CCS

A "blocker" tag is a privacy-enhancing radio-frequency identification (RFID) tag. It operates by interfering with the protocol in which a reader communicates individually with other RFID tags. While inexpensive to manufacture in quantity, blockers are ...

The number of location-aware mobile devices has been rising for several years. As this trend continues, these devices may be able to use their location information to provide interesting applications for their owners. Possible applications for such ...

The growing popularity of inexpensive, portable recording devices, such as cellular phone cameras and compact digital audio recorders, presents a significant new threat to privacy. We propose a set of technologies that can be integrated into recording ...

The importance of personal privacy to Internet users has been extensively researched using a variety of survey techniques. The limitations of survey research are well-known and take place because there are no positive or negative consequences to the ...

In an open environment such as the Internet, the decision to collaborate with a stranger (e.g., by granting access to a resource) is often based on the characteristics (rather than the identity) of the requester, via digital credentials: Access is ...

Data mining provides the opportunity to extract useful information from large databases. Various techniques have been proposed in this context in order to extract this information in the most efficient way. However, efficiency is not our only concern in ...

Nowadays, more and more applications use sensitive and personal information. Subsequently, respecting citizens' privacy is becoming extremely important. Dedicated to this issue, this paper suggests a rigorous approach to define anonymization ...

In this paper, we describe the Open Voting Consortium's voting system and discuss the privacy issues inherent in this system. By extension, many of the privacy issues in this paper also apply to other electronic voting machines, such as DREs(Direct ...

As computing becomes more ubiquitous and Internet use continues to rise, it is increasingly important for organizations to construct accurate and effective privacy policies that document their information handling and usage practices. Most privacy ...

The cost of data storage is now so low that there is little necessity ever to delete anything. The consequence is <i>denied oblivion</i>---digital systems that remember forever and can be data-mined retroactively, years after the event, ignoring any ...

We define message privacy against a <i>profiling</i> adversary, whose goal is to classify a population of users into categories according to the messages they exchange. This adversary models the most common privacy threat against email communication. We ...

We argue that in open systems one's private information disclosure needs to be dynamically controlled based on both its sensitivity and the possibility that a user's identity is revealed. Then we propose an identifiability-based access control scheme, ...

Many modern enterprises require methods for guaranteeing compliance with privacy legislation and announced privacy policies. IBM has proposed a formal language, the Enterprise Privacy Authorization Language (EPAL), for describing privacy policies ...

We are developing a blocking resistant, practical and usable system for anonymous web surfing. This means, the system tries to provide as much reachability and availability as possible, even to users in countries where the free flow of information is ...

<i>Minx</i> is a cryptographic message format for encoding anonymous messages, relayed through a network of Chaumian mixes. It provides security against a passive adversary by completely hiding correspondences between input and output messages. Possibly ...

Anonymity networks have long relied on diversity of node location for protection against attacks---typically an adversary who can observe a larger fraction of the network can launch a more effective attack. We investigate the diversity of two deployed ...

Quite often on the Internet, cryptography is used to protect private, personal communications. However, most commonly, systems such as PGP are used, which use long-lived encryption keys (subject to compromise) for confidentiality, and digital signatures ...

In this paper, we introduce a general framework for microdata and three disclosure risk measures (minimal, maximal and weighted). We classify the attributes from a given microdata in two different ways: based on their potential identification utility ...

We address the problem of data linkage and data extraction across database tables of sensitive information about individuals, in an environment of constraints on organisations' ability to share data and a need to protect individuals' privacy and ...

Suppose a number of hospitals in a geographic area want to learn how their own heart-surgery unit is doing compared with the others in terms of mortality rates, subsequent complications, or any other quality metric. Similarly, a number of small ...