for inherent privacy awareness
play

for Inherent Privacy Awareness in Network Monitoring Maria N. - PowerPoint PPT Presentation

Mar 19, 2024 •181 likes •475 views

A Workflow Checking Approach for Inherent Privacy Awareness in Network Monitoring Maria N. Koukovini Eugenia I. Papagiannakopoulou GeorgiosV. Lioudakis Dimitra I. Kaklamani Iakovos S. Venieris The 6 th International Workshop on Data Privacy

  1. A Workflow Checking Approach for Inherent Privacy Awareness in Network Monitoring Maria N. Koukovini Eugenia I. Papagiannakopoulou GeorgiosV. Lioudakis Dimitra I. Kaklamani Iakovos S. Venieris The 6 th International Workshop on Data Privacy Management (DPM-2011) Leuven, Belgium, September 15 – 16, 2011

  2. Passive Network Monitoring  Inspection of the actual network traffic using special software and/or hardware equipment  Range of applications:  Operation and management of communication networks  Identification of performance bottlenecks  Network security (IDS, ADS, …)  Network planning  Accounting and billing of network services  Validation of SLAs  Observation and fine-tuning of QoS parameters  Internet research based on collected traffic traces  Law enforcement (data retention, lawful interception, …) DPM-2011 Leuven, Belgium, Sep 15, 2011

  3. Passive Network Monitoring  Serious drawback: privacy implications!  Relies natively on personal data collection and processing  Various documented privacy violation mishaps  Passive Network Monitoring special characteristics:  Privacy-sensitive information exceeds payload and spans across various protocol headers and other communication metadata  Too much personal information can be inferred and extracted using advanced processing techniques (statistical analysis, fingerprinting, …)  Specific regulations govern the underlying services and data  Very high data rates and consequent performance requirements  Distributed and cooperative nature of operations and infrastructures  Intra-domain  Inter-domain DPM-2011 Leuven, Belgium, Sep 15, 2011

  4. Privacy-Preserving Network Monitoring: Regulatory Requirements   Lawfulness of data processing Information to and rights of the data subject  Purposes for which data are  processed Consent of the data subject   Necessity, adequacy and Data security measures proportionality of the data  Special categories of data processed  Coordination with competent  Quality of the data processed data protection Authority  Minimal use of personal  Supervision and sanctions identification data  Communications confidentiality  Storage of personal data and lawful interception  Data retention  Flexibility and adaptability of legal  Access limitation compliance provisions DPM-2011 Leuven, Belgium, Sep 15, 2011

  5. Fundamental Principles of the Approach Realisation of Privacy by Design  Privacy-aware information flows  Enforcement of privacy-aware access control across the flows  Contextual behaviour of the system  Automatic integration of protection means  Anonymisation, pseudonymisation, aggregation modules  Complementary actions  Consideration of the semantics of various concepts, such as:  Data  Roles  Operational processes  Purposes for data collection and processing DPM-2011 Leuven, Belgium, Sep 15, 2011

  6. Architecture Overview Reasoner Workflow <?xml version="1.0"?> Model <rdf:RDF xmlns:xsp=http://www.owl- … … … … Planning Checker Phase Policies WF Planning Capabilities Matching Environment Capabilities Bus Orchestration Interface Orchestration Layer Execution Orchestrator Orchestrator Orchestrator Phase Components Interface Components Layer Agent Agent Agent Agent Agent Context Bus Control Message Bus DPM-2011 Leuven, Belgium, Sep 15, 2011

  7. Architecture Overview Reasoner Workflow <?xml version="1.0"?> Model <rdf:RDF xmlns:xsp=http://www.owl- … … … … Planning Checker Phase Policies WF Planning Capabilities Matching Environment Capabilities Bus Orchestration Interface Orchestration Layer Execution Orchestrator Orchestrator Orchestrator Phase Components Interface Components Layer Agent Agent Agent Agent Agent Context Bus Control Message Bus DPM-2011 Leuven, Belgium, Sep 15, 2011

  8. Workflows  Workflows and other important parameters…  w = ⟨ t 1 , t 2 , ..., t n ⟩ , where t i = ⟨ a i , op i , res i ⟩ w  a i : actor  op i : operation  res i : resource + a declared purpose pu , e.g., NetworkSecurity + User role(s) r , e.g., NetworkAdministrator  Overall… ⟨ w, ⟨ r ⟩ k , pu ⟩  or maybe…  ⟨ w, ⟨ r ⟩ k , ⟨ pu ⟩ m ⟩ , stored workflow template DPM-2011 Leuven, Belgium, Sep 15, 2011

  9. Workflow Verification Mechanism  Ensures that the user-specified workflow is rendered privacy compliant before entering the execution phase  A three steps procedure: 1. Purpose Verification: Checks regarding purpose compliance (relevance, consistency, etc.) 2. Skin Task Verification: User-specified tasks checked individually and in relation to each other 3. Decomposition: Composite skin tasks’ refinement and evaluation, until the level of atomic tasks  Relies on a policy-based access control model  Core components: Model Checker and Reasoner DPM-2011 Leuven, Belgium, Sep 15, 2011

  10. Step 1: Purpose Verification  Based on two types of associations contained in / implied by the Policy Model:  role-purpose : not all roles can initiate a workflow serving a given purpose  NetworkAdministrator relevant to NetworkSecurity  Accountant not relevant to NetworkSecurity  task-purpose : not all tasks make sense to be used for serving a purpose  DetectSYNFlood is relevant with NetworkSecurity  InterceptCommunications has nothing to do with NetworkSecurity DPM-2011 Leuven, Belgium, Sep 15, 2011

  11. Step 2: Skin Task Verification  Requirements checked:  The initiator must have the right to include the task in the workflow.  The task ⟨ a i , op i , res i ⟩ w must be valid, i.e., the actor a i must have the right to perform the operation op i on the resource res i .  Each task must not conflict with precedent and subsequent tasks.  Potentially required complementary tasks must be present.  The system must be able “by definition” to offer the respective capability.  Approach: for each skin task t i of w , the Model Checker 1. checks the task’s availability by the system 2. asks the Reasoner about task’s acceptability DPM-2011 Leuven, Belgium, Sep 15, 2011

  12. Step 2: Skin Task Verification Possible results: 1. Unconditional acceptance, aka no changes are needed 2. Conditionally accept with task addition: ok, but some extra tasks are required Solution: required tasks addition e.g., MitigateDDoS requires InformSecurityOfficer DPM-2011 Leuven, Belgium, Sep 15, 2011

  13. Step 2: Skin Task Verification More possible results: 3. Conditionally accept provided some conflicts with other tasks are resolved Solution: task removal, substitution, task insertion 4. Conditionally accept, subject to contextual parameters Solution: conditional branching Special case:  actor, operation, resource  inter-dependencies   Can be combined with all the above 5. Conditionally accept, subject to history-related conditions  Contextual constraints are a priori resolved by the flow itself, or  History creates additional contextual constraints Solution: conditional branching DPM-2011 Leuven, Belgium, Sep 15, 2011

  14. Step 2: Skin Task Verification More possible results: 6. Task is not acceptable due to invalid ⟨ a i , op i , res i ⟩ w combination Solution: task removal, substitution, task insertion  e.g., a role may require aggregated results, therefore, AggregateResults is inserted before ReportToGUI DPM-2011 Leuven, Belgium, Sep 15, 2011

  15. Step 3: Decomposition  3 types of decomposition  AND: all subtasks will be executed  all tasks must be acceptable  XOR: exactly one subtask will be executed, depending on:  Context  Capabilities availability  Prioritisation  Flow constraints  at least one task must be acceptable  Subworkflow: worklet implementation  all subtasks must be acceptable DPM-2011 Leuven, Belgium, Sep 15, 2011

  16. Step 3: Decomposition  Approach: For each skin task t i of w, the Model Checker asks the Reasoner for a decomposition  Input: ⟨⟨ a i , op i , res i ⟩ w , r, pu ⟩  Output: a decomposition that  is valid as a standalone structure, but  there may be constraints  Possibly many levels of decomposition  Iterative procedure  Combined depth-first/ breadth-first verification  If there is no valid decomposition (conflicts, other parameters), the parent task is rejected DPM-2011 Leuven, Belgium, Sep 15, 2011

  17. Decomposition Constraints  Contextual constraints:  The aggregated contextual constraints of its subtasks  XOR: each subtask applicable under a different context  Complementary required tasks:  The aggregated subtasks’ requirements  XOR: each subtask requires different complementary tasks DPM-2011 Leuven, Belgium, Sep 15, 2011

  18. Decomposition Constraints  Conflicts:  AND / Subworkflow: no subtask must conflict with other workflow tasks  XOR: at least one subtask must not conflict with other workflow tasks  Conflict resolution: removal, addition, substitution e.g., CaptureTraffic conflicts with tuple_parser  Anonymise task is inserted for conflict resolution DPM-2011 Leuven, Belgium, Sep 15, 2011

  19. Decomposition Procedure Example Flow Decomposition Start T1 T2 End DPM-2011 Leuven, Belgium, Sep 15, 2011

  20. Decomposition Procedure Example Flow Decomposition Start T1 T2 End check Start T1.1 T1.2 T2 End DPM-2011 Leuven, Belgium, Sep 15, 2011

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A Privacy Awareness System for Ubicomp Marc Langheinrich ETH Zurich, Switzerland Motivation !

A Privacy Awareness System for Ubicomp Marc Langheinrich ETH Zurich, Switzerland Motivation !

A Privacy Awareness System for Ubicomp Marc Langheinrich ETH Zurich, Switzerland Motivation ! Ubicomp features real-world electronic services, often without user interface Privacy Awareness System ! Automated data transfer facilitates

593 views • 10 slides
Privacy and Anonymity 1 Privacy Privacy and society Basic individual right &amp; desire

Privacy and Anonymity 1 Privacy Privacy and society Basic individual right &amp; desire

CS 134 Privacy and Anonymity 1 Privacy Privacy and society Basic individual right &amp; desire (Image from geekologie.com) Relevant to corporations &amp; government agencies Recently increased awareness However, general public

171 views • 16 slides
CS 525M Mobile and Ubiquitous Computing: The Wi Fi Privacy Ticker: Improving Awareness &amp;

CS 525M Mobile and Ubiquitous Computing: The Wi Fi Privacy Ticker: Improving Awareness &amp;

CS 525M Mobile and Ubiquitous Computing: The Wi Fi Privacy Ticker: Improving Awareness &amp; Control of Personal Information Exposure on Wi Fi Shengwen Han Computer Science Dept. Worcester Polytechnic Institute (WPI) 1 Abstract

375 views • 24 slides
Data Awareness: Privacy and Safety First half of 2019 saw 3800+ publicized data breaches in US

Data Awareness: Privacy and Safety First half of 2019 saw 3800+ publicized data breaches in US

Data Awareness: Privacy and Safety First half of 2019 saw 3800+ publicized data breaches in US 142 privacy breaches in Alberta this year as of Aug 21 2019: https://www.oipc.ab.ca/decisions/breach-notification-decisions.aspx Digital Se Digital

78 views • 3 slides
University of Hawaii Family Educational Rights System and Privacy Act (FERPA) FERPA Awareness

University of Hawaii Family Educational Rights System and Privacy Act (FERPA) FERPA Awareness

University of Hawaii Family Educational Rights System and Privacy Act (FERPA) FERPA Awareness Training Also known as the Buckley Amendment June 26-28, 2018 Statute: 20 U.S.C. 1232(g) Regulations: 34 CFR Part 99 Primary Rights of

316 views • 5 slides
The Varieties of Self- Awareness David Chalmers Self-Awareness n Self-awareness = awareness

The Varieties of Self- Awareness David Chalmers Self-Awareness n Self-awareness = awareness

The Varieties of Self- Awareness David Chalmers Self-Awareness n Self-awareness = awareness of oneself n One is self-aware if one stands in a relation of awareness to oneself and/or one s properties n There are many different ways of

336 views • 29 slides
$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

Presentation Slides $ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

318 views • 13 slides
Phonemic Awareness Phonological Awareness Phonological awareness is ones sensitivity

Phonemic Awareness Phonological Awareness Phonological awareness is ones sensitivity

Phonemic Awareness Phonological Awareness Phonological awareness is ones sensitivity to, or explicit awareness of, the phonological structure of ones language.... It involves the ability to notice, think about, or manipulate the

393 views • 11 slides
Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; Security and Cooperation in Wireless Networks Georg-August University Gttingen Chapter outline 1 Important privacy related

1.12k views • 33 slides
Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

CISPA Center for IT Security, Privacy and Accountabiltiy Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when,

573 views • 26 slides
$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

Presentation Slides $ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

429 views • 13 slides
CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies US Privacy Laws Sources: Baase: A Gift of Fire and Quinn: Ethics for the Information Age Ethics Spring 2010 Privacy 1 Privacy The original

725 views • 45 slides
Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is

1.01k views • 76 slides
Safeguarding Adults Training The Inherent Jurisdiction 14 February 2020 ELIZA SHARRON KINGS

Safeguarding Adults Training The Inherent Jurisdiction 14 February 2020 ELIZA SHARRON KINGS

Safeguarding Adults Training The Inherent Jurisdiction 14 February 2020 ELIZA SHARRON KINGS CHAMBERS, BIRMINGHAM The relevant Practical statutory duties considerations INHERENT The Scope of the JURISDICTION Injunctions IJ (IJ)

828 views • 44 slides
Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in many ways over the years. Usually privacy is concerned with the individual human being. We may talk about privacy as the control over your own

230 views • 21 slides
Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy Commissioner of Ontario https://www.ipc.on.ca/images/resources/7foundationalprinciples.pdf Privacy by Design Let's have it! Article 25 European

1.32k views • 118 slides
Lecture 26 Word Embeddings and Recurrent Nets Julia Hockenmaier juliahmr@illinois.edu 3324

Lecture 26 Word Embeddings and Recurrent Nets Julia Hockenmaier juliahmr@illinois.edu 3324

CS447: Natural Language Processing http://courses.engr.illinois.edu/cs447 Lecture 26 Word Embeddings and Recurrent Nets Julia Hockenmaier juliahmr@illinois.edu 3324 Siebel Center Where were at Lecture 25: Word Embeddings and neural LMs

767 views • 49 slides
Geometric Context from a Single Image Derek Hoiem Alexei A. Efros Martial Hebert Carnegie

Geometric Context from a Single Image Derek Hoiem Alexei A. Efros Martial Hebert Carnegie

Geometric Context from a Single Image Derek Hoiem Alexei A. Efros Martial Hebert Carnegie Mellon University February 26, 2009 Presented by Luis Guimbarda Outline 1 Introduction Motivation Approach Observations on the training/testing data

573 views • 31 slides
Role of architect and Quality attributes School of Computer Science Jose E. Labra Gayo Course

Role of architect and Quality attributes School of Computer Science Jose E. Labra Gayo Course

Software Architecture University of Oviedo Role of architect and Quality attributes School of Computer Science Jose E. Labra Gayo Course 2018/2019 Software Architecture Contents University of Oviedo Role of architect Quality attributes

813 views • 60 slides
IN5550: Neural Methods in Natural Language Processing Lecture 11/1 Contextualized embeddings

IN5550: Neural Methods in Natural Language Processing Lecture 11/1 Contextualized embeddings

IN5550: Neural Methods in Natural Language Processing Lecture 11/1 Contextualized embeddings Andrey Kutuzov University of Oslo 14 April 2020 1 Contents Brief Recap 1 Problems of static word embeddings 2 Solution: contextualized

372 views • 24 slides
CITIES, HEALTH AND WELL-BEING NOVEMBER 2011 Urbanization Pattern in Asia &amp; Well Being Athar

CITIES, HEALTH AND WELL-BEING NOVEMBER 2011 Urbanization Pattern in Asia &amp; Well Being Athar

CITIES, HEALTH AND WELL-BEING NOVEMBER 2011 Urbanization Pattern in Asia &amp; Well Being Athar Hussain Asia Research Centre LSE 2 Urbanizing Asia Compared with that in Europe, current urbanization in Asia is much larger in scale in

232 views • 8 slides
Finite-State Machines and Regular Languages Detmar Meurers: Intro to Computational Linguistics I

Finite-State Machines and Regular Languages Detmar Meurers: Intro to Computational Linguistics I

Finite-State Machines and Regular Languages Detmar Meurers: Intro to Computational Linguistics I OSU, LING 684.01, 8. January 2003 Some useful tasks involving language Find all phone numbers in a text, e.g., occurrences such as When you call

503 views • 24 slides
ORRs Retail Market Review industry workshop Discussion on ORRs emerging findings, and

ORRs Retail Market Review industry workshop Discussion on ORRs emerging findings, and

ORRs Retail Market Review industry workshop Discussion on ORRs emerging findings, and wider rail retail developments Monday 7 th September 2015 Welcome John Larkinson ORR 3 Welcome Welcome House-keeping Purpose and

404 views • 39 slides
Herefordshire and Worcestershires Sustainability and Transformation Partnerships delivery

Herefordshire and Worcestershires Sustainability and Transformation Partnerships delivery

Herefordshire and Worcestershires Sustainability and Transformation Partnerships delivery of the NHS Long Term Plan 2019/20 to 2023/24 Background Herefordshire and Worcestershire Sustainability and Transformation Partnership (STP)

393 views • 14 slides

More recommend