Analysis of privacy risks and measurement of privacy protection in Web Services complying with privacy policy Prepared by Ashif Adnan, Omair Alam, Aktar-uz-zaman.

Slides:



Advertisements
Similar presentations
Overview of Web Services
Advertisements

Tuesday, June 10, 2003 Web Services Brief Overview & Security Assertion Coordinator Pattern by Mohammad Abushadi & Riaz Ahmed for Security Group CSE -
Web Service Ahmed Gamal Ahmed Nile University Bioinformatics Group
Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.
Auditing Concepts.
Week 6 Lecture Part 2 Databases in Electronic Commerce Samuel Conn, Asst. Professor.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
1 Introduction to XML. XML eXtensible implies that users define tag content Markup implies it is a coded document Language implies it is a metalanguage.
Distributed components
1 DCS860A Emerging Technology Physical layer transparency in Cloud Computing (rev )
2006 IEEE International Conference on Web Services ICWS 2006 Overview.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Negotiated Privacy and Security Policies for Web Services George Yee (Joint work with Larry Korba)
Interpret Application Specifications
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Hippocratic Databases Paper by Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, Yirong Xu CS 681 Presented by Xi Hua March 1st,Spring05.
Generation of WEB SERVICES Using PROGRAM SLICING RAVINDRA KUMAR SUDIP AKURA AMIT KUMAR BALKARAN SINGH SIDHU
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
TECHNOLOGY GUIDE 3: Emerging Types of Enterprise Computing
General Awareness Training
Preventing SQL Injection Attacks in Stored Procedures Alex Hertz Chris Daiello CAP6135Dr. Cliff Zou University of Central Florida March 19, 2009.
Confidentiality, Consents and Disclosure Recent Legal Changes and Current Issues Presented by Pam Beach, Attorney at Law.
OHT 11.1 © Marketing Insights Limited 2004 Chapter 9 Analysis and Design EC Security.
Policy Review (Top-Down Methodology) Lesson 7. Policies From the Peltier Text, p. 81 “The cornerstones of effective information security programs are.
Feature Interactions in Policy-Driven Privacy Management George Yee Larry Korba Network Computing Group Institute for Information Technology National Research.
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
Computer Science 725 – Software Security Presentation “Decentralized Trust Management” Decentralized Trust ManagementDecentralized Trust Management M.
Cryptography, Authentication and Digital Signatures
Web Services based e-Commerce System Sandy Liu Jodrey School of Computer Science Acadia University July, 2002.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
1 Advanced Software Architecture Muhammad Bilal Bashir PhD Scholar (Computer Science) Mohammad Ali Jinnah University.
Specifying Personal Privacy Policies to Avoid Unexpected Outcomes George Yee and Larry Korba {George.Yee, PST 2005 October 12-14, 2005.
Chapter 1 Introduction to Databases. 1-2 Chapter Outline   Common uses of database systems   Meaning of basic terms   Database Applications  
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
U.S. Department of Commerce Web Advisory Group Minding Your Own Business The Platform for Privacy Preferences Project.
© 2003 The MITRE Corporation. All rights reserved For Internal MITRE Use Addressing ISO-RTO e-MARC Concerns: Clarifications and Ramifications Response.
ECI – electronic Commerce Infrastructure “ An application to the Shares Market ” Demetris Zeinalipour ( Melinos Kyriacou
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Introduction to Web Services. Agenda Motivation History Web service model Web service components A walkthrough examples.
Visual 1. 1 Lesson 1 Overview and and Risk Management Terminology.
m-Privacy for Collaborative Data Publishing
Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion.
Copyright © 2015 by Saunders, an imprint of Elsevier Inc. All rights reserved. Chapter 3 Privacy, Confidentiality, and Security.
Providing web services to mobile users: The architecture design of an m-service portal Minder Chen - Dongsong Zhang - Lina Zhou Presented by: Juan M. Cubillos.
Web Services. Web Service: Simple definition : “ Service Offered On the Web “ Technically : “ A Web Service is a programmable application component that.
In this session, you will learn to: Understand managed code Create managed database objects Define the Hypertext Transfer Protocol endpoints Implement.
E-commerce Architecture Ayşe Başar Bener. Client Server Architecture E-commerce is based on client/ server architecture –Client processes requesting service.
Cloud Computing 3. TECHNOLOGY GUIDE 3: Cloud Computing 2 Copyright John Wiley & Sons Canada.
A Semi-Automated Digital Preservation System based on Semantic Web Services Jane Hunter Sharmin Choudhury DSTC PTY LTD, Brisbane, Australia Slides by Ananta.
CS457 Introduction to Information Security Systems
Database Systems: Design, Implementation, and Management Tenth Edition
Auditing Concepts.
TOPIC: Applications of Web Technologies in Distributed Systems
Sabri Kızanlık Ural Emekçi
Privacy principles Individual written policies
WEB SERVICES.
Secure Software Confidentiality Integrity Data Security Authentication
Unit – 5 JAVA Web Services
GF and RS, Dept. of CS, Mangalore University
Firewalls.
Security in Networking
CSSSPEC6 SOFTWARE DEVELOPMENT WITH QUALITY ASSURANCE
3 Cloud Computing.
Enforcement and Policy Challenges in Health Information Privacy
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
ONAP Risk Assessment – Preparation Material - Overview of the Process - Terminology - Assumptions
Information system analysis and design
Presentation transcript:

