Anonymity on Web Transaction Department of Computer Science Ball State University Research Methods - CS 689 Uday Adhikari 7 th Dec. 2000

Contents  Introduction  Problem Description  Research Objectives  Research Objectives  Literature Review  Research design  Research design  Data Analysis  Data Analysis  Schedule  Schedule  Facilities and Resources  Facilities and Resources  Deliverables  Deliverables  References  References

Introduction n My system consists of a dynamic collection of users, called a group, for users’ anonymity on the web transactions. n Group is a collection of large number of users from different geographical regions that collectively issues requests on behalf of its members.

Web transaction is a set of request, asking the web server for some service, and acknowledgment, which is the response to the request. With anonymity guaranteed, individuals would be able to participate in the Internet

contd…. revolution without being in fear that their every move was being recorded and information about them accumulated which might be used at a later date.

Problem Description In certain situation the need for anonymity in the Internet is considered to be entirely necessary, for example when a person who are trying to withdraw from social stigma like, victim of a sexual offense or alcoholic person or drug abuser wishing to share

contd… experiences with others, where an individual contemplating suicide wishing to consult specialist on-line help, or where person wishing to report a crime without any fear of being identified.

Research Objective: Users’ anonymity from the world-wide- web. Users’ anonymity from the world-wide- web. Freedom of speech and expression. Freedom of speech and expression.

Literature Review: The basic approach previously proposed for achieving anonymous web transactions was to interpose an additional party (a proxy) between the sender and the receiver to hide the sender’s identity from the receiver.

contd… Examples of such proxies include the Anonymizer ( and the Lucent Personalized Web Assistant

Research Design As mention above group is a collection of users. A user is represented in a group by a process in their own computer. When the process is started, it contacts the server to request admittance to the group. If admitted, the server

contd… reports to the process the current membership of the group and information that enables the process to participate in the group. The user selects this process as his/her web proxy by specifying its

contd… host name and port number in his/her web browser as the proxy for all services. Thus, any request coming from the browser is sent directly to the process on the user’s computer.

contd… contd…

contd… In the figure previous slide the possible paths are 1  5  server; 2  6  2  server; 3  1  6  server; 4  4  server; 5  4  6  server; and 6  3  server. Subsequent requests initiated at the same process follow the same path (except going to a different end server), and server replies traverse the same path as the requests, only in reverse.

contd… Group Membership: The membership maintenance procedures of a group are those procedures that determine who can join the group and when they can join, and that inform members of the group membership.

contd… Mechanism: To make use of the server and the group the user must establish an account with the server, i.e., an account name and password that the server stores.

contd… When the user starts a process, the process and the server use this shared password to authenticate each other’s communication. As a result of that communication (and if the server accepts the process into the group) the server adds the new process (i.e., its IP address, port number, and account name) to its list of members, and reports this list back to the process.

Data Analysis: Table next page shows the results of performance tests on implementation. It shows the mean latency in milliseconds of retrieving web pages of various sizes for various path lengths.

contd… contd… Path Length Page Size (Kbytes)

Schedule: Schedule: Literature review for group, network privacy - about three months Literature review for group, network privacy - about three months Design of code to Implementation users in the group - another two months Design of code to Implementation users in the group - another two months Testing the performance for different paths and for different browsers - another two months Testing the performance for different paths and for different browsers - another two months

Facilities and Special Resources: Web server that can maintain large number of members of the group. A good compiler language such as C to implement the code which is used to accept or reject the users into the group.

Deliverable: Deliverable: A novel approach to protecting users’ privacy while retrieving information on the world-wide-web is presented. Includes a project, which gives design of the group, collection of web users from diverse geographical region which retrieves information on its users’ behalf.

References: BRIER, S How to keep your privacy: Battle lines get clearer. New York Times (Jan. 13). CHAUM, D Untraceable electronic mail, return addresses, and digital pseudonyms. References: BRIER, S How to keep your privacy: Battle lines get clearer. New York Times (Jan. 13). CHAUM, D Untraceable electronic mail, return addresses, and digital pseudonyms.

contd… CRISTIAN, F Reaching agreement on processor group membership in synchronous distributed systems. GABBER, E GIBBONS, P., MAITIAS, Y., AND MAYER, A How to make personalized web browsing simple, secure, and anonymous.

Questions?