论文信息 - On Privacy in Business Processes - Observing Delegation of Personal Data by using Digital Watermarking

On Privacy in Business Processes - Observing Delegation of Personal Data by using Digital Watermarking

Privacy in business processes for personalized services is currently a matter of trust. Business processes require the delegation of personal data and users are not able to control their delegation and so their usage. Existing privacy-enhancing technologies consider access control but not usage control of personal data. Current work on usage control considers especially formalization of usage rules, so called obligations, and their enforcement by using mechanisms of Digital Rights Management, secure logging of access requests for an ex post enforcement, and the non-linkable delegation of access rights to personal data. However, either these enforcement mechanisms do not consider a delegation of personal data or they assume trustworthy data consumers or data providers respectively. We investigate on digital watermarking in order to observe the enforcement of obligations for a delegation of personal data without mandatory trusting in service providers.

[1] Alexander Pretschner,et al. Distributed usage control , 2006, CACM.

[2] Rafael Accorsi. Automated Privacy Audits to Complement the Notion of Control for Identity Management , 2007, IDMAN.

[3] Alexander Pretschner,et al. On Obligations , 2005, ESORICS.

[4] Siani Pearson,et al. An Adaptive Privacy Management System for Data Repositories , 2005, TrustBus.

[5] Birgit Pfitzmann,et al. Asymmetric Fingerprinting (Extended Abstract) , 1996, EUROCRYPT.

[6] Ingemar J. Cox,et al. Digital Watermarking and Steganography , 2014 .

[7] Michael Waidner,et al. Privacy-enabled services for enterprises , 2002, Proceedings. 13th International Workshop on Database and Expert Systems Applications.

[8] Torben P. Pedersen. Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[9] Heiko Mantel,et al. Information Flow Control and Applications - Bridging a Gap , 2001, FME.

[10] Günter Müller,et al. Privacy with Delegation of Rights by Identity Management , 2006, ETRICS.

[11] Christian Schaefer,et al. Usage Control Enforcement: Present and Future , 2008, IEEE Security & Privacy.

[12] Kian-Lee Tan,et al. WmXML: A System for Watermarking XML Data , 2005, VLDB.