Image of Harold van Heerde

dr. ir. H.J.W. (Harold) van Heerde

Director / Co-owner at Irias Information Management
Email: harold vanheerde.net
(NB: mail to my previous adress (heerdehjw@ewi.utwente.nl) will not be read)

Personalia

Harold van Heerde graduated in February 2006 at the University of Twente on a thesis named "Life-Cycle Privacy Policies for the Ambient Intelligence", where he had been reading Computer Science since 2000. Prior to that he visited the Zuyderzee College in Emmeloord, where he attented the 'VWO'. His extra-curricular activities included the chairman-ship of the board of the IAPC-foundation.

Harold received his PhD degree on the 4th of June, 2010, after participating in the NWO-VIDI and BRICKS funded project "Towards Context-Aware Data Management for Ambient Intelligence", which has been supervised by Prof. Dr. Peter Apers in close coorperation with the SMIS team of INRIA Rocquencourt in France. Having started in March 2006, his main area of research focused on Privacy-aware Data Management. His thesis can be found here.

As from March 2010, Harold worked as a consultant information technology at Witteveen+Bos. Witteveen+Bos offers its clients value-added consultancy and top-quality designs for water, infrastructure, spatial development, environment and construction projects.

In April 2013, Harold left Witteveen+Bos and started Irias information management together with his associate Jeroen Nijhuis. Irias focuses on data integration, data analysis, and data-as-a-service. They combine technical know-how with concultancy skills, making it possible to quickly identify and fulfill their customer needs with innovative solutions.

In his free time Harold enjoyes sporting (football, cycling, jogging, squash, skiing et cetera), photography, and reading. Since 2006 he again participates in the board of IAPC, which he left again in 2009.

Privacy-aware data management by means of data degradation

Service-providers collect more and more privacy-sensitive information, even though it is hard to protect this information against hackers, abuse of weak privacy policies, negligence, and malicious database administrators. In my thesis, we take the position that endless retention of privacy-sensitive information will inevitably lead to unauthorized data-disclosure. Limiting the retention of privacy-sensitive information limits the amount of stored data and therefore the impact of such a disclosure.

A problem of limited retention is that the retention period is often overstated in advantage of the service-provider. We model the interests of service-provider and user in an abstract, qualitative way; when such a model is quantitatively specified, it is possible to calculate the optimal retention period for the joint interest of service-provider and user. The all-or-nothing behavior of limited retention is too rigorous: the data will be completely destroyed, also destroying any possible use of the data. Progressively degrading a data item instead of removing the data item in one single step makes it possible to balance the interests of service-provider and user better than limited retention can do. At every degradation step, the precision of a data item will be decreased. Degraded data is supposed to be less privacy-sensitive, and still usable enough to motivate a longer storage.

However, removing data from a database system is not a straightforward task; data degradation has an impact on the storage structure, indexing, transaction management, and logging mechanisms. To show the feasibility of data degradation, we provide several techniques to implement it; mainly, a combination of keeping data sorted on degradation time and using encryption techniques where possible. The techniques are founded with a prototype implementation and a theoretical analysis.

Finally, we explore several models which build further on the basic data degradation model. This gives different perspectives from which data degradation can be used.

2010

van Heerde, H.J.W. (2010) Vervagende persoonsgegevens: een levensloopregeling voor privacygevoelige gegevens. In: Privacy en Informatie Nr. 6 2010. Uitgeverij Paris, Nederland. ISSN 1388-0241
van Heerde, H.J.W. (2010) Degrading data, defining privacy. In: Public service review european union 20. PSCA international Ltd., United Kingdom. ISSN 1472-3395
van Heerde, H.J.W. (2010) Privacy-aware data management by means of data degradation -making private data less sensitive over time. PhD thesis, Univ. of Twente. CTIT Ph.D.-thesis series No. 10-166 ISBN 978-90-365-3002-6

2009

van Heerde, H.J.W. and Fokkinga, M.M. and Anciaux, N.L.G. (2009) A framework to balance privacy and data usability using data degradation. In: Proceedings of the International Conference on Computational Science and Engineering (CSE2009), 29-31 Aug 2009, Vancouver, Canada. pp. 146-153. IEEE Computer Society Press. ISBN 978-0-7695-3823-5

2008

Anciaux, N.L.G. and Bouganim, L. and van Heerde, H.J.W. and Pucheral, P. and Apers, P.M.G. (2008) InstantDB: Enforcing Timely Degradation of Sensitive Data. In: Proceedings of the 24th International Conference on Data Engineering (ICDE2008), 7-12 April 2008, Cancun, Mexico. pp. 1373-1375. IEEE Computer Society Press. ISBN 978-1-4244-1837-4
Anciaux, N.L.G. and Bouganim, L. and van Heerde, H.J.W. and Pucheral, P. and Apers, P.M.G. (2008) Data Degradation: Making Private Data Less Sensitive Over Time. In: Proceedings of the 17th ACM Conference on Information and Knowledge Management (CIKM2008), 26-30 Oct 2008, Napa valley, California, USA. pp. 1401-1402. ACM. ISBN 978-1-59593-991-3
Anciaux, N.L.G. and Bouganim, L. and van Heerde, H.J.W. and Pucheral, P. and Apers, P.M.G. (2008) The Life-Cycle Policy model. Research report RR-6577, Institut National de Recherche en Informatique et en Automatique, Rocquencourt, France. ISSN 0249-6399
Serdyukov, P. and Feng, L. and van Bunningen, A.H. and Evers, S. and van Heerde, H.J.W. and Apers, P.M.G. and Fokkinga, M.M. and Hiemstra, D. (2008) The right expert at the right time and place: From expertise identification to expertise selection. In: Proceedings of the 7th International Conference on Practical Aspects of Knowledge Management (PAKM2008), 21-23 Nov 2008, Yokohama, Japan. pp. 38-49. Lecture Notes in Artificial Intelligence 5345. Springer Verlag. ISSN 0302-9743 ISBN 978-3-540-89446-9

2007

van Heerde, H.J.W. and Anciaux, N.L.G. and Fokkinga, M.M. and Apers, P.M.G. (2007) Exploring personalized life cycle policies. Technical Report TR-CTIT-07-85, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625

2006

Anciaux, N.L.G. and van Heerde, H.J.W. and Feng, L. and Apers, P.M.G. (2006) Implanting Life-Cycle Privacy Policies in a Context Database. Technical Report TR-CTIT-06-03, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625
van Heerde, H.J.W. (2006) Life-Cycle Privacy Policies for the Ambient Intelligence. Master's thesis, University of Twente.
van Heerde, H.J.W. and Anciaux, N.L.G. (2006) Data degradation to enhance privacy for the Ambient Intelligence. Technical Report TR-CTIT-06-74, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625
van Heerde, H.J.W. and Anciaux, N.L.G. and Feng, L. and Apers, P.M.G. (2006) Balancing smartness and privacy for the Ambient Intelligence. In: Proceedings of the 1st European Conference on Smart Sensing and Context (EuroSCC 2006), 25-27 Oct 2006, Enschede, The Netherlands. pp. 255-258. Lecture Notes in Computer Science 4272. Springer Verlag. ISBN 3-540-47842-6

2005

van Heerde, H.J.W. and Fokkinga, M.M. (2005) De databasearchitectuur van Panradio --- een zelflerende gedistribueerde muziekspeler. Database Magazine DB/M, 16 (5). pp. 41-44. ISSN 0925-6911

Awards

Master students