Skip to main content

Limiting Disclosure by Hiding the Identity-Attribute Pair

  • 329 Accesses

Abstract

This chapter looks at the last leaf in the privacy tree: limiting disclosure by hiding both the identity and the attribute information. Example PETs described in this category are Hippocratic databases, P3P, APEX, and credential systems that prove properties of attributes. As with the previous five chapters, the basic scheme, enhancements, strengths, and limitations are discussed for each PET.

Keywords

  • Hippocratic databases (HDB)
  • Privacy policy
  • Platform for privacy preferences project (P3P)
  • Privacy Bird
  • A P3P preference exchange language (APPEL)
  • Architecture for privacy enforcement using XML (APEX)
  • Credential systems
  • Boolean functions of attributes

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-81043-6_8
  • Chapter length: 33 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   44.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-81043-6
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   59.99
Price excludes VAT (USA)
Fig. 8.1

References

  • C. Adams and K. Barbieri, Privacy enforcement in E-Services environments. In Privacy protection for E-Services, G. Yee, Ed., Idea Group Publishing, pp. 172–202 (2006)

    Google Scholar 

  • C. Adams, Y. Dai, C. DesOrmeaux, S. McAvoy, N. Nguyen, and F. Trindade, Strengthening enforcement in a comprehensive architecture for privacy enforcement at internet websites. Front. Comp. Sci. 2, 9pp (2020, 4 February)

    Google Scholar 

  • R. Agrawal and E. Terzi, on honesty in sovereign information sharing. Proceedings of the 10th international conference on extending database technology, Munich, Germany, pp. 240–256, (2006, March)

    Google Scholar 

  • R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu, Hippocratic databases. Proceedings of the 28th international conference on very large databases, Hong Kong, 12pp (2002)

    Google Scholar 

  • R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu, An XPath-based preference language for P3P. Proceedings of the 12th international world wide web conference, Budapest, Hungary, pp. 629–639, (2003a, May)

    Google Scholar 

  • R. Agrawal, A. Evfimievski, and R. Srikant, Information sharing across private databases. Proceedings of the ACM SIGMOD conference on management of data, San Diego, California, 12pp, (2003b, June)

    Google Scholar 

  • R. Agrawal, R. Bayardo, C. Faloutsos, J. Kiernan, R. Rantzau, and R. Srikant, Auditing compliance with a hippocratic database. Proceedings of the 30th international conference on very large databases, Toronto, Canada, 12pp, (2004a)

    Google Scholar 

  • R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu, Order-preserving encryption for numeric data. Proceedings of the ACM SIGMOD conference on management of data, Paris, France, pp. 563–574 (2004b, June)

    Google Scholar 

  • R. Agrawal, P. Bird, T. Grandison, J. Kiernan, S. Logan, and W. Rjaibi, Extending relational database systems to automatically enforce privacy policies. Proceedings of the 21st international conference on data engineering, Tokyo, Japan, pp. 1013–1022, (2005, April)

    Google Scholar 

  • R. Agrawal, D. Asonov, M. Kantarcioglu, and Y. Li, Sovereign joins. Proceedings of the 22nd international conference on data engineering, Atlanta, USA, 12pp (2006, April)

    Google Scholar 

  • K. Bemmann, J. Blömer, J. Bobolz, H. Bröcher, D. Diemert, F. Eidens, L. Eilers, J. Haltermann, J. Juhnke, B. Otour, L. Porzenheim, S. Pukrop, E. Schilling, M. Schlichtig, and M. Stienemeier, Fully-featured anonymous credentials with reputation system. Proceedings of the 13th international conference on availability, reliability and security, pp. 1–10 (2018, August )

    Google Scholar 

  • C.J. Bennett, Regulating Privacy: Data Protection and Public Policy in Europe and the United States (Cornell University Press, 1992)

    CrossRef  Google Scholar 

  • D. Boneh and M. Franklin, Identity-based encryption from the Weil pairing. Advances in cryptology: Proceedings of crypto 2001, Springer LNCS 2139, pp. 213–229 (2001)

    Google Scholar 

  • J. M. Boyer, XForms 1.1. W3C Recommendation REC-xforms-20091020 (2009, 20 October)

    Google Scholar 

  • S. Brands, Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy (The MIT Press, 2000)

    CrossRef  Google Scholar 

  • J. Camenisch and A. Lysyanskaya, An efficient system for non-transferable anonymous credentials with optional anonymity revocation. Advances in cryptology: Proceedings of Eurocrypt 2001, Springer LNCS 2045, pp. 93–118 (2001)

    Google Scholar 

  • J. Camenisch and A. Lysyanskaya, a signature scheme with efficient protocols. Proceedings of the 3rd International Conference on Security in Communication Networks, Springer, LNCS 2576, pp. 268–289, (2003, 11–13 September)

