Presentation is loading. Please wait.

Presentation is loading. Please wait.

Analysis of privacy risks and measurement of privacy protection in Web Services complying with privacy policy Prepared by Ashif Adnan, Omair Alam, Aktar-uz-zaman.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Analysis of privacy risks and measurement of privacy protection in Web Services complying with privacy policy Prepared by Ashif Adnan, Omair Alam, Aktar-uz-zaman."— Presentation transcript:

1 Analysis of privacy risks and measurement of privacy protection in Web Services complying with privacy policy Prepared by Ashif Adnan, Omair Alam, Aktar-uz-zaman School of Computer Science University of Windsor ON, Canada

2 6/1/2015WS Privacy2 Outline  Introduction  Motivation  Goal  Related works  Our observations  Our modified method  Strength and weakness  Conclusion and future works  Acknowledgment  References

3 6/1/2015WS Privacy3 Introduction  Web Services According to “web services are self-contained, modular applications that can be described, published, located, and invoked over a network, generally, the World Wide Web.”  Extended definition… Web services can evolve or be adapted to other platforms Emerging WS can employ  XML (eXtensible Markup Language)  WSDL (Web Service Definition Language)  SOAP (Simple Object Access Protocol)  UDDI (Universal Description, Discovery, and Integration) Web browsers interacting with web servers

4 6/1/2015WS Privacy4 Motivation  WS targets Consumers  WS applications Banking Shopping Learning Healthcare Government online  WS requires consumer’s personal information Here concerns privacy

5 6/1/2015WS Privacy5 Goal  Protection of personal information  Ability to Analyze privacy risks Measure privacy protection Develop Privacy policy compliant System (PPCS)  Improved architecture of PPCS

6 6/1/2015WS Privacy6 Related works 1. Privacy and web services 2. WS privacy risk analysis 3. WS privacy protection measurement 4. Privacy policy compliant WS

7 6/1/2015WS Privacy7 Related works (cont’d)  Privacy and web services Privacy - ability of individuals to control the collection, use, retention, and distribution of information about themselves. privacy policy - a statement that expresses the user’s desired control over a web service’s collection, use, retention, and distribution of information about the user. privacy risk - potential occurrence of any action or circumstance that will result in a violation of a user’s privacy policy.

8 6/1/2015WS Privacy8 Related works(cont’d)  Example of user/provider privacy policies (Online pharmacy) Policy Use: Pharmacy Owner: Alice Buyer Valid: unlimited Privacy Use: Pharmacy Owner: A-Z Drugs Inc. Valid: unlimited Collector: A-Z Drugs Inc. What: name, address, tel Purposes: identification Retention Time: unlimited Disclose-To: none Collector: A-Z Drugs Inc. What: drug name Purposes: purchase Retention Time: 2 years Disclose-To: none Collector: Drugs Dept. What: name, address, tel Purposes: identification Retention Time: 1 year Disclose-To: none Collector: Drugs Dept. What: drug name Purposes: sale Retention Time: 1 year Disclose-To: none Figure 1. Example user (left) and provider (right)

9 6/1/2015WS Privacy9 Related works (cont’d)  Web service privacy risk analysis 1. Web service personal information model (WSPIM)  Need of user’s personal information  Exchange of privacy policy  Obtain user’s personal information  Comply with the user’s privacy policy  Make use of the information

10 6/1/2015WS Privacy10 Related works (cont’d) 2. Method for privacy risk analysis  Determine all the possible locations  Find out the way of violating privacy policy

11 6/1/2015WS Privacy11 Related works (cont’d)  Determine all the possible locations Example of Personal Information Map (Book seller web service) Figure 2. PIM for a book seller web service

12 6/1/2015WS Privacy12 Related works (cont’d)  Find out the ways of violating privacy policy FieldRisk Questions CollectorHow can the PII be received by an unintended collector either in addition to or in place of the intended collector? WhatHow can the user be asked for other PII, either intentionally or inadvertently? PurposeHow can the PII be used for other purposes? Retention timeHow can the PII retention time be violated? Disclose-toHow can the PII be disclosed either intentionally or inadvertently to an unintended recipient? Table 1. Risk questions

