Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Data Privacy Management

International Workshop on Quantitative Aspects in Security Assurance

DPM 2015, QASA 2015: Data Privacy Management, and Security Assurance pp 134–149Cite as

A Novel Approach to Data Revocation on the Internet

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9481))

Abstract

After publishing data on the Internet, the data publisher loses control over it. However, there are several situations where it is desirable to remove published information. To support this, the European Union proposed the General Data Protection Regulation (GDPR) which states that providers must remove the data when the corresponding owner requests it. However, the data might already have been copied by third parties. Therefore, Article 17 of the GDPR includes the regulation that the provider must also inform all third parties about the users request. Hence, the providers would need to track every access, which is hard to achieve. This technical infeasibility is a gap between the legislation and the current technical possibilities. To close this gap, we propose a novel service which gives the data owner the possibility to inform simultaneously all providers about her removal request.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Camera & Imaging Products Association Exchangeable Image File Format for Digital Still Cameras: Exif Version 2.3. Technical report, CIPA DC-008-2010 & JEITA CP-3451B Standard (2010)

    Google Scholar 

  2. Backes, J., Backes, M., Dürmuth, M., Gerling, S., Lorenz, S.: X-pire!-a Digital Expiration Date for Images in Social Networks. arXiv preprint arXiv:1112.2649 (2011)

  3. Backes, M., Gerling, S., Lorenz, S., Lukas, S.: X-pire 2.0: a user-controlled expiration date and copy protection mechanism. In: Proceedings of the 29th Annual ACM Symposium on Applied Computing, pp. 1633–1640. ACM (2014)

    Google Scholar 

  4. Castelluccia, C., De Cristofaro, E., Francillon, A., Kaafar, M.-A.: Ephpub: toward robust Ephemeral Publishing. In: 2011 19th IEEE International Conference on Network Protocols (ICNP), pp. 165–175. IEEE (2011)

    Google Scholar 

  5. European Commission. Factsheet on the “Right to be Forgotten” Ruling (C-131/12). http://ec.europa.eu/justice/data-protection/files/factsheets/factsheet_data_protection_en.pdf. Accessed 20th May 2015

  6. European Commission. Proposal for a Regulation of the European Parliament, of the Council on the Protection of Individuals with Regard to the Processing of Personal Data, on the Free Movement of Such Data (General Data Protection Regulation), January 2012. http://ec.europa.eu/justice/data-protection/document/review2012/com_2012_11_en.pdf. Accessed 20th May 2015

  7. Dabek, F., Li, J.,Sit, E., Robertson, J., Kaashoek, M.F., Morris, R.: Designing a DHT for low latency and high throughput. In: NSDI, vol. 4, pp. 85–98 (2004)

    Google Scholar 

  8. Dierks, T., Rescorla, E.: RFC 5246: The Transport Layer Security (TLS) Protocol. The Internet Engineering Task Force (2008)

    Google Scholar 

  9. Druschel, P., Backes, M., Tirtea, R.: The Right to Be Forgotten - Between Expectations and Practice (2011). http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/the-right-to-be-forgotten. Accessed 20th May 2015

  10. Feige, U., Fiat, A., Shamir, A.: Zero-knowledge proofs of identity. J. Cryptology 1(2), 77–94 (1988)

    Article  MathSciNet  Google Scholar 

  11. Galperin, S., Santesson, S., Myers, M., Malpani, A., Adams, C.: X. 509 Internet Public Key Infrastructure Online Certificate Status Protocol-OCSpP (2013)

    Google Scholar 

  12. Geambasu, R., Kohno, T., Levy, A.A., Levy, H.M.: Vanish: increasing data privacy with self-destructing data. In: USENIX Security Symposium, pp. 299–316 (2009)

    Google Scholar 

  13. Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof-systems. In: Proceedings of the Seventeenth Annual ACM Symposium on Theory of Computing, pp. 291–304. ACM (1985)

    Google Scholar 

  14. Google European Privacy Requests for Search Removals (2014). http://www.google.com/transparencyreport/removals/europeprivacy/?hl=en-US. Accessed 20th May 2015

  15. Gopalakrishnan, V., Silaghi, B., Bhattacharjee, B., Keleher, P.: Adaptive replication in peer-to-peer systems. In: Proceedings of the 24th International Conference on Distributed Computing Systems, pp. 360–369. IEEE (2004)

    Google Scholar 

  16. Hine, J.H., Dagger, P.: Securing distributed computing against the hostile host. In: Proceedings of the 27th Australasian Conference on Computer Science, vol. 26, pp. 279–286. Australian Computer Society Inc. (2004)

