Privacy-Enhancing Identity Management in Business

DOI: 10.1007/978-3-642-19050-6_7


Businesses make use of data routinely for daily operations, including sensitive and/or personal data. Personal data and information
are, inter alia, seen as means towards customization of services for employees and for customers.

Some elements of this processing of personal information and some practices have come under increasing scrutiny due to privacy
concerns. There is undoubtedly a call for better privacy management in organisations, and a tendency to strengthen privacy
regulations and policies up to the point where some of the current processes may even become impossible to execute or become
outlawed. However, a basic fact is that even if users want maxmium privacy in business dealings, unless organisations can
support these privacy requests, the users will not get their wish.

1 Follower
8 Reads
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper proposes an identification scheme realizing an authentication system with smart cards. The proposed scheme satisfies the following properties simultaneously: security, unlinkability in multi-service environment and memory efficiency, although a system which satisfies only two of these properties can be constructed with trivial extensions of existing systems. However, to the best of our knowledge, there has not existed a system that satisfies all of these properties. Unlinkability in multi-service environment is a property of privacy protection such that user’s actions or preferences are not linked by the adversary by analyzing logs from distinct service providers. We first present an identification scheme for multi-service environment, which utilizes pseudorandom functions. We then give a formal definition of unlinkability in multi-service environment, and prove that our scheme is secure, unlinkable and memory efficient.
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper focuses on authentication with three types of entities: a user who sends an authentication request, anser- vice provider who receives and verifies the request, and a database who supplies the authentication-server with infor- mation for verifying the request. This paper presents novel authentication protocols that satisfy the following impor- tant properties: (1) secure against replay attacks and (2) the database cannot identify which user is authenticating First, we show a protocol with a single database which satisfies Properties (2). Second, we show a protocol which satisfies Properties (1) and (2). A key idea of our authentication protocols is to useprivate information retrieval (PIR) (Chor et al. J. ACM, 1998).
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: There exist well established models for anonymity focusing on trac analysis, i.e., analysing properties of single messages as, e.g., timing. However there is only little work done that use linkability in- formation, that is information about the probability that two messages have been sent by the same sender. In this paper we model information about linkability between messages as a weighted graph. We show lower and upper bounds with regards to the usefulness of linkability information for matching messages to senders. In addition to that we present simulation results, showing to which extent a matching of messages to senders is possible by using linkability information with dierent grades of noise.
    Privacy Enhancing Technologies, 9th International Symposium, PETS 2009, Seattle, WA, USA, August 5-7, 2009. Proceedings; 01/2009
Show more