Using Personal Portfolios to Manage Customer Data

  • Aimilia Tasidou
  • Pavlos S. Efraimidis
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7122)

Abstract

Transactions today are conducted in a way that leaves no real option to the customers to protect their privacy. Sensitive private information is left uncontrolled at the companies’ disposal and is often (un)intentionally leaked to unauthorized parties. There is a growing demand for privacy-preserving management of private information that will make individuals feel safer during their transactions and assist companies with customer data management. In this work we propose that individuals store and manage their transaction data locally, in a personal portfolio, allowing them to retain control of their private information. Using contemporary cryptographic techniques, companies are given access to the accountable, certified data of portfolios in a privacy-preserving way.

Keywords

Personal Data Management Privacy Enhancing Technologies Economics of Privacy 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., Shi, H.: Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 205–222. Springer, Heidelberg (2005)Google Scholar
  2. 2.
    Acquisti, A.: Privacy and security of personal information: Technological solutions and economic incentives. In: Camp, J., Lewis, R. (eds.) The Economics of Information Security, pp. 165–178. Kluwer (2004)Google Scholar
  3. 3.
    Anderson, R., Moore, T.: The economics of information security. Science 314(5799), 610 (2006)CrossRefGoogle Scholar
  4. 4.
    Ardagna, C.A., Camenisch, J., Kohlweiss, M., Leenes, R., Neven, G., Priem, B., Samarati, P., Sommer, D., Verdicchio, M.: Exploiting cryptography for privacy-enhanced access control: A result of the PRIME project. Journal of Computer Security 18(1), 123–160 (2010)Google Scholar
  5. 5.
    Baek, J., Safavi-Naini, R., Susilo, W.: Public Key Encryption with Keyword Search Revisited. In: Gervasi, O., Murgante, B., Laganà, A., Taniar, D., Mun, Y., Gavrilova, M.L. (eds.) ICCSA 2008, Part I. LNCS, vol. 5072, pp. 1249–1259. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public Key Encryption with Keyword Search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  7. 7.
    Camenisch, J., Groß, T., Heydt-Benjamin, T.: Accountable privacy supporting services. Identity in the Information Society 2(3), 241–267 (2009)CrossRefGoogle Scholar
  8. 8.
    Camenisch, J.L., Lysyanskaya, A.: An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Camenisch, J., Pfitzmann, B.: Federated identity management. In: Petković, M., Jonker, W. (eds.) Security, Privacy, and Trust in Modern Data Management, pp. 213–238. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Deswarte, Y., Gambs, S.: A proposal for a privacy-preserving national identity card. Transactions on Data Privacy 3(3), 253–276 (2010)MathSciNetGoogle Scholar
  11. 11.
    Efraimidis, P.S., Drosatos, G., Nalbadis, F., Tasidou, A.: Towards privacy in personal data management. Information Management and Computer Security (IMCS) 17(4), 311–329 (2009)CrossRefGoogle Scholar
  12. 12.
    Kleinberg, J., Papadimitriou, C.H., Raghavan, P.: On the value of private information. In: Proceedings of the 8th Conference on Theoretical Aspects of Rationality and Knowledge, pp. 249–257. Morgan Kaufmann Publishers Inc. (2001)Google Scholar
  13. 13.
    Lindell, Y., Pinkas, B.: Secure multiparty computation for privacy-preserving data mining. Journal of Privacy and Confidentiality 1(21), 59–98 (2009), http://repository.cmu.edu/jpc/vol1/iss1/5 Google Scholar
  14. 14.
    Miller, G.A.: Wordnet: a lexical database for english. Commun. ACM 38, 39–41 (1995)CrossRefGoogle Scholar
  15. 15.
    Odlyzko, A.: Privacy, economics, and price discrimination on the internet. In: Proceedings of the 5th International Conference on Electronic Commerce, pp. 355–366. ACM (2003)Google Scholar
  16. 16.
    PrimeLife. Bringing sustainable privacy and identity management to future networks and services, http://www.primelife.eu
  17. 17.
    Snodgrass, R.T., Yao, S.S., Collberg, C.: Tamper detection in audit logs. In: VLDB 2004, pp. 504–515 (2004)Google Scholar
  18. 18.
    Tasidou, A., Efraimidis, P.S., Katos, V.: Economics of personal data management: Fair personal information trades. In: Sideridis, A.B., Patrikakis, C.Z. (eds.) Next Generation Society. Technological and Legal Issues, vol. 26, ch. 14, pp. 151–160. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  19. 19.
  20. 20.
    Varian, H.: Economic aspects of personal privacy. U.S. Dept. of Commerce, Privacy and Self-Regulation in the Information Age (1996)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Aimilia Tasidou
    • 1
  • Pavlos S. Efraimidis
    • 1
  1. 1.Department of Electrical and Computer EngineeringDemocritus University of ThraceXanthiGreece

Personalised recommendations