Abstract
Web technologies provide several means to infringe user privacy. This is especially true when customers buying tangible goods submit orders that contain their real identity and physical address. Then, in practice, the vendor can link this information with all information gathered about the customer, obtained through various means. In this paper, we present a solution that is based on mobile agents and a new infrastructure consisting of a mobile agent base station and a cardinality observer. This infrastructure can be used to prevent the vendor from directly linking information gathered about the customer with identifying information usually contained in the customer’s order. The vendor can only assign customers to their correct profiles with some probability which depends on the number of candidate profiles. The new infrastructure allows the customer to decrease this probability in several ways. The usage of both the cardinality observer and the mobile agent base station deterministically guarantees to the customer that an agent only starts its journey when a desired threshold for the linking probability has been reached. In a second variant using only the mobile agent base station, the linking probability is decreased in a probabilistic manner by introducing a fixed delay before mobile agent release.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Robert M. Arlein, Ben Jai, Markus Jakobsson, Fabian Monrose, and Michael K. Reiter. Privacy-preserving global customization (extended abstract). In Proceedings of the 2nd ACM conference on Electronic Commerce (EC’00), October 2000.
Feng Bao and Robert Deng. Privacy protection for transactions of digital goods. In Information and Communications Security (ICICS 2001), Third International Conference, Proceedings, number 2229 in LNCS. Springer Verlag, November 2001.
Roger Clarke. Internet privacy concerns confirm the case for intervention. Communications of the ACM, 42(2), February 1999.
Donna L. Hoffman, Thomas P. Novak, and Marcos Peralta. Building consumer trust online. Communications of the ACM, 42(4), April 1999.
Ari Juels. Targeted advertising... and privacy too. In Progress in Cryptology-CT-RSA 2001, The Cryptographers’ Track at RSA Conference 2001 San Francisco, Proceedings, number 2020 in LNCS. Springer Verlag, 2001.
D. Kristol and L. Montulli. HTTP State Management Mechanism. RFC 2109, February 1997.
Danny B. Lange and Mitsuru Oshima. Programming and Deploying Java Mobile Agents with Aglets. Addison-Wesley, 1998.
Michael G. Reed, Paul F. Syverson, and David M. Goldschlag. Proxies for anonymous routing. In Proceedings of 12th Annual Computer Security Applications Conference (ACSAC’96). IEEE Press, December 1996.
Michael K. Reiter and Aviel D. Rubin. Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security, 1(1), 1998.
Ron L. Rivest, Adi Shamir, and Leonard M. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), February 1978.
Stuart G. Stubblebine, Paul F. Syverson, and David M. Goldschlag. Unlinkable serial transactions: Protocols and applications. ACM Transactions on Information and System Security, 2(4), 1999.
Paul F. Syverson, Michael G. Reed, and David M. Goldschlag. Private web browsing. Journal of Computer Security — Special Issue on Web Security, 5(3), 1997.
Huaiqing Wang, Matthew K.O. Lee, and Chen Wang. Consumer privacy concerns about internet marketing. Communications of the ACM, 41(3), March 1998.
Dirk Westhoff, Markus Schneider, Claus Unger, and Firoz Kaderali. Protecting a mobile agent’s route against collusions. In Selected Areas in Cryptography, 6th Annual International Workshop (SAC’99), number 1758 in LNCS. Springer Verlag, 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Enzmann, M., Kunz, T., Schneider, M. (2002). A New Infrastructure for User Tracking Prevention and Privacy Protection in Internet Shopping. In: Davida, G., Frankel, Y., Rees, O. (eds) Infrastructure Security. InfraSec 2002. Lecture Notes in Computer Science, vol 2437. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45831-X_14
Download citation
DOI: https://doi.org/10.1007/3-540-45831-X_14
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44309-4
Online ISBN: 978-3-540-45831-9
eBook Packages: Springer Book Archive