Privacy Issues and Techniques for Monitoring Applications Vibhor Rastogi RFID Security Group.

Slides:



Advertisements
Similar presentations
Abuse Testing Laboratory Management Laboratory Management.
Advertisements

Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
Database Security CS461/ECE422 Spring Overview Database model – Relational Databases Access Control Inference and Statistical Databases Database.
Access Control Methodologies
Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
Differentially Private Aggregation of Distributed Time-Series Vibhor Rastogi (University of Washington) Suman Nath (Microsoft Research)
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Practical Techniques for Searches on Encrypted Data Author: Dawn Xiaodong Song, David Wagner, Adrian Perrig Presenter: 紀銘偉.
1 Privacy-Preserving Collaborative Filtering Using Randomized Perturbation Techniques Huseyin Polat and Wenliang (Kevin) Du Department of EECS Syracuse.
Privacy Research In the RFID Ecosystem Project Evan Welbourne joint work with Magdalena Balazinska, Gaetano Borriello, Tadayoshi.
Hippocratic Databases Paper by Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, Yirong Xu CS 681 Presented by Xi Hua March 1st,Spring05.
Last time Finish OTR Database Security Introduction to Databases
Cloud based linked data platform for Structural Engineering Experiment Xiaohui Zhang
Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.
Differentially Private Transit Data Publication: A Case Study on the Montreal Transportation System Rui Chen, Concordia University Benjamin C. M. Fung,
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Overview of Privacy Preserving Techniques.  This is a high-level summary of the state-of-the-art privacy preserving techniques and research areas  Focus.
Aegis: A Semantic Implementation of Privacy as Contextual Integrity in Social Ecosystems Imrul Kayes, Adriana Iamnitchi.
Self-Enforcing Private Inference Control Yanjiang Yang (I2R, Singapore) Yingjiu Li (SMU, Singapore) Jian Weng (Jinan Univ. China) Jianying Zhou (I2R, Singapore)
JSM, Boston, August 8, 2014 Privacy, Big Data and The Public Good: Statistical Framework Stefan Bender (IAB)
My Partner For Learning Solutions Central Office Administrators in the era of TPEP Day 3 January 9,
1 Security on Social Networks Or some clues about Access Control in Web Data Management with Privacy, Time and Provenance Serge Abiteboul, Alban Galland.
Disclosure risk when responding to queries with deterministic guarantees Krish Muralidhar University of Kentucky Rathindra Sarathy Oklahoma State University.
Device-independent security in quantum key distribution Lluis Masanes ICFO-The Institute of Photonic Sciences arXiv:
Whose Responsibility is it? Karen Korb TELUS Health Solutions November 24, 2009 Privacy and Confidentiality in the EHR:
Non-tracking Web Analytics Istemi Ekin Akkus, Ruichuan Chen, Michaela Hardt, Paul Francis, Johannes Gehrke Presentation by David Ferreras.
C++ Programming Homework 11 Speaker: Ching-Chen Chang Date: 2008/05/02.
Presented by: Sanketh Beerabbi University of Central Florida.
Privacy Framework for RDF Data Mining Master’s Thesis Project Proposal By: Yotam Aron.
The art of closing.
PRISM: Private Retrieval of the Internet’s Sensitive Metadata Ang ChenAndreas Haeberlen University of Pennsylvania.
ECE Prof. John A. Copeland fax Office: GCATT Bldg.
Delegation and Proxy Services in Digital Credential Environments Carlisle Adams School of Information Technology and Engineering University of Ottawa.
POP-SNAQ: Privacy-preserving Open Platform for Social Network Application Queries Brian Thompson Huijun Xiong.
11 Version Control Systems Mauro Jaskelioff (originally by Gail Hopkins)
Preserving Privacy in GPS Traces via Uncertainty- Aware Path Cloaking Baik Hoh, Marco Gruteser, Hui Xiong, Ansaf Alrabady Presented by Joseph T. Meyerowitz.
Secure Conjunctive Keyword Search Over Encrypted Data Philippe Golle Jessica Staddon Palo Alto Research Center Brent Waters Princeton University.
Can We Talk Now? Technology Selection for an Intelligent Status Tracking System 5 th June 2009 Sidney Shek ( ) Supervisor:
Differential Privacy Some contents are borrowed from Adam Smith’s slides.
Web Usability Made Easier Adaptation personalization vs. customization Aleksandra Stoeva.
6° of Darkness or Using Webs of Trust to Solve the Problem of Global Indexes.
Research Overview Nitesh Saxena Research areas: computer and network security, applied cryptography.
P51UST: Unix and SoftwareTools Unix and Software Tools (P51UST) Version Control Systems Ruibin Bai (Room AB326) Division of Computer Science The University.
It’s Time to Write a strong Thesis Statement! Packet #3 Working Thesis.
Trustworthy Semantic Web Dr. Bhavani Thuraisingham The University of Texas at Dallas Inference Problem March 4, 2011.
 IS A COLLECTION OF PROGRAMS THAT MANAGES THE DATABASES STRUCTURE AND CONTROL ACCESS TO THE DATA STORED IN THE DATABASE.
Keyword search on encrypted data. Keyword search problem  Linux utility: grep  Information retrieval Basic operation Advanced operations – relevance.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
1 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 467 / Phys 767 C&O 481 / C&O 681 Richard Cleve DC 3524 Course.
Decentralized Access Control: Overview Deepak Garg Foundations of Security and Privacy Fall 2009.
CMSC 818J: Privacy enhancing technologies Lecture 2.
Key management issues in PGP
Searchable Encryption in Cloud
Review session For DS final exam.
Cloud based linked data platform for Structural Engineering Experiment
Computer Communication & Networks
Scientific Method.
The 3 prisoners dilemma Inferring more complex values
Windows® MultiPoint™ Server 2010
Knowledge Inference for Optimizing Secure Multi-party Computation
Peer-to-Peer Reputations
“Location Privacy Protection for Smartphone Users”
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Kriti shreshtha.
A Distributed Tabling Algorithm for Rule Based Policy Systems
Computer Security Access Control
Trustworthy Semantic Web
Some contents are borrowed from Adam Smith’s slides
Trust-based Privacy Preservation for Peer-to-peer Data Sharing
Differential Privacy (1)
Presentation transcript:

Privacy Issues and Techniques for Monitoring Applications Vibhor Rastogi RFID Security Group

Privacy in Monitoring Applications  Monitoring apps collect personal information Supports useful applications  Personal reminder services or Personal Object trackers Results in privacy issues  RFID Ecosystem: RFID monitoring system Monitors location information about users & their objects Information is stored in a trusted central server Users query the central server

RFID Ecosystem Where is Alice? Alice Charlie Delta Where is Alice? Bob & Alice are friends Charlie & Alice have a scheduled meeting Bob Where is Alice?

Central Privacy Issue: Access control  Suppose a user asks a query Is the answer public or private? It depends on multiple factors [Belloti et. al.] Context information of the Querier and the Subject  Rule-based access control Rules control the release of personal information Need to incorporate all the above factors

Access Control: Challenges  Rules need to incorporate context information Many rules need to be defined Rules difficult to understand and manage  Context information might have to be inferred  Context information may be uncertain

Managability of Rules  Our Solution We identify a list of interesting scenarios and applications Rules are defined to support the scenarios A constrained space of predefined rules Users have an option to enable/disable them  Example: Ownership scenario & Ownership rule

The ownership scenario Bob: Where is my book System: Alice has book If B carries A’s object then release B has object to A Context

Context is crucial Bob: Where is my book System: Alice has book Hidden Book  Right context may need to be inferred  Done using PEEX If B is with A’s object then release B has object to A

Context is uncertain  Access control Rules  Context is uncertain For example: 20% chance that ‘Alice Carries Book’ Let Pr(context) = p c & Pr(secret) = p s  Access control semantics If p c = 1 reveal p s If p c = 0 hide p s If (0 < p c < 1) then what? If context then release secret to user

Our approach: Perturbation method  Reveal partial information in uncertain context  Perturb p` s = p s + noise(p c )  Return p` s instead of p s  Compromise soundness Answers returned may be wrong Justifiable as system is itself uncertain! Degree of confidence in answer also returned

Noise function  -0.5 <= noise(pc) <= 0.5 p c = 0.5p c = 0

Conclusion  Designing simple & intuitive rules important  We design ACP for the RFID Ecosystem Infer high level context Inferred context uncertain  Implementation of ACP Use perturbation methods for uncertain context

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.