The poorest man may in his cottage bid defiance to all the force of the crown'

1

• The poorest man may in his cottage bid defiance
  to all the force of the crown.
• 
  --- William Pitt, Prime-minister of Great
  Britain, 1783 1801 and 1804- till his death in
  1806

2
From Fear and Freedom on the Internet
--Peter Singer, Professor of Bio-ethics,
Princeton University

• Theres really no way to repress information
  today, and I think
• thats a wonderful advance we can all feel good
  about... This is a
• medium of total openness and total freedom, and
  thats what
• makes it so special.
• 
  -- Bill Gates, October 2005
• Two newsitems of Jan 2006
• At the request of Chinas rulers, Microsoft shut
  down the website of Zhao Jing , a Chinese
  blogger, who had been reporting on a strike by
  journalists at The Beijing News that followed the
  dismissal of the newspapers independent-minded
  editor.. The blog was hosted on MSN Spaces in
  USA.
• Microsofts blog tool in China filters words like
  democracy and human rights from blog titles,
  to comply with local laws.

3
Todays news

• Wednesday, Jan 25, 2006
• Google officially launched a new www.google.cn
  site that plans to filter out or block links to
  material likely to be considered politically
  sensitive by China's ruling Communist Party.

4
INTERNET PRIVACY a DEFINITION

• The ability
• to control what information one reveals about
  oneself over the Internet, and
• to control who can access that information.
• Experts in the field of Internet privacy
  Internet privacy does not really exist.
• Privacy advocates believe that it should exist.
• Reference http//en.wikipedia.org/wiki/Internet_p
  rivacy as of September 18, 2007

5
PRIVACY

• Right to a sense of personal autonomy
• Right to have information about oneself used
  fairly
• ensuring that organizations act fairly in the
  way they (i) collect (ii) store (iii) use and
  (iv) disclose ones personal information
• Right to be left alone
• Right to decide what part of ones personal
  information is to be shared with (i) doctor (ii)
  employer (iii) banker (iv) neighbor (v) friend or
  (vi) stranger

6
Who cares?

• 2004US government introduced free do not call
  service 28 million phone numbers registered
  within a month
• 2001 Survey in Australia 90 Australians
  consider it important how their personal
  information is used by organizations and to whom
  it is disclosed.

7
Costs of Privacy

• Privacy of data ? its non-availability at some
  time, when required
• Attempts to retain privacy ? inconvenience or
  forgoing certain benefits

8
Privacy protection

• To shield innocent persons from an overzealous
  government
• Profiling can lead to a misinterpretation of
  accurate information
• To permit every one to preserve her/his dignity
  and autonomy
• To not let governments and big corporations to
  have and to exercise undue power over individuals

9
Privacy protection and
Public Interest

• To support freedom of expression, freedom of
  speech and freedom of association.
• Anonymity fosters creativity.
• Permits individuals to make a fresh start and
  become useful members of society.
• Privacy protection is integral to trust.
• Trust is the cornerstone of a strong
  relationship.

10
How to protect?

• Records should be kept for no longer than
  necessary.
• Records , if inaccurate, must be deleted or
  corrected.
• Sometimes not possible to delete
• Example Health records wrongly state that you
  have diabetes. Accordingly some wrong treatment
  was started. If the record is deleted, the reason
  why the wrong treatment was given will also go
  and the medication history will not make sense.
• Be proactive in defense of privacy.
• The default barriers of time, distance and
  cost, against publication and retention of your
  private information, have vanished.
• PROBLEMS
• Right to research vs autonomy
• Right to forget vs. Right to know

11
Risks

• Stealing information through Cookies (Example
  Cross-site scripting )
• Browsing profile
• Weak spot ISP
• Spyware, Phishing, malicious proxy servers
• Web-bug techniques used to track who is reading
  a web page or e-mail, when, and from what
  computer. They can also be used to see if an
  e-mail was forwarded to someone else.