    Google Scholar 

  • R. Chinnici, J.-J. Moreau, A. Ryman, and S. Weerawarana, Web Services Description Language (WSDL) Version 2.0 Part 1: Core Language. W3C Recommendation REC-wsdl20–20070626 (2007, 26 June)

    Google Scholar 

  • L. Cranor and R. Wenning, Platform for Privacy Preferences (P3P) Project: Enabling Smarter Privacy Tools for the Web. W3C P3P Overview (2018, 2 February)

    Google Scholar 

  • L. Cranor, M. Langheinrich, and M. Marchiori, A P3P Preference Exchange Language 1.0 (APPEL 1.0). W3C Working Draft WD-P3P-preferences-20020415, (2002a, 15 April)

    Google Scholar 

  • L. Cranor, M. Langheinrich, M. Marchiori, M. Presler-Marshall, and J. Reagle, The platform for privacy preferences 1.0 (P3P1.0) Specification. W3C Recommendation REC-P3P-20020416 (2002b, 16 April)

    Google Scholar 

  • L.F. Cranor, P. Guduru, J. Arjula, User interfaces for privacy agents. ACM Trans. Computer-Human Inter. 13(2), 135–178 (2006a)

    CrossRef  Google Scholar 

  • L. Cranor, B. Dobbs, S. Egelman, G. Hogben, J. Humphrey, M. Langheinrich, M. Marchiori, M. Presler-Marshall, J. Reagle, M. Schunter, D. A. Stampley, and R. Wenning, The platform for privacy preferences 1.1 (P3P1.1) specification. W3C Working Group Note NOTE-P3P11–20061113 (2006b, 13 November)

    Google Scholar 

  • T. Dillard, Hippocratic database and active enforcement. in Ethical issues and security monitoring trends in global healthcare: technological advancements, S. A. Brown and M. Brown (Eds.), Medical Information Science Reference (an imprint of IGI Global) , pp. 43–49, (2011)

    Google Scholar 

  • T. Grandison, C. Johnson, and J. Kiernan, Hippocratic databases: Current capabilities and future trends. in Handbook on Database Security: Applications and Trends, M. Gertz and S. Jajodia (Eds), Springer, pp. 409–429 (2008)

    Google Scholar 

  • M. Kay, XSL Transformations (XSLT) Version 3.0. W3C Recommendation REC-xslt-30-20170608 (2017, 8 June)

    Google Scholar 

  • Y. Laura-Silva and W. Aref, Realizing privacy-preserving features in hippocratic databases. Department of computer science technical reports, Report Number 06–022, Purdue University, 16pp, (2006)

    Google Scholar 

  • K. LeFevre, R. Agrawal, V. Ercegovak, R. Ramakrishnan, Y. Xu, and D. DeWitt, Limiting disclosure in hippocratic databases. Proceedings of the 30th international conference on very large databases, Toronto, Canada, 12pp, (2004)

    Google Scholar 

  • A. Lysyanskaya, Signature schemes and applications to cryptographic protocol design. Ph.D. thesis, Massachusetts Institute of Technology, Cambridge, MA, USA (2002, September)

    Google Scholar 

  • B. Markert, Comparison of three online privacy seal programs. SANS Institute Information Security Reading Room (2002)

    Google Scholar 

  • Regulation: Regulation (EU) 2016/679, General Data Protection Regulation (GDPR). OJ L 119, 04.05.2016; cor. OJ L 127, 23.5.2018 (2016, 4 May)

    Google Scholar 

  • E. Rissanen, eXtensible Access Control Markup Language (XACML) Version 3.0 Plus Errata 01. OASIS Standard Incorporating Approved Errata (2017, 12 July)

    Google Scholar 

  • M. Rotenberg, The privacy law sourcebook 2000: United States Law, International Law, and Recent Developments, Electronic Privacy Information Center (2000)

    Google Scholar 

  • A. Shamir, Identity-based cryptosystems and signature schemes. Advances in cryptology: Proceedings of crypto 84, Springer LNCS 196, pp. 47–53 (1985)

    Google Scholar 

  • H. Von Staden, In a pure and holy way: Personal and professional conduct in the Hippocratic oath (translation by H. Von Staden). J. Hist. Med. Appl. Sci. 51(4), 406–408 (1966)

    Google Scholar 

  • R. Wenning, Platform for privacy preferences (P3P) project: Background, critics and discussions. W3C P3P Background (2018, 2 February)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Verify currency and authenticity via CrossMark

Cite this chapter

Adams, C. (2021). Limiting Disclosure by Hiding the Identity-Attribute Pair. In: Introduction to Privacy Enhancing Technologies. Springer, Cham. https://doi.org/10.1007/978-3-030-81043-6_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-81043-6_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-81042-9

  • Online ISBN: 978-3-030-81043-6

  • eBook Packages: Computer ScienceComputer Science (R0)