DeepAI AI Chat
Log In Sign Up

PEEPLL: Privacy-Enhanced Event Pseudonymisation with Limited Linkability

by   Ephraim Zimmer, et al.

Pseudonymisation provides the means to reduce the privacy impact of monitoring, auditing, intrusion detection, and data collection in general on individual subjects. Its application on data records, especially in an environment with additional constraints, like re-identification in the course of incident response, implies assumptions and privacy issues, which contradict the achievement of the desirable privacy level. Proceeding from two real-world scenarios, where personal and identifying data needs to be processed, we identify requirements as well as a system model for pseudonymisation and explicitly state the sustained privacy threats, even when pseudonymisation is applied. With this system and threat model, we derive privacy protection goals together with possible technical realisations, which are implemented and integrated into our event pseudonymisation framework PEEPLL for the context of event processing, like monitoring and auditing of user, process, and network activities. Our framework provides privacy-friendly linkability in order to maintain the possibility for automatic event correlation and evaluation, while at the same time reduces the privacy impact on individuals. Additionally, the pseudonymisation framework is evaluated in order to provide some restrained insights on the impact of assigned paradigms and all necessary new mechanisms on the performance of monitoring and auditing. With this framework, privacy provided by event pseudonymisation can be enhanced by a more rigorous commitment to the concept of personal data minimisation, especially in the context of regulatory requirements like the European General Data Protection Regulation.


page 1

page 2

page 3

page 4


Privacy protection based on mask template

Powerful recognition algorithms are widely used in the Internet or impor...

Privacy-aware Process Performance Indicators: Framework and Release Mechanisms

Process performance indicators (PPIs) are metrics to quantify the degree...

Mining and Classifying Privacy and Data Protection Requirements in Issue Reports

Digital and physical footprints are a trail of user activities collected...

Privacy Aspects of Provenance Queries

Given a query result of a big database, why-provenance can be used to ca...

A Common Semantic Model of the GDPR Register of Processing Activities

The creation and maintenance of a Register of Processing Activities (ROP...

Application-Oriented Selection of Privacy Enhancing Technologies

To create privacy-friendly software designs, architects need comprehensi...