Encryption protects communication partners from
disclosure of their secret messages but cannot prevent traffic analysis
and the leakage of information about “who communicates with
whom". In the presence of collaborating adversaries, this linkability
of actions can danger anonymity. However, reliably providing
anonymity is crucial in many applications. Especially in contextaware
mobile business, where mobile users equipped with PDAs
request and receive services from service providers, providing
anonymous communication is mission-critical and challenging at the
same time. Firstly, the limited performance of mobile devices does
not allow for heavy use of expensive public-key operations which are
commonly used in anonymity protocols. Moreover, the demands for
security depend on the application (e.g., mobile dating vs. pizza
delivery service), but different users (e.g., a celebrity vs. a normal
person) may even require different security levels for the same
application. Considering both hardware limitations of mobile devices
and different sensitivity of users, we propose an anonymity
framework that is dynamically configurable according to user and
application preferences. Our framework is based on Chaum-s mixnet.
We explain the proposed framework, its configuration
parameters for the dynamic behavior and the algorithm to enforce
dynamic anonymity.
[1] Fleet management.URL: http://www.fleetonline.ch.
[2] Indoor & outdoor routing.URL: http://www.falk.de.
[3] Jap: Anonymity and privacy tool for internet.
URL: http://anon.inf.tu-dresden.de.
[4] Locating people in emergency.URL: http://www.sintrade.ch.
[5] Location-based chat and games.URL: http://www.vodafone.de.
[6] The mobile business research group.URL: http://www.m-business.unimannheim.
de.
[7] Smtp remailers.URL:http://www.freehaven.net/related-comm.html.
[8] Tracking of kids.URL: http://www.trackyourkid.de.
[9] ISO99 IS 15408.URL: http://www.commoncriteriaportal.org, 1999.
[10] The Anonymizer. URL: http://anonymizer.com.
[11] David L. Chaum. Untraceable electronic mail, return addresses, and
digital pseudonyms. Commun. ACM, 24(2):84-90, 1981.
[12] Andreas Pfitzmann et al. Anonymity, unobservability, and
pseudonymity: A proposal for terminology, July 2000.
[13] Michael J. Freedman and Robert Morris. Tarzan: A peer-to-peer
anonymizing network layer. In Proceedings of the 9th ACM Conference
on Computer and Communications Security (CCS 2002), Washington,
DC, November 2002.
[14] Stefan Köpsell, Hannes Federrath, and Marit Hansen. Erfahrungen mit
dem Betrieb eines Anonymisierungsdienstes. Datenschutz und Datensicherheit,
27(3), 2003.
[15] Andreas Pfitzmann, Birgit Pfitzmann, and Michael Waidner. ISDNmixes:
Untraceable communication with very small bandwidth overhead.
In Proceedings of the GI/ITG Conference on Communication in
Distributed Systems, pages 451-463, February 1991.
[16] Michael Reiter and Aviel Rubin. Crowds: Anonymity for web transactions.
ACM Transactions on Information and System Security, 1(1),
June 1998.
[17] Bruce Schneier. Secrets and Lies, chapter 5. Security Needs, pages 63-
67. Wiley and Sons, 2001.
[18] Emin Islam Tatl─▒, Dirk Stegemann, and Stefan Lucks: Security
challenges in location-aware mobile business, In Proceedings of the 2nd
International Workshop on Mobile Commerce and Services, M├╝nchen,
2005. IEEE Computer Society.
[1] Fleet management.URL: http://www.fleetonline.ch.
[2] Indoor & outdoor routing.URL: http://www.falk.de.
[3] Jap: Anonymity and privacy tool for internet.
URL: http://anon.inf.tu-dresden.de.
[4] Locating people in emergency.URL: http://www.sintrade.ch.
[5] Location-based chat and games.URL: http://www.vodafone.de.
[6] The mobile business research group.URL: http://www.m-business.unimannheim.
de.
[7] Smtp remailers.URL:http://www.freehaven.net/related-comm.html.
[8] Tracking of kids.URL: http://www.trackyourkid.de.
[9] ISO99 IS 15408.URL: http://www.commoncriteriaportal.org, 1999.
[10] The Anonymizer. URL: http://anonymizer.com.
[11] David L. Chaum. Untraceable electronic mail, return addresses, and
digital pseudonyms. Commun. ACM, 24(2):84-90, 1981.
[12] Andreas Pfitzmann et al. Anonymity, unobservability, and
pseudonymity: A proposal for terminology, July 2000.
[13] Michael J. Freedman and Robert Morris. Tarzan: A peer-to-peer
anonymizing network layer. In Proceedings of the 9th ACM Conference
on Computer and Communications Security (CCS 2002), Washington,
DC, November 2002.
[14] Stefan Köpsell, Hannes Federrath, and Marit Hansen. Erfahrungen mit
dem Betrieb eines Anonymisierungsdienstes. Datenschutz und Datensicherheit,
27(3), 2003.
[15] Andreas Pfitzmann, Birgit Pfitzmann, and Michael Waidner. ISDNmixes:
Untraceable communication with very small bandwidth overhead.
In Proceedings of the GI/ITG Conference on Communication in
Distributed Systems, pages 451-463, February 1991.
[16] Michael Reiter and Aviel Rubin. Crowds: Anonymity for web transactions.
ACM Transactions on Information and System Security, 1(1),
June 1998.
[17] Bruce Schneier. Secrets and Lies, chapter 5. Security Needs, pages 63-
67. Wiley and Sons, 2001.
[18] Emin Islam Tatl─▒, Dirk Stegemann, and Stefan Lucks: Security
challenges in location-aware mobile business, In Proceedings of the 2nd
International Workshop on Mobile Commerce and Services, M├╝nchen,
2005. IEEE Computer Society.
@article{"International Journal of Information, Control and Computer Sciences:63375", author = "Emin Islam Tatlı and Dirk Stegemann and Stefan Lucks", title = "Dynamic Anonymity", abstract = "Encryption protects communication partners from
disclosure of their secret messages but cannot prevent traffic analysis
and the leakage of information about “who communicates with
whom". In the presence of collaborating adversaries, this linkability
of actions can danger anonymity. However, reliably providing
anonymity is crucial in many applications. Especially in contextaware
mobile business, where mobile users equipped with PDAs
request and receive services from service providers, providing
anonymous communication is mission-critical and challenging at the
same time. Firstly, the limited performance of mobile devices does
not allow for heavy use of expensive public-key operations which are
commonly used in anonymity protocols. Moreover, the demands for
security depend on the application (e.g., mobile dating vs. pizza
delivery service), but different users (e.g., a celebrity vs. a normal
person) may even require different security levels for the same
application. Considering both hardware limitations of mobile devices
and different sensitivity of users, we propose an anonymity
framework that is dynamically configurable according to user and
application preferences. Our framework is based on Chaum-s mixnet.
We explain the proposed framework, its configuration
parameters for the dynamic behavior and the algorithm to enforce
dynamic anonymity.", keywords = "Anonymity, context-awareness, mix-net, mobile
business, policy management", volume = "1", number = "6", pages = "1803-4", }