13 6/1/2015WS Privacy13 Related works (cont’d) Table 2. Partial Privacy Risks Table corresponding to Figure 2 (PIIs / locations)Privacy Risks (1,2,3 / path into A); (2 / path into D); ( 3/ path into E) Man-in-the-middle attack violates collector, purposes, and disclose to; for path into A, user could be asked for personal information that violates what (1, 2, 3 / A, B); (1 /C); (2 / D); (3 / E) Trojan horse, hacker, or SQL attack (for B) violates collector, purposes, and disclose-to; for B, information could be kept past retention time Figure 2. PIM for a book seller web service  Privacy risk table

14 6/1/2015WS Privacy14 Related works (cont’d)  WS privacy protection measurement Privacy violations  Internal Violations (IV)  External Violations (EV)

15 6/1/2015WS Privacy15 Related works (cont’d) Now lets define the measures  Let M denote the measure of how well a service provider protects consumer privacy.  It will have 2 components m i to account for the provisions used against IV m e, to account for the provisions used against EV.  So M as a matrix can be expressed as M = (m i, m e )

16 6/1/2015WS Privacy16 Related works (cont’d)  Then for a service provider that has implemented combination k, of provisions to lessen IV m i = p k, 0 <= p k <= 1  For EV, we carry out a threat analysis, and we identify  No of security weaknesses – n  No of weaknesses that have countermeasures in place – q, then m e = q/n, if n> 0, so that 0 <= m e <= 1 = 1,if n=0

17 6/1/2015WS Privacy17 Related works (cont’d)  On a scale of 1 to 10, M 10 = (10.p k, 10.q/n), if n>0 = (10.p k, 10), if n=0  The minimum acceptable thresholds t i and t e are set for 10.m i and 10.m e Figure 2. service provider’s provisions for IV and EV

18 6/1/2015WS Privacy18 Related works (cont’d)  Calculation of the measures 1. Calculation of m i 2. The below table gives examples of internal violations provision combinations Table 3. Example IV provision combinations

19 6/1/2015WS Privacy19 Related works (cont’d)  Calculation of m e 1. Identify threats on the user’s data. 2. Create attack trees for the system. 3. Apply weights to the leaves 4. Prune the tree so that only exploitable leaves remain. Count the number of such leaves or vulnerabilities. 5. Count the countermeasures are in place for the vulnerabilities. After performing the above steps, both q and n are available for calculating m e

20 6/1/2015WS Privacy20 Related works (cont’d)  Privacy policy compliant WS (PPCS) The Privacy Policy Compliance System for WS which will provide consumer with a promising approach to measure of control over his/her private information through the use of a PPCS (Private Policy Compliance system). The policies of consumer and provider should match

21 6/1/2015WS Privacy21 Related works(cont’d)  Privacy Legislation 1. Accountability 2. Identify purpose 3. Consent 4. Limiting collection 5. Limiting use, disclosure and retention 6. Accuracy 7. Safeguard 8. Openness 9. Individual Access 10. Challenging compliance Note: Those are also the requirements for PPCS

22 6/1/2015WS Privacy22 Related works (cont’d)  An Architecture of PPCS Figure 3. Privacy policy compliance system architecture

23 6/1/2015WS Privacy23 Our observations 1. Privacy policy proposed by the author is not complete which leads to incomplete set of risks questions giving the consumer less confidence to do the transaction. 2. There are no provisions for consumers to set up the measuring standards. 3. Following points need to be considered to build for more effective PPCS for WS: 1. Damaged protection 2. Children protection 3. Right to transfer 4. Right to opt in /opt out 5. Lack of scalability 6. Lack of knowledge 7. Data tempering 8. Cost

24 6/1/2015WS Privacy24 Our modified method  Web service risk analysis – extended method New fields we have found for privacy policy  Safeguard: Security safeguards by the provider appropriate to the sensitivity of the information.  Individual access: Access by the individual to his/her personal information.  Challenging compliance: Ability of individuals to address a challenge.  Certificate Authority Access: Certificate Authorities to offer consumers a compliance verification service.

