Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
- D13.1: Identity and impact of privacy enhancing technologie.
- D13.1 Addendum: Identity and impact of privacy enhancing technologies.
- D13.3: Study on ID number policies.
- D13.6 Privacy modelling and identity.
- D13.7: Workshop Privacy.
- D14.1: Workshop on Privacy in Business Processes.
- D14.2: Study on Privacy in Business Processes by Identity Management.
- D14.3: Study on the Suitability of Trusted Computing to support Privacy in Business Processes.
- D14.4: Workshop on “From Data Economy to Secure.
- D16.3: Towards requirements for privacy-friendly identity management in eGovernment.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
How to read this Deliverable
This deliverable distinguishes between certified and not-certified service applications. “Certified” means that a service application is only able to use personal data in compliance with the agreed rules (Zugenmaier and Hohl, 2004). The challenge in this case is to give users the possibility to prove whether personal data is sent solely to a certified application. By the authentication of a service application instead of a service provider, the service provider is able to guarantee that personal data will be sent to this specific application. Therefore, this deliverable presents a technical approach in order to disclose personal data to a specific application.
By using uncertified service applications, users have no knowledge about the behaviour of this application and whether it processes personal data in compliance with the agreed rules. The deployment of uncertified applications makes sense if they are modified frequently and the certification take too much effort. In this case, the challenge is to observe and to log the use of personal data and to make the resulting transcript available to the corresponding user. With knowledge about the behaviour of the specific software and hardware components by investigating on logged data according to the access decisions of service provider’s information system on queries for personal data, a user can decide if they are in compliance with a given privacy policy and thereby trustworthy. This deliverable investigates on the realisation of such an observation.
Chapter introduces the requirements for the controllable processing of personal data. It starts with the derivation of the current, one-sides trust model by the use cases “Information filtering” and “Personalised Services”. In order to improve the trust relationships and so to realise the trust model where service providers verify their enforcement of the agreed rules, the authors describe the requirements of a monitor for the observation of processing of personal data. Trusted Computing seems to be a suitable approach for deploying a trustworthy monitor.
Chapter introduces the concept of Trusted Computing by the TCG. Readers who are familiar with the specification of the TCG may skip this chapter.
Chapter investigates on the employment of Trusted Computing in order to support the enforcement of privacy policies. This chapter shows shortcomings of today’s Trusted Computing concerning this kind of employment, e.g. the time problem. This problem considers the change of an information system between its attestation and the collection of personal data. An attacker may be able to exchange the attestated service application by his own application and thereby to get personal data. A user cannot recognize this modification by using Trusted Computing base on the specification of the TCG.
Chapter presents approaches for solving the time problem and using the TCG specification in order to verify the behaviour of an information system by a monitor. Such a monitor encapsulates the service application of a service provider in order to observe the usage of personal data according to the agreed obligations. As one premise for this use of Trusted Computing, this chapters presents a solution for solving the time problem which is introduced by chapter 5. Afterwards, two approaches for monitoring privacy rules by using Trusted Computing are presented. The first approach considers an encapsulation of a service application by a monitor in order to detect an information flow of personal data which violates the privacy rules. The second approach presents the protection of private data in th use case “Information Filtering” by using Trusted Computing.
Chapter 7 summarizes this investigation on the use of Trusted Computing for enforcing privacy policies by its results.
6 / 39 |