Presentation is loading. Please wait.

Presentation is loading. Please wait.

DNS DATA SHARING (OR NOT) Stéphane Bortzemeyer & Nathalie Boulvard.

Published byReginald Pitts Modified over 8 years ago

Similar presentations

Presentation on theme: "DNS DATA SHARING (OR NOT) Stéphane Bortzemeyer & Nathalie Boulvard."— Presentation transcript:

1 DNS DATA SHARING (OR NOT) Stéphane Bortzemeyer & Nathalie Boulvard

2 Summary 1.Technical aspects 1.1.The problem 1.2 The queries contain 1.3 The data is useful 1.4 Anonymization is the solution? 2.Legal aspects 2.1.The issues 2.2.The texts contain 2.3.The contract could be useful 2.4 Anonymization is the solution? 3.Tour de table - Debate Questions 2

3 1. Technical aspects 3

4 1.1 The problem We operate DNS servers They receive queries They send responses Very often, we record the DNS traffic (security incident analysis, business intelligence, statistics, etc.). Often called a « pcap file » 4

5 1.2 The queries contain Example: « 2001 : 660 : 3003 : 8 : : 4 : 69 » asked for the IPv6 address of www.impots.gouv.fr The source IP adress of the resolver (not the end user’s machine). Typically a big machine at the IAP. But not always. The complete name requested (do not believe the CENTR video, it is wrong). We see requests for _bittorrent-tracker._tcp.XXXX.abo.wanadoo.fr 5

6 1.3 The data is useful… …and many people are interested. Can we share it? DITL http://www.caida.org/projects/ditl/http://www.caida.org/projects/ditl/ OARC https://www.dns-oarc.net/https://www.dns-oarc.net/ Is it personal data? For some requests, clearly yes, for some, clearly no and the rest is in between. 6

7 1.4 Anonymisation is the solution? We could « anonymyze » (to replace the IP adresses by a dummy value) Anonymization deletes data (bad for researcher) Anonymization is never perfect (data crunchers know how to get some information back) 7

8 2. Legal aspects 8

9 2.1 The issues Companies’ rights and interests Reputation Individuals’ rights Personal data - Sensitive data 9

10 2.2 The texts contain Under the European rules The European Union adopted its “data protection directive” (directive 95/46) on October 24, 1995. National independent authorities (CNIL for France) & the “Article 29 Working Party” Reform of the data protection EU legal framework (to follow up) Under the International rules 10

11 2.3 The contract could be useful… …but not only. Can we share? DITL http://www.caida.org/projects/ditl/http://www.caida.org/projects/ditl/ OARC https://www.dns-oarc.net/https://www.dns-oarc.net/ An example : the OARC Participation Agreement. 11

12 2.4 Anonymisation is the solution? Well… yes: No personal data anymore So, No more legal issue! But as anonymization is never perfect… Let’s carry on with a debate! 12

13 3. Tour de table - Debate 13

14 Questions If yes did you have any problem regarding this practice? If yes with whom and how? Do you share DNS data with the outside? 14 Are you interested in following up this discussion? If yes, how? Do you think that this entire issue is worth a debate? If no, why?

15 www.afnic.fr contact@afnic.fr Twitter : @AFNIC Facebook : afnic.fr www.afnic.fr contact@afnic.fr Twitter : @AFNIC Facebook : afnic.fr Thank you!

Download ppt "DNS DATA SHARING (OR NOT) Stéphane Bortzemeyer & Nathalie Boulvard."

Similar presentations

E.U. Consultation on Commission Staff Working Document: Transnational Company Agreements – TCA’s.

E.U. Consultation on Commission Staff Working Document: Transnational Company Agreements – TCA’s.
TrustPort Net Gateway Email traffic protection. WWW.TRUSTPORT.COM Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.
Rob Smets A user centred approach IPv6 deployment monitoring.

Rob Smets A user centred approach IPv6 deployment monitoring.
New solutions for transnational access to secure use files David Schiller (IAB) Richard Welpton (UKDA) Microdata Access in European Countries – Cooperation.

New solutions for transnational access to secure use files David Schiller (IAB) Richard Welpton (UKDA) Microdata Access in European Countries – Cooperation.
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
Euro changeover: the Belgian experience (1996 - 2002) Carlos RUBENS Senior Legal Advisor Brussels, 14/04/2008.

Euro changeover: the Belgian experience ( ) Carlos RUBENS Senior Legal Advisor Brussels, 14/04/2008.
DirectAccess is an Enterprise Solution: No support for Windows 7 Professional Requires two consecutive public IP addresses Cannot NAT to the DirectAccess.

DirectAccess is an Enterprise Solution: No support for Windows 7 Professional Requires two consecutive public IP addresses Cannot NAT to the DirectAccess.
Department of Information Engineering 1 What is port number? OK, you know that in order to connect to Internet, each computer must have a unique address.

Department of Information Engineering 1 What is port number? OK, you know that in order to connect to Internet, each computer must have a unique address.
DNS. Outline r Domain Name System r DNS Hierarchy r Resolution.

DNS. Outline r Domain Name System r DNS Hierarchy r Resolution.
Consumer Protection Working Party Meeting Sponsor.

Consumer Protection Working Party Meeting Sponsor.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.

Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.
R 18 G 65 B 145 R 0 G 201 B 255 R 104 G 113 B 122 R 216 G 217 B 218 R 168 G 187 B 192 Core and background colors: 1© Nokia Solutions and Networks 2014.

R 18 G 65 B 145 R 0 G 201 B 255 R 104 G 113 B 122 R 216 G 217 B 218 R 168 G 187 B 192 Core and background colors: 1© Nokia Solutions and Networks 2014.
FACEBOOK CASE: a French experience Amal TALEB UFC – QUE CHOISIR April 21st, 2015.

FACEBOOK CASE: a French experience Amal TALEB UFC – QUE CHOISIR April 21st, 2015.
Health registers in the Czech Republic Jiří Kofránek 1st Faculty of Medicine, Charles University.

Health registers in the Czech Republic Jiří Kofránek 1st Faculty of Medicine, Charles University.
RESPECT Guidelines regarding data protection aspects whithin socio-economic research Y. Poullet, K. Rosier, I. Vereecken CRID-FUNDP in cooperation with.

RESPECT Guidelines regarding data protection aspects whithin socio-economic research Y. Poullet, K. Rosier, I. Vereecken CRID-FUNDP in cooperation with.
InWEnt | Qualified to shape the future Reducing the Risk of Chemical Clusters by Formation of Chemical Parks Christian Jochum, Prof. Dr. InWEnt Senior.

InWEnt | Qualified to shape the future Reducing the Risk of Chemical Clusters by Formation of Chemical Parks Christian Jochum, Prof. Dr. InWEnt Senior.

Similar presentations

Ads by Google