Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy Issues and Techniques for Monitoring Applications Vibhor Rastogi RFID Security Group.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Privacy Issues and Techniques for Monitoring Applications Vibhor Rastogi RFID Security Group."— Presentation transcript:

1 Privacy Issues and Techniques for Monitoring Applications Vibhor Rastogi RFID Security Group

2 Privacy in Monitoring Applications  Monitoring apps collect personal information Supports useful applications  Personal reminder services or Personal Object trackers Results in privacy issues  RFID Ecosystem: RFID monitoring system Monitors location information about users & their objects Information is stored in a trusted central server Users query the central server

3 RFID Ecosystem Where is Alice? Alice Charlie Delta Where is Alice? Bob & Alice are friends Charlie & Alice have a scheduled meeting Bob Where is Alice?

4 Central Privacy Issue: Access control  Suppose a user asks a query Is the answer public or private? It depends on multiple factors [Belloti et. al.] Context information of the Querier and the Subject  Rule-based access control Rules control the release of personal information Need to incorporate all the above factors

5 Access Control: Challenges  Rules need to incorporate context information Many rules need to be defined Rules difficult to understand and manage  Context information might have to be inferred  Context information may be uncertain

6 Managability of Rules  Our Solution We identify a list of interesting scenarios and applications Rules are defined to support the scenarios A constrained space of predefined rules Users have an option to enable/disable them  Example: Ownership scenario & Ownership rule

7 The ownership scenario Bob: Where is my book System: Alice has book If B carries A’s object then release B has object to A Context

8 Context is crucial Bob: Where is my book System: Alice has book Hidden Book  Right context may need to be inferred  Done using PEEX If B is with A’s object then release B has object to A

9 Context is uncertain  Access control Rules  Context is uncertain For example: 20% chance that ‘Alice Carries Book’ Let Pr(context) = p c & Pr(secret) = p s  Access control semantics If p c = 1 reveal p s If p c = 0 hide p s If (0 < p c < 1) then what? If context then release secret to user

10 Our approach: Perturbation method  Reveal partial information in uncertain context  Perturb p` s = p s + noise(p c )  Return p` s instead of p s  Compromise soundness Answers returned may be wrong Justifiable as system is itself uncertain! Degree of confidence in answer also returned

11 Noise function  -0.5 <= noise(pc) <= 0.5 p c = 0.5p c = 0

12 Conclusion  Designing simple & intuitive rules important  We design ACP for the RFID Ecosystem Infer high level context Inferred context uncertain  Implementation of ACP Use perturbation methods for uncertain context

Download ppt "Privacy Issues and Techniques for Monitoring Applications Vibhor Rastogi RFID Security Group."

Similar presentations

Abuse Testing Laboratory Management Laboratory Management.

Abuse Testing Laboratory Management Laboratory Management.
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,

Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
Database Security CS461/ECE422 Spring 2012. Overview Database model – Relational Databases Access Control Inference and Statistical Databases Database.

Database Security CS461/ECE422 Spring Overview Database model – Relational Databases Access Control Inference and Statistical Databases Database.
Access Control Methodologies

Access Control Methodologies
Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.

Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
Differentially Private Aggregation of Distributed Time-Series Vibhor Rastogi (University of Washington) Suman Nath (Microsoft Research)

Differentially Private Aggregation of Distributed Time-Series Vibhor Rastogi (University of Washington) Suman Nath (Microsoft Research)
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Practical Techniques for Searches on Encrypted Data Author: Dawn Xiaodong Song, David Wagner, Adrian Perrig Presenter: 紀銘偉.

Practical Techniques for Searches on Encrypted Data Author: Dawn Xiaodong Song, David Wagner, Adrian Perrig Presenter: 紀銘偉.
1 Privacy-Preserving Collaborative Filtering Using Randomized Perturbation Techniques Huseyin Polat and Wenliang (Kevin) Du Department of EECS Syracuse.

1 Privacy-Preserving Collaborative Filtering Using Randomized Perturbation Techniques Huseyin Polat and Wenliang (Kevin) Du Department of EECS Syracuse.
Privacy Research In the RFID Ecosystem Project Evan Welbourne joint work with Magdalena Balazinska, Gaetano Borriello, Tadayoshi.

Privacy Research In the RFID Ecosystem Project Evan Welbourne joint work with Magdalena Balazinska, Gaetano Borriello, Tadayoshi.
Hippocratic Databases Paper by Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, Yirong Xu CS 681 Presented by Xi Hua March 1st,Spring05.

Hippocratic Databases Paper by Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, Yirong Xu CS 681 Presented by Xi Hua March 1st,Spring05.
Last time Finish OTR Database Security Introduction to Databases

Last time Finish OTR Database Security Introduction to Databases
Cloud based linked data platform for Structural Engineering Experiment Xiaohui Zhang

Cloud based linked data platform for Structural Engineering Experiment Xiaohui Zhang
Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.

Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.
Differentially Private Transit Data Publication: A Case Study on the Montreal Transportation System Rui Chen, Concordia University Benjamin C. M. Fung,

Differentially Private Transit Data Publication: A Case Study on the Montreal Transportation System Rui Chen, Concordia University Benjamin C. M. Fung,
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Overview of Privacy Preserving Techniques.  This is a high-level summary of the state-of-the-art privacy preserving techniques and research areas  Focus.

Overview of Privacy Preserving Techniques.  This is a high-level summary of the state-of-the-art privacy preserving techniques and research areas  Focus.
Aegis: A Semantic Implementation of Privacy as Contextual Integrity in Social Ecosystems Imrul Kayes, Adriana Iamnitchi.

Aegis: A Semantic Implementation of Privacy as Contextual Integrity in Social Ecosystems Imrul Kayes, Adriana Iamnitchi.
Self-Enforcing Private Inference Control Yanjiang Yang (I2R, Singapore) Yingjiu Li (SMU, Singapore) Jian Weng (Jinan Univ. China) Jianying Zhou (I2R, Singapore)

Self-Enforcing Private Inference Control Yanjiang Yang (I2R, Singapore) Yingjiu Li (SMU, Singapore) Jian Weng (Jinan Univ. China) Jianying Zhou (I2R, Singapore)

Similar presentations

Ads by Google