Linsner, Sebastian ; Demuth, Kilian ; Fischlin, Marc ; Reuter, Christian (2024)
Decision-based Data Distribution (D3): Enabling Users to Minimize Data Propagation in Privacy-sensitive Scenarios.
In: Proceedings on Privacy Enhancing Technologies (PoPETs), 2024 (4)
doi: 10.56553/popets-2024-0113
Artikel, Bibliographie
Kurzbeschreibung (Abstract)
In many scenarios users have to communicate sensitive data with third parties such as doctors, lawyers, insurance companies, social workers or online shops. Handing over personal data is necessary to use those services but the delegation of tasks to increase efficiency still poses the risk that personal data might be leaked. To minimize this risk and further enhance the privacy of users, we propose an interaction concept that uses layered encryption of messages to provide a trade-off between privacy and usability. Users can choose which data is additionally encrypted in an inner layer, say, for the eyes of their doctor only, and which data is available in an outer (encrypted or unencrypted) layer for all staff members. Another benefit is the hiding of sensitive data from package inspection or crawling algorithms over emails, while less critical parts can still be processed by these systems via the partial access. To investigate this concept, we derive relevant use cases for form-based communication over email from a quantitative pre-study with 1011 participants, showing that general practitioners are the most suitable use case. We developed demonstrators for this use case and evaluated them in a qualitative study with 42 participants. Our results show that the possibility of minimizing the propagation of sensitive data through additional encryption is highly appreciated and the usage of form-based communication is a promising approach for the digital transformation.
| Typ des Eintrags: | Artikel |
|---|---|
| Erschienen: | 2024 |
| Autor(en): | Linsner, Sebastian ; Demuth, Kilian ; Fischlin, Marc ; Reuter, Christian |
| Art des Eintrags: | Bibliographie |
| Titel: | Decision-based Data Distribution (D3): Enabling Users to Minimize Data Propagation in Privacy-sensitive Scenarios |
| Sprache: | Englisch |
| Publikationsjahr: | 2024 |
| Ort: | https://petsymposium.org/ |
| Verlag: | De Gruyter Open |
| Titel der Zeitschrift, Zeitung oder Schriftenreihe: | Proceedings on Privacy Enhancing Technologies (PoPETs) |
| Jahrgang/Volume einer Zeitschrift: | 2024 |
| (Heft-)Nummer: | 4 |
| DOI: | 10.56553/popets-2024-0113 |
| URL / URN: | https://petsymposium.org/popets/2024/popets-2024-0113.php |
| Kurzbeschreibung (Abstract): | In many scenarios users have to communicate sensitive data with third parties such as doctors, lawyers, insurance companies, social workers or online shops. Handing over personal data is necessary to use those services but the delegation of tasks to increase efficiency still poses the risk that personal data might be leaked. To minimize this risk and further enhance the privacy of users, we propose an interaction concept that uses layered encryption of messages to provide a trade-off between privacy and usability. Users can choose which data is additionally encrypted in an inner layer, say, for the eyes of their doctor only, and which data is available in an outer (encrypted or unencrypted) layer for all staff members. Another benefit is the hiding of sensitive data from package inspection or crawling algorithms over emails, while less critical parts can still be processed by these systems via the partial access. To investigate this concept, we derive relevant use cases for form-based communication over email from a quantitative pre-study with 1011 participants, showing that general practitioners are the most suitable use case. We developed demonstrators for this use case and evaluated them in a qualitative study with 42 participants. Our results show that the possibility of minimizing the propagation of sensitive data through additional encryption is highly appreciated and the usage of form-based communication is a promising approach for the digital transformation. |
| Freie Schlagworte: | user-centered design, usable privacy, layered encryption, qualitative study |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Kryptographie und Komplexitätstheorie 20 Fachbereich Informatik > Wissenschaft und Technik für Frieden und Sicherheit (PEASEC) DFG-Sonderforschungsbereiche (inkl. Transregio) DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche DFG-Graduiertenkollegs DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche > SFB 1119: CROSSING – Kryptographiebasierte Sicherheitslösungen als Grundlage für Vertrauen in heutigen und zukünftigen IT-Systemen |
| Hinterlegungsdatum: | 25 Okt 2024 13:45 |
| Letzte Änderung: | 25 Okt 2024 13:45 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum