AltheimPrivacy, profile picture
Uploaded byAltheimPrivacy
12,791 views

Threats to Privacy in the Management of Data Stored in Computer Systems by Gustavo Betarte

The document discusses threats to privacy from unintentionally retained digital data. It explains that computer systems can unintentionally preserve data traces through remnants and artifacts even after data deletion. Forensic analysis can retrieve sensitive personal data from disposed storage devices. The document also describes an investigation where researchers recovered private photos, licenses, and work documents from used memory cards bought online. It concludes that transparency is needed to improve privacy as digital devices provide a false sense of complete data removal.

Embed presentation

Downloaded 10 times
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Threats to privacy arising in the management of data stored in Computer Systems Gustavo Betarte Instituto de Computación, Facultad de Ingeniería Universidad de la República, Uruguay www.fing.edu.uy/~gustun 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data 1 Overview 2 Data preservation and analysis 3 Data revelation 4 An Investigation on remnant data 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Overview The use of any modern computer system (pc, tablet, smartphone, ...) leaves unintended traces of expired data and remnants of users’ past activities 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Overview The use of any modern computer system (pc, tablet, smartphone, ...) leaves unintended traces of expired data and remnants of users’ past activities We put forward the issue of the unintended persistence of data stored in digital repositories 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Overview The use of any modern computer system (pc, tablet, smartphone, ...) leaves unintended traces of expired data and remnants of users’ past activities We put forward the issue of the unintended persistence of data stored in digital repositories This data can be recovered by forensic analysis, and it may pose a threat to privacy 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data preservation and analysis Preserving a historical record of activities and data is critical for a wide range of applications To recover after system failure To analyze past events after a breach To audit compliance with security policies 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data preservation and analysis Preserving a historical record of activities and data is critical for a wide range of applications To recover after system failure To analyze past events after a breach To audit compliance with security policies Intentional preservation of history can thus serve a good purpose (inexpensive storage makes it possible) 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data preservation and analysis Preserving a historical record of activities and data is critical for a wide range of applications To recover after system failure To analyze past events after a breach To audit compliance with security policies Intentional preservation of history can thus serve a good purpose (inexpensive storage makes it possible) Conversely, in many scenarios, retaining a history of past data or operations can pose a serious threat to privacy and confidentiality In large institutions and enterprises, systems that retain data for too long risk unwanted disclosure, for example by security breach 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data remnants Modern computer systems unintentionally preserve history 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data remnants Modern computer systems unintentionally preserve history It can be surprisingly difficult to remove traces of the past from computer systems 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data remnants Modern computer systems unintentionally preserve history It can be surprisingly difficult to remove traces of the past from computer systems Without precise control over data destruction, unwelcome remnants of past data can become a serious problem 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data remnants Modern computer systems unintentionally preserve history It can be surprisingly difficult to remove traces of the past from computer systems Without precise control over data destruction, unwelcome remnants of past data can become a serious problem A wealth of sensitive data, including financial and medical records, have been recovered from decommissioned hard drives 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data remnants Modern computer systems unintentionally preserve history It can be surprisingly difficult to remove traces of the past from computer systems Without precise control over data destruction, unwelcome remnants of past data can become a serious problem A wealth of sensitive data, including financial and medical records, have been recovered from decommissioned hard drives Digital documents published on the Web have been found to include sensitive content believed to be deleted 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data remnants Modern computer systems unintentionally preserve history It can be surprisingly difficult to remove traces of the past from computer systems Without precise control over data destruction, unwelcome remnants of past data can become a serious problem A wealth of sensitive data, including financial and medical records, have been recovered from decommissioned hard drives Digital documents published on the Web have been found to include sensitive content believed to be deleted Email was used in court cases against Enron employees and released to the public, some of which was contained in deleted items in folders 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Unintended data retention Example scenarios Businesses can unintentionally violate privacy regulations by leaving data in table or file storage 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Unintended data retention Example scenarios Businesses can unintentionally violate privacy regulations by leaving data in table or file storage Analysts that investigate data repositories recovered from lost or stolen computers can reveal sensitive information that was thought to be deleted 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Unintended