Humboldt-Universität zu Berlin - School of Business and Economics

Data Protection and Security

Data Protection and Security is one of the main issues of the institute. Since the end of the 90s, appropriate activities have been financed by different haulage constitutions.

Service based IT architecture like ASP (Application Service Providers) or web services are increasingly gaining importance in the modern enterprise. In fact this architecture is also of interest to small and medium scale enterprises as it is possible for them to use complex IT applications without having to install them locally. The downside of these applications is that there may be an issue regarding confidentiality since the data is temporarily accessible by the service provider. While problems of access control and communication security are solved using protocols like SSL to the extent possible, the main problematic area seems to be when the data is a priori in the computer of the service provider. In such a case the data is exposed to attack. Incapable and corrupt employees of the service provider are also dangers with respect to data abuse. The potential sale of the service provider to a third party also raises questions regarding data security. According to American law, the buyer of a company owns the database of the bought company.

With this in the background, perhaps its not pertinent to allow the relationship between service provider and service user to be based solely on trust. Technical solutions to provide a certain required level of data protection and security are becoming more and more important. One solution was suggested by Rivest et al. and it was developed further by us: Privacy Homomorphisms (PH). PHs allow certain operations to be conducted on coded information. This means that a customer is able to carry out his activities without the service provider having any access to decoded personal data. We have looked at the searches on PH coded data as well as operations of relational algebra whereby the borders of these approaches became apparent. A clear example is that the PH maintains specific orders. If the server could sort coded data, it would be immediately which object would be bigger.

This naturally results in a large number of open-ended questions. What is the potential capacity of PHs and what are the fundamental barriers? With regard to potential: where can PHs be used pragmatically in existing software systems and applications? What is their performance like when being compared to the costs required for usage? With regard to barriers: How secure are current PHs or PH similar procedures, in particular those that are already in use? Can the security of these procedures be improved and if so, how? What evidence can be used to deal with problems regarding the existence and non-existence of PHs?

Another current research topic in the area of data protection and security refers to questions regarding anonymity and identity management. In general online traders value the continuance of customer data quite highly. However there is that shows that consumers are becoming increasingly reluctant to disclose personal information in online business transactions. Moreover here are legal aspects to be considered from both sides. We examine how PH similar procedures can be used to clear customer data and user profiles from information relevant to data security provided that they are not needed.

On an abstract level, these considerations leads to the problems associated with asymmetric information in the market for net based services. This is a major reason why during the last few years there has been partial market failure especially in the ASP area. In the areas of configuration, representation, and communication of net based services, the service providers are often unable to react to consumer needs. Security and trust attributes are insufficiently reflected in the services provided so far. We examine the so called information substitute application (e.g. guarantees) to reduce informational asymmetry and transaction costs in this application context.

Finally, in recent times powerful anonymisation tools have made their way to the market and have demonstrated the practicality of their use. These tools refer in particular to the so called "mix networks" or "mix cascades" in the context of P2P networks. We examine the economics of anonymity in the different forms of communication. How can mix networks be marketed? What is the real willingness to pay of 'mix' users and the reaction to different payment models/schemes (with different anonymity levels)? How can content providers be convinced to put up their contents on domains which are structured stronger than the public web? Is anonymity tradable? In this case the question examined is whether a peer can publish his knowledge about the behavior of his partner without an initial trust net in place. Specifically: Given a net of peers all of whom have one equivocal address, how can information about the behavior of single peers can be published so that the sum of the subjective statements about Peer A is very similar to the objective behavior of A. We develop cryptographic protocols on the basis of distributed hash tables, and then analyze their security and theoretical borders.

Researchers involved in the project

Prof. Dr. Bettina Berendt
Matthias Fischmann
Prof. Oliver Günther, Ph.D.
Dr. Sarah Spiekermann
Maximilian Teltzrow

Selected Publications

Berendt, B., Günther, O., Spiekermann, S.: Privacy in E-Commerce: Stated preferences vs. actual behaviour. Erscheint demnächst in Communications of the ACM.

Boyens, C., Günther, O.: Trust is Not Enough: Privacy and Security in ASP and Web Service Environments. Proc. Sixth East-European Conference on Advances in Databases and Information Systems, Lecture Notes in Computer Science, Springer-Verlag, Berlin/Heidelberg/New York, 2002.

Boyens, C., Günther, O., Teltzrow, M.: Privacy Conflicts in CRM Services for Online Shops: A Case Study, Proc. IEEE Workshop on Privacy, Security, and Data Mining, Volume 14 of the Conferences in Research and Practice in Information Technology, 2002.

Günther, O., Tamm, G., Hansen, L., Meseg, T.: Application Service Providers: Angebot, Nachfrage und langfristige Perspektiven, Wirtschaftsinformatik 43(6), 2001

Spiekermann, S.: Die Konsumenten der Anonymität - Wer nutzt Anonymisierungsdienste?, Zeitschrift für Datenschutz und Datensicherheit, Heft 3, 2003

Spiekermann, S., Grossklags, J., Berendt, B.: Stated Privacy Preferences versus actual behaviour in EC environments: A Reality Check. In Proceedings of the 3rd ACM Conference on Electronic Commerce, 2001