Upload
abigail-thornton
View
212
Download
0
Tags:
Embed Size (px)
Citation preview
21-April 200621-April 2006 [email protected]; +31 6 204 315 47
Privacy Incorporated Software Privacy Incorporated Software AgentsAgents
Jan Huizenga - TNO - PISA co-ordinatorJan Huizenga - TNO - PISA co-ordinator
22
Main Topics PISAMain Topics PISA
Mobile Intelligent AgentsMobile Intelligent Agents
Agents and PrivacyAgents and Privacy
ContributionContribution
OverviewOverview
33Main topics PISAMain topics PISA
Agent System
Human-Computer Interface
Network Privacy
Security & PrivacySecurity & Privacy
44Mobile Intelligent AgentsMobile Intelligent Agents
1998 2000 2002 2004 2006 2008 2010product date
Local Area: LAN Wide Area: WAN Personal Area:PAN
802.11
HIPERLAN
0,01
0,1
1
10
100
1000
1996
Ma
x d
ata
ra
te (
Mb
ps
)
Application Space
Video data rate
GPRS
3G
Voice
Text Messaging
Still Imaging
Audio Streaming
Video Streaming
Infotainment
Virtual Homes
High Speed Internet
PAN/LAN/WAN Convergence
Bluetooth
HomeRF
GSM
Mobile Agents
AMBIENT Intelligence
Communication Space
55Around PISA: Around PISA: a complex world where ...a complex world where ...
wireless
Server
SGSN
PDN
GGSN
NodeB
RNC
Gateway
ME
intermediationASP
Cellular(e.g. UMTS)
RAN
CoreNetwork
Sec. M.
Appli
PKI
privacy must transcend heterogenity and mobility
Local
MIKE’sAgent
External sources
Agent-provider
Agent 2Agent 1
Agent N
NetworkAgents
databases: personal dataabout Mr. Jones
Mr. Jones
MIKE
THE AGENT AND PERSONAL DATA FLOW
A personal agent can perform tasks for its user.
=> a personal agent needs personal information
77Agents & PrivacyAgents & Privacy
1997: NDPA, DPA Canada, TNO: 1997: NDPA, DPA Canada, TNO: Report “Agents, Privacy & PET Report “Agents, Privacy & PET
1999: How do we demonstrate agents & privacy?1999: How do we demonstrate agents & privacy?
2000: Project/consortium proposal : PISA 2001-20032000: Project/consortium proposal : PISA 2001-2003
Identifying the privacy requirements and threatsIdentifying the privacy requirements and threats
Designing PET for agentsDesigning PET for agents
Building a sample applicationBuilding a sample application
Evaluating the sample applicationEvaluating the sample application
88PRIVACY THREAT ANALYSISPRIVACY THREAT ANALYSIS
SYSTEM PURPOSE
TECHNOLOGY
INTEGRATED LIST OF THREATS
VIOLATIONS OF PRIVACY REGULATIONS
SOLUTION USE
Mobile codeMobile code
99
THETHE IDENTITY PROTECTOR
PET = Privacy Enhancing PET = Privacy Enhancing Technologies Technologies
PID 1
PID 3
PID 2
USER KNOWN
IDENTTY DOMAINS PSEUDO IDENTITY DOMAINS
1010The Privacy Agent DesignThe Privacy Agent Design
To show that privacy of the user is protected in all kinds of processes by incorporated PET features
Personal data
Non-Personal
data
Identity Protector
1111Privacy Protection Privacy Protection
How to achieve privacy protection in Agents?How to achieve privacy protection in Agents?
Deployment of PETs Classic tools (anonymity, Deployment of PETs Classic tools (anonymity, pseudonymity, unobservability and pseudonymity, unobservability and unlinkability)unlinkability) is not enough to achieve optimal is not enough to achieve optimal privacy protection.privacy protection.
Therefore PISA needs a design for:Therefore PISA needs a design for: Personal Data : Personal Identifiable Information Personal Data : Personal Identifiable Information
(PII), and Non-PII.(PII), and Non-PII. Legal rules (privacy principles)Legal rules (privacy principles) Agent Practices Statement (APS)Agent Practices Statement (APS) Privacy PreferencesPrivacy Preferences
1212Three Levels of Personal DataThree Levels of Personal Data
Level 1: Contact Information. Level 1: Contact Information.
Level 2: All other items of personal data Level 2: All other items of personal data except level 3. except level 3.
Level 3: Special categories of personal Level 3: Special categories of personal datadata..
1313Privacy PrinciplesPrivacy Principles
• Purpose specificationPurpose specification
• FinalityFinality
• Legimate ProcessingLegimate Processing
• Data qualityData quality
• TransparencyTransparency
• Data subject’s rightsData subject’s rights
• Storage durationStorage duration
• Right to objectRight to object
• SecuritySecurity
1414Privacy OntologyPrivacy Ontology
PIILevel2
PIILevel1
PIILevel3
DataProtectionAutority
PET
APS
PrivacyPrinciplePrivacyPreference
1..n
0..n1..n
1
Transparency Finality LegalProcessing TransferDataSubjectRights
PrivacyPolicy
PIIGroup PII
1515Model PISA AgentsModel PISA Agents
Privacy Protection by: 1. Anonymity & Pseudo-identities (PET)
2. Trust/secure “mobile code” (Encryption)
3. Act according the Directive (APS)
Controller
OtherAgents orServices
PISA
User
Per
son
al
Dat
a
AP
S
Auditor
TrustedThirdParty
PE
T
Pre
fere
nce
s
1616General PISA ArchitectureGeneral PISA Architecture
DataSubject
Controller
Processor
Auditor
Inte
ract
ion
PISA Platform
RegistrationAuthority
Agent
MonitorAgent
ServiceAgent
PersonalAgent
Task Agent Log Agent
AdvisorAgent
Certification Authority (PKI)
Auditing
Ext
erna
l Web
Ser
vice
s
1 agent / platform
1 agent / user
multiple agents
1717HCI and PRIVACY PROTECTION
Just-In-Time Click-Through Agreements:
Informed, Unambiguous Consent
HCI Requirements for Legislative Compliance and Usable Design
Building Trust & Reducing Risk From Privacy Legislation to Interface Design
1818Usability ResultsUsability Results
+ The prototype worked fairly well + The prototype worked fairly well (72%) and was easy to navigate (72%) and was easy to navigate (76%), but it had poor visual appeal (76%), but it had poor visual appeal (42%)(42%)
+ Users understood the concept of a + Users understood the concept of a personal assistant who could provide personal assistant who could provide services (92%)services (92%)
+ Users understood (>90%) the major + Users understood (>90%) the major functions (create, modify, track, functions (create, modify, track, results)results)
0
5
10
15
20
25
30
35
1 2 3 4 5 6 7
Rating Scale (Difficult to Easy)
Per
cen
t o
f P
arti
cip
ants
1919Network & PrivacyNetwork & Privacy
• Agent Onion Routing Network • Digital Rights Management for Privacy• Reputation System• Scalability
2020Security & Privacy in PISA AgentsSecurity & Privacy in PISA Agents
Practical solutions to provide privacy in agent technologyPractical solutions to provide privacy in agent technology
Agent Digital SignatureAgent Digital Signature Pseudo anonymous Task AgentsPseudo anonymous Task Agents Confidential communication: E-E-D encryptionConfidential communication: E-E-D encryption Agent -PKIAgent -PKI
Insight in challenges for agent technology / mobile codeInsight in challenges for agent technology / mobile code
Theoretical results (IEEE Symposium on Information Theory):Theoretical results (IEEE Symposium on Information Theory):
Definition perfect secrecyDefinition perfect secrecy Theoretical boundariesTheoretical boundaries PhD Thesis TUD : PhD Thesis TUD :
“ Private Computing and Mobile Code“ Private Computing and Mobile Code Systems” Systems” K. Carthrysse 2005: ISBN 10:90 90199-53-5K. Carthrysse 2005: ISBN 10:90 90199-53-5
2121ResultsResults
• Security & Privacy research is recognized as important in Security & Privacy research is recognized as important in Dutch scientific community;Dutch scientific community;
• But also in politics: Ministry of Economical Affairs But also in politics: Ministry of Economical Affairs subsidizes technical projects in privacy; subsidizes technical projects in privacy;
• Industry / business becomes aware of importance to protect Industry / business becomes aware of importance to protect privacy;privacy;
STIMULUS AND RATIONALE FOR NEW PRIVACY STIMULUS AND RATIONALE FOR NEW PRIVACY RELATED RESEARCH AND EXPLOITATIONRELATED RESEARCH AND EXPLOITATION
2222ContinuationContinuation
Continuation of the PISA work:Continuation of the PISA work:
RAPID: RAPID: Roadmap Privacy & Identity Management FP6Roadmap Privacy & Identity Management FP6
PRIME: PRIME: Privacy and Identity Management; Ontology & HCIPrivacy and Identity Management; Ontology & HCI
LOBSTER: LOBSTER: Intrusion Detection Geant2; Anonymous dataIntrusion Detection Geant2; Anonymous data
PAW: PAW: (Privacy in an Ambient World): Catholic University of (Privacy in an Ambient World): Catholic University of Nijmegen, University of Twente, Delft University of Technology, TNONijmegen, University of Twente, Delft University of Technology, TNO
BASISBASIS:: (Biometrics and Privacy) : University of Twente, Technical (Biometrics and Privacy) : University of Twente, Technical University Eindhoven, CWI, PhilipsUniversity Eindhoven, CWI, Philips
Privacy and RF- ID tagsPrivacy and RF- ID tags: : - TNO Study for Dutch government, RFID-Certification - TNO Study for Dutch government, RFID-Certification - TUD Thesis Anonymus RFID e- ticketing system - TUD Thesis Anonymus RFID e- ticketing system