data retention Example scenarios Businesses can unintentionally violate privacy regulations by leaving data in table or file storage Analysts that investigate data repositories recovered from lost or stolen computers can reveal sensitive information that was thought to be deleted Authorized investigators may recover data from equipment subpoenaed or seized from a crime scene, or simply in situations where company policy has been violated 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Unintended data retention Embedded Database storage Message headers and time stamps for messages believed to be deleted can be found on disk in embedded databases (Mail.app in OS X) 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Unintended data retention Embedded Database storage Message headers and time stamps for messages believed to be deleted can be found on disk in embedded databases (Mail.app in OS X) Firefox allows applications to store data that persists across sessions in an SQLite database. This storage is a sophisticated replacement for cookies, and can be a prime resource for forensic investigators to recover inadvertently retained deleted data 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data Revelation Through forensic analysis Remnants of past data and activities are revealed through forensic analysis 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data Revelation Through forensic analysis Remnants of past data and activities are revealed through forensic analysis When forensic analysis is performed by authorized investigators it can be a valuable tool, helping to hold individuals or systems accountable for malicious or mistaken actions, but 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data Revelation Through forensic analysis Remnants of past data and activities are revealed through forensic analysis When forensic analysis is performed by authorized investigators it can be a valuable tool, helping to hold individuals or systems accountable for malicious or mistaken actions, but When tools and methods of forensic analysis are used by an unauthorized party, it threatens privacy 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data Revelation Threat model Threats to privacy and confidentiality usually result from unintended retention of data in lower storage layers, where data is accessible through interfaces that are not controlled by the application or the database 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data Revelation Threat model Threats to privacy and confidentiality usually result from unintended retention of data in lower storage layers, where data is accessible through interfaces that are not controlled by the application or the database Existing security threats make it impossible to ensure that users will be limited to the intended interface provided by the application or the database where is stored the data. It is necessary to consider that an intruder will have unrestricted access to storage on disk 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data Revelation Threat model Threats to privacy and confidentiality usually result from unintended retention of data in lower storage layers, where data is accessible through interfaces that are not controlled by the application or the database Existing security threats make it impossible to ensure that users will be limited to the intended interface provided by the application or the database where is stored the data. It is necessary to consider that an intruder will have unrestricted access to storage on disk This models the capabilities of a system administrator, a forensic investigator, a hacker who has gained privileges on the system, or an intruder who has breached physical security 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Investigation: remnant data on memory cards Description Memory cards are widely used in numerous electronic devices Provide interfaces allowing for a large array of private and confidential data to be stored into the card Investigation conducted by a team of Australian researchers [Szewczyk, Sansurooah; 2011] Goal: to determine the sensitivity, type and amount of data that remained on second hand card memory post sale In 2011, 119 second hand memory cards were randomly purchased from eBay Australia Findings: highly sensitive data is stored on memory cards and it is not destroyed prior to sale 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Investigation: remnant data on memory cards Results State of the cards 75% had their data deleted and or formatted 12% were not recoverable 13% were purchased with all data intact and no sign of data deletion attempt Some of the information types recovered driver’s license together with full name, address and date of birth and photo of the driver with a luxury card real state settlement documents including names, addresses and purchasing information together with copies of bank deposit cheques hundreds of photographics images of an office party where the name of the company was showed and exposed photos of employees towards the end of the night 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Some concluding remarks Digital devices provide a false view of stored data Tools for removing data might not be effective Transparency principles to improve privacy seems to be needed 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data References T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum Data Lifetime is a System Problem. In Proceedings of ACM SIGOPS European Workshop, 2004. M. Geiger, L. Cranor Scrubbing Stubborn Data: An evaluation of counter-forensic privacy tools. IEEE Security and Privacy Magazine, 4(5): 16-25, 2006. P Stahlberg, G. Miklau, B. N. Levine . Threats to Privacy in the Forensic Analysis of Database Systems. In Proceedings of SIGMOD 07, Beijin, China, 2007. W. Enck, D. Octeau, P McDaniel,S. Chaudhuri . A Study of Android Application Security. In Proceedings of the 20th USENIX Conference on Security, Berkeley, CA, USA, 2011. P Szewczyk, K. Sansurooah . A 2011 investigation into remnant data on second hand memory cards sold in Australia. In Proceedings of the 9th Australian Digital Forensics Conference, Perth Western, Australia, 5th -7th, December 2011 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data

