SWAMI Threats, vulnerabilities & safeguards in a World of Ambient Intelligence David Wright Trilateral Research & Consulting 21 March 2006
SWAMI PrivacyIdentitySecurityTrust Digital divide
SWAMI goal Identify research & policy options re safeguards & privacy-enhancing mechanisms needed to ensure user control, acceptance and enforceability of policy with equal rights & opportunities for citizens
Privacy threats & vulnerabilities - 1 Hackers & malware Function creep Security & surveillance Profiling Sharing of data between companies & government Lack of public awareness about privacy rights Lack of enforcement & oversight Erosion of rights & values Uncertainties about what to protect & costs
Privacy threats & vulnerabilities - 2 Uncertainties about the economic costs of privacy erosion Lax security Government and industry are less than forthright
Identity threats & vulnerabilities - 1 Identity theft Function creep Exploitation of linkages by industry & government Penetration of identity management systems (hacking, spoofing, denial of service, etc) Authentication may intrude upon privacy Complexity of identity management systems
Identity threats & vulnerabilities - 2 Failures in identity management & authentication systems Inadequate protection of cyber identity Misplaced trust in security mechanisms
Security threats Attackers - viruses, worms, Trojans, phishing, denial of service attacks Attackers – criminals, terrorists, government, industry
Security vulnerabilities System complexity, unexpected behaviour, not sufficiently reliable, generating false positives, insider attacks (authorised, but dishonest employee) Individuals are careless, lose their mobiles, forget to use security measures, are easily tricked Organisations don’t take adequate security measures, don’t know what to protect, don’t keep software up to date, have cost issues
Undermining trust - 1 Lack of trust in underlying cyber infrastructure and other people Identity theft Resourcefulness of hackers & intruders Inadequate profiling (attribution conflicts & misinterpretation of user needs)
Undermining trust - 2 Loss of control –Technology paternalism (machines know best) –Unpredictable system behaviour –Hijacking of an AmI system Service denial & discrimination Victimisation
The digital divide could grow wider because of technological & user dependencies insufficient interoperability cost isolation AmI “technosis” stress exclusion & discrimination – unequal access & stigmatisation
Safeguards A multiplicity of threats & vulnerabilities require a multiplicity of safeguards TechnologicalSocio-economic Legal & regulatory
Technological safeguards - 1 Main privacy-protecting principles in network applications: Anonymity Pseudonymity Unlinkability Unobservability
Technological safeguards - 2 Minimal data collection, transmission & storage Active intrusion prevention – e.g., antivirus software Passive intrusion prevention - encryption Prove user authorisation locally, transmit only confirmation of authorisation Hide relations between user identity & actions Communications protocols that hide device ID Limiting signal range
Technological safeguards - 3 Access control ISO – good but focuses on organisational security In AmI world access control will be needed in the wider, embedded world Unobtrusive, continuous, multimodal authentication Context-dependent access control Embedding legal requirements & personal user wishes Problem of authorised, but dishonest person Artificial intelligence to catch unusual patterns
Socio-economic safeguards Open standards Codes of practice Service contracts Trust marks Privacy audits Education Public awareness & media attention
Actions by the EC & Member States Accessibility & inclusion Accountability, audits, international collaboration, enforcement Research proposals to identify potential privacy impacts Guidelines for ICT research Public procurement Developing the legal framework to take AmI into account