Zimmer, Ephraim ; Burkert, Christian ; Petersen, Tom ; Federrath, Hannes (2020)
PEEPLL: Privacy-Enhanced Event Pseudonymisation with Limited Linkability.
35th ACM/SIGAPP Symposium on Applied Computing. virtual Conference (30.04.2020-03.04.2020)
doi: 10.1145/3341105.3375781
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Pseudonymisation provides the means to reduce the privacy impact of data collection and processing on individual subjects. Its application on data records, especially in an environment with additional constraints, like re-identification in the course of incident response, implies assumptions and privacy issues, which contradict the achievement of the desirable privacy level. Proceeding from two real-world scenarios, where personal and identifying data needs to be processed, we identify a system model for pseudonymisation and explicitly state the sustained privacy threats. With this system and threat model, we derive privacy protection goals together with possible technical realisations, which are integrated into our event pseudonymisation framework PEEPLL for the context of event processing, like auditing of user activities. Our framework provides privacy-friendly linkability in order to maintain the possibility for automatic event correlation and evaluation, while at the same time reduces the privacy impact on individuals. With this framework, privacy provided by event pseudonymisation can be enhanced by a more rigorous commitment to the concept of personal data minimisation.
Typ des Eintrags: | Konferenzveröffentlichung |
---|---|
Erschienen: | 2020 |
Autor(en): | Zimmer, Ephraim ; Burkert, Christian ; Petersen, Tom ; Federrath, Hannes |
Art des Eintrags: | Bibliographie |
Titel: | PEEPLL: Privacy-Enhanced Event Pseudonymisation with Limited Linkability |
Sprache: | Englisch |
Publikationsjahr: | 2020 |
Verlag: | ACM |
Buchtitel: | SAC'20 : Proceedings of the 35th Annual ACM Symposium on Applied Computing |
Veranstaltungstitel: | 35th ACM/SIGAPP Symposium on Applied Computing |
Veranstaltungsort: | virtual Conference |
Veranstaltungsdatum: | 30.04.2020-03.04.2020 |
DOI: | 10.1145/3341105.3375781 |
Kurzbeschreibung (Abstract): | Pseudonymisation provides the means to reduce the privacy impact of data collection and processing on individual subjects. Its application on data records, especially in an environment with additional constraints, like re-identification in the course of incident response, implies assumptions and privacy issues, which contradict the achievement of the desirable privacy level. Proceeding from two real-world scenarios, where personal and identifying data needs to be processed, we identify a system model for pseudonymisation and explicitly state the sustained privacy threats. With this system and threat model, we derive privacy protection goals together with possible technical realisations, which are integrated into our event pseudonymisation framework PEEPLL for the context of event processing, like auditing of user activities. Our framework provides privacy-friendly linkability in order to maintain the possibility for automatic event correlation and evaluation, while at the same time reduces the privacy impact on individuals. With this framework, privacy provided by event pseudonymisation can be enhanced by a more rigorous commitment to the concept of personal data minimisation. |
Freie Schlagworte: | personal data minimisation, pseudonymisation framework, privacy protection goals, limited linkability, pseudonym re-usage, indistinguishability unobservability |
Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Telekooperation |
Hinterlegungsdatum: | 05 Feb 2021 09:07 |
Letzte Änderung: | 05 Feb 2021 09:07 |
PPN: | |
Export: | |
Suche nach Titel in: | TUfind oder in Google |
Frage zum Eintrag |
Optionen (nur für Redakteure)
Redaktionelle Details anzeigen |