1 / 18

Privacy Science

Privacy Science. Robert Thibadeau, Ph.D. Director, Internet Systems Laboratory http://www.internetlab.ri.cmu.edu Institute for eCommerce School of Computer Science Carnegie Mellon University Pittsburgh, Pennsylvania. Examples of Hard Problems. Negotiating in a Millisecond

roth-mullen
Télécharger la présentation

Privacy Science

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy Science Robert Thibadeau, Ph.D. Director, Internet Systems Laboratory http://www.internetlab.ri.cmu.edu Institute for eCommerce School of Computer Science Carnegie Mellon University Pittsburgh, Pennsylvania

  2. Examples of Hard Problems • Negotiating in a Millisecond • Default : no negotiation (but is this realistic?) • The human mind is not fast enough to make new decisions • Persona/Virtual Identities : Pre-understood agreements. • Linkability == Inductive Reasoning == we don’t know to do… • (Thresholds?) Email as PII • 17 year olds – no? • 57 year olds – yes? • Jurisdiction Mixing • What is the answer when there is no answer? • E.g., European living in America • …Micro-Jurisdiction / Self-Jurisdiction / Personal Info Sphere? • Global Identities

  3. InformationPrivacy • Law • Technology No matter how much you want to, you can’t get technology out of privacy or the law out of privacy

  4. Reasons • There is no technically perfect solution possible : Thomas Jefferson’s notion of public and private. • Therefore the Law becomes Indispensible • Technology – actually the computer – will always surprise you : The Turing Principle • Therefore Technology cannot be frozen to a form • Technology – you need locks on the doors, stuff to make the laws easy to use, and policing of the laws • This requires Technology

  5. Privacy Server Protocolhttp://yuan.ecom.cmu.edu/psp • Port-based, not (necessarily) HTTP • Scope : Persistence in Time and Scoping across Modality • P3P Vocabulary (as excellent starter) • Negotiated Privacy • Persona Driven • Bilateral Privacy • Museums - Universal Studios – Ford Have Privacy Needs Too • Non-Repudiate-able Contracts • Utilizing ASN.1/SMPTE 298M/DVBX Globally Unique Contract Names without central servers.

  6. CMU PERSONA MODEL Web Site Server Agent Client Browser User Agent Amazon Shopper BN Shopper Schwab StockPicker BUY Shopper DoubleClick User Privacy Policy Agreements Amazon Shopper CMU Shadow DoubleClick User Database System

  7. CMU PERSONA MODEL Web Site Server Agent Client Browser User Agent I want the Shopping Cart Amazon Shopper Need to be a Shopper BN Shopper Schwab StockPicker BUY Shopper I ‘m an Amazon Shopper DoubleClick User Amazon Shopper OK, Sign Here CMU Shadow DoubleClick User OK, Now you Sign Database System Done, Come on In!

  8. CMU PERSONA MODEL *ALT Web Site Server Agent Client Browser User Agent I want the Shopping Cart Need to be a BN Shopper Amazon Shopper BN Shopper What’s That? Schwab StockPicker It’s This P3P Policy BUY Shopper DoubleClick User Can I be an Amazon Shopper? Amazon Shopper CMU Shadow OK, Sign Here DoubleClick User Database System OK, Now you Sign Done, Come on In!

  9. CMU PERSONA MODEL *ALT Web Site Server Agent Client Browser User Agent I want the Shopping Cart Need to be a Shopper Amazon Shopper Can I be an Amazon Shopper? BN Shopper Schwab StockPicker OK, But you need to be DoubleClick User TOO! BUY Shopper DoubleClick User Amazon Shopper CMU Shadow OK, Sign Here DoubleClick User OK, Now You Sign Database System Done, I’m Coming In!

  10. cmu persona A Persona is a Set of Credentials of which a Proper Subset is distinguished for Authorizing Access To the Remainder of the Set Username : <string> Password : <string> Name : <string> Credit Card Number : <string> Card Expiration : <string> Mailing Address : <string> Mothers Name : <string> Child Persona : <p-name> … Credentials can be other Persona PERSONA P3P APPEL : <script> Recogniz-er : <script> FillerIn-er : <script> Communicat-er : <script> HowToUse-er : <script>

  11. cmu persona interface IE/Netscape Plugin is EMPTY PERSONA EDIT / RUN ENGINE Fill it with actual person in different ways: REMOTE BASESTATION WEB SERVER : PORT 80 (Web Page Activates Persona) CMU PERSONA PLUGIN/PROXY Active Persona Storage AMAZON SHOPPER AMAZON SHOPPER My Secure Hard Disk OR My Floppy Disk MY OTHER SHOPPER MY OTHER SHOPPER THIRD PARTY WEB SERVER : PORT 80 WANTS Amazon Shopper

  12. Technological OrganizationDr. David-Olivier Jaquet-Chiffelledavid-olivier.jaquet-chiffelle@hta-bi.bfh.ch Anonymity Pseudoanonymity Unlinkability Practical Theoretical Unobservability Conditional Unconditional

  13. Legal/Technical Organization‘The Law defines its own world’ Pseudoanonymity Anonymity Technical Law Unlinkability Unobservability Conditional Unconditional

  14. rht@cs.cmu.edu

  15. Out of Common Criteria (willikens) Anonymity • Anonymity • Pseudonymity • Unlinkability • Unobservability • User control / info management • Notification, consent, accessibility, validation • Security protection

  16. The Principles of Computational Privacy Perfecting Anonymity Requires Perfecting Authentication (You have to be certain to know who you are in order to technically let you be anonymous). :: Perfecting Privacy Requires Perfecting Authentication

  17. Jackson • Buy without being tracked, pay anonymously • Serge Gutwirth • Privacy is a manifestation of self-determination • Very wierd

  18. notes • Andreas/GlobalSign • www.cordis.lu/ist • www.cordis.lu/ist/ka2 • Eprivacyforum.jrc.it • Tom Jackson • Cybersecurity.jrc.it • Ambient intelligence??? • Rigo • Dumortier-Report – paints whole picture?-get from Rigo • www.w3.org/Talks/2001/10-p3p-jrc • Framework for privacy policy • Economics of security • Vulnerabilities that technology may bring • User oriented techs for identity management

More Related