We have identified the following three problems for the processing of aggregated personal information with respect to privacy preferences: Unverifiable proof of consent, unverifiable proof of consent for aggregated personal data, and no verification if the consent is still established. We constructed a solution based on a hash tree structure and digitally signed only the hash tree's root value. Thus, a verifiable signature can be retained even if data items are omitted and a valid signature serves as signal of consent. To re-assure that no change of consent has taken place we propose the use of certificate revocation mechanisms. As a side-effect these mechanisms allow to maintain a record of personal data usage and thus creates a win-win situation for both parties involved. © 2008 Springer Berlin Heidelberg.
CITATION STYLE
Pöhls, H. C. (2008). Verifiable and revocable expression of consent to processing of aggregated personal data. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5308 LNCS, pp. 279–293). Springer Verlag. https://doi.org/10.1007/978-3-540-88625-9_19
Mendeley helps you to discover research relevant for your work.