Crowds: anonymity for Web transactions
ACM Transactions on Information and System Security (TISSEC)
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Proceedings of the IFIP TC9/WG9.6 Working Conference on Security and Control of Information Technology in Society on board M/S Illich and ashore
Anonymous Connections and Onion Routing
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Real-time mixes: a bandwidth-efficient anonymity protocol
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
In the past independent IT security evaluation according to published criteria has not realized its potential for the assessment of privacy enhancing technologies (PETs). The main reason for this was, that PETs were not covered appropriately in the evaluation criteria. This situation has changed somewhat, and therefore this paper reports on a case study, in which we developed Protection Profiles for remailer mixes. One reason for the development of these Protection Profiles was to test the privacy related components in the new Evaluation Criteria for IT Security - Common Criteria (International Standard 15408, ECITS/CC) and to develop improvements. Another reason was to contribute to an independent evaluation of privacy enhancing technologies. The experiment shows, that the ECITS/CC enable PPs for remailer mixes, but that there are still improvements necessary. The paper presents the Protection Profiles and the structured threat analysis for mixes, on which the Protection Profiles are based.