SlideShare une entreprise Scribd logo

Privacy of social network attributes for online services

Atos_Worldline
Atos_Worldline
Technologie
1  sur  17
Télécharger pour lire hors ligne
Antoine Fressancourt 17/11/2011
17/11/2011 The case of privacy in social CARTES & IDentification networks Antoine Fressancourt ▶ Rising concern around privacy in social networks – Use of private information for advertising purposes – Applications gaining access to more and more personal information – Usage tracking using referral buttons – Access to information directly using URL, content not ciphered ▶ More and more complex to manage – Groups – Possibility to specify target groups on social network updates Adapted from The History Of Facebook’s Default Privacy Settings by Matt McKeon 2
17/11/2011 A recent case: CARTES & IDentification Europe vs. Facebook vs Antoine Fressancourt ▶ Case raised by Max Schrems, a 24 years old law student against Facebook ▶ Discovered that Facebook keeps track of every digital trace of a user, even when they are “deleted” deleted 3
17/11/2011 Highlighted issues CARTES & IDentification Antoine Fressancourt Those examples tend to highlight two issues Privacy inside the social network itself Data privacy from outside the social network 4
17/11/2011 Anatomy of a social network CARTES & IDentification Functional building blocks Antoine Fressancourt Management of user Identity credentials and attributes d i l d ib Privacy policy Role management for users i.e. Profile(s) how they want to appear Management of a user’s Social graph g p relationships Synchronous and asynchronous Messaging g g messages for a user g P Storage of documents Repository associated to a user 5
17/11/2011 Potential solutions CARTES & IDentification Antoine Fressancourt Cypher information Privacy P i inside the network itself inside the social to protect from the SNS network it lf t k itself provider Use identity Data privacy from management concepts and zero knowledge outside the approaches to secure social network exchanges with external sites 6
17/11/2011 Privacy inside the social network CARTES & IDentification Review of academic solutions Antoine Fressancourt Mainly two families of approaches: ▶ « add-in » applications – FlyByNight: Re-Encryption proxy, El Gamal encryption, AES – NOYB: Replace each attribute of a given user by an attribute of another member of its social network – FaceCloak: Dictionnary, MAC ▶ « Privacy by Design » social networks – Persona: Attribute-Based Encryption – EASiER: Attribute-Based Encryption – A Collaborative Framework for Privacy Protection in Online Social Network: El Gamal – Cryptographic Treatment of Private User Profiles: Broadcast Encryption 7
17/11/2011 Our proposal CARTES & IDentification Solving the « inside » privacy issue Antoine Fressancourt Using a Cypher text Policy Attribute Based Encryption (CP-ABE) scheme to (CP ABE) cypher the data inside the social network ▶ Advantages – Allows us to d f ll define privacy policies b l based d on fine grained predicates – Englobate both Identity-based encryption and Identity based broadcast encryptions – Ease of deployment given our objectives ▶ Drawback – Keys and cypher texts are longer than in simpler, IBE schemes – Heavy management of cryptographic keys 8
17/11/2011 What is IBE? CARTES & IDentification Identity based encryption Antoine Fressancourt ▶ Identity based encryption: ▶ Proposed by Shamir in 1984 ▶ Encrypt a message using any arbitrary string as the key. (Message)bob@mail.com ▶ The string can be a representation of the user’s identity ▶ Principle: ▶ Alice encrypt a message with Bob’s e-mail address ▶ Bob asks a PKG (Private Key Private Key h Authentication Generator) to provide a private key associated to his e-mail address. PKG 9
17/11/2011 What is ABE? CARTES & IDentification Attribute based encryption Antoine Fressancourt ▶ Attribute based encryption is a generalisation of identity AND based encryption ▶ Encryption according attributes: ▶ Personal: age, town, name… OR +18 y.o ▶ Relational: colleague, family, friends, … ▶ Ciphertext-policy ABE: ▶ Cipher text possesses access structure Colleague France ▶ Saving structures 10
17/11/2011 Privacy outside the social network CARTES & IDentification What is needed Antoine Fressancourt Possibility to register on websites with credentials Use case of identity provided to the social management systems network Social network External sites Need to conform to Recovery of user data in regulation, risk various ways ( logs, related to user cookies, …) acceptance 11
17/11/2011 What is Identity Management? CARTES & IDentification Antoine Fressancourt ▶ Technologies, policies and p practices used to control access to a resource by a third party. User ▶ Three entities: ▶ Identity Provider (IdP): maintains and gives access to a user’s credentials ▶ S Service P i Provider (SP) id (SP): Consumes attributes provided by an IdP ▶ User: Controls the distribution IdP SP of its credentials by the IdP 12
17/11/2011 Use of identity management in a CARTES & IDentification social network context Antoine Fressancourt Use of concepts popularized by Idemix and Uprove ▶ Anonymous credentials ▶ Zero-knowledge protocol Random value – P otocol in which a p o e sho s to a Protocol hich prover shows verifier that he possesses an erifier rover information without revealing it. Challenge – Introduced by Goldwasser Micali and Goldwasser, Ve Pr Rackoff in 1984. ▶ Minimal Disclosure Response Generation on the fly How to perform the using a zero proof calculation? knowledge compiler k l d il 13
17/11/2011 CACE: A zero knowledge compiler CARTES & IDentification Antoine Fressancourt Computer Aided Cryptography Engineering: ▶ European Project ▶ ∑-protocols ▶ Composition techniques ▶ Certificates 14
17/11/2011 Our proposal CARTES & IDentification Solving the « outside » privacy issue Antoine Fressancourt Use of Identity Management platform and protocols ▶ Ensure minimal disclosure of private information ▶ Framework to manage the disclosure of user credentials Integration of a zero knowledge g g compiler ▶ Computing zero knowledge proofs on the y fly ▶ Enhance the protection of private information through minimal disclosure. 15
17/11/2011 To conclude CARTES & IDentification Antoine Fressancourt ▶ Social networks raise a number of issues related to data security and privacy ▶ Two kinds of privacy issues – From inside the social network itself – From external sites outside the social network ▶ Inside privacy isssues can be solved by using ABE to protect data and give it access only to authorized contacts ▶ Outside privacy issues can be solved by using identity management protocols and systems ▶ Overall, better management of data privacy in future social network services deployed using emerging standards 16
Thank you Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud and Atos WorldGrid are registered trademarks of Atos SA. June 2011 © 2011 Atos. Confidential information owned by Atos, to be used by y , y the recipient only. This document, or any part of it, may not be reproduced, copied, circulated and/or distributed nor quoted without prior written approval from Atos. 17/11/2011

Recommandé

A study of image fingerprinting by using visual cryptography
A study of image fingerprinting by using visual cryptographyA study of image fingerprinting by using visual cryptography
A study of image fingerprinting by using visual cryptographyAlexander Decker
 
ANALYSIS AND DESIGN OF MULTIPLE WATERMARKING IN A VIDEO FOR AUTHENTICATION AN...
ANALYSIS AND DESIGN OF MULTIPLE WATERMARKING IN A VIDEO FOR AUTHENTICATION AN...ANALYSIS AND DESIGN OF MULTIPLE WATERMARKING IN A VIDEO FOR AUTHENTICATION AN...
ANALYSIS AND DESIGN OF MULTIPLE WATERMARKING IN A VIDEO FOR AUTHENTICATION AN...Editor Jacotech
 
[IJET-V1I6P12] Authors: Manisha Bhagat, Komal Chavan ,Shriniwas Deshmukh
[IJET-V1I6P12] Authors: Manisha Bhagat, Komal Chavan ,Shriniwas Deshmukh[IJET-V1I6P12] Authors: Manisha Bhagat, Komal Chavan ,Shriniwas Deshmukh
[IJET-V1I6P12] Authors: Manisha Bhagat, Komal Chavan ,Shriniwas DeshmukhIJET - International Journal of Engineering and Techniques
 
Study, analysis and formulation of a new method for integrity protection of d...
Study, analysis and formulation of a new method for integrity protection of d...Study, analysis and formulation of a new method for integrity protection of d...
Study, analysis and formulation of a new method for integrity protection of d...ijsrd.com
 
Stegnography Systems for Securing DataFile in Image
Stegnography Systems for Securing DataFile in ImageStegnography Systems for Securing DataFile in Image
Stegnography Systems for Securing DataFile in ImageInternational Journal of Engineering Inventions www.ijeijournal.com
 
Digitalwatermarking
DigitalwatermarkingDigitalwatermarking
DigitalwatermarkingHyacinth Okeke
 
28032012 Irma vander Ploeg: e portfolio als digitale identiteit
28032012 Irma vander Ploeg: e portfolio als digitale identiteit28032012 Irma vander Ploeg: e portfolio als digitale identiteit
28032012 Irma vander Ploeg: e portfolio als digitale identiteitStichting ePortfolio Support
 
Risk Factory: Database Security: Oxymoron?
Risk Factory: Database Security: Oxymoron? Risk Factory: Database Security: Oxymoron?
Risk Factory: Database Security: Oxymoron? Risk Crew
 

Recommandé

A study of image fingerprinting by using visual cryptography
A study of image fingerprinting by using visual cryptographyA study of image fingerprinting by using visual cryptography
A study of image fingerprinting by using visual cryptographyAlexander Decker
 
ANALYSIS AND DESIGN OF MULTIPLE WATERMARKING IN A VIDEO FOR AUTHENTICATION AN...
ANALYSIS AND DESIGN OF MULTIPLE WATERMARKING IN A VIDEO FOR AUTHENTICATION AN...ANALYSIS AND DESIGN OF MULTIPLE WATERMARKING IN A VIDEO FOR AUTHENTICATION AN...
ANALYSIS AND DESIGN OF MULTIPLE WATERMARKING IN A VIDEO FOR AUTHENTICATION AN...Editor Jacotech
 
[IJET-V1I6P12] Authors: Manisha Bhagat, Komal Chavan ,Shriniwas Deshmukh
[IJET-V1I6P12] Authors: Manisha Bhagat, Komal Chavan ,Shriniwas Deshmukh[IJET-V1I6P12] Authors: Manisha Bhagat, Komal Chavan ,Shriniwas Deshmukh
[IJET-V1I6P12] Authors: Manisha Bhagat, Komal Chavan ,Shriniwas DeshmukhIJET - International Journal of Engineering and Techniques
 
Study, analysis and formulation of a new method for integrity protection of d...
Study, analysis and formulation of a new method for integrity protection of d...Study, analysis and formulation of a new method for integrity protection of d...
Study, analysis and formulation of a new method for integrity protection of d...ijsrd.com
 
Stegnography Systems for Securing DataFile in Image
Stegnography Systems for Securing DataFile in ImageStegnography Systems for Securing DataFile in Image
Stegnography Systems for Securing DataFile in ImageInternational Journal of Engineering Inventions www.ijeijournal.com
 
Digitalwatermarking
DigitalwatermarkingDigitalwatermarking
DigitalwatermarkingHyacinth Okeke
 
28032012 Irma vander Ploeg: e portfolio als digitale identiteit
28032012 Irma vander Ploeg: e portfolio als digitale identiteit28032012 Irma vander Ploeg: e portfolio als digitale identiteit
28032012 Irma vander Ploeg: e portfolio als digitale identiteitStichting ePortfolio Support
 
Risk Factory: Database Security: Oxymoron?
Risk Factory: Database Security: Oxymoron? Risk Factory: Database Security: Oxymoron?
Risk Factory: Database Security: Oxymoron? Risk Crew
 
Mina.Deng.PhD.defense
Mina.Deng.PhD.defenseMina.Deng.PhD.defense
Mina.Deng.PhD.defenseminadeng
 
Explicit vs. latent concept models for cross language information retrieval
Explicit vs. latent concept models for cross language information retrievalExplicit vs. latent concept models for cross language information retrieval
Explicit vs. latent concept models for cross language information retrievalNitish Aggarwal
 
ipas implicit password authentication system ieee 2011
ipas implicit password authentication system ieee 2011ipas implicit password authentication system ieee 2011
ipas implicit password authentication system ieee 2011prasanna9
 
Digitalwatermarking
DigitalwatermarkingDigitalwatermarking
Digitalwatermarkinglongagofaraway
 
Crowdshare, Secure Resource Sharing in Mobile Crowds
Crowdshare, Secure Resource Sharing in Mobile CrowdsCrowdshare, Secure Resource Sharing in Mobile Crowds
Crowdshare, Secure Resource Sharing in Mobile CrowdsHeinrich Seeger
 
50120130406038
5012013040603850120130406038
50120130406038IAEME Publication
 
Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy
 
Information security by biometric waterking
Information security by biometric waterkingInformation security by biometric waterking
Information security by biometric waterkingeSAT Publishing House
 
Iaetsd network security and
Iaetsd network security andIaetsd network security and
Iaetsd network security andIaetsd Iaetsd
 
Implementation of a Biometric Solution Providing Strong Authentication To Gai...
Implementation of a Biometric Solution Providing Strong Authentication To Gai...Implementation of a Biometric Solution Providing Strong Authentication To Gai...
Implementation of a Biometric Solution Providing Strong Authentication To Gai...Sylvain Maret
 
An Approach for Securing Voice Communication via Image Watermarking Technique
An Approach for Securing Voice Communication via Image Watermarking TechniqueAn Approach for Securing Voice Communication via Image Watermarking Technique
An Approach for Securing Voice Communication via Image Watermarking TechniqueCSCJournals
 
1709 1715
1709 17151709 1715
1709 1715Editor IJARCET
 
Digitalwatermarking
DigitalwatermarkingDigitalwatermarking
DigitalwatermarkingSej Visawadia
 
177 181
177 181177 181
177 181Editor IJARCET
 
A Havoc Proof for Secure and Robust Audio Watermarking
A Havoc Proof for Secure and Robust Audio WatermarkingA Havoc Proof for Secure and Robust Audio Watermarking
A Havoc Proof for Secure and Robust Audio WatermarkingCSCJournals
 
280 284
280 284280 284
280 284Editor IJARCET
 
Tutorial 3 peter kustor
Tutorial 3 peter kustorTutorial 3 peter kustor
Tutorial 3 peter kustoregovernment
 
Privacy issues in network environments
Privacy issues in network environmentsPrivacy issues in network environments
Privacy issues in network environmentsJosef Noll
 
Privacy and Social Networks
Privacy and Social NetworksPrivacy and Social Networks
Privacy and Social Networksblogzilla
 
Prof. Hendrik Speck - Privacy and Social Networks
Prof. Hendrik Speck - Privacy and Social NetworksProf. Hendrik Speck - Privacy and Social Networks
Prof. Hendrik Speck - Privacy and Social NetworksHendrik Speck
 
Social Networking Security Issues
Social Networking Security IssuesSocial Networking Security Issues
Social Networking Security IssuesMangesh Gunjal
 
The Dark Side of Social Media: Privacy Concerns
The Dark Side of Social Media: Privacy ConcernsThe Dark Side of Social Media: Privacy Concerns
The Dark Side of Social Media: Privacy ConcernsCorinne Weisgerber
 

Contenu connexe

Tendances

Mina.Deng.PhD.defense
Mina.Deng.PhD.defenseMina.Deng.PhD.defense
Mina.Deng.PhD.defenseminadeng
 
Explicit vs. latent concept models for cross language information retrieval
Explicit vs. latent concept models for cross language information retrievalExplicit vs. latent concept models for cross language information retrieval
Explicit vs. latent concept models for cross language information retrievalNitish Aggarwal
 
ipas implicit password authentication system ieee 2011
ipas implicit password authentication system ieee 2011ipas implicit password authentication system ieee 2011
ipas implicit password authentication system ieee 2011prasanna9
 
Crowdshare, Secure Resource Sharing in Mobile Crowds
Crowdshare, Secure Resource Sharing in Mobile CrowdsCrowdshare, Secure Resource Sharing in Mobile Crowds
Crowdshare, Secure Resource Sharing in Mobile CrowdsHeinrich Seeger
 
Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy
 
Information security by biometric waterking
Information security by biometric waterkingInformation security by biometric waterking
Information security by biometric waterkingeSAT Publishing House
 
Iaetsd network security and
Iaetsd network security andIaetsd network security and
Iaetsd network security andIaetsd Iaetsd
 
Implementation of a Biometric Solution Providing Strong Authentication To Gai...
Implementation of a Biometric Solution Providing Strong Authentication To Gai...Implementation of a Biometric Solution Providing Strong Authentication To Gai...
Implementation of a Biometric Solution Providing Strong Authentication To Gai...Sylvain Maret
 
An Approach for Securing Voice Communication via Image Watermarking Technique
An Approach for Securing Voice Communication via Image Watermarking TechniqueAn Approach for Securing Voice Communication via Image Watermarking Technique
An Approach for Securing Voice Communication via Image Watermarking TechniqueCSCJournals
 
A Havoc Proof for Secure and Robust Audio Watermarking
A Havoc Proof for Secure and Robust Audio WatermarkingA Havoc Proof for Secure and Robust Audio Watermarking
A Havoc Proof for Secure and Robust Audio WatermarkingCSCJournals
 
Tutorial 3 peter kustor
Tutorial 3 peter kustorTutorial 3 peter kustor
Tutorial 3 peter kustoregovernment
 

Tendances (17)

Mina.Deng.PhD.defense
Mina.Deng.PhD.defenseMina.Deng.PhD.defense
Mina.Deng.PhD.defense
 
Explicit vs. latent concept models for cross language information retrieval
Explicit vs. latent concept models for cross language information retrievalExplicit vs. latent concept models for cross language information retrieval
Explicit vs. latent concept models for cross language information retrieval
 
ipas implicit password authentication system ieee 2011
ipas implicit password authentication system ieee 2011ipas implicit password authentication system ieee 2011
ipas implicit password authentication system ieee 2011
 
Digitalwatermarking
DigitalwatermarkingDigitalwatermarking
Digitalwatermarking
 
Crowdshare, Secure Resource Sharing in Mobile Crowds
Crowdshare, Secure Resource Sharing in Mobile CrowdsCrowdshare, Secure Resource Sharing in Mobile Crowds
Crowdshare, Secure Resource Sharing in Mobile Crowds
 
50120130406038
5012013040603850120130406038
50120130406038
 
Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 Assignment
 
Information security by biometric waterking
Information security by biometric waterkingInformation security by biometric waterking
Information security by biometric waterking
 
Iaetsd network security and
Iaetsd network security andIaetsd network security and
Iaetsd network security and
 
Implementation of a Biometric Solution Providing Strong Authentication To Gai...
Implementation of a Biometric Solution Providing Strong Authentication To Gai...Implementation of a Biometric Solution Providing Strong Authentication To Gai...
Implementation of a Biometric Solution Providing Strong Authentication To Gai...
 
An Approach for Securing Voice Communication via Image Watermarking Technique
An Approach for Securing Voice Communication via Image Watermarking TechniqueAn Approach for Securing Voice Communication via Image Watermarking Technique
An Approach for Securing Voice Communication via Image Watermarking Technique
 
1709 1715
1709 17151709 1715
1709 1715
 
Digitalwatermarking
DigitalwatermarkingDigitalwatermarking
Digitalwatermarking
 
177 181
177 181177 181
177 181
 
A Havoc Proof for Secure and Robust Audio Watermarking
A Havoc Proof for Secure and Robust Audio WatermarkingA Havoc Proof for Secure and Robust Audio Watermarking
A Havoc Proof for Secure and Robust Audio Watermarking
 
280 284
280 284280 284
280 284
 
Tutorial 3 peter kustor
Tutorial 3 peter kustorTutorial 3 peter kustor
Tutorial 3 peter kustor
 

En vedette

Privacy issues in network environments
Privacy issues in network environmentsPrivacy issues in network environments
Privacy issues in network environmentsJosef Noll
 
Privacy and Social Networks
Privacy and Social NetworksPrivacy and Social Networks
Privacy and Social Networksblogzilla
 
Prof. Hendrik Speck - Privacy and Social Networks
Prof. Hendrik Speck - Privacy and Social NetworksProf. Hendrik Speck - Privacy and Social Networks
Prof. Hendrik Speck - Privacy and Social NetworksHendrik Speck
 
Social Networking Security Issues
Social Networking Security IssuesSocial Networking Security Issues
Social Networking Security IssuesMangesh Gunjal
 
The Dark Side of Social Media: Privacy Concerns
The Dark Side of Social Media: Privacy ConcernsThe Dark Side of Social Media: Privacy Concerns
The Dark Side of Social Media: Privacy ConcernsCorinne Weisgerber
 
Privacy issues in social networking
Privacy issues in social networkingPrivacy issues in social networking
Privacy issues in social networkingBryan Tran
 
Social network privacy & security
Social network privacy & securitySocial network privacy & security
Social network privacy & securitynadikari123
 

En vedette (7)

Privacy issues in network environments
Privacy issues in network environmentsPrivacy issues in network environments
Privacy issues in network environments
 
Privacy and Social Networks
Privacy and Social NetworksPrivacy and Social Networks
Privacy and Social Networks
 
Prof. Hendrik Speck - Privacy and Social Networks
Prof. Hendrik Speck - Privacy and Social NetworksProf. Hendrik Speck - Privacy and Social Networks
Prof. Hendrik Speck - Privacy and Social Networks
 
Social Networking Security Issues
Social Networking Security IssuesSocial Networking Security Issues
Social Networking Security Issues
 
The Dark Side of Social Media: Privacy Concerns
The Dark Side of Social Media: Privacy ConcernsThe Dark Side of Social Media: Privacy Concerns
The Dark Side of Social Media: Privacy Concerns
 
Privacy issues in social networking
Privacy issues in social networkingPrivacy issues in social networking
Privacy issues in social networking
 
Social network privacy & security
Social network privacy & securitySocial network privacy & security
Social network privacy & security
 

Similaire à Privacy of social network attributes for online services

Meminto as Blockchain Startup
Meminto as Blockchain StartupMeminto as Blockchain Startup
Meminto as Blockchain StartupAlbert Brückmann
 
SmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologySmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologyOKsystem
 
DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...
DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...
DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...ijait
 
apidays LIVE Paris 2021 - The GDPR Developer Guide by Jerome Gorin, CNIL
apidays LIVE Paris 2021 - The GDPR Developer Guide by Jerome Gorin, CNIL apidays LIVE Paris 2021 - The GDPR Developer Guide by Jerome Gorin, CNIL
apidays LIVE Paris 2021 - The GDPR Developer Guide by Jerome Gorin, CNIL apidays
 
Cryptograpy Exam
Cryptograpy ExamCryptograpy Exam
Cryptograpy ExamLisa Olive
 
Ricardo Mendez, Technical Director Europe ,Samsung NEXT - Identity, Privacy a...
Ricardo Mendez, Technical Director Europe ,Samsung NEXT - Identity, Privacy a...Ricardo Mendez, Technical Director Europe ,Samsung NEXT - Identity, Privacy a...
Ricardo Mendez, Technical Director Europe ,Samsung NEXT - Identity, Privacy a...Techsylvania
 
Internet Science
Internet ScienceInternet Science
Internet Sciencei_scienceEU
 
Ict project (1)
Ict project (1)Ict project (1)
Ict project (1)spy007s
 
Recognizing  the fact usernames passwords are the weakest link in an.docx
Recognizing  the fact usernames passwords are the weakest link in an.docxRecognizing  the fact usernames passwords are the weakest link in an.docx
Recognizing  the fact usernames passwords are the weakest link in an.docxdanas19
 
Highly Secure Cryptography Algorithm Method to Safeguard Audios and Visuals
Highly Secure Cryptography Algorithm Method to Safeguard Audios and VisualsHighly Secure Cryptography Algorithm Method to Safeguard Audios and Visuals
Highly Secure Cryptography Algorithm Method to Safeguard Audios and Visualsijcisjournal
 
HIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALS
HIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALSHIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALS
HIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALSijcisjournal
 
HIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALS
HIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALSHIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALS
HIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALSijdms
 
Ynamono Hs Lecture
Ynamono Hs LectureYnamono Hs Lecture
Ynamono Hs Lectureynamoto
 
Psdot 3 building and maintaining trust in internet voting with biometrics aut...
Psdot 3 building and maintaining trust in internet voting with biometrics aut...Psdot 3 building and maintaining trust in internet voting with biometrics aut...
Psdot 3 building and maintaining trust in internet voting with biometrics aut...ZTech Proje
 
Biometric security using cryptography
Biometric security using cryptographyBiometric security using cryptography
Biometric security using cryptographySampat Patnaik
 
Biometric encryption
Biometric encryptionBiometric encryption
Biometric encryptionDeepák Soni
 

Similaire à Privacy of social network attributes for online services (20)

Meminto as Blockchain Startup
Meminto as Blockchain StartupMeminto as Blockchain Startup
Meminto as Blockchain Startup
 
SmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologySmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technology
 
INTERNET PRIVACY
INTERNET PRIVACYINTERNET PRIVACY
INTERNET PRIVACY
 
DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...
DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...
DESIGN AND IMPLEMENTATION OF E-PASSPORT SCHEME USING CRYPTOGRAPHIC ALGORITHM ...
 
apidays LIVE Paris 2021 - The GDPR Developer Guide by Jerome Gorin, CNIL
apidays LIVE Paris 2021 - The GDPR Developer Guide by Jerome Gorin, CNIL apidays LIVE Paris 2021 - The GDPR Developer Guide by Jerome Gorin, CNIL
apidays LIVE Paris 2021 - The GDPR Developer Guide by Jerome Gorin, CNIL
 
Cryptograpy Exam
Cryptograpy ExamCryptograpy Exam
Cryptograpy Exam
 
Ricardo Mendez, Technical Director Europe ,Samsung NEXT - Identity, Privacy a...
Ricardo Mendez, Technical Director Europe ,Samsung NEXT - Identity, Privacy a...Ricardo Mendez, Technical Director Europe ,Samsung NEXT - Identity, Privacy a...
Ricardo Mendez, Technical Director Europe ,Samsung NEXT - Identity, Privacy a...
 
Biometrics
BiometricsBiometrics
Biometrics
 
Internet Science
Internet ScienceInternet Science
Internet Science
 
Ict project (1)
Ict project (1)Ict project (1)
Ict project (1)
 
Recognizing  the fact usernames passwords are the weakest link in an.docx
Recognizing  the fact usernames passwords are the weakest link in an.docxRecognizing  the fact usernames passwords are the weakest link in an.docx
Recognizing  the fact usernames passwords are the weakest link in an.docx
 
Highly Secure Cryptography Algorithm Method to Safeguard Audios and Visuals
Highly Secure Cryptography Algorithm Method to Safeguard Audios and VisualsHighly Secure Cryptography Algorithm Method to Safeguard Audios and Visuals
Highly Secure Cryptography Algorithm Method to Safeguard Audios and Visuals
 
HIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALS
HIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALSHIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALS
HIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALS
 
HIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALS
HIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALSHIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALS
HIGHLY SECURE CRYPTOGRAPHY ALGORITHM METHOD TO SAFEGUARD AUDIOS AND VISUALS
 
Ynamono Hs Lecture
Ynamono Hs LectureYnamono Hs Lecture
Ynamono Hs Lecture
 
Psdot 3 building and maintaining trust in internet voting with biometrics aut...
Psdot 3 building and maintaining trust in internet voting with biometrics aut...Psdot 3 building and maintaining trust in internet voting with biometrics aut...
Psdot 3 building and maintaining trust in internet voting with biometrics aut...
 
Biometric security using cryptography
Biometric security using cryptographyBiometric security using cryptography
Biometric security using cryptography
 
Biometrics poster
Biometrics posterBiometrics poster
Biometrics poster
 
Methods
MethodsMethods
Methods
 
Biometric encryption
Biometric encryptionBiometric encryption
Biometric encryption
 

Dernier

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Dernier (20)

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Privacy of social network attributes for online services

  • 1. Antoine Fressancourt 17/11/2011
  • 2. 17/11/2011 The case of privacy in social CARTES & IDentification networks Antoine Fressancourt ▶ Rising concern around privacy in social networks – Use of private information for advertising purposes – Applications gaining access to more and more personal information – Usage tracking using referral buttons – Access to information directly using URL, content not ciphered ▶ More and more complex to manage – Groups – Possibility to specify target groups on social network updates Adapted from The History Of Facebook’s Default Privacy Settings by Matt McKeon 2
  • 3. 17/11/2011 A recent case: CARTES & IDentification Europe vs. Facebook vs Antoine Fressancourt ▶ Case raised by Max Schrems, a 24 years old law student against Facebook ▶ Discovered that Facebook keeps track of every digital trace of a user, even when they are “deleted” deleted 3
  • 4. 17/11/2011 Highlighted issues CARTES & IDentification Antoine Fressancourt Those examples tend to highlight two issues Privacy inside the social network itself Data privacy from outside the social network 4
  • 5. 17/11/2011 Anatomy of a social network CARTES & IDentification Functional building blocks Antoine Fressancourt Management of user Identity credentials and attributes d i l d ib Privacy policy Role management for users i.e. Profile(s) how they want to appear Management of a user’s Social graph g p relationships Synchronous and asynchronous Messaging g g messages for a user g P Storage of documents Repository associated to a user 5
  • 6. 17/11/2011 Potential solutions CARTES & IDentification Antoine Fressancourt Cypher information Privacy P i inside the network itself inside the social to protect from the SNS network it lf t k itself provider Use identity Data privacy from management concepts and zero knowledge outside the approaches to secure social network exchanges with external sites 6
  • 7. 17/11/2011 Privacy inside the social network CARTES & IDentification Review of academic solutions Antoine Fressancourt Mainly two families of approaches: ▶ « add-in » applications – FlyByNight: Re-Encryption proxy, El Gamal encryption, AES – NOYB: Replace each attribute of a given user by an attribute of another member of its social network – FaceCloak: Dictionnary, MAC ▶ « Privacy by Design » social networks – Persona: Attribute-Based Encryption – EASiER: Attribute-Based Encryption – A Collaborative Framework for Privacy Protection in Online Social Network: El Gamal – Cryptographic Treatment of Private User Profiles: Broadcast Encryption 7
  • 8. 17/11/2011 Our proposal CARTES & IDentification Solving the « inside » privacy issue Antoine Fressancourt Using a Cypher text Policy Attribute Based Encryption (CP-ABE) scheme to (CP ABE) cypher the data inside the social network ▶ Advantages – Allows us to d f ll define privacy policies b l based d on fine grained predicates – Englobate both Identity-based encryption and Identity based broadcast encryptions – Ease of deployment given our objectives ▶ Drawback – Keys and cypher texts are longer than in simpler, IBE schemes – Heavy management of cryptographic keys 8
  • 9. 17/11/2011 What is IBE? CARTES & IDentification Identity based encryption Antoine Fressancourt ▶ Identity based encryption: ▶ Proposed by Shamir in 1984 ▶ Encrypt a message using any arbitrary string as the key. (Message)bob@mail.com ▶ The string can be a representation of the user’s identity ▶ Principle: ▶ Alice encrypt a message with Bob’s e-mail address ▶ Bob asks a PKG (Private Key Private Key h Authentication Generator) to provide a private key associated to his e-mail address. PKG 9
  • 10. 17/11/2011 What is ABE? CARTES & IDentification Attribute based encryption Antoine Fressancourt ▶ Attribute based encryption is a generalisation of identity AND based encryption ▶ Encryption according attributes: ▶ Personal: age, town, name… OR +18 y.o ▶ Relational: colleague, family, friends, … ▶ Ciphertext-policy ABE: ▶ Cipher text possesses access structure Colleague France ▶ Saving structures 10
  • 11. 17/11/2011 Privacy outside the social network CARTES & IDentification What is needed Antoine Fressancourt Possibility to register on websites with credentials Use case of identity provided to the social management systems network Social network External sites Need to conform to Recovery of user data in regulation, risk various ways ( logs, related to user cookies, …) acceptance 11
  • 12. 17/11/2011 What is Identity Management? CARTES & IDentification Antoine Fressancourt ▶ Technologies, policies and p practices used to control access to a resource by a third party. User ▶ Three entities: ▶ Identity Provider (IdP): maintains and gives access to a user’s credentials ▶ S Service P i Provider (SP) id (SP): Consumes attributes provided by an IdP ▶ User: Controls the distribution IdP SP of its credentials by the IdP 12
  • 13. 17/11/2011 Use of identity management in a CARTES & IDentification social network context Antoine Fressancourt Use of concepts popularized by Idemix and Uprove ▶ Anonymous credentials ▶ Zero-knowledge protocol Random value – P otocol in which a p o e sho s to a Protocol hich prover shows verifier that he possesses an erifier rover information without revealing it. Challenge – Introduced by Goldwasser Micali and Goldwasser, Ve Pr Rackoff in 1984. ▶ Minimal Disclosure Response Generation on the fly How to perform the using a zero proof calculation? knowledge compiler k l d il 13
  • 14. 17/11/2011 CACE: A zero knowledge compiler CARTES & IDentification Antoine Fressancourt Computer Aided Cryptography Engineering: ▶ European Project ▶ ∑-protocols ▶ Composition techniques ▶ Certificates 14
  • 15. 17/11/2011 Our proposal CARTES & IDentification Solving the « outside » privacy issue Antoine Fressancourt Use of Identity Management platform and protocols ▶ Ensure minimal disclosure of private information ▶ Framework to manage the disclosure of user credentials Integration of a zero knowledge g g compiler ▶ Computing zero knowledge proofs on the y fly ▶ Enhance the protection of private information through minimal disclosure. 15
  • 16. 17/11/2011 To conclude CARTES & IDentification Antoine Fressancourt ▶ Social networks raise a number of issues related to data security and privacy ▶ Two kinds of privacy issues – From inside the social network itself – From external sites outside the social network ▶ Inside privacy isssues can be solved by using ABE to protect data and give it access only to authorized contacts ▶ Outside privacy issues can be solved by using identity management protocols and systems ▶ Overall, better management of data privacy in future social network services deployed using emerging standards 16
  • 17. Thank you Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud and Atos WorldGrid are registered trademarks of Atos SA. June 2011 © 2011 Atos. Confidential information owned by Atos, to be used by y , y the recipient only. This document, or any part of it, may not be reproduced, copied, circulated and/or distributed nor quoted without prior written approval from Atos. 17/11/2011