Technology Panel What technical tools are in our disposal for achieving privacy and security Privacy: Technology + Policy –Without Policy, technology will.

Slides:



Advertisements
Similar presentations
I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.
Advertisements

CSE331: Introduction to Networks and Security Lecture 22 Fall 2002.
Interaction of RFID Technology and Public Policy Presentation at RFID Privacy MIT 15 TH November 2003 By Rakesh Kumar
Rational Oblivious Transfer KARTIK NAYAK, XIONG FAN.
CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.
Introduction to Modern Cryptography, Lecture 12 Secure Multi-Party Computation.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.
HIPAA Security Standards What’s happening in your office?
FIN 685: Risk Management Topic 5: Simulation Larry Schrenk, Instructor.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Privacy Chris Kelly iLaw July 5, 2002.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
Proactive Secure Mobile Digital Signatures Work in progress. Ivan Damgård and Gert Læssøe Mikkelsen University of Aarhus.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
1 Introduction to Secure Computation Benny Pinkas HP Labs, Princeton.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
1 Information and Data Privacy: An Indian Perspective  Why is this important? Public concern about privacy.  Considerable concern in developed countries.
On Everlasting Security in the Hybrid Bounded Storage Model Danny Harnik Moni Naor.
Introduction (Pendahuluan)  Information Security.
Privacy Preserving Learning of Decision Trees Benny Pinkas HP Labs Joint work with Yehuda Lindell (done while at the Weizmann Institute)
Control of Personal Information in a Networked World Rebecca Wright Boaz Barak Jim Aspnes Avi Wigderson Sanjeev Arora David Goodman Joan Feigenbaum ToNC.
Building a Strong Foundation for a Future Internet Jennifer Rexford ’91 Computer Science Department (and Electrical Engineering and the Center for IT Policy)
Innovation in operations and processes Lesson 6 Chapter 8 + slides.
Slide 1 Justin Brickell Donald E. Porter Vitaly Shmatikov Emmett Witchel The University of Texas at Austin Secure Remote Diagnostics.
Homework – Day 1 Read all of Chapter 1. As you read, answer the following questions. 1. Define economics. 2. Explain the “economic way of thinking,” including.
How to play ANY mental game
Trusted Computing BY: Sam Ranjbari Billy J. Garcia.
Technology Panel What technical tools are in our disposal for achieving privacy Privacy: Technology + Policy –Technology can Implement Policy –Without.
Slides prepared by Cyndi Chie and Sarah Frye1 A Gift of Fire Third edition Sara Baase Chapter 2: Privacy.
Computer and Internet privacy (2) University of Palestine University of Palestine Eng. Wisam Zaqoot Eng. Wisam Zaqoot Feb 2011 Feb 2011 ITSS 4201 Internet.
Electronic Records Management: A Checklist for Success Jesse Wilkins April 15, 2009.
OPERATION RESEARCH MERVE GUL CONTEXT: What is O.R. ? History of Operation Research Necessity of O.R. The Basic Tools Used in O.R. The Seven.
Secure Computation (Lecture 7-8) Arpita Patra. Recap >> (n,t)-Secret Sharing (Sharing/Reconstruction) > Shamir Sharing > Lagrange’s Interpolation for.
Secure two-party computation: a visual way by Paolo D’Arco and Roberto De Prisco.
1 Security on Social Networks Or some clues about Access Control in Web Data Management with Privacy, Time and Provenance Serge Abiteboul, Alban Galland.
Privacy Communication Privacy Confidentiality Access Policies Systems Crypto Enforced Computing on Encrypted Data Searching and Reporting Fully Homomorphic.
Network Security Lecture 20 Presented by: Dr. Munam Ali Shah.
1 Privacy Preserving Data Mining Haiqin Yang Extracted from a ppt “Secure Multiparty Computation and Privacy” Added “Privacy Preserving SVM”
Location, Location, Location: The Emerging Crisis in Wireless Data Privacy Ari Schwartz & Alan Davidson Center for Democracy and Technology
Presented by: Suparita Parakarn Kinzang Wangdi Research Report Presentation Computer Network Security.
Protecting Privacy “Most people have figured out by now you can’t do anything on the Web without leaving a record” - Holman W. Jenkins, Jr
Presented by: Sanketh Beerabbi University of Central Florida.
On the Communication Complexity of SFE with Long Output Daniel Wichs (Northeastern) joint work with Pavel Hubáček.
Secure Computation (Lecture 2) Arpita Patra. Vishwaroop of MPC.
ICOM 5018 Network Security and Cryptography Description This course introduces and provides practical experience in network security issues and cryptographic.
Lecture 13: Anonymity on the Web Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin.
Application Architecture Internet Architecture David D. Clark MIT CSAIL September 2005.
Privacy Issues in Smart Grid R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide.
TRUSTED FLOW: Why, How and Where??? Moti Yung Columbia University.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.
The regulators’ role in integrating non-market related environmental goals in energy markets Finn Dehlbaek, Deputy Director, Danish Energy Regulatory Authority.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
OMA Secure Content Delivery for the Mobile World ODRL Workshop, Vienna Dr. Willms Buhse Vice Chair, OMA Download and DRM group.
Big Data Security Issues in Cloud Management. BDWG Big Data Working Group Researchers 1: Data analytics for security 2: Privacy preserving 3: Big data-scale.
Cryptographic methods. Outline  Preliminary Assumptions Public-key encryption  Oblivious Transfer (OT)  Random share based methods  Homomorphic Encryption.
Multi-Party Computation r n parties: P 1,…,P n  P i has input s i  Parties want to compute f(s 1,…,s n ) together  P i doesn’t want any information.
Framework of engagement : big data for official use Roy D. Ibay AVP Regulatory PLDT – Smart.
CMSC 818J: Privacy enhancing technologies Lecture 2.
Topic 36: Zero-Knowledge Proofs
Antonis Papadimitriou, Arjun Narayan, Andreas Haeberlen
IS4680 Security Auditing for Compliance
Computer Science and Engineering
Helen: Maliciously Secure Coopetitive Learning for Linear Models
Smart Meter Data Privacy: A Survey
IT and Society Week 2: Privacy.
Presentation transcript:

Technology Panel What technical tools are in our disposal for achieving privacy and security Privacy: Technology + Policy –Without Policy, technology will not be employed –Without Technology, policy will not be enforced

Panelists

Cryptography: An Enabler of Secure Computation Shafi Goldwasser CSAIL, MIT

The Evolution of Computing hjhhh

The Evolution of Computing

A Migration of Data Hjhfjfh jjjh jh jhjhj

Migration of Computation Hjhfjfh jjjh jh jhjhj = ?

A unprecedented Collection of Data Medical Records Financial Surveillance photos Location information Purchasing history Browsing history Social Interactions A Collection on Data about us

Enormous Potential Benefits in Globalization of Knowledge Hjhfjfh jjjh jh jhjhj = ?

Benefits Heath: Sharing Data Sets for research and disease control National Security: threat prediction, law enforcement Data Analytics: –Traffic re-routing, –smart energy usage, –economic growth by intelligent consumer targeting –risk predictions for financial markets

Enormous Potential Risks: Loss of Control, Misuse of Knowledge Hjhfjfh jjjh jh jhjhj = ?

Risks Loss of Control: Remote Storage & Computation threatens –Authenticity. –Correctness. –Availability. Loss of Privacy: reveal more data than necessary to extract the benefits –Loss of Anonymity –Loss of Fairness: profiling, price discrimination –Loss of competitive Edge: playing field leveled by common data

Methods Which Don’t Work Classic Encryption: Can hide information but not process it Classic Anonymizing: Individual’s data with identifying information removed, is still easy to recognize

Benefit vs. Risk Medical: Research progress vs. Patient Rights National Security: Surveillance vs. Liberty Financial: Risk Analysis vs. Market-Competition Economic Growth Consumer Targeting vs. Fair Pricing Are These Contradictory Constraints?