Analysis of privacy risks and measurement of privacy protection in Web Services complying with privacy policy Prepared by Ashif Adnan, Omair Alam, Aktar-uz-zaman School of Computer Science University of Windsor ON, Canada

6/1/2015WS Privacy2 Outline  Introduction  Motivation  Goal  Related works  Our observations  Our modified method  Strength and weakness  Conclusion and future works  Acknowledgment  References

6/1/2015WS Privacy3 Introduction  Web Services According to “web services are self-contained, modular applications that can be described, published, located, and invoked over a network, generally, the World Wide Web.”  Extended definition… Web services can evolve or be adapted to other platforms Emerging WS can employ  XML (eXtensible Markup Language)  WSDL (Web Service Definition Language)  SOAP (Simple Object Access Protocol)  UDDI (Universal Description, Discovery, and Integration) Web browsers interacting with web servers

6/1/2015WS Privacy4 Motivation  WS targets Consumers  WS applications Banking Shopping Learning Healthcare Government online  WS requires consumer’s personal information Here concerns privacy

6/1/2015WS Privacy5 Goal  Protection of personal information  Ability to Analyze privacy risks Measure privacy protection Develop Privacy policy compliant System (PPCS)  Improved architecture of PPCS

6/1/2015WS Privacy6 Related works 1. Privacy and web services 2. WS privacy risk analysis 3. WS privacy protection measurement 4. Privacy policy compliant WS

6/1/2015WS Privacy7 Related works (cont’d)  Privacy and web services Privacy - ability of individuals to control the collection, use, retention, and distribution of information about themselves. privacy policy - a statement that expresses the user’s desired control over a web service’s collection, use, retention, and distribution of information about the user. privacy risk - potential occurrence of any action or circumstance that will result in a violation of a user’s privacy policy.

6/1/2015WS Privacy8 Related works(cont’d)  Example of user/provider privacy policies (Online pharmacy) Policy Use: Pharmacy Owner: Alice Buyer Valid: unlimited Privacy Use: Pharmacy Owner: A-Z Drugs Inc. Valid: unlimited Collector: A-Z Drugs Inc. What: name, address, tel Purposes: identification Retention Time: unlimited Disclose-To: none Collector: A-Z Drugs Inc. What: drug name Purposes: purchase Retention Time: 2 years Disclose-To: none Collector: Drugs Dept. What: name, address, tel Purposes: identification Retention Time: 1 year Disclose-To: none Collector: Drugs Dept. What: drug name Purposes: sale Retention Time: 1 year Disclose-To: none Figure 1. Example user (left) and provider (right)

6/1/2015WS Privacy9 Related works (cont’d)  Web service privacy risk analysis 1. Web service personal information model (WSPIM)  Need of user’s personal information  Exchange of privacy policy  Obtain user’s personal information  Comply with the user’s privacy policy  Make use of the information

6/1/2015WS Privacy10 Related works (cont’d) 2. Method for privacy risk analysis  Determine all the possible locations  Find out the way of violating privacy policy

6/1/2015WS Privacy11 Related works (cont’d)  Determine all the possible locations Example of Personal Information Map (Book seller web service) Figure 2. PIM for a book seller web service

6/1/2015WS Privacy12 Related works (cont’d)  Find out the ways of violating privacy policy FieldRisk Questions CollectorHow can the PII be received by an unintended collector either in addition to or in place of the intended collector? WhatHow can the user be asked for other PII, either intentionally or inadvertently? PurposeHow can the PII be used for other purposes? Retention timeHow can the PII retention time be violated? Disclose-toHow can the PII be disclosed either intentionally or inadvertently to an unintended recipient? Table 1. Risk questions

6/1/2015WS Privacy13 Related works (cont’d) Table 2. Partial Privacy Risks Table corresponding to Figure 2 (PIIs / locations)Privacy Risks (1,2,3 / path into A); (2 / path into D); ( 3/ path into E) Man-in-the-middle attack violates collector, purposes, and disclose to; for path into A, user could be asked for personal information that violates what (1, 2, 3 / A, B); (1 /C); (2 / D); (3 / E) Trojan horse, hacker, or SQL attack (for B) violates collector, purposes, and disclose-to; for B, information could be kept past retention time Figure 2. PIM for a book seller web service  Privacy risk table

6/1/2015WS Privacy14 Related works (cont’d)  WS privacy protection measurement Privacy violations  Internal Violations (IV)  External Violations (EV)

6/1/2015WS Privacy15 Related works (cont’d) Now lets define the measures  Let M denote the measure of how well a service provider protects consumer privacy.  It will have 2 components m i to account for the provisions used against IV m e, to account for the provisions used against EV.  So M as a matrix can be expressed as M = (m i, m e )

6/1/2015WS Privacy16 Related works (cont’d)  Then for a service provider that has implemented combination k, of provisions to lessen IV m i = p k, 0 <= p k <= 1  For EV, we carry out a threat analysis, and we identify  No of security weaknesses – n  No of weaknesses that have countermeasures in place – q, then m e = q/n, if n> 0, so that 0 <= m e <= 1 = 1,if n=0

6/1/2015WS Privacy17 Related works (cont’d)  On a scale of 1 to 10, M 10 = (10.p k, 10.q/n), if n>0 = (10.p k, 10), if n=0  The minimum acceptable thresholds t i and t e are set for 10.m i and 10.m e Figure 2. service provider’s provisions for IV and EV

6/1/2015WS Privacy18 Related works (cont’d)  Calculation of the measures 1. Calculation of m i 2. The below table gives examples of internal violations provision combinations Table 3. Example IV provision combinations

6/1/2015WS Privacy19 Related works (cont’d)  Calculation of m e 1. Identify threats on the user’s data. 2. Create attack trees for the system. 3. Apply weights to the leaves 4. Prune the tree so that only exploitable leaves remain. Count the number of such leaves or vulnerabilities. 5. Count the countermeasures are in place for the vulnerabilities. After performing the above steps, both q and n are available for calculating m e

6/1/2015WS Privacy20 Related works (cont’d)  Privacy policy compliant WS (PPCS) The Privacy Policy Compliance System for WS which will provide consumer with a promising approach to measure of control over his/her private information through the use of a PPCS (Private Policy Compliance system). The policies of consumer and provider should match

6/1/2015WS Privacy21 Related works(cont’d)  Privacy Legislation 1. Accountability 2. Identify purpose 3. Consent 4. Limiting collection 5. Limiting use, disclosure and retention 6. Accuracy 7. Safeguard 8. Openness 9. Individual Access 10. Challenging compliance Note: Those are also the requirements for PPCS

6/1/2015WS Privacy22 Related works (cont’d)  An Architecture of PPCS Figure 3. Privacy policy compliance system architecture

6/1/2015WS Privacy23 Our observations 1. Privacy policy proposed by the author is not complete which leads to incomplete set of risks questions giving the consumer less confidence to do the transaction. 2. There are no provisions for consumers to set up the measuring standards. 3. Following points need to be considered to build for more effective PPCS for WS: 1. Damaged protection 2. Children protection 3. Right to transfer 4. Right to opt in /opt out 5. Lack of scalability 6. Lack of knowledge 7. Data tempering 8. Cost

6/1/2015WS Privacy24 Our modified method  Web service risk analysis – extended method New fields we have found for privacy policy  Safeguard: Security safeguards by the provider appropriate to the sensitivity of the information.  Individual access: Access by the individual to his/her personal information.  Challenging compliance: Ability of individuals to address a challenge.  Certificate Authority Access: Certificate Authorities to offer consumers a compliance verification service.

