don t ask don t tell
play

DON'T ASK, DON'T TELL THE VIRTUES OF PRIVACY BY DESIGN Eleanor - PowerPoint PPT Presentation

May 19, 2023 •596 likes •1.2k views

DON'T ASK, DON'T TELL THE VIRTUES OF PRIVACY BY DESIGN Eleanor McHugh 1998 PKI elliptic curves satellite PSN 1999 -calculus VM 2000 control networks 2001 mobile identity secure documents 2003 ENUM 2006 dotTel hybrid encryption

  1. DON'T ASK, DON'T TELL THE VIRTUES OF PRIVACY BY DESIGN Eleanor McHugh

  2. 1998 PKI elliptic curves satellite PSN 1999 π -calculus VM 2000 control networks 2001 mobile identity secure documents 2003 ENUM 2006 dotTel hybrid encryption 2007 encrypted DNS 2010 concurrent VM 2011 national eID 2012 encrypted SQL privacy by design Cryptographer Physicist 2014 uPass Security Architect Privacy Architecture 2017 Identity Lab

  3. take effect for all demonstrate that good data protection

  4. PSD2 "If your organisation can't which aim to safe- demonstrate that good data protection guard privacy and is a cornerstone of your business policy and practices, you're leaving your organisation open to enforcement action that can damage identity to service both public reputation and bank the needs of your balance." question is how do — Elizabeth Denham, Information Commissioner you adapt existing

  8. 8

  9. PRIVACY STORIES

  10. as an aggressive marketeer I want to access your visitor data to guess who might pay for miracle product X don’t make my life difficult if it affects sales I’m higher up the food chain than you! insider threat

  11. as a disgruntled employee I want to access your service to make you pay for the pain I’m feeling I’ve had privileged access in the past and you’re too dumb to have cancelled it insider threat

  12. as a script kiddie I want to access your service because it’s a rush to break into your stuff I’ve lots of different scripts to play with coz all lolz belong to us external threat

  13. as an online fraudster I want to access your service so I can steal credentials and data if that’s hard I’ll move onto a fresh target there’s always another sucker ripe for scamming external threat

  14. as a malicious attacker I want to access your service to monitor user behaviour and steal identities I’m waaaay more skilled than your team and I’m being paid for results external threat

  15. as a system administration I want to roll-back errors and monitor security breaches so I can protect my users and my business from fraud or loss but it’s okay if I can only see data relevant to a particular incident so that I know the bare minimum about you or any other user

  16. as a law enforcement officer I want to perform lawful interception queries so I can catch criminals and terrorists but it’s okay if you control my access and require court orders so that criminal investigate is never a cover for political oppression

  17. as a regulator I want to ensure this service complies with all applicable rules so I can confirm that the service is trustworthy and legitimate but it’s okay if you restrict my access to how you operate this service so that I know neither your users nor their interactions

  18. SOME BASIC RULES ➤ users are users because they give their informed consent ➤ you should know your users well enough to aid them ➤ but your users own their identities not you ➤ secure all transports and storage where identifying user data exists ➤ and ensure your users know what you know about them and why you've collected that information

  19. DIGITAL IDENTITY

  20. PRIVACY ➤ digital data is easily duplicated ➤ when this data moves or is stored it generates metadata ➤ metadata is also digital data ➤ processing data or metadata can reveal identity ➤ so a system which respects privacy needs to know as little as possible about ➤ the data it processes ➤ the metadata it produces

  21. ID CARD ➤ photo for visual comparison ➤ hologram to assert validity ➤ date of birth reveals age ➤ serial number allows this card to be recorded and tracked ➤ physical security increases cost of counterfeiting ➤ smart card features allow use with digital scanners ➤ not government issued

  22. BIOMETRICS ➤ if it can be measured and tends towards uniqueness… ➤ faces ➤ fingerprints ➤ iris patterns ➤ retina patterns ➤ genetic fingerprints ➤ electrocardiogram ➤ electroencephalogram ➤ it can also be counterfeited!

