Privacy and Identity

The current mainstream approach to privacy protection is to release as little personal data as possible (data minimisation). To this end, Privacy Enhancing Technologies (PETs) provide anonymity on the application and network layers, support pseudonyms and help users to control access to their personal data, e.g., through identity management systems. However, protecting privacy by merely minimising disclosed data is not sufficient as more and more electronic applications (such as in the eHealth or the eGovernment sectors) require personal data. For today's information systems, the processing of released data has to be controlled (usage control). This chapter presents technical and organisational solutions elaborated within FIDIS on how privacy can be preserved in spite of the disclosure of personal data.

[1]  Pierangela Samarati,et al.  Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression , 1998 .

[2]  Im-Yeong Lee,et al.  A Study on the E-Cash System with Anonymity and Divisibility , 2005, ICCSA.

[3]  Christian Grothoff,et al.  gap - Practical Anonymous Networking , 2003, Privacy Enhancing Technologies.

[4]  Jaehong Park,et al.  The UCONABC usage control model , 2004, TSEC.

[5]  Daniel J. Solove A Taxonomy of Privacy , 2006 .

[6]  Nabil R. Adam,et al.  Security-control methods for statistical databases: a comparative study , 1989, ACM Comput. Surv..

[7]  Leland L. Beck,et al.  A security machanism for statistical database , 1980, TODS.

[8]  Peter J. Denning,et al.  The tracker: a threat to statistical database security , 1979, TODS.

[9]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[10]  Shlomi Dolev,et al.  Buses for Anonymous Message Delivery , 2003, Journal of Cryptology.

[11]  Audun Jøsang,et al.  Usability and Privacy in Identity Management Architectures , 2007, ACSW.

[12]  Sebastian Clauß,et al.  Identity management and its support of multilateral security , 2001, Comput. Networks.

[13]  Jadwiga Indulska,et al.  Context Obfuscation for Privacy via Ontological Descriptions , 2005, LoCA.

[14]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[15]  Dawu Gu,et al.  A New Offline Privacy Protecting E-cash System with Revokable Anonymity , 2002, ISC.

[16]  B. Clifford Neuman,et al.  Proxy-based authorization and accounting for distributed systems , 1993, [1993] Proceedings. The 13th International Conference on Distributed Computing Systems.

[17]  Qi Wang,et al.  On the privacy preserving properties of random data perturbation techniques , 2003, Third IEEE International Conference on Data Mining.

[18]  Alexander Pretschner,et al.  Distributed usage control , 2006, CACM.

[19]  Warwick Ford,et al.  Secure electronic commerce , 1997 .

[20]  Norman S. Matloff Another Look at the Use of Noise Addition for Database Security , 1986, 1986 IEEE Symposium on Security and Privacy.

[21]  Mark Levene,et al.  Data Mining of User Navigation Patterns , 1999, WEBKDD.

[22]  Ingemar J. Cox,et al.  Digital Watermarking and Steganography , 2014 .

[23]  David Chaum,et al.  Showing Credentials Without Identification: SIgnatures Transferred Between Unconditionally Unlinkable Pseudonyms , 1985, EUROCRYPT.

[24]  Dorothy E. Denning,et al.  Secure statistical databases with random sample queries , 1980, TODS.

[25]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[26]  Rafael Accorsi Automated Privacy Audits to Complement the Notion of Control for Identity Management , 2007, IDMAN.

[27]  L. Bygrave Data Protection Law, Approaching Its Rationale, Logic and Limits , 2002 .

[28]  Andreas Pfitzmann,et al.  Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[29]  Gultekin Özsoyoglu,et al.  Auditing and Inference Control in Statistical Databases , 1982, IEEE Transactions on Software Engineering.

[30]  Jan Schlörer,et al.  Information Loss in Partitioned Statistical Databases , 1983, Comput. J..

[31]  Richard J. Lipton,et al.  Secure databases: protection against user influence , 1979, TODS.

[32]  Peter A. Rosen,et al.  Protecting Data through Perturbation Techniques: The Impact on Knowledge Discovery in Databases , 2003, J. Database Manag..

[33]  Günter Müller,et al.  Privacy with Delegation of Rights by Identity Management , 2006, ETRICS.

[34]  H. Nissenbaum Privacy as contextual integrity , 2004 .

[35]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[36]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[37]  Tuomas Aura,et al.  Distributed Access-Rights Managements with Delegations Certificates , 2001, Secure Internet Programming.

[38]  Abhi Shelat,et al.  Privacy and identity management for everyone , 2005, DIM '05.

[39]  Christian Schaefer,et al.  Mechanisms for usage control , 2008, ASIACCS '08.

[40]  S. Sitharama Iyengar,et al.  Discovery of Web frequent patterns and user characteristics from Web access logs: a framework for dynamic Web personalization , 2000, Proceedings 3rd IEEE Symposium on Application-Specific Systems and Software Engineering Technology.

[41]  Siani Pearson,et al.  Towards accountable management of identity and privacy: sticky policies and enforceable tracing services , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[42]  Hoeteck Wee,et al.  Toward Privacy in Public Databases , 2005, TCC.

[43]  Siani Pearson,et al.  An Adaptive Privacy Management System for Data Repositories , 2005, TrustBus.

[44]  Matthias Baumgarten,et al.  User-Driven Navigation Pattern Discovery from Internet Data , 1999, WEBKDD.

[45]  David Chaum,et al.  The dining cryptographers problem: Unconditional sender and recipient untraceability , 1988, Journal of Cryptology.

[46]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[47]  Jon M. Kleinberg,et al.  Auditing Boolean attributes , 2000, PODS.

[48]  Michael Waidner,et al.  Platform for Enterprise Privacy Practices: Privacy-Enabled Management of Customer Data , 2002, Privacy Enhancing Technologies.

[49]  Günter Müller,et al.  The Freiburg Privacy Diamond: An Attacker Model for a Mobile Computing Environment , 2003, KiVS Kurzbeiträge.

[50]  Joan Feigenbaum,et al.  The Role of Trust Management in Distributed Systems Security , 2001, Secure Internet Programming.

[51]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[52]  Jan Camenisch,et al.  Design and implementation of the idemix anonymous credential system , 2002, CCS '02.

[53]  Alan J. Broder Data Mining, the Internet, and Privacy , 1999, WEBKDD.

[54]  Ton Kalker,et al.  Chapter 12 – Steganography , 2008 .

[55]  Chris Clifton,et al.  SECURITY AND PRIVACY IMPLICATIONS OF DATA MINING , 1996 .

[56]  Rafael Accorsi,et al.  Personalization in privacy-aware highly dynamic systems , 2006, CACM.

[57]  Daniel Cvrcek,et al.  On the role of contextual information for privacy attacks and classification , 2004 .