Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy Management in Ubiquitous Computing Environment Jin Zhou Ho Geun An Priyanka Vanjani Kwane E. Welcher.

Published byNatalie Lewis Modified over 9 years ago

Similar presentations

Presentation on theme: "Privacy Management in Ubiquitous Computing Environment Jin Zhou Ho Geun An Priyanka Vanjani Kwane E. Welcher."— Presentation transcript:

1 Privacy Management in Ubiquitous Computing Environment Jin Zhou Ho Geun An Priyanka Vanjani Kwane E. Welcher

2 Summary Introduction (Jin) Internet Privacy (Ho An) Privacy in E-Commerce (Priyanka) Privacy in Ubiquitous Computing (Jin) Policy-Based Control (Kwane) Trust and Reputation (Jin) Conclusion (Jin)

3 Introduction Ubiquitous Computing promises a world where computational artifacts embedded in the environment will continuously sense our activities and provide services based on what is sensed It is thought of third wave in computing and just beginning

4 Scenario

5 Properties of Ubicomp UbiquityInvisibilitySensing Memory Amplification

6 Privacy Problems

7 Example Scenario Alice is visiting a city Use Bob’s location service Alice’s location is stored in Bob’s Server Bob may sell Alice’s information to Carol

8 Fair Information Practices Notice/AwarenessChoice/ConsentAccess/ParticipationIntegrity/SecurityEnforcement/Redress

9 Internet Internet is one of the biggest parts of ubiquitous computing environment. Based on End User Centric Architecture Benefits: Flexibility / Generality / Openness Flexibility / Generality / OpennessDisadvantages: End user care about the privacy protection End user care about the privacy protection the place where privacy violations occur most often today. the place where privacy violations occur most often today.

10 Personal Information on Internet Medium Web site / email / IM / Chat room / bulletin board / p2p network / voice / video communication Web site / email / IM / Chat room / bulletin board / p2p network / voice / video communication Personal Information Name / Address / SSN /Credit Card Number / User behavior Name / Address / SSN /Credit Card Number / User behavior

11 Threats Four factors make data collector much easier to gain personal information: In order to reach public, one must advertise advertise use well-known protocols and standards use well-known protocols and standards reveal one’s content reveal one’s content accept that one may come under the scrutiny of the authorities accept that one may come under the scrutiny of the authorities

12 Threats The widely used protocols (e.g. TCP / IP / HTTP / DNS) and applications do not support any kind of protection for privacy. By using these factors, data collectors are gathering personal information over the network without notice and consent. There are several data storages/flows on network that contains personal information and being targeted by data collectors. DNS / URL / Cookie / Scripting DNS / URL / Cookie / Scripting

13 DNS Server A DNS server resolves the host names found in Uniform Resource Locators (URL) into a numeric Internet address [RFC1035] Since there is no assurance in the protocol that replies from DNS server are genuine and not have been tampered with, DNS spoofing would deceive users and extract sensitive information. Structural remedies for the DNS vulnerabilities are available but not widely deployed. The Domain Name System Security Extensions [RFC2065] The Domain Name System Security Extensions [RFC2065]

14 URL Leak URL “http://www.personal.com?link_type=form &form_id=xxx&pass=xxx” contains user ID and password. There are many ways that referenced URLs leak: History / referrer / logs History / referrer / logsSolution HTTPS HTTPS

15 Cookie Exposure Cookie is a message given to web browser by a web server. Main purpose of cookie is to identify users and possibly prepare customized WebPages for them. Main purpose of cookie is to identify users and possibly prepare customized WebPages for them. Cookie is used for basically two ways: tracking users and authenticating users. Cookie is used for basically two ways: tracking users and authenticating users. Unfortunately, there is no standard mechanism to establish the integrity of a cookie returned by a browser Best defense is to avoid shopping online or registering with online services that use unsafe cookie-based authentication.

16 Recommends [RFC2964] recommends proper use of cookie: 1. the user is aware that cookie is being maintained and consent to it. 2. The user has the ability to delete the cookie associated with such a session at any time. 3. The information obtained through the cookies is not disclosed to other parties without the user’s explicit consent. 4. Session information itself cannot contain sensitive information and cannot be used to obtain sensitive information.

17 Cross Site Scripting (CSS) CSS is a type of computer security vulnerability typically found in web application which allows malicious web users to inject client side script (Javascript or HTML) or ActiveX controls into the web pages, e-mail messages, instant messages, newsgroup posting, or various other media. Victim users may unintentionally execute the script without any notice. A CSS vulnerability could potentially be used to collect HTTP Cookies or the URL history and disseminate the data to an unauthorized party.

18 Prevent CSS Web administrator must filter a user-supplied data: All non-alphanumeric client-supplied data (possibly contains malicious script) should be converted to HTML character entities before being re-displayed to other clients. All non-alphanumeric client-supplied data (possibly contains malicious script) should be converted to HTML character entities before being re-displayed to other clients. For end users, the most effective way to prevent CSS attacks is to disable all scripting languages in their web browsers. For end users, the most effective way to prevent CSS attacks is to disable all scripting languages in their web browsers. They should be careful to click links on untrusted web pages or e-mails. They should be careful to click links on untrusted web pages or e-mails. Also they should not install any ActiveX controls from untrusted web sites. Also they should not install any ActiveX controls from untrusted web sites.

19 Addressing Privacy in E- Commerce E-Commerce: Business conducted over the internet using any of the applications that rely on internet Email, Web Services, Online Shopping

20 Data Implicit: Personalization is gathered from information inferred from a user. Explicit: Requires demographics, rating or other user information provided explicitly by the user.

21 Privacy Risks Users fear that their information might be shared with other organizations and/or companies. Fear of undesired marketing. Users are concerned about how the information they have provided would be used. Risk of a website not being run by a trusted organization and the information stored in their database. Information might be distributed amongst other unwanted websites, or may be used by other organizations Fear of online activities being tracked

22 User Concerns Most of the users do not care much about factors like: If a site has privacy policy posted If a site has privacy policy posted if the site has a data retention policy if the site has a data retention policy if the site has a privacy seal if the site has a privacy seal This is because hey are not well aware of the importance of the above factors

23 Protecting Privacy P3P One of the solutions in protecting privacy as far as E-Commerce is concerned Enables websites to express their privacy practices in a standard format which is convenient for user agents to retrieve and interpret.

24 HTTP Transaction with P3P added

25 Summary of P3P P3P is not an "Enforcement Mechanism" Facilitates better communication P3P Version 1.0: Goal of the specification: To make user agents aware of the practices that websites follow to collect data.

26 TRUSTe TRUSTe: Certifies, Monitors a websites privacy policies, email policies and is also aimed towards resolving consumer privacy problems. TRUSTe developed the first online privacy seal program the TRUSTe Watchdog—an alternative dispute resolution mechanism that allows you to submit any privacy violations by an accredited site directly to TRUSTe via the Web.

27 Conclusion of E-Commerce Privacy Users nowadays have strong opinion regarding privacy online and they tend to make their own assumptions about the data collection and the results turn out to be quite unfavorable. It is vital to have more concrete and full-proof data nowadays regarding E-Commerce and privacy technologies in order to improve and win over user‘s trust and expectations.

28 Privacy in Ubicomp Environment Principle of Minimum Asymmetry Anonymization and Pseudonymization P3PPawSWearable Other Mechanisms

29 Principle of Asymmetry Negative externalities are often much harder to overcome in environments with significant asymmetry in both information and power between different parties. Principle of Minimum Asymmetry Decreasing the flow of information from data owners to data collectors and users Decreasing the flow of information from data owners to data collectors and users Increasing the flow of information from data collectors and users back to data owners Increasing the flow of information from data collectors and users back to data owners

30 Principle of Minimum Asymmetry

31 Approximate Information Flow Information Spaces Storage perspective Storage perspective Data Lifecycle Dataflow perspective Dataflow perspective Themes for minimizing Asymmetry End-user perspective End-user perspective

32 Information Spaces Boundaries: Physical Social Activity-based Properties: Lifetime Accuracy Confidence Operations: Addition/Deletion/Update Authorization/Revocation Promotion/Demotion Composition/Decompostion Fusion/Inference

33 Data Lifecyle CollectionAccess Second Use

34 Themes for Minimizing Asymmetry PreventionAvoidanceDetection

35 Design Space

36 Anonymization and Pseudonymization Anonymity precludes association of data or a transaction with a particular person. However, services which require presence of users are not possible with anonymity, in that case, pseudonymity is required. With user selected pseudonyms, users can interact with the environment in an anonymous way by having a pseudo identity. Nevertheless, pseudonymity can be compromised at times as the user is physically present there and be identified at times.

37 P3P A framework for standardized, machine readable privacy policies. Relieve the problem of time consuming process of reading policy. Enabled web browser can decide what to do by comparing this policy with the user's stored preferences. An XML file or in the HTTP header

38 An Example P3P File

39 Main Content of a Policy which information the server stores: which kind of information is collected (identifying or not); which kind of information is collected (identifying or not); which particular information is collected (IP number, email address, name, etc.); which particular information is collected (IP number, email address, name, etc.); use of the collected information: how this information is used (for regular navigation, tracking, personalization, telemarketing, etc.); how this information is used (for regular navigation, tracking, personalization, telemarketing, etc.); who will receive this information (only the current company, third party, etc.); who will receive this information (only the current company, third party, etc.); permanence and visibility: how long information is stored; how long information is stored; whether and how the user can access the stored information (read-only, optin, optout). whether and how the user can access the stored information (read-only, optin, optout).