  23. LIVENESS ➤ digital data is easily copied ➤ replay attacks repeat a previously captured biometric ➤ spoofing creates a facsimile of a biometric capable of fooling a digital system ➤ proofs ➤ is data being captured now ➤ is it from a genuine source ➤ has it been tampered with ➤ is it likely to be unique

  24. ATTRIBUTES ➤ attributes are discrete facts ➤ dark hair ➤ wears black ➤ professional cryptographer ➤ fragments of an identity ➤ an identity may have none ➤ or some may be imprecise ➤ even as a complete set they may not be unique ➤ anonymity is the lack of attributes

  25. UK LEGAL IDENTITY ➤ birth certificate and gender recognition certificate are the primary identity documents ➤ with either it's possible to get ➤ national insurance number ➤ NHS medical card ➤ passport ➤ name can be changed with a deed poll or a statutory declaration ➤ none of these documents include biometrics

  26. BAD BOOKKEEPING it doesn't matter… right up until it does

  27. PROOF OF IDENTITY CHECKS ➤ each exchange of identity comes with proof that the exchange occurred ➤ proof engenders trust ➤ we anchor trust in information based on its provenance and its tamper-resistance ➤ we can also capture proof of why the exchange occurred ➤ we can record these proofs for future reference ➤ good bookkeeping is at the heart of all identity schemes

  28. TOOLS FOR TRUST

  29. OBSCURITY ➤ HMAC hashes are large numbers computed from a set of data with cryptography ➤ any change to the set of data will result in a di ff erent HMAC value being calculated ➤ symmetric encryption allows two parties with the same key to communicate securely ➤ public key encryption keeps the decryption key secret ➤ hybrid encryption allows a symmetric key to be sent as data encrypted with a public key

  30. UNIQUENESS ➤ a one-time pad is a single use key for encrypting a message ➤ it provides a unique mapping between the encrypted content and the keys to generate and recover that content ➤ it provides perfect secrecy as there are no variant encrypted texts which can reveal elements of the keys ➤ one-time pads require key management which guarantees uniqueness and randomness

  32. IMMUTABILITY ➤ singly-linked list are a popular tool in computer science ➤ they allow several lists to share common head segments ➤ a hash chain extends this concept with computed hashes for each node and an optional signature to validate them ➤ alter one item in the chain and all subsequent hashes must be recalculated

  33. TRUST ARBITRATION ➤ a contract is an agreement to do something between two parties ➤ in Common Law this requires both intent and a demonstrable exchange of consideration ➤ a contract can be enforced by the courts ➤ trust relies on recognised authority and on witnesses ➤ the internet has no courts and machines lack intent ➤ so we need provable witnesses

  35. INTEGRITY ➤ trees are similar to lists but used to capture hierarchical structures and speed searches ➤ Merkle trees are trees built from hash chains ➤ adding to the tree creates a new root node whose hash proves the integrity of its links and terminal nodes ➤ building many overlapping trees ensures that changes to one tree invalidates other trees

  36. BLOCKCHAIN ➤ Bitcoin uses a hash chain of Merkle trees packaged as blocks of information to provide nonrepudiation ➤ the hash chain can be forked deliberately or as a result of network partitioning ➤ its consensus algorithm is based on proof of work ➤ so if the forks are merged the shorter fork is discarded ➤ forks can overcome this by using sidechains for exchange

  37. ROUTING ➤ the internet comprises a decentralised physical infrastructure ➤ most applications are built with a centralised client-server model which hides this reality ➤ servers act as trust anchors ➤ blockchain mining & etherium dApps are fully distributed ➤ lacking servers they require a consensus algorithms to agree a trusted reality

  40. pseudonymity anonymity

  41. pseudonymity anonymity

  42. pseudonymity anonymity

  43. pseudonymity anonymity

  44. pseudonymity anonymity

  45. pseudonymity anonymity

  46. CASE STUDY: UPASS

  47. TO PROVE YOUR AGE seeing is believing

  48. PRINCIPLES ➤ embodies UK common law understanding of identity ➤ supports true anonymity ➤ prevents mass surveillance ➤ reliable source of potentially unreliable information ➤ transactions are fast with minimal need for consensus ➤ can scale to a global system ➤ works on desktop, mobile & IoT platforms

  49. OVERVIEW ➤ anchor document ➤ mobile device ➤ validation service ➤ secure store (proprietary) ➤ one-directional flows ➤ applications ➤ US 20160239653 ➤ US 20160239657 ➤ US 20160239658

  50. REGISTRATION ➤ read anchor document ➤ capture selfie ➤ create profiles ➤ anonymous ➤ date of birth ➤ name ➤ nationality ➤ generate encryption keys ➤ record phone address ➤ issue profile credential

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Camco Technologies Camco Technologies Technologielaan 13 Technologielaan 13 B- -3001 Heverlee

Camco Technologies Camco Technologies Technologielaan 13 Technologielaan 13 B- -3001 Heverlee

Camco Technologies Camco Technologies Technologielaan 13 Technologielaan 13 B- -3001 Heverlee 3001 Heverlee B Belgium Belgium Phone : (32) 16 38 92 72 Phone : (32) 16 38 92 72 Fax : (32) 16 38 92 74 Fax : (32) 16 38 92 74 Email

794 views • 52 slides
The Unified Modelling Language Perdita Stevens (Perdita.Stevens@dcs.ed.ac.uk,

The Unified Modelling Language Perdita Stevens (Perdita.Stevens@dcs.ed.ac.uk,

The Unified Modelling Language Perdita Stevens (Perdita.Stevens@dcs.ed.ac.uk, http://www.dcs.ed.ac.uk/home/pxs/) Division of Informatics University of Edinburgh Slide 1 Objectives A t the end of to da y: y ou will kno w what

828 views • 64 slides
TICKER- OTC: CLPI The Payment Network of India Wednesday, 20 June 2016 1 REQUIRED STATEMENT

TICKER- OTC: CLPI The Payment Network of India Wednesday, 20 June 2016 1 REQUIRED STATEMENT

TICKER- OTC: CLPI The Payment Network of India Wednesday, 20 June 2016 1 REQUIRED STATEMENT ABOUT FORECASTS Calpians models and projections are based on certain key assumptions, including but not limited to the following: Availability of

588 views • 26 slides
A N D I E R I M D T E M I L I G Y N E R E D A Y R T O V E S I N N

A N D I E R I M D T E M I L I G Y N E R E D A Y R T O V E S I N N

A N D I E R I M D T E M I L I G Y N E R E D A Y R T O V E S I N N I O T A T E N E S P R 30 April 2015 Disclaimer The information in this presentation was prepared by Meridian Energy with due care and

1.25k views • 97 slides
Bottom-Up Database Hardware Benchmarking Greg Smith 2ndQuadrant US 04/13/2011 Greg Smith

Bottom-Up Database Hardware Benchmarking Greg Smith 2ndQuadrant US 04/13/2011 Greg Smith

Bottom-Up Database Hardware Benchmarking Greg Smith 2ndQuadrant US 04/13/2011 Greg Smith Bottom-Up Database Hardware Benchmarking About this presentation The master source for these slides is: http://projects.2ndquadrant.com Source

596 views • 43 slides
NEED D TO O KNOW! OW! NOVEMBER, 2017 Terrasat Communications IBUC Intelligent Block

NEED D TO O KNOW! OW! NOVEMBER, 2017 Terrasat Communications IBUC Intelligent Block

BU BUCS WHAT T YOU OU NEED D TO O KNOW! OW! NOVEMBER, 2017 Terrasat Communications IBUC Intelligent Block Upconverters Terrasat Overview We make Intelligent BUCs! Thats all we do - no modems, antennas, hubs, etc.

547 views • 31 slides
How culture can improve engineering velocity, efficiency, and quality David Mercurio Stripe -

How culture can improve engineering velocity, efficiency, and quality David Mercurio Stripe -

How culture can improve engineering velocity, efficiency, and quality David Mercurio Stripe - Payments Infrastructure Snapchat - Memories Backend Facebook - Infrastructure, Platform, Personalized Videos Efficiency is Leverage Getting a lot

1.58k views • 30 slides
Energy Dumpster Diving - Example presentation- Paper written by: M. A. Kazandjieva, B. Heller,

Energy Dumpster Diving - Example presentation- Paper written by: M. A. Kazandjieva, B. Heller,

Energy Dumpster Diving - Example presentation- Paper written by: M. A. Kazandjieva, B. Heller, P. Levis, C. Kozyrakis Stanford University In Proceedings of HotPower workshop 2009 Presented by: Simin Nadjm-Tehrani / Klervie Tocz / Rodrigo

621 views • 28 slides
Identity Theft 101 Wanda Downs, AAP Director, CU Development & Marketing Identity Theft 101

Identity Theft 101 Wanda Downs, AAP Director, CU Development & Marketing Identity Theft 101

Identity Theft 101 Wanda Downs, AAP Director, CU Development & Marketing Identity Theft 101 Identity Theft 101 Wanda Downs First Carolina Corporate Credit Union, 2004 to present > Director of CU Development & Marketing AAP

440 views • 16 slides
Implementing Recycling @ Work in a University Setting Welcome to IUPUI History 1891:

Implementing Recycling @ Work in a University Setting Welcome to IUPUI History 1891:

Implementing Recycling @ Work in a University Setting Welcome to IUPUI History 1891: Indiana University offered classes in Indianapolis for the first time 1968: Mayor Richard Lugar called for a great state university in

554 views • 27 slides
Chanda Fraulino Recycle Program Coordinator Glendale Community College chanda.fraulino@gccaz.edu

Chanda Fraulino Recycle Program Coordinator Glendale Community College chanda.fraulino@gccaz.edu

Chanda Fraulino Recycle Program Coordinator Glendale Community College chanda.fraulino@gccaz.edu ABOUT GLENDALE COMMUNITY COLLEGE Glendale Community College (GCC) offers innovative higher education curriculum in 100 associate degree,

598 views • 22 slides
WBA Secur-IT Conference The Art of Human Hacking You can trust me. WHAT ARE THE EFFECTS?

WBA Secur-IT Conference The Art of Human Hacking You can trust me. WHAT ARE THE EFFECTS?

WBA Secur-IT Conference The Art of Human Hacking You can trust me. WHAT ARE THE EFFECTS? The global cost of cybercrime will reach $6 trillion by 2021, twelve times increase from the 2016 estimate of $450 billion. May only be tip

642 views • 41 slides
COMPETENCY CENTERS PRODUCTION CENTERS EUFI TURKEY - 206 empl. 250 M EFEC - CHINA - 222

COMPETENCY CENTERS PRODUCTION CENTERS EUFI TURKEY - 206 empl. 250 M EFEC - CHINA - 222

Alabama E3 Experience CLOSE TO OUR CUSTOMERS ON 3 CONTINENTS: A FAST RESPONSE ALWAYS CLOSE AT HAND COMPETENCY CENTERS PRODUCTION CENTERS EUFI TURKEY - 206 empl. 250 M EFEC - CHINA - 222 empl. Beynost - FRANCE - 827 empl. 1500

396 views • 18 slides
Tax Refund Fraud and Identity Theft Internal Revenue Service Criminal Investigation Division

Tax Refund Fraud and Identity Theft Internal Revenue Service Criminal Investigation Division

Tax Refund Fraud and Identity Theft Internal Revenue Service Criminal Investigation Division Special Agent Kory Kuba Special Agent Ashley Bradaric Internal Revenue Service Criminal Investigation Criminal Investigation serves the American

766 views • 9 slides
BEAR ARCAT AT GREEN ENERGY: ALTERNATIVE FUELS, INNOVATION, LEADERSHIP EDUCATION: RECYCLING,

BEAR ARCAT AT GREEN ENERGY: ALTERNATIVE FUELS, INNOVATION, LEADERSHIP EDUCATION: RECYCLING,

NORTHWEST MISSOURI STATE UNIVERSITY BEAR ARCAT AT GREEN ENERGY: ALTERNATIVE FUELS, INNOVATION, LEADERSHIP EDUCATION: RECYCLING, CONSERVATION, WASTE REDUCTION THE OPPORTUNITY: DIFFERENCE IS YOU ! ENVIRONMENTAL STEWARDSHIP Northwests

590 views • 27 slides
What will you learn? During this presentation you will learn: How ID theft and account fraud

What will you learn? During this presentation you will learn: How ID theft and account fraud

What will you learn? During this presentation you will learn: How ID theft and account fraud happen The effects of ID theft and fraud How to avoid becoming a victim Identity Protection Identity Theft is Rampant Number of victims rose

764 views • 30 slides
FIGHTING IDENTITY CRIME Professor John Farrar Bond University and the University of Auckland 1

FIGHTING IDENTITY CRIME Professor John Farrar Bond University and the University of Auckland 1

FIGHTING IDENTITY CRIME Professor John Farrar Bond University and the University of Auckland 1 Identity crime is on the increase. The cost is increasing. The cost includes a substantial cost relating to resources to combat identity crime.

