Distributed Privacy-Preserving Log Trails
2012 (English)Report (Other academic)
In the online world, increasing amounts of personal data of users are processed by service providers and other third party data processors. The privacy principle of transparency means that users should be informed about what data about them are processed by whom and how. This report describes a log service that enables users to reconstruct a log trail of these actions, by retrieving log entries from log servers. The information that links log entries into a trail is logged — together with the encrypted action data — to dedicated log servers by the data processors. In the proposed service, log entries of one trail can be spread over different log servers, possibly generated by different data processors. The fact that certain information is logged about a user can already leak information, and adding linking information only elevates this privacy risk. Encrypting the logged information does not suffice to protect against this. In our system, linking information across log databases is cryptographically protected and is only meaningful to the user to whom the log entries relate. In the report, we also consider the fact that log servers and data processors can become compromised. The scheme is therefore auditable, meaning that a third party can validate that log servers cannot make any changes to log entries without being detected, even when they collude with other log servers or data processors.
Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2012. , 147 p.
Karlstad University Studies, ISSN 1403-8099 ; 2012:24
Research subject Computer Science
IdentifiersURN: urn:nbn:se:kau:diva-13309ISBN: 978-91-7063-428-4OAI: oai:DiVA.org:kau-13309DiVA: diva2:526160
FunderEU, FP7, Seventh Framework Programme, 216483