Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction Content vs. Context Content of phone calls are protected under the Fourth Amendment (Katz v. United States (1967)) Context of phone calls,

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Introduction Content vs. Context Content of phone calls are protected under the Fourth Amendment (Katz v. United States (1967)) Context of phone calls,"— Presentation transcript:

1 Introduction Content vs. Context Content of phone calls are protected under the Fourth Amendment (Katz v. United States (1967)) Context of phone calls, like postal mail, has no reasonable expectation of privacy (Smith v. Maryland (1979)) Number dialed, number of the caller, location of the caller, the time of the call and duration are considered context. Passive/Active Surveillance Passive surveillance (wire tapping, location data collection) Can occur easily and at any time Places docility in cellular users [4] Hinders political speech and behavior [4] Active surveillance (Context data distribution) Sold to third parties Causes manipulative information flows (direct marketing) Brings user to a desired state or behavior Goal A private overlay which will conceal a mobile user’s private data. Simple enough that any non-technical user can control Sophisticated so that adversaries can not tamper, clone and illegally distribute Anonymous to ensure the users privacy Method Previous Work Trusted Platform Module (TPM) Physical chip Cryptographic vault Security solution approved by TCG [9] Requires a Public Key Infrastructure and Certification Authority (PKI) [4] Random Equipment Tag (RET) is generated and replaces current phone number [4] User must share RET if they wish to be contacted Data is stored on TPM Limitations Requires a new phone with a TPM. May compromise the size of smaller models Manufacturers may need incentive to redesign certain phone models to accommodate TPM Results Mobile Trusted Module (MTM) Software version Similar to TPM, but varies in operation Uses concept of Secure Boot [1] MTM is installed PKI set up Random, anonymous product key is given First-time activation Remote attestation – device sends network an image of the hardware and software that is present RET is used as the previous work utilized it Proposed system provides protection against cloning and tampering through (not an exhaustive list): Signal Interception Replicated Memory Stolen Device Conclusion Cellular phones are remarkably good tracking devices. They have the ability to relay the information of its user to the service provider at any time, all the time. Data such as current location, past locations, times and dialed numbers are recorded and owned by the utility. In effect, cell phones are a surveillance technology [4] with an ever increasing importance in the social world. A new method for establishing a private overlay allows users to conceal their personal data through the use of a self-evaluating program and a Private Mode application, a method which can be implemented with ease. References [1] Ekberg, Jan-Erik, and Markku Kylanpaa. Mobile Trusted Module (MTM) - an introduction. Tech. no. NRC-TR-2007-015. Nokia Research Center, 14 Nov. 2007. Web. 30 June 2010. [2] Barkuus, Louise, and Anind Dey. Location-Based Services for Mobile Telephony: a Study of Users Privacy Concerns. Tech. no. IRB-TR-03-024. Intel Research Berkely, July 2003. Web. 30 June 2010. [3] Schmidt, Andreas U., Nicolai Kuntze, and Michael Kasper. On the Deployment of Mobile Trusted Modules. Tech. Fraunhofer Institute for Secure Information Technology SIT. Web. 25 June 2010. [4] S. B. Wicker, Surveillance Architectures: Digital Telephony and the Question of Privacy, Communications of the ACM, to appear. [5] Ptzmann, Andreas, Birgit Ptzmann, Matthias Schunter, and Michael Waidner. Trusting Mobile User Devices and Security Modules. Publication no. 0018-9162/97. IEEE, 1997. IEEE Xplore. IEEE. Web. [6] S. B. Wicker and D. E. Schrader, Privacy-Aware Design Principles For Information Networks. Proceedings of the IEEE, to appear. [7] Ghosh, Anup K., and Tara M. Swaminatha. Software Security and Privacy Risks in Mobile E-Commerce. Publication. 2nd ed. Vol. 44. ACM, 2001. Print. Communications of the ACM. [8] Palen, Leysia, Marilyn Salzman, and Ed Youngs. Going Wireless: Behavior & Practice of New Mobile Phone Users. Publication no. 1-58113-222-0/00/0012. ACM, 26 Dec. 2000. Web. 25 June 2010. [9] Trusted Computing Group (TCG). TCG Mobile Trusted Module Specication. Rep. TCG, 26 June 2008. Web. 30 June 2010. Acknowledgements We gratefully thank Professor Stephen Wicker for his support, and Jesus Noland, Nathan Karst, Radames Mererro and DaNae Grubbs for their contributions. This work was supported in part by TRUST (Team for Research in Ubiquitous Secure Technology), which receives support from the National Science Foundation (NSF award number CCF-0424422) A Private Mode for Mobile Users John Baluch and Professor Stephen Wicker Service Provider Context Data Third Parties Law Enforcement Docility Direct Marketing Figure 1. Flow of active surveillance. Figure 2. Secure Boot operation [1]

Download ppt "Introduction Content vs. Context Content of phone calls are protected under the Fourth Amendment (Katz v. United States (1967)) Context of phone calls,"

Similar presentations

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.

Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.
Cobalt: Separating content distribution from authorization in distributed file systems Kaushik Veeraraghavan Andrew Myrick Jason Flinn University of Michigan.

Cobalt: Separating content distribution from authorization in distributed file systems Kaushik Veeraraghavan Andrew Myrick Jason Flinn University of Michigan.
CC4100 Active Cellular Intercept Technologies

CC4100 Active Cellular Intercept Technologies
TRUST Fall Meeting November 10 - 11, 2010 │Stanford, California A Privacy-Aware Architecture For Demand Response Systems Steve Wicker, Bob Thomas School.

TRUST Fall Meeting November , 2010 │Stanford, California A Privacy-Aware Architecture For Demand Response Systems Steve Wicker, Bob Thomas School.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.

Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.
Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center 2014 www.know-center.at Security.

Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center Security.
Trusted Computing Platforms Blessing or Curse? by Bastian Sopora, Seminar DRM 2006.

Trusted Computing Platforms Blessing or Curse? by Bastian Sopora, Seminar DRM 2006.
Strand 1 Social and ethical significance. Reliability and Integrity Reliability ◦Refers the operation of hardware, the design of software, the accuracy.

Strand 1 Social and ethical significance. Reliability and Integrity Reliability ◦Refers the operation of hardware, the design of software, the accuracy.
Java Security: From HotJava to Netscape & Beyond Drew Dean, Edward W. Felten, Dan S. Wallach Department of Computer Science, Princeton University May,

Java Security: From HotJava to Netscape & Beyond Drew Dean, Edward W. Felten, Dan S. Wallach Department of Computer Science, Princeton University May,
Achieving Better Privacy Protection in WSNs Using Trusted Computing Yanjiang YANG, Robert DENG, Jianying ZHOU, Ying QIU.

Achieving Better Privacy Protection in WSNs Using Trusted Computing Yanjiang YANG, Robert DENG, Jianying ZHOU, Ying QIU.
Chapter 17 Controls and Security Measures

Chapter 17 Controls and Security Measures
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.

Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.
Information Security of Embedded Systems 3.2.2010: Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
outline Purpose Design Implementation Market Conclusion presentation Outline.

outline Purpose Design Implementation Market Conclusion presentation Outline.
Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.

Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.

Similar presentations

Ads by Google