Girma Enideg Nigusse

A privacy-preserving ticketing system

Electronic identity (eID) cards are deployed in an increasing number of countries. These cards often provide digital authentication and digital signature capabilities, but have at the same time serious privacy shortcomings. We can expect that ordering and issuing tickets for events (e.g. soccer matches) will be increasingly done using eID cards, hence, severely threatening the user’s privacy. This paper proposes two alternative ticketing systems that are using the eID card in a bootstrap procedure, but still are providing a high degree of privacy to the user.

A Privacy-Preserving Ticketing System

Electronic identity (eID) cards are deployed in an increasing number of countries. These cards often provide digital authentication and digital signature capabilities, but have at the same time serious privacy shortcomings. We can expect that ordering and issuing tickets for events (e.g. soccer matches) will be increasingly done using eID cards, hence, severely threatening the users privacy. This paper proposes two alternative ticketing systems that are using the eID card in a bootstrap procedure, but still are providing a high degree of privacy to the user.

Privacy Policies, Tools and Mechanisms of the Future

Although many believe that we have lost the battle for privacy, protection of what’s left of the user’s privacy is all the more important. Not only should a user be able to minimize the disclosure of her personal data, she should also have rights to decide what happens with her data once they have been disclosed. In order to minimize user interaction when deciding whether or not to reveal personal data, privacy policy languages were developed. However, these languages are inadequate and cannot properly deal with the complex interactions between users, service providers, third parties, identity providers and others. Also, tool support for composing and verifying these policies and mechanisms for enforcing them are lagging behind. This paper argues the need for better privacy policies and proposes some solutions. Throughout the paper, our statements are applied to three sample applications in three different domains: e-health, banking and social networks.

Specification of Fair Data Practice Principles Using Privacy Policy Languages

During the last decades, multiple initiatives have formulated various fair data practice principles. Today, privacy policies are used to define how personal data can be created, disclosed, stored, used, shared, and destroyed by entities other than the data subject. However, there was a lack of comprehensive framework to reason about the fundamentals of privacy policy-based private data protection schemes. This paper presents a comprehensive yet generic set of fair data practice requirements. Next, the requirements are used as a consistent framework to reason about the capabilities, limitations and challenges of privacy policy-based private data protection in general and privacy policy languages in particular. More specifically, the paper discusses which fair data practice principles can be expressed by P3P.