privacy by design
play

Privacy by Design? Marc Langheinrich University of Lugano (USI) - PowerPoint PPT Presentation

The Everyday Life of Surveillance (V): Architectures, Spaces, Territories Privacy by Design? Marc Langheinrich University of Lugano (USI) Switzerland Projects Ubiquitous Privacy Computing Gothenburg Lancaster Paris Zurich Patras


  1. The Everyday Life of Surveillance (V): Architectures, Spaces, Territories Privacy by Design? Marc Langheinrich University of Lugano (USI) Switzerland

  2. Projects

  3. Ubiquitous Privacy Computing

  4. Gothenburg Lancaster Paris Zurich Patras Sevilla

  5. Approaches to Ubicomp Privacy Disappearing Computer Troubadour Project (10/2002 - 05/2003) • Make it Someone Else’s Problem – “For [my colleague] it is more appropriate to think about [security and privacy] issues. It’s not really the case in my case“ • Absence of Protection as User Empowerment – “It’s maybe about letting them find their own ways of cheating“ • Insist that “ Good Security “ will Fix It – “All you need is really good firewalls “ 24 Marc Langheinrich: The DC-Privacy Troubadour – Assessing Privacy Implications of DC-Projects . Designing for Privacy Workshop. DC Tales Conference, Santorini, Greece, June 2003.

  6. Example 1: Make it someone elses problem NON PRIVACY BY NON DESIGN

  7. “Uses the highest level of encryption allowed by the U.S. government.”

  8. 2006

  9. 20 cards no encryption

  10. Cardholder‘s Name Card Number Expiration Date

  11. Pablos Holman O‘Reilly Conf. 2008

  12. “cards incorporate 128-bit encryption”

  13. Cardholder‘s Name Card Number Expiration Date

  14. *MacBook Air not included

  15. Flexilis Defcon 2008

  16. Non Privacy By Non Design

  17. Example 2: User Empowerment NON PRIVACY BY (BAD) DESIGN SECURITY

  18. P<D<<LANGHEINRICH<<MARC<<<<<<<<<<<<<<<<<<<<< 123456789 ? D<<710123 ? M070101 ? <<<<<<<<<<<<<<< ?

  19. Marc Langheinrich

  20. DD/MMM/1971

  21. P<D<<LANGHEINRICH<<MARC<<<<<<<<<<<<<<<<<<<<< 12345678? ? D<<710123 ? M0701?? ? <<<<<<<<<<<<<<< ?

  22. Protection from Forgery!!

  23. Digital Signature

  24. „ ...cloned and manipulated ... “

  25. ? Mustermann Christian 0000000000000 ? Proof of Genuine Passport

  26. Non Security By Bad Design

  27. Example 3: Good Firewalls PRIVACY BY DESIGN?

  28. Smart Fridge

  29. Smart Stove

  30. Receiptless Returns

  31. Fast Checkout

  32. Whig Model #2342 Tiger Thong Material: Polyester Maker: Woolworth Last washed: 5 days ago Original “RFID-Man” Artwork (c) 2006 Ari Juels, RSA Laboratories Viagra Maker: Pfizer Size: Maxi (60 pills)

  33. Working Hypothesis

  34. People don‘t want privacy tools

  35. People want to get things done! The more secure, private, safe, the better

  36. Getting Things Done?

  37. Vision

  38. Hands Free Privacy The more secure, private, safe, the better

  39. Example: The Shamir Tag Langheinrich, Marti: Practical Minimalist Cryptography for RFID Privacy . IEEE Systems Journal , Vol. 1, No. 2, 2007

  40. Example: The Shamir Tag • Unsolicited read-outs take long time – Difficult (but not impossible) to track or identify • Instant Identification for known tags – Owner uses tags without restrictions Langheinrich, Marti: Practical Minimalist Cryptography for RFID Privacy . IEEE Systems Journal , Vol. 1, No. 2, 2007

  41. Shamir Tags Illustrated Original RFID-Tag contains encrypted ID + Key, but cut in many RFID-Tag: small pieces. All pieces are needed to decrypt Tag ID.

  42. Shamir Tags Illustrated Original RFID-Tag contains encrypted ID + Key, but cut in many RFID-Tag: small pieces. All pieces are needed to decrypt Tag ID. Unknown wait wait wait Reader sees: Only few shares disclosed A few more shares disclosed Still not enough shares… time

  43. Shamir Tags Illustrated Original RFID-Tag contains encrypted ID + Key, but cut in many RFID-Tag: small pieces. All pieces are needed to decrypt Tag ID. Unknown wait wait wait Reader sees: Only few shares disclosed A few more shares disclosed Still not enough shares… Owner‘s + = Reader sees: Only few shares disclosed Instant Identification Owner checks for known (cached) tag

  44. Consumers receive basic protection for all tagged goods Additional security mechanism can be layered above Shamir Tags

  45. Summary

  46. Privacy by Design • Difficult to do even for technology experts – Industrial (RFID Credit Cards) – Government (ePassport) • Difficult if wrong user model – People want to get things done – Privacy, security often gets in the way • We need usable security and privacy – Sometimes less security may mean more privacy

  47. Outlook

  48. The wireless century will bring an end to many crimes. It will be a century of morality, since it is known that morality and fear are one and the same. (Robert Sloss, “The World in 100 Years”, 1910)

Recommend


More recommend