40 Privacy Awareness System (PawS) Based on Fair Information Practices Mainly focuses on four principles: Notice Notice Policy announcement mechanisms Choice and Consent Choice and Consent Machine readable policies Proximity and locality Proximity and locality Access restriction based on location. Access and recourse Access and recourse Privacy proxies / privacy-aware databases

41 Overview of PawS

42 Wearable Instead of putting sensors and cameras in the room put them on the person. Suited to providing privacy and personalization. Have trouble with localized information, localized control and resource managemen

43 Other Approaches Location privacy policy Individual should be able to adjust the accuracy of his location, identity, time and speed and therefore have the power to enforce the need-to-know principle Individual should be able to adjust the accuracy of his location, identity, time and speed and therefore have the power to enforce the need-to-know principle Privacy Mirror provides feedback to end-users, showing them what information is being collected, and what information has been accessed and by whom. provides feedback to end-users, showing them what information is being collected, and what information has been accessed and by whom.

44 Policy Based Privacy

45 Personal Privacy Policies Policies defined Personal privacy policy defined Proposed personal privacy model

46 Personal Privacy Policy Model

47 Personal Privacy Policy Content Model Code for the Protection of Personal Information Privacy risk analysis questions

48 Model Code for the Protection of Personal Information 10 Principles Accountability Identifying Purpose Consent Limiting Collection Limiting Use, Disclosure, Retention

49 Model Code for the Protection of Personal Information 10 Principles AccuracySafeguardsOpenness Individual Access Challenging Compliance

50 Personal Privacy Policy Sample

51 Usage Control Policies Usage control policy defined Usage control policy goal

52 Usage Control Policy Concept

53 Usage Control Policy Components RequirementsObligations Controllable Controllable Observable Observable Compensation Actions

54 Usage Control Policy Components High-level policies Low-level policies

55 Usage Control Policy Process

56 Privacy Policy Discussion Personal Privacy Policy + Usage Control Policy + Technological Solutions = Enhanced Privacy in UBICOMP

57 Trust and Reputation Based Control People use trust and reputation to manage their privacy. Not all people are untrustworthy. Not all people are untrustworthy. Some have higher reputation, someone we trust more and to whom we are willing to give more privacy information. Some have higher reputation, someone we trust more and to whom we are willing to give more privacy information. trust networks and a reputation system to help users manage how, when, and where they share their personal information.

58 Advantages Policy based mechanism such as P3P and pawS assume that the user maintains only one privacy policy and this policy is applicable to all entities. Two advantages Adaptivity Adaptivity Flexibility Flexibility

59 Conclusion Fair Information Practices should be served as guidelines for designing a ubicomp system. Internet vulnerabilities should also be considered. Minimizing Asymmetry. Machine readable policies. Trust and reputation based system for information sharing.

60 Questions?

Download ppt "Privacy Management in Ubiquitous Computing Environment Jin Zhou Ho Geun An Priyanka Vanjani Kwane E. Welcher."

Similar presentations

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
Hart District Acceptable Use Policy Acceptable Use Policy.

Hart District Acceptable Use Policy Acceptable Use Policy.
Working with the Internet

Working with the Internet
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Minding Your Own Business The Platform for Privacy Preferences Project and Privacy Minder Lorrie Faith Cranor AT&T Labs-Research

Minding Your Own Business The Platform for Privacy Preferences Project and Privacy Minder Lorrie Faith Cranor AT&T Labs-Research
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Threats To A Computer Network

Threats To A Computer Network
Web App Development with ASP.NET. Introduction In this chapter, we introduce web-app development with Microsoft’s ASP.NET technology. Web-based apps create.

Web App Development with ASP.NET. Introduction In this chapter, we introduce web-app development with Microsoft’s ASP.NET technology. Web-based apps create.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.

SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
1 Web Content Delivery Reading: Section 9.2.2 and 9.4.3 COS 461: Computer Networks Spring 2007 (MW 1:30-2:50 in Friend 004) Ioannis Avramopoulos Instructor:

1 Web Content Delivery Reading: Section and COS 461: Computer Networks Spring 2007 (MW 1:30-2:50 in Friend 004) Ioannis Avramopoulos Instructor:
269200 Web Programming Language Dr. Ken Cosh Week 1 (Introduction)

Web Programming Language Dr. Ken Cosh Week 1 (Introduction)
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Automated Tracking of Online Service Policies J. Trent Adams 1 Kevin Bauer 2 Asa Hardcastle 3 Dirk Grunwald 2 Douglas Sicker 2 1 The Internet Society 2.

Automated Tracking of Online Service Policies J. Trent Adams 1 Kevin Bauer 2 Asa Hardcastle 3 Dirk Grunwald 2 Douglas Sicker 2 1 The Internet Society 2.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

Similar presentations

Ads by Google