Skip to main content
SpringerLink
Log in

Privacy in the Electronic Society

  • Conference paper
Book cover Information Systems Security (ICISS 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4332))

Included in the following conference series:

Abstract

Internet provides unprecedented opportunities for the collection and sharing of privacy-sensitive information from and about users. Information about users is collected every day, as they join associations or groups, shop for groceries, or execute most of their common daily activities. Such information is subsequently processed, exchanged and shared between different parties; with users often having little control over their personal information once it has been disclosed to third parties. Privacy is then becoming an increasing concern. In this paper we discuss some problems to be addressed in the protection of information in our electronic society, surveying ongoing work and open issues to be investigated.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abadi, M., Lamport, L.: Composing specifications. ACM Transactions on Programming Languages 14(4), 1–60 (1992)

    MathSciNet  Google Scholar 

  2. Aggarwal, G., Feder, T., Kenthapadi, K., Motwani, R., Panigrahy, R., Thomas, D., Zhu, A.: Anonymizing tables. In: Eiter, T., Libkin, L. (eds.) ICDT 2005. LNCS, vol. 3363, pp. 246–258. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  3. Aggarwal, G., Feder, T., Kenthapadi, K., Motwani, R., Panigrahy, R., Thomas, D., Zhu, A.: Approximation algorithms for k-anonymity. Journal of Privacy Technology, 20051120001 (2005)

    Google Scholar 

  4. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: An xpath based preference language for P3P. In: Proc. of the 12th International World Wide Web Conference, Budapest, Hungary (May 2003)

    Google Scholar 

  5. Ahn, G.-J., Lam, J.: Managing privacy preferences in federated identity management. In: Proc. of the ACM Workshop on Digital Identity Management, Fairfax, VA, USA (November 2005)

    Google Scholar 

  6. Ardagna, C.A., De Capitani di Vimercati, S., Samarati, P.: Enhancing user privacy through data handling policies. In: Damiani, E., Liu, P. (eds.) Data and Applications Security 2006. LNCS, vol. 4127, pp. 224–236. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  7. Bayardo, R.J., Agrawal, R.: Data privacy through optimal k-anonymization. In: Proc. of the 21st International Conference on Data Engineering (ICDE 2005), Tokyo, Japan, April 2005, pp. 217–228 (2005)

    Google Scholar 

  8. Bell, D.E.: Modeling the multipolicy machine. In: Proc. of the New Security Paradigm Workshop (August 1994)

    Google Scholar 

  9. Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The KeyNote Trust Management System (Version 2), internet rfc 2704 edn. (1999)

    Google Scholar 

  10. Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proc. of the 17th IEEE Symp. on Security and Privacy, Oakland, CA (May 1996)

    Google Scholar 

  11. Bonatti, P., De Capitani di Vimercati, S., Samarati, P.: An algebra for composing access control policies. ACM Transactions on Information and System Security 5(1), 1–35 (2002)

    Article  Google Scholar 

  12. Bonatti, P., Samarati, P.: A unified framework for regulating access and information release on the web. Journal of Computer Security 10(3), 241–272 (2002)

    Google Scholar 

  13. Casassa Mont, M., Pearson, S., Bramhall, P.: Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services. In: Proc. of the 14th International Workshop on Database and Expert Systems Applications, Prague, Czech (September 2003)

    Google Scholar 

  14. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: k-anonymity. In: Security in Decentralized Data Management. Springer, Heidelberg (2006)

    Google Scholar 

  15. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: Microdata protection. In: Security in Decentralized Data Management. Springer, Heidelberg (2006)

    Google Scholar 

  16. Damiani, E., De Capitani di Vimercati, S., Fugazza, C., Samarati, P.: Extending policy languages to the semantic web. In: Koch, N., Fraternali, P., Wirsing, M. (eds.) ICWE 2004. LNCS, vol. 3140, pp. 330–343. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  17. DeTreville, J.: Binder, a logic-based security language. In: Proc. of the 2001 IEEE Symposium on Security and Privacy, Oakland, CA, USA (May 2002)

