تقرير
Secure and Privacy-Preserving Authentication for Data Subject Rights Enforcement
| العنوان: | Secure and Privacy-Preserving Authentication for Data Subject Rights Enforcement |
|---|---|
| المؤلفون: | Hansen, Malte, Büttner, Andre |
| المصدر: | Privacy and Identity Management. Sharing in a Digital World. Privacy and Identity 2023. IFIP Advances in Information and Communication Technology, vol 695. Springer, Cham |
| سنة النشر: | 2024 |
| المجموعة: | Computer Science |
| مصطلحات موضوعية: | Computer Science - Cryptography and Security |
| الوصف: | In light of the GDPR, data controllers (DC) need to allow data subjects (DS) to exercise certain data subject rights. A key requirement here is that DCs can reliably authenticate a DS. Due to a lack of clear technical specifications, this has been realized in different ways, such as by requesting copies of ID documents or by email address verification. However, previous research has shown that this is associated with various security and privacy risks and that identifying DSs can be a non-trivial task. In this paper, we review different authentication schemes and propose an architecture that enables DCs to authenticate DSs with the help of independent Identity Providers in a secure and privacy-preserving manner by utilizing attribute-based credentials and eIDs. Our work contributes to a more standardized and privacy-preserving way of authenticating DSs, which will benefit both DCs and DSs. Comment: 17 pages, 6 figures, presented and published at IFIP Summer School on Privacy and Identity Management 2023 |
| نوع الوثيقة: | Working Paper |
| DOI: | 10.1007/978-3-031-57978-3_12 |
| URL الوصول: | http://arxiv.org/abs/2404.15859 |
| رقم الأكسشن: | edsarx.2404.15859 |
| قاعدة البيانات: | arXiv |
| DOI: | 10.1007/978-3-031-57978-3_12 |
|---|