Löhr, Hans ; Sadeghi, Ahmad-Reza ; Vishik, Claire ; Winandy, Marcel (2009)
Trusted Privacy Domains - Challenges for Trusted Computing in Privacy-Protecting Information Sharing.
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
With the growing use of the Internet, users need to reveal an increasing amount of private information when accessing online services, and, with growing integration, this information is shared among services. Although progress was achieved in acknowledging the need to design privacy-friendly systems and protocols, there are still no satisfactory technical privacy-protecting solutions that reliably enforce user-defined flexible privacy policies. Today, the users can assess and analyze privacy policies of data controllers, but they cannot control access to and usage of their private data beyond their own computing environment. In this paper, we propose a conceptual framework for user-controlled formal privacy policies and examine elements of its design and implementation. In our vision, a Trusted Personal Information Wallet manages private data according to a user-defined privacy policies. We build on Trusted Virtual Domains (TVDs), leveraging trusted computing and virtualization to construct privacy domains for enforcing the user's policy. We present protocols for establishing these domains, and describe the implementation of the building blocks of our framework. Additionally, a simple privacy policy for trusted privacy domains functioning between different organizations and entities across networks is described as an example. Finally, we identify future research challenges in this area.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2009 |
| Autor(en): | Löhr, Hans ; Sadeghi, Ahmad-Reza ; Vishik, Claire ; Winandy, Marcel |
| Art des Eintrags: | Bibliographie |
| Titel: | Trusted Privacy Domains - Challenges for Trusted Computing in Privacy-Protecting Information Sharing |
| Sprache: | Deutsch |
| Publikationsjahr: | April 2009 |
| Verlag: | Springer |
| Buchtitel: | 5th Information Security Practice and Experience Conference (ISPEC'09) |
| Reihe: | LNCS |
| Band einer Reihe: | 5451 |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | With the growing use of the Internet, users need to reveal an increasing amount of private information when accessing online services, and, with growing integration, this information is shared among services. Although progress was achieved in acknowledging the need to design privacy-friendly systems and protocols, there are still no satisfactory technical privacy-protecting solutions that reliably enforce user-defined flexible privacy policies. Today, the users can assess and analyze privacy policies of data controllers, but they cannot control access to and usage of their private data beyond their own computing environment. In this paper, we propose a conceptual framework for user-controlled formal privacy policies and examine elements of its design and implementation. In our vision, a Trusted Personal Information Wallet manages private data according to a user-defined privacy policies. We build on Trusted Virtual Domains (TVDs), leveraging trusted computing and virtualization to construct privacy domains for enforcing the user's policy. We present protocols for establishing these domains, and describe the implementation of the building blocks of our framework. Additionally, a simple privacy policy for trusted privacy domains functioning between different organizations and entities across networks is described as an example. Finally, we identify future research challenges in this area. |
| Freie Schlagworte: | Secure Things;Trusted Computing, Trusted Virtual Domains |
| ID-Nummer: | TUD-CS-2009-1853 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Systemsicherheit LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt |
| Hinterlegungsdatum: | 10 Mär 2016 10:18 |
| Letzte Änderung: | 03 Jun 2018 21:31 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum