Controlling access to personal data through Accredited Symmetrically Private Information Retrieval
نویسنده
چکیده
With the digitization of society and the continuous migration of services to the electronic world, individuals have lost significant control over their data. In this paper, we consider the problem of protecting personal information according to privacy policies defined by the data subjects. More specifically, we propose a new primitive allowing a data subject to decide when, how, and by whom his data can be accessed, without the database manager learning anything about his identity, at the time the data is retrieved. The proposed solution, which we call Accredited SPIR, combines symmetrically private information retrieval and privacy-preserving digital credentials. We present three constructions based on the discrete logarithm and RSA problems. Despite the added privacy safeguards, the extra cost incurred by our constructions is negligeable compared to that of the underlying building blocks.
منابع مشابه
Accredited Symmetrically Private Information Retrieval
With the digitization of society and the continuous migration of services to the electronic world, individuals have lost significant control over their data. In this paper, we consider the problem of protecting personal information subjects. More specifically, we propose a new primitive allowing a data subject to decide when, how, and by whom his data can be accessed, without the database manag...
متن کاملPrivacy-preserving Personal Information Management
The spread of Information and Communication Technologies (ICTs) has transformed the way we deliver services, and has made them in general more efficient and more accessible to users. With these improvements however came new challenges. The extensive use of electronic services in our daily life, and the massive gathering of transactional data have led to serious privacy violations. In this thesi...
متن کاملEfficient Multi-authorizer Accredited Symmetrically Private Information Retrieval
We consider a setting where records containing sensitive personal information are stored on a remote database managed by a storage provider. Each record in the database is co-owned by a fixed number of parties called data-subjects. The paper proposes a protocol that allows data-subjects to grant access to their records, to self-approved parties, without the DB manager being able to learn if and...
متن کاملQuantum Symmetrically-Private Information Retrieval
Private information retrieval systems (PIRs) allow a user to extract an item from a database that is replicated over k ≥ 1 servers, while satisfying various privacy constraints. We exhibit quantum k-server symmetrically-private information retrieval systems (QSPIRs) that use sublinear communication, do not use shared randomness among the servers, and preserve privacy against honest users and di...
متن کاملشناسایی و ارزیابی خطاهای دندانپزشکان درکنترل عفونت در یک کلینیک تخصصی شهر تهران
Background and aims: Health care is one of the areas with high risk. Nowadays, leader organizations in healthcare recognize the fact that the side effects and the failure of the system should be managed and controlled. In this context, one of the most important topics is human error. One of the issues related to health care is “Infection Control” which is much discussed in dentistry. This rese...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2008 شماره
صفحات -
تاریخ انتشار 2008