Presentation is loading. Please wait.

Presentation is loading. Please wait.

Yannis Mallios February 27, 2008

Published byJasper de Ruiter Modified over 6 years ago

Similar presentations

Presentation on theme: "Yannis Mallios February 27, 2008"— Presentation transcript:

1 Yannis Mallios February 27, 2008
Privacy Software Yannis Mallios February 27, 2008

2 Carnegie Mellon University Usable Privacy and Security - Spring 2008
Overview Privacy Enhancing Technologies Classification of PETs Anonymous Browsing Policies Filter Tools Encryption Awareness Q&A 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

3 Privacy Enhancing Technologies (PETs)
A coherent system of ICT measures that protects privacy by eliminating or reducing personal data or by preventing unnecessary and/or undesired processing of personal data, all without losing the functionality of the information system Hes, Borking, Privacy Enhancing Technologies, The Path to Anonymity 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

4 PETs Classification (1)
Hundreds of Tools (?) Various methods of Classification Encryption Tools (e.g. SSL), Policy Tools (e.g. P3P, TRUSTe), Filtering Tools (e.g. Cookie Management, Spyware), Anonymous Tools (e.g. Anonymizer, iPrivacy), Identity Management Firewall, Cookie Remover, Web Bug Remover, Anonymous Web Browsing, Encrypted , Advertising Filters, Anti-Spam Tools, Anti-Spyware Tools Snoop Proof , Anonymous R ers, Surf Anonymously, HTML Filters, Cookie Busters, Voice Privacy, & File Privacy, Secure Instant Messaging, Web Encryption, Telnet Encryption, Disk Encryption, Disk/File Erasing Programs, Privacy Policy Generators, Password Security, Firewalls 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

5 PETs Classification (2)
We could generalize to the following Anonymous Tools Anonymous Mail Anonymous Web Browsing Encryption Communication Encryption (mail, voice, telnet, etc) File Encryption Policy Tools (Generators, User Agents, etc) Identity Management Firewalls Filter Tools (Cookies, Web Bugs, etc) 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

6 Carnegie Mellon University Usable Privacy and Security - Spring 2008
Privacy Framework Framework by Benjamin Brunk Awareness Tools that convey information without requiring explicit action from the user Detection Tools that actively scan for potential problems Prevention Tools used as precaution Response Taking action after the detection of an issue Recovery Tools that help users get back to normal Discussion Do we have PETs for every stage of the framework? PETs for the subset of the stages? Chapter 20 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

7 Fair information practice codes
Notice/Awareness Choice/Consent Access/Participation Integrity/Security Enforcement/Redress Discussion Do we have PETs for ensuring all principles? Can we rely solely on technology and Privacy Software? 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

8 PETs Already Discussed
Anonymous Web Browsing TOR Anonymous MixMinion Communication Encryption PGP Firewalls ZoneAlarm Policy Tools Seal Programs P3P Privacy Bird/ Privacy Finder Filter Tools Bugnosis 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

9 Anonymous Browsing - Anonymizer
Traffic is routed through dedicated hardware, housed in secure facilities with complete access control Tor does not use secure hardware or private proxies. Ensures High availability Anonymizer maintains tens of thousands of privately owned "clean" IP addresses and rotates them frequently Onion router type of network use proxies owned by individual operators Centralized or Distributed? Anon.penet.fi again? Laws and Regulations? 1996 closed – attacked multiple times We have strict Non Disclosure Agreements between the customer and Anonymizer, and we do not keep logs of where our customers are going. We would never disclose who our customer base is. 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

10 Carnegie Mellon University Usable Privacy and Security - Spring 2008
Policies – P3PEdit Web-based wizard that creates P3P policies for websites Basic questions about website’s data collection P3PEdit generates an XML document that web browsers can read Internet Explorer 6 blocks cookies from third-party websites. If trying to set cookies from a webserver on another site, the cookies will be blocked. In a website with multiple domains, only the primary domain may set cookies without a P3P policy. P3PEdit creates P3P policies that are necessary to set cookies 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

11 Carnegie Mellon University Usable Privacy and Security - Spring 2008
Policies – P3PEdit 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

12 Carnegie Mellon University Usable Privacy and Security - Spring 2008
Policies – P3PEdit 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

13 Carnegie Mellon University Usable Privacy and Security - Spring 2008
Policies – P3PEdit 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

14 Carnegie Mellon University Usable Privacy and Security - Spring 2008
Policies – P3PEdit 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

15 Carnegie Mellon University Usable Privacy and Security - Spring 2008
Policies – P3PEdit 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

16 Carnegie Mellon University Usable Privacy and Security - Spring 2008
Policies – P3PEdit 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

17 Carnegie Mellon University Usable Privacy and Security - Spring 2008
Policies – P3PEdit 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

18 Filter Tools - Adblock Plus
Mozilla Firefox Add-On Block Ads and Banners on the internet that often take longer to download 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

19 Filter Tools – Adblock Plus
Subscription to Filter Lists 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

20 Filter Tools – Popup Ad Smasher
Provides Multiple Functionalities Including: Removes cookies. Stops Animated Flash ads. Stops Floating pop-up ads Cancels Timer ads. Remove Web Bugs. Stops Blinking/Shaking Picture ads. Cancel 3rd Party Activity. Auto Cleans Temp folder.  9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

21 Filter Tools – Popup Ad Smasher
9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

22 Filter Tools – Popup Ad Smasher
9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

23 Encryption - TrueCrypt
Free open-source disk encryption software Creates a virtual encrypted disk within a file and mounts it as a real disk. Encrypts an entire partition or storage device such as USB flash drive or hard drive. Encrypts a partition or drive where Windows is installed (pre-boot authentication). Encryption is automatic, real-time (on-the-fly) and transparent. 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

24 Encryption - TrueCrypt
9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

25 Privacy in Wireless Networks
Wireless Networks = Broadcast Networks Anyone can intercept traffic Especially unencrypted such as: Instant Messaging s Web Visits 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

26 Peripheral Privacy Notifications for Wireless Networks
Notify users of information leaks through peripheral display Similar to Wall of Sheep 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

27 Peripheral Privacy Notifications-Study
Implementation Display specific key words Use a consistent font/text per person Study In a non-CS or engineering graduate lab (semi-public) Displayed privacy notifications for a week Conclusions Network usage did not decrease significantly Participants became more self-conscious Braden kowitz 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

28 Peripheral Privacy Notifications-Study
Users seemed to have attributed the threat to the display’s presence Discussion How could the user study be improved? How could the proposal/Technology be improved? 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

29 Questions and Discussion
Privacy Software Yannis Mallios February 27, 2008 PETs High Level Classification and Characteristics Additional PETs to the ones discussed in class Their usability/effectiveness – compare with ones we learnt Tried to understand the effectiveness of PETs and out expectations from them by comparing privacy guidelines and frameworks as point of reference 9/18/2018 Carnegie Mellon University Usable Privacy and Security - Spring 2008

Download ppt "Yannis Mallios February 27, 2008"

Similar presentations

Unit 11 Using the Internet & Browsing the Web.  Define the Internet and the Web  Set up & troubleshoot an Internet connection  Categorize webs sites.

Unit 11 Using the Internet & Browsing the Web.  Define the Internet and the Web  Set up & troubleshoot an Internet connection  Categorize webs sites.
Putting It All Together 1.  Maintaining a Hard Drive Ch 4 Lab  Hardware cleaning tips ▪ Microsoft Tips Microsoft Tips ▪ Computer Hope Tips Computer.

Putting It All Together 1.  Maintaining a Hard Drive Ch 4 Lab  Hardware cleaning tips ▪ Microsoft Tips Microsoft Tips ▪ Computer Hope Tips Computer.
Privacy Enhancing Technologies(PET)

Privacy Enhancing Technologies(PET)
Usable Privacy and Security Carnegie Mellon University Spring 2006 Cranor/Hong/Reiter 1 Visualizing Privacy II.

Usable Privacy and Security Carnegie Mellon University Spring 2006 Cranor/Hong/Reiter 1 Visualizing Privacy II.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
1 3. Privacy Enhancing Technologies (PET) Bobby Vellanki Computer Science Dept. Yale University Oct. 2003.

1 3. Privacy Enhancing Technologies (PET) Bobby Vellanki Computer Science Dept. Yale University Oct
How to Protect Your PC Grayware Adware, Malware, Spyware.

How to Protect Your PC Grayware Adware, Malware, Spyware.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Security. Physical security Protection from fire/water Protection from dust and extremes of temperature.

Security. Physical security Protection from fire/water Protection from dust and extremes of temperature.
Securing Your Home Computer Presenter: Donnie Green Date: February 11, 2009 National Aeronautics and Space Administration www.nasa.gov.

Securing Your Home Computer Presenter: Donnie Green Date: February 11, 2009 National Aeronautics and Space Administration
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
eScan Total Security Suite with Cloud Security

eScan Total Security Suite with Cloud Security
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Similar presentations

Ads by Google