Skip to main content
SpringerLink
Log in

Application-Oriented Selection of Privacy Enhancing Technologies

  • Conference paper
  • First Online:
Privacy Technologies and Policy (APF 2022)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13279))

Included in the following conference series:

Abstract

To create privacy-friendly software designs, architects need comprehensive knowledge of privacy-enhancing technologies (PETs) and their properties. Existing works that systemize PETs, however, are outdated or focus on comparison criteria rather than providing guidance for their practical selection. In this short paper we present an enhanced classification of PETs that is more application-oriented than previous proposals. It integrates existing criteria like the privacy protection goal, and also considers practical criteria like the functional context, a technology’s maturity, and its impact on various non-functional requirements.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    As soft privacy goals, some works also use the goals Intervenability and Transparency [22].

  2. 2.

    Note that we do not compare our approach to Heurix et al. [23], since they partly use different privacy protection goals and provide few selection criteria that would allow a direct comparison.

References

  1. Abay, N.C., Zhou, Y., Kantarcioglu, M., Thuraisingham, B., Sweeney, L.: Privacy preserving synthetic data release using deep learning. In: Berlingerio, M., Bonchi, F., Gärtner, T., Hurley, N., Ifrim, G. (eds.) ECML PKDD 2018. LNCS (LNAI), vol. 11051, pp. 510–526. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-10925-7_31

    Chapter  Google Scholar 

  2. Al-Momani, A., et al.: Land of the lost: privacy patterns’ forgotten properties: enhancing selection-support for privacy patterns. In: Proceedings of the 36th Annual ACM Symposium on Applied Computing, pp. 1217–1225 (2021)

    Google Scholar 

  3. Alshammari, M., Simpson, A.: Privacy architectural strategies: an approach for achieving various levels of privacy protection. In: Proceedings of the 2018 Workshop on Privacy in the Electronic Society, pp. 143–154 (2018)

    Google Scholar 

  4. Bab, K., et al.: Jiff (2021). GitHub repository. https://github.com/multiparty/jiff

  5. Bloemen, R., Vienhage, P.: Openzkp (2020). GitHub repository. https://github.com/0xProject/OpenZKP

  6. Bost, R.: Open symmetric searchable encryption (opensse) (2021). GitHub repository. https://github.com/OpenSSE

  7. Centelles, A., Diehl, S.: 1-out-of-2 oblivious transfer (2020). GitHub repository. https://github.com/adjoint-io/oblivious-transfer

  8. Claßen, P., Grabowski, K., Modras, K.: Anonymous credentials (2020). GitHub repository. https://github.com/whotracksme/anonymous-credentials

  9. David, R., Sison, J., Vickery, J., Bundoo, K.A., Ahmed, S.: Sybil-E: LSB-steganography (2020). https://github.com/RobinDavid/LSB-Steganography

  10. Deng, M., Wuyts, K., Scandariato, R., Preneel, B., Joosen, W.: LINDDUN: running example - social network 2.0. https://www.linddun.org/downloads. Accessed 14 Feb 2022

  11. Deng, M., Wuyts, K., Scandariato, R., Preneel, B., Joosen, W.: A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements. Requirements Eng. 16(1), 3–32 (2011)

    Article  Google Scholar 

  12. European Union Agency for Cybersecurity (ENISA): Privacy and data protection by design (2015). https://www.enisa.europa.eu/publications/privacy-and-data-protection-by-design

  13. European Union Agency for Cybersecurity (ENISA): Pets maturity assessment repository (2019). https://www.enisa.europa.eu/publications/enisa2019s-pets-maturity-assessment-repository

  14. European Union Agency for Cybersecurity (ENISA): Pseudonymisation techniques and best practices-recommendations on shaping technology according to data protection and privacy provisions (2019). https://www.enisa.europa.eu/publications/pseudonymisation-techniques-and-best-practices

  15. European Union Agency for Cybersecurity (ENISA)): Data protection engineering (2022). https://www.enisa.europa.eu/publications/data-protection-engineering

  16. Colt Frederickson: recrypt (2022). GitHub repository. https://github.com/IronCoreLabs/recrypt-rs

  17. Goldberg, I.: Off-the-record messaging. https://otr.cypherpunks.ca/

  18. Google: Fully homomorphic encryption (FHE). GitHub repository. https://github.com/google/fully-homomorphic-encryption

  19. Group, I.T.L.W.: Transport layer security. https://datatracker.ietf.org/wg/tls/charter/

  20. Gürses, S., Troncoso, C., Diaz, C.: Engineering privacy by design. Comput. Priv. Data Prot. 14(3), 25 (2011)

    Google Scholar 

  21. Gürses, S., Troncoso, C., Diaz, C.: Engineering privacy by design reloaded. In: Amsterdam Privacy Conference, pp. 1–21 (2015)

    Google Scholar 

  22. Hansen, M., Jensen, M., Rost, M.: Protection goals for privacy engineering. In: 2015 IEEE Security and Privacy Workshops, pp. 159–166. IEEE (2015)

    Google Scholar 

  23. Heurix, J., Zimmermann, P., Neubauer, T., Fenz, S.: A taxonomy for privacy enhancing technologies. Comput. Secur. 53, 1–17 (2015)

    Article  Google Scholar 

  24. Hundepool, A., et al.: Statistical Disclosure Control, vol. 2. Wiley, New York (2012)

    Book  Google Scholar 

  25. IBM: libgroupsig (2021). GitHub repository. https://github.com/IBM/libgroupsig

  26. Intel: Intel SGX. https://www.intel.com/content/www/us/en/architecture-and-technology/software-guard-extensions.html

  27. Johnson, N., Near, J.P., Hellerstein, J.M., Song, D.: Chorus: a programming framework for building scalable differential privacy mechanisms. In: 2020 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 535–551. IEEE (2020)