More Related Content

PPTX
Digital Forensic Case Study
byMyAssignmenthelp.com
 
PPT
Digital Forensic
byCleverence Kombe
 
PPTX
Digital Forensics by William C. Barker (NIST)
byAltheimPrivacy
 
PPT
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
byAlchemist095
 
PPTX
Analysis of digital evidence
byrakesh mishra
 
PPTX
Digital forensic tools
byParsons Corporation
 
PDF
Digital Forensic: Brief Intro & Research Challenge
byAung Thu Rha Hein
 
PPT
Computer forensics
byLalit Garg
 
Digital Forensic Case Study
byMyAssignmenthelp.com
 
Digital Forensic
byCleverence Kombe
 
Digital Forensics by William C. Barker (NIST)
byAltheimPrivacy
 
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
byAlchemist095
 
Analysis of digital evidence
byrakesh mishra
 
Digital forensic tools
byParsons Corporation
 
Digital Forensic: Brief Intro & Research Challenge
byAung Thu Rha Hein
 
Computer forensics
byLalit Garg
 

What's hot

PPTX
DF Process Models
byCostas Katsavounidis
 
PPT
Lecture 9 and 10 comp forensics 09 10-18 file system
byAlchemist095
 
PPT
Collecting and preserving digital evidence
byOnline
 
PPTX
Digital forensics
byvishnuv43
 
PDF
Watching the Detectives: Using digital forensics techniques to investigate th...
byGarethKnight
 
PPT
Computer +forensics
byRahul Baghla
 
PPT
computer forensics
byAkhil Kumar
 
ODP
Brief introduction to digital forensics
byMarco Alamanni
 
PPT
Digital Forensics
byNicholas Davis
 
PDF
Digital Forensics
byVikas Jain
 
PDF
Fundamental digital forensik
bynewbie2019
 
DOCX
Digital forensics
byVidoushi B-Somrah
 
PDF
Computer forencis
byTeja Bheemanapally
 
PPT
Computer Forensic
byTawhidur Rahman
 
PPT
Introduction to computer forensic
byOnline
 
PPT
Cyber forensic standard operating procedures
bySoumen Debgupta
 
DOCX
computer forensics
bysamantha jarrett
 
PDF
06 Computer Image Verification and Authentication - Notes
byKranthi
 
PDF
Digital forensic
byChandan Sah
 
PDF
Digital forensic principles and procedure
bynewbie2019
 
DF Process Models
byCostas Katsavounidis
 
Lecture 9 and 10 comp forensics 09 10-18 file system
byAlchemist095
 
Collecting and preserving digital evidence
byOnline
 
Digital forensics
byvishnuv43
 
Watching the Detectives: Using digital forensics techniques to investigate th...
byGarethKnight
 
Computer +forensics
byRahul Baghla
 
computer forensics
byAkhil Kumar
 
Brief introduction to digital forensics
byMarco Alamanni
 
Digital Forensics
byNicholas Davis
 
Digital Forensics
byVikas Jain
 
Fundamental digital forensik
bynewbie2019
 
Digital forensics
byVidoushi B-Somrah
 
Computer forencis
byTeja Bheemanapally
 
Computer Forensic
byTawhidur Rahman
 
Introduction to computer forensic
byOnline
 
Cyber forensic standard operating procedures
bySoumen Debgupta
 
computer forensics
bysamantha jarrett
 
06 Computer Image Verification and Authentication - Notes
byKranthi
 
Digital forensic
byChandan Sah
 
Digital forensic principles and procedure
bynewbie2019
 

Viewers also liked

PPT
Chapter 1 Introducing Hardware
byApril Lorraine
 
PPTX
Types of computer
byB M ASHIK MAHMUD
 
PDF
Why Is Information "Capture" Now More Than Just Scanning Documents Into An Ar...
byAIIM International
 
