Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy Privacy vs. security? Data privacy issues

Published byIsaac Freeman Modified over 5 years ago

Similar presentations

Presentation on theme: "Privacy Privacy vs. security? Data privacy issues"— Presentation transcript:

1 Privacy Privacy vs. security? Data privacy issues
Network privacy issues Some privacy solutions

2 What Is Privacy? The ability to keep certain information secret
Usually one’s own information But also information that is “in your custody” Includes ongoing information about what you’re doing

3 Privacy and Computers Much sensitive information currently kept on computers Which are increasingly networked Often stored in large databases Huge repositories of privacy time bombs We don’t know where our information is

4 Privacy and Our Network Operations
Lots of stuff goes on over the Internet Banking and other commerce Health care Romance and sex Family issues Personal identity information We used to regard this stuff as private Is it private any more?

5 Threat to Computer Privacy
Cleartext transmission of data Poor security allows remote users to access our data Sites we visit can save information on us Multiple sites can combine information Governmental snooping Location privacy Insider threats in various places

6 Privacy Vs. Security Best friends? Or deadly rivals?
Does good security kill all privacy? Does good privacy invalidate security? Are they orthogonal? Or can they just get along?

7 Conflicts Between Privacy and Security
Many security issues are based on strong authentication Which means being very sure who someone is If we’re very sure who’s doing what, we can track everything Many privacy approaches based on obscuring what you’re doing

8 Some Specific Privacy Problems
Poorly secured databases that are remotely accessible Or are stored on hackable computers Data mining by companies we interact with Eavesdropping on network communications by governments Insiders improperly accessing information Cell phone/mobile computer-based location tracking

9 Data Privacy Issues My data is stored somewhere
Can I control who can use it/see it? Can I even know who’s got it? How do I protect a set of private data? While still allowing some use? Will data mining divulge data “through the back door”?

10 Personal Data Who owns data about you?
What if it’s really personal data? Social security number, DoB, your DNA record? What if it’s data someone gathered about you? Your Google history or shopping records Does it matter how they got it?

11 Controlling Personal Data
Currently impossible Once someone has your data, they do what they want with it Is there some way to change that? E.g., to wrap data in way to prevent its misuse? Could TPM help?

12 Tracking Your Data How could I find out who knows my passport number?
Can I do anything that prevents my data from going certain places? With cooperation of those who have it? Without their cooperation? Via legal means?

13 Protecting Data Sets If my company has (legitimately) a bunch of personal data, What can I/should I do to protect it? Given that I probably also need to use it? If I fail, how do I know that? And what remedies do I have?

14 Options for Protecting Data
Careful system design Limited access to the database Networked or otherwise Full logging and careful auditing Using only encrypted data Must it be decrypted? If so, how to protect the data and the keys?

15 Data Mining and Privacy
Data mining allows users to extract models from databases Based on aggregated information Often data mining allowed when direct extraction isn’t Unless handled carefully, attackers can use mining to deduce record values

16 Insider Threats and Privacy
Often insiders need access to private data Under some circumstances But they might abuse that access How can we determine when they misbehave? What can we do?

17 Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption With good encryption, data values not readable So what’s the problem?

18 Traffic Analysis Problems
Sometimes desirable to hide that you’re talking to someone else That can be deduced even if the data itself cannot How can you hide that? In the Internet of today?

19 Location Privacy Mobile devices often communicate while on the move
Often providing information about their location Perhaps detailed information Maybe just hints This can be used to track our movements

20 Implications of Location Privacy Problems
Anyone with access to location data can know where we go Allowing government surveillance Or a private detective following your moves Or a maniac stalker figuring out where to ambush you . . .

21 Some Privacy Solutions
The Scott McNealy solution “Get over it.” Anonymizers Onion routing Privacy-preserving data mining Preserving location privacy Handling insider threats via optimistic security

22 Anonymizers Network sites that accept requests of various kinds from outsiders Then submit those requests Under their own or fake identity Responses returned to the original requestor A NAT box is a poor man’s anonymizer

23 The Problem With Anonymizers
The entity running knows who’s who Either can use that information himself Or can be fooled/compelled/hacked to divulge it to others Generally not a reliable source of real anonymity

24 Onion Routing Meant to handle issue of people knowing who you’re talking to Basic idea is to conceal sources and destinations By sending lots of crypo-protected packets between lots of places Each packet goes through multiple hops

25 A Little More Detail A group of nodes agree to be onion routers
Users obtain crypto keys for those nodes Plan is that many users send many packets through the onion routers Concealing who’s really talking

26 Sending an Onion-Routed Packet
Encrypt the packet using the destination’s key Wrap that with another packet to another router Encrypted with that router’s key Iterate a bunch of times

27 In Diagram Form Source Destination Onion routers

28 What’s Really in the Packet

29 Delivering the Message

30 What’s Been Achieved? Nobody improper read the message
Nobody knows who sent the message Except the receiver Nobody knows who received the message Except the sender Assuming you got it all right

31 Issues for Onion Routing
Proper use of keys Traffic analysis Overheads Multiple hops Multiple encryptions

32 Privacy-Preserving Data Mining
Allow users access to aggregate statistics But don’t allow them to deduce individual statistics How to stop that?

33 Approaches to Privacy for Data Mining
Perturbation Add noise to sensitive value Blocking Don’t let aggregate query see sensitive value Sampling Randomly sample only part of data

34 Preserving Location Privacy
Can we prevent people from knowing where we are? Given that we carry mobile communications devices And that we might want location-specific services ourselves

35 Location-Tracking Services
Services that get reports on our mobile device’s position Probably sent from that device Often useful But sometimes we don’t want them turned on So, turn them off then

36 But . . . What if we turn it off just before entering a “sensitive area”? And turn it back on right after we leave? Might someone deduce that we spent the time in that area? Very probably

37 Handling Location Inferencing
Need to obscure that a user probably entered a particular area Can reduce update rate Reducing certainty of travel Or bundle together areas Increasing uncertainty of which was entered

Download ppt "Privacy Privacy vs. security? Data privacy issues"

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.

 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
James Tam Computer Security Concepts covered Malicious computer programs Malicious computer use Security measures.

James Tam Computer Security Concepts covered Malicious computer programs Malicious computer use Security measures.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine

CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine
1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.

1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.
Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.

Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.
Issues in Internet Security. Securing the Internet How does the internet hold up security-wise? How does the internet hold up security-wise? Not well:

Issues in Internet Security. Securing the Internet How does the internet hold up security-wise? How does the internet hold up security-wise? Not well:
Lecture 16 Page 1 CS 136, Fall 2014 Privacy Computer Security Peter Reiher December 11, 2014.

Lecture 16 Page 1 CS 136, Fall 2014 Privacy Computer Security Peter Reiher December 11, 2014.
UNIT-3. 20.2 IP Datagram Fragmentation Figure 20.7 IP datagram.

UNIT IP Datagram Fragmentation Figure 20.7 IP datagram.
Lecture 17 Page 1 CS 236 Online Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption –With good encryption,

Lecture 17 Page 1 CS 236 Online Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption –With good encryption,
Phishing scams Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal.

Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.

Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.
Lecture 17 Page 1 CS 236 Online Privacy CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 17 Page 1 CS 236 Online Privacy CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 12 Page 1 CS 236, Spring 2008 Virtual Private Networks VPNs What if your company has more than one office? And they’re far apart? –Like on opposite.

Lecture 12 Page 1 CS 236, Spring 2008 Virtual Private Networks VPNs What if your company has more than one office? And they’re far apart? –Like on opposite.
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 20 Page 1 Advanced Network Security Basic Approaches to DDoS Defense Advanced Network Security Peter Reiher August, 2014.

Lecture 20 Page 1 Advanced Network Security Basic Approaches to DDoS Defense Advanced Network Security Peter Reiher August, 2014.

Similar presentations

Ads by Google