    Google Scholar 

  28. Kunz, I., Banse, C., Stephanow, P.: Selecting privacy enhancing technologies for IoT-based services. In: Park, N., Sun, K., Foresti, S., Butler, K., Saxena, N. (eds.) SecureComm 2020. LNICST, vol. 336, pp. 455–474. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-63095-9_29

    Chapter  Google Scholar 

  29. Li, N., Li, T., Venkatasubramanian, S.: t-closeness: privacy beyond k-anonymity and l-diversity. In: 2007 IEEE 23rd International Conference on Data Engineering, pp. 106–115. IEEE (2007)

    Google Scholar 

  30. Liones, E., Langille, D.: Muchpir demo (2021). GitHub repository. https://github.com/ReverseControl/MuchPIR

  31. Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M.: l-diversity: privacy beyond k-anonymity. ACM Trans. Knowl. Discovery from Data (TKDD) 1(1), 3-es (2007)

    Google Scholar 

  32. Mivule, K.: Utilizing noise addition for data privacy, an overview. arXiv preprint arXiv:1309.3958 (2013)

  33. NASA: Technology readiness level definitions. https://www.nasa.gov/directorates/heo/scan/engineering/technology/technology_readiness_level

  34. Pfitzmann, A., Hansen, M.: A terminology for talking about privacy by data minimization: anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management (2010)

    Google Scholar 

  35. Prasser, F., Kohlmayer, F., Babioch, K., Vujosevic, I., Bild, R.: Arx data anonymization tool. https://arx.deidentifier.org/

  36. Rubio, J.E., Alcaraz, C., Lopez, J.: Selecting privacy solutions to prioritise control in smart metering systems. In: Havarneanu, G., Setola, R., Nassopoulos, H., Wolthusen, S. (eds.) CRITIS 2016. LNCS, vol. 10242, pp. 176–188. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-71368-7_15

    Chapter  Google Scholar 

  37. Spiekermann, S., Cranor, L.F.: Engineering privacy. IEEE Trans. Software Eng. 35(1), 67–82 (2008)

    Article  Google Scholar 

  38. Sweeney, L.: k-anonymity: a model for protecting privacy. Int. J. Uncertainty Fuzziness Knowl. Based Syst. 10(05), 557–570 (2002)

    Article  MathSciNet  Google Scholar 

  39. The TensorFlow Federated Authors: TensorFlow Federated (2018). GitHub repository. https://github.com/tensorflow/federated

  40. The TOR Project: Tor browser. https://www.torproject.org/

  41. Unknown authors: Openabe (2021). GitHub repository. https://github.com/zeutro/openabe

  42. Unknown Authors: Python implementation of post-randomisation method for disclosure control (2021). https://github.com/JiscDACT/pram

  43. Unknown authors: Differential privacy (2022). GitHub repository. https://github.com/google/differential-privacy

  44. Wagner, I., Eckhoff, D.: Technical privacy metrics: a systematic survey. ACM Comput. Surv. (CSUR) 51(3), 1–38 (2018)

    Article  Google Scholar 

  45. Wagner, I., Yevseyeva, I.: Designing strong privacy metrics suites using evolutionary optimization. ACM Trans. Privacy Secur. (TOPS) 24(2), 1–35 (2021)

    Article  Google Scholar 

  46. Wu, Z., Li, G., Shen, S., Lian, X., Chen, E., Xu, G.: Constructing dummy query sequences to protect location privacy and query privacy in location-based services. World Wide Web 24(1), 25–49 (2020). https://doi.org/10.1007/s11280-020-00830-x

    Article  Google Scholar 

  47. Wuyts, K., Van Landuyt, D., Sions, L., Wouter, J.: LINDDUN: mitigation strategies and solutions. https://www.linddun.org/mitigation-strategies-and-solutions. Accessed 30 July 2021

Download references

Acknowledgements

We thank our colleagues Martin Schanzenbach, Georg Bramm, and Mark Gall who provided their domain expertise on many privacy-enhancing technologies.

Author information

Authors and Affiliations

  1. Fraunhofer AISEC, Garching bei München, Germany

    Immanuel Kunz & Andreas Binder

Authors
  1. Immanuel Kunz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Andreas Binder
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Immanuel Kunz .

Editor information

Editors and Affiliations

  1. Cardinal Stefan Wyszyński University in Warsaw, Warsaw, Poland

    Agnieszka Gryszczyńska

  2. Koźmiński University, Warsaw, Poland

    Przemysław Polański

  3. University of Oslo, Oslo, Norway

    Nils Gruschka

  4. Goethe University Frankfurt, Frankfurt, Germany

    Kai Rannenberg

  5. ENISA, Athens, Greece

    Monika Adamczyk

Rights and permissions

Reprints and permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kunz, I., Binder, A. (2022). Application-Oriented Selection of Privacy Enhancing Technologies. In: Gryszczyńska, A., Polański, P., Gruschka, N., Rannenberg, K., Adamczyk, M. (eds) Privacy Technologies and Policy. APF 2022. Lecture Notes in Computer Science(), vol 13279. Springer, Cham. https://doi.org/10.1007/978-3-031-07315-1_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-07315-1_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-07314-4

  • Online ISBN: 978-3-031-07315-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation