Browsing by Author "Christopher K. Chepken"

Now showing 1 - 3 of 3
  • No Thumbnail Available
    Item
    Assessing Identity Disclosure Risk in the Absence of Identified Datasets in the Public Domain
    (East African Journal of Information Technology, 2024-07-17) Peter N. Muturi; Andrew M. Kahonge; Christopher K. Chepken
    Data release is essential in supporting data analytics and secondary data analyses. However, data curators need to ensure the released datasets preserve data subjects’ privacy and retain analytical utility. Data privacy is achieved through the anonymisation of datasets before release.The risk of disclosure posed to the dataset should inform the level of anonymisation to be undertaken. As anonymisation achieves data privacy, it reduces the analytical utility of the dataset by introducing alterations to the original data values. Therefore, data curators require an appropriate estimate of the dataset’s identity disclosure risk to inform the required anonymisation that balances privacy and utility. The disclosure risk varies from one geographical region to another due to varying enabling factors. This paper assesses the disclosure risk and the enabling factors in an environment lacking identified datasets in the public domain. This study used a quasi-experimental design in carrying out an empirical identity disclosure test, where respondents were given an anonymised dataset and were required to disclose the identity of any of the records. The findings were that background knowledge of the released datasets was the primary enabler in the absence of identified datasets. Respondents could only disclose records in the dataset they had familiarity with. However, the disclosure risk was within an acceptable threshold. Therefore, the study concluded that in an environment lacking identified datasets in the public domain, reasonable anonymisation could achieve a balance of privacy and utility in datasets. The findings justify private data release able to support data analytics and secondary data analyses in environments lacking identified datasets in the public domain.
  • No Thumbnail Available
    Item
    End User Centric Quantitative Trust Model in Cloud Computing
    (American Journal of Computer Science and Engineering, 2024-07-17) Frankline Makokha; Christopher K. Chepken; Elisha Toyne Opiyo
    Current quantitative trust measurement models for computing platforms suffer from inherent subjectivity, during assignment of weights used in trust computation, limitation in portability of the models to different computing platforms, and the need to predefine all possible trustable states by some models that use multi agent systems. This paper proposes a quantification model that addresses the identified challenges. Explored models include QoS trust Model that computes Availability (AV), Reliability (RE), Data Integrity (DI) and Turnaround Efficiency (TE) of a resource. The values generated from these metrics are computed against assigned weights to arrive at the final trust value of the computing resource. A Computationally Grounded Quantitative Trust with Time which uses local and global defined trustworthy states has also been explored. The trustable states are predefined and using multi agents concepts, the agents are said to be trustworthy if they transit from local to global states that have been defined as trustworthy. This paper also explores a Quantitative Framework for accessing Cloud Security as a trust metric, using a dependency model that validates both the offered services and customer’s requirements, validated by checking service conflicts and different Service Level Obligation compatibility issues. The framework is composed of Security requirements definition, Requirements Quantification, Dependency management approach, Structuring security SLA services using Dependency Structure Matrix and Cloud Service Provider Evaluation. A model based on measurement theory relying on composite metrics, impression and confidence was also explored. It relies on user reviews, likes and dislikes posts. As a contribution to these existing models, this paper addresses the shortcomings of the existing models, in particular subjectivity in the derived trust, by proposing a quantitative trust model based on Confidence Interval. The model relies on QoS measurements from two systems, namely, the cloud provider integrated QoS monitoring system and a vendor neutral QoS monitoring model. Using a confidence interval of 95%, trust is computed based on whether the cloud provider’s QoS system results are within the range of the Vendor Neutral model results. The proposed model was applied to QoS results from two cloud computing providers, Microsoft and Google. From the results, users can build trust for the services from Microsoft and Google since the QoS results provided by the cloud provider integrated tool and the Vendor Neutral tool, during the experimentation period were within range, showing trustworthiness of the providers with regards to reporting the QoS of their platforms.
  • No Thumbnail Available
    Item
    Modeling Identity Disclosure Risk Estimation Using Kenyan Situation
    (The African Journal of Information Systems, 2024-07-17) Peter N. Muturi; Andrew M. Kahonge; Christopher K. Chepken; Evans K. Miriti
    Identity disclosure risk is an essential consideration in data anonymization aimed at preserving privacy and utility. The risk is regionally dependent. Therefore, there is a need for a regional empirical approach in addition to a theoretical approach in modeling disclosure risk estimation. Reviewed literature pointed to three influencers of the risk. However, we did not find literature on the combined effects of the three influencers and their predictive power. To fill the gap, this study modeled the risk estimation predicated on the combined effect of the three predictors using the Kenyan situation. The study validated the model by conducting an actual re-identification quasi-experiment. The adversary’s analytical competence, distinguishing power of the anonymized datasets, and linkage mapping of the identified datasets are presented as the predictors of the risk estimation. For each predictor, manifest variables are presented. Our presented model extends previous models and is capable of producing a realistic risk estimation.