identity and identity and anonymity anonymity
play

Identity and Identity and anonymity anonymity Engineering & - PowerPoint PPT Presentation

Jan 28, 2024 •7 likes •467 views

CyLab Identity and Identity and anonymity anonymity Engineering & Public Policy Lorrie Faith Cranor October 29, 2013 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 / 95-818:

  1. CyLab Identity and Identity and anonymity anonymity Engineering & Public Policy Lorrie Faith Cranor � October 29, 2013 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 / 95-818: � b r a a t L o Privacy Policy, Law, and Technology y r C y U H D T T E P . U : / M / C C U . S P S C . 1

  2. Identifiers • Labels that point to individuals – Name – Social security number – Credit card number – Employee ID number – Attributes may serve as (usually weak) identifiers (see next slide) • Identifiers may be “strong” or “weak” – Strong identifiers may uniquely identify someone while weak identifiers may identify a group of people – Multiple weak identifiers in combination may uniquely identify someone – Identifiers may be strong or weak depending on context 2

  3. Attributes • Properties associated with individuals – Height – Weight – Hair color – Date of birth – Employer 3

  4. Identity • The set of information that is associated with an individual in a particular identity system • Individuals may have many identities 4

  5. Identification The process of using claimed or observed attributes of an individual to determine who that individual is 5

  6. Authentication • About obtaining a level of confidence in a claim – Does not prove someone is who they say they are • Types – Individual authentication – Identity authentication – Attribute Authentication • Three approaches – Something you know – Something you have – Something you are 6

  7. Credentials or authenticators Evidence that is presented to support the authentication of a claim 7

  8. Authorization The process of deciding what an individual ought to be allowed to do 8

  9. What does it mean to be identifiable? Identifiable person (EU directive): “one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity” 9

  10. Identifiable vs. identified • P3P spec distinguishes identifiable and identified • Any data that can be used to identify a person is identifiable • Identified data is information that can reasonably be tied to an individual Non-identified Identified Non-identifiable Identifiable (anonymous) 10

  11. How unique are you? • http://aboutmyinfo.org 11

  12. Linkable vs. linked • P3P requires declaration of data linked to a cookie • Lots of data is linkable, less data is actually linked • Where do we draw the line? Draft P3P 1.1 spec says: – A piece of data X is said to be linked to a cookie Y if at least one of the following activities may take place as a result of cookie Y being replayed, immediately upon cookie replay or at some future time (perhaps as a result of retrospective analysis or processing of server logs): • A cookie containing X is set or reset. • X is retrieved from a persistent data store or archival media. • Information identifiable with the user -- including but not limited to data entered into forms, IP address, clickstream data, and client events -- is retrieved from a record, data structure, or file (other than a 12 log file) in which X is stored.

  13. Privacy and identification/ authentication • To better protect privacy: – Minimize use of identifiers • Use attribute authentication where possible – Use local identifiers rather than global identifiers – Use identification and authentication appropriate to the task 13

  14. Cartoon dogs are anonymous on the Internet 14

  15. Real dogs are anonymous on the Internet too! 15

  16. The Internet can’t be censored “The Net treats censorship as damage and routes around it.” - John Gillmore 16

  17. Actually, none of this is true • Easy to adopt a pseudonym on the Internet • But difficult to be truly anonymous – Identities can usually be revealed with cooperation of ISP , local sys-admins, web logs, phone records, etc. • The Internet can put up a good fight • But there is still a lot of Internet censorship – Repressive governments and intellectual property lawyers have been pretty successful at getting Internet content removed 17

  18. Degrees of anonymity More Absolute privacy: adversary cannot observe communication • Beyond suspicion: no user is more suspicious than any other • Probable innocence: each user is more likely innocent than • not Possible innocence: nontrivial probability that user is innocent • Exposed: adversary learns responsible user • Provably exposed: adversary can prove your actions to • others Less Reiter, M. K. and Rubin, A. D. 1999. Anonymous Web transactions with Crowds. Commun. ACM 42, 2 (Feb. 1999), 32-48. DOI= http://doi.acm.org/10.1145/293411.293778 18

  19. Anonymity tool applications • Communication • Publishing • Payments • Voting • Surveys • Credentials 19

  20. Privacy Enhancing Technologies h"p://www.mobilecloak.com/ ¡ h"p://tor.eff.org/ ¡ 20

  21. 21

  22. 22

  23. The Delaware Lottery | Face of Anonymity 09/14/2007 08:33 AM search delottery.com When you win with the Delaware Lottery, privacy is our policy. We’ll never release your name for promotional purposes - unless you tell us otherwise. Which means you can keep your good fortune as quiet as you want. So play Delaware Lottery Games. Because when you win big in our state, we won't say a word. Click Here To Download Our "Guide To Winning Kit." Kit includes: Guide To Winning Brochure, Mask Print Out, and Drawing Schedule Back to Top Home | Contact Us | Directions | Site Map | Privacy Policy | Delaware State Government Tell a Friend Sign up for Winning Number e-mails Play Responsibly Play Responsibly — If you or someone you know has a gambling Wayne Lemons, problem, call the Delaware Gambling Helpline — 1-888-850-8888. Delaware Lottery Director It's the Law — You must be 18 years of age or older to purchase Delaware Lottery Office Delaware Lottery tickets. McKee Business Park 1575 McKee Road, Suite 102 Designed to comply with the accessibility guidelines developed Dover, DE 19904 through the WAI and the Web Presentation Guidelines for State of Phone: 302-739-5291 Delaware Agencies. Fax: 302-739-6706 23

  24. 1. Print out mask 2. Cut along dotted lines 3. Adhere mask to popsicle stick, paint stirrer, drum stick, ruler 4. Cover face and enjoy your anonymity It’s The Law: You must be 18 years old to play. Play Responsibly: If you or someone you know delottery.com has a gambling problem, call the Delaware Gambling Helpline at 1-888-850-8888. Player Information: In Delaware: 1-800-338-6200. From out of state: 1-302-736-1436. 24

  25. The Anonymizer Request Request Anonymizer ¡ Reply Reply Client Server • Acts as a proxy for users • Hides information from end servers • Sees all web traffic • Adds ads to pages (free service; subscription service also available) • http://www.anonymizer.com 25

  26. Mixes [Chaum81] Sender Destination msg dest,msg k C C k B B, k A Mix ¡C ¡ dest,msg k C C k B dest,msg k C Mix ¡A ¡ Mix ¡B ¡ k X = encrypted with public key of Mix X Sender routes message randomly through network of “ Mixes ” , using layered public-key encryption. 26

  27. 27

  28. 28

  29. 29

  30. Crowds • Users join a Crowd of other users • Web requests from the crowd cannot be linked to any individual • Protection from – end servers – other crowd members – system administrators – eavesdroppers • First system to hide data shadow on the web without trusting a central authority 30

  31. Crowds Crowd members Web servers 3 1 6 5 5 1 2 6 3 2 4 4 31

  32. Anonymous email • Anonymous remailers allow people to send email anonymously • Similar to anonymous web proxies – Send mail to remailer, which strips out any identifying information • Some can be chained and work like mixes 32

  33. Anonymous censorship- resistant publishing • The printing press and the WWW can be powerful revolutionary tools – Political dissent – Whistle blowing – Radical ideas • But those who seek to suppress revolutions have powerful tools of their own – Stop publication – Destroy published materials – Prevent distribution – Intimidate or physically or financially harm author or publisher 33

  34. Anonymity increases censorship-resistance • Reduces ability to force “ voluntary ” self-censorship • Allows some authors to have their work taken more seriously – Reduces bias due to gender, race, ethnic background, social position, etc. • Many historical examples of important anonymous publications – In the Colonies during Revolutionary War when British law prohibited writings suggesting overthrow of the government – Federalist papers 34

  35. Publius design goals • Censorship resistant • Tamper evident • Source anonymous • Updateable • Deniable • Fault tolerant • Persistent • Extensible • Freely Available 35

  36. Publius Overview Publishers Servers Retrievers • Publius Content – Static content (HTML, images, PDF, etc) • Publishers – Post Publius content • Servers – Host Publius content • Retrievers – Browse Publius content 36

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Anonymity with Identity Escrow Aybek Mukhamedov and Mark Ryan The University of Birmingham March

Anonymity with Identity Escrow Aybek Mukhamedov and Mark Ryan The University of Birmingham March