    Google Scholar 

  17. Jandt, S., Kieselmann, O., Wacker, A.: Recht auf Vergessen im Internet - Diskrepanz zwischen rechtlicher Zielsetzung und technischer Realisierbarkeit? Datenschutz und Datensicherheit (DuD) 37(4), 235–241 (2013)

    Article  Google Scholar 

  18. Krawczyk, H., Canetti, R., Mihir Bellare, H.: Keyed-hashing for Message Authentication (1997). https://tools.ietf.org/html/rfc2104. Accessed 20th May 2015

  19. Liu, Q., Safavi-Naini, R., Sheppard, N.P.: Digital rights management for content distribution. In: Proceedings of the Australasian Information Security Workshop Conference on ACSW Frontiers, vol. 21, pp. 49–58. Australian Computer Society Inc. (2003)

    Google Scholar 

  20. Maymounkov, P., Mazières, D.: Kademlia: a peer-to-peer information system based on the XOR metric. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 53–65. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  21. Mockapetris, P.: RFC 1034: Domain Names - Concepts and Facilities (1987)

    Google Scholar 

  22. Court of Justice of the European Union. Judgment in Case C-131/12. Press Release No 70/14, May 2014

    Google Scholar 

  23. Rainie, L., Kiesler, S., Kang, R., Madden, M.: Anonymity, privacy, and security online. Pew Research Center (2013)

    Google Scholar 

  24. Ruef, M.: Erfolgreicher Angriff gegen X-pire!, January 2011. http://www.scip.ch/?labs.20110131. Accessed: 20th May 2015

  25. Stoica, I., Morris, R., Karger, D., Kaashoek, F.M., Balakrishnan, H.: Chord: a scalable peer-to-peer lookup service for internet applications. ACM SIGCOMM Comput. Commun. Rev. 31(4), 149–160 (2001)

    Article  Google Scholar 

  26. Venkatesan, R., Koon, S.-M., Jakubowski, M.H., Moulin, P.: Robust image hashing. In: 2000 Proceedings of the International Conference on Image Processing, vol. 3, pp. 664–666. IEEE (2000)

    Google Scholar 

  27. Wacker, A., Schiele, G., Schuster, S., Weis, T.: Towards an authentication service for peer-to-peer based massively multiuser virtual environments. Int. J. Adv. Media Commun. 2(4), 364–379 (2008)

    Article  Google Scholar 

  28. Wang, Q., Daudjee, K., Özsu, M.T.: Popularity-aware prefetch in P2p range caching. Peer-to-Peer Netw. Appl. 3(2), 145–160 (2010)

    Article  Google Scholar 

  29. Wolchok, S., Hofmann, O.S., Heninger, N., Felten, E.W., Halderman, J.A., Rossbach, C.J., Waters, B., Witchel, E.: Defeating vanish with low-cost sybil attacks against large DHTs. In: NDSS (2010)

    Google Scholar 

Download references

Acknowledgment

This work has been co-funded by the Social Link Project within the Loewe Program of Excellence in Research, Hessen, Germany.

Author information

Authors and Affiliations

  1. Applied Information Security, University of Kassel, Pfannkuchstr. 1, 34121, Kassel, Germany

    Olga Kieselmann, Nils Kopal & Arno Wacker

Authors
  1. Olga Kieselmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nils Kopal
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Arno Wacker
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Olga Kieselmann .

Editor information

Editors and Affiliations

  1. Telecom SudParis, Evry, France

    Joaquin Garcia-Alfaro

  2. Universitat Autònoma de Barcelona, Bellaterra, Spain

    Guillermo Navarro-Arribas

  3. University of Urbino, Urbino, Italy

    Alessandro Aldini

  4. National Research Council - C.N.R., Pisa, Italy

    Fabio Martinelli

  5. Department of Computer Science, TU Darmstadt, Darmstadt, Germany

    Neeraj Suri

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Kieselmann, O., Kopal, N., Wacker, A. (2016). A Novel Approach to Data Revocation on the Internet. In: Garcia-Alfaro, J., Navarro-Arribas, G., Aldini, A., Martinelli, F., Suri, N. (eds) Data Privacy Management, and Security Assurance. DPM QASA 2015 2015. Lecture Notes in Computer Science(), vol 9481. Springer, Cham. https://doi.org/10.1007/978-3-319-29883-2_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-29883-2_9

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-29882-5

  • Online ISBN: 978-3-319-29883-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation