Mandatory Enforcement of Privacy Policies using Trusted Computing Principles


Share/Save/Bookmark

Kargl, Frank and Schaub, Florian and Dietzel, Stefan (2010) Mandatory Enforcement of Privacy Policies using Trusted Computing Principles. In: Proceedings of the Intelligent Information Privacy Management Symposium, AAAI Spring Symposium, Stanford University, USA (pp. pp. 104-109).

open access
[img]
Preview
PDF
565kB
Abstract:Modern communication systems and information technology create significant new threats to information privacy. In this paper, we discuss the need for proper privacy protection in cooperative intelligent transportation systems (cITS), one instance of such systems. We outline general principles for data protection and their legal basis and argue why pure legal protection is insufficient. Strong privacy-enhancing technologies need to be deployed in cITS to protect user data while it is generated and processed. As data minimization cannot always prevent the need for disclosing relevant personal information, we introduce the new concept of mandatory enforcement of privacy policies. This concept empowers users and data subjects to tightly couple their data with privacy policies and rely on the system to impose such policies onto any data processors. We also describe the PRECIOSA Privacy-enforcing Runtime Architecture that exemplifies our approach. Moreover, we show how an application can utilize this architecture by applying it to a pay as you drive (PAYD) car insurance scenario.
Item Type:Conference or Workshop Item
Copyright:AAAI
Faculty:
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:http://purl.utwente.nl/publications/72421
Official URL:http://www.aaai.org/ocs/index.php/SSS/SSS10/paper/view/1049
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page