the odyssey challenges to model privacy threats in a
play

The Odyssey: challenges to model privacy threats in a brave new - PowerPoint PPT Presentation

Dec 15, 2023 •27 likes •147 views

The Odyssey: challenges to model privacy threats in a brave new world Rafa Glvez and Seda Grses Motivation imec - ESAT/COSIC, KU Leuven Threat Modeling 1. Characterize the system 2. Identify the threats 3. Threat and Risk analysis

  1. The Odyssey: challenges to model privacy threats in a brave new world Rafa Gálvez and Seda Gürses

  2. Motivation imec - ESAT/COSIC, KU Leuven

  3. Threat Modeling 1. Characterize the system 2. Identify the threats 3. Threat and Risk analysis 4. Validate imec - ESAT/COSIC, KU Leuven

  4. Privacy goals • Confidentiality • Control • Practice imec - ESAT/COSIC, KU Leuven

  5. From waterfall to agile Waterfall Agile imec - ESAT/COSIC, KU Leuven

  6. From monoliths to services imec - ESAT/COSIC, KU Leuven

  7. Modeling threats today imec - ESAT/COSIC, KU Leuven

  8. Traditional TM assumptions imec - ESAT/COSIC, KU Leuven

  9. New reality • Frequent delivery • Working software • New requirements • Face to face meetings • Independent development • Independent deployment • Outsourced functionality to third party services imec - ESAT/COSIC, KU Leuven

  10. TM becomes challenging 1. Characterize the system • Keep the model up to date • Reflect implementation details 2. Identify the threats • Threats can emerge, change of vanish • Deriving threats is slow 3. Threat and Risk analysis • Compositionality of services 4. Validate • Lack of information to automate testing imec - ESAT/COSIC, KU Leuven

  11. Opportunities Agile provides grounds for • Solid and iterative progress • Effective analysis of complex problems Services enable • Verbose documentation • Parallelization imec - ESAT/COSIC, KU Leuven

  12. Conclusions and open problems • Threat Modeling can help to comply with GDPR • Software landscape has changed, traditional TM is challenging • TM methodologies need to take advantage of the new opportunities • Can we automate privacy threat modeling • Can we do Privacy as a service ? imec - ESAT/COSIC, KU Leuven

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Threats to Data: Legal Compliance Challenges at the Intersection of Privacy and Security William

Threats to Data: Legal Compliance Challenges at the Intersection of Privacy and Security William

Threats to Data: Legal Compliance Challenges at the Intersection of Privacy and Security William Denny Secure Delaware Workshop September 24, 2019 Common Cyber Incidents Espionage & surveillance Business email compromise

609 views • 27 slides
Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from

Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from

Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from powerful threats 2 3 Powerful Threats to User Privacy Organized Crime Nation-State Actors 4 Powerful Threats to User Privacy Gather

1.56k views • 104 slides
Social Threats and the New Challenges for Requirements Engineering Fabiano Dalpiaz University

Social Threats and the New Challenges for Requirements Engineering Fabiano Dalpiaz University

Social Threats and the New Challenges for Requirements Engineering Fabiano Dalpiaz University of Trento, Italy RESC workshop August 29th, 2011 Outline Social computing: a viewpoint The new wave of social threats New challenges

348 views • 17 slides
EU Art.29 Data Protection Users care about privacy Working Party From: Special Eurobarometer

EU Art.29 Data Protection Users care about privacy Working Party From: Special Eurobarometer

28/05/15 Outline Data privacy and the evolving regulation Privacy threats from LBS to geoSN EveryWare Lab Main (location) privacy protection techniques Data Management for Mobile Protecting geo-tagged resource publication

411 views • 7 slides
Privacy and Quaero's Quest for the Perfect Search Engine: Threats and Opportunities Michael

Privacy and Quaero's Quest for the Perfect Search Engine: Threats and Opportunities Michael

Privacy and Quaero's Quest for the Perfect Search Engine: Threats and Opportunities Michael Zimmer, PhD Fellow, Information Society Project Yale Law School Privacy and Quaero's Quest for the Perfect Search Engine: Threats and Opportunities

643 views • 27 slides
S/ Y I RI S Builder: JEANNEAU Model: Sun Odyssey 44i (2009-10) GENERAL CHARECTERI STI CS LOA:

