The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Universiti mengumpul dan memproses sejumlah besar Maklumat Pengenalan Peribadi (PII) semasa pendaftaran dan sepanjang interaksi dengan individu. Walau bagaimanapun, PII pelajar boleh didedahkan kepada orang ramai dengan memuat naik dokumen bersama-sama dengan notis universiti tanpa persetujuan dan kesedaran, yang boleh menyebabkan individu berisiko terhadap pelbagai penipuan yang berbeza, seperti kecurian identiti, penipuan atau pancingan data. Dalam kertas kerja ini, kami melakukan analisis mendalam tentang kebocoran PII pelajar di universiti Vietnam. Sepanjang pengetahuan kami, kami adalah yang pertama menjalankan kajian menyeluruh mengenai ketirisan PII pelajar di institusi pengajian tinggi. Kami mendapati bahawa 52.8% universiti Vietnam membocorkan PII pelajar, termasuk satu atau lebih jenis data peribadi, dalam dokumen di tapak web mereka. Adalah penting untuk ambil perhatian bahawa PII yang terjejas termasuk jenis data sensitif, pelajar rekod kesihatan and agama. Selain itu, kebocoran PII pelajar bukanlah fenomena baharu dan ia berlaku tahun demi tahun sejak 2005. Akhir sekali, kami membentangkan kajian dengan 23 pekerja universiti Vietnam yang telah bekerja pada PII pelajar untuk mendapatkan pemahaman yang lebih mendalam tentang situasi ini dan membayangkan penyelesaian konkrit. Hasilnya sangat mengejutkan: pekerja sangat mengetahui konsep PII pelajar. Namun begitu, kebocoran PII pelajar masih berlaku disebabkan tabiat kerja mereka atau kekurangan sistem pengurusan dan peraturan. Oleh itu, universiti Vietnam harus mengambil pendirian yang lebih aktif untuk melindungi data pelajar dalam situasi ini.
Ha DAO
NII
Quoc-Huy VO
Sokendai
Tien-Huy PHAM
VNUHCM-UIT
Kensuke FUKUDA
NII,Sokendai
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Salinan
Ha DAO, Quoc-Huy VO, Tien-Huy PHAM, Kensuke FUKUDA, "I Never Trust My University for This! Investigating Student PII Leakage at Vietnamese Universities" in IEICE TRANSACTIONS on Information,
vol. E106-D, no. 12, pp. 2048-2056, December 2023, doi: 10.1587/transinf.2023EDP7078.
Abstract: Universities collect and process a massive amount of Personal Identifiable Information (PII) at registration and throughout interactions with individuals. However, student PII can be exposed to the public by uploading documents along with university notice without consent and awareness, which could put individuals at risk of a variety of different scams, such as identity theft, fraud, or phishing. In this paper, we perform an in-depth analysis of student PII leakage at Vietnamese universities. To the best of our knowledge, we are the first to conduct a comprehensive study on student PII leakage in higher educational institutions. We find that 52.8% of Vietnamese universities leak student PII, including one or more types of personal data, in documents on their websites. It is important to note that the compromised PII includes sensitive types of data, student medical record and religion. Also, student PII leakage is not a new phenomenon and it has happened year after year since 2005. Finally, we present a study with 23 Vietnamese university employees who have worked on student PII to get a deeper understanding of this situation and envisage concrete solutions. The results are entirely surprising: the employees are highly aware of the concept of student PII. However, student PII leakage still happens due to their working habits or the lack of a management system and regulation. Therefore, the Vietnamese university should take a more active stand to protect student data in this situation.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2023EDP7078/_p
Salinan
@ARTICLE{e106-d_12_2048,
author={Ha DAO, Quoc-Huy VO, Tien-Huy PHAM, Kensuke FUKUDA, },
journal={IEICE TRANSACTIONS on Information},
title={I Never Trust My University for This! Investigating Student PII Leakage at Vietnamese Universities},
year={2023},
volume={E106-D},
number={12},
pages={2048-2056},
abstract={Universities collect and process a massive amount of Personal Identifiable Information (PII) at registration and throughout interactions with individuals. However, student PII can be exposed to the public by uploading documents along with university notice without consent and awareness, which could put individuals at risk of a variety of different scams, such as identity theft, fraud, or phishing. In this paper, we perform an in-depth analysis of student PII leakage at Vietnamese universities. To the best of our knowledge, we are the first to conduct a comprehensive study on student PII leakage in higher educational institutions. We find that 52.8% of Vietnamese universities leak student PII, including one or more types of personal data, in documents on their websites. It is important to note that the compromised PII includes sensitive types of data, student medical record and religion. Also, student PII leakage is not a new phenomenon and it has happened year after year since 2005. Finally, we present a study with 23 Vietnamese university employees who have worked on student PII to get a deeper understanding of this situation and envisage concrete solutions. The results are entirely surprising: the employees are highly aware of the concept of student PII. However, student PII leakage still happens due to their working habits or the lack of a management system and regulation. Therefore, the Vietnamese university should take a more active stand to protect student data in this situation.},
keywords={},
doi={10.1587/transinf.2023EDP7078},
ISSN={1745-1361},
month={December},}
Salinan
TY - JOUR
TI - I Never Trust My University for This! Investigating Student PII Leakage at Vietnamese Universities
T2 - IEICE TRANSACTIONS on Information
SP - 2048
EP - 2056
AU - Ha DAO
AU - Quoc-Huy VO
AU - Tien-Huy PHAM
AU - Kensuke FUKUDA
PY - 2023
DO - 10.1587/transinf.2023EDP7078
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E106-D
IS - 12
JA - IEICE TRANSACTIONS on Information
Y1 - December 2023
AB - Universities collect and process a massive amount of Personal Identifiable Information (PII) at registration and throughout interactions with individuals. However, student PII can be exposed to the public by uploading documents along with university notice without consent and awareness, which could put individuals at risk of a variety of different scams, such as identity theft, fraud, or phishing. In this paper, we perform an in-depth analysis of student PII leakage at Vietnamese universities. To the best of our knowledge, we are the first to conduct a comprehensive study on student PII leakage in higher educational institutions. We find that 52.8% of Vietnamese universities leak student PII, including one or more types of personal data, in documents on their websites. It is important to note that the compromised PII includes sensitive types of data, student medical record and religion. Also, student PII leakage is not a new phenomenon and it has happened year after year since 2005. Finally, we present a study with 23 Vietnamese university employees who have worked on student PII to get a deeper understanding of this situation and envisage concrete solutions. The results are entirely surprising: the employees are highly aware of the concept of student PII. However, student PII leakage still happens due to their working habits or the lack of a management system and regulation. Therefore, the Vietnamese university should take a more active stand to protect student data in this situation.
ER -