分布式隐私保护透明日志记录

Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society Pub Date : 2013-11-04 DOI:10.1145/2517840.2517847

T. Pulls, R. Peeters, K. Wouters

{"title":"分布式隐私保护透明日志记录","authors":"T. Pulls, R. Peeters, K. Wouters","doi":"10.1145/2517840.2517847","DOIUrl":null,"url":null,"abstract":"We present a transparency-enhancing tool in the form of a cryptographic scheme that enables data processors to inform users about the actual data processing that takes place on their personal data. Our proposed solution can handle arbitrary processes while offloading storage and interactions with users to dedicated log servers. On top of strong integrity and confidentiality properties, our scheme takes users' privacy one step further by making it impossible to link multiple log entries for the same user or user identifiers across multiple data processors (for distributed processes). Our proposed solution has several applications, e.g., it can make access to electronic health records transparent to the patients to whom the records relate. Furthermore, we are the first to formalise the required security and privacy properties in this setting in a general manner (not specifically for our scheme) and prove that our scheme fulfils these. Finally, we show that our scheme is applicable in practice, providing performance results for a prototype implementation.","PeriodicalId":406846,"journal":{"name":"Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society","volume":"148 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"48","resultStr":"{\"title\":\"Distributed privacy-preserving transparency logging\",\"authors\":\"T. Pulls, R. Peeters, K. Wouters\",\"doi\":\"10.1145/2517840.2517847\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We present a transparency-enhancing tool in the form of a cryptographic scheme that enables data processors to inform users about the actual data processing that takes place on their personal data. Our proposed solution can handle arbitrary processes while offloading storage and interactions with users to dedicated log servers. On top of strong integrity and confidentiality properties, our scheme takes users' privacy one step further by making it impossible to link multiple log entries for the same user or user identifiers across multiple data processors (for distributed processes). Our proposed solution has several applications, e.g., it can make access to electronic health records transparent to the patients to whom the records relate. Furthermore, we are the first to formalise the required security and privacy properties in this setting in a general manner (not specifically for our scheme) and prove that our scheme fulfils these. Finally, we show that our scheme is applicable in practice, providing performance results for a prototype implementation.\",\"PeriodicalId\":406846,\"journal\":{\"name\":\"Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society\",\"volume\":\"148 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-11-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"48\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2517840.2517847\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2517840.2517847","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 48

摘要

我们提出了一种加密方案形式的透明度增强工具，使数据处理器能够告知用户在其个人数据上发生的实际数据处理。我们提出的解决方案可以处理任意进程，同时将存储和与用户的交互卸载到专用日志服务器。在强大的完整性和机密性的基础上，我们的方案进一步保护了用户的隐私，使其不可能跨多个数据处理器(对于分布式进程)链接同一用户或用户标识符的多个日志条目。我们提出的解决方案有几个应用程序，例如，它可以使访问电子健康记录对与记录相关的患者透明。此外，我们是第一个以一般方式(不是专门针对我们的方案)形式化此设置中所需的安全和隐私属性的人，并证明我们的方案满足这些要求。最后，我们证明了我们的方案在实践中是适用的，并为原型实现提供了性能结果。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Distributed privacy-preserving transparency logging

We present a transparency-enhancing tool in the form of a cryptographic scheme that enables data processors to inform users about the actual data processing that takes place on their personal data. Our proposed solution can handle arbitrary processes while offloading storage and interactions with users to dedicated log servers. On top of strong integrity and confidentiality properties, our scheme takes users' privacy one step further by making it impossible to link multiple log entries for the same user or user identifiers across multiple data processors (for distributed processes). Our proposed solution has several applications, e.g., it can make access to electronic health records transparent to the patients to whom the records relate. Furthermore, we are the first to formalise the required security and privacy properties in this setting in a general manner (not specifically for our scheme) and prove that our scheme fulfils these. Finally, we show that our scheme is applicable in practice, providing performance results for a prototype implementation.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society

自引率

0.00%

发文量