Abstract
The economic value of rich user profiles is an incentive for providers to collect more personal (and sensitive) information than the minimum amount needed for deploying services effectively and securely. With a game-theoretic approach, we show that provider competition can reduce such information requests. The key is a suitable mechanism, roughly reminiscent of a Vickrey auction subject to integrity constraints. We show that our mechanism induces rational providers to ask exactly for the user information strictly necessary to deliver their service effectively and securely. In this framework, maximal attribute disclosures become more difficult to achieve.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bae, J., Beigman, E., Berry, R.A., Honig, M.L., Vohra, R.V.: Sequential bandwidth and power auctions for distributed spectrum sharing. IEEE Journal on Selected Areas in Communications 26(7), 1193–1203 (2008)
Baselice, S., Bonatti, P., Faella, M.: On interoperable trust negotiation strategies. In: IEEE POLICY 2007, pp. 39–50. IEEE Computer Society, Los Alamitos (2007)
Bogetoft, P., Damgård, I., Jakobsen, T.P., Nielsen, K., Pagter, J., Toft, T.: A practical implementation of secure auctions based on multiparty integer computation. In: Di Crescenzo, G., Rubin, A. (eds.) FC 2006. LNCS, vol. 4107, pp. 142–147. Springer, Heidelberg (2006)
Bonatti, P.A., Festa, P.: On optimal service selection. In: Ellis, A., Hagino, T. (eds.) Proc. of the 14th Int. Conf. on World Wide Web, WWW 2005, pp. 530–538. ACM, New York (2005)
Broache, A.: Competition is good for search privacy, report says. CNET News (August 8, 2007), http://news.cnet.com/Competition-is-good-for-search-privacy,-report-says/2100-1029_3-6201468.html
Chaum, D.: Blind signatures for untraceable payments. In: Advances in Cryptology - Crypto 1982, pp. 199–203. Springer, Heidelberg (1983)
Dalenius, T.: Finding a needle in a haystack - or identifying anonymous census records. Journal of Official Statistics 2(3), 329–336 (1986)
Feigenbaum, J., Jaggard, A.D., Schapira, M.: Approximate privacy: foundations and quantification (extended abstract). In: Parkes, D.C., Dellarocas, C., Tennenholtz, M. (eds.) ACM Conference on Electronic Commerce, pp. 167–178. ACM, New York (2010)
Gray, E.: FTC to boost competition in privacy protection. Global Competition Review (September 23, 2010)
He, Y., Zhu, M., Zheng, C.: An efficient and minimum sensitivity cost negotiation strategy in automated trust negotiation. In: Int. Conf. Comp. Sci. and Soft. Eng.,, vol. 3, pp. 182–185 (2008)
Kleinberg, J., Papadimitriou, C.H., Raghavan, P.: On the value of private information. In: TARK 2001: Proceedings of the 8th Conference on Theoretical Aspects of Rationality and Knowledge, pp. 249–257. Morgan Kaufmann, San Francisco (2001)
Luton, R., McAfee, P.R.: Sequential procurement auctions. Journal of Public Economics 31(2), 181–195 (1986)
Osborne, M., Rubinstein, A.: A Course in Game Theory. MIT Press, Cambridge (1994)
Paci, F., Bauer, D., Bertino, E., Blough, D.M., Squicciarini, A.C.: Minimal credential disclosure in trust negotiations. In: Bertino, E., Takahashi, K. (eds.) Digital Identity Management, pp. 89–96. ACM, New York (2008)
Sadeh, N.M., Hong, J.I., Cranor, L.F., Fette, I., Kelley, P.G., Prabaker, M.K., Rao, J.: Understanding and capturing people’s privacy policies in a mobile social networking application. Personal and Ubiquitous Computing 13(6), 401–412 (2009)
Samarati, P.: Protecting respondents’ identities in microdata release. IEEE Transactions on Knowledge and Data Engineering 13(6), 1010–1027 (2001)
Schwartz, A., Cooper, A.: Search privacy practices: A work in progress. Center for Democracy and Technology report (August 2007)
Squicciarini, A.C., Bertino, E., Ferrari, E., Paci, F., Thuraisingham, B.M.: PP-trust-X: A system for privacy preserving trust negotiations. ACM Trans. Inf. Syst. Secur. 10(3) (2007)
Sweeney, L.: Guaranteeing anonymity when sharing medical data, the Datafly system. Journal of the American Medical Informatics Association (1997)
Vickrey, W.: Counterspeculation, auctions, and competitive sealed tenders. Journal of Finance 16, 8–37 (1961)
Winsborough, W.H., Li, N.: Protecting sensitive attributes in automated trust negotiation. In: WPES, pp. 41–51. ACM, New York (2002)
Yu, T., Winslett, M., Seamons, K.E.: Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Trans. Inf. Syst. Secur. 6(1), 1–42 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bonatti, P.A., Faella, M., Galdi, C., Sauro, L. (2011). Towards a Mechanism for Incentivating Privacy. In: Atluri, V., Diaz, C. (eds) Computer Security – ESORICS 2011. ESORICS 2011. Lecture Notes in Computer Science, vol 6879. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23822-2_26
Download citation
DOI: https://doi.org/10.1007/978-3-642-23822-2_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-23821-5
Online ISBN: 978-3-642-23822-2
eBook Packages: Computer ScienceComputer Science (R0)