25 6/1/2015WS Privacy25 Our modified method (cont’d)  Online pharmacy example with new fields Policy Use: Pharmacy Owner: Alice Buyer Valid: unlimited Privacy Use: Pharmacy Owner: A-Z Drugs Inc. Valid: unlimited Collector: A-Z Drugs Inc. What: name, address, tel Purposes: identification Retention Time: unlimited Disclose-To: none Safeguards: Yes Individual access: Yes Challenging compliance: Yes Certificate Authority: SB Inc. Collector: A-Z Drugs Inc. What: drug name Purposes: purchase Retention Time: 2 years Disclose-To: none Safeguards: Yes Individual access: Yes Challenging compliance: Yes Certificate Authority: SB Inc. Collector: Drugs Dept. What: name, address, tel Purposes: identification Retention Time: 1 year Disclose-To: none Safeguards: Yes Individual access: Yes Challenging compliance: Yes Certificate Authority: SB Inc Collector: Drugs Dept. What: drug name Purposes: sale Retention Time: 1 year Disclose-To: none Safeguards: Yes Individual access: Yes Challenging compliance: Yes Certificate Authority: SB Inc Figure 4. Modified example user (left) and provider (right) privacy policies

26 6/1/2015WS Privacy26 Our modified method (cont’d)  Extended Risk questions FieldRisk Questions...… SafeguardsHow can the security safeguard appropriate for PII be affected? Individual access How can the personal information by inappropriate individual be accessed? Challenging compliance How can the compliance regarding Privacy principles associated with PII be changed intentionally or unintentionally? Certificate authority How can the secured logs passed by the certificate authority to customer be accessed by unintended recipient in addition to the intended customer? Table 5. Extended Risk questions

27 6/1/2015WS Privacy27 Our modified method (cont’d)  Privacy measurement – customization of standards Instead of the standard bodies recommending the percentage rating of the effectiveness of the provisions, the user and the provider determine the provisions that could be used to measure the security of the privacy of the web services. In this way the user and the provider can decide on some secure ways of transmission, by getting the measures and later on come with a PPCS system which satisfies all of the user’s requirements.

28 6/1/2015WS Privacy28 Our modified method (cont’d)  Privacy Policy Compliance System (PPCS) – with compliance verification Web InterfacePrivacy Controller Private Data import/export Database Controller Customer Informatin Consumer Information Log File Service Process From/To Other PPCS ppcs Certificate Authority CA Interface Fig 5: Modified PPCS Architecture

29 6/1/2015WS Privacy29 Weakness and Strengths  Strength Consumer will now have the full confidence to do a transaction with the service provider. Privacy measurement standards can be customized to make transactions more secured. The consumer who does not bother or doesn’t know how to check log file to verify the compliancy, they can easily do so by Certified Authority  Weakness PPCS for web service is semi automated, in some cases we need to notify respected officers for the non compliance matters, which are not automated. Cost of PPCS can not be controlled because it depends on the combination of hardware, software and storage.

30 6/1/2015WS Privacy30 Conclusion and Future Works  Observed steps Understanding how to analyze the risks to privacy Understanding how to measure privacy protection and Understanding a privacy policy compliant web service.  Steps for our new PPCS system WS risk analysis with extended privacy policy WS privacy protection measurement with customized standards PPCS with compliance verification

31 6/1/2015WS Privacy31 Conclusion and Future Works (cont’d)  Plans for future research include Programming the graphical notation to be machine readable Protecting the system from occurring damage due to shared personal information Protecting children from getting affected by shared information by others Improving the procedure for threat analysis by automating it and making it more foolproof Investigating other possible methods of privacy protection effectiveness

32 6/1/2015WS Privacy32 Acknowledgement  We would like to thank our professor for his great support and giving us the opportunity to learn privacy and security in internet  We would like to thank our audience for listening our presentation

