Sebastian Pape

Sascha Löbner, Sebastian Pape, Vanessa Bracamonte et al.

Using Privacy-Enhancing Technologies (PETs) for machine learning often influences the characteristics of a machine learning approach, e.g., the needed computational power, timing of the answers or how the data can be utilized. When designing a new service, the developer faces the problem that some decisions require a trade-off. For example, the use of a PET may cause a delay in the responses or adding noise to the data to improve the users' privacy might have a negative impact on the accuracy of the machine learning approach. As of now, there is no structured way how the users' perception of a machine learning based service can contribute to the selection of Privacy Preserving Machine Learning (PPML) methods. This is especially a challenge since one cannot assume that users have a deep technical understanding of these technologies. Therefore, they can only be asked about certain attributes that they can perceive when using the service and not directly which PPML they prefer. This study introduces a decision support framework with the aim of supporting the selection of PPML technologies based on user preferences. Based on prior work analysing User Acceptance Criteria (UAC), we translate these criteria into differentiating characteristics for various PPML techniques. As a final result, we achieve a technology ranking based on the User Acceptance Criteria while providing technology insights for the developers. We demonstrate its application using the use case of classifying privacy-relevant information. Our contribution consists of the decision support framework which consists of a process to connect PPML technologies with UAC, a process for evaluating the characteristics that separate PPML techniques, and a ranking method to evaluate the best PPML technique for the use case.

David Harborth, Dominik Herrmann, Stefan Köpsell et al.

The AN.ON-Next project aims to integrate privacy-enhancing technologies into the internet's infrastructure and establish them in the consumer mass market. The technologies in focus include a basis protection at internet service provider level, an improved overlay network-based protection and a concept for privacy protection in the emerging 5G mobile network. A crucial success factor will be the viable adjustment and development of standards, business models and pricing strategies for those new technologies.

Julian Dax, Ana Ivan, Benedikt Ley et al.

As part of the research project "Secure information networks of small- and medium-sized energy providers" (SIDATE), a survey about the IT security status of German energy providers was conducted. The project itself is focused on the IT security of small- and medium-sized energy providers. In August 2016, 881 companies listed by the Federal Network Agency were approached. Between, September 1 st 2016 and October 15 th 2016, 61 (6.9%) of the companies replied. The questionnaire focuses on the implementation of the regulatory requirements and on the implementation of an information security management system (ISMS). Additionally, questions about the energy control system, the network structure, processes, organisational structures, and the IT department were asked. Questions were asked in German, so all questions and answers are translated for this report. ----- Innerhalb des Forschungsprojektes "Sichere Informationsnetze bei kleinen und mittleren Energieversorgern" (SIDATE) wurde eine Umfrage zum Stand der IT-Sicherheit bei deutschen Stromnetzbetreibern durchgeführt. Das Projekt selbst beschäftigt sich mit der nformations-Sicherheit bei kleinen und mittleren Energieversorgern. Zur Durchführung der Umfrage wurden alle 881 im August 2016 bei der Bundesnetzagentur gelisteten Betreiber angeschrieben. In dem Umfragezeitraum vom 1. September 2016 bis zum 15. Oktober 2016 antworten 61 (6.9%) der Betreiber. Der Fragebogen fokussiert die Umsetzung der rechtlichen Anforderungen und die Implementierung eines Informationssicherheitsmanagementsystems (ISMS). Weiterhin wurden Fragen zu dem Leitsystem, Netzaufbau, Prozessen, organisatorischen Strukturen und der Büro-IT gestellt.