Enabling Privacy in IT Service Operations
Authors: 
Rohit Gupta, Rishabh Kumar, Sutapa Mondal, Mangesh Gharote, 
Sachin LodhaAuthors Info & Claims
Rohit Gupta, Rishabh Kumar, Sutapa Mondal, Mangesh Gharote, Sachin LodhaAuthors Info & ClaimsPages 310 - 319
Abstract
IT service operations involve handling sensitive customer data, which gets logged into the system in the form of tickets describing the issues faced by customer. An authorized agent tasked with resolving a ticket may get exposed to sensitive customer information, which can lead to privacy breach, impacting the customer and potentially damaging the reputation of the organization. To address this issue, we propose a framework that minimizes sensitive data exposure to preserve privacy in IT service operations. Our framework quantifies the sensitive data misuse by an agent based on the information aggregated at their end. The sensitive data within ticket is masked and the flow of ticket is regulated to restrict the sensitive data aggregation. Additionally, we introduce a simulator, PESO (Privacy Enabled Service Operation), to study and demonstrate the implications of privacy settings on various service operation parameters.
References
[1]
Bai X, Gopal R, Nunez M, and Zhdanov D A decision methodology for managing operational efficiency and information disclosure risk in healthcare processes Decis. Support Syst. 2014 57 406-416
[2]
Benitez K and Malin B Evaluating re-identification risks with respect to the HIPAA privacy rule J. Am. Med. Inform. Assoc. 2010 17 2 169-177
[3]
De Capitani di Vimercati, S., Genovese, A., Livraga, G., Piuri, V., Scotti, F.: Chapter 57 - privacy and security in environmental monitoring systems: issues and solutions. In: Vacca, J.R. (ed.) Computer and Information Security Handbook (Third Edition), 3rd edn., pp. 823–841. Morgan Kaufmann, Boston (2013).
[4]
Fang, M., Sun, M., Li, Q., Gong, N.Z., Tian, J., Liu, J.: Data poisoning attacks and defenses to crowdsourcing systems. In: Proceedings of the Web Conference 2021, WWW 2021, pp. 969-980. Association for Computing Machinery, New York (2021)
[5]
Gartner: IT service management platforms reviews and ratings (2024). https://www.gartner.com/reviews/market/it-service-management-platforms. Accessed 01 May 2024
[6]
Gupta HS and Sengupta B Liu C, Ludwig H, Toumani F, and Yu Q Scheduling service tickets in shared delivery Service-Oriented Computing 2012 Heidelberg Springer 79-95
[7]
Harel A, Shabtai A, Rokach L, and Elovici Y M-score: a misuseability weight measure IEEE Trans. Dependable Secure Comput. 2012 9 3 414-428
[8]
Koo, M.: Technology won’t protect your data-humans must come first (2023). https://www.forbes.com/sites/forbestechcouncil/2023/03/30/technology-wont-protect-your-data-humans-must-come-first. Accessed 01 May 2024
[9]
Krishnan M, Srinivasan MK, and Mathews CA Fong S, Dey N, and Joshi A Agent score-based intelligent incident allocation engine ICT Analysis and Applications 2021 Singapore Springer 289-307
[10]
Kumar, R., Gupta, R., Mondal, S., Gharote, M., Gauravaram, P., Lodha, S.: Privacy preservation in service operations by minimizing sensitive data exposure. In: 2024 21st Annual International Conference on Privacy, Security and Trust (PST) (2024). (in press)
[11]
Mansour HO, Siraj MM, Ghaleb FA, Saeed F, Alkhammash EH, and Maarof MA Quasi-identifier recognition algorithm for privacy preservation of cloud data based on risk reidentification Wirel. Commun. Mob. Comput. 2021 2021 1-13
[12]
Mondal S, Gharote MS, and Lodha SP Privacy of personal information: going incog in a goldfish bowl Queue 2022 20 3 41-87
[13]
Phuke, N., Saurabh, S., Gharote, M., Lodha, S.: PETA: privacy enabled task allocation. In: 2020 IEEE International Conference on Services Computing (SCC), pp. 226–233 (2020).
[14]
Silva, P., Gonçalves, C., Godinho, C., Antunes, N., Curado, M.: Using NLP and machine learning to detect data privacy violations. In: IEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 972–977 (2020).
[15]
Storchak, Y.: Insider threat statistics for 2024: reports, facts, actors, and costs (2024). https://www.ekransystem.com/en/blog/insider-threat-statistics-facts-and-figures. Accessed 01 May 2024
Index Terms
- Enabling Privacy in IT Service Operations
Index terms have been assigned to the content through auto-classification.
Recommendations
Freedom of Privacy: Anonymous Data Collection with Respondent-Defined Privacy Protection
The massive amount of sensitive survey data about individuals that agencies collect and share through the Internet is causing a great deal of privacy concerns. These concerns may discourage individuals from revealing their sensitive information. ...
On two RFID privacy notions and their relations
Privacy of RFID systems is receiving increasing attention in the RFID community. Basically, there are two kinds of RFID privacy notions in the literature: one based on the indistinguishability of two tags, denoted as ind-privacy, and the other based on ...
Privacy protection by typing in ubiquitous computing systems
A novel privacy type system is proposed to protect the privacy of context information in ubiquitous computing systems.The subject reduction property of the proposed type system is formally established to guarantee that a well-typed process can only ...
Comments
Information & Contributors
Information
Published In
Dec 2024
500 pages
ISBN:978-3-031-80019-1
DOI:10.1007/978-3-031-80020-7
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 16 December 2024
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 16 Feb 2025