Anonymity with Identity Escrow Aybek Mukhamedov and Mark Ryan The University of Birmingham March 30, 2006 Outline Anonymity 1 Anonymity with identity escrow 2 Marshall and Molina-Jiminez protocol 3 Our protocol 4 Verification in

567 views • 20 slides
Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487

Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487

Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides based on Miller and Baileys ECE 422 Anonymity Anonymity: Concealing your identity In the context of the Internet, we

860 views • 61 slides
Digital identity, anonymity, pseudonymity and law in India Rowena E Rodrigues University of

Digital identity, anonymity, pseudonymity and law in India Rowena E Rodrigues University of

Digital identity, anonymity, pseudonymity and law in India Rowena E Rodrigues University of Edinburgh Digital India Increase in Internet usage and penetration Cyber cafs Telecentres Home Use Other applications

477 views • 15 slides
Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Cryptocurrency Technologies Bitcoin and Anonymity Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing Decentralized Mixing Zerocoin and Zerocash Tor and the Silk Road Bitcoin and Anonymity

524 views • 39 slides
Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity, t-Closeness CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 4 : 590.03 Fall 12 1

647 views • 61 slides
but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

Not all is lost for anonymity but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian Meiser 2 Esfandiar Mohammadi 3 Aniket Kate 1 1 Purdue University 2 Visa Research 3 ETH Zurich 1 Sender Anonymity

551 views • 44 slides
Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity isnt cryptography Cryptography protects the contents in transit You still know who is talking to whom, how often, and how much data is

764 views • 54 slides
Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous = Nameless, unidentifiable pseudonymous = Fake name, still traceable Tracing Bitcoin transactions Normal redeem script: Provide public key pk and proof

438 views • 33 slides
Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not

Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not

Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not given or known - Anonymity != Privacy != Security - Anonymity: they can see what you do, but not who you are - Privacy: they can see

379 views • 33 slides
Tradeoffs between Anonymity and Identifiability Bob Hinden IETF 63 Paris 3 August 2005 The

Tradeoffs between Anonymity and Identifiability Bob Hinden IETF 63 Paris 3 August 2005 The

Tradeoffs between Anonymity and Identifiability Bob Hinden IETF 63 Paris 3 August 2005 The Problem Its good to protect disclosure of the user identify and location Its bad to protect identity and location of hackers, BOTs,

245 views • 6 slides
Anonymization Algorithms - Other techniques, metrics, and extended scenarios Li Xiong CS573

Anonymization Algorithms - Other techniques, metrics, and extended scenarios Li Xiong CS573

Anonymization Algorithms - Other techniques, metrics, and extended scenarios Li Xiong CS573 Data Privacy and Anonymity So far k-anonymity (protect identity disclosure) Anonymization algorithms Generalization and suppression

549 views • 34 slides
11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity

11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity

11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity Being on-line without giving up everything about you Ensuring collected data doesnt reveal its users data Privacy in Structured Data:

766 views • 49 slides
Anonymity in Cryptocurrencies Foteini Baldimtsi Bitcoin Anonymity? Satoshi Nakamoto, 2008

Anonymity in Cryptocurrencies Foteini Baldimtsi Bitcoin Anonymity? Satoshi Nakamoto, 2008

Anonymity in Cryptocurrencies Foteini Baldimtsi Bitcoin Anonymity? Satoshi Nakamoto, 2008 Bitcoin is only pseudonymous Public Key Address 133GT5661q8RuSKrrv8q2Pb4RwS 146KL5461d8KuSPxvv8q2Nd6K2q Posted on the ... Blockchain Alice

821 views • 40 slides
Slicing the licing the Onion: Onion: Anonymity Without PKI Anonymity Without PKI Sachin Katti

Slicing the licing the Onion: Onion: Anonymity Without PKI Anonymity Without PKI Sachin Katti

Slicing the licing the Onion: Onion: Anonymity Without PKI Anonymity Without PKI Sachin Katti Dina Katabi & Katya Puchala State of the art: Onio Onion Rout n Routing over P2P ing over P2P n Routing over P2P ing over P2P Bob Onion

705 views • 43 slides
Applications for Measurement: Improving Anonymity Online Rishab Nithyanand | Rachee Singh |

Applications for Measurement: Improving Anonymity Online Rishab Nithyanand | Rachee Singh |

Applications for Measurement: Improving Anonymity Online Rishab Nithyanand | Rachee Singh | Shinyoung Cho | Phillipa Gill Stony Brook University 1 Anonymity on the Internet Tor Network 2 Anonymity on the Internet Does not know the source

261 views • 15 slides
Identity Theft Identity Theft Identity theft occurs when your personal information is stolen

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen and used without your knowledge to commit fraud or other crimes Identity theft can cost you time and money. Tips for Preventing Identity Theft

322 views • 10 slides
Building High Power Rockets Why Bother? This is cool but this is cooler *Hand launches no

Building High Power Rockets Why Bother? This is cool but this is cooler *Hand launches no

Building High Power Rockets Why Bother? This is cool but this is cooler *Hand launches no longer required for high power certifications. What youll need Hardware Tools Nosecone & parachute Exacto knife Mailing tubes

194 views • 16 slides
From Lisp to Clojure/Incanter and R An Introduction Shane M. Conway January 7, 2010 Back to

From Lisp to Clojure/Incanter and R An Introduction Shane M. Conway January 7, 2010 Back to

From Lisp to Clojure/Incanter and R An Introduction Shane M. Conway January 7, 2010 Back to the Future The goal of this presentation is to draw some rough comparisons between Incanter and R. There has been a not insubstantial

509 views • 23 slides
Finding the best number of topics Pavel Oleinikov Associate Director Quantitative Analysis

Finding the best number of topics Pavel Oleinikov Associate Director Quantitative Analysis

DataCamp Topic Modeling in R TOPIC MODELING IN R Finding the best number of topics Pavel Oleinikov Associate Director Quantitative Analysis Center Wesleyan University DataCamp Topic Modeling in R Approaches Topic coherence - examine the

431 views • 28 slides
Cultural Competency in the Undergraduate Classroom:

Cultural Competency in the Undergraduate Classroom:

Cultural Competency in the Undergraduate Classroom: Cross-Disciplinary Tools, Insights, and Strategies to Promote Student Success Kimberly D. Tanner, Ph.D.

315 views • 19 slides
Rail Systems Rail Track Ballast Rail Track Ballast Group 7 Mr.Teeraphob Ueacharoensab 5813023

Rail Systems Rail Track Ballast Rail Track Ballast Group 7 Mr.Teeraphob Ueacharoensab 5813023

Rail Systems Rail Track Ballast Rail Track Ballast Group 7 Mr.Teeraphob Ueacharoensab 5813023 ME4 Mr.Pongsapak Lawapiledchaikul 5813034 ME4 Mr.Kotchanut Jaroenjit 5813206 ME4 What is Rail Track Ballast? Railway Track Component of Railway

227 views • 21 slides
Packet mark in a Cloud Native world Joe Stringer Cilium.io Introduction August 24, 2020 Packet

Packet mark in a Cloud Native world Joe Stringer Cilium.io Introduction August 24, 2020 Packet

Packet mark in a Cloud Native world Joe Stringer Cilium.io Introduction August 24, 2020 Packet mark in a Cloud Native world 2 / 25 Introduction Overview 1 Background 2 Use cases 3 Observations & Challenges August 24, 2020 Packet mark

917 views • 27 slides
CS 147: Computer Systems Performance Analysis Examples Using a Distributed File System 1 / 37

CS 147: Computer Systems Performance Analysis Examples Using a Distributed File System 1 / 37

CS147 2015-06-15 CS 147: Computer Systems Performance Analysis Examples Using a Distributed File System CS 147: Computer Systems Performance Analysis Examples Using a Distributed File System 1 / 37 Velilinds Laws of Experimentation

534 views • 37 slides
Renewal Application Training for Part I FY2019 Continuum of Care Competition June 13, 2019

Renewal Application Training for Part I FY2019 Continuum of Care Competition June 13, 2019

Renewal Application Training for Part I FY2019 Continuum of Care Competition June 13, 2019 Agenda 1. Debrief from FY2018 Competition 2. New System Structure Overview: Salt Lake Valley Coalition to End Homelessness 3. Point in Time Count

903 views • 71 slides

More recommend