Threats to a society and its social infrastructure are inevitable and endanger human life and welfare. Resilience is a core concept to cope with such threats in strengthening risk management. A resilient system adapts to an incident in a timely manner before it would result in a failure. This paper discusses the secondary use of personal data as a key element in such conditions and the relevant process mining in order to reduce IT risk on safety. It realizes completeness for such a proof on data breach in an acceptable manner to mitigate the usability problem of soundness for resilience. Acceptable soundness is still required and realized in our scheme for a fundamental privacy-enhancing trust infrastructure. Our proposal achieves an IT baseline protection and properly treats personal data on security as Ground Truth for deriving acceptable statements on data breach. An important role plays reliable broadcast by means of the block chain. This approaches a personal IT risk management with privacy-enhancing cryptographic mechanisms and Open Data without trust as belief in a single-point-of-failure. Instead it strengthens communities of trust.

Central bank digital currencies require the implementation of eKYC to verify whether a trading customer is eligible online. When an organization issues an ID proof of a customer for eKYC, that proof is usually achieved in practice by a hierarchy of issuers. However, the customer wants to disclose only part of the issuer's chain and documents to the trading partner due to privacy concerns. In this research, delegatable anonymous credential (DAC) and zero-knowledge range proof (ZKRP) allow customers to arbitrarily change parts of the delegation chain and message body to range proofs expressed in inequalities. That way, customers can protect the privacy they need with their own control. Zero-knowledge proof is applied to prove the inequality between two time stamps by the time stamp server (signature presentation, public key revocation, or non-revocation) without disclosing the signature content and stamped time. It makes it possible to prove that the registration information of the national ID card is valid or invalid while keeping the user's personal information anonymous. This research aims to contribute to the realization of a sustainable financial system based on self-sovereign identity management with privacy-enhanced PKI.