Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 17 Page 1 CS 236 Online Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption –With good encryption,

Published byTracy Doyle Modified over 9 years ago

Similar presentations

Presentation on theme: "Lecture 17 Page 1 CS 236 Online Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption –With good encryption,"— Presentation transcript:

1 Lecture 17 Page 1 CS 236 Online Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption –With good encryption, data values not readable So what’s the problem?

2 Lecture 17 Page 2 CS 236 Online Traffic Analysis Problems Sometimes desirable to hide that you’re talking to someone else That can be deduced even if the data itself cannot How can you hide that? –In the Internet of today?

3 Lecture 17 Page 3 CS 236 Online A Cautionary Example VoIP traffic is commonly encrypted Researchers recently showed that they could understand what was being said –Despite the encryption –Without breaking the encryption –Without obtaining the key

4 Lecture 17 Page 4 CS 236 Online How Did They Do That? Lots of sophisticated data analysis based on understanding human speech –And how the application worked In essence, use size of encrypted packets and interarrival time –With enough analysis, got conversation about half right

5 Lecture 17 Page 5 CS 236 Online Location Privacy Mobile devices often communicate while on the move Often providing information about their location –Perhaps detailed information –Maybe just hints This can be used to track our movements

6 Lecture 17 Page 6 CS 236 Online Cellphones and Location Provider knows what cell tower you’re using With some effort, can pinpoint you more accurately In US, law enforcement can get that information just by asking –Except in California

7 Lecture 17 Page 7 CS 236 Online Other Electronic Communications and Location Easy to localize user based on hearing 802.11 wireless signals Many devices contain GPS nowadays –Often possible to get the GPS coordinates from that device Bugging a car with a GPS receiver not allowed without warrant –For now...

8 Lecture 17 Page 8 CS 236 Online Implications of Location Privacy Problems Anyone with access to location data can know where we go Allowing government surveillance Or a private detective following your moves Or a maniac stalker figuring out where to ambush you...

9 Lecture 17 Page 9 CS 236 Online Another Location Privacy Scenario Many parents like to know where their children are Used to be extremely difficult Give them a smart phone with the right app and it’s trivial Good or bad?

10 Lecture 17 Page 10 CS 236 Online A Bit of Irony To a large extent, Internet communications provide a lot of privacy –“On the Internet, no one knows you’re a dog.” But it’s somewhat illusory –Unless you’re a criminal

11 Lecture 17 Page 11 CS 236 Online Why Isn’t the Internet Private? All messages tagged with sender’s IP address With sufficient legal authority, there are reliable mappings of IP to machine –ISP can do it without that authority Doesn’t indicate who was using the machine –But owner is generally liable

12 Lecture 17 Page 12 CS 236 Online Web Privacy Where we visit with our browsers reveals a lot about us Advertisers and other merchants really want that information Maybe we don’t want to give it to them –Or to others But there are many technologies to allow tracking –Even to sites the tracker doesn’t control

13 Lecture 17 Page 13 CS 236 Online Do Not Track Wouldn’t it be nice if we could ensure that web sites don’t track us? Enter the Do Not Track standard A configurable option in your web browser Which, by enabling, you might think prevents you from being tracked

14 Lecture 17 Page 14 CS 236 Online The Problems With Do Not Track First, it’s voluntary –Web server is supposed to honor it –But will they? Second, and worse, it doesn’t mean what you think it means –Based on current definitions of the option

15 Lecture 17 Page 15 CS 236 Online What Do Not Track Really Means What it really means is “I’ll track you anyway” “But I won’t provide you anything helpful based on the tracking” So they know what you’re doing –And they do whatever they want with that data But you don’t see targeted ads So what’s the point of Do Not Track? –A good question

16 Lecture 17 Page 16 CS 236 Online Privacy and the Law US law has long recognized a Constitutional right to privacy –Many of the legal decisions related to sex –But also areas like education choice, medical decisions, marital issues –Not well settled law Some state constitutions enumerate a right to privacy (e.g., California’s)

17 Lecture 17 Page 17 CS 236 Online Privacy Laws Related to Data Compromise Many US states have laws compelling businesses to divulge data loss –When such loss involves compromise of users’ personal info –E.g., CA SB 1386 Continuing attempts to pass a national version of this kind of law

18 Lecture 17 Page 18 CS 236 Online US Medical Data Privacy Law In the HIPAA laws regulating health insurance Seeks balance between –privacy of medical info and –benefits of sharing among health care providers Strong limits on who can be given your medical information

19 Lecture 17 Page 19 CS 236 Online European Law and Privacy EU Data Protection Directive provides broad privacy protections Specifically in the context of computer data Offers wide and powerful protections against privacy invasions Generally Europeans have particular sensitivity to privacy issues

20 Lecture 17 Page 20 CS 236 Online Other Nation’s Legal Stands Some nations (e.g., China) have limited constitutional privacy rights Some have derived rights, like the US (e.g., India) Some have non-constitutional legal frameworks (e.g., Russia) In many countries, what the laws say and what actually happens might differ

21 Lecture 17 Page 21 CS 236 Online The Relevance of Privacy Laws Typically, one nation’s privacy laws not necessarily honored by others –Exception: EU shares laws among its member nations Governments not always committed to enforcing them The fact you’re supposed to keep info private can help hide compromises

Download ppt "Lecture 17 Page 1 CS 236 Online Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption –With good encryption,"

Similar presentations

CyberBullying What is Cyberbullying? How to avoid being a Cyberbully

CyberBullying What is Cyberbullying? How to avoid being a Cyberbully
1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.

1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.

 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.
Lecture 12 Page 1 CS 111 Online Devices and Device Drivers CS 111 On-Line MS Program Operating Systems Peter Reiher.

Lecture 12 Page 1 CS 111 Online Devices and Device Drivers CS 111 On-Line MS Program Operating Systems Peter Reiher.
e-safety and cyber bullying

e-safety and cyber bullying
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
Web Security A how to guide on Keeping your Website Safe. By: Robert Black.

Web Security A how to guide on Keeping your Website Safe. By: Robert Black.
Jan. 28, 2004UCB Sensor Nets Day1 TOWARD A LEGAL FRAMEWORK FOR SENSOR NETWORKS Pamela Samuelson, Law/SIMS UCB Sensor Nets Day January 28, 2004.

Jan. 28, 2004UCB Sensor Nets Day1 TOWARD A LEGAL FRAMEWORK FOR SENSOR NETWORKS Pamela Samuelson, Law/SIMS UCB Sensor Nets Day January 28, 2004.
CYBER BULLYING Cody O’Brien. Goals for Today’s Presentation Introduce Cyber bulling Identify forms of cyber bulling Steps to prevent it What to do if.

CYBER BULLYING Cody O’Brien. Goals for Today’s Presentation Introduce Cyber bulling Identify forms of cyber bulling Steps to prevent it What to do if.
Do you know how to keep yourself safe?

Do you know how to keep yourself safe?
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.

Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.

Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Lecture 5 Page 1 CS 236 Online Certificates A ubiquitous form of authentication Generally used with public key cryptography A signed electronic document.

Lecture 5 Page 1 CS 236 Online Certificates A ubiquitous form of authentication Generally used with public key cryptography A signed electronic document.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.

Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.

Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.
Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.

Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.
How Can We Deal with Risks from the Internet: Why Privacy Legislation Is Hot Right Now Professor Peter Swire Ohio State University/Center for American.

How Can We Deal with Risks from the Internet: Why Privacy Legislation Is Hot Right Now Professor Peter Swire Ohio State University/Center for American.
Reliability & Desirability of Data

Reliability & Desirability of Data

Similar presentations

Ads by Google