公共云中奥地利电子授权系统的可扩展和隐私保护变体

2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications Pub Date : 2013-07-16 DOI:10.1109/TrustCom.2013.67

Bernd Zwattendorfer, Daniel Slamanig

{"title":"公共云中奥地利电子授权系统的可扩展和隐私保护变体","authors":"Bernd Zwattendorfer, Daniel Slamanig","doi":"10.1109/TrustCom.2013.67","DOIUrl":null,"url":null,"abstract":"The current Austrian electronic mandate system, which allows citizens to act as representatives for other citizens or companies in e-Government services, relies on a centralized deployment approach. Thereby, a trusted central service generates and issues electronic mandates on the fly for service providers. The usage of this service is continuously increasing and high loads can be expected in the near future. In order to mitigate the associated scalability issues, this service could be moved into the public cloud. However, a move of a trusted service into the public cloud brings up new obstacles, especially with respect to citizens' privacy. In this paper we propose two approaches how this move could be successfully realized by preserving citizens' privacy and still being compliant to national law. The main objectives we focus on are minimal data disclosure to untrusted entities by still keeping the existing infrastructure nearly untouched. We present both approaches in detail and evaluate their capabilities with respect to citizens' privacy protection as well as their practicability and conclude that both approaches are entirely practical.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"47 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Scalable and Privacy-Preserving Variants of the Austrian Electronic Mandate System in the Public Cloud\",\"authors\":\"Bernd Zwattendorfer, Daniel Slamanig\",\"doi\":\"10.1109/TrustCom.2013.67\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The current Austrian electronic mandate system, which allows citizens to act as representatives for other citizens or companies in e-Government services, relies on a centralized deployment approach. Thereby, a trusted central service generates and issues electronic mandates on the fly for service providers. The usage of this service is continuously increasing and high loads can be expected in the near future. In order to mitigate the associated scalability issues, this service could be moved into the public cloud. However, a move of a trusted service into the public cloud brings up new obstacles, especially with respect to citizens' privacy. In this paper we propose two approaches how this move could be successfully realized by preserving citizens' privacy and still being compliant to national law. The main objectives we focus on are minimal data disclosure to untrusted entities by still keeping the existing infrastructure nearly untouched. We present both approaches in detail and evaluate their capabilities with respect to citizens' privacy protection as well as their practicability and conclude that both approaches are entirely practical.\",\"PeriodicalId\":206739,\"journal\":{\"name\":\"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications\",\"volume\":\"47 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-07-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TrustCom.2013.67\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TrustCom.2013.67","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

目前奥地利的电子授权系统，允许公民在电子政务服务中作为其他公民或公司的代表，依赖于集中部署方法。因此，可信任的中央服务动态地为服务提供者生成并发布电子命令。该服务的使用量不断增加，预计在不久的将来会出现高负载。为了减轻相关的可伸缩性问题，可以将此服务转移到公共云中。然而，将可信服务转移到公共云会带来新的障碍，特别是在公民隐私方面。在本文中，我们提出了两种方法，如何在保护公民隐私的同时仍符合国家法律的前提下成功实现这一举措。我们关注的主要目标是在保持现有基础设施几乎不受影响的情况下，将数据泄露给不受信任的实体。我们详细介绍了这两种方法，并评估了它们在公民隐私保护方面的能力以及它们的实用性，并得出结论，这两种方法都是完全可行的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Scalable and Privacy-Preserving Variants of the Austrian Electronic Mandate System in the Public Cloud

The current Austrian electronic mandate system, which allows citizens to act as representatives for other citizens or companies in e-Government services, relies on a centralized deployment approach. Thereby, a trusted central service generates and issues electronic mandates on the fly for service providers. The usage of this service is continuously increasing and high loads can be expected in the near future. In order to mitigate the associated scalability issues, this service could be moved into the public cloud. However, a move of a trusted service into the public cloud brings up new obstacles, especially with respect to citizens' privacy. In this paper we propose two approaches how this move could be successfully realized by preserving citizens' privacy and still being compliant to national law. The main objectives we focus on are minimal data disclosure to untrusted entities by still keeping the existing infrastructure nearly untouched. We present both approaches in detail and evaluate their capabilities with respect to citizens' privacy protection as well as their practicability and conclude that both approaches are entirely practical.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications

自引率

0.00%

发文量