Protecting Privacy in Terrorist Tracking Applications Teresa Lunt, PI Jessica Staddon, Dirk Balfanz Glenn Durfee, Tomas Uribe (SRI) Diana Smetters, Jim.

Slides:

Advertisements

Similar presentations

Building Secure Mashups D. K. Smetters PARC Usable.

Advertisements

Private Inference Control David Woodruff MIT Joint work with Jessica Staddon (PARC)

Private Inference Control

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Building an Encrypted and Searchable Audit Log Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters.

Protecting Privacy in Terrorist Tracking Applications Philippe Golle (Palo Alto Research Center) Paul Aoki, Dirk Balfanz, Glenn Durfee, Teresa Lunt, Diana.

Database Management System

System Security Scanning and Discovery Chapter 14.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Security in Databases. 2 Srini & Nandita (CSE2500)DB Security Outline review of databases reliability & integrity protection of sensitive data protection.

Security in Databases. 2 Outline review of databases reliability & integrity protection of sensitive data protection against inference multi-level security.

Controls for Information Security

Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.

1 Introduction Introduction to database systems Database Management Systems (DBMS) Type of Databases Database Design Database Design Considerations.

Electronic Commerce. On-line ordering---an e-commerce application On-line ordering assumes that: A company publishes its catalog on the Internet; Customers.

SE571 Security in Computing

November 2009 Secure Data Transmission May 2014 What are Secure Methods of Transmission? Encrypted Services Encrypted Memory Sticks Fax Secure.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

Chapter 1 Overview of Databases and Transaction Processing.

ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.

GONE PHISHING ECE 4112 Final Lab Project Group #19 Enid Brown & Linda Larmore.

Integrity Through Mediated Interfaces PI Meeting: Feb 22-23, 2000 Bob Balzer Information Sciences Institute Legend: Changes from previous.

Self-Enforcing Private Inference Control Yanjiang Yang (I2R, Singapore) Yingjiu Li (SMU, Singapore) Jian Weng (Jinan Univ. China) Jianying Zhou (I2R, Singapore)

Database Security John Ortiz. Lecture 23Database Security2 Secure Passwords  Two main requirements for choosing a secure password:  1) MUST be easy.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.

Introduction to: 1.  Goal[DEN83]:  Provide frequency, average, other statistics of persons  Challenge:  Preserving privacy[DEN83]  Interaction between.

Chapter 18: Doing Business on the Internet Business Data Communications, 4e.

Tools for Privacy Preserving Distributed Data Mining

COOKIES. INTERNET COOKIES What are they Where are they found What should you do about them.

CLOUD COMPUTING Overview on cloud computing. Cloud vendors. Cloud computing is a type of internet based computing where we use a network of remote servers.

Secure Sensor Data/Information Management and Mining Bhavani Thuraisingham The University of Texas at Dallas October 2005.

Analysis of SQL injection prevention using a filtering proxy server By: David Rowe Supervisor: Barry Irwin.

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.

A Data-Reachability Model for Elucidating Privacy and Security Risks Related to the Use of Online Social Networks S. Creese, M. Goldsmith, J. Nurse, E.

Chapter No 4 Query optimization and Data Integrity & Security.

Computer Science and Engineering Computer System Security CSE 5339/7339 Session 21 November 2, 2004.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

Chapter 11 Database Security: An Introduction Copyright © 2004 Pearson Education, Inc.

Database Management Systems

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #25 Dependable Data Management.

Hash-based Enhancement of Location Privacy for Radio- Frequency Identification Devices using Varying Identifiers Author ： Dirk Henrici and Paul Muller.

IS3220 Information Technology Infrastructure Security

Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.

Database Security. Introduction to Database Security Issues (1) Threats to databases Loss of integrity Loss of availability Loss of confidentiality To.

Database Security Database System Implementation CSE 507 Some slides adapted from Navathe et. Al.

How to Make Yourself More Secure Using Public Computers and Free Public Wi-Fi.

PRESENTED BY Raju. What is information security?  Information security is the process of protecting information. It protects its availability, privacy.

Detecting Web Attacks Using Multi-Stage Log Analysis

Database and Cloud Security

Database System Implementation CSE 507

When small data is better data

CHAPTER FOUR OVERVIEW SECTION ETHICS

Database Security and Authorization

Securing & Sharing Workbooks

Katrin Hoeper Channel Bindings Katrin Hoeper

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.

Chapter Ten Managing a Database.

Securing & Sharing Workbooks

Azure Information Protection

Azure Information Protection

Other Sources of Information

Test Case Test case Describes an input Description and an expected output Description. Test case ID Section 1: Before execution Section 2: After execution.

Building an Encrypted and Searchable Audit Log

CHAPTER FOUR OVERVIEW SECTION ETHICS

Presentation transcript:

Protecting Privacy in Terrorist Tracking Applications Teresa Lunt, PI Jessica Staddon, Dirk Balfanz Glenn Durfee, Tomas Uribe (SRI) Diana Smetters, Jim Thornton Paul Aoki, Brent Waters (intern) David Woodruff (intern)

Privacy Appliance data source privacy appliance user query cross- source privacy appliance privacy appliance Government owned Privately owned Independently operated Standalone devices –Under private control –Better assurance of correct operation Sits between the analyst and each private data source –Easily added to an enterprise’s computing infrastructure –Like firewalls Benefits Private data stays in private hands Privacy controls isolated from the government

Access Control Check authorizations Modify query as needed to withhold data Access control DB Mark access “history” Analyst query Send modified query to data source The privacy appliance will recognize –Which queries touch inference channels –Whether the user is authorized for the query Input special authorizations For higher authorization: –Can retrieve specific identifying info –Must specify scope of data authorized For lowest authorization: –Withhold identifying attributes –Prevent completion of inference channels Analysis can’t combine non-sensitive queries to obtain sensitive info

Inference Tool Earlier life: MLS databases –Detect inference channels from unclassified to classified data Now: Privacy-Protection –Detect inference channels from non- sensitive to sensitive data –Example: Select count(name) where gender = female Select avg(grade) where gender = female = 1

Systems Issues Logging –Log classified stuff at third-party sites! –Search through (encrypted) logs to prove abuse. Trust issues –Finally a legitimate use for Palladium! … –This is a big system!