Löhr, Hans ; Sadeghi, Ahmad-Reza ; Vishik, Claire ; Winandy, Marcel
:
Trusted Privacy Domains - Challenges for Trusted Computing in Privacy-Protecting Information Sharing.
In: LNCS
, 5451
.
Springer
[Konferenz- oder Workshop-Beitrag], (2009)
Kurzbeschreibung (Abstract)
With the growing use of the Internet, users need to reveal an increasing amount of private information when accessing online services, and, with growing integration, this information is shared among services. Although progress was achieved in acknowledging the need to design privacy-friendly systems and protocols, there are still no satisfactory technical privacy-protecting solutions that reliably enforce user-defined flexible privacy policies. Today, the users can assess and analyze privacy policies of data controllers, but they cannot control access to and usage of their private data beyond their own computing environment. In this paper, we propose a conceptual framework for user-controlled formal privacy policies and examine elements of its design and implementation. In our vision, a Trusted Personal Information Wallet manages private data according to a user-defined privacy policies. We build on Trusted Virtual Domains (TVDs), leveraging trusted computing and virtualization to construct privacy domains for enforcing the user's policy. We present protocols for establishing these domains, and describe the implementation of the building blocks of our framework. Additionally, a simple privacy policy for trusted privacy domains functioning between different organizations and entities across networks is described as an example. Finally, we identify future research challenges in this area.
| Typ des Eintrags: | Konferenz- oder Workshop-Beitrag (Keine Angabe) |
|---|---|
| Erschienen: | 2009 |
| Autor(en): | Löhr, Hans ; Sadeghi, Ahmad-Reza ; Vishik, Claire ; Winandy, Marcel |
| Titel: | Trusted Privacy Domains - Challenges for Trusted Computing in Privacy-Protecting Information Sharing |
| Sprache: | Deutsch |
| Kurzbeschreibung (Abstract): | With the growing use of the Internet, users need to reveal an increasing amount of private information when accessing online services, and, with growing integration, this information is shared among services. Although progress was achieved in acknowledging the need to design privacy-friendly systems and protocols, there are still no satisfactory technical privacy-protecting solutions that reliably enforce user-defined flexible privacy policies. Today, the users can assess and analyze privacy policies of data controllers, but they cannot control access to and usage of their private data beyond their own computing environment. In this paper, we propose a conceptual framework for user-controlled formal privacy policies and examine elements of its design and implementation. In our vision, a Trusted Personal Information Wallet manages private data according to a user-defined privacy policies. We build on Trusted Virtual Domains (TVDs), leveraging trusted computing and virtualization to construct privacy domains for enforcing the user's policy. We present protocols for establishing these domains, and describe the implementation of the building blocks of our framework. Additionally, a simple privacy policy for trusted privacy domains functioning between different organizations and entities across networks is described as an example. Finally, we identify future research challenges in this area. |
| Buchtitel: | 5th Information Security Practice and Experience Conference (ISPEC'09) |
| Reihe: | LNCS |
| Band: | 5451 |
| Verlag: | Springer |
| Freie Schlagworte: | Secure Things;Trusted Computing, Trusted Virtual Domains |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Systemsicherheit LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt |
| Hinterlegungsdatum: | 10 Mär 2016 10:18 |
| ID-Nummer: | TUD-CS-2009-1853 |
| Verwandte URLs: | |
| Export: |
Optionen (nur für Redakteure)
 |
Eintrag anzeigen |
Drucken
Impressum