SlideShare una empresa de Scribd logo
1 de 33
Dr. Thomas Gross – Research Scientist
18 June 2010




Privacy




                                        © 2009 IBM Corporation
Privacy   PrimeLife   Technology




                          ￷




                      2
Privacy   PrimeLife   Technology




                          ￷




                      3
Who is Privacy About?




4                       © 2009 IBM Corporation
People




5            © 2009 IBM Corporation
People Who Like to Talk




6                             © 2009 IBM Corporation
“Neil Armstrong’s Footsteps
                                       are still there”
                                         7
                                    (Robin Wilton, Sun Microsystems)
Photo:cc-nc-by jahdakine
Computers don’t forget




8                            © 2009 IBM Corporation
Consent Paradigm in Privacy



    Privacy is the claim of individuals, groups, or institutions to
    determine for themselves when, how, and to what extent
    information about them is communicated to others.

                                                      Alan Westin




9                                                                © 2009 IBM Corporation
Legal Privacy Taxonomy
                                                Processing
                                                ●Aggregation
                                                ●Identification

                                                ●Insecurity

                                                ●Secondary Use

                        Collection              ●Exclusion

                        ●Surveillance
                        ●Interrogation




                                                                  Dissemination
Data Subject                                    Data Holders Confidentiality breach
                                                                  ●

                                                                  ●Disclosure
                                                                  ●Exposure

                                                                  ●Increased accessibility
                                 Invasions                        ●Blackmail
                                 ●Intrusion                       ●Appropriation
                                 ●Decisional interference
                                                                  ●Distortion




 From Daniel J. Solove, Understanding Privacy
 10                                                                           © 2009 IBM Corporation
IBM Presentation Template Full Version

           Privacy                       PrimeLife   Technology




                                                          ￷




                                                     11
PrimeLife
Consortium


             12
PrimeLife's Objectives

Bringing Sustainable Privacy and Identity Management to
Future Networks and Services

      Fundamentally understanding privacy-enhancing identity
       management ‘for life’

      Bringing Privacy to the future web

      Develop and make tools for privacy friendly identity
       management widely available – privacy live!
                                                   13
PrimeLife’s 6 Activities

            Mechanisms   HCI
                                Policies
 Privacy In Life

                                 Infrastructures


                           Privacy Live!




                                    14
Scenario




           15
PrimeLife's approach




                       16
PrimeLife's approach




   Privacy Policy
   Easy Management of
    Partial Identities
   Usable Interfaces


                         (Anonymous Communication)
                                               17
PrimeLife's approach



                                          Attributed Based Access
                                           control
                                          Policies towards users
                                          Enforcement of Policies
                                          Change of Business
                                           Processes
   Privacy Policy
   Easy Management of
    Partial Identities
   Usable Interfaces


                         (Anonymous Communication)
                                                  18
PrimeLife's Approach




                       19
IBM Presentation Template Full Version

           Privacy                       PrimeLife   Technology




                                                          ￷




                                                     20
Private Credentials: How to Build Them


  In the
  beginning...
State of the Art: How to Build Them


  asking for a credential
State of the Art: How to Build Them


  getting a credential ...



                             containing “birth date = April 3, 1987”
State of the Art: How to Build Them


  showing a credential ...

                             goes off-line

                                    - driver's license
                                    - insurance
                                    - older > 20
State of the Art: How to Build Them


  showing a credential ...



                                     containing statements “driver's
                                     license, age (as stated in
                                     driver’s ) > 20, and insurance”




                             Using identity mixer, user can transform
                             (different) token(s) into a new single one
                             that, however, still verifies w.r.t. original
                             signers' public keys.
Other Properties: Offline Usage
                                           Zzzzz




ID providers (issuers) need sleep, too!
• Sometimes it is too expensive to have connectivity
• Or a security risk (e.g., ID cards)
Certs can be used as many times as needed!
• cf. Revocation; can be done w/ signer's secrets offline
Other Properties: Cheating Prevention
                                  World of
                                  Warcraft




Limits of anonymity possible (optional):
• If Alice and Eve are on-line together they are caught!
• Use Limitation – anonymous until:
  ● If Alice used certs > 100 times total...
 ●   ... or > 10'000 times with Bob
• Alice's cert can be bound to hardware token (e.g., TPM)
Privacy Preserving Access Control

                                           DNA Database




Simple case: DB learns not who accesses DB
Better: Oblivious Access to Database (OT with AC)
 ●   Server must not learn who accesses
 ●   which record
 ●   Still, Alice can access only records she is authorized for
Secret Handshakes




• Alice and Bob both define some predicate PA and PB
• Alice learns whether Bob satisfies PA if she satisfies PB
Smart Identity Card: Design Goals

         Strong accountability and privacy
                    Sustainable secondary use
                             Trusted identity basis
                                             Future-proof
                                           Cost effective


    Won the Innovation Award 2009 of the Society for Computer Science
    (GI, comparable to the ACM in Germany)

                                                                        © 2009 IBM Corporation
Smart Identity Card

                              User PC


     User
                      interacts/
                                          Browser
                                                                 request: policy/      Backend
                      consents                                   response: proof
                       to policy                                                       (Server)



                                      Identity Wallet                               Identity Mixer
                                                                                      Validation

                                       request: policy/                                  pkI
                                       response: proof
                                                                                    Validates proofs with
                                                                  Key Point          issuer’s public key
                                                                 Transforms
       inserts/owns                                               certificates
                                    Smarter ID Card               in privacy-
                                     Identity Mixer               preserving
                                                                identity proof
                                                                  statements

                              skU          certificates

                                   Maintains master key and
                                    certificates confidential


                                              Secure Javacard

31                                                                                         © 2009 IBM Corporation
Privacy      PrimeLife     Technology




              Sustainable     Crypto to
Important &
               identity &      rescue:
  complex                          ￷
                privacy      efficient on
 challenge
                'for life'   any device



                             32
Thank you!




Contributors:
Björn Assmann, Endre Bangerter, Patrik Bichsel, Carl Binding,
  Anthony Bussani, Jan Camenisch, Thomas Gross, Susan
  Hohenberger, Phil Janson, Gregory Neven, Franz-Stefan Preiss,
  Dieter Sommer, Abhi Shelat, Victor Shoup, Michael Waidner,
  Roger Zimmermann, & innumerous interns


33
                                      http://idemix.wordpress.com/
                                                          © 2009 IBM Corporation

Más contenido relacionado

La actualidad más candente

Triangle InfoSecon Conference program 2011
Triangle InfoSecon Conference program   2011Triangle InfoSecon Conference program   2011
Triangle InfoSecon Conference program 2011Travis Barnes
 
A Model for Reducing Security Risks due to Human Error - iSafe 2010, Dubai
A Model for Reducing Security Risks due to Human Error - iSafe 2010, DubaiA Model for Reducing Security Risks due to Human Error - iSafe 2010, Dubai
A Model for Reducing Security Risks due to Human Error - iSafe 2010, DubaiAnup Narayanan
 
Cookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCastlebridge Associates
 
A model for reducing information security risks due to human error
A model for reducing information security risks due to human errorA model for reducing information security risks due to human error
A model for reducing information security risks due to human errorAnup Narayanan
 
Trusted Edge - Information Governance
Trusted Edge - Information GovernanceTrusted Edge - Information Governance
Trusted Edge - Information Governancejfxm3671
 
Under Lock And Key
Under Lock And KeyUnder Lock And Key
Under Lock And KeyYarko Petriw
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensenjaredcarst
 
Solving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holtSolving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holtRoopa Nadkarni
 
Are You Ready for the Era of Big Data and Extreme Information Management?
Are You Ready for the Era of Big Data and Extreme Information Management?Are You Ready for the Era of Big Data and Extreme Information Management?
Are You Ready for the Era of Big Data and Extreme Information Management?John Mancini
 
The Economic Impact of File Virtualization
The Economic Impact of File VirtualizationThe Economic Impact of File Virtualization
The Economic Impact of File VirtualizationFindWhitePapers
 
Issa Charlotte 2009 Patching Your Users
Issa Charlotte 2009   Patching Your UsersIssa Charlotte 2009   Patching Your Users
Issa Charlotte 2009 Patching Your UsersMike Murray
 
SmartCard Forum 2008 - Securing digital identity
SmartCard Forum 2008 - Securing digital identitySmartCard Forum 2008 - Securing digital identity
SmartCard Forum 2008 - Securing digital identityOKsystem
 
eircom Managed Security
eircom Managed Securityeircom Managed Security
eircom Managed Securityeircom
 
Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013Dale Butler
 
How Affiliate Marketers Can Avoid Legal Pitfalls
How Affiliate Marketers Can Avoid Legal PitfallsHow Affiliate Marketers Can Avoid Legal Pitfalls
How Affiliate Marketers Can Avoid Legal PitfallsAffiliate Summit
 
Social business and innovation
Social business and innovationSocial business and innovation
Social business and innovationJohn Mancini
 
2010 10 27 Isc2 Protecting Consumer Privacy
2010 10 27 Isc2 Protecting Consumer Privacy2010 10 27 Isc2 Protecting Consumer Privacy
2010 10 27 Isc2 Protecting Consumer PrivacyRaj Goel
 

La actualidad más candente (20)

Triangle InfoSecon Conference program 2011
Triangle InfoSecon Conference program   2011Triangle InfoSecon Conference program   2011
Triangle InfoSecon Conference program 2011
 
A Model for Reducing Security Risks due to Human Error - iSafe 2010, Dubai
A Model for Reducing Security Risks due to Human Error - iSafe 2010, DubaiA Model for Reducing Security Risks due to Human Error - iSafe 2010, Dubai
A Model for Reducing Security Risks due to Human Error - iSafe 2010, Dubai
 
Cookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspective
 
A model for reducing information security risks due to human error
A model for reducing information security risks due to human errorA model for reducing information security risks due to human error
A model for reducing information security risks due to human error
 
Trusted Edge - Information Governance
Trusted Edge - Information GovernanceTrusted Edge - Information Governance
Trusted Edge - Information Governance
 
Under Lock And Key
Under Lock And KeyUnder Lock And Key
Under Lock And Key
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
 
Solving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holtSolving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holt
 
Are You Ready for the Era of Big Data and Extreme Information Management?
Are You Ready for the Era of Big Data and Extreme Information Management?Are You Ready for the Era of Big Data and Extreme Information Management?
Are You Ready for the Era of Big Data and Extreme Information Management?
 
The Economic Impact of File Virtualization
The Economic Impact of File VirtualizationThe Economic Impact of File Virtualization
The Economic Impact of File Virtualization
 
Issa Charlotte 2009 Patching Your Users
Issa Charlotte 2009   Patching Your UsersIssa Charlotte 2009   Patching Your Users
Issa Charlotte 2009 Patching Your Users
 
SmartCard Forum 2008 - Securing digital identity
SmartCard Forum 2008 - Securing digital identitySmartCard Forum 2008 - Securing digital identity
SmartCard Forum 2008 - Securing digital identity
 
eircom Managed Security
eircom Managed Securityeircom Managed Security
eircom Managed Security
 
Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013Cyber Security for the Military and Defence Sector 2013
Cyber Security for the Military and Defence Sector 2013
 
How Affiliate Marketers Can Avoid Legal Pitfalls
How Affiliate Marketers Can Avoid Legal PitfallsHow Affiliate Marketers Can Avoid Legal Pitfalls
How Affiliate Marketers Can Avoid Legal Pitfalls
 
Fad final print
Fad final printFad final print
Fad final print
 
Social business and innovation
Social business and innovationSocial business and innovation
Social business and innovation
 
Posterv2
Posterv2Posterv2
Posterv2
 
Mcafee dyntek
Mcafee dyntekMcafee dyntek
Mcafee dyntek
 
2010 10 27 Isc2 Protecting Consumer Privacy
2010 10 27 Isc2 Protecting Consumer Privacy2010 10 27 Isc2 Protecting Consumer Privacy
2010 10 27 Isc2 Protecting Consumer Privacy
 

Destacado

Google AdWords Changes 2012
Google AdWords Changes 2012Google AdWords Changes 2012
Google AdWords Changes 2012Steve Hammer
 
MarketPulse Digital Marketing Survey [Results]
MarketPulse Digital Marketing Survey [Results]MarketPulse Digital Marketing Survey [Results]
MarketPulse Digital Marketing Survey [Results]Geoscape
 
Measuring the Fuzzy ROI of Social Media
Measuring the Fuzzy ROI of Social MediaMeasuring the Fuzzy ROI of Social Media
Measuring the Fuzzy ROI of Social MediaSteve Hammer
 
Privacy Preserving Access Control for Third Party Data Management Systems
Privacy Preserving Access Control for Third Party Data Management SystemsPrivacy Preserving Access Control for Third Party Data Management Systems
Privacy Preserving Access Control for Third Party Data Management SystemsNabeel Yoosuf
 

Destacado (6)

Google AdWords Changes 2012
Google AdWords Changes 2012Google AdWords Changes 2012
Google AdWords Changes 2012
 
MarketPulse Digital Marketing Survey [Results]
MarketPulse Digital Marketing Survey [Results]MarketPulse Digital Marketing Survey [Results]
MarketPulse Digital Marketing Survey [Results]
 
Our cities
Our citiesOur cities
Our cities
 
Measuring the Fuzzy ROI of Social Media
Measuring the Fuzzy ROI of Social MediaMeasuring the Fuzzy ROI of Social Media
Measuring the Fuzzy ROI of Social Media
 
Privacy Preserving Access Control for Third Party Data Management Systems
Privacy Preserving Access Control for Third Party Data Management SystemsPrivacy Preserving Access Control for Third Party Data Management Systems
Privacy Preserving Access Control for Third Party Data Management Systems
 
18 Di Concetta
18 Di Concetta18 Di Concetta
18 Di Concetta
 

Similar a Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross

DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceDSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceAndris Soroka
 
Winkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityWinkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityVic Winkler
 
IBM InfoSphere Guardium overview
IBM InfoSphere Guardium overviewIBM InfoSphere Guardium overview
IBM InfoSphere Guardium overviewnazeer325
 
Privacy in Computer Vision
Privacy in Computer Vision Privacy in Computer Vision
Privacy in Computer Vision Omid Mogharian
 
In the social, mobile and cloud era, what does it take to be an Information P...
In the social, mobile and cloud era, what does it take to be an Information P...In the social, mobile and cloud era, what does it take to be an Information P...
In the social, mobile and cloud era, what does it take to be an Information P...John Mancini
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Symantec APJ
 
The NRB Group mainframe day 2021 - Security On Z - Guillaume Hoareau
The NRB Group mainframe day 2021 - Security On Z - Guillaume HoareauThe NRB Group mainframe day 2021 - Security On Z - Guillaume Hoareau
The NRB Group mainframe day 2021 - Security On Z - Guillaume HoareauNRB
 
"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategyJason Clark
 
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...Symantec APJ
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Managementjustinkallhoff
 
Emids Morning Security Virtual India V3
Emids Morning Security Virtual India V3Emids Morning Security Virtual India V3
Emids Morning Security Virtual India V3techcouncil
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...IBM Security
 
RSA 2010 Kevin Rowney
RSA 2010 Kevin RowneyRSA 2010 Kevin Rowney
RSA 2010 Kevin RowneySymantec
 
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBMArrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBMArrow ECS UK
 
Control cloud data access privilege and anonymity with fully anonymous attrib...
Control cloud data access privilege and anonymity with fully anonymous attrib...Control cloud data access privilege and anonymity with fully anonymous attrib...
Control cloud data access privilege and anonymity with fully anonymous attrib...LeMeniz Infotech
 
CrossIdeas Roadshow IBM IAM Governance Andrea Rossi
CrossIdeas Roadshow IBM IAM Governance Andrea RossiCrossIdeas Roadshow IBM IAM Governance Andrea Rossi
CrossIdeas Roadshow IBM IAM Governance Andrea RossiIBM Sverige
 
Control cloud data access privilege and anonymity with fully anonymous attri...
Control cloud data access privilege and anonymity with  fully anonymous attri...Control cloud data access privilege and anonymity with  fully anonymous attri...
Control cloud data access privilege and anonymity with fully anonymous attri...LeMeniz Infotech
 
Emerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesEmerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesPeter Wood
 

Similar a Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross (20)

DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceDSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
 
Winkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityWinkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and Mobility
 
IBM InfoSphere Guardium overview
IBM InfoSphere Guardium overviewIBM InfoSphere Guardium overview
IBM InfoSphere Guardium overview
 
Privacy in Computer Vision
Privacy in Computer Vision Privacy in Computer Vision
Privacy in Computer Vision
 
In the social, mobile and cloud era, what does it take to be an Information P...
In the social, mobile and cloud era, what does it take to be an Information P...In the social, mobile and cloud era, what does it take to be an Information P...
In the social, mobile and cloud era, what does it take to be an Information P...
 
Protecting Data on Laptops
Protecting Data on LaptopsProtecting Data on Laptops
Protecting Data on Laptops
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16
 
The NRB Group mainframe day 2021 - Security On Z - Guillaume Hoareau
The NRB Group mainframe day 2021 - Security On Z - Guillaume HoareauThe NRB Group mainframe day 2021 - Security On Z - Guillaume Hoareau
The NRB Group mainframe day 2021 - Security On Z - Guillaume Hoareau
 
"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy
 
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
 
A6704d01
A6704d01A6704d01
A6704d01
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
Emids Morning Security Virtual India V3
Emids Morning Security Virtual India V3Emids Morning Security Virtual India V3
Emids Morning Security Virtual India V3
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
 
RSA 2010 Kevin Rowney
RSA 2010 Kevin RowneyRSA 2010 Kevin Rowney
RSA 2010 Kevin Rowney
 
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBMArrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
 
Control cloud data access privilege and anonymity with fully anonymous attrib...
Control cloud data access privilege and anonymity with fully anonymous attrib...Control cloud data access privilege and anonymity with fully anonymous attrib...
Control cloud data access privilege and anonymity with fully anonymous attrib...
 
CrossIdeas Roadshow IBM IAM Governance Andrea Rossi
CrossIdeas Roadshow IBM IAM Governance Andrea RossiCrossIdeas Roadshow IBM IAM Governance Andrea Rossi
CrossIdeas Roadshow IBM IAM Governance Andrea Rossi
 
Control cloud data access privilege and anonymity with fully anonymous attri...
Control cloud data access privilege and anonymity with  fully anonymous attri...Control cloud data access privilege and anonymity with  fully anonymous attri...
Control cloud data access privilege and anonymity with fully anonymous attri...
 
Emerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesEmerging Threats and Attack Surfaces
Emerging Threats and Attack Surfaces
 

Más de Thomas Gross

Attribute-based Authentication
Attribute-based AuthenticationAttribute-based Authentication
Attribute-based AuthenticationThomas Gross
 
CCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized InfrastructuresCCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized InfrastructuresThomas Gross
 
VALID Rules - A language for cloud verification (EU CSP\’12)
VALID Rules - A language for cloud verification (EU CSP\’12)VALID Rules - A language for cloud verification (EU CSP\’12)
VALID Rules - A language for cloud verification (EU CSP\’12)Thomas Gross
 
Anonymous Credentials on Java Card - SIT Smartcard 2011
Anonymous Credentials on Java Card - SIT Smartcard 2011Anonymous Credentials on Java Card - SIT Smartcard 2011
Anonymous Credentials on Java Card - SIT Smartcard 2011Thomas Gross
 
CCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas GrossCCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas GrossThomas Gross
 
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas GrossCCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas GrossThomas Gross
 
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...Thomas Gross
 

Más de Thomas Gross (7)

Attribute-based Authentication
Attribute-based AuthenticationAttribute-based Authentication
Attribute-based Authentication
 
CCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized InfrastructuresCCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized Infrastructures
 
VALID Rules - A language for cloud verification (EU CSP\’12)
VALID Rules - A language for cloud verification (EU CSP\’12)VALID Rules - A language for cloud verification (EU CSP\’12)
VALID Rules - A language for cloud verification (EU CSP\’12)
 
Anonymous Credentials on Java Card - SIT Smartcard 2011
Anonymous Credentials on Java Card - SIT Smartcard 2011Anonymous Credentials on Java Card - SIT Smartcard 2011
Anonymous Credentials on Java Card - SIT Smartcard 2011
 
CCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas GrossCCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas Gross
 
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas GrossCCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
 
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...
 

Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross

  • 1. Dr. Thomas Gross – Research Scientist 18 June 2010 Privacy © 2009 IBM Corporation
  • 2. Privacy PrimeLife Technology ￷ 2
  • 3. Privacy PrimeLife Technology ￷ 3
  • 4. Who is Privacy About? 4 © 2009 IBM Corporation
  • 5. People 5 © 2009 IBM Corporation
  • 6. People Who Like to Talk 6 © 2009 IBM Corporation
  • 7. “Neil Armstrong’s Footsteps are still there” 7 (Robin Wilton, Sun Microsystems) Photo:cc-nc-by jahdakine
  • 8. Computers don’t forget 8 © 2009 IBM Corporation
  • 9. Consent Paradigm in Privacy Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others. Alan Westin 9 © 2009 IBM Corporation
  • 10. Legal Privacy Taxonomy Processing ●Aggregation ●Identification ●Insecurity ●Secondary Use Collection ●Exclusion ●Surveillance ●Interrogation Dissemination Data Subject Data Holders Confidentiality breach ● ●Disclosure ●Exposure ●Increased accessibility Invasions ●Blackmail ●Intrusion ●Appropriation ●Decisional interference ●Distortion From Daniel J. Solove, Understanding Privacy 10 © 2009 IBM Corporation
  • 11. IBM Presentation Template Full Version Privacy PrimeLife Technology ￷ 11
  • 13. PrimeLife's Objectives Bringing Sustainable Privacy and Identity Management to Future Networks and Services  Fundamentally understanding privacy-enhancing identity management ‘for life’  Bringing Privacy to the future web  Develop and make tools for privacy friendly identity management widely available – privacy live! 13
  • 14. PrimeLife’s 6 Activities Mechanisms HCI Policies Privacy In Life Infrastructures Privacy Live! 14
  • 15. Scenario 15
  • 17. PrimeLife's approach  Privacy Policy  Easy Management of Partial Identities  Usable Interfaces (Anonymous Communication) 17
  • 18. PrimeLife's approach  Attributed Based Access control  Policies towards users  Enforcement of Policies  Change of Business Processes  Privacy Policy  Easy Management of Partial Identities  Usable Interfaces (Anonymous Communication) 18
  • 20. IBM Presentation Template Full Version Privacy PrimeLife Technology ￷ 20
  • 21. Private Credentials: How to Build Them In the beginning...
  • 22. State of the Art: How to Build Them asking for a credential
  • 23. State of the Art: How to Build Them getting a credential ... containing “birth date = April 3, 1987”
  • 24. State of the Art: How to Build Them showing a credential ... goes off-line - driver's license - insurance - older > 20
  • 25. State of the Art: How to Build Them showing a credential ... containing statements “driver's license, age (as stated in driver’s ) > 20, and insurance” Using identity mixer, user can transform (different) token(s) into a new single one that, however, still verifies w.r.t. original signers' public keys.
  • 26. Other Properties: Offline Usage Zzzzz ID providers (issuers) need sleep, too! • Sometimes it is too expensive to have connectivity • Or a security risk (e.g., ID cards) Certs can be used as many times as needed! • cf. Revocation; can be done w/ signer's secrets offline
  • 27. Other Properties: Cheating Prevention World of Warcraft Limits of anonymity possible (optional): • If Alice and Eve are on-line together they are caught! • Use Limitation – anonymous until: ● If Alice used certs > 100 times total... ● ... or > 10'000 times with Bob • Alice's cert can be bound to hardware token (e.g., TPM)
  • 28. Privacy Preserving Access Control DNA Database Simple case: DB learns not who accesses DB Better: Oblivious Access to Database (OT with AC) ● Server must not learn who accesses ● which record ● Still, Alice can access only records she is authorized for
  • 29. Secret Handshakes • Alice and Bob both define some predicate PA and PB • Alice learns whether Bob satisfies PA if she satisfies PB
  • 30. Smart Identity Card: Design Goals Strong accountability and privacy Sustainable secondary use Trusted identity basis Future-proof Cost effective Won the Innovation Award 2009 of the Society for Computer Science (GI, comparable to the ACM in Germany) © 2009 IBM Corporation
  • 31. Smart Identity Card User PC User interacts/ Browser request: policy/ Backend consents response: proof to policy (Server) Identity Wallet Identity Mixer Validation request: policy/ pkI response: proof Validates proofs with Key Point issuer’s public key Transforms inserts/owns certificates Smarter ID Card in privacy- Identity Mixer preserving identity proof statements skU certificates Maintains master key and certificates confidential Secure Javacard 31 © 2009 IBM Corporation
  • 32. Privacy PrimeLife Technology Sustainable Crypto to Important & identity & rescue: complex ￷ privacy efficient on challenge 'for life' any device 32
  • 33. Thank you! Contributors: Björn Assmann, Endre Bangerter, Patrik Bichsel, Carl Binding, Anthony Bussani, Jan Camenisch, Thomas Gross, Susan Hohenberger, Phil Janson, Gregory Neven, Franz-Stefan Preiss, Dieter Sommer, Abhi Shelat, Victor Shoup, Michael Waidner, Roger Zimmermann, & innumerous interns 33 http://idemix.wordpress.com/ © 2009 IBM Corporation