PDF
Information Storage and Retrieval : A Case Study
byBhojaraju Gunjal
 
PPTX
The Why and How of Knowledge Management: Some Applications in Teaching and Le...
byOlivier Serrat, PhD
 
PPT
Unit 3 Storage And Retreival Of Information
byiarthur
 
PPTX
Information Retrieval, Encoding, Indexing, Big Table. Lecture 6 - Indexing
bySean Golliher
 
PPT
Effective Information Management V2 18sep2008
byCollabor8now Ltd
 
PDF
Information Management in a Web 2.0 World May 2009
byCollabor8now Ltd
 
PPTX
Types, purposes and applications of information systems
byMary May Porto
 
PPT
Computer Architecture - Hardware - Lesson 5 - Memory - Eric Vanderburg
byEric Vanderburg
 
ODP
American Urbanization: New York City
bymeggss24
 
DOCX
Day ın the Lıfe Template
byNoel Hatch
 
DOCX
Day ın the Lıfe - Example
byNoel Hatch
 
PPTX
Warmte en Competentie als voorspellers van merkgedrag:Een Nederlandse benader...
byRonald Voorn
 
PDF
PIX:MAG webdesign magazin
byZsuzsanna Tóth
 
PDF
Government Publications August 2015 Library Guide (4)
byMary Howrey
 
PPT
Advanced sql injection 2
byKarunakar Singh Thakur
 
PPTX
Applying technology to school
byAditi Sameer
 
ODP
Brazil: Nation Report
bymeggss24
 
Chapter 1 Introducing Hardware
byApril Lorraine
 
Types of computer
byB M ASHIK MAHMUD
 
Why Is Information "Capture" Now More Than Just Scanning Documents Into An Ar...
byAIIM International
 
Information Storage and Retrieval : A Case Study
byBhojaraju Gunjal
 
The Why and How of Knowledge Management: Some Applications in Teaching and Le...
byOlivier Serrat, PhD
 
Unit 3 Storage And Retreival Of Information
byiarthur
 
Information Retrieval, Encoding, Indexing, Big Table. Lecture 6 - Indexing
bySean Golliher
 
Effective Information Management V2 18sep2008
byCollabor8now Ltd
 
Information Management in a Web 2.0 World May 2009
byCollabor8now Ltd
 
Types, purposes and applications of information systems
byMary May Porto
 
Computer Architecture - Hardware - Lesson 5 - Memory - Eric Vanderburg
byEric Vanderburg
 
American Urbanization: New York City
bymeggss24
 
Day ın the Lıfe Template
byNoel Hatch
 
Day ın the Lıfe - Example
byNoel Hatch
 
Warmte en Competentie als voorspellers van merkgedrag:Een Nederlandse benader...
byRonald Voorn
 
PIX:MAG webdesign magazin
byZsuzsanna Tóth
 
Government Publications August 2015 Library Guide (4)
byMary Howrey
 
Advanced sql injection 2
byKarunakar Singh Thakur
 
Applying technology to school
byAditi Sameer
 
Brazil: Nation Report
bymeggss24
 

Similar to Threats to Privacy in the Management of Data Stored in Computer Systems by Gustavo Betarte

PPT
Mist2012 panel discussion-ruo ando
byRuo Ando
 
PDF
Data trawling and security strategies
byVenkata Karthik Gullapalli
 
PPT
Data breach protection from a DB2 perspective
byCraig Mullins
 
PDF
A foundation for breach data analysis
byAlexander Decker
 
PPT
Allison Stanfield
byArk Group Australia Pty Ltd
 
PDF
Symantec Data Insight
bySymantec
 
PDF
Investigating Cooridinated Data Exfiltration
byAndrew Case
 
PPTX
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
byAviva Spectrum™
 
PDF
How to Secure Your Files with DLP and FAM
byImperva
 
PDF
Digital Anti-Forensics: Emerging trends in data transformation techniques
bySeccuris Inc.
 