    Google Scholar 

  18. Domingo-Ferrer, J., Mateo-Sanz, J.M.: Practical data-oriented microaggregation for statistical disclosure control. IEEE Transactions on Knowledge and Data Engineering 14(1), 189–201 (2002)

    Article  Google Scholar 

  19. Ellison, C.M., Frantz, B., Lampson, B., Rivest, R.L., Thomas, B.M., Ylonen, T.: SPKI certificate theory. RFC2693 (September 1999)

    Google Scholar 

  20. Fung, B., Wang, K., Yu, P.: Top-down specialization for information and privacy preservation. In: Proc. of the 21st International Conference on Data Engineering (ICDE 2005), Tokyo, Japan (April 2005)

    Google Scholar 

  21. Hosmer, H.: Metapolicies II. In: Proc. of the 15th National Computer Security Conference (1992)

    Google Scholar 

  22. Irwin, K., Yu, T.: Preventing attribute information leakage in automated trust negotiation. In: Proc. of the 12th ACM Conference on Computer and Communications Security, Alexandria, VA, USA (November 2005)

    Google Scholar 

  23. Iyengar, V.: Transforming data to satisfy privacy constraints. In: Proc. of the Eigth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Edmonton, Alberta, Canada, pp. 279–288 (2002)

    Google Scholar 

  24. Jaeger, T.: Access control in configurable systems. In: Vitek, J. (ed.) Secure Internet Programming. LNCS, vol. 1603, pp. 289–316. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  25. Jajodia, S., Samarati, P., Sapino, M., Subrahmanian, V.: Flexible support for multiple access control policies. ACM Transactions on Database Systems 26(2), 18–28 (2001)

    Article  Google Scholar 

  26. Jim, T.: SD3: A trust management system with certified evaluation. In: Proc. of the 2001 IEEE Symposium on Security and Privacy, Oakland, CA, USA (May 2001)

    Google Scholar 

  27. LeFevre, K., DeWitt., D.J., Ramakrishnan, R.: Incognito: Efficient full-domain k-anonymity. In: Proc. of the 24th ACM SIGMOD International Conference on Management of Data, Baltimore, Maryland, USA, June 2005, pp. 49–60 (2005)

    Google Scholar 

  28. Li, N., Grosof, B., Feigenbaum: Delegation logic: A logic-based approach to distributed authorization. ACM Transactions on Information and System Security 6(1), 128–171 (2003)

    Article  Google Scholar 

  29. Li, N., Mitchell, J.C., Winsborough, W.H.: Beyond proof-of-compliance: Security analysis in trust management. Journal of the ACM 52(3), 474–514 (2005)

    Article  MathSciNet  Google Scholar 

  30. Li, N., Winsborough, W.H., Mitchell, J.C.: Distributed credential chain discovery in trust management. Journal of Computer Security 11(1), 35–86 (2003)

    Google Scholar 

  31. Liu, P., Mitra, P., Pan, C., Atluri, V.: Privacy-preserving semantic interoperation and access control of heterogeneous databases. In: ACM Symposium on InformAtion, Computer and Communications Security, Taipei, Taiwan (March 2006)

    Google Scholar 

  32. Machanavajjhala, A., Gehrke, J., Kifer, D.: ℓ-diversity: Privacy beyond k-anonymity. In: Proc. of the ICDE 2006, Atlanta, GA, USA (April 2006)

    Google Scholar 

  33. McLean, J.: The algebra of security. In: Proc. of the 1988 IEEE Computer Society Symposium on Security and Privacy, Oakland, CA, USA (April 1988)

    Google Scholar 

  34. Meyerson, A., Williams, R.: On the complexity of optimal k-anonymity. In: Proc. of the 23rd ACM PODS, Paris, France, pp. 223–228 (2004)

