Saudi Cultural Missions Theses & Dissertations

Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10

Browse

Start date: 2023Subject: search.filters.subject.Privacy

Search Results

Now showing 1 - 10 of 18
  • No Thumbnail Available
    ItemRestricted
    Privacy-aware Secure Authentication and Handover Protocols for 5G-enabled Mobile Communication
    (University of Sheffield, 2025) Alnashwan, Rabiah; Prosanta, Gope; Benjamin, Dowling
    The evolution of mobile communication has facilitated technological advancements that enable seamless global connectivity. With the advent of 5G technology, wireless communication has taken a significant leap forward, promising unparalleled speed, capacity, and connectivity. As we enter this era of advanced communication, we also need to consider its implications for security and privacy. The integration of 5G technology brings new opportunities and challenges, making it essential to thoroughly examine the security and privacy frameworks that support this advanced network. Compared to the previous mobile communication generations, 5G offers a more robust security infrastructure by strengthening two key protocols: Authentication and Key Agreement (AKA) and Handover (HO). Although 5G-AKA significantly improves security measures, it is worth noting that the current protocols lack support for several essential security and privacy properties, such as forward secrecy, forward privacy, and unlinkability. Thus, a critical need remains to address these gaps to ensure comprehensive protection in 5G networks. In response to the issues in respect of security and privacy, this thesis proposes three novel AKA and HO schemes. The three proposed schemes have different security and privacy goals that support improved security and privacy features compared to the conventional 5G-AKA and HO protocols currently utilized and other existing solutions. In particular, we examine challenges associated with integrating ultra-dense small cell networks (SCNs) into the 5G infrastructure. This exploration led us to investigate the concept of region-based handovers and to propose, to the best of our knowledge, the first scheme that provides privacy-preserving, secure inter-region-based AKA and HO scheme. This scheme provides secure authentication for roaming users with an efficient and seamless handover process. To enhance security and privacy measures further, we undertake an additional investigation into fortifying resilience against key compromise impersonation attacks. This involves proposing a novel, secure, privacy-preserving Universal Handover scheme (UniHand) tailored for SCNs within the 5G mobile communication framework. Finally, in pursuit of seamless compatibility with 5G networks, we introduce an improved iteration of the 5G-AKA and HO protocols. Referred to as Pretty Good User Privacy (PGUP), this novel symmetry-based scheme aims to mitigate security and privacy vulnerabilities inherent in the existing 5G-AKA and HO protocols while maintaining high compatibility with the 5G infrastructure.
    23 0
  • No Thumbnail Available
    ItemRestricted
    A Comparative Analysis Between GDPR and CCPA: How Regulatory Frameworks Address Privacy and Data Protection
    (King's college london, 2025) Mashat, Fatmah; Tim, Stevens
    This study undertook a comparative qualitative analysis between the European Union’s General Data Protection Regulation (GDPR) and the United States’ California Consumer Privacy Act (CCPA), two pivotal legal frameworks shaping modern data protection and privacy standards. Despite their shared objective of enhancing data privacy, these frameworks face different regulatory challenges. Thus, this study sought to answer the research question: How do these regulatory frameworks address privacy and data protection? The study’s main argument was that while both frameworks aim to protect individual data, their legal approaches and cultural foundations differ. The GDPR offers a more comprehensive and stringent consent model compared to the CCPA, which is more flexible and consumer-centred. To explore this, the study delved into how each regulation addresses enforcement penalties, legal specificity, consent, transparency, accountability, and stakeholder participation. The findings highlight the strengths and weaknesses of each regulation and provide recommendations for stakeholders to improve data protection.
