Skip to main content
SpringerLink
Log in

Pseudonymization Service for X-Road eGovernment Data Exchange Layer

  • Conference paper
Book cover Electronic Government and the Information Systems Perspective (EGOVIS 2011)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 6866))

Abstract

Pseudonymization is sometimes used as a light-weight alternative to fully cryptographic solutions, when information from different data sources needs to be linked in a privacy-preserving manner. In this paper, we review several previously proposed pseudonymization techniques, point out their cryptographic and design flaws. As a solution, we have developed a simple pseudonymization framework based on X-Road, a unified database access layer serving as the basis for most eGovernment services developed in Estonia. Our solution has been fully implemented and benchmarking results together with the security analysis are presented to conclude the paper.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agrawal, R., Evfimievski, A., Srikant, R.: Information sharing across private databases. In: Proceedings of the 2003 ACM SIGMOD International Conference on Management of Data, SIGMOD 2003, pp. 86–97. ACM, New York (2003)

    Google Scholar 

  2. Ansper, A., Buldas, A., Freudenthal, M., Willemson, J.: Scalable and eficient PKI for inter-organizational communication. In: Proceedings of the 19th Annual Computer Security Applications Conference, pp. 308–318. IEEE, Los Alamitos (2003)

    Google Scholar 

  3. Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, CCS 1993, pp. 62–73. ACM, New York (1993)

    Google Scholar 

  4. Ben-David, A., Nisan, N., Pinkas, B.: FairplayMP: a system for secure multi-party computation. In: CCS 2008: Proceedings of the 15th ACM conference on Computer and communications security, pp. 257–266. ACM, New York (2008)

    Google Scholar 

  5. Bogdanov, D., Laur, S., Willemson, J.: Sharemind: A framework for fast privacy-preserving computations. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 192–206. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  6. Bogetoft, P., Christensen, D.L., Damgård, I., Geisler, M., Jakobsen, T.P., Krøigaard, M., Nielsen, J.D., Nielsen, J.B., Nielsen, K., Pagter, J., Schwartzbach, M.I., Toft, T.: Secure multiparty computation goes live. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 325–343. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  7. Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. J. ACM 51, 557–594 (2004)

    Article  MathSciNet  Google Scholar 

  8. Chaum, D.: Security without identification: Transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030–1044 (1985)

    Article  Google Scholar 

  9. Galindo, D., Verheul, E.R.: Microdata sharing via pseudonymization. In: Work Session on Statistical Data Confidentiality, Manchester, December 17-19, 2007, pp. 24–32. Eurostat (2009)

    Google Scholar 

  10. Galindo, D., Verheul, E.R.: Pseudonymized Data Sharing. In: Privacy and Anonymity in Information Management Systems: New Techniques for New Practical Problems. Advanced Information and Knowledge Processing, pp. 157–179. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  11. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, STOC 2009, pp. 169–178. ACM, New York (2009)

    Google Scholar 

  12. Kalja, A.: System integration process of government information systems. In: Kocaoglu, D., Anderson, T., Piscataway, N. (eds.) Proceedings of PICMET 2003: Portland International Conference on Management of Engineering and Technology (2003)

    Google Scholar 

  13. Kalja, A., Reitsakas, A., Saard, N.: eGovernment in Estonia: best practices. In: Anderson, T.R., Daim, T.U., Kocaoglu, D.F., Piscataway, N. (eds.) Technology Management: A Unifying Discipline for Melting the Boundaries, pp. 500–506 (2005)

    Google Scholar 

  14. Lo Iacono, L.: Multi-centric universal pseudonymisation for secondary use of the EHR. Studies in Health Technology and Informatics 126, 239–247 (2007)

    Google Scholar 

  15. Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay—a secure two-party computation system. In: SSYM 2004: Proceedings of the 13th Conference on USENIX Security Symposium, pp. 287–302. USENIX Association, Berkeley (2004)

    Google Scholar 

  16. Narayanan, A., Shmatikov, V.: Robust de-anonymization of large sparse datasets. In: IEEE Symposium on Security and Privacy, pp. 111–125 (2008)

    Google Scholar 

  17. Neubauer, T., Heurix, J.: A methodology for the pseudonymization of medical data. International Journal of Medical Informatics, 1–15 (November 2010) (in print)

    Google Scholar 

  18. Neubauer, T., Kolb, M.: Technologies for the Pseudonymization of Medical Data: A Legal Evaluation. In: Fourth International Conference on Systems, pp. 7–12. IEEE, Los Alamitos (2009)

    Google Scholar 

  19. Pommerening, K., Reng, M.: Secondary use of the EHR via pseudonymisation. Studies in Health Technology and Informatics 103, 441–446 (2004)

    Google Scholar 

  20. Riedl, B., Grascher, V., Fenz, S., Neubauer, T.: Pseudonymization for improving the Privacy in E-Health Applications. In: Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008), pp. 255–264. IEEE, Los Alamitos (January 2008)

    Chapter  Google Scholar 

  21. Riedl, B., Grascher, V., Neubauer, T.: A Secure e-Health Architecture based on the Appliance of Pseudonymization. Journal of Software 3(2), 23–32 (2008)

    Article  Google Scholar 

  22. Song, J., Poovendran, R., Lee, J., Iwata, T.: The AES-CMAC Algorithm. IETF RFC 4493 (June 2006), http://www.ietf.org/rfc/rfc4493.txt

  23. Willemson, J., Ansper, A.: A Secure and Scalable Infrastructure for Inter-Organizational Data Exchange and eGovernment Applications. In: 2008 Third International Conference on Availability, Reliability and Security, pp. 572–577. IEEE, Los Alamitos (2008)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cybernetica, Ülikooli 2, Tartu, Estonia

    Jan Willemson

  2. Software Technology and Applications Competence Center, Ülikooli 2, Tartu, Estonia

    Jan Willemson

Authors
  1. Jan Willemson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Applied ICT (CAICT) and Copenhagen Business School (CBS), Howitzvej 60, 2000, Frederiksberg, Denmark

    Kim Normann Andersen

  2. Institute of Legal Information, Theory and Techniques, ITTIG-CNR, Italian National Reserach Council, Via de’ Barucci 20, 50127, Florence, Italy

    Enrico Francesconi

  3. ESI/Informatics, Örebro University, 701 82, Örebro, Sweden

    Åke Grönlund

  4. Faculty of Law, Leibniz Center for Law, University of Amsterdam, Kloveniersburgwal 48, 1000BA, Amsterdam, The Netherlands

    Tom M. van Engers

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Willemson, J. (2011). Pseudonymization Service for X-Road eGovernment Data Exchange Layer. In: Andersen, K.N., Francesconi, E., Grönlund, Å., van Engers, T.M. (eds) Electronic Government and the Information Systems Perspective. EGOVIS 2011. Lecture Notes in Computer Science, vol 6866. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22961-9_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22961-9_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22960-2

  • Online ISBN: 978-3-642-22961-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation