Go to DBLP homepagePseudonymisation of SS7 Identifiers by Random Tables
Abstract: This paper details the pseudonymisation of identifiers contained in SS7 (Signaling System No. 7) mobile signaling traffic in order to protect subscriber privacy. This is necessary to comply with the General Data Protection Regulation (GDPR) rules when processing data holding private information, such as in our project on 2G/3G SS7 attack detection. A method using random tables to substitute sensitive SS7 identifiers is presented. Applied independently to all necessary identifiers, this approach maximizes the protection of subscribers and offers a simple and fast implementation. It must be used at the operator premises on SS7 traffic before transfer to the research institute, where special care is taken to comply with GDPR. In particular, a Data Protection Impact Assessment (DPIA) document was written to describe the context of the research, the required data and intended processing, the measures taken to protect the rights of the subscribers, and an evaluation of the risks and their mitigation. This publication provides the reader with a comprehensive description of all aspects of pseudonymisation in a real case study involving mobile telephony data processing for research purposes.
External IDs:dblp:conf/ficc/BeumierD25
Loading