    9 0
  • No Thumbnail Available
    ItemRestricted
    Privacy Regulation of Cellular Network Data: A Comparative Study with Recommendations for the Kingdom of Saudi Arabia
    (University of Waikato, 2023) Aldubayyan, Ahmed; Rumbles, Associate Wayne; Liao, Leo Z
    One of the primary economic objectives of multinational technology corporations is to amass a significant amount of personal data, potentially leading to significant infringements of individuals' privacy rights. The advent of the technology revolution has resulted in a swift evolution of privacy laws in numerous jurisdictions. This can be attributed to the enhanced capacity of governmental and commercial entities to monitor and accumulate extensive data, as well as the economic objectives of global technology corporations to amass copious amounts of personal information. The Kingdom of Saudi Arabia has yet to implement legal provisions that ensure the privacy rights of its citizens and has also not introduced any legislation that safeguards the confidentiality rights of its citizens. The Kingdom of Saudi Arabia is currently contemplating the possibility of implementing a privacy legislation that considers not only its own distinct national culture, but also the role of privacy within the cultures of the surrounding region, as well as on a global scale. Annually, a vast number of international tourists travel to the Kingdom of Saudi Arabia, which has established a comprehensive plan and outlook aimed at luring multinational corporations across diverse sectors. Due to the aforementioned circumstances, it is imperative for the Kingdom of Saudi Arabia to establish a robust legislative framework that can effectively protect personal data. It is noteworthy that the Kingdom of Saudi Arabia operates under the governance of Sharia Law and Islamic Jurisprudence, which serve to safeguard the entitlement to confidentiality and privacy of personal data. The preservation of privacy and confidentiality of personal information is a significant concern for the inhabitants of the Kingdom of Saudi Arabia, and they handle these issues with great sensitivity. In contemporary times, characterised by technological advancements and rapid global and economic development, it is imperative to institute legislation that protects the data and information infrastructure of the Kingdom of Saudi Arabia, in addition to the personal privacy of its populace. The thesis delves into the significance of privacy and examines the measures taken by various jurisdictions to safeguard the personal information of their residents. Additionally, it explores the potential lessons that the Kingdom of Saudi Arabia can draw from these examples.
    16 0
  • No Thumbnail Available
    ItemRestricted
    MEASURING AWARENESS AND ABILITY OF STUDENTS IN SECURING PERSONAL SENSITIVE DATA ON MOBILE PHONES
    (University of North Texas, 2024-12) Bukhari, Ahmed Abdulhakim; Allen, Jeff
    This study investigates the awareness and ability of students at the University of North Texas (UNT) in securing their personal and sensitive information on mobile phones. In an era marked by increasing digitization, mobile phones play a pivotal role in our daily lives, making it essential to understand the practices and knowledge of individuals when it comes to safeguarding their personal information. To achieve this, the study adopts a multidimensional approach through the integration of three prominent theoretical frameworks, which are the technology acceptance model (TAM), the theory of planned behavior (TPB), and protection motivation theory (PMT). This integrated framework enables a comprehensive understanding of student perceptions, intentions, and motivations concerning mobile phone security. To gather data, a quantitative research method was employed, using a structured survey in the form of a questionnaire. Respondents were asked to rate their agreement with various statements using a 5point Likert scale, ranging from 1 = strongly disagree to 5 = strongly agree. The survey included questions designed to assess student awareness, knowledge, attitudes, and behaviors related to securing personal information on their mobile phones. The findings of this study shed light on the existing gaps in the knowledge and practices of students related to mobile phone security. The outcomes can inform educational institutions and policymakers on the necessity of implementing awareness programs and security measures to protect personal information in the digital age. This research contributes to a deeper understanding of mobile phone security practices and paves the way for potential interventions to empower UNT students and users of mobile technology to protect their sensitive data effectively.
    52 0
  • No Thumbnail Available
    ItemRestricted
    AI-Driven Approaches for Privacy Compliance: Enhancing Adherence to Privacy Regulations
    (Univeristy of Warwick, 2024-02) Alamri, Hamad; Maple, Carsten
    This thesis investigates and explores some inherent limitations within the current privacy policy landscape, provides recommendations, and proposes potential solutions to address these issues. The first contribution of this thesis is a comprehensive study that addresses a significant gap in the literature. This study provides a detailed overview of the current landscape of privacy policies, covering both their limitations and proposed solutions, with the aim of identifying the most practical and applicable approaches for researchers in the field. Second, the thesis tackles the challenge of privacy policy accessibility in app stores by introducing the App Privacy Policy Extractor (APPE) system. The APPE pipeline consists of various components, each developed to perform a specific task and provide insightful information about the apps' privacy policies. By analysing over two million apps in the iOS App Store, APPE offers unprecedented and comprehensive store-wide insights into policy distribution and can act as a mechanism for enforcing privacy policy requirements in app stores automatically. Third, the thesis investigates the issue of privacy policy complexity. By establishing generalisability across app categories and drawing attention to associated matters of time and cost, the study demonstrates that the current situation requires immediate and effective solutions. It suggests several recommendations and potential solutions. Finally, to enhance user engagement with privacy policies, a novel framework utilising a cost-effective unsupervised approach, based on the latest AI innovations, has been developed. The comparison of the findings of this study with state-of-the-art methods suggests that this approach can produce outcomes that are on par with those of human experts, or even surpass them, yet in a more efficient and automated manner.