PDF
78 81
byIjarcsee Journal
 
PDF
Data Storage & Preservation
byUW Research Data Services
 
PDF
A survey of confidential data storage and deletion methods
byunyil96
 
PPTX
Capabilities Brief Analytics
byDataTactics
 
PDF
Enterprise data protection meeting
bycsandit
 
PPT
7-Backups of security Devices-03-06-2023.ppt
byabhichowdary16
 
PPTX
Big data security the perfect storm
byUlf Mattsson
 
PDF
Digital preservation: an introduction
byMichael Day
 
KEY
DigitalDeath
bychar74
 
PPT
PRESERVATION Web archiving
byEssam Obaid
 
Mist2012 panel discussion-ruo ando
byRuo Ando
 
Data trawling and security strategies
byVenkata Karthik Gullapalli
 
Data breach protection from a DB2 perspective
byCraig Mullins
 
A foundation for breach data analysis
byAlexander Decker
 
Allison Stanfield
byArk Group Australia Pty Ltd
 
Symantec Data Insight
bySymantec
 
Investigating Cooridinated Data Exfiltration
byAndrew Case
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
byAviva Spectrum™
 
How to Secure Your Files with DLP and FAM
byImperva
 
Digital Anti-Forensics: Emerging trends in data transformation techniques
bySeccuris Inc.
 
78 81
byIjarcsee Journal
 
Data Storage & Preservation
byUW Research Data Services
 
A survey of confidential data storage and deletion methods
byunyil96
 
Capabilities Brief Analytics
byDataTactics
 
Enterprise data protection meeting
bycsandit
 
7-Backups of security Devices-03-06-2023.ppt
byabhichowdary16
 
Big data security the perfect storm
byUlf Mattsson
 
Digital preservation: an introduction
byMichael Day
 
DigitalDeath
bychar74
 
PRESERVATION Web archiving
byEssam Obaid
 

More from AltheimPrivacy

PPTX
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
byAltheimPrivacy
 
PPT
NYCLA Privacy CLE_october_1_2014_presentation
byAltheimPrivacy
 
PPTX
Ripped from the Headlines: Cautionary Tales from the Annals of Data Privacy
byAltheimPrivacy
 
PPTX
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
byAltheimPrivacy
 
PPTX
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
byAltheimPrivacy
 
PPTX
How to Hide Your Page "Likes" from Facebook Graph Search and Social Ads
byAltheimPrivacy
 
PPT
Bridging U.S. Cross-Border Ediscovery Obligations and EU Data Protection Obli...
byAltheimPrivacy
 
PPTX
Three Easy Steps To Basic Privacy/Security on Facebook
byAltheimPrivacy
 
PPTX
Cross Border Ediscovery vs. EU Data Protection at LegalTech West Coast
byAltheimPrivacy
 
PPTX
Facebook New Changes 2011
byAltheimPrivacy
 
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
byAltheimPrivacy
 
NYCLA Privacy CLE_october_1_2014_presentation
byAltheimPrivacy
 
Ripped from the Headlines: Cautionary Tales from the Annals of Data Privacy
byAltheimPrivacy
 
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
byAltheimPrivacy
 
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
byAltheimPrivacy
 
How to Hide Your Page "Likes" from Facebook Graph Search and Social Ads
byAltheimPrivacy
 
Bridging U.S. Cross-Border Ediscovery Obligations and EU Data Protection Obli...
byAltheimPrivacy
 
Three Easy Steps To Basic Privacy/Security on Facebook
byAltheimPrivacy
 
Cross Border Ediscovery vs. EU Data Protection at LegalTech West Coast
byAltheimPrivacy
 
Facebook New Changes 2011
byAltheimPrivacy
 

Threats to Privacy in the Management of Data Stored in Computer Systems by Gustavo Betarte