538 views • 18 slides
LOOKING TO OUR FUTURE Managing West Michigan Discards in an Emerging Circular Economy Kent

LOOKING TO OUR FUTURE Managing West Michigan Discards in an Emerging Circular Economy Kent

LOOKING TO OUR FUTURE Managing West Michigan Discards in an Emerging Circular Economy Kent Countys Integrated Solid Waste Management System Includes Waste To Energy, Single Stream Recycling, Landfill, Transfer Station, and Recycling

911 views • 62 slides
Corporate Sustainability Best Practices Journey to Zero Waste to Landfill Maria Gutierrez

Corporate Sustainability Best Practices Journey to Zero Waste to Landfill Maria Gutierrez

Corporate Sustainability Best Practices Journey to Zero Waste to Landfill Maria Gutierrez Director, Corporate Responsibility & Sustainability Bendix Commercial Vehicle Systems , Elyria, OH Wednesday, March 25, 2020 1:10 p.m. to 2 p.m.

697 views • 31 slides
Ditch Your Bug-Tracking Tool 3 Solid Tactics to Minimize Bug Counts Jerry Penner, Test

Ditch Your Bug-Tracking Tool 3 Solid Tactics to Minimize Bug Counts Jerry Penner, Test

Ditch Your Bug-Tracking Tool 3 Solid Tactics to Minimize Bug Counts Jerry Penner, Test Specialist Waterloo Hydrogeologic jpenner@waterloohydrogeologic.com What We'll Cover Bugs Are a Costly Problem The Zero Defect Methodology 3

474 views • 22 slides
TITLE Katie Fahey | Program Coordinator | (517) 974-3762 | kFahey@michiganrecycles.org

TITLE Katie Fahey | Program Coordinator | (517) 974-3762 | kFahey@michiganrecycles.org

TITLE Katie Fahey | Program Coordinator | (517) 974-3762 | kFahey@michiganrecycles.org MICHIGAN RECYCLING COALITION Kfahey@MichiganRecycles.org KATIE FAHEY- PROGRAM COORDINATOR (517)974-3672 WHO CURRENTLY HAS A RECYCLING PROGRAM?

848 views • 64 slides
Hybrid Scheduling in Heterogeneous Half- and Full-Duplex Wireless Networks Tingjun Chen * , Jelena

Hybrid Scheduling in Heterogeneous Half- and Full-Duplex Wireless Networks Tingjun Chen * , Jelena

Hybrid Scheduling in Heterogeneous Half- and Full-Duplex Wireless Networks Tingjun Chen * , Jelena Diakonikolas , Javad Ghaderi * , and Gil Zussman * * Electrical Engineering, Columbia University Computer Science, Boston University IEEE

388 views • 23 slides
I/O SYSTEMS Sunu Wibirama Are you surely IT class member? Then you should know these

I/O SYSTEMS Sunu Wibirama Are you surely IT class member? Then you should know these

I/O SYSTEMS Sunu Wibirama Are you surely IT class member? Then you should know these pictures... Introduction Main job of computer : I/O and processing (the latter is rarely happened) Browsing: read and enter information, not

433 views • 26 slides
SkyFi A fast and secure wireless network paradigm using VLC Current wireless standards Pros:

SkyFi A fast and secure wireless network paradigm using VLC Current wireless standards Pros:

SkyFi A fast and secure wireless network paradigm using VLC Current wireless standards Pros: Convenience Accessibility Cons: Speed Interference Visual Light Communication Security Speed Bandwidth Range Special use cases Our project

423 views • 13 slides

More recommend