Guntrum Laura Gianna, Güldenring Benjamin, Kuntke Franz, Reuter Christian
Science and Technology for Peace and Security (PEASEC), Department of Computer Science, Technical University of Darmstadt, Pankratiusstraße 2, 64289 Darmstadt, Germany.
Secure Identity, Department of Computer Science, Freie Universität Berlin, Schwendenerstraße 1, 14195 Berlin, Germany.
Z Friedens Konfliktforsch. 2022;11(2):95-128. doi: 10.1007/s42597-022-00088-2. Epub 2023 Jan 10.
Given the lack of empirical examples of how research can be conducted via digital means in sensitive contexts, this paper provides a threat model using Afghanistan, where the Taliban took power in August 2021, as an example. Both technical and non-technical research-related risks are analyzed, paying attention to research ethics, data security, and privacy. We argue that any threat model and risk analysis is highly context-dependent. Our analysis reveals that in certain research processes, human security does not necessarily coincide with data security and that an ambivalence exists between privacy and usability. In addition to the concrete threat analysis, the paper identifies some general technical solutions (e.g., encryption methods, communication software) for different research steps to foster secure and ethically justifiable research.
鉴于缺乏关于如何在敏感环境中通过数字手段开展研究的实证案例,本文以2021年8月塔利班掌权的阿富汗为例,提供了一个威胁模型。分析了与研究相关的技术和非技术风险,同时关注研究伦理、数据安全和隐私。我们认为,任何威胁模型和风险分析都高度依赖于具体情境。我们的分析表明,在某些研究过程中,人的安全不一定与数据安全相一致,隐私和可用性之间存在矛盾。除了具体的威胁分析,本文还针对不同的研究步骤确定了一些通用的技术解决方案(如加密方法、通信软件),以促进安全且符合伦理的研究。