personal security and privacy in personal security and
play

Personal Security and Privacy in Personal Security and Privacy in - PowerPoint PPT Presentation

Sep 24, 2023 •345 likes •749 views

Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc Langheinrich Institute for Pervasive Computing Institute for Pervasive Computing ETH Zurich, Switzerland Approaches to Security & Privacy in

  1. Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc Langheinrich Institute for Pervasive Computing Institute for Pervasive Computing ETH Zurich, Switzerland

  2. Approaches to Security & Privacy in Ubicomp Disappearing Computer Troubadour Project (10/02 - 05/03) Disappearing Computer Troubadour Project (10/02 05/03) � Promote Absence of Protection as User Empowerment Promote Absence of Protection as User Empowerment � „ It's maybe about letting them find their own ways of cheating ” � Make it Someone Elses Problem � „For [my colleague] it is more appropriate to think about [security and privacy] issues. It’s not really the case in my case ” � Insist that “Good Security” will Fix It � „All you need is really good firewalls “ � Conclude it is Incompatible with Ubiquitous Computing C l d it i I tibl ith Ubi it C ti � „I think you can't think of privacy... it's impossible , because if I do it, I have troubles with finding [a] Ubicomp future” I have troubles with finding [a] Ubicomp future 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 2

  3. Today‘s Topics � What is Privacy and Why Should We Want It? � What is Privacy and Why Should We Want It? � How do Future Smart Environments Challenge � H d F t S t E i t Ch ll Existing Solutions? � How Less Security Can (Sometimes) Increase y Privacy 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 3

  4. The Vision of Ubiquitous Computing „The most profound technologies are those that disappear . They weave themselves into the fabric of everyday lif life until they are indistinguishable til th i di ti i h bl from it.“ Mark Weiser (1952 – 1999), XEROX PARC � Basic Motivation of Ubiquitous Computing � The computer as a tool for the everyday � Things are aware of each other and the environment � Integrating computers with intuitive user interfaces 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 4

  5. Energy-Efficient Heating � Sensors Inside and Outside Sensors Inside and Outside � Takes Weather Forecast into Account � „Conspires“ with Car of Owner & E-Agenda to know Time of Arrival know Time of Arrival 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 5

  6. Instead of „World inside the Computer“... Not Not like this! World inside Computer would be Virtual Reality 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 6

  7. „Computer in the World“ ! 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 7

  8. Is Technology a Good Predictor? � Past Predictions � Past Predictions… 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 8

  9. Societal Trends (Ubicomp Drivers) � Higher Efficiency Higher Efficiency � Lean production (Overproduction, Out-of-Stock) � Targeted Sales (1-1 Marketing) Targeted Sales (1 1 Marketing) � More Convenience � Finding your way (e g travel assistants) Finding your way (e.g., travel assistants) � Lower TCO (“total cost of ownership”) w/ pay-per-use � Increased Safety Increased Safety � Homeland security (terrorism, drug trafficking, etc.) � Road safety & health (e.g., black box for cars) y & ( g , ) 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 9

  10. So what does this mean for personal privacy? So what does this mean for personal privacy? 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 10

  11. What is Privacy? � „The right to be let alone. � The right to be let alone “ � Louis Brandeis, 1890 (Harvard Law Review) � „The desire of people to choose freely Louis D. Brandeis, 1856 1941 Louis D Brandeis 1856 - 1941 h d i f l t h f l under what circumstances and to what extent they will expose themselves, t t th ill th l their attitude and their behavior to others.“ th “ � Alan Westin („Privacy And Freedom“, 1967) Alan Westin Prof Emeritus Columbia University Prof. Emeritus, Columbia University 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 11

  12. Why Privacy? � Reasons for Privacy � Reasons for Privacy � Free from Nuisance � Intimacy Intimacy � Free to Decide for Oneself � By Another Name... B A th N � Data Protection � Informational Self-Determination Privacy isn‘t just about keeping secrets – y j p g data exchange and transparency are key issues! 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 12

  13. “But I’ve Got Nothing to Hide!” Do you? � Arson Near Youth House Niederwangen � Arson Near Youth House Niederwangen � At scene of crime: Migros-tools � Court ordered disclosure of all 133 Court ordered disclosure of all 133 consumers who bought items on their supermarket loyalty card (8/2004) their supermarket loyalty card (8/2004) � (Arsonist not yet found) � “Give me six lines written by the most Give me six lines written by the most honorable of men, and I will find an excuse in them to hang him” excuse in them to hang him Armand Jean du Plessis, 1585-1642 d d l 8 6 (a.k.a. Cardinal de Richelieu) 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 13

  14. Ubicomp Privacy Implications � Data Collection � Data Collection � Scale (everywhere, anytime) � Manner (inconspicuous, invisible) Manner (inconspicuous invisible) � Motivation (context!) � Data Types D t T � Observational instead of factual data � Data Access � “The Internet of Things” 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 14

  15. How do we achieve privacy? How do we achieve privacy? 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 15

  16. Privacy – Not Just a Recent Fad � Justices Of The Peace Act (England 1361) Justices Of The Peace Act (England, 1361) � Sentences for Eavesdropping and Peeping Toms � � „The poorest man may in his cottage bid defiance to all The poorest man may in his cottage bid defiance to all the force of the crown. It may be frail; its roof may shake; … – but the king of England cannot enter; all his forces … but the king of England cannot enter; all his forces dare not cross the threshold of the ruined tenement“ � William Pitt the Elder (1708-1778) ( 7 77 ) � First Data Protection Law in the World in Hesse 1970 � 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 16

  17. The Fair Information Principles (FIP) � Drawn up by the OECD 1980 Drawn up by the OECD, 1980 � “Organisation for economic cooperation and development” � Voluntary guidelines for member states y g � Goal: ease transborder flow of goods (and information!) � Five Principles (simplified) Openness Collection Limitation 1. 4. Data access and control Data subject’s consent 2. 5. Data security 3. � Core principles of most modern privacy laws � Implication: Technical solutions must support FIP 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 17

  18. 1. Challenge: Openness � No Hidden Data Collection! No Hidden Data Collection! � Legal requirement in many countries � Established Means: Privacy Policies Established Means: Privacy Policies � Who, what, why, how long, etc. ... � How to Publish Policies in Smart Environments? How to Publish Policies in Smart Environments? � Is a poster enough? A paragraph of fine print? � Too Many Transactions? � Too Many Transactions? � Countless announcements an annoyance 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 18

  19. 2. Challenge: Access & Control � Identifiable Data Must be Accessible � Identifiable Data Must be Accessible � Users can review, change, sometimes delete � C ll � Collectors Must be Accountable t M t b A t bl � Privacy-aware storage technology � When Does Sensor Data Become Identifiable? � Even anonymized data can identify people (AOL case) � Who to Ask? How to Verify? How to Display? � Who was reading me when? Is this really my trace? g y y 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 19

  20. 3. Challenge: Data Security � Traditional Approach: Centralistic Authentication Traditional Approach: Centralistic Authentication � Powerful centralized system with known user list � Plan for worst case scenario (powerful attacker) � Numerous, Spontaneous Interactions � How do I know who I communicate with, who to trust? � How much extra time does “being secure” take? h d “b ” k ? � Complex Real-World Situations � Access to my medical data in case of emergency? Access to my medical data in case of emergency? � Context-Dependent Security? � Based on battery power data type location situation � Based on battery power, data type, location, situation 19.11.2007 Personal Security and Privacy in Ubiquitous Computing 20

  21. 4. Challenge: Data Minimization � Only collect as much information as needed � Only collect as much information as needed � No in-advance data collection for future uses � B � Best: use anonymous/pseudonymous data t / d d t � No consent, security, access needed � How much data is needed for becoming “smart”? � No useless data in smart environments (context!) � Sometimes one cannot hide! � Sensor data (biometrics) hard to anonymize ( ) y 19.11.2007 Personal Security and Privacy in Ubiquitous Computing Slide 21

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data Protecting Personal Data Privacy & Security Project HIPAA: What it is Health Insurance Portability and Accountability Act of 1996 Also known as

445 views • 26 slides
Compliance Workshop Privacy & Security Protecting Personal Information & SNAP Program

Compliance Workshop Privacy & Security Protecting Personal Information & SNAP Program

3/27/2015 Compliance Workshop Privacy & Security Protecting Personal Information & SNAP Program Considerations August 14, 2014 Presentation by: Jennifer L. Cox, J.D. Cox & Osowiecki, LLC Hartford, Connecticut 1 Todays Privacy &

475 views • 24 slides
Your Presentation You Where Youre From Date of Presentation What is privacy? What is

Your Presentation You Where Youre From Date of Presentation What is privacy? What is

Your Presentation You Where Youre From Date of Presentation What is privacy? What is personal data? What is sensitive personal data? Images and videos Short about Security Privacy VS Security Need a balance while benefiting from

367 views • 21 slides
Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned

Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned

Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned Did you know... 77 percent of all Americans feel their personal health information privacy is very important, and 84 percent said they

769 views • 50 slides
Information Security and Privacy Board Background and current status Use of Hashing Algorithms

Information Security and Privacy Board Background and current status Use of Hashing Algorithms

Information Security and Privacy Board Background and current status Use of Hashing Algorithms in the U.S. Federal Personal Identity Verification Program Biometrics Storage Format Selection for the U.S. Federal Personal Identity

258 views • 14 slides
WiFi security Joeri de Ruiter Agenda WiFi security WPA(2) Personal Enterprise

WiFi security Joeri de Ruiter Agenda WiFi security WPA(2) Personal Enterprise

Advanced Network Security WiFi security Joeri de Ruiter Agenda WiFi security WPA(2) Personal Enterprise WPA3 Key reinstallaton aaacas 2 WiFi IEEE 802.11 standard Some terminology: Staton (STA) is a

479 views • 46 slides
An Garda Sochna Holiday Security/Personal Safety Community Policing HOLIDAY SECURITY This

An Garda Sochna Holiday Security/Personal Safety Community Policing HOLIDAY SECURITY This

An Garda Sochna Holiday Security/Personal Safety Community Policing HOLIDAY SECURITY This presentation addresses three key areas relating to your holiday security as follows - Preparation plans and securing your property Safety when

397 views • 20 slides
PRIVACY BILL CHANGES: WHATS NEW? WHAT STAYS THE SAME? John Edwards Privacy Commissioner

PRIVACY BILL CHANGES: WHATS NEW? WHAT STAYS THE SAME? John Edwards Privacy Commissioner

PRIVACY BILL CHANGES: WHATS NEW? WHAT STAYS THE SAME? John Edwards Privacy Commissioner WHERE WE ARE PRIVACY ACT 1993 Principle 1 - 4: Collection of personal information Principle 5: Storage and security of personal information Principle

276 views • 13 slides
Personal Cyber Security Matters! Who are we? Multinational Company We are operating in

Personal Cyber Security Matters! Who are we? Multinational Company We are operating in

Personal Cyber Security Matters! Who are we? Multinational Company We are operating in Bangladesh, Turkey, USA, UK, Canada, Europe , Middle East and providing our services to over 54+ countries. Domain We mainly provide Cyber Security &

300 views • 18 slides
A personal perspective Ross Anderson Cambridge The birth of security economics Why

A personal perspective Ross Anderson Cambridge The birth of security economics Why

Security Economics A personal perspective Ross Anderson Cambridge The birth of security economics Why Information Security is Hard An Economic Perspective, ACSAC, Dec 2001 Now: a field with over 100 active researchers and one

245 views • 20 slides
Personal Internet Security Basics Dan Ficker Twin Cities DrupalCamp 2018 Overview Security

Personal Internet Security Basics Dan Ficker Twin Cities DrupalCamp 2018 Overview Security

Personal Internet Security Basics Dan Ficker Twin Cities DrupalCamp 2018 Overview Security is an aspiration, not a state. Encryption is your friend. Passwords are very important. Make a back-up plan. About Me

386 views • 35 slides
PROTECTION OF PERSONAL DATA IN SECURITY ALERT SHARING PLATFORMS Friday 1 st September, 2017

PROTECTION OF PERSONAL DATA IN SECURITY ALERT SHARING PLATFORMS Friday 1 st September, 2017

PROTECTION OF PERSONAL DATA IN SECURITY ALERT SHARING PLATFORMS Friday 1 st September, 2017 Martin Husk Vclav Stupka Martin Hork Introduction Collaborative Security Emerging trend in cyber security, popular among CSIRT/CERT teams,

335 views • 15 slides
CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security in Healthcare Li Xiong Healthcare security and privacy HIPAA overview Research survey on information security and privacy in healthcare

1.05k views • 57 slides
Personal Privacy in Ubiquitous Personal Privacy in Ubiquitous Computing Marc Langheinrich

Personal Privacy in Ubiquitous Personal Privacy in Ubiquitous Computing Marc Langheinrich

Personal Privacy in Ubiquitous Personal Privacy in Ubiquitous Computing Marc Langheinrich Institute for Pervasive Computing Institute for Pervasive Computing ETH Zurich, Switzerland Approaches to Ubicomp Privacy Disappearing Computer

794 views • 45 slides
Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

5/18/2016 Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B. Authentication 12C. Authorization Security and Privacy 12D. Trust 12E. At-Rest Encryption Mark Kampe (markk@cs.ucla.edu) Security and Privacy

116 views • 8 slides
End-to-End Security for Personal Telehealth Asim, M., Koster, P ., Petkovic, M. Healthcare

End-to-End Security for Personal Telehealth Asim, M., Koster, P ., Petkovic, M. Healthcare

End-to-End Security for Personal Telehealth Asim, M., Koster, P ., Petkovic, M. Healthcare Information Management, Philips Research Europe Outline Introduction to Continua Continua E2E architecture Security in Continua 2010

694 views • 12 slides
Privacy by Design? Marc Langheinrich University of Lugano (USI) Switzerland Projects

Privacy by Design? Marc Langheinrich University of Lugano (USI) Switzerland Projects

The Everyday Life of Surveillance (V): Architectures, Spaces, Territories Privacy by Design? Marc Langheinrich University of Lugano (USI) Switzerland Projects Ubiquitous Privacy Computing Gothenburg Lancaster Paris Zurich Patras

1.15k views • 92 slides
Click to edit Master title style Rights Issue for the Acquisition of Crowne Plaza Changi Airport

Click to edit Master title style Rights Issue for the Acquisition of Crowne Plaza Changi Airport

Click to edit Master title style Rights Issue for the Acquisition of Crowne Plaza Changi Airport Extension 7 March 2016 NEITHER THIS PRESENTATION NOR ANY COPY THEREOF MAY BE RELEASED, PUBLISHED OR DISTRIBUTED, DIRECTLY OR INDIRECTLY, IN OR INTO THE

633 views • 27 slides
6/22/17 Parent engagement: Information Acknowledgements Impact and Ideas

6/22/17 Parent engagement: Information Acknowledgements Impact and Ideas

6/22/17 Parent engagement: Information Acknowledgements Impact and Ideas Queensland.College.of.Teachers The.Alliance.of.Parents.and.Teachers.(APT) Grace.Kirby.PhD.candidate,.Matt.Sanders,.Julie.Hodges

442 views • 5 slides
Comparison Sorting II A comparison function (consistent and total) Effect: Reorganize the

Comparison Sorting II A comparison function (consistent and total) Effect: Reorganize the

2/28/2016 The comparison sorting problem Assume we have n comparable elements in an array and we want to rearrange them to be in increasing order Input: CSE373: Data Structures and Algorithms An array A of data records A key value in

458 views • 6 slides
Prime number races Greg Martin University of British Columbia PIMS Distinguished Speaker Series

Prime number races Greg Martin University of British Columbia PIMS Distinguished Speaker Series

Chebyshev, pretty pictures, and Dirichlet The prime number theorem Back to primes in arithmetic progressions Prime number races Greg Martin University of British Columbia PIMS Distinguished Speaker Series University of Lethbridge June 18,

1.59k views • 130 slides
EDAN20 Language Technology http://cs.lth.se/edan20/ Chapter 1: An Overview of Language

EDAN20 Language Technology http://cs.lth.se/edan20/ Chapter 1: An Overview of Language

Language Technology EDAN20 Language Technology http://cs.lth.se/edan20/ Chapter 1: An Overview of Language Processing Pierre Nugues Lund University Pierre.Nugues@cs.lth.se http://cs.lth.se/pierre_nugues/ August 28, 2017 Pierre Nugues

399 views • 20 slides
INF562, Lecture 3: Geometric and combinatorial properties of planar graphs mardi 22 janvier 2013

INF562, Lecture 3: Geometric and combinatorial properties of planar graphs mardi 22 janvier 2013

INF562, Lecture 3: Geometric and combinatorial properties of planar graphs mardi 22 janvier 2013 Luca Castelli Aleardi Intro Graph drawing: motivations and applications Graph drawing and data visualization Global transportation system Graph

965 views • 92 slides
Numerics for Hydromorphodynamics Processes Relaxation Solvers and Stochastic Aspects E. Audusse

Numerics for Hydromorphodynamics Processes Relaxation Solvers and Stochastic Aspects E. Audusse

Morphodynamics Relaxation solver Stochastic aspects Numerics for Hydromorphodynamics Processes Relaxation Solvers and Stochastic Aspects E. Audusse . LAGA, UMR 7569, Univ. Paris 13 ANGE group (CETMEF INRIA UPMC - CNRS) August 7,

700 views • 48 slides

More recommend