Protection of the Users Privacy in Ubiquitous RFID-based Systems
|
|
- Ralf Davis
- 6 years ago
- Views:
Transcription
1 Protection of the Users Privacy in Ubiquitous RFID-based Systems Ivan Gudymenko Hauptseminar Technischer Datenschutz 1
2 Outline Intro E-ticketing Personal Belongings Management Conclusion and future work 2
3 Outline Intro E-ticketing Personal Belongings Management Conclusion and future work 3
4 Intro UbiComp systems based on RFID Privacy issues address serious concerns Motivation: making UbiComp privacy-respecting Two use cases: E-ticketing Personal Belongings Management 4
5 Outline Intro E-ticketing Personal Belongings Management Conclusion and future work 5
6 E-ticketing: A General Scenario 6/0123%4"5678"0123(-.796:"3(7;;<-6=#89(*01796:"3%7;;<-6=#8:!"#$%&'#( )$*#+$,-#$./ 0+$1(,'2$/ &'()%*+",,-./(0.-1!"#$#%&'()*+,"-%. 0+$1('/) ;#+45".$(,<,1"= 23" /012:!"#$"% 23"+45*01! ($-,1#.+"(+#>+0>#1-*.! (?->>-./! (+0,1*="%(#++*0.1,(=/=1@! (,1#1-,1-+, 6
7 Privacy Concerns in E-ticketing Privacy Protection Goals: Unintended customer identification exposure of customer ID (direct and indirect) 1. Anonymity 2. Confidentiality 3. Unlinkability 4. Unobservability unencrypted ID during the anti-collision session physical layer identification (RFID fingerprinting) Information linkage Illegal customer profiling 7
8 Privacy Concerns in E-ticketing: Countermeasures 8
9 E-ticketing: Standards Stack *2,&3('45* /+'$,&)4 0,'1&)+')$,+.()(*&%)+,-('+/!"##$%&'()&"%*&%)+,-('+* Aimed at providing interoperability Many existent solutions are still proprietary, though 9
10 Privacy-related Issues: Architecture Level ISO EN *2,&3('45* /+'$,&)4 0,'1&)+')$,+.()(*&%)+,-('+/!"##$%&'()&"%*&%)+,-('+* Coarsely-specified, general privacy requirements: data minimization user consent acquisition customer confidentiality No recommendations for further implementation 10
11 Privacy-related Issues: Data Interfaces Level *2,&3('45* /+'$,&)4 0,'1&)+')$,+.()(*&%)+,-('+/!"##$%&'()&"%*&%)+,-('+* 11
12 Privacy-related Issues: Data Interfaces Level EN *2,&3('45* /+'$,&)4 0,'1&)+')$,+.()(*&%)+,-('+/!"##$%&'()&"%*&%)+,-('+* Specification of a generic Security Subsystem Access control to privacy-relevant fields further defined in EN
13 Security Subsystem in EN %&#'()"*!"#$%&#'()$ (#'*!"#$ 9+ ; 9($)' +$/.%,"'# +$/.%,"';!"#$%&'#()!"#$%&'#(2 * $'++,#-(./ $'++,#-(,/ $'++,#-(0/ $'++,#-(3/ $'++,#-(&/ $'++,#-($/ 1 H"$;'0I.-&$5= J"$E#'* (0KK#1*9!"+$%&#'()$ #,,-.(#/.01 &1/3'41-1'!,-./ $ 438$'&9:-/7 ;<87$36=7$ 438$*#/#$>'0:,"!"#$+,&-.#(/0 1")"2&'&)/+30,/&' 9+ : $/.%,"2 +$/.%,"'# +$/.%,"':!"#$%&'#()!"#$%&'#(4 * $'++,#-(./ $'++,#-(-/ $'++,#-(0/ $'++,#-(5/ $'++,#-(&/ $'++,#-(6/ 1 +$/.%,"'#!"#$%&'#() * $'++,#-(./ $'++,#-(0/ $'++,#-(&/ 1!"#$!%&' ()))* +,-./012.!"#"$%&'&($) )$%*"$ +,(-./$0123"&%.%& )$%*"$ 41-1'5/678'!,-./012.?3@5AB7$ %3CD7 E@3C837 FG=5AB7 5(-('!$/632 75!8 9($) )(-( 4"/"+5#6.7+3&-.#(/0 1")"2&'&)/+30,/&' 5!+ ; 5! 5!+ : 5!+ < +$/.%,"2 13
14 Privacy-related Issues: Data Interfaces Level EN 1545 *2,&3('45* /+'$,&)4 0,'1&)+')$,+.()(*&%)+,-('+/!"##$%&'()&"%*&%)+,-('+* Privacy-relevant data fields (customer number, birth date, etc.) Access control and encryption for protection 14
15 Privacy-relevant Fields in EN Privacy-relevant field Description birth date - birth name - birth place - customer number customer reference number device ID can be linked to a particular customer address - telephone number - postal address - location ID - customer profile ID e.g. student, military, resident, etc. user data additional information about a customer 15
16 Privacy-related Issues: Data Interfaces Level ISO *2,&3('45* /+'$,&)4 0,'1&)+')$,+.()(*&%)+,-('+/!"##$%&'()&"%*&%)+,-('+* Secure messaging mechanisms Can be used for protecting privacy-critical data 16
17 Privacy-related Issues: Communication Interface *2,&3('45* /+'$,&)4 0,'1&)+')$,+.()(*&%)+,-('+/!"##$%&'()&"%*&%)+,-('+* Solely functionality-oriented No security or privacy mechanisms considered Customer ID exposure during the anti-collision session and physical layer identification: to be solved here 17
18 Privacy-related Issues: Summary AL DIL CIL 18
19 Privacy-related Issues: Summary (2) Security mechanisms are considered in the first place Customer privacy more as a by-product Privacy issues are not explicitly addressed across the stack Proprietary solutions act in a similar way (ITSO, CALYPSO, MIFARE) Develop an approach explicitly addressing privacy in a cross-layer fashion and across system components 19
20 Outline Intro E-ticketing Personal Belongings Management Conclusion and future work 20
21 A General Scenario!"#$!!"#$%!&'()*+,)-.,-)/!!0/)+1'*2!,)*.3&'4!5/6&./!! )*+,$-!"#$%&'()*+,- %&&'($!!"#$%!&'()*+,)-.,-)/!!0/)+1'*2!,)*.3&'4!5/6&./!!!0/)+1'*2!,)*.3&'4!5/6&./!1'27!! 21
22 Key Differences to E-ticketing The requirement to track items from a certain distance No validation step is required Anonymization is easier Only a few readers (e.g. a portable one, at work and at home) Compliance to the Standards Stack not required (weaker interoperability?) Develop a privacy-respecting solution for personal belongings management 22
23 Outline Intro E-ticketing Personal Belongings Management Conclusion and future work 23
24 Conclusion Two use cases for the PhD dissertation have been discussed Focus on user privacy No decent cross-layer, cross-component solution with respect to privacy has been developed so far 24
25 Future Work Further research on partial solutions developed so far Identify what can be done for a decent cross-layer, cross-component solution Focus on the issues representing a particular interest for a research community and industry 25
26 Time Plan: Near Future May 2012 Finish State-of-the-Art: - proprietary solutions - focus papers Privacy-preserving protocol evaluation June 2012 July/August 2012 Specific tasks determination Core concept development Requirements paper for doctoral symposium 26
27 References [JP02] Ari Juels and Ravikanth Pappu. Squealing Euros: Privacy Protection in RFID-Enabled Banknotes. In Financial Cryptography 03, pages Springer-Verlag, [LLY08-a] Tong-Lee Lim, Tieyan Li, and Sze-Ling Yeo. Randomized Bit Encoding for Stronger Backward Channel Protection in RFID Systems. In Proceedings of the 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications, PERCOM 08, pages 40 49, Washington, DC, USA, IEEE Computer Society. [LLY08-b] Tong-Lee Lim, Tieyan Li, and Sze-Ling Yeo. A Cross-layer Framework for Privacy Enhancement in RFID systems. Pervasive and Mobile Computing, 4(6): , [Gud11] [CR06] Ivan Gudymenko. Protection of the Users Privacy in Ubiquitous RFID Systems. Master s thesis, Technische Universität Dresden, Faculty of Computer Science, December Wonjoon Choi and Byeong-hee Roh. Backward Channel Protection Method for RFID Security Schemes Based on Tree-Walking Algorithms. In Marina Gavrilova, Osvaldo Gervasi, Vipin Kumar, C. Tan, David Taniar, Antonio Lagan a, Youngsong Mun, and Hyunseung Choo, editors, Computational Science and Its Applications - ICCSA 2006, volume 3983 of Lecture Notes in Computer Science, pages Springer Berlin / Heidelberg,
28 Thank you very much for your attention! Questions? Comments? Suggestions? 28
29 Back-up Slides 29
30 Logical Interfaces in EN 15320: States Transitional Diagram 30
Developing Privacy-respecting E-ticketing Systems. Ivan Gudymenko
Developing Privacy-respecting E-ticketing Systems Ivan Gudymenko Klausurtagung II/2012 Outline E-ticketing Systems Under Concern: E-ticketing: A General Application Scenario Fare Collection Approaches
More informationEfficient RFID Authentication protocol for Ubiquitous Computing Environment
Efficient RFID Authentication protocol for Ubiquitous Computing Environment Eun Young Choi 1, Su Mi Lee 1, and Dong Hoon Lee 2 Center for Information Security Technologies(CIST), Korea University, 1, 5-Ka,
More informationEPC Tag Authentication with Randomized Characteristics for Strong Privacy
182 IJCSNS International Journal of Computer Science and Network Security, VOL.6 No.9B, September 2006 EPC Tag Authentication with Randomized Characteristics for Strong Privacy Soohyun Oh, and Jin Kwak,
More informationRFID tags. Inductive coupling is used for. energy transfer to card transmission of clock signal data transfer
RFID 1 RFID tags RFID = Radio-Frequency IDentification RFID devices are called tags or transponders More powerful RFID tags can be called (contactless) smartcards Inductive coupling is used for energy
More informationSecurity Analysis of Two Ultra-Lightweight RFID Authentication Protocols
Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols Tieyan Li and Guilin Wang Systems and Security Department Institute for Infocomm Research (I 2 R) 21 Heng Mui Keng Terrace, Singapore
More informationCryptanalysis of improved Yeh et al. s authentication Protocol: An EPC Class-1 Generation-2 standard compliant protocol
Cryptanalysis of improved Yeh et al. s authentication Protocol: An EPC Class-1 Generation-2 standard compliant protocol Masoumeh Safkhani 1, Nasour Bagheri 2, Somitra Kumar Sanadhya 3, Majid Naderi 1 1
More informationTechnical Solutions Novel Challenges to Privacy Privacy Enhancing Technologies Examples
Muhammad Eka WIJAYA Technical Solutions Novel Challenges to Privacy Privacy Enhancing Technologies Examples How to Address Privacy in Ubiquitous Work Understand Application Define Problem Know Tools 2
More informationPrivacy Protection in RFID-Enabled Banknotes
Privacy Protection in RFID-Enabled Banknotes Ari Juels, Ravikanth Pappu, Squealing Euros: Privacy-Protection in RFID-Enabled Banknotes, Financial Cryptography '03 Reporter : Chung-Fu Lu Advisor : Prof.
More informationKey management. Pretty Good Privacy
ECE 646 - Lecture 4 Key management Pretty Good Privacy Using the same key for multiple messages M 1 M 2 M 3 M 4 M 5 time E K time C 1 C 2 C 3 C 4 C 5 1 Using Session Keys & Key Encryption Keys K 1 K 2
More informationServerless Search and Authentication Protocols for RFID
Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng, and Qun Li {cct,shengbo,liqun}@cs.wm.edu Department of Computer Science College of William and Mary Williamsburg, VA, 23187
More informationPartitioning of Public Transit Networks
Partitioning of Public Transit Networks [Bachelor s thesis] Matthias Hertel Albert-Ludwigs-Universität Freiburg.09.205 Contents Introduction Motivation Goal 2 Data model 3 Algorithms K-means Merging algorithm
More informationPublic Key Infrastructures Chapter 06 Private Keys
Public Key Infrastructures Chapter 06 Private Keys Cryptography and Computer Algebra Prof. Dr. Johannes Buchmann Dr. Alexander Wiesmaier Personal security environments Store Private keys Certificates Other
More informationE-Ticketing scheme for mobile devices with exculpability
E-Ticketing scheme for mobile devices with exculpability Arnau Vives-Guasch 1, Magdalena Payeras-Capella 2, Macià Mut-Puigserver 2 and Jordi Castellà-Roca 1 1 Dept. de Ingeniería Informática y Matemáticas
More informationHF Markets SA (Pty) Ltd Protection of Personal Information Policy
Protection of Personal Information Policy Protection of Personal Information Policy This privacy statement covers the website www.hotforex.co.za, and all its related subdomains that are registered and
More informationMotion Generation for Glove Puppet Show with Procedural Animation
Motion Generation for Glove Puppet Show with Procedural Animation Chih-Chung Lin 1, Gee-Chin Hou 2, and Tsai-Yen Li 1 1 Department of Computer Science, National Chengchi University, Taiwan {s9421,li}@cs.nccu.edu.tw
More informationPaul A. Karger
Privacy and Security Threat Analysis of the Federal Employee Personal Identity Verification (PIV) Program Paul A. Karger karger@watson.ibm.com Outline Identify specific problem with FIPS 201 Problem of
More informationSingapore s National Digital Identity (NDI):
Singapore s National Digital Identity (NDI): Leaving no one behind Kwok Quek Sin Director, National Digital Identity Programme Government Technology Agency PART 1 INTRODUCTION TO NDI Better Living For
More informationA Methodology for Assigning Access Control to Public Clouds
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 12, December 2014,
More informationECE 646 Lecture 3. Key management. Required Reading. Using the same key for multiple messages
ECE 646 Lecture 3 Key management Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E Chapter 14 Key Management and Distribution Using the same key for multiple
More informationBit Shuffling Query Tree Algorithm for Secure Communication in RFID Networks
Bit Shuffling Query Tree Algorithm for Secure Communication in RFID Networks Nivedita Das Dept. of Information Technology Calcutta UniversityKolkata, India Indrajit Bhattacharya Dept. of Computer Application
More informationContext-Aware Task Scheduling for Resource Constrained Mobile Devices
Context-Aware Task Scheduling for Resource Constrained Mobile Devices Somayeh Kafaie, Omid Kashefi, and Mohsen Sharifi School of Computer Engineering, Iran University of Science and Thechnology,Tehran,
More informationSecurity and Privacy in Car2Car Adhoc Networks
Security and Privacy in Car2Car Adhoc Networks Antonio Kung Trialog www.trialog.com 15/06/2016 1 Introduction French SME Involved since 2002 in security and privacy for connected vehicles 15/06/2016 2
More informationEvent Correlation Engine
Event Correlation Engine Master s Thesis Final Presentation Andreas Müller Tutors: Christoph Göldi, Bernhard Tellenbach Supervisor: Prof. B. Plattner Institut für Technische Informatik und Kommunikationsnetze
More informationKey management. Required Reading. Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E
ECE 646 Lecture 3 Key management Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E Chapter 14 Key Management and Distribution 1 Using the same key for multiple
More informationDo you handle EU residents personal data? The GDPR update is coming May 25, Are you ready?
European Union (EU) General Data Protection Regulation (GDPR) Do you handle EU residents personal data? The GDPR update is coming May 25, 2018. Are you ready? What do you need to do? Governance and Accountability
More informationAligning Mal-activity Diagrams and Security Risk Management for Security Requirements Definitions
Aligning Mal-activity Diagrams and Security Risk Management for Security Requirements Definitions Mohammad Jabed Morshed Chowdhury 1, 2, Raimundas Matulevičius 1, Guttorm Sindre 2, and Peter Karpati 2
More informationRFID Security without Extensive Cryptography
RFID Security without Extensive Cryptography Sindhu Karthikeyan and Mikhail Nesterenko Computer Science Department Kent State University Kent, OH, USA {skarthik, mikhail}@cs.kent.edu ABSTRACT A Radio Frequency
More informationECE 646 Lecture 3. Key management
ECE 646 Lecture 3 Key management Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E Chapter 14 Key Management and Distribution Using the same key for multiple
More informationNetwork Forensics and Privacy Enhancing Technologies living together in harmony
Edith Cowan University Research Online Australian Information Security Management Conference Conferences, Symposia and Campus Events 2006 Network Forensics and Privacy Enhancing Technologies living together
More informationPrivacy Enhanced Authentication Protocol for RFID Tag System Security
IJCSNS International Journal of Computer Science and Network Security, VOL.7 No.9, September 2007 1 Privacy Enhanced Authentication Protocol for RFID Tag System Security Sang-Soo Yeo and Jin Kwak, Dept.
More informationINFS 328 Systems Analysis and Design
INFS 328 Systems Analysis and Design Session 6 System Design Part 1 Lecturer: Prof. Ellis Edwin Badu, Dept. of Information Studies Contact Information: eebadu@ug.edu.gh College of Education School of Continuing
More informationEfficient RFID authentication scheme for supply chain applications
University of Wollongong Research Online Faculty of Informatics - Papers (Archive) Faculty of Engineering and Information Sciences 2010 Efficient RFID authentication scheme for supply chain applications
More informationUnsupervised Clustering of Web Sessions to Detect Malicious and Non-malicious Website Users
Unsupervised Clustering of Web Sessions to Detect Malicious and Non-malicious Website Users ANT 2011 Dusan Stevanovic York University, Toronto, Canada September 19 th, 2011 Outline Denial-of-Service and
More informationAcceptable Use Policy
Acceptable Use Policy POLICY 07.01.01 Effective Date: 01/01/2015 The following are responsible for the accuracy of the information contained in this document Responsible Policy Administrator Information
More informationProposal to Access Personal Information for Research or Statistical Purposes
Proposal to Access Personal Information for Research or Statistical Purposes This form is used to request access, for research or statistical purposes, to personal information contained in records covered
More informationData Inventory and Classification, Physical Devices and Systems ID.AM-1, Software Platforms and Applications ID.AM-2 Inventory
Audience: NDCBF IT Security Team Last Reviewed/Updated: March 2018 Contact: Henry Draughon hdraughon@processdeliveysystems.com Overview... 2 Sensitive Data Inventory and Classification... 3 Applicable
More informationDisruptive Technologies Legal and Regulatory Aspects. 16 May 2017 Investment Summit - Swiss Gobal Enterprise
Disruptive Technologies Legal and Regulatory Aspects 16 May 2017 Investment Summit - Swiss Gobal Enterprise Legal and Regulatory Framework in Switzerland Legal and regulatory Framework: no laws or provisions
More informationAn Introduction to Digital Identity
1 An Introduction to Digital Identity Andreas Pfitzmann Dresden University of Technology, Department of Computer Science, D-01062 Dresden Nöthnitzer Str. 46, Room 3071 Phone: +49 351 463-38277, e-mail:
More informationHash-based Encryption Algorithm to Protect Biometric Data in e-passport
Hash-based Encryption Algorithm to Protect Biometric Data in e-passport 1 SungsooKim, 2 Hanna You, 3 Jungho Kang, 4 Moonseog Jun 1, First Author Soongsil University, Republic of Korea, indielazy@ssu.ac.kr
More informationCURRICULUM VITAE. June, 2013
CURRICULUM VITAE ד"ר אבי סופר Dr. Avi Soffer June, 2013 ORT Braude College, Department of Software Engineering, P.O. Box 78, Karmiel 2161002, Israel Telephone: +972-4-990-1720 Email: asoffer@braude.ac.il
More informationA new key recovery attack on the ANSI retail MAC
A new key recovery attack on the ANSI retail MAC Chris J. Mitchell Information Security Group, Royal Holloway, University of London Egham, Surrey TW20 0EX, UK c.mitchell@rhul.ac.uk 13th November 2002 Abstract
More informationA Theoretical Model for Location Privacy in Wireless Personal Area Networks
A Theoretical Model for Location Privacy in Wireless Personal Area Networks Dave Singelée 1, Ford-Long Wong 2, Bart Preneel 1, and Frank Stajano 2 1 ESAT SCD COSIC, Katholieke Universiteit Leuven IBBT,
More informationExperience with SPM in IPv6
Experience with SPM in IPv6 Mingjiang Ye, Jianping Wu, and Miao Zhang Department of Computer Science, Tsinghua University, Beijing, 100084, P.R. China yemingjiang@csnet1.cs.tsinghua.edu.cn {zm,jianping}@cernet.edu.cn
More informationGRAHAM JONES - PRIVACY POLICY
GRAHAM JONES - PRIVACY POLICY BACKGROUND: Graham Jones understands that your privacy is important to you and that you care about how your personal data is used. I respect and value the privacy of all of
More informationA Hash-based RFID Search Protocol for Mobile Reader
, pp.139-150 http://dx.doi.org/10.14257/ijhit.2014.7.2.14 A Hash-based RFID Search Protocol for Mobile Reader He Jialiang 1, Xu Youjun 2 and Xu Zhiqiang 3 *1 College of Information and Communication Engineering,
More informationSecure User Authentication Mechanism in Digital Home Network Environments
Secure User Authentication Mechanism in Digital Home Network Environments Jongpil Jeong, Min Young Chung, and Hyunseung Choo Intelligent HCI Convergence Research Center Sungkyunkwan University 440-746,
More informationUNIT - IV Cryptographic Hash Function 31.1
UNIT - IV Cryptographic Hash Function 31.1 31-11 SECURITY SERVICES Network security can provide five services. Four of these services are related to the message exchanged using the network. The fifth service
More informationGDPR Draft: Data Access Control and Password Policy
wea.org.uk GDPR Draft: Data Access Control and Password Policy Version Number Date of Issue Department Owner 1.2 21/01/2018 ICT Mark Latham-Hall Version 1.2 last updated 27/04/2018 Page 1 Contents GDPR
More informationTWO PARTY HIERARICHAL CLUSTERING OVER HORIZONTALLY PARTITIONED DATA SET
TWO PARTY HIERARICHAL CLUSTERING OVER HORIZONTALLY PARTITIONED DATA SET Priya Kumari 1 and Seema Maitrey 2 1 M.Tech (CSE) Student KIET Group of Institution, Ghaziabad, U.P, 2 Assistant Professor KIET Group
More informationOASIS: Architecture, Model and Management of Policy
OASIS: Architecture, Model and Management of Policy Ken Moody Computer Laboratory, University of Cambridge 1 Overview OASIS : Architecture, Model and Policy 1. background to the research people, projects
More information(More) cryptographic protocols
(More) cryptographic protocols Myrto Arapinis School of Informatics University of Edinburgh October 19, 2017 1/24 Authentication and key agreement protocols 2/24 Authentication and key agreement Long-term
More informationDynamic Behavior of RS latches using FIB processing and probe connection
Dynamic Behavior of RS latches using FIB processing and probe connection Naoya Torii 1,2, Dai Yamamoto 1, Masahiko Takenaka 1, and Tsutomu Matsumoto 2 1 Secure Computing Laboratory, Fujitsu Laboratories
More informationLightweight Cryptography For Security And Privacy: Third International Workshop, LightSec 2014, Istanbul, Turkey, September 1-2, 2014, Revised...
Lightweight Cryptography For Security And Privacy: Third International Workshop, LightSec 2014, Istanbul, Turkey, September 1-2, 2014, Revised... Computer Science / Security And Cryptology) If you are
More informationDresden OCL2 in MOFLON
Dresden OCL2 in MOFLON 10 Jahre Dresden-OCL Workshop Felix Klar Felix.Klar@es.tu-darmstadt.de ES Real-Time Systems Lab Prof. Dr. rer. nat. Andy Schürr Dept. of Electrical Engineering and Information Technology
More informationEstimation of TTP Features in Non-repudiation Service *
Estimation of TTP Features in Non-repudiation Service * Mildrey Carbonell 1, José María Sierra 1, Jose A. Onieva 2, Javier Lopez 2, and Jianying Zhou 3 1 University of Carlos III Madrid {mcarbone,sierra}@inf.uc3m.es
More informationB&W Waste Management Services Ltd: Limited Company registered in England under company number
B&W Waste Management Services Ltd understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our customers/supplier
More informationDEMONSTRATION OF A PRIVACY-PRESERVING SYSTEM THAT PERFORMS AN UNDUPLICATED ACCOUNTING OF SERVICES ACROSS HOMELESS PROGRAMS
DEMONSTRATION OF A PRIVACY-PRESERVING SYSTEM THAT PERFORMS AN UNDUPLICATED ACCOUNTING OF SERVICES ACROSS HOMELESS PROGRAMS by Latanya Sweeney, PhD Associate Professor of Computer Science, Technology and
More informationCryptographic Approach to Privacy-Friendly Tags
Cryptographic Approach to Privacy-Friendly Tags Miyako Ohkubo, Koutarou Suzuki, and Shingo Kinoshita NTT Laboratories Nippon Telegraph and Telephone Corporation 2003.11.15 RFID Privacy Workshop MIT Outline
More informationAn Enhanced Dynamic Framed Slotted ALOHA Algorithm for RFID Tag Identification
An Enhanced Dynamic Framed Slotted ALOHA Algorithm for RFID Tag Identification Su-Ryun Lee Ajou University Department of Electrical and Computer Engineering Suwon, Korea srlee@ajouackr Sung-Don Joo LG
More informationAuthentication System
A Biologically Inspired Password Authentication System Dipankar Dasgupta and Sudip Saha Center for Information Assurance University of Memphis Memphis, TN 38152 Outline Motivation Position Authentication
More informationConfiguration Management for Component-based Systems
Configuration Management for Component-based Systems Magnus Larsson Ivica Crnkovic Development and Research Department of Computer Science ABB Automation Products AB Mälardalen University 721 59 Västerås,
More informationBluetooth mobile solutions APPLICATION NOTE / FAQ. Page 1 on 24
Bluetooth mobile solutions APPLICATION NOTE / FAQ Page 1 on 24 Table of Contents I. Introduction... 5 II. Bluetooth Smart technology General principles... 5 III. Frequently Asked Questions... 5 A. STid
More informationMichelle Hayes Mary Joel Holin. Michael Roanhouse Julie Hovden. Special Thanks To. Disclaimer
Further Understanding the Intersection of Technology and Privacy to Ensure and Protect Client Data Special Thanks To Michelle Hayes Mary Joel Holin We can provably know where domestic violence shelter
More informationBoostMyShop.com Privacy Policy
BoostMyShop.com Privacy Policy BoostMyShop.corp ( Boostmyshop.com or the Site ) makes its extensions, services, and all Site content available to you subject to this Privacy Policy and its Terms of Service.
More informationJohn Clements Department of Computer Science Cal Poly State University 1 Grand Street San Luis Obispo, CA (805)
Curriculum Vitae Contact Information Education John Clements Department of Computer Science Cal Poly State University 1 Grand Street San Luis Obispo, CA 93407 (805)756-6528 clements@brinckerhoff.org 2005
More informationECE 646 Lecture 3. Key management. Required Reading. Using Session Keys & Key Encryption Keys. Using the same key for multiple messages
ECE 646 Lecture 3 Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E management Chapter 14 Management and Distribution Using the same for multiple messages
More informationCryptographic Systems
CPSC 426/526 Cryptographic Systems Ennan Zhai Computer Science Department Yale University Recall: Lec-10 In lec-10, we learned: - Consistency models - Two-phase commit - Consensus - Paxos Lecture Roadmap
More informationACR1251U-A1 USB NFC Reader with SAM Slot
ACR1251U-A1 USB NFC Reader with SAM Slot Technical Specifications V1.05 Subject to change without prior notice Table of Contents 1.0. Introduction... 3 2.0. Features... 4 3.0. Typical Applications... 5
More informationCoupon Recalculation for the GPS Authentication Scheme
Coupon Recalculation for the GPS Authentication Scheme Georg Hofferek and Johannes Wolkerstorfer Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Inffeldgasse
More informationRFID tags for ambient intelligence: present solutions and future challenges
RFID tags for ambient intelligence: present solutions and future challenges Photo au choix Photo au choix Photo au choix Presentation Outline Smart devices program at LETI Overview of RFID Basic principles
More informationTowards Secure Virtual Machine Migration in Vehicular Cloud Environment
, pp.85-89 http://dx.doi.org/10.14257/astl.2014.66.21 Towards Secure Virtual Machine Migration in Vehicular Cloud Environment Nkenyereye Lewis and Kyung Hyune Rhee 1 1 Department of IT Convergence and
More informationDifferential Privacy. Seminar: Robust Data Mining Techniques. Thomas Edlich. July 16, 2017
Differential Privacy Seminar: Robust Techniques Thomas Edlich Technische Universität München Department of Informatics kdd.in.tum.de July 16, 2017 Outline 1. Introduction 2. Definition and Features of
More informationACR128U Dual- Interface Reader
ACR128U Dual- Interface Reader Technical Specifications Subject to change without prior notice Table of Contents 1.0. Introduction... 3 2.0. Features... 4 3.0. Typical Applications... 5 4.0. Technical
More informationCoordinate Transformation A Solution for the Privacy Problem of Location Based Services?
Coordinate Transformation A Solution for the Privacy Problem of Location Based Services? Andreas Gutscher Universität Stuttgart Institute of Communication Networks and Computer Engineering (IKR) Stuttgart,
More informationData Compromise Notice Procedure Summary and Guide
Data Compromise Notice Procedure Summary and Guide Various federal and state laws require notification of the breach of security or compromise of personally identifiable data. No single federal law or
More informationI. INFORMATION WE COLLECT
PRIVACY POLICY USIT PRIVACY POLICY Usit (the Company ) is committed to maintaining robust privacy protections for its users. Our Privacy Policy ( Privacy Policy ) is designed to help you understand how
More informationPerformance of Distributed Optimistic Concurrency Control in Real-Time databases
Performance of Distributed Optimistic Concurrency Control in Real-Time databases Jan Lindström University of Helsinki, Department of Computer Science P.O. Box 26 (Teollisuuskatu 23), FIN-00014 University
More informations, Texts and Social Media: What Physicians Need to Know
Emails, Texts and Social Media: What Physicians Need to Know 1 Today s Learning Objectives By the end of today s program, you will be able to : Identify the risks to patients privacy which email, text
More informationCOCHIN UNIVERSITY OF SCIENCE AND TECHNOLOGY
COCHIN UNIVERSITY OF SCIENCE AND TECHNOLOGY Name: Department: Contact Details: Address for communication Email Phone Intercom Academic Background Qualifications: Qualifying Post Graduate Degree: Ph. D
More informationVPKIs: State-of-the-Art, Challenges and Extensions
VPKIs: State-of-the-Art, Challenges and Extensions VPKIs: State-of-the-Art, Challenges and Extensions Hongyu Jin, Mohammad Khodaei and Panos Papadimitratos Networked Systems Security Group www.ee.kth.se/nss
More informationDECENTRALIZED ATTRIBUTE-BASED ENCRYPTION AND DATA SHARING SCHEME IN CLOUD STORAGE
DECENTRALIZED ATTRIBUTE-BASED ENCRYPTION AND DATA SHARING SCHEME IN CLOUD STORAGE ABSTRACT We propose a Multi-Authority Attribute-Based Encryption (ABE) system. In our system, any party can become an authority
More informationCrypto Background & Concepts SGX Software Attestation
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 4b Slide deck extracted from Kamran s tutorial on SGX, presented during ECE 6095 Spring 2017 on Secure Computation and Storage, a precursor to this course
More informationWhy is the CUI Program necessary?
Why is the CUI Program necessary? Executive departments and agencies apply their own ad-hoc policies and markings to unclassified information that requires safeguarding or dissemination controls, resulting
More informationConceptual Framework for Security Testing, Security Risk Analysis and their Combinations
ICSSEA 2012 / STV 12 Conceptual Framework for Security Testing, Security Risk Analysis and their Combinations Li, Yan 1 Contents Introduction Basic concepts The combinations of security testing and security
More informationKvaser Leaf Light v2 User s Guide
Kvaser Leaf Light v2 User s Guide Copyright 2011-2017 Kvaser AB, Mölndal, Sweden http://www.kvaser.com Printed Wednesday 13 th September, 2017 We believe that the information contained herein was accurate
More informationregister to use the Service, place an order, or provide contact information to an Independent Business Owner;
Privacy Policy Stella & Dot LLC (d/b/a Stella & Dot Family Brands, KEEP Collective, and EVER LLC) and its wholly-owned U.S. subsidiary, Stella & Dot Jewelry LLC (collectively, Stella & Dot, we, us, or
More informationAbstract. Asia-pacific Journal of Convergent Research Interchange Vol.2, No.2, June 30 (2016), pp
Vol.2, No.2, June 30 (2016), pp. 35-41 http://dx.doi.org/10.21742/apjcri.2016.06.05 1) 2) Abstract Cloud computing gives an adaptable and helpful route for information sharing, which brings different advantages
More informationCCC Data Management Procedures DCL3 Data Access
Information Technology Procedures CCC Data Management Procedures DCL3 Data Access Scope: CCC Revision Date: 9/1/2016 Effective Date: 3/1/2015 Approver: Information Security Program Office Table of Contents
More informationFrom Selective-ID to Full-ID IBS without Random Oracles
From Selective-ID to Full-ID IBS without Random Oracles Sanjit Chatterjee and Chethan Kamath, Indian Institute of Science, Bangalore. {sanjit,chethan0510}@csa.iisc.ernet.in November 2, 2013 Abstract Since
More informationCryptography and Network Security Overview & Chapter 1. Network Security. Chapter 0 Reader s s Guide. Standards Organizations.
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 0 Reader s s Guide The art of war teaches us to rely
More informationIT Security in Large IT Infrastructures SS18 Lecture 00: Preliminary Discussion
IT Security in Large IT Infrastructures SS18 Lecture 00: Preliminary Discussion Florian Fankhauser Christian Schanes Christian Brem Franz Mairhofer INSO Industrial Software Institute of Information Systems
More informationENCRYPTION IN USE FACT AND FICTION. White Paper
White Paper Table of Contents The Case for Encryption... Encryption in Use Not Some Kind of Magic... Evaluating Encryption in Use Claims... 3 4 4 The Vaultive Approach... 5 2 Risk-conscious enterprises
More informationQT-CBP: A New RFID Tag Anti-collision Algorithm Using Collision Bit Positioning*
: A New RFID Tag Anti-collision Algorithm Using Collision Bit Positioning* Hyunji Lee and Jongdeok Kim Dept. of Computer Science and Engineering, Pusan National University eastleap@pusan.ac.kr, kimjd@pusan.ac.kr
More informationTHE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE
THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE EU DATA PROTECTION REGULATION Kalliopi Spyridaki Chief Privacy Strategist,
More informationNOVEL HYBRID GENETIC ALGORITHM WITH HMM BASED IRIS RECOGNITION
NOVEL HYBRID GENETIC ALGORITHM WITH HMM BASED IRIS RECOGNITION * Prof. Dr. Ban Ahmed Mitras ** Ammar Saad Abdul-Jabbar * Dept. of Operation Research & Intelligent Techniques ** Dept. of Mathematics. College
More information2 nd UML 2 Semantics Symposium: Formal Semantics for UML
2 nd UML 2 Semantics Symposium: Formal Semantics for UML Manfred Broy 1, Michelle L. Crane 2, Juergen Dingel 2, Alan Hartman 3, Bernhard Rumpe 4, and Bran Selic 5 1 Technische Universität München, Germany
More informationImplementation of the USB Token System for Fingerprint Verification
Implementation of the USB Token System for Fingerprint Verification Daesung Moon, Youn Hee Gil, Sung Bum Pan, and Yongwha Chung Biometrics Technology Research Team, ETRI, Daejeon, Korea {daesung, yhgil,
More informationIMPROVING DATA SECURITY USING ATTRIBUTE BASED BROADCAST ENCRYPTION IN CLOUD COMPUTING
IMPROVING DATA SECURITY USING ATTRIBUTE BASED BROADCAST ENCRYPTION IN CLOUD COMPUTING 1 K.Kamalakannan, 2 Mrs.Hemlathadhevi Abstract -- Personal health record (PHR) is an patient-centric model of health
More informationCate: A System for Analysis and Test of Java Card Applications
Cate: A System for Analysis and Test of Java Card Applications Peter Pfahler and Jürgen Günther Email:peter@uni-paderborn.de jguenther@orga.com Universität Paderborn, Department of Computer Science, D-33098
More informationEY s data privacy service offering
EY s data privacy service offering How to transform your data privacy capabilities for an EU General Data Protection Regulation (GDPR) world Introduction Data privacy encompasses the rights and obligations
More information