Presentation is loading. Please wait.

Presentation is loading. Please wait.

Meng Yan. Introduction In fact, your online actions may be monitored by unauthorized parties logged and preserved for future access years later.

Published byJemimah Thornton Modified over 8 years ago

Similar presentations

Presentation on theme: "Meng Yan. Introduction In fact, your online actions may be monitored by unauthorized parties logged and preserved for future access years later."— Presentation transcript:

1 Meng Yan

2 Introduction In fact, your online actions may be monitored by unauthorized parties logged and preserved for future access years later

3 Principles Controlling Over Data Collection Limitation Inform Data Security Access Right

4 Principles Protecting Anonymity Anonymity Pseudonymity Unobservability Unlinkablity Deniability

5 Principles Separating User from Unwanted Data

6 Classification Based on Application Area: Privacy Policy Language Anonymity Technology Authentication Management

7 Classification Privacy Policy Language Application Area Formalize privacy policies Help surfers understand privacy policies Help websites express privacy policies Representative PPL P3P EPAL XACML

8 Classification Privacy Policy Language P3P Give a standard format of privacy policy User agent of P3P interprets privacy policy to users User need not to read privacy policy at every website they visit

9 Classification Privacy Policy Language EPAL The first language that allows websites to express privacy policies of rule-based complexity directly in a standards-based markup language

10 Classification Privacy Policy Language eXtensible Access Control Markup Language (XACML) Describe privacy policy Describe request/response

11 Classification Anonymity Technology Application Area Anonymous browsing and publishing Classification (based on implementation_method) Remove user’s information Anonymous HTTP proxy server Mark-up user’s information Mix-based System Crowd

12 Classification Anonymity Technology Anonymous HTTP proxy server HTTP Request Modified HTTP Request HTTP Server User HTTP Proxy Server N HTTP Proxy Server 1

13 Classification Anonymity Technology Mix-based System Server User Onion Router Onion Proxy Entry Exit

14 Classification Authentication Management Application Area Protect Identity Authenticating Information (AI) What user knows (password) What user has (fingerprints, credit card number) What user does (signature) Classification Two-factor authentication (relies on two AI) Multi-factor authentication (relies on more than two AI)

15 Comparison P3P, EPAL, XACML P3PEPALXACML Purpose For user preference For enterprise- internal privacy policies& control access Flexibility Bad (Pre-defined policies) Fair (flexible policies but not scalable) Good (flexible policies &allow reference )

16 Comparison Crowd vs. mix-based system Common Mix-based Systems message delivery paths are fixed and messages are encrypted. Crowd paths are dynamically configured as a message traverses the network and each crowd member encrypts the message for the next member of the path.

17 Conclusion PET Anonymity Technology Privacy Policy Language (PPL) Authentication Management P3P EPAL & XACML HTTP proxy server Mix-based system &(Crowd) Two-factor Multi-factor

18 Thank you!

Download ppt "Meng Yan. Introduction In fact, your online actions may be monitored by unauthorized parties logged and preserved for future access years later."

Similar presentations

Section 10.1 Identify how Web sites are structured Explain the role of URLs Describe the function of HTTP Section 10.2 Explain how the Web has affected.

Section 10.1 Identify how Web sites are structured Explain the role of URLs Describe the function of HTTP Section 10.2 Explain how the Web has affected.
0 Web Service Security JongSu Bae. 1  Introduction 2. Web Service Security 3. Web Service Security Mechanism 4. Tool Support 5. Q&A  Contents.

0 Web Service Security JongSu Bae. 1  Introduction 2. Web Service Security 3. Web Service Security Mechanism 4. Tool Support 5. Q&A  Contents.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Privacy Protection In Grid Computing System Presented by Jiaying Shi.

Privacy Protection In Grid Computing System Presented by Jiaying Shi.
 Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls.

 Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls.
Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.

Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
OpenID And the Future of Digital Identity Alicia Bozyk April 1, 2008.

OpenID And the Future of Digital Identity Alicia Bozyk April 1, 2008.
Introduction To Windows NT ® Server And Internet Information Server.

Introduction To Windows NT ® Server And Internet Information Server.
Web Privacy Topics Andy Zeigler Senior Program Manager, Internet Explorer Microsoft.

Web Privacy Topics Andy Zeigler Senior Program Manager, Internet Explorer Microsoft.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Anonymity Cs5090: Advanced Computer Networks, fall 2004 Department of Computer Science Michigan Tech University Byung Choi.

Anonymity Cs5090: Advanced Computer Networks, fall 2004 Department of Computer Science Michigan Tech University Byung Choi.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Www.eduserv.org.uk/openathens Alumni Authentication… Explained Robert Scaysbrook – OpenAthens UK Account Manager.

Alumni Authentication… Explained Robert Scaysbrook – OpenAthens UK Account Manager.
Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.

Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.
Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)

Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)
November 2009 Secure Data Transmission May 2014 What are Secure Methods of Transmission? Encrypted Email Services Encrypted Memory Sticks Fax Secure.

November 2009 Secure Data Transmission May 2014 What are Secure Methods of Transmission? Encrypted Services Encrypted Memory Sticks Fax Secure.
Prof. Vishnuprasad Nagadevara Indian Institute of Management Bangalore

Prof. Vishnuprasad Nagadevara Indian Institute of Management Bangalore

Similar presentations

Ads by Google