Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
An XPath-based preference language for P3P
WWW '03 Proceedings of the 12th international conference on World Wide Web
Automated trust negotiation using cryptographic credentials
Proceedings of the 12th ACM conference on Computer and communications security
Hi-index | 0.00 |
When using electronic services, people are often asked to provide personal information This raises many privacy issues To gain the trust of the user, service providers can use privacy policy languages such as P3P to declare the purpose and usage of this personal information User agents can compare these policies to privacy preferences of a user and warn the user if his privacy is threatened This paper extends two languages: P3P and APPEL It makes it possible to refer to certified data and credentials This allows service providers to define the minimal level of assurance It is also shown how different ways of disclosure (exact, blurred, verifiably encrypted, ...) can be specified to achieve more privacy friendly policies Last, the paper describes a privacy agent that makes use of the policies to automate privacy friendly information disclosure.