this space is intentionally left blank
play

[this space is intentionally left blank] Janne Lindqvist and the - PowerPoint PPT Presentation

Aug 11, 2023 •159 likes •425 views

[this space is intentionally left blank] Janne Lindqvist and the MobilityFirst team WINLAB, Rutgers University WINLAB Research Review Spring 2012 May 14, 2012 Outline Nudging developers to make better privacy decisions with clean-slate

  1. [this space is intentionally left blank] Janne Lindqvist and the MobilityFirst team WINLAB, Rutgers University WINLAB Research Review Spring 2012 May 14, 2012

  6. Outline • Nudging developers to make better privacy decisions with clean-slate API design – (work-in-progress) • Security & privacy design and analysis for MobilityFirst

  7. Human-Centric Research Agenda My agenda: Applying soft paternalistic nudges to hum an behavior with computer systems

  8. Privacy-Preserving API design (w/ M. Gruteser) • Insight : today developers have options – take all, – or nothing • Evidence : some developers are trying to follow least privilege • 1. Question : Can we design a privacy- preserving clean-slate API?

  9. • 1. Question : Can we design a privacy-preserving clean-slate API? – Yeah, probably • What w e should be asking : Can we nudge developers to make better user privacy decisions with novel API designs?

  10. Evaluation: Lo-fi programming

  11. Expected Results • Our preliminary studies show promise for the approach • Contributions: – Focus on developers – Novel way to evaluate APIs – New low-cost framework to evaluate the usability of APIs? • Poor API design can cost $$$$$$$$$$$$$

  12. Outline • Nudging developers to make better privacy decisions with clean-slate API design – (work-in-progress) • Security & privacy design and analysis for MobilityFirst

  13. Security and Privacy in MF (w/ W. Trappe, M. Gruteser) • In MobilityFirst, we are looking at security and privacy together because they really cannot be separated from each other – Introducing a security mechanism can have implications for user privacy – Introducing a user privacy mechanism can have implications to security • For example, without rigorous design, using public keys as identifiers in protocols can potentially identify users better than e.g. IP addresses today

  14. Privacy & Security Stakeholders • Users • Operators • Network Providers • Third-Party Service Providers • Governments • Intelligence Agencies • Law Enforcement • … • Several approaches to privacy, in this presentation focus – on user privacy, and – on possible technical solutions

  15. Attacks Against User Privacy • Who you are? – Have I seen you before? • Who do you talk to? – Did you talk to them before? • What are you talking about? • What is your location? – Have you been here before? • Note that these questions are connected – knowing places you go can tell who you are – e.g. home/ work pairs have been shown highly likely to be unique

  16. Destination Server Attacker’s Location? Access Point User

  17. Attacks Today: IP Packets • can observe – Source and Destination IP addresses in all attack locations – Resolve and observe names • You can change your source address, but research has shown that the set of your Destination IP addresses are highly likely to be unique WINLAB Amazon Some blog NSF

  18. Attacks Today: IP Packets • can observe – Source and Destination IP addresses in all attack locations – Resolve or observe names of destination • might be interested in who is accessing particular server Sees what is the source address Some blog

  19. Today: Solution Tor overlay

  20. MobilityFirst: GUID and NA • can observe – Source and Destination GUID in all attack locations • You can change your source address, but research has shown that the set of your Destination IPs are highly likely to be unique, same principle applies to GUIDs GUID B GUID C GUID D GUID E GUID A

  21. MobilityFirst: GUID, NA at destination • can observe – Source and Destination GUIDs in all attack locations – Resolve or observe names of destination • might be interested in who is accessing particular server Sees the source GUID, return packet “source” NA ??????????? Some blog

  22. MobilityFirst Solution: Disposable Identifiers • Disposable identifiers have been proposed several times [e.g. Gruteser’03, Lindqvist’05, Lindqvist’08] • Today, even your disposable identifier is still often tied to your geographic location. – Thus, can discover where the packets are coming from • In MobilityFirst, disposable identifiers do not have geographic or semantic mapping – (Unless we add these)

  23. Security & Privacy for MF packets • Off the record messaging on the network layer – Authentication – Encryption – Deniability – Perfect forward secrecy • We can build non-repudation and e-commerce applications on top of off-the-record network layer – The other way round does not work without additional complexity (e.g. overlays)

  24. Summary • Nudging developers to make better decisions for user privacy • Security and privacy design and analysis for MobilityFirst – In MobilityFirst, we are looking at security and privacy together because they really cannot be separated from each other – Presented baseline privacy protections offered by MobilityFirst

  25. janne@winlab.rutgers.edu Thank you

  26. Backup Slides Ongoing work: • Analysis on impact of disposable identifiers in MF – Today, routing scales because you can request only as many disposable identifiers (IP address) as have been provisioned to the network – In MF, you could have arbitrary number of disposable identifiers • Reachability vs. Privacy • Privacy by Default, what is the right level of privacy the network should provide?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Left blank intentionally https://www.youtube.com/watch?v= QQGHNr5fEeU DO NOT for the next

Left blank intentionally https://www.youtube.com/watch?v= QQGHNr5fEeU DO NOT for the next

Left blank intentionally https://www.youtube.com/watch?v= QQGHNr5fEeU DO NOT for the next 40 TO 50 Minutes.Please & Thank you ACCOUNTS PAYABLE PRESENTATION 2019 By Luz Maria Rodriguez, MHA, RTSBA Accounts Payable Staff The

464 views • 22 slides
Morgan Sindall Group plc Half Year Results 2010 Page left intentionally blank 2 H1 2010

Morgan Sindall Group plc Half Year Results 2010 Page left intentionally blank 2 H1 2010

Morgan Sindall Group plc Half Year Results 2010 Page left intentionally blank 2 H1 2010 Overview Good performance in challenging market conditions underpinned by broad spread of activities Public sector spending cuts in the Emergency

634 views • 41 slides
Half Year Results 2009 2 Page left intentionally blank Overview Highlights Continued

Half Year Results 2009 2 Page left intentionally blank Overview Highlights Continued

Half Year Results 2009 2 Page left intentionally blank Overview Highlights Continued progress with strategy of developing market leading positions in our chosen sectors Half year results in line with expectations with profit before tax and

1.02k views • 44 slides
Investor Presentation June 2016 This page intentionally left blank Forward-looking Statements

Investor Presentation June 2016 This page intentionally left blank Forward-looking Statements

Investor Presentation June 2016 This page intentionally left blank Forward-looking Statements and Non-GAAP Information This presentation may include projections and other forward -looking statements within the meaning of the Private

526 views • 29 slides
2018 Results Erik Engstrom, CEO Nick Luff, CFO This slide is intentionally left blank 2 1

2018 Results Erik Engstrom, CEO Nick Luff, CFO This slide is intentionally left blank 2 1

2018 Results Erik Engstrom, CEO Nick Luff, CFO This slide is intentionally left blank 2 1 DISCLAIMER REGARDING FORWARD-LOOKING STATEMENTS This presentation contains forward-looking statements within the meaning of Section 27A of the US

414 views • 25 slides
Story August 2019 OMV Petrom S.A. This page is left blank intentionally | OMV Petrom Capital

Story August 2019 OMV Petrom S.A. This page is left blank intentionally | OMV Petrom Capital

Capital Market Story August 2019 OMV Petrom S.A. This page is left blank intentionally | OMV Petrom Capital Market Story August 2019 2 Legal Disclaimer This presentation does not, and is not intended to, constitute or form This

1.76k views • 66 slides
Or Routing is as Insecure as the Rest of the Flippin Internet, but its Scarier Steven M

Or Routing is as Insecure as the Rest of the Flippin Internet, but its Scarier Steven M

This Space Intentionally Left Blank to Hold Space Just in Case Routing Security Appears Or Routing is as Insecure as the Rest of the Flippin Internet, but its Scarier Steven M Bellovin <smb@cs.columbia.edu> Randy Bush

478 views • 14 slides
Reed Elsevier Results 2014 Erik Engstrom, CEO Nick Luff, CFO This slide is intentionally left

Reed Elsevier Results 2014 Erik Engstrom, CEO Nick Luff, CFO This slide is intentionally left

Reed Elsevier Results 2014 Erik Engstrom, CEO Nick Luff, CFO This slide is intentionally left blank 2 1 FORWARD-LOOKING STATEMENTS This presentation contains forward-looking statements within the meaning of Section 27A of the US Securities

725 views • 35 slides
<this slide is intentionally blank> idealistic realistic state of the art state of the

<this slide is intentionally blank> idealistic realistic state of the art state of the

<this slide is intentionally blank> idealistic realistic state of the art state of the actual <nothing to see here> Its Complicated <nothing to see here> Being constructively critical #1. LANGUAGE MATTERS!

680 views • 66 slides
Page 35 Page 36 Page 37 Page 38 Page 39 This page is intentionally left blank

Page 35 Page 36 Page 37 Page 38 Page 39 This page is intentionally left blank

Page 35 Page 36 Page 37 Page 38 Page 39 This page is intentionally left blank

99 views • 6 slides
Y R A N I M I L E R P 25448 Seil Rd. Shorewood, IL 60404 815-744-1968

Y R A N I M I L E R P 25448 Seil Rd. Shorewood, IL 60404 815-744-1968

2017-2018 Annual Budget Y R A N I M I L E R P 25448 Seil Rd. Shorewood, IL 60404 815-744-1968 www.troytownship.com P a g e | 1 Click for Table of Contents Y R A N I M I This page intentionally left blank. L E R P P a g e

1.36k views • 64 slides
In Introduction to to In Independent Oil il & Gas plc lc Ju July ly 2014 2014 This

In Introduction to to In Independent Oil il & Gas plc lc Ju July ly 2014 2014 This

In Introduction to to In Independent Oil il & Gas plc lc Ju July ly 2014 2014 This page is intentionally left blank Di Disclaimer The information contained in this confidential document (Presentation) has been prepared by

207 views • 18 slides
ADMIN SI232 Set #11: Fun with Floating Point (Chapter 3) 1 2 (blank space) Exercise #1

ADMIN SI232 Set #11: Fun with Floating Point (Chapter 3) 1 2 (blank space) Exercise #1

ADMIN SI232 Set #11: Fun with Floating Point (Chapter 3) 1 2 (blank space) Exercise #1 Represent +7.25 10 in binary single precision 31 30 29 28 27 26 25 24 23 22 21 20 . . . 9 8 7 6 5 4 3 2 1 0 3 (blank space)

377 views • 6 slides
Ouray Silver Mines Revenue-Virginius Mine August 2018 Page intentionally blank. PAGE 2

Ouray Silver Mines Revenue-Virginius Mine August 2018 Page intentionally blank. PAGE 2

Ouray Silver Mines Revenue-Virginius Mine August 2018 Page intentionally blank. PAGE 2 Cautionary Statements FORWARD LOOKING STATEMENTS: This presentation contains forward looking statements within the meaning of securities legislation in

766 views • 50 slides
Ouray Silver Mines Revenue-Virginius Mine July 2018 Page intentionally blank. PAGE 2

Ouray Silver Mines Revenue-Virginius Mine July 2018 Page intentionally blank. PAGE 2

Ouray Silver Mines Revenue-Virginius Mine July 2018 Page intentionally blank. PAGE 2 Cautionary Statements FORWARD LOOKING STATEMENTS: This presentation contains forward looking statements within the meaning of securities legislation in the

548 views • 50 slides
Financial Highlights July 28, 2020 Ricoh Leasing Company, Ltd. Intentionally blank Table of

Financial Highlights July 28, 2020 Ricoh Leasing Company, Ltd. Intentionally blank Table of

First Quarter of Fiscal Year Ending March 2021 (FY2020) Financial Highlights July 28, 2020 Ricoh Leasing Company, Ltd. Intentionally blank Table of Contents 1. Consolidated Results for the First Quarter of Fiscal Year Ending March 2021 2.

614 views • 25 slides
Rucio and the OSG Benedikt Riedel University of Chicago October 2017 Rucio Data

Rucio and the OSG Benedikt Riedel University of Chicago October 2017 Rucio Data

Rucio and the OSG Benedikt Riedel University of Chicago October 2017 Rucio Data management tool developed by ATLAS and used by AMS and Xenon1T Manages the location, upload, retrieval, and distribution of data (individual files,

423 views • 6 slides
DB ES Experiment Support DDM Dashboard 2.0 ATLAS SW&C Workshop April 2011 David Tuckett

DB ES Experiment Support DDM Dashboard 2.0 ATLAS SW&C Workshop April 2011 David Tuckett

DB ES Experiment Support DDM Dashboard 2.0 ATLAS SW&C Workshop April 2011 David Tuckett IT-ES-DNG CERN IT Department CH-1211 Geneva 23 Switzerland www.cern.ch/ i t ES Overview SW&C Dec 2010 Review DDM Dashboard 1.0

307 views • 16 slides
Tunnels and VPN * s s November 6, 2020 *virtual private networks *virtual private networks

Tunnels and VPN * s s November 6, 2020 *virtual private networks *virtual private networks

Tunnels and VPN * Tunnels and VPN * s s November 6, 2020 *virtual private networks *virtual private networks Administrative Administrative submittal instructions submittal instructions answer the lab assignments questions in

547 views • 36 slides
DRUPAL TO DRUPAL MIGRATIONS, DECONSTRUCTED DrupalCamp Chattanooga June 16, 2018 About Promet

DRUPAL TO DRUPAL MIGRATIONS, DECONSTRUCTED DrupalCamp Chattanooga June 16, 2018 About Promet

DRUPAL TO DRUPAL MIGRATIONS, DECONSTRUCTED DrupalCamp Chattanooga June 16, 2018 About Promet Source Founded in 2003, Promet Source Promet realigned its core services With headquarters in Chicago and is a web design and development and

881 views • 29 slides
Stuart Evers, UK Community Manager Key UK customers How NetGalley Works Allows publishers

Stuart Evers, UK Community Manager Key UK customers How NetGalley Works Allows publishers

Stuart Evers, UK Community Manager Key UK customers How NetGalley Works Allows publishers to securely and safely promote their titles to individuals who influence buying decisions. Reviewers, journalists, librarians, booksellers,

463 views • 12 slides
Tough Arches, Tough Access, and Alternate Access Sasko Kedev University Clinic of Cardiology-

Tough Arches, Tough Access, and Alternate Access Sasko Kedev University Clinic of Cardiology-

Carotid Stenting Technique: Tough Arches, Tough Access, and Alternate Access Sasko Kedev University Clinic of Cardiology- Skopje Macedonia Disclosure Statement of Financial Interest Within the past 12 months, I or my spouse/partner have had a

1.1k views • 80 slides
ALMA - GC-assisted JVM Live Migration for Java Server Applications Rodrigo Bruno, Paulo Ferreira

ALMA - GC-assisted JVM Live Migration for Java Server Applications Rodrigo Bruno, Paulo Ferreira

ALMA - GC-assisted JVM Live Migration for Java Server Applications Rodrigo Bruno, Paulo Ferreira {rodrigo.bruno,paulo.ferreira}@inesc-id.pt INESC-ID - Instituto Superior Tcnico, ULisboa Middleware16@Trento JVM Live Migration (real

526 views • 35 slides
MIGRATION BEST PRACTICES STEPHANIE BRIDGES DRUPAL DEVELOPER ACQUIA, INC.

MIGRATION BEST PRACTICES STEPHANIE BRIDGES DRUPAL DEVELOPER ACQUIA, INC.

DRUPAL CAMP PA 2017 MIGRATION BEST PRACTICES STEPHANIE BRIDGES DRUPAL DEVELOPER ACQUIA, INC. steph.bridges@acquia.com WHAT IS MIGRATION? Migration is the process of importing content from an external source. AUTOMATED MIGRATION METHODOLOGY

529 views • 35 slides

More recommend