Unobservability ensures that a user may use a resource or service without others, especially third parties, being able to observe that the resource or service is being used .
A corresponding but more general definition is provided by . Unobservability of an item of interest (e.g., a subject, messages, action) means that all uninvolved subjects cannot sufficiently distinguish whether or not it exists. Besides, anonymity of subjects involved in the item of interest is provided even against the other subjects involved in that item of interest.
Whereas anonymity and pseudonymity protect the relationship of subjects to other items of interest (e.g., the fact that a specific user has sent a message), unobservability protects information about the very existence of the item of interest against uninvolved parties (e.g., the fact that a message was sent). With respect to the same attacker, if a subject’s action is unobservable, then the user...
- 1.Common Criteria for Information Technology Security Evaluation, Version 3.1, revision 4, September 2012. Part 2: Functional security components. www.commoncriteriaportal.org
- 2.Pfitzmann A, Hansen M. A terminology for talking about privacy by data minimization: anonymity, unlinkability, unobservability, pseudonymity, and identity management. Version 0.34. http://dud.inf.tu-dresden.de/Anon_Terminology.shtml. 10 Aug 2010.