6/1/2015WS Privacy25 Our modified method (cont’d)  Online pharmacy example with new fields Policy Use: Pharmacy Owner: Alice Buyer Valid: unlimited Privacy Use: Pharmacy Owner: A-Z Drugs Inc. Valid: unlimited Collector: A-Z Drugs Inc. What: name, address, tel Purposes: identification Retention Time: unlimited Disclose-To: none Safeguards: Yes Individual access: Yes Challenging compliance: Yes Certificate Authority: SB Inc. Collector: A-Z Drugs Inc. What: drug name Purposes: purchase Retention Time: 2 years Disclose-To: none Safeguards: Yes Individual access: Yes Challenging compliance: Yes Certificate Authority: SB Inc. Collector: Drugs Dept. What: name, address, tel Purposes: identification Retention Time: 1 year Disclose-To: none Safeguards: Yes Individual access: Yes Challenging compliance: Yes Certificate Authority: SB Inc Collector: Drugs Dept. What: drug name Purposes: sale Retention Time: 1 year Disclose-To: none Safeguards: Yes Individual access: Yes Challenging compliance: Yes Certificate Authority: SB Inc Figure 4. Modified example user (left) and provider (right) privacy policies

6/1/2015WS Privacy26 Our modified method (cont’d)  Extended Risk questions FieldRisk Questions...… SafeguardsHow can the security safeguard appropriate for PII be affected? Individual access How can the personal information by inappropriate individual be accessed? Challenging compliance How can the compliance regarding Privacy principles associated with PII be changed intentionally or unintentionally? Certificate authority How can the secured logs passed by the certificate authority to customer be accessed by unintended recipient in addition to the intended customer? Table 5. Extended Risk questions

6/1/2015WS Privacy27 Our modified method (cont’d)  Privacy measurement – customization of standards Instead of the standard bodies recommending the percentage rating of the effectiveness of the provisions, the user and the provider determine the provisions that could be used to measure the security of the privacy of the web services. In this way the user and the provider can decide on some secure ways of transmission, by getting the measures and later on come with a PPCS system which satisfies all of the user’s requirements.

6/1/2015WS Privacy28 Our modified method (cont’d)  Privacy Policy Compliance System (PPCS) – with compliance verification Web InterfacePrivacy Controller Private Data import/export Database Controller Customer Informatin Consumer Information Log File Service Process From/To Other PPCS ppcs Certificate Authority CA Interface Fig 5: Modified PPCS Architecture

6/1/2015WS Privacy29 Weakness and Strengths  Strength Consumer will now have the full confidence to do a transaction with the service provider. Privacy measurement standards can be customized to make transactions more secured. The consumer who does not bother or doesn’t know how to check log file to verify the compliancy, they can easily do so by Certified Authority  Weakness PPCS for web service is semi automated, in some cases we need to notify respected officers for the non compliance matters, which are not automated. Cost of PPCS can not be controlled because it depends on the combination of hardware, software and storage.

6/1/2015WS Privacy30 Conclusion and Future Works  Observed steps Understanding how to analyze the risks to privacy Understanding how to measure privacy protection and Understanding a privacy policy compliant web service.  Steps for our new PPCS system WS risk analysis with extended privacy policy WS privacy protection measurement with customized standards PPCS with compliance verification

6/1/2015WS Privacy31 Conclusion and Future Works (cont’d)  Plans for future research include Programming the graphical notation to be machine readable Protecting the system from occurring damage due to shared personal information Protecting children from getting affected by shared information by others Improving the procedure for threat analysis by automating it and making it more foolproof Investigating other possible methods of privacy protection effectiveness

6/1/2015WS Privacy32 Acknowledgement  We would like to thank our professor for his great support and giving us the opportunity to learn privacy and security in internet  We would like to thank our audience for listening our presentation

6/1/2015WS Privacy33 References [1] G. Yee, “Visual Analysis of Privacy Risks in Web Services”, Proceedings, 2007 IEEE International Conference on Web Services (ICWS 2007), July 9- 13, 2007, pp [2] G. Yee, “Measuring Privacy Protection in Web Services”, Proceedings, 2006 IEEE International Conference on Web Services (ICWS 2006), Sept., 2006, pp [3] G. Yee, L. Korba, “Privacy policy compliance for Web services”, Proceedings, 2004 IEEE Intrnation-al Conference on Web Services (ICWS 2004), July, 2006, pp [4] I. Goldberg, D. Wagner, and E. Brewer, “Privacy-Enhancing Technologies for the Internet”, IEEE COMPCON’97, 1997, pp [5] Canadian Standards Association, “Model Code for the Protection of Personal Information”, retrieved Sept. 5, 2003 from: English

6/1/2015WS Privacy34 The End Questions ?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.