DNS DATA SHARING (OR NOT) Stéphane Bortzemeyer & Nathalie Boulvard.

Slides:



Advertisements
Similar presentations
E.U. Consultation on Commission Staff Working Document: Transnational Company Agreements – TCA’s.
Advertisements

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.
Rob Smets A user centred approach IPv6 deployment monitoring.
New solutions for transnational access to secure use files David Schiller (IAB) Richard Welpton (UKDA) Microdata Access in European Countries – Cooperation.
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
Euro changeover: the Belgian experience ( ) Carlos RUBENS Senior Legal Advisor Brussels, 14/04/2008.
DirectAccess is an Enterprise Solution: No support for Windows 7 Professional Requires two consecutive public IP addresses Cannot NAT to the DirectAccess.
Department of Information Engineering 1 What is port number? OK, you know that in order to connect to Internet, each computer must have a unique address.
DNS. Outline r Domain Name System r DNS Hierarchy r Resolution.
Consumer Protection Working Party Meeting Sponsor.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
1 Enabling Secure Internet Access with ISA Server.
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.
R 18 G 65 B 145 R 0 G 201 B 255 R 104 G 113 B 122 R 216 G 217 B 218 R 168 G 187 B 192 Core and background colors: 1© Nokia Solutions and Networks 2014.
FACEBOOK CASE: a French experience Amal TALEB UFC – QUE CHOISIR April 21st, 2015.
Health registers in the Czech Republic Jiří Kofránek 1st Faculty of Medicine, Charles University.
RESPECT Guidelines regarding data protection aspects whithin socio-economic research Y. Poullet, K. Rosier, I. Vereecken CRID-FUNDP in cooperation with.
InWEnt | Qualified to shape the future Reducing the Risk of Chemical Clusters by Formation of Chemical Parks Christian Jochum, Prof. Dr. InWEnt Senior.
Welcome Today Our Topics are: DNS (The Potential Problem for Complete Anonymity) Transparent DNS Proxy (The Problem & The Solution) How To.
Online infringement of copyright - the Digital Economy Act June 2010 Robin Fry.
HOW TO AVOID DATA BREACHES. 2 Agenda A data breach is the intentional or unintentional release of secure information to an untrusted environment U.S.
Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.
資 管 Lee Lesson 13 IPv6 and Name Resolution. 資 管 Lee Lesson Objectives IPv6 name-to-address and address-to-name resolution IPv6 name resolution support.
Vulnerabilities in peer to peer communications Web Security Sravan Kunnuri.
October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.
Top 10 Privacy Risks in Web Applications Method, results and some countermeasures 29 May 2015 Florian Stahl (Project Leader) Sponsored by.
Day 14 Introduction to Networking. Unix Networking Unix is very frequently used as a server. –Server is a machine which “serves” some function Web Server.
Europe's work in progress: quality of mHealth Pēteris Zilgalvis, J.D., Head of Unit, Health and Well-Being, DG CONNECT Voka Health Community 29 September.
Frameworks for the Access and Use of Administrative Data, With the Example of Current Practice in the UK Steven Vale Office for National Statistics UK.
1 WIPO – Geneva – April 2005 European Commission – Research DG D. Dambois European Patent Attorney IPR disputes in international.
Configuring Name Resolution and Additional Services Lesson 12.
Denial-of-Service, Address Ownership,and,Early Authentication in IPv6 World (An Approach) Aditya Vutukuri From article by Pekka Nikander Ericsson Research.
The Domain Name System and DNS Blocking Malcolm Hutty Head of Public Affairs, LINX February 2011.
How the Web Works Building a Website – Lesson 1. How People Access the Web Browsers People access websites using software called a web browser. To view.
Video Watching Process Home User. Scope of Work View the link which will be given in your login ID and Password for 60 Second. Just click and Enjoy the.
Industrial Design Marco Marzano de Marinis SMEs Division.
By B.Mills Show adapted from The purpose of a network is to share data.
INVINCIBLESERVICES PROTECTING YOUR PRIVACY, SO YOU DON’T HAVE TO.
Joint UNECE/Eurostat work session on statistical data confidentiality October 2015 Helsinki, Finland Circle of trust Maurice Brandt DESTATIS.
Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority Reporter: Jing Chiu Adviser: Yuh-Jye Lee 2016/3/191Data Mining & Machine Learning.
THE LARGEST NAME SERVICE ACTING AS A PHONE BOOK FOR THE INTERNET The Domain Name System click here to next page 1.
DNS Domain Name System By Alexandros Zampas B101 Coursework The Technology Context.
Access to Court Decisions The right to anonymity in the sphere of personal data protection. Best practices.
The Domain Name System Student : Hi this is my presentation about.
M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 31 – Common Foreign, Security and.
Agencija za zaštitu ličnih/osobnih podataka u Bosni i Hercegovini Агенција за заштиту личних података у Босни и Херцеговини Personal Data Protection Agency.
9 Best practices to keep away from the Software Outsourcing Mistakes Prepared by:
Post-training dissemination
Independent Centre for Privacy Protection Schleswig-Holstein
New formats of dispute resolution within the Energy Community
Running a Privacy Impact Assessment (PIA)
IPv6 – THE WAY TO THE SECURE INTERNET
What is EGDPR?.
Introduction to Networking
Introducing To Networking
12: :00     Welcome   13: :55     Terumo and Flexso will share insights on the successful implementation of SuccessFactors Compensation module.
Axel Polleres Technical aspects vs. Innovation challenges of Enabling and Enhancing Privacy Axel Polleres
Dan Tofan | Expert in NIS 21st Art. 13a WG| LISBON |
Informal document GRPE th GRPE, 9-12 January 2018
Ethical questions on the use of big data in official statistics
GDPR enforcement begins
The activity of Art. 29. Working Party György Halmos
How to upgrade your RSFORM!PRO forms for GDPR compliance
High Performance Computing Center – HLRS
What is EUGDPR?.
EU Data Protection Legislation
OVERVIEW ON STATISTICAL DATA CONFIDENTIALITY AND ACCES TO MICRODATA
Should we also regulate non-personal data?
Presentation transcript:

