Sciweavers

NSPW
2003
ACM

Owner-controlled information

14 years 5 months ago
Owner-controlled information
Large-scale data breaches exposing sensitive personal information are becoming commonplace. For numerous reasons, conventional personal (identification) information leaks from databases that store online and/or on-site user transaction data. Collected ID numbers and supporting personal information enable malicious parties to commit large-scale identity fraud. Gates and Slonim (NSPW 2003) proposed the owner-controlled information paradigm to address privacy violations of personal information where users are expected to maintain all their information using a personal device. Rubin and Wright (FC 2001), Molloy et al. (FC 2007), and others explored the use of one-time numbers to address credit card fraud (mostly for online use). However, several other types of ID number are at least as sensitive as credit card numbers. Our fundamental assumption is that collected personal information will eventually be breached. To combat identity fraud under this new environmental attack paradigm, we in...
Carrie Gates, Jacob Slonim
Added 05 Jul 2010
Updated 05 Jul 2010
Type Conference
Year 2003
Where NSPW
Authors Carrie Gates, Jacob Slonim
Comments (0)