Frans A Lategan and Martin S Olivier, "PrivGuard: A model to protect private information based on its usage", South African Computer Journal, 2002 (in press)
No reliable method currently exists to safeguard the privacy of private information. Privacy policies are insufficient as compliance can not be enforced automatically. In this paper we propose a model to improve the control the owner of private information has over its protection. This is achieved by classifying private information based on the purpose it is acquired for, and then designing methods to protect each class of private information. Private information is then encrypted using homomorphic functions where such information is only required for validation. The validation can then be performed without divulging the actual private information. In cases where private information is required for other usages, a system based on Kerberos and trusted third parties is used in order to maintain as much control over private information as possible.
Privacy, access control, encryption
@ARTICLE(privgrd,
AUTHOR={Frans A Lategan and Martin S Olivier},
TITLE={Priv{G}uard: A model to protect private information based on its
usage},
JOURNAL={South African Computer Journal},
YEAR={2002},
VOLUME={29},
PAGES={58--68} )
The full text may be downloaded from http://mo.co.za/open/privgrd.pdf (PDF, 90K).
[Publications]
[Home]
Page maintained by
Martin Olivier
Last update: 17 October 2002