting Two-Factor Authentication (2FA) is an action that individuals can take to secure their own accounts, including many popular consumerfacing services. Given that, why is two-factor hardware not more widely adopted? What usability and acceptability factors drive the adoption, or lack of adoption of 2FA in the form of trusted hardware? Passwords are inherently misaligned with human cognition, and hardware keys designed for ease of use are readily available in the marketplace. Yet passwords remain the dominant online authentication method. In order to be er understand relevant issues driving or impinging adoption of Two-Factor Authentication, we implemented a two-phase study of the Yubico FIDO U2F security key. e Yubico security key is a 2FA device designed to be user friendly. We examined the usability of the device by implementing a think-aloud protocol, and documented the halt and confusion
Human Aspects of Information Security and Assurance, 2021
Secure installation of Internet of Things (IoT) devices requires configuring access control corre... more Secure installation of Internet of Things (IoT) devices requires configuring access control correctly for each device. In order to enable correct configuration the Manufacturer Usage Description (MUD) has been developed by Internet Engineering Task Force (IETF) to automate the protection of IoT devices by micro-segmentation using dynamic access control lists. The protocol defines a conceptually straightforward method to implement access control upon installation by providing a list of every authorized access for each device. This access control list may contain a few rules or hundreds of rules for each device. As a result, validating these rules is a challenge. In order to make the MUD standard more usable for developers, system integrators, and network operators, we report on an interactive system called MUD-Visualizer that visualizes the files containing these access control rules. We show that, unlike manual analysis, the level of the knowledge and experience does not affect the accuracy of the analysis when MUD-Visualizer is used, indicating that the tool is effective for all participants in our study across knowledge and experience levels.
Human Aspects of Information Security and Assurance, 2021
Secure installation of Internet of Things (IoT) devices requires configuring access control corre... more Secure installation of Internet of Things (IoT) devices requires configuring access control correctly for each device. In order to enable correct configuration the Manufacturer Usage Description (MUD) has been developed by Internet Engineering Task Force (IETF) to automate the protection of IoT devices by micro-segmentation using dynamic access control lists. The protocol defines a conceptually straightforward method to implement access control upon installation by providing a list of every authorized access for each device. This access control list may contain a few rules or hundreds of rules for each device. As a result, validating these rules is a challenge. In order to make the MUD standard more usable for developers, system integrators, and network operators, we report on an interactive system called MUD-Visualizer that visualizes the files containing these access control rules. We show that, unlike manual analysis, the level of the knowledge and experience does not affect the accuracy of the analysis when MUD-Visualizer is used, indicating that the tool is effective for all participants in our study across knowledge and experience levels.
Proceedings of the 2nd Conference on Conversational User Interfaces, 2020
SSRN Electronic Journal, 2021
Willingness-To-Pay (WTP) is the most a person is willing to pay for a good or service. Conversely... more Willingness-To-Pay (WTP) is the most a person is willing to pay for a good or service. Conversely, Willingness-To-Accept (WTA) is the minimum amount a person is willing to accept for giving up a good or service. People often attribute a higher value for privacy in the WTA condition when compared to the WTP condition. In behavioral economics of privacy and security, this discrepancy between WTP and WTA has been explained by the endowment effect and the status-quo bias. In this study, we aim to emulate the effects of WTP and WTA through interface design. Specifically, we employed the principles of status-quo bias to build two versions of the IoT Marketplace. While one design of the marketplace emulated the WTA condition, the other emulated the WTP condition. In both versions of the marketplace, we communicated the aggregate privacy rating associated with the IoT device using the same indicator. We evaluated the effect the two interfaces had on product selection by conducting a study where participants were asked to purchase an IoT device using either a WTA interface or a WTP interface. Our results show that participants using the interface that emulated the WTA condition were more likely to pay a premium to purchase devices with a higher privacy rating when compared to the participants using the interface that emulated the WTP condition. We also append results showing that when asked to select items without making the purchases the same effect was more pronounced.
SSRN Electronic Journal, 2019
SSRN Electronic Journal, 2019
SSRN Electronic Journal, 2019
We offer an analysis of privacy perceptions and behaviors that focus on one of the most popular s... more We offer an analysis of privacy perceptions and behaviors that focus on one of the most popular social networking platforms in cultures where it is heavily used. WhatsApp is the most popular social platform in many parts of the world, specifically on the Arabian peninsula and India. Saudi Arabia has the highest density of WhatsApp adoption, and India has the largest number of WhatsApp adopters. Prior research on security and privacy in social applications have focused primarily on Western users, and thus on Facebook. We report on an analysis of privacy perceptions and behaviors of Arab and Indian WhatsApp users. We examine the results of surveys of a total of 820 Saudis, non-Saudi Arabs, and Indians who use WhatsApp for their daily interactions. Each survey queried participants` use (or avoidance) of features and their concerns about privacy in WhatsApp, as well as asking demographic questions. We report significantly different preferences and influences on behaviors. These differences, especially when it comes to gender, provide a nuanced and complex picture of privacy through the lens of WhatsApp use. We conclude with privacy recommendations for WhatsApp, specifically, and for privacy in social networks generally for Indian and Arabs WhatsApp customers. The recommendations address blocking, location sharing, and group dynamics to empower WhatsApp users in these populations.
X R D S • S U M M E R 2 0 2 1 • V O L . 2 7 • N O .4 T his article describes the efficient implem... more X R D S • S U M M E R 2 0 2 1 • V O L . 2 7 • N O .4 T his article describes the efficient implementation of cryptographic algorithms for message authentication code (MAC) generation using polynomial multiplication over the Galois field, GF (2x). Using intrinsic instructions introduced by Intel for the implementation of mathematical operations, and consequently, cryptographic algorithms on modern Intel Core processor family for the 32 nm Intel microarchitecture, codename “Westmere,” we describe the following: 1. implementation of the Karatsuba algorithm 2. implementation of the Reduction algorithm 3. implementation of Horners’ rule for generation of hash functions that are used for several cryptographic functions, including the Advanced Encryption Standard (AES). GROUPS AND FIELDS Let G be a non-empty set and let # be a binary operation on G. Then, (G,#) is a group if the following conditions are satisfied: (i) Associativity: x#(y#z) = (x#y)#z for all x ,y,z € G (ii) There exists an...