TU Darmstadt / ULB / TUbiblio

PEEPLL: Privacy-Enhanced Event Pseudonymisation with Limited Linkability

Zimmer, Ephraim ; Burkert, Christian ; Petersen, Tom ; Federrath, Hannes (2020)
PEEPLL: Privacy-Enhanced Event Pseudonymisation with Limited Linkability.
35th ACM/SIGAPP Symposium on Applied Computing. virtual Conference (30.04.2020-03.04.2020)
doi: 10.1145/3341105.3375781
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

Pseudonymisation provides the means to reduce the privacy impact of data collection and processing on individual subjects. Its application on data records, especially in an environment with additional constraints, like re-identification in the course of incident response, implies assumptions and privacy issues, which contradict the achievement of the desirable privacy level. Proceeding from two real-world scenarios, where personal and identifying data needs to be processed, we identify a system model for pseudonymisation and explicitly state the sustained privacy threats. With this system and threat model, we derive privacy protection goals together with possible technical realisations, which are integrated into our event pseudonymisation framework PEEPLL for the context of event processing, like auditing of user activities. Our framework provides privacy-friendly linkability in order to maintain the possibility for automatic event correlation and evaluation, while at the same time reduces the privacy impact on individuals. With this framework, privacy provided by event pseudonymisation can be enhanced by a more rigorous commitment to the concept of personal data minimisation.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2020
Autor(en): Zimmer, Ephraim ; Burkert, Christian ; Petersen, Tom ; Federrath, Hannes
Art des Eintrags: Bibliographie
Titel: PEEPLL: Privacy-Enhanced Event Pseudonymisation with Limited Linkability
Sprache: Englisch
Publikationsjahr: 2020
Verlag: ACM
Buchtitel: SAC'20 : Proceedings of the 35th Annual ACM Symposium on Applied Computing
Veranstaltungstitel: 35th ACM/SIGAPP Symposium on Applied Computing
Veranstaltungsort: virtual Conference
Veranstaltungsdatum: 30.04.2020-03.04.2020
DOI: 10.1145/3341105.3375781
Kurzbeschreibung (Abstract):

Pseudonymisation provides the means to reduce the privacy impact of data collection and processing on individual subjects. Its application on data records, especially in an environment with additional constraints, like re-identification in the course of incident response, implies assumptions and privacy issues, which contradict the achievement of the desirable privacy level. Proceeding from two real-world scenarios, where personal and identifying data needs to be processed, we identify a system model for pseudonymisation and explicitly state the sustained privacy threats. With this system and threat model, we derive privacy protection goals together with possible technical realisations, which are integrated into our event pseudonymisation framework PEEPLL for the context of event processing, like auditing of user activities. Our framework provides privacy-friendly linkability in order to maintain the possibility for automatic event correlation and evaluation, while at the same time reduces the privacy impact on individuals. With this framework, privacy provided by event pseudonymisation can be enhanced by a more rigorous commitment to the concept of personal data minimisation.

Freie Schlagworte: personal data minimisation, pseudonymisation framework, privacy protection goals, limited linkability, pseudonym re-usage, indistinguishability unobservability
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik
20 Fachbereich Informatik > Telekooperation
Hinterlegungsdatum: 05 Feb 2021 09:07
Letzte Änderung: 05 Feb 2021 09:07
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen