Formal modelling of (de)pseudonymisation : a case study in health care privacy

M.G. Veeningen, B.M.M. Weger, de, N. Zannone

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

5 Citaten (Scopus)
2 Downloads (Pure)


In recent years, a number of infrastructures have been proposed for the collection and distribution of medical data for research purposes. The design of such infrastructures is challenging: on the one hand, they should link patient data collected from different hospitals; on the other hand, they can only use anonymised data because of privacy regulations. In addition, they should allow data depseudonymisation in case research results provide information relevant for patients’ health. The privacy analysis of such infrastructures can be seen as a problem of data minimisation. In this work, we introduce coalition graphs, a graphical representation of knowledge of personal information to study data minimisation. We show how this representation allows identification of privacy issues in existing infrastructures. To validate our approach, we use coalition graphs to formally analyse data minimisation in two (de)-pseudonymisation infrastructures proposed by the Parelsnoer initiative.
Originele taal-2Engels
TitelSecurity and Trust Management (8th International Workshop, STM 2012, Pisa, Italy, September 13-14, 2012. Revised selected papers)
RedacteurenA. Jøsang, P. Samarati, M. Petrocchi
Plaats van productieBerlin
ISBN van geprinte versie978-3-642-38003-7
StatusGepubliceerd - 2013
Evenementconference; 8th International Workshop on Security and Trust Management; 2012-09-13; 2012-09-14 -
Duur: 13 sep. 201214 sep. 2012

Publicatie series

NaamLecture Notes in Computer Science
ISSN van geprinte versie0302-9743


Congresconference; 8th International Workshop on Security and Trust Management; 2012-09-13; 2012-09-14
Ander8th International Workshop on Security and Trust Management


Duik in de onderzoeksthema's van 'Formal modelling of (de)pseudonymisation : a case study in health care privacy'. Samen vormen ze een unieke vingerafdruk.

Citeer dit