Protection Goals for Privacy Engineering

Six protection goals provide a common scheme for addressing the legal, technical, economic, and societal dimensions of privacy and data protection in complex IT systems. In this paper, each of these is analyzed for state of the art in implementation, existing techniques and technologies, and future research indications.

[1]  Tobias Pulls,et al.  Privacy-Preserving Transparency-Enhancing Tools , 2012 .

[2]  Dear Mr Sotiropoulos ARTICLE 29 Data Protection Working Party , 2013 .

[3]  Martin Rost Standardisierte Datenschutzmodellierung , 2012, Datenschutz und Datensicherheit - DuD.

[4]  Wouter Joosen,et al.  A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements , 2011, Requirements Engineering.

[5]  A. Cavoukian Operationalizing Privacy by Design: A Guide to Implementing Strong Privacy Practices , 2012 .

[6]  G. Danezis,et al.  Privacy and Data Protection by Design , 2015 .

[7]  Marit Hansen,et al.  Transparency Tools , 2011, Privacy and Identity Management for Life.

[8]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[9]  Andreas Pfitzmann Multilateral Security: Enabling Technologies and Their Evaluation , 2006, ETRICS.

[10]  Rafail Ostrovsky,et al.  Deniable Encryption , 1997, IACR Cryptol. ePrint Arch..

[11]  Eva Geisberger,et al.  acatech STUDIE März 2012 > agendaCPS , 2012 .

[12]  Miguel Correia,et al.  DepSky: Dependable and Secure Storage in a Cloud-of-Clouds , 2013, TOS.

[13]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[14]  Marit Hansen,et al.  Privacy and Identity Management , 2008, IEEE Security & Privacy.

[15]  Ebenezer Paintsil Privacy and Security Risks Analysis of Identity Management Systems , 2013 .

[16]  Marit Hansen,et al.  Privacy Protection Goals and Their Implications for eID Systems , 2011, PrimeLife.

[17]  Markus G. Kuhn,et al.  Information hiding-a survey , 1999, Proc. IEEE.

[18]  M. Bouaziz,et al.  An Introduction to Computer Security , 2012 .

[19]  Marit Hansen,et al.  Top 10 Mistakes in System Design from a Privacy Perspective and Privacy Protection Goals , 2011, PrimeLife.

[20]  Jan Camenisch,et al.  Fully Anonymous Attribute Tokens from Lattices , 2012, SCN.

[21]  César A. Hidalgo,et al.  Unique in the Crowd: The privacy bounds of human mobility , 2013, Scientific Reports.

[22]  Stefanos Gritzalis,et al.  Addressing privacy requirements in system design: the PriS method , 2008, Requirements Engineering.

[23]  Bruno Crispo,et al.  Privacy and Identity Management for Life , 2011, IFIP Advances in Information and Communication Technology.

[24]  Joe Kilian Secure Computation , 2011, Encyclopedia of Cryptography and Security.

[25]  Kai Rannenberg Recent Development in Information Technology Security Evaluation - The Need for Evaluation Criteria for Multilateral Security , 1993, Security and Control of Information Technology in Society.

[26]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[27]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[28]  Christoph Sobotta,et al.  The distinction between privacy and data protection in the jurisprudence of the CJEU and the ECtHR , 2013 .

[29]  Andreas Pfitzmann,et al.  Properties of protection goals and their integration into a user interface , 2000, Comput. Networks.

[30]  Marit Hansen,et al.  Towards Displaying Privacy Information with Icons , 2010, PrimeLife.

[31]  William J. Caelli,et al.  Non-Repudiation in the Digital Environment , 2000, First Monday.

[32]  Octavian Catrina,et al.  Secure Collaborative Supply-Chain Management , 2011, Computer.

[33]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[34]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[35]  Patrick Birkinshaw,et al.  FREEDOM OF INFORMATION AND OPENNESS: FUNDAMENTAL HUMAN RIGHTS? , 2006 .

[36]  Kirsten Bock Privacy by Design and the New Protection Goals , 2011 .

[37]  Florian Kerschbaum,et al.  Towards Privacy-Preserving XML Transformation , 2011, 2011 IEEE International Conference on Web Services.

[38]  Thomas Probst Generische Schutzmaßnahmen für Datenschutz-Schutzziele , 2012, Datenschutz und Datensicherheit - DuD.

[39]  Meiko Jensen Towards Privacy-Friendly Transparency Services in Inter-organizational Business Processes , 2013, 2013 IEEE 37th Annual Computer Software and Applications Conference Workshops.

[40]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .

[41]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[42]  Andreas Pfitzmann,et al.  Datenschutz-Schutzziele — revisited , 2009, Datenschutz und Datensicherheit - DuD.

[43]  Massimo Barbaro,et al.  A Face Is Exposed for AOL Searcher No , 2006 .

[44]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[45]  Jaap-Henk Hoepman,et al.  Privacy Design Strategies (extended abstract) , 2014 .

[46]  Jan Camenisch Cryptographic primitives for building secure and privacy respecting protocols , 2011, CCS '11.

[47]  Josep Domingo-Ferrer,et al.  Privacy and Data Protection by Design - from policy to engineering , 2014, ArXiv.