Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Privacy Enhancing Technologies

No description
by

ahmed ewess

on 30 December 2013

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Privacy Enhancing Technologies

Advanced Information Technology
FONTS
Definition of Privacy
Privacy is the desire of the people to choose freely under what circumstances "
zroof
" and -to what extend they will expose themselves and their behavior- to others".
privacy legislation "
tashree3 el 5sosya
"
privacy laws "qwaneen"
like European Union
privacy frameworks "etar ll 5sosya"
like U.S
Privacy types
media
or
behavioral
territorial

communication
personal
information privacy
Europe is trying to globalization the privacy legislation "
tashree3
" via many Directives "
tawgeehat
" ex:
1- Directive to protect general data.
2- Directive concerns telecommunications data.
3- Directive on privacy and electronic communications.
Privacy Policy
Privacy policy is a set of specifications that regulates the processing of personal data.
The
Wireless Location Industry Association
has adopted a standard privacy policy.
This policy gives the mobile users complete control on their personal information.
Privacy Seals
"
a5tam el 5sosya
"
Represent a way of checking a privacy policy consistency "
la tt3ard
" with the privacy protection laws.
ex: TRUSTe Organization gives seals to certify that this privacy policy is consist with the privacy laws.
The threats of using Internet:
1- The detection of personal identifying & sensitive information.

2- Sharing of user profile on different social media without the user consent"
okay
".

3- The possibility of tracing users.

4- The ubiquitous linkage between individual identities and their context.
Examples of privacy threats on the Internet
1 - Cookies
Cookie is a unique piece of text that your browser saves and sends back when you revisit the web site that saved the cookie on your hard disk.
Note:
The cookies contain information such as your "user name","password","online shopping cart" .... etc.
2- Web Bugs
Web bugs is a file that is placed on a web page or in an e-mail message to
monitor
the user behavior.

Web bugs are unlike cookie, which can be accepted or rejected by the browser user.
Note:
You can detect the web bug by look at the source version of the page to find a tag that loads from different web server that the rest of the page.
Web bugs can gather the following information about the user:
1- IP address of the computer.
2- The URL of the web bug.
3- The time the web bug was viewed.
4- The type of browser that accept the web bug.
5- Set cookie value.
3- Adware & Spyware
Any software that gathers user information without his or her knowledge, usually used for advertising purpose.
Note:
Spyware also can gather information about e-mail address, passwords and credit card numbers.
4- Radio Frequency Identifications (RFID)
RFID is a technology uses radio waves to automatically identify objects or people who have an RFID Number.
RFID Components
Tag
"is identification number"
scanner

"triggers the tag to broadcast its identification number"
4- Session Attacks
Also called credential/session predication, is a method of illegally obtaining data (called a session ID) about an authorized visitor to a web site.
The session ID is stored within a cookie or URL.
Session hijacking, also known as TCP session hijacking, is a method of taking over a web user session by surreptitiously obtaining the session ID and masquerading as the authorized user.
Chapter 2
Privacy Enhancing Technologies
Solutions are
Privacy Enhancing Technologies
1- Identity Relating Techniques
2- Data Structure Related Techniques
Anonymity
Pseudonymity
Anonymity can be achieved by
redirecting of the http requests at different and consecutive proxies together with encryption mechanisms so that the source address information become difficult to be trackd
.
Note:
There are some companies offering anonymous services such as http://www.anonymizer.com >> based on ( mix nets that allow anonymous communication ).

Another company >> Zero Knowledge.
Anonymity solutions
are ot commercially wide accepted because >>
1 - Complexity of implementation.
2 - Cost.
3 - Can't grantee full privacy.
means that Service providers can personalize their services and adapt to the users preferences, but at the same time users identities are kept confidential.
There are different data structure related techniques that can be implemented:
1- Reducing the amount of the sensed contextual information.
for example >> reducing the accuracy of the GPS latitude and longitude that transmitted to the service provider.

2- Data Randomization before submission and collecting it back at the target.
for example >> using
Hash Function
that generates new random values of the users attributes.

3- Database Randomly Partitioning into unlike encrypted partitions located on different sites that can't release data separately.

4- using metadata or privacy tagging that describes which operations are allowed on the user's data.
Full transcript