Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Distributed Privacy-Preserving Log Trails
Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science. (Privacy and Security Research Group)ORCID iD: 0000-0001-6459-8409
KU Leuven, Department of Electrical Engineering - ESAT . (COSIC - Computer Security and Industrial Cryptography)
KU Leuven, Department of Electrical Engineering - ESAT and KHLim, FI². (COSIC - Computer Security and Industrial Cryptography and ACRO/ES&S - Embedded Systems and Security)
Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science.
2012 (English)Report (Other academic)
Abstract [en]

In the online world, increasing amounts of personal data of users are processed by service providers and other third party data processors. The privacy principle of transparency means that users should be informed about what data about them are processed by whom and how. This report describes a log service that enables users to reconstruct a log trail of these actions, by retrieving log entries from log servers. The information that links log entries into a trail is logged — together with the encrypted action data — to dedicated log servers by the data processors. In the proposed service, log entries of one trail can be spread over different log servers, possibly generated by different data processors. The fact that certain information is logged about a user can already leak information, and adding linking information only elevates this privacy risk. Encrypting the logged information does not suffice to protect against this. In our system, linking information across log databases is cryptographically protected and is only meaningful to the user to whom the log entries relate. In the report, we also consider the fact that log servers and data processors can become compromised. The scheme is therefore auditable, meaning that a third party can validate that log servers cannot make any changes to log entries without being detected, even when they collude with other log servers or data processors.

Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2012. , 147 p.
Series
Karlstad University Studies, ISSN 1403-8099 ; 2012:24
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-13309ISBN: 978-91-7063-428-4 (print)OAI: oai:DiVA.org:kau-13309DiVA: diva2:526160
Projects
EU/FP7 PrimeLifeIBBT/Index
Funder
EU, FP7, Seventh Framework Programme, 216483
Available from: 2012-05-10 Created: 2012-05-10 Last updated: 2018-01-12Bibliographically approved
In thesis
1. Privacy-Preserving Transparency-Enhancing Tools
Open this publication in new window or tab >>Privacy-Preserving Transparency-Enhancing Tools
2012 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Transparency is a key principle in democratic societies. For example, the public sector is in part kept honest and fair with the help of transparency through different freedom of information (FOI) legislations. In the last decades, while FOI legislations have been adopted by more and more countries worldwide, we have entered the information age enabled by the rapid development of information technology. This has led to the need for technological solutions that enhance transparency, for example to ensure that FOI legislation can be adhered to in the digital world. These solutions are called transparency-enhancing tools (TETs), and consist of both technological and legal tools. TETs, and transparency in general, can be in conflict with the privacy principle of data minimisation.

The goal of transparency is to make information available, while the goal of data minimisation is to minimise the amount of available information. This thesis presents two privacy-preserving TETs: one cryptographic system forenabling transparency logging, and one cryptographic scheme for storing the data for the so called Data Track tool at a cloud provider. The goal of the transparency logging TET is to make data processing by data controllers transparent to the user whose data is being processed. Our work ensures that the process in which the data processing is logged does not leak sensitive information about the user, and thatthe user can anonymously read the information logged on their behalf. The goal of the Data Track is to make it transparent to users which data controllers they have disclosed data to under which conditions. Furthermore, the Data Track intends to empower users to exercise their rights, online and potentially anonymously, with regard to their disclosed data at the recipient data controllers. Our work ensures that the data kept by the Data Track can be stored at acloud storage provider, enabling easy synchronisation across multiple devices, while preserving the privacy of users by making their storage anonymous toward the provider and by enabling users to hold the provider accountable for the data it stores.

Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2012. 22 p.
Series
Karlstad University Studies, ISSN 1403-8099 ; 2012:57
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-15685 (URN)978-91-7063-469-7 (ISBN)
Presentation
2013-01-08, 21A342, Karlstad Universitet, Karlstad, 09:15 (English)
Opponent
Supervisors
Available from: 2012-12-17 Created: 2012-11-20 Last updated: 2018-01-12Bibliographically approved

Open Access in DiVA

fulltext(1068 kB)1040 downloads
File information
File name FULLTEXT01.pdfFile size 1068 kBChecksum SHA-512
51d94640a21d08ee80a28f0f768ae603b3b7c4f255a76544734a8cdf770cb48c337757c27469b878ca79d6e14702cecd9f8c1775bbbe96b8eeebaf475396b4d6
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Pulls, Tobias
By organisation
Department of Computer Science
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 1040 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 400 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf