User Managed Privacy Using Distributed Trust - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

User Managed Privacy Using Distributed Trust

Description:

User Managed Privacy Using Distributed Trust Privacy and Security Research Workshop Carnegie Mellon University May 29-30, 2002 Lark M. Allen / Wave Systems – PowerPoint PPT presentation

Number of Views:100
Avg rating:3.0/5.0
Slides: 13
Provided by: LarkM3
Category:

less

Transcript and Presenter's Notes

Title: User Managed Privacy Using Distributed Trust


1
User Managed Privacy Using Distributed Trust
  • Privacy and Security Research Workshop
  • Carnegie Mellon University
  • May 29-30, 2002
  • Lark M. Allen / Wave Systems
  • Lallen_at_wavesys.com

2
Privacy Challenges
  • The Internet exposes and creates as
    by-products significant amounts of personal
    information in its normal mode of operations
  • Personal information was the primary currency
    which funded the explosive era of the Internet
  • Most tools were created to track, market,
    profile, spam, etc.
  • Success was measured in eyeballs and personal
    data
  • Current architectural and legislative approaches
    to privacy focus on restricting uses of
    information after it is collected, not minimizing
    the collection of personal information
  • New identity credentials planned to contain
    significantly more personal information and
    biometrics, ie. DMV license
  • Evolving identity systems will connect more
    information

11/27/01
2
3
Strategic New Approach to Privacy
  • User manages release of personal information from
    a secure wallet or local repository
  • Personal tools provide full range of protection
    from anonymous to full disclosure mode
  • Trusted user devices for authentication,
    access, processing, storage, and protection at
    the perimeter of the Internet provide local
    authentication and selective release of required,
    authorized and essential data into network and
    centralized sites.
  • All personal information is bound to privacy
    preferences throughout life of the data to
    control usage.

11/27/01
3
4
Authentication and Privacy
  • Privacy is growing social issue, even post 9/11
  • EU, Canada and others with tough Data Protection
    laws
  • Authentication and Privacy must find acceptable
    balance
  • Where authentication is done will affect privacy
    concerns
  • With trusted, intelligent edge devices
    authentication can be accomplished without
    releasing personal information

5
New Privacy and Security Approach
Distributed Trust and Intelligent Web Agents
Trusted Client Platform
XML Web Agents
Strong Security in User Devices for Protection
and Distributed Handling of Personal Information
6
Trusted Client Input Device
Strong Cryptography
  • Secure
  • Processing
  • Storage
  • Time

Secure Display
7
EMBASSY Trusted Client Subsystem
Sovereign and Protected Place in a Hostile
Territory
Digital Signature
Identity App.
Authentication
Application
EMBASSY CHIP/ Trusted OS
Digital Signature
Music DRM
Strong Auth
Hard Disk
Digital Signature
Wallet
Device Trust Services, Secure Applet Management
8
Intelligent Identity Solution
XNS (eXtensible Name Service) OneName Corporation
  • XNS is a global identity protocol that uses Web
    agent technology to
  • Create a foundation of identity management
  • Link real-world identities to each other
  • Establish permissions governing the exchange or
    use of identity-related data
  • Based on XML web agent technology for intelligent
    exchange and processing of information
  • Automatically synchronize changes to this data
  • Build in extensibility to accommodate change

9
Trusted Input Device - Architecture
Authentication
Authentication
Untrusted
Trusted
  • Authentication must be done in a trusted
    location
  • Trusted devices can communicate securely over
    untrusted networks and through untrusted devices

10
Extending Trust to the Network Edge
  • End-end security
  • Multi-layer protections
  • Workgroups and peer-peer enabled
  • Data / user level

Trust Boundaries
11
Selective Personal Information Access
  • Benefits
  • Distributed
  • Scalable
  • Enforceable

12
Benefits User Managed Privacy
  • Allows users to have much more control over the
    release and usage of personal information
  • Minimize release of information
  • Privacy preferences more granular and situation
    based
  • Authentication at the network edge with
    information release
  • Strong, multi-factor authentication
  • Addresses major security exposure The untrusted
    PC
  • Minimized need for centralized data bases
  • Solution for selective release of personal
    information satisfies basic tenets of need to
    know
  • Secure, multifunction identity credentials
  • Addresses key issues for including finger prints,
    criminal history, medical information, age, etc.
    on drivers licenses
  • More easily addresses issues context based
    identity needs
Write a Comment
User Comments (0)
About PowerShow.com