ON PRIVACY IN BUSINESS PROCESSES - Observing Delegation of Personal Data by using Digital Watermarking

Sven Wohlgemuth, Isao Echizen, Noboru Sonehara, Günter Müller

Abstract

Privacy in business processes for personalized services is currently a matter of trust. Business processes require the delegation of personal data and users are not able to control their delegation and so their usage. Existing privacy-enhancing technologies consider access control but not usage control of personal data. Current work on usage control considers especially formalization of usage rules, so called obligations, and their enforcement by using mechanisms of Digital Rights Management, secure logging of access requests for an ex post enforcement, and the non-linkable delegation of access rights to personal data. However, either these enforcement mechanisms do not consider a delegation of personal data or they assume trustworthy data consumers or data providers respectively. We investigate on digital watermarking in order to observe the enforcement of obligations for a delegation of personal data without mandatory trusting in service providers.

References

  1. Accorsi, R. (2007). Automated Privacy Audits to Complement the Notion of Control for Identity Management. In Policies and Research in Identity Management. IFIP.
  2. Camenisch, J. and Lysyanskaya, A. (2001). Efficient nontransferable anonymous multi-show credential system with optional anonymity revocation. In EUROCRYPT 2001, volume 2045 of Lecture Notes in Computer Science, pages 91-118. Springer.
  3. Casassa Mont, M. and Pearson, S. (2005). An Adaptive Privacy Management System for Data Repositories. In Kazikas, S., Lopez, J., and Pernul, G., editors, TrustBus 2005, volume 3592 of Lectures Notes in Computer Science, pages 236-245, Heidelberg. Springer.
  4. Cox, I. J., Miller, M. L., Bloom, J. A., Fridrich, J., and Kalker, T. (2008). Digital Watermarking and Steganography. Morgan Kaufmann.
  5. European Commission (1995). Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities, L 281(395L0046):31-50.
  6. Hilty, M., Basin, D., and Pretschner, A. (2005). On Obligations. In de Capitani di Vimercati, S., Syverson, P., and Gollmann, D., editors, 10th European Symposium on Research in Computer Security (ESORICS 2005), volume 3679 of Lecture Notes in Computer Science, pages 98-117. Springer.
Download


Paper Citation


in Harvard Style

Wohlgemuth S., Echizen I., Sonehara N. and Müller G. (2009). ON PRIVACY IN BUSINESS PROCESSES - Observing Delegation of Personal Data by using Digital Watermarking . In Proceedings of the International Conference on e-Business - Volume 1: ICE-B, (ICETE 2009) ISBN 978-989-674-006-1, pages 27-32. DOI: 10.5220/0002260600270032


in Bibtex Style

@conference{ice-b09,
author={Sven Wohlgemuth and Isao Echizen and Noboru Sonehara and Günter Müller},
title={ON PRIVACY IN BUSINESS PROCESSES - Observing Delegation of Personal Data by using Digital Watermarking},
booktitle={Proceedings of the International Conference on e-Business - Volume 1: ICE-B, (ICETE 2009)},
year={2009},
pages={27-32},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002260600270032},
isbn={978-989-674-006-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on e-Business - Volume 1: ICE-B, (ICETE 2009)
TI - ON PRIVACY IN BUSINESS PROCESSES - Observing Delegation of Personal Data by using Digital Watermarking
SN - 978-989-674-006-1
AU - Wohlgemuth S.
AU - Echizen I.
AU - Sonehara N.
AU - Müller G.
PY - 2009
SP - 27
EP - 32
DO - 10.5220/0002260600270032