Lecture Notes in Computer Science 5185

More documents

Recommendations

Info

172 J.O. Oberender and H. de Meer References [1] Pfitzmann, A., Hansen, M.: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management - a consolidated proposal for terminology (2008) http://dud.inf.tu-dresden.de/Anon Terminology.shtml [2] Serjantov, A., Newman, R.E.: On the anonymity of timed pool mixes. In: SEC – Workshop on Privacy and Anonymity Issues, vol. 250, pp. 427–434. Kluwer, Dordrecht (2003) [3] Díaz, C., Seys, S., Claessens, J., Preneel, B.: Towards measuring anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003) [4] Tóth, G., Hornák, Z., Vajda, F.: Measuring Anonymity Revisited. In: Nordic Workshop on Secure IT Systems, pp. 85–90 (2004) [5] Dingledine, R., Mathewson, N.: Anonymity loves company: Usability and the network effect. In: Workshop on the Economics of Information Security (2006) [6] Acquisti, A., Dingledine, R., Syverson, P.: On the economics of anonymity. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 84–102. Springer, Heidelberg (2003) [7] Chaum, D.: The dining cryptographers problem: unconditional sender and recipient untraceability. Journal of Cryptology 1, 65–75 (1988) [8] Delahaye, J.P., Mathieu, P.: The iterated lift dilemma or how to establish metacooperation with your opponent. Chaos & Society (1996) [9] Mahajan, R., Rodrig, M., Wetherall, D., Zahorjan, J.: Experiences applying game theory to system design. In: ACM SIGCOMM workshop on Practice and theory of incentives in networked systems (PINS), pp. 183–190. ACM, New York (2004) [10] Golle, P., Juels, A.: Dining cryptographers revisited. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 456–473. Springer, Heidelberg (2004) [11] Bos, J.N., den Boer, B.: Detection of Disrupters in the DC Protocol. In: Workshop on the theory and application of cryptographic techniques on Advances in cryptology, pp. 320–327 (1989) [12] Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: A system for anonymous and unobservable Internet access. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 115–129. Springer, Heidelberg (2001) [13] Rennhard, M., Plattner, B.: Introducing MorphMix: peer-to-peer based anonymous internet usage with collusion detection. In: ACM workshop on Privacy in the Electronic Society (WPES), pp. 91–102 (2002)
Obligations: Building a Bridge between Personal and Enterprise Privacy in Pervasive Computing Susana Alcalde Bagüés 1,2 , Jelena Mitic 1 , Andreas Zeidler 1 , Marta Tejada 2 , Ignacio R. Matias 2 , and Carlos Fernandez Valdivielso 2 1 Siemens AG, Corporate Technology Munich, Germany {susana.alcalde.ext,jelena.mitic,a.zeidler}@siemens.com 2 Public University of Navarra Department of Electrical and Electronic Engineering Navarra, Spain {tejada.43281,carlos.fernandez,natxo}@unavarra.es Abstract. In this paper we present a novel architecture for extending the traditional notion of access control to privacy-related data toward a holistic privacy management system. The key elements used are obligations. They constitute a means for controlling the use of private data even after the data was disclosed to some third-party. Today’s laws mostly are regulating the conduct of business between an individual and some enterprise. They mainly focus on long-lived and static relationships between a user and a service provider. However, due to the dynamic nature of pervasive computing environments, rather more sophisticated mechanisms than a simple offer/accept-based privacy negotiation are required. Thus, we introduce a privacy architecture which allows a user not only to negotiate the level of privacy needed in a rather automated way but also to track and monitor the whole life-cycle of data once it has been disclosed. 1 Introduction Over the last few years privacy topics have attracted the attention of many researches working in the field of Pervasive Computing. The existing common understanding is: the envisioned age of invisible computing is only feasible if people have control over the circumstances under which their personal data is disclosed and how it is processed thereafter. The demand is clear: we should design pervasive computing environments aware of their users’ privacy preferences. So far, most efforts are centered around privacy control for enterprises, like E-P3P [1] and EPAL [2]. However, we argue that pervasive computing settings demand an additional level of personal privacy complementing enterprise privacy in important aspects. Personal privacy is concerned with maintaining a user’s privacy preferences. In our opinion, for guaranteeing an individual’s right for privacy, it is necessary to empower a user to decide on the exchange of personal data on a much finer-grained level than possible today. Apart from such mechanisms that provide access control for commercial use, and more recently obligations management [3], users should have their own personalized context-aware privacy access control, and additionally the possibility of monitoring the post-disclosure life-cycle S.M. Furnell, S.K. Katsikas, and A. Lioy (Eds.): TrustBus 2008, LNCS 5185, pp. 173–184, 2008. c○ Springer-Verlag Berlin Heidelberg 2008
Page 1 and 2:
Lecture Notes in Computer Science 5
Page 3 and 4:
Volume Editors Steven Furnell Unive
Page 5 and 6:
Program Committee General Chairpers
Page 7 and 8:
Invited Lecture Table of Contents B
Page 9 and 10:
Biometrics - How to Put to Use and
Page 11 and 12:
Biometrics-HowtoPuttoUseandHowNotat
Page 13 and 14:
Biometrics-HowtoPuttoUseandHowNotat
Page 15 and 16:
7 Outlook Biometrics-HowtoPuttoUsea
Page 17 and 18:
A Map of Trust between Trading Part
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Implementation of a TCG-Based Trust
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
A Model for Trust Metrics Analysis
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
Page 47 and 48:
Patterns and Pattern Diagrams for A
Page 49 and 50:
Page 51 and 52:
Policy Model AC model Patterns and
Page 53 and 54:
Broker Investor Doctor Patient 1
Page 55 and 56:
Page 57 and 58:
A Spatio-temporal Access Control Mo
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
Page 67 and 68:
A Mechanism for Ensuring the Validi
Page 69 and 70:
Page 71 and 72:
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Multilateral Secure Cross-Community
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
Fairness Emergence through Simple R
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Combining Trust and Reputation Mana
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
Controlling Usage in Business Proce
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
A Semantics Rules for POLPA-Control
Page 125 and 126:
Page 127 and 128:
Spatiotemporal Connectives for Secu
Page 129 and 130: Spatiotemporal Connectives for Secu
Page 131 and 132: Spatiotemporal Connectives for Secu
Page 133 and 134: 5.2 Expressiveness Spatiotemporal C
Page 135 and 136: Acknowledgement Spatiotemporal Conn
Page 137 and 138: BusiROLE: A Model for Integrating B
Page 147 and 148: The Problem of False Alarms: Evalua
Page 149 and 150: The Problem of False Alarms 141 pro
Page 151 and 152: The Problem of False Alarms 143 To
Page 153 and 154: The Problem of False Alarms 145 mad
Page 155 and 156: The Problem of False Alarms 147 Des
Page 157 and 158: The Problem of False Alarms 149 3.
Page 159 and 160: A Generic Intrusion Detection Game
Page 171 and 172: On the Design Dilemma in Dining Cry
Page 179: On the Design Dilemma in Dining Cry
Page 183 and 184: Obligations: Building a Bridge betw
Page 193 and 194: A User-Centric Protocol for Conditi
Page 199 and 200: Identity Escrow: A User-Centric Pro
Page 203 and 204: Preservation of Privacy in Thwartin
Page 213: Agudo, Isaac 28 Aich, Subhendu 118
show all

Lecture Notes in Computer Science 5185

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?