    23 0
  • No Thumbnail Available
    ItemRestricted
    The creation and proliferation of deepfake “adult content”
    (University of Sussex, 2024) AlZahrani, Ahmed; Rizov, Vladimir
    This study investigates the creation and proliferation of deepfake pornographic content, focusing on its causes, impacts on privacy and security, and the necessary measures to address the ethical and legal challenges it presents. The analysis identifies financial incentives, personal vendettas, and a fascination with technology as key motivations behind the creation of deepfakes. Victims suffer significant consequences, including psychological harm, social exclusion, and job loss. The role of social media and video-sharing platforms is critical in the spread of deepfakes due to insufficient content moderation and algorithmic oversight. Despite advancements in technological solutions and legal frameworks, there are still considerable gaps in preventing deepfakes. The study calls for a comprehensive strategy that includes technological innovations, robust legal measures, and public awareness to mitigate the impact of deepfakes. It also emphasizes the importance of future interdisciplinary research to improve detection, prevention, and support for victims.
    26 0
  • No Thumbnail Available
    ItemRestricted
    Saudi Millennials' Privacy Practices in the Age of the Personal Data Protection Law
    (Royal Holloway, University of London, 2024-08) Almutairi, Abdullah Ayed; Murphy, Sean
    Executive summary The project's objective is to assess the impact of Saudi Arabia's implementation of the Personal Data Protection Law (PDPL) on Saudi millennials' data privacy practices. Specifically, the study aims to (1) examine the level of awareness among Saudi millennials regarding the PDPL and the rights they have acquired under it; (2) assess their attitudes towards the effectiveness of the PDPL in protecting their personal data; and (3) investigate any changes in their personal data practices following the implementation of the PDPL. The project utilizes a quantitative methodology, using the Knowledge-Attitude￾Practice (KAP) model as a framework. We obtained data from a sample group of Saudi millennials by means of a survey. The survey was created with the purpose of assessing the participants' knowledge of the PDPL, their views on its effectiveness, and their individual handling of data practices following its implementation. We tested the research hypotheses and derived significant conclusions from the data through the application of statistical analysis, which encompassed both inferential and descriptive techniques. Key findings reveal that a large percentage of Saudi millennials lack an adequate understanding of the PDPL. Nevertheless, individuals with a sufficient level of awareness regarding the PDPL tended to follow better privacy practices. The findings also indicated that participants who were knowledgeable about the PDPL exhibited favourable attitudes towards its efficacy in enhancing personal data protection measures in Saudi Arabia. The project found that familiarity with the PDPL and appropriate perceptions of its efficacy resulted in an inclination to adhere to better practices. In conclusion, the implementation of the PDPL had an influence on the data privacy practices of Saudi millennials who were knowledgeable about it and its specifics. However, it is imperative to enhance awareness campaigns in order to augment the number of individuals who are knowledgeable about the PDPL and their rights under it. This will ultimately enhance privacy practices among Saudi citizens. The findings overall show that more awareness of the PDPL leads to improved privacy practices.
    31 0
  • Thumbnail Image
    ItemRestricted
    Leveraging Blockchain for Trust Enhancement in Decentralized Marketplaces: A Reputation System Perspective
    (Old Dominion University, 2024-07) Aljohani, Meshari; Olariu, Stephan; Mukkamala, Ravi
    Centralized marketplaces provide reliable reputation services through a central authority, but this raises concerns about single points of failure, user privacy, and data security. Decentralized marketplaces have emerged to address these issues by enhancing user privacy and transparency and eliminating single points of failure. However, decentralized marketplaces face the challenge of maintaining user trust without a centralized authority. Current blockchain-based marketplaces rely on subjective buyer feedback. Additionally, the transparency in these systems can deter honest reviews due to fear of seller retaliation. To address these issues, we propose a trust and reputation system using blockchain and smart contracts. Our system replaces unreliable buyer feedback with objective transaction assessments. Performance challenges of blockchain-based systems are tackled through three innovative schemes, resulting in a substantial improvement over the baseline approach. Furthermore, we proposed a decentralized marketplace utilizing blockchain-based smart contracts to address privacy concerns in buyer reviews that arise from the transparency of decentralized marketplaces. This enables buyers to use one-time identities for reviews to promote anonymity. This system ensures that buyers provide reviews by requiring a review fee, which is fully refunded after the review is submitted. Moreover, we proposed a trust and reputation service based on Laplace’s Law of Succession, where trust in a seller is defined as the subjective probability that they will fulfill their contractual obligations in the next transaction. This method accommodates multi-segment marketplaces and time-varying seller performance, predicts trust and reputation far into the future, and discounts older reputation scores. In addition, we propose SmartReview, an automated review system utilizing blockchain smart contracts to generate objective, bias-free reviews. The review module is designed as a smart contract that takes the contract terms and the evidence provided by the buyer and seller as inputs. It employs advanced computer vision and machine learning techniques to produce quantitative and qualitative reviews for each transaction, ensuring objectivity and eliminating reviewer bias. Lastly, we introduce a structured blockchain architecture featuring a layered approach. This architecture includes mechanisms for secure transaction recording and efficient query retrieval through auxiliary indexing, demonstrating significant advancements in decentralized data management.
