Intro Flashcards
Privacy Properties
- Confidentiality
- Pseudonymity
- Anonymity
- Unlinkability
- Unobservability
- Plausible deniability
Privacy Property: Pseudonymity
A user may use a resource or service without disclosing its identity, but can still be accountable for that use
Privacy Property: Anonymity
A characteristic of information that does not permit a personally identifiable information principal to be identified directly or indirectly
Privacy property: Unlinkability
A user may make multiple uses of resources or services without others being able to link these uses together
Privacy property: Unobservability
A user may use a record or service without others, especially third parties, without being able to observe that the resource or service is being used
-> Unobservability implies anonymity (but not vice versa)
Privacy property: Plausible deniability
- Not possible to prove user knows, has done or has said something
-> Resistance to coercion: one can always claim one does not know
-> Resistance to profiling: one cannot filter the fake entries
Systematic Privacy Evaluation
1) Model the privacy-preserving mechanism as a probabilistic transformation
2) Determine what the adversary will see
3) “Invert” the mechanism as the adversary would do
4) Evaluate property after inversion
5) Measure
