Organization based access control
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Privacy aware data sharing: balancing the usability and privacy of datasets
Proceedings of the 2nd International Conference on PErvasive Technologies Related to Assistive Environments
Hi-index | 0.00 |
Nowadays, more and more applications use sensitive and personal information. Subsequently, hiding identities and respecting citizens' privacy are becoming extremely important. Dedicated to this issue, this paper is organized as follows: after defining the topic through an example of collaborative complex and heterogeneous system, this paper analyzes the most typical anonymization procedures. Afterwards it proposes a rigorous approach to define anonymization requirements, as well as how to characterize, select and build solutions. Finally, a new generic procedure to anonymize and link identities is proposed. We suggest that a critical part of this procedure is carried out in a smart card. According to needs, anonymized data are processed through cryptographic transformations in several organizations. Our solution is suitable to collaborative environments; guarantees the user's consent; resists dictionary attacks; respects the least privilege principle and thus fulfills the legislation requirements. Moreover, it remains flexible, adaptable to different fields, and supports some organizational changes like the merging of several systems.