Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Privacy Chapter 6 – pp 125 – 150 2018/12/9 Y K Choi.

Similar presentations


Presentation on theme: "Web Privacy Chapter 6 – pp 125 – 150 2018/12/9 Y K Choi."— Presentation transcript:

1 Web Privacy Chapter 6 – pp 125 – 150 2018/12/9 Y K Choi

2 Browser, ISP and Server’s log
2018/12/92018/12/9 Y K Choi

3 Locations to record all the URLs
In the browser’s history file and document cache On the organisation’s firewall On the ISP’s firewall or proxy server On each of the remote servers that we have visited. 2018/12/92018/12/9 Y K Choi

4 Your browser’s information
If a hacker has access to your personal computer and choose to browse the document cache, he/she knows what sites we have visited and what pages we have looked at. (cookies’ file) However, the hacker cannot know the contents of any fill-out form that we have sent. 2018/12/92018/12/9 Y K Choi

5 Proxy server’s information
If a hacker has accessed to the firewall logs, he/she is able to determine the name and IP address of our computer and the identity of each URL that we have visited. In extreme cases, the keywords used in Web searches and other types of queries are available. 2018/12/92018/12/9 Y K Choi

6 The risk The risk to privacy is that information that we voluntarily provide to a remote web site. User feedback forms, requests for further information, online orders and posts might be stored for an indefinite period of time. If we enter the postal address, phone number etc, we might receive junk mails as well. 2018/12/92018/12/9 Y K Choi

7 How about market researchers and advertisers
They have a different view and would like to offer less restriction to learn about the customers’ likes and dislikes. They would like to record such as which banner advertisements generate the most clicks. There is a need to balance both (user and advertiser). 2018/12/92018/12/9 Y K Choi

8 Sever logs A server log is used to keep track the activities and events. The server log might contain (no need to memorise all) The URL of the referrer document The browser manufacturer and version number, source IP, destination IP, protocol, number of bytes/packets The amount of time taken to process the request. 2018/12/92018/12/9 Y K Choi

9 Example of a server log 2018/12/92018/12/9 Y K Choi

10 Proxy Server The proxy system is a system that help internet user to cache up (means store locally) the content they visited. It simply stores the content that the users have visit and if later there are any user request the same content, it will provide the stored content to them. The user will then get the content without really go out to the network. 2018/12/92018/12/9 Y K Choi

11 Location of proxy server
The trend is to integrate packet filtering and proxy system in firewall technology 2018/12/92018/12/9 Y K Choi

12 Example of Proxy- to allow or deny the address
Proxy server By default, we can specify that it will only accept proxy requests from certain IP addresses and host names. This protects our server from exploitation by anyone outside our organization. 2018/12/92018/12/9 Y K Choi

13 Diagram for a transparent proxy
The traffic for web client accessing the Internet will be redirected to internal proxy. Internal proxy will have its rule to allow or deny the request. It it is allowed, it will forward to Firewall. 2018/12/92018/12/9 Y K Choi

14 Example of Proxy log Proxy log options Van be on or off
2018/12/92018/12/9 Y K Choi

15 Cookies Browser’s site to log the records.
It was introduced by Netscape called cookie protocol A cookie is a text-only string that gets entered into the memory of browser 2018/12/92018/12/9 Y K Choi

16 Platform for Internet Content Selection (1)
PICS stands for Platform for Internet Content Selection A WWW consortium-sponsored standard for labeling content of Web pages PICS facilitates the development of technologies to let parents and teachers control what children access on the Internet. PICS is widely used for rating Web pages and is the basis of several products that filter pages unsuitable for children 2018/12/92018/12/9 Y K Choi

17 PICS (2) World wide web consortium
PICS is under technology and society to control the contents 2018/12/92018/12/9 Y K Choi

18 Advice for users Annoymizing proxies: It means that your browser sends its URL which is then forwarded to the remote web site on your behalf through the proxy. Adv: once the browser is properly configured, the proxy is essentially transparent. Disadv.: It will slow down the response time, might not support security socket layer (SSL) connection. Cookie cutter: means to disable cookie or set a warning (has been covered in the lab.) 2018/12/92018/12/9 Y K Choi

19 Advice for Webmasters (policy to protect confidentiality of data)
Privacy issues are also of concern for Web masters. There are many advices such as: write a simple and short privacy policy for the web site. A simple example might be: user’s identity recorded for in-house use only or cookies used to track users anonymously. Server logs and personal information should be treated as confidential. 2018/12/92018/12/9 Y K Choi

20 Summary To safeguard the information, there are needs to keep
Browser’s log Servers’ log Proxy server – set up allow/denial list Advice for user – disable cookie Advice for web master – set up policy to restrict the access of information and keep the information 2018/12/92018/12/9 Y K Choi

21 Next Week Server Side Security 2018/12/92018/12/9 Y K Choi


Download ppt "Web Privacy Chapter 6 – pp 125 – 150 2018/12/9 Y K Choi."

Similar presentations


Ads by Google