Privacy from Promises to Protection |
| |
| Authors: | Michael Maaser Peter Langendörfer |
| |
| Affiliation: | (1) IHP microelectronics, Im Technologiepark 25, 15236 Frankfurt(Oder), Germany |
| |
| Abstract: | Privacy issues are becoming more and more important especially since the cyber and the real world are converging up to certain extent when using mobile devices. Means that really protect privacy are still missing. The problem is, as soon as a user provides data to a service provider the user looses control over her data. The simple solution is not to provide any data but then many useful services, e.g. navigation applications, cannot be used. In order to solve this problem, we propose privacy guaranteeing execution containers (PGEC). Basically the concept is that the application obtains access to the user data in a specially protected and certified environment, the PGEC. PGECs enable applications to access private user data and guarantee that the user data is deleted as soon as the service is quit. The PGEC also restricts the communication between the application and the service provider to what is explicitly allowed by the service user. In addition to those means the PGEC also implements countermeasures against malicious attacks such as modified host systems and covert channel attacks, which might be misusing CPU load to signal data out of the PGEC. Thus, the PGEC guarantees a “one time use” of the provided private data. |
| |
| Keywords: | privacy enhancing techniques P3P location based services covert channels malicious host detection |
| 本文献已被 SpringerLink 等数据库收录! |
|