S/ Y I RI S Builder: JEANNEAU Model: Sun Odyssey 44i (2009-10) GENERAL CHARECTERI STI CS LOA:

S/ Y I RI S Builder: JEANNEAU Model: Sun Odyssey 44i (2009-10) GENERAL CHARECTERI STI CS LOA: 13,75 m BOA: 4,37 m Draft: 2,06 m Engine : YANMAR 75 HP+ Bowthruster Sails Area : 104 m2 Fuel Capacity : 240 L Water Capacity: 615 L NAVI GATI ON EQUI

523 views • 3 slides
Odyssey Charter School September 4, 2020 & Odyssey Preparatory Academy eLearning Update

Odyssey Charter School September 4, 2020 & Odyssey Preparatory Academy eLearning Update

Odyssey Charter School September 4, 2020 & Odyssey Preparatory Academy eLearning Update and Parent Orientation to Odyssey Charter, Inc. digital programs Were in this Together ! Be positive. Your mind is more powerful than you

722 views • 50 slides
Privacy & Information Security Tackling Trends & Threats December 12, 2014 Norma A.

Privacy & Information Security Tackling Trends & Threats December 12, 2014 Norma A.

Privacy & Information Security Tackling Trends & Threats December 12, 2014 Norma A. Chitvanni RHIT, CHPS nchitvan@bidmc.harvard.edu Agenda Omnibus Rule Pay Out of Pocket 2013 Mobile clinical equipment Email security

102 views • 8 slides
Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami ,

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami ,

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami , Panagiotis Ilia, Konstantinos Solomos, Jason Polakis University of Illinois at Chicago, USA skaram5@uic.edu February 24, 2020 Browser extensions

886 views • 30 slides
Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami ,

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami ,

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami , Panagiotis Ilia, Konstantinos Solomos, Jason Polakis University of Illinois at Chicago, USA skaram5@uic.edu February 24, 2020 Browser extensions

492 views • 28 slides
What is Odyssey of the Mind? Is Odyssey a good activity for my child? Creativity can be taught!

What is Odyssey of the Mind? Is Odyssey a good activity for my child? Creativity can be taught!

What is Odyssey of the Mind? Is Odyssey a good activity for my child? Creativity can be taught! By tapping into creativity, and through encouraging imaginative paths to problem-solving, students develop skills that will provide them

403 views • 23 slides
Odyssey Charter School and Odyssey Preparatory Academy Parent Orientation for Elementary

Odyssey Charter School and Odyssey Preparatory Academy Parent Orientation for Elementary

Odyssey Charter School and Odyssey Preparatory Academy Parent Orientation for Elementary Programs ~Ms. Wendi Nolder, Principal Please mute your microphone Please type any questions in the CHAT window to be answered at the end of

991 views • 61 slides
Welcome to Odyssey Join the Journey for the 2016-17 School Year! Odyssey Facts Accredited by

Welcome to Odyssey Join the Journey for the 2016-17 School Year! Odyssey Facts Accredited by

Welcome to Odyssey Join the Journey for the 2016-17 School Year! Odyssey Facts Accredited by SACS CASI, a division of AdvancEd All teachers are Certified or Highly Qualified Paraprofessional in all K-5 classes Open to any

499 views • 20 slides
Location Privacy in Practice Sonia Ben Mokhtar 26/06/2015 Thanks to Vincent Primault

Location Privacy in Practice Sonia Ben Mokhtar 26/06/2015 Thanks to Vincent Primault

Location Privacy in Practice Sonia Ben Mokhtar 26/06/2015 Thanks to Vincent Primault Outline 1. Context 2. Location-based services 3. Threats 4. Challenges 5. Anonymization techniques 6. Sum up 2 Who am I? CNRS researcher,

982 views • 59 slides
PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches

PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches

Marc Langheinrich: Privacy in Ubiquitous Computing 5/29/2010 Todays Menu PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches COMPUTING Definitions Challenges 1. History and legal aspects 1.

264 views • 13 slides
DPIA Schedule is online Opposition: 2 x 10 minutes MEREL KONING MARCH 1 2018 PRIVACY SEMINAR

DPIA Schedule is online Opposition: 2 x 10 minutes MEREL KONING MARCH 1 2018 PRIVACY SEMINAR

01/03/18 LECTURES AND TOPICS DPIA Schedule is online Opposition: 2 x 10 minutes MEREL KONING MARCH 1 2018 PRIVACY SEMINAR RISK-BASED APPROACH VS SOLOVES PRIVACY HARM-BASED APPROACH THREATS E.g. Threats to information Information

344 views • 7 slides
QUIC A New Internet Transport Presenter: Jana Iyengar QUIC and the IETF Nov 2013 Early design

QUIC A New Internet Transport Presenter: Jana Iyengar QUIC and the IETF Nov 2013 Early design

QUIC A New Internet Transport Presenter: Jana Iyengar QUIC and the IETF Nov 2013 Early design and experience (TSVAREA) Mar 2015 QUIC handshake (SAAG) Mar 2015 onwards Replacing QUIC's handshake with TLS1.3 July 2015 BarBoF, experimental

556 views • 24 slides
NMS - Exploring NAV/OpenNMS/Monolith/Nagios NORDUnet Jonas Hagstrm Outline Background

NMS - Exploring NAV/OpenNMS/Monolith/Nagios NORDUnet Jonas Hagstrm Outline Background

TF-NOC 2014-10-22 Madrid NMS - Exploring NAV/OpenNMS/Monolith/Nagios NORDUnet Jonas Hagstrm Outline Background Requirements Evaluation NAV openNMS Nagios Monolith Conclusion Way forward Background Several NMS Systems

329 views • 16 slides
Migrating to Microservice Databases: From Relational Monolith to Distributed Data Edson Yanaga

Migrating to Microservice Databases: From Relational Monolith to Distributed Data Edson Yanaga

Migrating to Microservice Databases: From Relational Monolith to Distributed Data Edson Yanaga Director of Developer Experience @yanaga Java Champion Microsoft MVP Join developers.redhat.com 2 http://developers.redhat.com/promotions/

905 views • 62 slides
Breaking the Monolith Microservice Extraction at SoundCloud Soundcloud 11 hours uploaded

Breaking the Monolith Microservice Extraction at SoundCloud Soundcloud 11 hours uploaded

Breaking the Monolith Microservice Extraction at SoundCloud Soundcloud 11 hours uploaded every minute 150 million tracks 300 million users 2 History Rails 2.3 MySQL S3 3 What happened then? 4 Success! 5

714 views • 56 slides
Microservices Security Fundamentals MICROSERVICES SECURITY CHALLENGES Wojciech Lesniak PRINCIPAL

Microservices Security Fundamentals MICROSERVICES SECURITY CHALLENGES Wojciech Lesniak PRINCIPAL

Microservices Security Fundamentals MICROSERVICES SECURITY CHALLENGES Wojciech Lesniak PRINCIPAL DEVELOPER / TECH LEAD @voit3k Microservices International Data Corporation (IDC) predicts that by: 2019 Q1 Microservices International Data

641 views • 39 slides
Enterprise Microservice Platform and Operation

Enterprise Microservice Platform and Operation

Enterprise Microservice Platform and Operation Experience Sharing Ivan Hsieh P .1 Agenda Microservice Architecture How to break a Monolith into Microservices

519 views • 36 slides
KPQC Center Initiatives-Current 111 KPQC Center Initiatives ALLEN COUNTY REGIONAL HOSPITAL :

KPQC Center Initiatives-Current 111 KPQC Center Initiatives ALLEN COUNTY REGIONAL HOSPITAL :

KPQC Center Initiatives-Current 111 KPQC Center Initiatives ALLEN COUNTY REGIONAL HOSPITAL : VON Universal NAS Education. NAS policies in place from previous efforts, cognizant for updates and revisions as needed. CITIZENS MEDICAL

394 views • 5 slides
Dahl Memorial Healthcare Association, Inc., Ekalaka, MT Community Health Services Development

Dahl Memorial Healthcare Association, Inc., Ekalaka, MT Community Health Services Development

Dahl Memorial Healthcare Association, Inc., Ekalaka, MT Community Health Services Development Survey & Implementation Planning July 2011 & September 2012 1 2 3 DMHA Mission Carter County, Montana Ekalaka County Seat 2009

341 views • 17 slides

More recommend