Saffija Kasem-Madani, Timo Malderle, Felix Boes, M. Meier
{"title":"身份泄露预警网络的隐私保护预警管理","authors":"Saffija Kasem-Madani, Timo Malderle, Felix Boes, M. Meier","doi":"10.1145/3424954.3424955","DOIUrl":null,"url":null,"abstract":"Identity leakage is the public disclosure of user accounts that were stolen from an online service provider, e.g. email adresses and passwords. Identity leakage is an emerging threat to the security of user accounts because the number of online identities grows notably faster than the amount of used email adresses and passwords. In order to protect users against potential identity thefts after a cyber heist, a system that proactively warns the victims seems inevitable. In the design of such a system, there are technical, legal and psychological goals, e.g., the system has to fulfill the General Data Protection Regulation and users do not want to be flooded with warnings about potential identity thefts. In this paper, we propose a warning management system for online service providers that want to cooperate whilst keeping their users' data private from each other. Most importantly, victims will be informed only once if their user identity was found in an identity leak and the cooperating service providers preserve the privacy of the victims by design. Therefore, our warning system complies with the NIST recommendation.","PeriodicalId":166844,"journal":{"name":"Proceedings of the 2020 European Interdisciplinary Cybersecurity Conference","volume":"40 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Privacy-Preserving Warning Management for an Identity Leakage Warning Network\",\"authors\":\"Saffija Kasem-Madani, Timo Malderle, Felix Boes, M. Meier\",\"doi\":\"10.1145/3424954.3424955\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Identity leakage is the public disclosure of user accounts that were stolen from an online service provider, e.g. email adresses and passwords. Identity leakage is an emerging threat to the security of user accounts because the number of online identities grows notably faster than the amount of used email adresses and passwords. In order to protect users against potential identity thefts after a cyber heist, a system that proactively warns the victims seems inevitable. In the design of such a system, there are technical, legal and psychological goals, e.g., the system has to fulfill the General Data Protection Regulation and users do not want to be flooded with warnings about potential identity thefts. In this paper, we propose a warning management system for online service providers that want to cooperate whilst keeping their users' data private from each other. Most importantly, victims will be informed only once if their user identity was found in an identity leak and the cooperating service providers preserve the privacy of the victims by design. Therefore, our warning system complies with the NIST recommendation.\",\"PeriodicalId\":166844,\"journal\":{\"name\":\"Proceedings of the 2020 European Interdisciplinary Cybersecurity Conference\",\"volume\":\"40 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-11-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2020 European Interdisciplinary Cybersecurity Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3424954.3424955\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2020 European Interdisciplinary Cybersecurity Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3424954.3424955","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Privacy-Preserving Warning Management for an Identity Leakage Warning Network
Identity leakage is the public disclosure of user accounts that were stolen from an online service provider, e.g. email adresses and passwords. Identity leakage is an emerging threat to the security of user accounts because the number of online identities grows notably faster than the amount of used email adresses and passwords. In order to protect users against potential identity thefts after a cyber heist, a system that proactively warns the victims seems inevitable. In the design of such a system, there are technical, legal and psychological goals, e.g., the system has to fulfill the General Data Protection Regulation and users do not want to be flooded with warnings about potential identity thefts. In this paper, we propose a warning management system for online service providers that want to cooperate whilst keeping their users' data private from each other. Most importantly, victims will be informed only once if their user identity was found in an identity leak and the cooperating service providers preserve the privacy of the victims by design. Therefore, our warning system complies with the NIST recommendation.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