    Google Scholar 

  35. Ni, J., Li, N., Winsborough, W.H.: Automated trust negotiation using cryptographic credentials. In: Proc. of the 12th ACM Conference on Computer and Communications Security, Alexandria, VA, USA (November 2005)

    Google Scholar 

  36. Ryutov, T., Zhou, L., Neuman, C., Leithead, T., Seamons, K.E.: Adaptive trust negotiation and access control. In: Proc. of the 10th ACM Symposium on Access Control Models and Technologies, Stockholm, Sweden (June 2005)

    Google Scholar 

  37. Samarati, P.: Protecting respondents identities’ in microdata release. IEEE Transactions on Knowledge and Data Engineering 13(6), 1010–1027 (2001)

    Article  Google Scholar 

  38. Samarati, P., Sweeney, L.: Generalizing data to provide anonymity when disclosing information. In: Proc. of the 17th ACM PODS, Seattle, WA (1998)

    Google Scholar 

  39. Seamons, K.E., Winsborough, W., Winslett, M.: Internet credential acceptance policies. In: Proc. of the Workshop on Logic Programming for Internet Applications, Leuven, Belgium (July 1997)

    Google Scholar 

  40. Wang, L., Wijesekera, D., Jajodia, S.: A logic-based framework for attribute based access control. In: Proc. of the 2004 ACM Workshop on Formal Methods in Security Engineering, Washington DC, USA (October 2004)

    Google Scholar 

  41. Wijesekera, D., Jajodia, S.: A propositional policy algebra for access control. ACM Transactions on Information and System Security 6(2), 286–325 (2003)

    Article  Google Scholar 

  42. Woo, T.Y.C., Lam, S.S.: Authorizations in distributed systems: A new approach. Journal of Computer Security 2(2,3), 107–136 (1993)

    Google Scholar 

  43. World Wide Web Consortium. A P3P Preference Exchange Language 1.0 (APPEL1.0) (April 2002), http://www.w3.org/TR/P3P-preferences/

  44. World Wide Web Consortium. The Platform for Privacy Preferences 1.1 (P3P1.1) Specification (July 2005), http://www.w3.org/TR/2005/WD-P3P11-20050701

  45. Yao, C., Wang, X.S., Jajodia, S.: Checking for k-anonymity violation by views. In: Proc. of the 31st International Conference on Very Large Data Bases (VLDB 2005), Trondheim, Norway (August 2005)

    Google Scholar 

  46. Yu, T., Winslett, M.: A unified scheme for resource protection in automated trust negotiation. In: Proc. of the IEEE Symp. on Security and Privacy, Oakland, CA (May 2003)

    Google Scholar 

  47. Yu, T., Winslett, M., Seamons, K.E.: Prunes: An efficient and complete strategy for automated trust negotiation over the internet. In: Proc. of the 7th ACM Conf. on Computer and Communications Security, Athens, Greece (November 2000)

    Google Scholar 

  48. Yu, T., Winslett, M., Seamons, K.E.: Supporting structured credentials and sensitive policies trough interoperable strategies for automated trust. ACM Transactions on Information and System Security (TISSEC) 6(1), 1–42 (2003)

    Article  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Tecnologie dell’Informazione, Università degli Studi di Milano, 26013, Crema, Italy

    Sabrina De Capitani di Vimercati & Pierangela Samarati

Authors
  1. Sabrina De Capitani di Vimercati
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pierangela Samarati
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Indian Statistical Institute, Computer and Statistical Service Center, 203, B.T. Road, 700108, Kolkata, India

    Aditya Bagchi

  2. MSIS Department and CIMIC, Rutgers University, USA

    Vijayalakshmi Atluri

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

De Capitani di Vimercati, S., Samarati, P. (2006). Privacy in the Electronic Society. In: Bagchi, A., Atluri, V. (eds) Information Systems Security. ICISS 2006. Lecture Notes in Computer Science, vol 4332. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11961635_1

Download citation

  • DOI: https://doi.org/10.1007/11961635_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-68962-1

  • Online ISBN: 978-3-540-68963-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation