Usable presentation of secure pseudonyms

Borcea-Pfitzmann, Katrin; Franz, Elke; Pfitzmann, Andreas

doi:10.1145/1102486.1102498

Cited by 11 publications

(5 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Concerning the provided degree of linkability, pseudonyms can be classified into transaction pseudonyms, role pseudonyms, relationship pseudonyms, rolerelationship pseudonyms and person pseudonyms. While a discussion of this issue can be found in [23], we see our approach as a conceptual combination of both transaction and person pseudonyms. The ability to use changing tracking pseudonyms in a freely determined frequency relates to the first property, while the implicit attribute can be interpreted as an implicit person pseudonym.…”

Section: Related Workmentioning

confidence: 99%

Harnessing Pseudonyms with Implicit Attributes for Privacy-Respecting Mission Log Analysis

Weber

2009

2009 International Conference on Intelligent Networking and Collaborative Systems

View full text Add to dashboard Cite

Abstract-Many applications in the area of collaborative work can be enhanced by tracking users regularly. Consider a future emergency management application, in which mobile first responders are continuously tracked in order to support a better coordination of the rescue missions and to create a mission log. However, continuous tracking of individuals and storing the data for later use is often in conflict with individual privacy preferences. Therefore, it is a challenge to deal with conflicting traceability and privacy protection requirements. A common way to implement some kind of privacy protection is to use pseudonyms instead of fixed IDs for each user. However, in order to build a multilateral secure and acceptable solution, a more complex system design w.r.t. to pseudonym linkability is required, that also allows third parties to analyze the logs for organizational and legal reasons.In this paper, we present our approach to deal with this issue: we propose to encode additional information into pseudonyms that are used in location tracking systems and stored in data logs. Our concept comprises both access rights for the user herself and implicit attributes that may be verified by third parties in a privacy-respecting manner. We introduce the cryptographic constructions, which employ cryptographically secure pseudorandom number generators, threshold cryptography and techniques for securely evaluating encrypted data. Moreover, in this paper, we sketch a practical application example in the area of emergency mission log analysis and discuss the main security properties of our concepts.

show abstract

Section: Related Workmentioning

confidence: 99%

Harnessing Pseudonyms with Implicit Attributes for Privacy-Respecting Mission Log Analysis

Weber

2009

2009 International Conference on Intelligent Networking and Collaborative Systems

View full text Add to dashboard Cite

show abstract

“…Digital identity management [2,3,4,5,6] has brought much more attention to the information security research communities. In [2], a unique identifier is assigned to a user for a federation system.…”

Section: Related Workmentioning

confidence: 99%

Enhancing the Privacy of e-Learning Systems with Alias and Anonymity

Yong

2008

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. The privacy of e-learning systems has become a big concern. This paper proposes a new approach, which can effectively protect the privacy of e-learning users. We propose to use the alias and anonymity to implement the privacy preservation for e-learning systems. Through the approach, a unique alias represents the real e-learning user to communicate with each other or e-learning users use the anonymity to hide their information. This approach can be very simple and efficient to be implemented in the e-learning system by well designed meta-formats of digital identities of four types of e-learning users. The anonymity can be adopted by all e-learning users to keep their privacy. IntroductionE-learning is defined as technology-based learning in which learning materials are delivered electronically to remote learners via a computer network [1], particularly the Internet. Based on [1], comparing to traditional classroom learning, the advantages of e-learning are learner-entered and self-paced, time and location flexibility, cost-effective for learners, potentially available to global audience, unlimited access to knowledge, and archival capability for knowledge reuse and sharing. The disadvantages are lack of immediate feedback in asynchronous e-learning, increased preparation time for the instructor, not comfortable to some people, and potentially more frustration, anxiety, and confusion. With the development of new technology, all the disadvantages could be overcome, like lack of immediate feedback will be solved by the adoption of wireless technology in e-learning. When a student needs an immediate feedback, his/her question will be sent to the instructor by a special wireless device and the instructor can reply the student's question immediately via the wireless device. It is obvious that e-learning will become a very important educational means for the learners. With more and more learners are acquiring their knowledge via e-learning systems which are usually connected by the Internet. When the Internet is mentioned, a natural question arises here, can we trust the Internet? In other word, do

show abstract

“…As networks are "unforgetful" and may log and remember a close to infinite number of network interactions, this separation decreases the privacy risks associated with interacting in a computer network. Many scientific papers have been dedicated to various types of pseudonymity [5,19,4] or the graceful degradation of anonymity towards full identification [1] using existing approaches.…”

Section: The Need For Sybil-free Applicationsmentioning

confidence: 99%

A Self-certified and Sybil-Free Framework for Secure Digital Identity Domain Buildup

Andersson

Kohlweiss

Martucci

et al. 2008

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. An attacker who can control arbitrarily many user identities can break the security properties of most conceivable systems. This is called a "Sybil attack". We present a solution to this problem that does not require online communication with a trusted third party and that in addition preserves the privacy of honest users. Given an initial so-called Sybil-free identity domain, our proposal can be used for deriving Sybilfree unlinkable pseudonyms associated with other identity domains. The pseudonyms are self-certified and computed by the users themselves from their cryptographic long-term identities.

show abstract

Usable presentation of secure pseudonyms

Cited by 11 publications

References 3 publications

Harnessing Pseudonyms with Implicit Attributes for Privacy-Respecting Mission Log Analysis

Harnessing Pseudonyms with Implicit Attributes for Privacy-Respecting Mission Log Analysis

Enhancing the Privacy of e-Learning Systems with Alias and Anonymity

A Self-certified and Sybil-Free Framework for Secure Digital Identity Domain Buildup

Contact Info

Product

Resources

About