Lecture 17 Page 1 CS 236 Online Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption –With good encryption,

Slides:



Advertisements
Similar presentations
CyberBullying What is Cyberbullying? How to avoid being a Cyberbully
Advertisements

1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.
Lecture 12 Page 1 CS 111 Online Devices and Device Drivers CS 111 On-Line MS Program Operating Systems Peter Reiher.
e-safety and cyber bullying
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
Web Security A how to guide on Keeping your Website Safe. By: Robert Black.
Jan. 28, 2004UCB Sensor Nets Day1 TOWARD A LEGAL FRAMEWORK FOR SENSOR NETWORKS Pamela Samuelson, Law/SIMS UCB Sensor Nets Day January 28, 2004.
CYBER BULLYING Cody O’Brien. Goals for Today’s Presentation Introduce Cyber bulling Identify forms of cyber bulling Steps to prevent it What to do if.
Do you know how to keep yourself safe?
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Lecture 5 Page 1 CS 236 Online Certificates A ubiquitous form of authentication Generally used with public key cryptography A signed electronic document.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.
Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.
How Can We Deal with Risks from the Internet: Why Privacy Legislation Is Hot Right Now Professor Peter Swire Ohio State University/Center for American.
Reliability & Desirability of Data
The Internet Industry Week Four. RISE OF THE INTERNET THE INTERNET – a global system of interconnected private, public, academic, business, and government.
ANTI-BULLYING AT KNIGHTLOW CYBER BULLYING. Cyber bullying: fact or fiction? 1. There are at least 7 forms of bullying that happen using technology True.
Lecture 16 Page 1 CS 136, Fall 2014 Privacy Computer Security Peter Reiher December 11, 2014.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
ETHICAL ISSUES SURROUND ELECTRONIC COMMUNICATIONS Unit 3.
Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.
Lecture 17 Page 1 CS 236 Online Privacy CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Regulation of Personal Information Sally Brierley & Emma Harvey.
Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.
Lecture 12 Page 1 CS 236 Online Virtual Private Networks VPNs What if your company has more than one office? And they’re far apart? –Like on opposite coasts.
Lecture 12 Page 1 CS 236, Spring 2008 Virtual Private Networks VPNs What if your company has more than one office? And they’re far apart? –Like on opposite.
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Client-Server Model of Interaction Chapter 20. We have looked at the details of TCP/IP Protocols Protocols Router architecture Router architecture Now.
Lecture 20 Page 1 Advanced Network Security Basic Approaches to DDoS Defense Advanced Network Security Peter Reiher August, 2014.
MY ONLINE CODE In the last 2 years of digital literacy I have learned the proper ways to act and why to act that way online, I have also learned other.
06/02/06 Workshop on knowledge sharing using the new WWW tools May 30 – June 2, 2006 GROUP Presentation Group 5 Group Members Ambrose Ruyooka Emmanuel.
Lecture 13: Anonymity on the Web Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin.
Cyberbullying Activity 2. Think about these questions.
Lecture 4 Page 1 CS 111 Online Modularity and Virtualization CS 111 On-Line MS Program Operating Systems Peter Reiher.
Lecture 5 Page 1 CS 236 Online Key Management Choosing long, random keys doesn’t do you any good if your clerk is selling them for $10 a pop at the back.
Lecture 9 Page 1 CS 111 Online Deadlock Prevention Deadlock avoidance tries to ensure no lock ever causes deadlock Deadlock prevention tries to assure.
Lecture 17 Page 1 CS 236 Online Onion Routing Meant to handle issue of people knowing who you’re talking to Basic idea is to conceal sources and destinations.
science/internet-intro
Lecture 17 Page 1 CS 136, Fall 2013 Privacy CS 136 Computer Security Peter Reiher December 5, 2013.
The internet is an inspiring and positive place. It is an amazing resource which enables people (young and old) to connect, communicate and be creative.
Lecture 17 Page 1 Advanced Network Security Network Denial of Service Attacks Advanced Network Security Peter Reiher August, 2014.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
Lecture 3 Page 1 CS 236 Online Security Mechanisms CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Privacy, data protection and connected cars Lilian Edwards, Professor of Internet Law University of Strathclyde Researcher in Residence, Digital Catapult.
Lecture 19 Page 1 CS 236 Online Privacy Privacy vs. security? Data privacy issues Network privacy issues Some privacy solutions.
Safe Social Networking: Parent Workshop Helping to keep your children safe online.
Lecture 17 Page 1 CS 136, Spring 2014 Privacy CS 136 Computer Security Peter Reiher June 3, 2014.
Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.
Lecture 10 Page 1 CS 236 Online SSL and TLS SSL – Secure Socket Layer TLS – Transport Layer Security The common standards for securing network applications.
Lecture 16 Page 1 CS 136, Spring 2016 Privacy Computer Security Peter Reiher May 26, 2016.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 3 This material was developed by Oregon Health & Science University,
Information Guide to Cyber Bullying. Cyber bullying is a relatively new form of bullying which has started happening a lot on social networking sites,
Lecture 9 Page 1 CS 236 Online Firewalls What is a firewall? A machine to protect a network from malicious external attacks Typically a machine that sits.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
Challenge/Response Authentication
Privacy Computer Security Peter Reiher March 9, 2017
Surveillance around the world
Challenge/Response Authentication
Information Security.
Overview 1. Phishing Scams
Password Management Limit login attempts Encrypt your passwords
Understanding the OSI Reference Model
Privacy CS 136 Computer Security Peter Reiher December 4, 2012
Privacy Privacy vs. security? Data privacy issues
Outline The spoofing problem Approaches to handle spoofing
Presentation transcript:

Lecture 17 Page 1 CS 236 Online Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption –With good encryption, data values not readable So what’s the problem?

Lecture 17 Page 2 CS 236 Online Traffic Analysis Problems Sometimes desirable to hide that you’re talking to someone else That can be deduced even if the data itself cannot How can you hide that? –In the Internet of today?

Lecture 17 Page 3 CS 236 Online A Cautionary Example VoIP traffic is commonly encrypted Researchers recently showed that they could understand what was being said –Despite the encryption –Without breaking the encryption –Without obtaining the key

Lecture 17 Page 4 CS 236 Online How Did They Do That? Lots of sophisticated data analysis based on understanding human speech –And how the application worked In essence, use size of encrypted packets and interarrival time –With enough analysis, got conversation about half right

Lecture 17 Page 5 CS 236 Online Location Privacy Mobile devices often communicate while on the move Often providing information about their location –Perhaps detailed information –Maybe just hints This can be used to track our movements

Lecture 17 Page 6 CS 236 Online Cellphones and Location Provider knows what cell tower you’re using With some effort, can pinpoint you more accurately In US, law enforcement can get that information just by asking –Except in California

Lecture 17 Page 7 CS 236 Online Other Electronic Communications and Location Easy to localize user based on hearing wireless signals Many devices contain GPS nowadays –Often possible to get the GPS coordinates from that device Bugging a car with a GPS receiver not allowed without warrant –For now...

Lecture 17 Page 8 CS 236 Online Implications of Location Privacy Problems Anyone with access to location data can know where we go Allowing government surveillance Or a private detective following your moves Or a maniac stalker figuring out where to ambush you...

Lecture 17 Page 9 CS 236 Online Another Location Privacy Scenario Many parents like to know where their children are Used to be extremely difficult Give them a smart phone with the right app and it’s trivial Good or bad?

Lecture 17 Page 10 CS 236 Online A Bit of Irony To a large extent, Internet communications provide a lot of privacy –“On the Internet, no one knows you’re a dog.” But it’s somewhat illusory –Unless you’re a criminal

Lecture 17 Page 11 CS 236 Online Why Isn’t the Internet Private? All messages tagged with sender’s IP address With sufficient legal authority, there are reliable mappings of IP to machine –ISP can do it without that authority Doesn’t indicate who was using the machine –But owner is generally liable

Lecture 17 Page 12 CS 236 Online Web Privacy Where we visit with our browsers reveals a lot about us Advertisers and other merchants really want that information Maybe we don’t want to give it to them –Or to others But there are many technologies to allow tracking –Even to sites the tracker doesn’t control

Lecture 17 Page 13 CS 236 Online Do Not Track Wouldn’t it be nice if we could ensure that web sites don’t track us? Enter the Do Not Track standard A configurable option in your web browser Which, by enabling, you might think prevents you from being tracked

Lecture 17 Page 14 CS 236 Online The Problems With Do Not Track First, it’s voluntary –Web server is supposed to honor it –But will they? Second, and worse, it doesn’t mean what you think it means –Based on current definitions of the option

Lecture 17 Page 15 CS 236 Online What Do Not Track Really Means What it really means is “I’ll track you anyway” “But I won’t provide you anything helpful based on the tracking” So they know what you’re doing –And they do whatever they want with that data But you don’t see targeted ads So what’s the point of Do Not Track? –A good question

Lecture 17 Page 16 CS 236 Online Privacy and the Law US law has long recognized a Constitutional right to privacy –Many of the legal decisions related to sex –But also areas like education choice, medical decisions, marital issues –Not well settled law Some state constitutions enumerate a right to privacy (e.g., California’s)

Lecture 17 Page 17 CS 236 Online Privacy Laws Related to Data Compromise Many US states have laws compelling businesses to divulge data loss –When such loss involves compromise of users’ personal info –E.g., CA SB 1386 Continuing attempts to pass a national version of this kind of law

Lecture 17 Page 18 CS 236 Online US Medical Data Privacy Law In the HIPAA laws regulating health insurance Seeks balance between –privacy of medical info and –benefits of sharing among health care providers Strong limits on who can be given your medical information

Lecture 17 Page 19 CS 236 Online European Law and Privacy EU Data Protection Directive provides broad privacy protections Specifically in the context of computer data Offers wide and powerful protections against privacy invasions Generally Europeans have particular sensitivity to privacy issues

Lecture 17 Page 20 CS 236 Online Other Nation’s Legal Stands Some nations (e.g., China) have limited constitutional privacy rights Some have derived rights, like the US (e.g., India) Some have non-constitutional legal frameworks (e.g., Russia) In many countries, what the laws say and what actually happens might differ

Lecture 17 Page 21 CS 236 Online The Relevance of Privacy Laws Typically, one nation’s privacy laws not necessarily honored by others –Exception: EU shares laws among its member nations Governments not always committed to enforcing them The fact you’re supposed to keep info private can help hide compromises

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.