DNS DATA SHARING (OR NOT) Stéphane Bortzemeyer & Nathalie Boulvard

Summary 1.Technical aspects 1.1.The problem 1.2 The queries contain 1.3 The data is useful 1.4 Anonymization is the solution? 2.Legal aspects 2.1.The issues 2.2.The texts contain 2.3.The contract could be useful 2.4 Anonymization is the solution? 3.Tour de table - Debate Questions 2

1. Technical aspects 3

1.1 The problem We operate DNS servers They receive queries They send responses Very often, we record the DNS traffic (security incident analysis, business intelligence, statistics, etc.). Often called a « pcap file » 4

1.2 The queries contain Example: « 2001 : 660 : 3003 : 8 : : 4 : 69 » asked for the IPv6 address of The source IP adress of the resolver (not the end user’s machine). Typically a big machine at the IAP. But not always. The complete name requested (do not believe the CENTR video, it is wrong). We see requests for _bittorrent-tracker._tcp.XXXX.abo.wanadoo.fr 5

1.3 The data is useful… …and many people are interested. Can we share it? DITL OARC Is it personal data? For some requests, clearly yes, for some, clearly no and the rest is in between. 6

1.4 Anonymisation is the solution? We could « anonymyze » (to replace the IP adresses by a dummy value) Anonymization deletes data (bad for researcher) Anonymization is never perfect (data crunchers know how to get some information back) 7

2. Legal aspects 8

2.1 The issues Companies’ rights and interests Reputation Individuals’ rights Personal data - Sensitive data 9

2.2 The texts contain Under the European rules The European Union adopted its “data protection directive” (directive 95/46) on October 24, National independent authorities (CNIL for France) & the “Article 29 Working Party” Reform of the data protection EU legal framework (to follow up) Under the International rules 10

2.3 The contract could be useful… …but not only. Can we share? DITL OARC An example : the OARC Participation Agreement. 11

2.4 Anonymisation is the solution? Well… yes: No personal data anymore So, No more legal issue! But as anonymization is never perfect… Let’s carry on with a debate! 12

3. Tour de table - Debate 13

Questions If yes did you have any problem regarding this practice? If yes with whom and how? Do you share DNS data with the outside? 14 Are you interested in following up this discussion? If yes, how? Do you think that this entire issue is worth a debate? If no, why?

Twitter Facebook : afnic.fr Twitter Facebook : afnic.fr Thank you!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.