The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.05 - September/October (2008 vol.6)
pp: 46-52
Panayiotis Kotzanikolaou , Hellenic Authority for the Assurance of the Communications Security and Privacy (ADAE)
ABSTRACT
The retention of communication data by network providers, often mandated by legislation, raises social and technical security concerns. A generic model combining technical, procedural, and legal controls can help secure retained data and minimize privacy threats against users.
INDEX TERMS
Electronic communications, data retention, communication privacy
CITATION
Panayiotis Kotzanikolaou, "Data Retention and Privacy in Electronic Communications", IEEE Security & Privacy, vol.6, no. 5, pp. 46-52, September/October 2008, doi:10.1109/MSP.2008.114
REFERENCES
1. A. Zugenmaier and J. Claessens, "Privacy in Electronic 1. Communications," Network Security: Current Status and Future Directions, C. Douligeris and D.N. Serpanos, eds., IEEE-Wiley, 2007, pp. 419–440.
2. Directive 2002/58/EC of the European Parliament and of the Council, "On Privacy and Electronic Communications, Concerning the Processing of Personal Data and the Protection of Privacy in the Electronic Communications Sector," Official J. European Union,12 Jul. 2002.
3. Electronic Frontier Foundation, "Privacy - Crypto - Key Escrow 1993–4 (US): Clipper/EES/Capstone/Tessera/Skipjack," 2003; http://w2.eff.org/Privaccy/Key_escrowClipper /.
4. Directive 2006/24/EC of the European Parliament and of the Council, "On the Retention of Data Generated or Processed in Connection with Provision of Publicly Available Electronic Communications Services or of Public Communications Networks and Amending Directive 2002/58/EC," Official J. European Union,15 Mar. 2006.
5. J. Daemen and V. Rijmen, The Design of Rijndael: AES - The Advanced Encryption Standard, Springer-Verlag, 2002.
6. R.L. Rivest, A. Shamir, and L.M. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Comm. ACM, vol. 21, no. 2, 1978, pp. 120–126.
7. A. Shamir, "How to Share a Secret," Comm. ACM, vol. 22, no. 11, 1979, pp. 612–613.
8. T. Rabin, "A Simplified Approach to Threshold and Proactive RSA," Proc. Advances in Cryptology (CRYPTO 98), LNCS 1462, Springer-Verlag, 1998, pp. 89–104.
9. A.J. Menezes, P.C. Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1997.
10. B. Schneier and J. Kelsey, "Secure Audit Logs to Support Computer Forensics," ACM Trans. Information and System Security (TISSEC), vol. 2, no. 2, May 1999, pp. 159–176.
11. "ETSI DTS/LI-00033: Handover Interface for the Request and Delivery of Retained Data," European Technical Standardization Institution and Technical Committee for Lawful Interception (ETSI/TC LI), 2006.
12. V. Stathopoulos, P. Kotzanikolaou, and E. Magkos, "A Framework for Secure and Verifiable Logging in Public Communication Networks," CRITIS 06, LNCS 4347, Springer-Verlag, 2006, pp. 273–284.
13. Dutch Data Protection Authority, "Legislative Proposal (Bill) for Implementation of the European Directive on Data Retention," 2007; www.dutchdpa.nl/downloads_advz2006-01542.pdf .
24 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool