1 / 16

Dynamic Anonymity

Dynamic Anonymity. Emin İ slam Tatl ı , Dirk Stegemann, Stefan Lucks University of Mannheim, Germany. Overview. Mobile Business Research Group Anonymity & Unlinkability Dynamic Anonymity The Framework The Algorithm Future Work. Mobile Business Research Group.

gunther
Télécharger la présentation

Dynamic Anonymity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Dynamic Anonymity Emin İslam Tatlı, Dirk Stegemann, Stefan Lucks University of Mannheim, Germany

  2. Overview • Mobile Business Research Group • Anonymity & Unlinkability • Dynamic Anonymity • The Framework • The Algorithm • Future Work

  3. Mobile Business Research Group Generic platform for context-aware and location-aware mobile business applications • Joint project of 7 research groups at the University of Mannheim • Web: http://www.m-business.uni-mannheim.de/

  4. Context-aware Applications • A Context-aware application considers context when providing its service • Examples • Find a pizza delivery service that can deliver my favourite pizza for less than 8 EUR within 15 minutes to my current location • Locating moving objects (e.g. fleet management) • Locating kids • Indoor navigation in fairs • Panic alarms • Location-based chat/games

  5. Anonymity • Mobile users require to hide their real identity • Anonymity ensures that a user may use a resource or service without disclosing the user's identity • Service providers require a unique representation of users • (partial) Solution • Pseudonymity • Pseudonyms are faked names (e.g. nicknames)

  6. Unlinkability of Pseudonyms • Linkability of pseudonyms may break anonymity • „unlinkability requires that users and/or subjects are unable to determine whether the same user caused certain specific operations in the system“ • Main existing solutions for unlinkability: • Proxies • Mix-net • Peer-to-peer networks

  7. KSP(M) KMix1(KMix2(KMix3(KSP(M)))) SP MC incoming outgoing Mix 3 Mix-Net • Mix: • Computer between sender and receiver • Decrypts messages and forwards to other mix/receiver MIX-NET Mix 1 Mix 2 Mix n

  8. Dynamic Anonymity • Different applications require different anonymity levels • finding the nearest shop vs. mobile dating • Different users require different anonymity levels • Celebrity v.s. a normal person • Performance problems of Mix-net

  9. Configuration Parameters • 6 parameters defined affecting the anonymity level: • encryption type • mix number • path picker • message threshold • dummy message • time delay • Configuration parameters are encoded within policies

  10. Configuration Parameters (cont.) • A sample policy: <policies> <policy id="1" belongsto="app_1"><configuration><encryptionType>symmetric</encryptionType><mixNumber>3</mixNumber><pathPicker>sender</pathPicker><messageThreshold>5</messageThreshold><timeDelay>10</timeDelay><dummyMessage>send</dummyMessage></configuration> </policy></policies>

  11. The Framework

  12. The Algorithm

  13. The Algorithm (cont.)

  14. Future Work • We are currently implementing the anonymity and policy components • Empricial-test for specifying the optimum configurations for individual users and applications • Integrating the anonymity framework within the application framework

  15. References • Jap: Anonymity and privacy tool for internet. URL: http://anon.inf.tu-dresden.de. • The mobile business research group.URL: http://www.m-business.uni-mannheim.de. • Smtp remailers.URL:http://www.freehaven.net/related-comm.html. • The Anonymizer. URL: http://anonymizer.com. • David L. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM, 24(2):84–90, 1981. • Andreas Pfitzmann et al. Anonymity, unobservability, and pseudonymity: A proposal for terminology, July 2000. • Michael Reiter and Aviel Rubin. Crowds: Anonymity for web trans-actions. ACM Transactions on Information and System Security, 1(1), June 1998. • Emin Islam Tatlı, Dirk Stegemann, and Stefan Lucks: Security Challenges of location-aware mobile business, In Proceedings of the 2nd International Workshop on Mobile Commerce and Services, München, 2005. IEEE Computer Society.

  16. Dynamic Anonymity Emin İslam Tatlı, Dirk Stegemann, Stefan Lucks University of Mannheim, Germany

More Related