Benefit vs. Risk Medical: Research progress vs. Patient Rights National Security: Surveillance vs. Liberty Financial: Risk Analysis vs. Market-Competition Economic Growth Consumer Targeting vs. Fair Pricing Can mathematics & technology enable us to have the best of both worlds

Cryptography 80’s - today Host of Techniques that enable to perform computations on data without seeing the data Extract specific knowledge, revealing nothing extra Reconcile some of these seemingly contradictory “Benefits vs. Risks”

SFE: Mathematical Formulation N distrustful parties run a protocol to extract information depending on their collective private data. Formulate this as evaluating a function f (X 1, X 2, …,X n ) –where X j is private input of party j. So that parties only learn the function output, but nothing else about others inputs X2X2 X3X3 X4X4 X5X5 X1X1

Example 1: Conduct Medical Study on Confidential Medical Data f(B&W-DNA,MGH-DNA, Pharma) = develop drug if the green gene is prevalent in the population N=3

Suspect Data Base Example 2: Policing While Not Breaking Civil Liberties f(photos, suspects) = true only if suspect appears in them Surveillance Photos protocol N=2

Example 3:Financial Stability of our society [AKL11] Merril Lynch Mass General Lehman Bros. Protocol f(MerrilLynch info, LehmanBros info, Govt) = will banks become insolvent N=3

Trusted Center Solution? Center can be Faulty! Goal: Decentralized solution with “same” properties as solution with trusted center

Major Result [ the 80’s] Any polynomial time function f can be securely evaluated, using the cryptographic tool box Unconditionally, if there is an honest Majority Assuming oblivious transfer, if no honest majority,

In toy examples, different entities with different goals hold different parts of the data Not Always the case…. By design can store data so no single entity has entire data or power Major Lesson: Store All Data Distributively

SFE: Theory and Practice [80’s] Proof of Concept: Great Theory, for general functions, but impractical In recent times [Lindell2013 Survey]: optimized implementations for simple classes but useful functions and relaxed security, achieve impressive practical performance, much more work needed But: Requires Interaction Not robust to an “insider” leaking all

Truly Amazing Progress: Computing on Encrypted Data Fully Homomorphic Encryption [Gentry2009] Functional Encryption [SW05, GVW13, GKPVZ13, GGHRSW13, GGSJ14] Theory to Practice: Research to be done Secret key for f Using key Server can compute f(Data) Enc[Data 1 ]… Enc[Data n ]

From Data to Programs Browsing Searching Social Interactions General Programs Goal: keep which programs you run private? Promise: Program Obfuscation Methods

Secure Function Evaluation  Privacy Given f, SFE shows how to compute f(data) revealing nothing extra on data But f(data) itself may reveal too much f 1 (data),…,…,f n (data) may reveal too much f(data 1,…,data n ) can reveal data j, if {data i } is chosen maliciously Differential Privacy Research: Which classes of functions are safe to compute?

A Combination of Privacy and Secure Computation A two-stage process: –Decide that the function/algorithm should be computed – an issue of privacy –Apply secure computation techniques to compute it securely – security

Security Definition: Simulation Paradigm Given your own inputs and the output of the computation, can generate “simulated view” of the protocol which is computationally indistinguishable from “real view”. Distribution of REAL Messages Exchanged in the protocol v1v1 p1p1 v2v2 pkpk v1v1 p1p1 v2v2 pkpk ≈ SIMULATED Messages Exchanged in the protocol

Loss of Privacy is Complex Different Entities Collect and Protect Data in an Un-coordinated fashion Unforeseen Cross Referencing of information held by different entities on the same individual, causes greater privacy loss Aggregate information on many can reveals information on a single individual