Upload
valentine-powell
View
220
Download
1
Tags:
Embed Size (px)
Citation preview
HOMMER: Holistic Model for Minority Education & Research
“The Balancing Act”:
Accountability vs. Privacy
byDeidre W. Evans
Christy L. Chatmon
Department of Computer and Information Sciences May 5th, 2004
Overview
• Introduction
• Research Discussion– “The Balancing Act”
• Goals of Research– Security Track in Curricula– Center of Educational Excellence in
Information Assurance by NSA– Build Collaborations
Department of Computer and Information Sciences May 5th, 2004
Introduction
• September 11, 2001 was in part due to a lack of operational balance between privacy and accountability:– “Uncrackable encryption is allowing terrorists
to communicate about their intentions without fear of outside intrusion. They’re thwarting the efforts of law enforcement to detect, prevent and investigate illegal activities.”
[FBI director]
Department of Computer and Information Sciences May 5th, 2004
Introduction
• Increase in security threats– Denial of service, worms, viruses, etc.
• Advancement in data retrieval & storage mechanisms– Data-mining, CRM, WEB Tracking
“The Balancing Act”
• Privacy/Anonymity– Controlling all information about one’s self &
personal activity– Authentication
• Passwords, PKI’s, biometrics, etc.
• Accountability/Security– Attribute actions to the user that caused those
actions
“The Balancing Act”
• Investigate existing methodologies:– Key Escrow
• third party retrieves cryptographic keys for data confidentiality for recovery of encrypted data
– PKIs
Department of Computer and Information Sciences May 5th, 2004
“The Balancing Act”
Department of Computer and Information Sciences May 5th, 2004
Anonymity Accountability
Privacy Authentication
Privacy Cyber-forensics
Free Speech Liability/Copyright
Goals of Research
• Problem: – Existing paradigms embody conflict between
security goals and privacy goals
• Goal:– Explore alternative paradigms that balances
the needs for security with the needs for personal privacy
• Develop a cryptographic infrastructure models, techniques, & tools to facilitate “privacy-balanced accountability”
Department of Computer and Information Sciences May 5th, 2004
Goals of Research
• FAMU CIS department recognized as a Center of Educational Excellence in Information Security by National Security Agency
• Information Security Track in CIS curricula
Department of Computer and Information Sciences May 5th, 2004
Goals of ResearchC isco R outer
C loud
C isco 24 P ort S w itch
C isco P ix F irewall
C isco 24 P ort S w itch
W orksta tions - O pera ting system s L inux W in2K W in98 V M W are
NT 2000 Server Solaris 9 server
NT 2003 Server with Term inal Services
Goals of Research
• Standalone Security Lab to support research & course needs– explore new paradigms for training students
about security and to foster students’ interests in security issues
• Extend collaborations with other security educators– FSU, University of Central Florida, etc.
Department of Computer and Information Sciences May 5th, 2004
References
[1] Carl Ellison and Bruce Schneier. Ten Risks of PKI, What You Are Not Being Told About PKI. Computer Security Journal, Vol. XVI, No. 1, 2000.[2] Donald Runsfeld. US Secretary of State, Comments to the press, Sept 12, 2001, http://www.defenselink.mil/cgi- bin/real_audio.pl?
Sep2001/DoD091201a&1000322100[3] Hosmer, C., Gordon, G., Hyde, C., Grant, T. "Cyber Forensics 2000."
Proceedings, 1st Annual Study of the State-of-the-Art in Cyber Forensics.[4] J.K. Millen and R.N. Wright. Reasoning about Trust and Insurance in a
Public Key Infrastructure. Proceedings of 13th IEEE Computer Security Foundations Workshop, IEEE Computer Society, July 2000.
[5] Jack Kelley. Terror groups hide behind Web encryption. USA Today, June 19, 2001, http://www.usatoday.com/life/cyber/tech/2001-02-05-binladen.htm
[6] M. Burmester, Y. Desmedt and J. Seberry. Equitable key escrow with limited time-span. Advances in Cryptology, Asiacrypt 98, LNCS 1514, Springer,
Berlin, pp. 380-391, 1998.
Department of Computer and Information Sciences May 5th, 2004