Lecture 13: Anonymity on the Web Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin.

Slides:



Advertisements
Similar presentations
Hart District Acceptable Use Policy Acceptable Use Policy.
Advertisements

A dialogue with FMUG: Sensitive Data & Filemaker MIT Policy and Data Classifications ** DRAFT ** Guidelines Feedback and Discussion Tim McGovern 2 June.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
M. Guymon Pleasant Grove High School Spring 2003 Ethics & Computer Technology Day 18.
Computer Technology Day 18
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
HIPAA Security Standards What’s happening in your office?
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter and Aviel D. Rubin, Presented by Eric M. Busse Portions excerpt from Crowds: Anonymity.
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Privacy on the Web Gertzman Lora Krakov Lena. Why privacy? Privacy is the number one consumer issue facing the internet. An eavesdropper (server, service.
Modelling and Analysing of Security Protocol: Lecture 9 Anonymous Protocols: Theory.
Privacy: Challenges and Opportunities Tadayoshi Kohno Department of Computer Science and Engineering University of Washington.
Hidden Apps Carrier IQ and Privacy in Mobile Devices.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Anonymity on the Web: Onion routing and Crowds. 2 Outline  the problem of user privacy  basic concepts of anonymous communication  MIXes  Onion routing.
On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)
PART THREE E-commerce in Action Norton University E-commerce in Action.
Lecture 28: Anonymity on the Web Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin.
Ethics & Computer Essentials. R. Stewart Fayetteville High School Ethics A set of principles of right conduct A theory or a system of.
Ethics & Computer Technology. Ethics are…  A set of principles of right conduct.  A theory or a system of moral values.  The rules or standards.
Electronic Payment Systems. How do we make an electronic payment? Credit and debit cards Smart cards Electronic cash (digital cash) Electronic wallets.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
OHT 11.1 © Marketing Insights Limited 2004 Chapter 9 Analysis and Design EC Security.
Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.
@Yuan Xue CS 285 Network Security Fall 2008.
Anonymity on the Internet Presented by Randy Unger.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
331: STUDY DATA COMMUNICATIONS AND NETWORKS.  1. Discuss computer networks (5 hrs)  2. Discuss data communications (15 hrs)
Dimensions of E – Commerce Security
Types of Electronic Infection
Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.
Anonymity – Crowds R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide anonymity.
COPYRIGHT © 2011 South-Western/Cengage Learning. 1 Click your mouse anywhere on the screen to advance the text in each slide. After the starburst appears,
Communication Systems The Internet The largest wide area network in the world. It is made up of thousands of linked networks. What.
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
06/02/06 Workshop on knowledge sharing using the new WWW tools May 30 – June 2, 2006 GROUP Presentation Group 5 Group Members Ambrose Ruyooka Emmanuel.
R. Stewart Fayetteville High School Ethics & Computer Technology Day 18.
Increasing Anonymity in Crowds via Dummy Jondos By: Benjamin Winninger.
Ways to reduce the risks of Crowds and further study of web anonymity By: Manasi N Pradhan.
Private key
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.
Introduction to Network Systems Security Mort Anvari.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Safe Computing Practices. What is behind a cyber attack? 1.
@Yuan Xue CS 285 Network Security Fall 2012 Yuan Xue.
Analysing s Michael Jones. Overview How works Types of crimes associated with Mitigations Countermeasures Michael Jones2Analsysing s.
1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 
SAMET KARTAL No one wants to share own information with unknown person. Sometimes while sharing something with someone people wants to keep.
G063 - Intranets, the Internet and Extranet. Learning Objectives: At the end of this topic you should be able to: describe the characteristics and purpose.
Anonymous Communication
Chapter 5 Electronic Commerce | Security
Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin
Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Safety in Numbers: Crowds
Richard Purcell Corporate Privacy Officer Microsoft Corporation
Digital Signatures and Forms
An Introduction to Privacy and Anonymous Communication
0x1A Great Papers in Computer Security
Chapter 5 Electronic Commerce | Security
Other Sources of Information
Anonymous Communication
Unit# 5: Internet and Worldwide Web
Personal Privacy and the Public Internet
Anonymous Communication
Increasing Anonymity via Dummy Jondos in a Crowd
Presentation transcript:

Lecture 13: Anonymity on the Web Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin

User privacy – the problem private information is processed and stored extensively by various individuals and organizations – location of user  telecom operators – financial situation of user  banks, tax authorities – wealth of user  insurance companies – shopping information of user  credit card companies, retailers (via usage of fidelity cards) – illnesses of user  medical institutions –…–… complete and meaningful profiles on people can be created and abused information technology makes this easier – no compartmentalization of information – cost of storage and processing (data mining) decreases  technology is available to everyone 2

User privacy – the goal private data should be protected from abuse by unauthorized entities – transactional data access/usage logs at telecom operators, buildings, parking, public transport, … – data that reveals personal interests video rentals, credit card purchases, click stream data (WWW), … – data that was disclosed for a well-defined purpose tax data revealed to tax authorities, health related data revealed to doctors, address information revealed in mail orders, … 3

User privacy – existing approaches data avoidance – “I don’t tell you, so you can’t abuse it.” – effective but not always applicable – often requires anonymity – examples: cash transactions, public phones data protection – “If ever you abuse it, you will be punished.” – well-established approach – difficult to define, enforce, and control – requires legislation or voluntary restrictions multilateral security – cooperation of more than two parties – shared responsibilities and partial knowledge combinations of the above 4

Anonymous Communication Concepts What do we want to hide? – sender anonymity attacker cannot determine who the sender of a particular message is – receiver anonymity attacker cannot determine who the intended receiver of a particular message is – unlinkability attacker may determine senders and receivers but not the associations between them (attacker doesn’t know who communicates with whom) From whom do we want to hide this? – communication partner (sender anonymity) – external attackers local eavesdropper (sniffing on a particular link (e.g., LAN)) global eavesdropper (observing traffic in the whole network) – internal attackers (colluding) compromised system elements (e.g., routers) 5

Degrees of anonymity beyond suspicion: – attacker can see evidence of a sent message, but – the sender appears no more likely to be the originator than any other potential sender in the system probable innocence: – the sender may be more likely the originator than any other potential sender, but – the sender appears no more likely to be the originator than to not be the originator possible innocence: – the sender appears more likely to be the originator than to not be the originator, but – there’s still a non-trivial probability that the originator is someone else 6 absolute privacy beyond suspicion probable innocence possible innocence exposedprovably exposed

Types of attackers local eavesdropper – can observe communication to and from the users computer collaborating crowd members – crowd members that can pool their information and deviate from the protocol end server – the web server to which the transaction is directed 7

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.