Publishing data for analysis from a micro data table containing sensitive attributes, while maintaining individual privacy, is a problem of increasing significance today. The k-anonymity model was proposed for privacy preserving data publication. While focusing on identity disclosure, k-anonymity model fails to protect attribute disclosure to some extent. Many efforts are made to enhance the k-...

Privacy is a major concern in RFID systems, especially with widespread deployment of wireless enabled interconnected personal devices. In this paper, we consider privacy issues in RFID systems where the authorized readers must be able to identify tags without an adversary being able to trace them, and provide a formal security model for privacy in RFID system. Under this model, we analyze the r...

Privacy is a major concern in RFID systems, especially with widespread deployment of wireless enabled interconnected personal devices. In this paper, we consider privacy issues in RFID system where the authorized readers must be able to identify tags without an adversary being able to trace them, and provide a formal security model for privacy in RFID system. Under this model, we analyze the re...

Many scenarios require computing the join of databases held by two or more parties that do not trust one another. Private record linkage is a cryptographic tool that allows such a join to be computed without leaking any information about records that do not participate in the join output. However, such strong security comes with a cost: except for exact equi-joins, these techniques have a high ...

The major challenge of data perturbation is to achieve the desired balance between the level of privacy guarantee and the level of data utility. Data privacy and data utility are commonly considered as a pair of conflicting requirements in privacy-preserving data mining systems and applications. Multiplicative perturbation algorithms aim at improving data privacy while maintaining the desired l...

This paper develops a theoretical model to help answer the following question— what influences an individual’s opinions regarding the right to privacy of others (individuals, organizations, and governments)? This question is particularly relevant for organizations and governments, for whom insider threats to corporate or government privacy present a dangerous risk. We draw from three bases of l...

Many wearable devices identify themselves in a pervasive way. But at the same time, people want to remain anonymous. Modeling anonymity and unlinkability in identification protocols is a delicate issue. In this paper, we revisit the privacy model from Asiacrypt 2007. We show how to achieve forward-privacy (in the V07 sense) using an IND-CCA secure cryptosystem with the PKC protocol. We review t...

We provide a formal model for identification schemes. Under this model, we give strong definitions for security and privacy. Our model captures the notion of a powerful adversary who can monitor all communications, trace tags within a limited period of time, corrupt tags, and get side channel information on the reader output. Adversaries who do not have access to this side channel are called na...

Privacy policies, laws, and guidelines have been cultivated based on overly verbose specifications. This article claims that privacy regulations lend themselves to a firmer language based on a model of flow of personal identifiable information. The model specifies a limited number of situations and acts on personal identifiable information. As an application of the model, the model is applied t...

Retail industry poses typical enterprise computing challenges, since a retailer normally deals with multiple parties that belong to different organizations (i.e., suppliers, manufacturers, distributors, end consumers). Capable of enabling retailers to effectively and efficiently manage merchandise transferring among various parties, Radio Frequency Identification (RFID) is an emerging technolog...