Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems
UbiComp '01 Proceedings of the 3rd international conference on Ubiquitous Computing
Extending Classical Logic with Inductive Definitions
CL '00 Proceedings of the First International Conference on Computational Logic
Eliciting security requirements with misuse cases
Requirements Engineering
Privacy and Contextual Integrity: Framework and Applications
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Towards an information theoretic metric for anonymity
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
A card requirements language enabling privacy-preserving access control
Proceedings of the 15th ACM symposium on Access control models and technologies
How unique is your web browser?
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
Requirements Engineering - Special Issue on Digital privacy: theory, policies and technologies
Formal privacy analysis of communication protocols for identity management
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Formalizing and Enforcing Purpose Restrictions in Privacy Policies
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Privacy management in global organisations
CMS'12 Proceedings of the 13th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security
Hi-index | 0.00 |
Advanced information processing technologies are often applied to large profiles and result in detailed behavior analysis. Moreover, under the pretext of increased personalization and strong accountability, organizations exchange information to compile even larger profiles. However, the user is unaware about the amount and type of personal data kept in profiles, partially due to advanced interactions between multiple organizations during service consumption. In this paper, a formal approach to inspect privacy and trust in advanced electronic services is presented. It allows to express access and privacy policies of service providers. Also, the privacy properties of multiple authentication technologies are formally modeled. From this, meaningful privacy properties can be extracted based on varying trust assumptions. Feedback is rendered through automated reasoning, useful for both users and system designers. To demonstrate its practicability, the approach is applied to the design of a travel reservation system.