Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Privacy-Preserving Warning Management for an Identity Leakage Warning Network

 
: Kasem-Madani, S.; Malderle, T.; Boes, F.; Meier, M.

:

Association for Computing Machinery -ACM-:
EICC 2020, European Interdisciplinary Cybersecurity Conference. Proceedings : 18 November 2020, Rennes, France, co-located with European Cyber Week 2020
New York: ACM, 2020
ISBN: 978-1-4503-7599-3
Art. 4, 6 pp.
European Interdisciplinary Cybersecurity Conference (EICC) <2020, Online>
European Cyber Week <2020, Online>
English
Conference Paper
Fraunhofer FKIE ()

Abstract
Identity leakage is the public disclosure of user accounts that were stolen from an online service provider, e.g. email adresses and passwords. Identity leakage is an emerging threat to the security of user accounts because the number of online identities grows notably faster than the amount of used email adresses and passwords.
In order to protect users against potential identity thefts after a cyber heist, a system that proactively warns the victims seems inevitable. In the design of such a system, there are technical, legal and psychological goals, e.g., the system has to fulfill the General Data Protection Regulation and users do not want to be flooded with warnings about potential identity thefts.
In this paper, we propose a warning management system for online service providers that want to cooperate whilst keeping their users' data private from each other. Most importantly, victims will be informed only once if their user identity was found in an identity leak and the cooperating service providers preserve the privacy of the victims by design. Therefore, our warning system complies with the NIST recommendation.

: http://publica.fraunhofer.de/documents/N-636358.html