Identity-Based Privacy (IBP)

  • 204 views
Uploaded on

 

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
204
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
1
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Identity-Based Privacy (IBP) 07/2013
  • 2. Privacy • associated with Western culture, English and North American in particular • strong ties with freedom and liberty • unknown in some cultures • the word Privacy is missing in some languages My attempt to define Privacy Ability of an individual or group to govern level of information disclosure about themselves.
  • 3. Types of Privacy • Individual privacy: Individuals • Organizational privacy: Corp, Government, Family, … • Shared privacy: Among all of the above-mentioned
  • 4. Cloud Computing, Data Security and Information Privacy • Cloud Computing & Security – meet very well • Cloud Computing & Privacy – contradictory Privacy is the issue! • Business information • Personal information
  • 5. Privacy preserving Encryption is one of the most effective information protection techniques. • Security - Data at Rest Encryption, Data in Transit Encryption • Privacy - Data in Use Encryption
  • 6. Privacy preserving - existing solutions • PKI – Public-Key Infrastructure • PGP – Pretty Good Privacy • IBE – Identity-Based Encryption • PKI, PGI – it’s more about key management then encryption • IBE – heavy mathematics
  • 7. Privacy preserving - existing solutions (cont.) Drawbacks: • PKI – very expensive, usability • PGP – usability • IBE – strong patents
  • 8. Identity-Based Privacy (IBP) A lightweight alternative to PKI/PGP/IBE systems • Internet of Things – a Personal Key Ring separated from cloud application and data storage • User Agent – only there meet your encryption key, application and data • Identity Management – the gateway to your privacy
  • 9. IBP - Technical background • Identity Provider – email address as identifier • Authentication – OpenID Connect/OAuth2 • One-Time Identity-Based Key Generator • Identity encryption key generated from identity • Identity-Based Encryption[1] • Data encryption key encrypted by identity encryption key 1. a simple HMAC-SHA/AES(GCM) symmetric encryption, not the type of public-key encryption as stated on Wikipedia
  • 10. IBP - Technical background (cont.) Client-side zero-knowledge encryption: • All users' data are encrypted on the client side and never touch servers in a plain form. • Cloud data storage provider has zero knowledge of the encryption keys. • Key generator server has zero knowledge of users' data.
  • 11. Business model Customer User Agent (Browser) Data/App Provider Google, Microsoft, Oracle, AWS Identity Provider + Encryption Key Generator home or corp. computer, tablet, smartph one
  • 12. IBP - Pros • usability (no passwords, no certificates) • no certificates management (creation, storage, distribution, revocation) • lost key prevention • IBE like features, key escrow/fair encryption, no need for receiver’s public key before encryption • no IBE revocation problem (online service)
  • 13. IBP - Cons • online solution • master key security
  • 14. Business Opportunities • • • • • • • • • • • Data Storage / Sharing Health Records / Medical Data Sharing Big Data Data Boxes Databases Reporting / Business Intelligence Management Information System e-mail eForms / Workflow Document Management / Workflow Internet of Things
  • 15. Featured links • www.leadict.com • igi64.github.io