1 / 22

Privacy Incorporated Software Agents

Privacy Incorporated Software Agents. Jan Huizenga - TNO - PISA co-ordinator. Main Topics PISA Mobile Intelligent Agents Agents and Privacy Contribution. Overview. Main topics PISA. Human-Computer Interface. Agent System. Network Privacy. Security & Privacy. 1000. 100. 10.

tilden
Télécharger la présentation

Privacy Incorporated Software Agents

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy Incorporated Software Agents Jan Huizenga - TNO - PISA co-ordinator jan.huizenga@tno.nl; +31 6 204 315 47

  2. Main Topics PISA Mobile Intelligent Agents Agents and Privacy Contribution Overview

  3. Main topics PISA Human-Computer Interface Agent System Network Privacy Security & Privacy

  4. 1000 100 10 Max data rate (Mbps) 1 0,1 0,01 1996 1998 2000 2002 2004 2006 2008 2010 Mobile Intelligent Agents Communication Space Application Space PAN/LAN/WAN Convergence AMBIENT Intelligence Infotainment Virtual Homes HIPERLAN Video Streaming Video data rate Mobile Agents 3G 802.11 HomeRF Still Imaging Bluetooth High Speed Internet GPRS Audio Streaming Text Messaging Voice GSM product date Local Area: LAN Wide Area: WAN Personal Area:PAN

  5. Around PISA: a complex world where ... intermediation PKI ASP SGSN wireless Gateway Server NodeB Core Network Appli RNC GGSN RAN Cellular (e.g. UMTS) Local PDN Sec. M. ME privacy must transcend heterogenity and mobility

  6. THE AGENT AND PERSONAL DATA FLOW Agent- provider Agent 1 External sources Agent 2 Agent N MIKE’s Agent Mr. Jones Network Agents databases: personal data about Mr. Jones MIKE A personal agent can perform tasks for its user. => a personal agent needs personal information

  7. 1997: NDPA, DPA Canada, TNO: Report “Agents, Privacy & PET 1999: How do we demonstrate agents & privacy? 2000: Project/consortium proposal : PISA 2001-2003 Identifying the privacy requirements and threats Designing PET for agents Building a sample application Evaluating the sample application Agents & Privacy

  8. PRIVACY THREAT ANALYSIS VIOLATIONS OF PRIVACY REGULATIONS USE SOLUTION INTEGRATED LIST OF THREATS TECHNOLOGY SYSTEM PURPOSE Mobile code

  9. PET = Privacy Enhancing Technologies USER KNOWN PID 1 PID 2 THE IDENTITY PROTECTOR PID 3 PSEUDO IDENTITY DOMAINS IDENTTY DOMAINS

  10. The Privacy Agent Design To show that privacy of the user is protected in all kinds of processes by incorporated PET features Identity Protector Non-Personal data Personal data

  11. How to achieve privacy protection in Agents? Deployment of PETs Classic tools (anonymity, pseudonymity, unobservability and unlinkability) is not enough to achieve optimal privacy protection. Therefore PISA needs a design for: Personal Data : Personal Identifiable Information (PII), and Non-PII. Legal rules (privacy principles) Agent Practices Statement (APS) Privacy Preferences Privacy Protection

  12. Level 1: Contact Information. Level 2: All other items of personal data except level 3. Level 3: Special categories of personal data. Three Levels of Personal Data

  13. Purpose specification Finality Legimate Processing Data quality Transparency Data subject’s rights Storage duration Right to object Security Privacy Principles

  14. Privacy Ontology DataProtectionAutority PIILevel1 1..n PII PIILevel2 PIIGroup PET APS PIILevel3 1..n 0..n PrivacyPreference PrivacyPolicy PrivacyPrinciple 1 LegalProcessing Transfer Finality Transparency DataSubjectRights

  15. Trusted Third Auditor Controller Party Other Agents or PET APS Personal Data User Preferences Services PISA Model PISA Agents Privacy Protection by: 1. Anonymity & Pseudo-identities (PET) 2. Trust/secure “mobile code” (Encryption) 3. Act according the Directive (APS)

  16. Certification Authority (PKI) PISA Platform Data Registration Subject Service Authority Agent Agent Controller Interaction External Web Services Personal Task Agent Log Agent Agent Processor Advisor Monitor Agent Agent Auditor 1 agent / platform Auditing 1 agent / user multiple agents General PISA Architecture

  17. HCI and PRIVACY PROTECTION From Privacy Legislation to Interface Design Building Trust & Reducing Risk HCI Requirements for Legislative Compliance and Usable Design Just-In-Time Click-Through Agreements: Informed, Unambiguous Consent

  18. Usability Results • + The prototype worked fairly well (72%) and was easy to navigate (76%), but it had poor visual appeal (42%) • + Users understood the concept of a personal assistant who could provide services (92%) • + Users understood (>90%) the major functions (create, modify, track, results)

  19. Network & Privacy • Agent Onion Routing Network • Digital Rights Management for Privacy • Reputation System • Scalability

  20. Practical solutions to provide privacy in agent technology Agent Digital Signature Pseudo anonymous Task Agents Confidential communication: E-E-D encryption Agent -PKI Insight in challenges for agent technology / mobile code Theoretical results (IEEE Symposium on Information Theory): Definition perfect secrecy Theoretical boundaries PhD Thesis TUD : “ Private Computing and Mobile Code Systems”K. Carthrysse 2005: ISBN 10:90 90199-53-5 Security & Privacy in PISA Agents

  21. Security & Privacy research is recognized as important in Dutch scientific community; But also in politics: Ministry of Economical Affairs subsidizes technical projects in privacy; Industry / business becomes aware of importance to protect privacy; STIMULUS AND RATIONALE FOR NEW PRIVACY RELATED RESEARCH AND EXPLOITATION Results

  22. Continuation of the PISA work: RAPID: Roadmap Privacy & Identity Management FP6 PRIME: Privacy and Identity Management; Ontology & HCI LOBSTER: Intrusion Detection Geant2; Anonymous data PAW: (Privacy in an Ambient World): Catholic University of Nijmegen, University of Twente, Delft University of Technology, TNO BASIS: (Biometrics and Privacy) : University of Twente, Technical University Eindhoven, CWI, Philips Privacy and RF- ID tags: - TNO Study for Dutch government, RFID-Certification - TUD Thesis Anonymus RFID e- ticketing system Continuation

More Related