Pseudonymization with Metadata Encryption for Privacy-Preserving Searchable Documents

J. Heurix, M. Karlinger, T. Neubauer
Karl12b (2012)
Proceedings of the 45th Hawaii International Conference on Systems Science (HICSS-45 2012), Grand Wailea, Maui, Hawaii, U.S.A., January 4-7, 2012, IEEE Computer Society Press, ISBN 978-0-7695-4525-7, pp. 3011-3020, 2012.
Copy  (In order to obtain the copy please send an email with subject  Karl12b  to


The average costs of data leakage are steadily on the rise. As a consequence, several data security and access control mechanisms have been introduced, ranging from data encryption to intrusion detection or role-based access control, doing a great work in protecting sensitive information. However, the majority of these concepts are centrally controlled by administrators, who are one of the major threats to corporate security. This work presents a security protocol for data privacy that is strictly controlled by the data owner. Therefore, we integrate pseudonymization and encryption techniques to create a methodology that uses pseudonyms as access control mechanism, protects secret cryptographic keys by a layer-based security model, and provides privacy-preserving querying.