Isolation in Cloud Computing and Privacy-Enhancing Technologies

Accorsi A (2008) Automated privacy audits to complement the notion of control for identity management. In: Fischer-Hübner S, Tseng JC, Borking J (eds) Proc of first IFIP conference on policies and research in identity management (IDMAN’07), Rotterdam

Alpern B, Schneider F (1985) Defining liveness. Inf Process Lett 21(4):181–185

Anderson JP (1972) Computer security technology planning study. Technical report ESD-TR-73-51, Electronic system division/AFSC, Bedford, MA

Armbrust M, Fox A, Griffith R, Joseph A, Katz R, Konwinski A, Lee G, Patterson D, Rabkin A, Stoica I, Zaharia M (2010) A view of cloud computing. Commun ACM 53(4):50–58

Ashley P, Hada S, Karjoth G, Powers C, Schunter M (2003) Enterprise privacy authorization language (EPAL 1.2). http://www.w3.org/Submission/EPAL/ . Accessed 2011-02-10

Blaze M, Feigenbaum J, Lacy J (1996) Decentralized trust management. In: Symposium on security and privacy, Oakland

Bogetoft P, Christensen DL, Damgard I, Geisler M, Jakobsen T, Krogaard M, Nielsen JD, Nielsen JB, Nielsen K, Pagter J, Schwartzbach M, Toft T (2009) Secure multiparty computation goes live. In: Dingledine R, Golle P (eds) Financial cryptography and data security, Barbados

Bundesverfassungsgericht (1983) Volkszählungsurteil. In: Entscheidungen des Bundesverfassungsgerichts. Urteil vom 1983-12-15.Az.: 1 BvR 209/83; NJW 84, 419

Buneman P, Khanna S, Tan WC (2001) Why and where: a characterization of data provenance. In: 8th int conf on database theory, London

Camenisch J, van Herreweghen E (2002) Design and implementation of the idemix anonymous credential system. In: Proc of the 9th ACM conf on computer and communications security, Washington, DC

Camenisch J, Shelat A, Sommer D, Fischer-Hübner S, Hansen M, Krasemann H, Lacoste G, Leenes R, Tseng J (2005) Privacy and identity management for everyone. In: Proc of the 2005 workshop on digital identity management, DIM 05, Fairfax, VA

Casassa MM, Pearson S (2005) An adaptive privacy management system for data repositories. In: Katsikas SK, Lopez J, Pernul G (eds) TrustBus 2005, Copenhagen

Chaum D (1985) Security without identification: transaction systems to make big brother obsolete. Commun ACM 28(10):1030–1077

Cox IJ, Miller ML, Bloom JA, Fridrich J, Kalker T (2008) Digital watermarking and steganography. Morgan Kaufmann, Los Altos

Cranor L, Langheinrich M, Marchiori M, Presler-Marshall M, Reagle J (2002) The platform for privacy preferences 1.0 (P3P1.0) specification. http://www.w3.org/TR/P3P . Accessed 2011-02-10

Ellison G (ed) (2005) Liberty. ID-WSF security mechanisms version: 1.2. Liberty alliance project. http://www.projectliberty.org/specs/liberty-idwsf-security-mechanisms-v1.2.pdf . Accessed 2011-02-10

Erdos M, Cantor S (2004) Shibboleth-Architecture DRAFT v05. http://shibboleth.internet2.edu/docs/draft-internet2-shibboleth-arch-v05.pdf . Accessed 2011-02-10

Etalle S, Winsborough WH (2007) A posteriori compliance control. In: ACM SACMAT’07, Nice-Sophia Antipolis

European Commission (1995) Directive 95/46/EC of the European parliament and of the council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities, L 281(395L0046):31–50

European Commission (2002) Directive 2002/58/EC of the European parliament and of the council of 12 July 2002 concerning the protection of personal data and the protection of privacy in the electronic communications sector (directive on privacy and electronic communications). Official Journal of the European Commission L201:37–47

Ford W, Baum M (1997) Secure electronic commerce. Prentice-Hall, New York

Goldreich O, Micali S, Wigderson A (1987) How to play ANY mental game. In: Aho AV (ed) Proc of the 19th annual ACM symposium on theory of computing (STOC’87), New York

Haas S, Wohlgemuth S, Echizen I, Sonehara N, Müller G (2010) Aspects of privacy for electronic health records. International Journal of Medical Informatics for its special issue on security. http://dx.doi.org/10.1016/j.ijmedinf.2010.10.001

Harrison MA, Ruzzo WL, Ullman JD (1976) Protection in operating systems. Commun ACM 19(8):461–471

Hilty M, Basin D, Pretschner A (2005) On obligations. In: European symp on research in computer security (ESORICS 2005), Milan

Karjoth G, Schunter M, Waidner M (2002) Privacy-enabled services for enterprises. In: 13th int workshop on database and expert systems applications, Aix-En-Provence

Karjoth G, Schunter M, Waidner M (2003) Platform for enterprise privacy practices: privacy-enabled management of customer data. In: 2nd workshop on privacy enhancing technologies (PET 2002), San Francisco

Kerschbaum F (2008) Building a privacy-preserving benchmarking enterprise system. Enterprise Information Systems 2(4):421–441

Namiri K, Stojanovic N (2007) Using control patterns in business processes compliance. In: Int conf on web information systems engineering (WISE), New York

Mather T, Kumaraswamy S, Latif S (2009) Cloud security and privacy: an enterprise perspective on risks and compliance. O’Reilly, Sebastopol

Müller G, Accorsi R, Höhn S, Sackmann S (2010) Sichere Nutzungskontrolle für mehr Transparenz in Finanzmärkten. Informatik-Spektrum 33(1):3–14

Organisation for Economic Co-operation and Development (1980) OECD guidelines on the protection of privacy and transborder flows of personal data. http://www.oecd.org/document/18/0,2340,en_2649_34255_1815186_1_1_1_1,00.html . Accessed 2011-02-10

Park J, Sandhu R (2004) The UCONABC usage control model. 24th ACM Transactions on Information and System Security 7(1):128–174

Povey D (1999) Optimistic security: a new access control paradigm. In: ACM new security paradigm workshop’99, Caledon Hills

Pretschner A, Hilty M, Basin D (2006) Distributed usage control. Commun ACM 49(9):39–44

Roßnagel A (2005) Modernisierung des Datenschutzrechts für eine Welt allgegenwärtiger Datenverarbeitung Multimedia und Recht 8(2)

Sackmann S, Strüker J, Accorsi R (2006) Personalization in privacy-aware highly dynamic systems. Commun ACM 49(9):32–38

Sackmann S (2007) Personalization and privacy in ubiquitous computing – resolving the conflict by legally binding commitments. In: IEEE conference on E-commerce technology (CEC’07), Tokyo

US Department of health & human services (1996) Health insurance portability and accountability act of 1996 privacy rule. http://www.cms.hhs.gov/HIPAAGenInfo . Accessed 2011-02-10

Smith RE (1993) The law of privacy in a nutshell. Privacy Journal 19(6):50–51

Wason T (ed) (2004) Liberty ID-FF architecture overview version: 1.2. Liberty alliance project. http://www.projectliberty.org/specs/liberty-idff-arch-overview-v1.2.pdf . Accessed 2011-02-10

Westin A (1967) Privacy and freedom. Atheneum, New York

Wohlgemuth S (2008) Privatsphäre durch die Delegation von Rechten. Vieweg+Teubner, Wiesbaden

Wohlgemuth S, Jendricke U, Gerd tom Markotten D, Dorner F, Müller G (2004) Sicherheit und Benutzbarkeit durch Identitätsmanagement. In: Spath D, Haasis K (eds) Tagungsband zum doIT Software-Forschungstag 2003, Stuttgart

Wohlgemuth S, Müller G, (2006) Privacy with delegation of rights by identity management. In: Emerging trends in information and communication security (ETRICS 2006), Freiburg i.Br.