33 6/1/2015WS Privacy33 References [1] G. Yee, “Visual Analysis of Privacy Risks in Web Services”, Proceedings, 2007 IEEE International Conference on Web Services (ICWS 2007), July 9- 13, 2007, pp. 671-678. [2] G. Yee, “Measuring Privacy Protection in Web Services”, Proceedings, 2006 IEEE International Conference on Web Services (ICWS 2006), Sept., 2006, pp. 647-654. [3] G. Yee, L. Korba, “Privacy policy compliance for Web services”, Proceedings, 2004 IEEE Intrnation-al Conference on Web Services (ICWS 2004), July, 2006, pp. 158-165. [4] I. Goldberg, D. Wagner, and E. Brewer, “Privacy-Enhancing Technologies for the Internet”, IEEE COMPCON’97, 1997, pp. 103-109. [5] Canadian Standards Association, “Model Code for the Protection of Personal Information”, retrieved Sept. 5, 2003 from: http://www.csa.ca/standards/privacy/code/Default.asp?articleID=5286&language= English

34 6/1/2015WS Privacy34 The End Questions ?

Download ppt "Analysis of privacy risks and measurement of privacy protection in Web Services complying with privacy policy Prepared by Ashif Adnan, Omair Alam, Aktar-uz-zaman."

Similar presentations

Overview of Web Services

Overview of Web Services
Tuesday, June 10, 2003 Web Services Brief Overview & Security Assertion Coordinator Pattern by Mohammad Abushadi & Riaz Ahmed for Security Group CSE -

Tuesday, June 10, 2003 Web Services Brief Overview & Security Assertion Coordinator Pattern by Mohammad Abushadi & Riaz Ahmed for Security Group CSE -
Web Service Ahmed Gamal Ahmed Nile University Bioinformatics Group

Web Service Ahmed Gamal Ahmed Nile University Bioinformatics Group
Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.

Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.
Auditing Concepts.

Auditing Concepts.
Week 6 Lecture Part 2 Databases in Electronic Commerce Samuel Conn, Asst. Professor.

Week 6 Lecture Part 2 Databases in Electronic Commerce Samuel Conn, Asst. Professor.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
1 Introduction to XML. XML eXtensible implies that users define tag content Markup implies it is a coded document Language implies it is a metalanguage.

1 Introduction to XML. XML eXtensible implies that users define tag content Markup implies it is a coded document Language implies it is a metalanguage.
Distributed components

Distributed components
1 DCS860A Emerging Technology Physical layer transparency in Cloud Computing (rev. 12-16-11)

1 DCS860A Emerging Technology Physical layer transparency in Cloud Computing (rev )
2006 IEEE International Conference on Web Services ICWS 2006 Overview.

2006 IEEE International Conference on Web Services ICWS 2006 Overview.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Negotiated Privacy and Security Policies for Web Services George Yee (Joint work with Larry Korba) www.iit-iti.nrc-cnrc.gc.ca/personnel/yee_george_e.html.

Negotiated Privacy and Security Policies for Web Services George Yee (Joint work with Larry Korba)
Interpret Application Specifications

Interpret Application Specifications
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Hippocratic Databases Paper by Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, Yirong Xu CS 681 Presented by Xi Hua March 1st,Spring05.

Hippocratic Databases Paper by Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, Yirong Xu CS 681 Presented by Xi Hua March 1st,Spring05.
Generation of WEB SERVICES Using PROGRAM SLICING RAVINDRA KUMAR01710403111 SUDIP AKURA00210403111 AMIT KUMAR00710403111 BALKARAN SINGH SIDHU05810403111.

Generation of WEB SERVICES Using PROGRAM SLICING RAVINDRA KUMAR SUDIP AKURA AMIT KUMAR BALKARAN SINGH SIDHU
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
TECHNOLOGY GUIDE 3: Emerging Types of Enterprise Computing

TECHNOLOGY GUIDE 3: Emerging Types of Enterprise Computing
General Awareness Training

General Awareness Training

Similar presentations

Ads by Google