ABSTRACT

The shift from a paper-based to an electronic-based society has dramatically reduced the cost of collecting, storing and processing individuals' personal information. As a result, it is becoming more common for businesses to "profile" individuals in order to present more personalized offers as part of their business strategy. While such profiles can be helpful and improve efficiency, they can also govern opaque decisions about an individual's access to services such as credit or an employment position. In many cases, profiling of personal data is done without the consent of the target individual.In the past decade, the European Union and its member states have implemented a legal framework to provide guidance on processing of personal data with the specific aim to restore the citizens' control over their data. To complement the legal framework, the prime (Privacy and Identity Management for Europe) project [14] has implemented a technical framework for processing personal data. prime's vision is to give individuals sovereignty over their personal data so that:

• Individuals can limit the information collected about them by using pseudo-identities, certifications and cryptography when performing online transactions,
• Individuals can negotiate legally-binding "privacy policies" with their service providers that govern how disclosed personal data can be used and which precautions must be taken to safeguard it, and
• Individuals and service providers can use automated mechanisms to manage their personal data and their obligations towards data which they have collected from other parties.

To accomplish this, the prime project has designed and implemented a practical system-level solution which incorporates novel cryptographic protocols, sophisticated security protocols, and artificial intelligence algorithms. This paper describes the architecture of this system. Most key features of this architecture have been implemented in a proof-of-concept prototype.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Michael Backes , Jan Camenisch , Dieter Sommer, Anonymous yet accountable access control, Proceedings of the 2005 ACM workshop on Privacy in the electronic society, November 07-07, 2005, Alexandria, VA, USA  [doi>10.1145/1102199.1102208]
	2	Berners-Lee, T., Fielding, R., and Masinter, L. Uniform Resource Identifier (URI): Generic Syntax. RFC 3986 (Standard), Jan. 2005.
	3	Piero Bonatti , Pierangela Samarati, Regulating service access and information release on the Web, Proceedings of the 7th ACM conference on Computer and communications security, p.134-143, November 01-04, 2000, Athens, Greece  [doi>10.1145/352600.352620]
	4	Piero A. Bonatti , Pierangela Samarati, A uniform framework for regulating service access and information release on the web, Journal of Computer Security, v.10 n.3, p.241-271, 2002
	5	Camenisch, J. Protecting (anonymous) credentials with the trusted computing group's trusted platform modules v1.2. Tech. rep., IBM Research, Jan. 2005.
	6	Jan Camenisch , Anna Lysyanskaya, An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation, Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, p.93-118, May 06-10, 2001
	7	Camenisch, J., Sommer, D., and Zimmermann, R. A general certification framework with applications to privacy-enhancing certificate infrastructures. Tech. Rep. RZ 3629, IBM Zurich Research Laboratory, July 2005.
	8	Casassa Mont, M. Dealing with privacy obligations: Important aspects and technical approaches. In TrustBus 2004 (2004), pp.~120--131.
	9	Casassa Mont, M. Dealing with privacy obligations in enterprises. In ISSE (2004).
	10	David Chaum, Security without identification: transaction systems to make big brother obsolete, Communications of the ACM, v.28 n.10, p.1030-1044, Oct. 1985  [doi>10.1145/4372.4373]
	11	Dean, M., and Schreiber, G. OWL web ontology language reference. W3C Recommendation.
	12	Farrell, S., and Housley, R. An Internet Attribute Certificate Profile for Authorization. RFC 3281 (Proposed Standard), Apr. 2002.
	13	David Goldschlag , Michael Reed , Paul Syverson, Onion routing, Communications of the ACM, v.42 n.2, p.39-41, Feb. 1999  [doi>10.1145/293411.293443]
	14	Hansen, M., and Krasemann, H. Prime whitepaper. Whitepaper, 18 July 2005. http://www.prime-project.eu.org/prime/public/press_room/whitepaper/PRIME-Whitepaper-V1.pdf.
	15	Housley, R., Polk, W., Ford, W., and Solo, D. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 3280 (Proposed Standard), Apr. 2002.
	16	Anna Lysyanskaya , Ronald L. Rivest , Amit Sahai , Stefan Wolf, Pseudonym Systems, Proceedings of the 6th Annual International Workshop on Selected Areas in Cryptography, p.184-199, August 09-10, 1999
	17	Manola, F., and Miller, E. RDF primer. W3C Recommendation.
	18	Michael K. Reiter , Aviel D. Rubin, Crowds: anonymity for Web transactions, ACM Transactions on Information and System Security (TISSEC), v.1 n.1, p.66-92, Nov. 1998  [doi>10.1145/290163.290168]
	19	Saita, A. Cardsystems admits stolen data violated policy. SearchSecurity.com, 21 June 2005. http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1099932,00.html.
	20	Turow, J., Feldman, L., and Meltzer, K. Open to exploitation: American shoppers online and offline. Tech. rep., Annenberg Public Policy Center, University of Pennsylvania, June 2005. http://www.annenbergpublicpolicycenter.org/04_info_society/Turow_APPC_Report_WEB_FINAL.pdf.

CITED BY  6

	Anelia Mitseva , Mohamad Imine , Neeli R. Prasad, Context-aware privacy protection with profile management, Proceedings of the 4th international workshop on Wireless mobile applications and services on WLAN hotspots, September 29-29, 2006, Los Angeles, CA, USA
	Tzong-Ru Lee , Shiou-Yu Chen , Shiau-Ting Wang , Shuchih Ernest Chang, Adoption of mobile Location-Based Services with Zaltman Metaphor Elicitation Techniques, International Journal of Mobile Communications, v.7 n.1, p.117-132, November 2009
	Paolo Guarda , Nicola Zannone, Towards the development of privacy-aware systems, Information and Software Technology, v.51 n.2, p.337-350, February, 2009
	Michael T. Goodrich , Roberto Tamassia , Danfeng (Daphne) Yao, Notarized federated ID management and authentication, Journal of Computer Security, v.16 n.4, p.399-418, September 2008
	Benoí®T Otjacques , Patrik Hitzelberger , Fernand Feltz, Interoperability of E-Government Information Systems: Issues of Identification and Data Sharing, Journal of Management Information Systems, v.23 n.4, p.29-51, Number 4 / Spring 2007
	Suriadi Suriadi , Ernest Foo , Audun Jøsang, A user-centric federated single sign-on system, Journal of Network and Computer Applications, v.32 n.2, p.388-401, March, 2009

Collaborative Colleagues:

Jan Camenisch: colleagues

abhi shelat: colleagues

Dieter Sommer: colleagues

Simone Fischer-Hübner: colleagues

Marit Hansen: colleagues

Henry Krasemann: colleagues

Gérard Lacoste: colleagues

Ronald Leenes: colleagues

Jimmy Tseng: colleagues