Learn More
We formally study two privacy-type properties in online auction protocols, bidding-price-secrecy and receipt-freeness. These properties are formalised as observational equivalences in the applied π calculus. We analyse the receipt-free auction protocol by Abe and Suzuki. Bidding-price-secrecy of the protocol is verified using ProVerif, whereas(More)
Given the nature of health data, privacy of eHealth systems is of prime importance. An eHealth system must enforce that users remain private, even if they are bribed or coerced to reveal themselves or others. Consider e.g. a pharmaceutical company that bribes a pharmacist to reveal information which breaks a doctor's privacy. In this paper, we identify and(More)
Privacy is recognised as a fundamental requirement for eHealth systems. Proposals to achieve privacy have been put forth in literature, most of which approach patient privacy as either an access control or an authentication problem. In this paper, we investigate privacy in eHealth as a communication problem, since future eHealth systems will be highly(More)
Protecting privacy against bribery/coercion is a necessary requirement in electronic services, like e-voting, e-auction and e-health. Domain-specific privacy properties have been proposed to capture this. We generalise these properties as enforced privacy: a system enforces a user's privacy even when the user collaborates with the adversary. In addition, we(More)
  • 1