When more and more information sources are being linked, it seems that it becomes ever more easy to track individuals in ways that are not deemed appropriate. However, increased linking of information does not need to imply increased dissemination of privacy-sensitive information. We present a new approach to linking information sources that allows the owners of the information to maintain a high level of control over the information they maintain. The key consideration is that it is in general not required to replicate information across multiple information systems. In fact, imprecise replication of information actually endangers the integrity of linked information systems. What is needed is an architecture that enables information systems to refer to undisclosed information in a secure and transparent way. In our approach, we introduce the information designator which is a generalisation of the pseudonym concept.
|Tijdschrift||Computer systems science and engineering|
|Nummer van het tijdschrift||5|
|Status||Published - sep-2005|