12
The Google age

• We are becoming a transparent society of record
  such that documentation of our past history,
  current identity, location, communication and
  physiological and psychological states and
  behavior is increasingly possible. With
  predictive profiles and DNA there are even claims
  to be able to know individual futures. Gary
  Marx, Privacy and Technology, Telektronik,
  January 1996.

13
Health Information Acts stress PRIVACY

• Apply to hospitals, doctors, laboratories,
  insurance companies, employers etc
• Allow individuals to be informed about their
  health care
• Provide both privacy and legitimate access to
  health information

14
Facts and needs

• Personal information available in tens of
  data-bases under the control of different
  organizations.
• Onus on the person to correct his information,
• when he does not even know about all the
  places, where his information is.
• Ownership? vs Control?
• Needs
• PRIVACY,
• CORRECTNESS OF INFORMATION,
• AVAILABILITY WHEREVER REQUIRED

15
Proposed Systems

• IBM a third party to maintain and release
  information by following certain rules
• Information to be maintained by the owner

16
Ownership of data

• Ownership may not mean
• Write-access
• Ex Government-owned information
  
• social security number,
  passport ( A
• government can revoke a
  passport)
• Financial
  information
• Annual Tax returns, bank
  balances
• Read- access
• Ex Reports by physicians,
  laboratories
• Reference for the next set of slides Carrie
  Gates, Jacob Slonim , Owner-Controlled
  Information, http//flame.cs.dal.ca/gates/paper
  s/nspw03.ps.

17
Ownership of data .continued

• Ownership means
• Permitting others to access part of the
  information
• Role-based access control, augmented by location
  (say in a hospital, when both the owner and the
  doctor are in the same room)
• Deciding about individuals, who can access it in
  case of disability
• Deciding about overarching access in case of an
  emergency/ in case of death
• Societal Needs to access
• For medical research
• For identifying concerned individuals
• Example spread of SARS

18
Escrowed Encryption Standard (EES)

• EES uses key escrow method of enabling
  eavesdropping by authorized government agencies,
  under a court order. (FIPS 185)
• escrow a deed, a bond, money, or a piece of
  property held in trust by a third party to be
  turned over to the grantee (in this case- a Law
  Enforcement Agency) only upon fulfillment of a
  condition
• Reference Merriam-Websters Online Dictionary

19
SKIPJACK

• encryption/decryption algorithm used by EES
• can be incorporated into voice, facsimile (fax),
  and computer data devices
• Has a Law-Enforcement Access Field (LEAF), and
  two LEAF decryption keys
• Clipper the chip designed through US Dept of
  Commerce grants in 1994
• Referencehttp//searchsecurity.techtarget.com/sDe
  finition/0,,sid14_gci837181,00.html as of
  September 18, 2007

20
Escrowed Encryption

• Research in Escrowed encryption standard
  abandoned after 1994
• Ref. http//csrc.nist.gov/publications/fips/fips1
  85/fips185.txt
• Partial key Escrow
• that obey the secret sharing property (that
  any k pieces of the key can reconstruct the key,
  but that no t pieces provide information about
  the key, where t lt k)
• Ref. http//www.cse.ucsd.edu/users/mihir/papers/e
  scrow.html

21
Physical Ownership

• Need for an individual to carry information with
  him
• Ownership and control
• Distributed and incomplete information likely to
  be non-synchronized and erroneous
• May not be available, when required
• Can allow access to appropriate parts of
  information to various entities under specified
  conditions
• Misused in spite of assurances
• Ex census information supposed to be retained
  for 99 years only for research after 9/11, the
  president made it available to law-enforcement
  agencies

22
Problems of Physical Ownership

• Theft of identity
• Loss and recreation of information
• Requirement of Temper-proof hardware and
  protected storage areas
• To encash a cheque, without a cenralized data?
• How to ensure that the authorized user has not
  made a copy of the data released to him?
• Provision for expiry of data (like passport,
  health card, driving license
• Secure back-ups
• A friendly User interface and granularity of
  information

23
Trust

• No one is a super-user?
• Non-repudiated Audit Trail
• Alerts, in case unauthorized change has been
  done.
• Ex A bank may
• sign the information, when it writes into the
  personal device.
• inserts a hash in the database.
• Next time when the device is presented to the
  Bank, it verifies the hash before starting the
  transaction.
• IDS to detect if someone tries to copy the data.

24
Existing services

• 1. Microsoft Passport service
• a single sign-on service
• may contain e-wallet containing billing and
  shipping information
• (e-Wallet safely stores
• name,
• address,
• credit-card numbers,
• password and
• any other information needed for purchase from
  e-commerce sites )
• References 1. https//www.passport.net/
• 2. http//www.projectliberty.org/

25
Existing services . continued

• MS wanted to extend Passport to XML based
  Hailstorm to contain
• calendars,
• phone books,
• address books,
• documents, using passport authentication
  mechanism. However the project was abandoned in
  the face of criticism.
• 2. Liberty Alliance of 150 companies for a
  federated identity infrastructure
• Links databases maintained at a number of
  organizations rather than at a single (set of )
  servers

26
Existing services . Continued 2

• 3. Persona Project at Oregon State University
• single sign-on,
• consumer-centered identity model, that is
  distributed across multiple systems
• holds a user's personal information, including
  identity, passwords, preferences and e-wallet
  information
• can be accessed via desktops, personal digital
  assistants (PDAs), cell phones, and even from
  cybercafes.

27
The Persona project

• The persona is "an active software agent that
  encapsulates private and personal data and
  performs a range of authentication and
  personalization services on behalf of its owner.
• The basic premise
• The user authenticates himself to his persona.
• The persona acts on behalf of the user to supply
  on-line information such as billing information
  or personal schedules.
• Access to this information moderated by the
  access control rules employed by the user (e.g.
  so that only a limited number of companies can
  access credit card information, for example).
• Ref. http//www.cs.pdx.edu/ktoth/index_files/
  RHASPersonaPaperTothSubramaniumV6.pdf

28
Issues

• CENTRAL VS FEDERATED VS PERSONALLY CARRIED
  INFORMATION IN SMART CARDS/FLASH KEYS ETC
• Authentication of the owner through biometric
  information
• Authentication of every one allowed to have a
  read or write access
• References 1. Electronic Privacy Information
  Center (EPIC)
• http//www.epic.org/privacy/consumer/microsoft/pas
  sport.html
• 2 M.Fairhurst, R.Guest, F. Deravi and J. George,
  Using Biometrics as an enabling technology in
  balancing universality and selectivity for
  management of information access, Universal
  Access Theoretical Perspectives, Practice and
  Experience 7th ERCIM International Workshop on
  User Interface for All, Paris France Oct 24-25,
  2002, Springer-Verlag Lecture Notes in CS 2615,
  pp 249-259

29
Implementation of Privacy Policies

• Implementation requires
• a careful study of the Vulnerabilities and
  Requirements of the Organization
• formulation of appropriate Security and Privacy
  policies
• development of the Architecture of the Security
  system
• selection of Security Technologies
• verification whether the design of the system
  conforms to the statutory requirements and
  standards.

30
Assignment I

• Use Ataraxis Topic Internet Privacy
• References
• ACM Digital Library, IEEE Explorer and Lecture
  Notes in Computer Science series at Leddy Library
  Electronic offerings
• Researchers Sweeney L., Malin B., Clifton C.,
  Vaidya J.
• Computers Freedom and Privacy Conference
  (http//www.cfp.org/)
• Anonymity project (http//idtrail.org/)
• Electronics Privacy Information Center
  (http//www.epic.org/)
• http//www.privacy.org/, http//www.privacyinterna
  tional.org/
• Studies on Privacy Vulnerabilities by John
  Hopkins Information Security Institute
  (http//web.jhu.edu/jhuisi/)