Modeling Identity-Related Properties and Their Privacy Strength

  • Meilof Veeningen
  • Benne de Weger
  • Nicola Zannone
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6561)


In the last years several attempts to define identity-related properties such as identifiability, pseudonymity and anonymity have been made to analyze the privacy offered by information systems and protocols. However, these definitions are generally incomparable, making it difficult to generalize the results of their analysis. In this paper, we propose a novel framework for formalizing and comparing identity-related properties. The framework employs the notions of detectability, associability and provability to assess the knowledge of an adversary. We show how these notions can be used to specify well-known identity-related properties and classify them with respect to their logical relations and privacy strength. We also demonstrate that the proposed framework is able to capture and compare several existing definitions of identity-related properties.


Data Item Logical Relation Actor View Strong Privacy Complete Anonymity 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Pfitzmann, A., Hansen, M.: A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management. v0.32 (December 2009),
  2. 2.
    Schneider, S., Sidiropoulos, A.: CSP and anonymity. In: Proc. of ESORICS 1996. LNCS, vol. 2482, pp. 198–218. Springer, Heidelberg (1996)Google Scholar
  3. 3.
    Chatzikokolakis, K.: Probabilistic and Information-Theoretic Approaches to Anonymity. PhD thesis, Laboratoire d’Informatique (LIX), École Polytechnique, Paris (2007)Google Scholar
  4. 4.
    Syverson, P.F., Stubblebine, S.G.: Group principals and the formalization of anonymity. In: Woodcock, J.C.P., Davies, J. (eds.) FM 1999. LNCS, vol. 1708, pp. 814–833. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  5. 5.
    Steinbrecher, S., Köpsell, S.: Modelling unlinkability. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, pp. 32–47. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Hughes, D., Shmatikov, V.: Information hiding, anonymity and privacy: a modular approach. Journal of Computer Security 12(1), 3–36 (2004)CrossRefGoogle Scholar
  7. 7.
    Hevia, A., Micciancio, D.: An indistinguishability-based characterization of anonymous channels. In: Borisov, N., Goldberg, I. (eds.) PETS 2008. LNCS, vol. 5134, pp. 24–43. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  8. 8.
    European Parliament: Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities L 281, 31–50 (November 23, 1995)Google Scholar
  9. 9.
    Diaz, C., Preneel, B.: Taxonomy of mixes and dummy traffic. In: Proc. of I-NetSec 2004, pp. 215–230. Kluwer Academic Publishers, Dordrecht (2004)Google Scholar
  10. 10.
    Camenisch, J., Pfitzmann, B.: Federated Identity Management. In: Security, Privacy, and Trust in Modern Data Management, pp. 213–238. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  11. 11.
    Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-privacy in public-key encryption. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 566–582. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  12. 12.
    Clauß, S.: A Framework for Quantification of Linkability Within a Privacy-Enhancing Identity Management System. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 191–205. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  13. 13.
    Díaz, C., Seys, S., Claessens, J., Preneel, B.: Towards measuring anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  14. 14.
    Serjantov, A., Danezis, G.: Towards an information theoretic metric for anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 41–53. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  15. 15.
    Avizienis, A., Laprie, J.C., Randell, B., Landwehr, C.: Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. Dependable Sec. Comput. 1, 11–33 (2004)CrossRefGoogle Scholar
  16. 16.
    Roe, M.: Cryptography and Evidence. PhD thesis, University of Cambridge (1997)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Meilof Veeningen
    • 1
  • Benne de Weger
    • 1
  • Nicola Zannone
    • 1
  1. 1.Eindhoven University of TechnologyThe Netherlands

Personalised recommendations