    25 0
  • Thumbnail Image
    ItemRestricted
    CROSS-CULTURAL UNDERSTANDING OF HOW PEOPLE USE SECURE GROUP CHAT TOOLS IN THE UNITED KINGDOM AND SAUDI ARABIA
    (King’s College London, 2023-08-15) Alrabeah, Ghada; Abu-Salma, Ruba
    Group communication tools have gained widespread popularity, attracting over a billion users. However, questions arise, how closely are our messages being watched by external parties? Is end-to-end encryption implemented by the application? Many group communication tools either do not offer enough security features to protect their users or make it challenging for them to understand and use these features. This research discusses how users perceive and use secure group communication tools, focusing on users in the United Kingdom and Saudi Arabia. A mixed-methods approach involving interviews with 20 participants and a survey with 204 respondents was conducted. The study reveals key factors driving users' choices, their understanding of security and privacy, their willingness to adopt or not adopt secure group communication tools, and cultural differences. The findings underline the priority factors like popularity, usability, and being free, as influential in tool selection. Users express willingness to use secure tools, yet gaps arise between intention and practice, attributed to misconceptions, motivation, and trust concerns. Privacy practices vary between cultures, with Saudi participants showing more caution. On the other hand, the UK displays higher trust levels in communication tools compared to Saudi Arabia. These cultural influences shape communication priorities, with Saudis leaning toward group communication and the UK prioritizing individual communications. Despite these differences, the study suggests the potential for universally secure applications catering to diverse user needs. The study offers recommendations for tool design that help improve the adoption of secure group communication.
    6 0
  • Thumbnail Image
    ItemRestricted
    A Trust-Based Mechanism to Manage User Privacy in University Smart Buildings
    (Newcastle University, 2024-06-17) Taher, Rawan; Morisset, Charles
    Smart buildings employ a diverse range of technologies, including sensors, to monitor the environment and create a comfortable space for users via data collection. This monitoring reveals data about users' activities that could raise privacy concerns. In recent years, privacy has received increasing attention in smart home environments. Several studies have proposed solutions that allow smart home users to retain control over data collection and manage their privacy. However, little attention has been paid to user privacy in smart buildings that serve as places of work or study. Research on privacy in smart buildings has predominantly focused on technical aspects, with relatively limited public voice engagement in the literature. In order to effectively manage smart building environments, it is necessary to collect data. However, it is equally important to prioritise and respect the privacy principles and regulations. Users in smart buildings typically have limited or no ownership or control over captured data, along with limited awareness and insufficient disclosure from the building management which limits their ability to manage their privacy. This stands in contrast to smart home users who often possess partial ownership and control over their infrastructure. Privacy management in smart buildings poses a significant challenge, consequently, there is a need to identify a privacy design mechanism that can incorporate users' voices into the data practices and find a balanced trade-off between the utility and privacy of smart building data. In this thesis, three studies are conducted to make significant contributions to the management of user privacy in university smart buildings. The first contribution involves analysing the impact of various building technologies on users' privacy. These technologies are then mapped to different facets of privacy harm using the Solove taxonomy. The second contribution involves conducting semi-structured interviews to understand users' privacy perceptions, preferences, and trade-offs, thereby identifying key requirements for privacy mechanisms in smart buildings. The third contribution involves a confirmatory study aimed at designing a privacy mechanism for smart buildings. In light of these contributions, this thesis introduces a trust-based privacy design mechanism called the Privacy Committee. The main goal of the Privacy Committee is to incorporate user voices into the decision-making process concerning data sharing and to establish comprehensive oversight of data practices within smart buildings.
    22 0

Copyright owned by the Saudi Digital Library (SDL) © 2025