Issue No. 05 - September/October (2011 vol. 8)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2010.71
Carmela Troncoso , IBBT-Katholieke Universitiet Leuven, Heverlee-Leuven
George Danezis , Microsoft Research Cambridge, Cambridge
Eleni Kosta , K.U.Leuven, Leuven
Josep Balasch , IBBT-Katholieke Universitiet Leuven, Heverlee-Leuven
Bart Preneel , IBBT-Katholieke Universitiet Leuven, Heverlee-Leuven
Pay-As-You-Drive insurance schemes are establishing themselves as the future of car insurance. However, their current implementations, in which fine-grained location data are sent to insurers, entail a serious privacy risk. We present PriPAYD, a system where the premium calculations are performed locally in the vehicle, and only aggregated data are sent to the insurance company, without leaking location information. Our design is based on well-understood security techniques that ensure its correct functioning. We discuss the viability of PriPAYD in terms of cost, security, and ease of certification. We demonstrate that PriPAYD is possible through a proof-of-concept implementation that shows how privacy can be obtained at a very reasonable extra cost.
Communication system security, legal factors, privacy.
J. Balasch, C. Troncoso, E. Kosta, G. Danezis and B. Preneel, "PriPAYD: Privacy-Friendly Pay-As-You-Drive Insurance," in IEEE Transactions on Dependable and Secure Computing, vol. 8, no. , pp. 742-755, 2010.