Abstract
Privacy and accountability are potentially conflicting organizational and legal requirements which can be approached by allowing users to act pseudonymously. The reidentification of pseudonyms should be bound to a legal purpose requiring accountability. Existing solutions entrust this function to third parties. Upon good cause shown, these parties perform reidentification on demand. The ability to perform reidentification should be technically bound to the actual existence of a legal purpose, which in some applications can be interpreted as the transgression of a threshold. We present an approach for constructing transaction-based pseudonyms as shares for a suitably adapted version of Shamir's cryptographic approach to secret sharing. Only if pseudonymous actions exceed a threshold specified by a predetermined purpose, can the actor's identity be recovered.
Author supplied keywords
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
Cite
CITATION STYLE
Biskup, J., & Flegel, U. (2000). Threshold-based identity recovery for privacy enhanced applications. In Proceedings of the ACM Conference on Computer and Communications Security (pp. 71–79). Association for Computing Machinery (ACM). https://doi.org/10.1145/352600.352611
Readers over time
Readers' Seniority
Readers' Discipline
