n South African Computer Journal - PrivGuard : a model to protect private information based on its usage : research article
|Article Title||PrivGuard : a model to protect private information based on its usage : research article|
|© Publisher:||South African Computer Society (SAICSIT)|
|Journal||South African Computer Journal|
|Author||F.A. Lategan and M.S. Olivier|
|Publication Date||Dec 2002|
|Pages||58 - 68|
|Keyword(s)||Access control, E.3, Encryption, K.4.1, K.6.5 and Privacy|
No reliable method currently exists to safeguard the privacy of private information. Privacy policies are insufficient as compliance can not be enforced automatically. In this paper we propose a model to improve the control the owner of private information has over its protection. This is achieved by classifying private information based on the purpose it is acquired for, and then designing methods to protect each class of private information. Private information is then encrypted using homomorphic functions where such information is only required for validation. The validation can then be performed without divulging the actual private information. In cases where private information is required for other usages, a system based on Kerberos and trusted third parties is used in order to maintain as much control over private information as possible.
Article metrics loading...