Konferenzbeitrag
Pseudonymizing Log Entries with time-selective Disclosure
Lade...
Volltext URI
Dokumententyp
Text/Conference Paper
Zusatzinformation
Datum
2018
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Verlag
Köllen Druck+Verlag GmbH
Zusammenfassung
Centralized logging of entries containing personally-identifiable data, like IP addresses,
is common. However, this chances that persons other than the operator of the individual server
might obtain access to these logs and then disclose or use them. Additionally, the GDPR
recommends as a security measure pseudonymization, i.e. splitting the information into two parts.
This article describes a method to pseudonymize personal information in elements stored in a time
series. After a predetermined time, the information can be automatically anonymized without
requiring any changes in the stored entries themselves. Additionally, some statistical analyses
remain possible, as the same values are encoded with the same pseudonym. It is also possible to
disclose an arbitrary time period from within the log file: everything after the start time and before
the end time can be de-pseudonymized, but the rest of the data remains anon-/pseudonymous.