Title: CONCLUSION

Conclusion

Privacy could only be preserved in single-stage business processes and if personal data is explicitly requested by service providers. But in business processes with delegation of rights and in environments in which personal data is collected without asking for customers’ consent, customers’ has no control on the disclosure of their personal data. The two security mechanisms DREISAM and Data Track are approaches to give customers’ their control back. DREISAM prevents profiling with delegation of rights by realising a usage control based on credentials. Concerning unlinkability, customers only have to trust the service provider who manages their profiles. Data Track is a history mechanism to retrace the disclosure of personal data for its user. Thereby, Data Track supports the privacy principle of transparency of personal data processing.

Privacy is further on based on trusting the service provider who has got identifying data of their customers. To support the growing of trust relationships between customers and service providers, the processing of disclosed personal data should be verifiable for the corresponding customers. The following chapter introduces further work on security mechanisms to enable such verification.