  • 1.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Threats to privacy arising in the management of data stored in Computer Systems Gustavo Betarte Instituto de Computación, Facultad de Ingeniería Universidad de la República, Uruguay www.fing.edu.uy/~gustun 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 2.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data 1 Overview 2 Data preservation and analysis 3 Data revelation 4 An Investigation on remnant data 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 3.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Overview The use of any modern computer system (pc, tablet, smartphone, ...) leaves unintended traces of expired data and remnants of users’ past activities 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 4.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Overview The use of any modern computer system (pc, tablet, smartphone, ...) leaves unintended traces of expired data and remnants of users’ past activities We put forward the issue of the unintended persistence of data stored in digital repositories 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 5.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Overview The use of any modern computer system (pc, tablet, smartphone, ...) leaves unintended traces of expired data and remnants of users’ past activities We put forward the issue of the unintended persistence of data stored in digital repositories This data can be recovered by forensic analysis, and it may pose a threat to privacy 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 6.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data preservation and analysis Preserving a historical record of activities and data is critical for a wide range of applications To recover after system failure To analyze past events after a breach To audit compliance with security policies 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 7.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data preservation and analysis Preserving a historical record of activities and data is critical for a wide range of applications To recover after system failure To analyze past events after a breach To audit compliance with security policies Intentional preservation of history can thus serve a good purpose (inexpensive storage makes it possible) 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 8.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data preservation and analysis Preserving a historical record of activities and data is critical for a wide range of applications To recover after system failure To analyze past events after a breach To audit compliance with security policies Intentional preservation of history can thus serve a good purpose (inexpensive storage makes it possible) Conversely, in many scenarios, retaining a history of past data or operations can pose a serious threat to privacy and confidentiality In large institutions and enterprises, systems that retain data for too long risk unwanted disclosure, for example by security breach 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 9.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data remnants Modern computer systems unintentionally preserve history 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 10.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data remnants Modern computer systems unintentionally preserve history It can be surprisingly difficult to remove traces of the past from computer systems 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 11.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data remnants Modern computer systems unintentionally preserve history It can be surprisingly difficult to remove traces of the past from computer systems Without precise control over data destruction, unwelcome remnants of past data can become a serious problem 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 12.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data remnants Modern computer systems unintentionally preserve history It can be surprisingly difficult to remove traces of the past from computer systems Without precise control over data destruction, unwelcome remnants of past data can become a serious problem A wealth of sensitive data, including financial and medical records, have been recovered from decommissioned hard drives 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 13.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data remnants Modern computer systems unintentionally preserve history It can be surprisingly difficult to remove traces of the past from computer systems Without precise control over data destruction, unwelcome remnants of past data can become a serious problem A wealth of sensitive data, including financial and medical records, have been recovered from decommissioned hard drives Digital documents published on the Web have been found to include sensitive content believed to be deleted 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 14.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data remnants Modern computer systems unintentionally preserve history It can be surprisingly difficult to remove traces of the past from computer systems Without precise control over data destruction, unwelcome remnants of past data can become a serious problem A wealth of sensitive data, including financial and medical records, have been recovered from decommissioned hard drives Digital documents published on the Web have been found to include sensitive content believed to be deleted Email was used in court cases against Enron employees and released to the public, some of which was contained in deleted items in folders 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 15.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Unintended data retention Example scenarios Businesses can unintentionally violate privacy regulations by leaving data in table or file storage 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 16.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Unintended data retention Example scenarios Businesses can unintentionally violate privacy regulations by leaving data in table or file storage Analysts that investigate data repositories recovered from lost or stolen computers can reveal sensitive information that was thought to be deleted 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 17.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Unintended data retention Example scenarios Businesses can unintentionally violate privacy regulations by leaving data in table or file storage Analysts that investigate data repositories recovered from lost or stolen computers can reveal sensitive information that was thought to be deleted Authorized investigators may recover data from equipment subpoenaed or seized from a crime scene, or simply in situations where company policy has been violated 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 18.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Unintended data retention Embedded Database storage Message headers and time stamps for messages believed to be deleted can be found on disk in embedded databases (Mail.app in OS X) 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 19.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Unintended data retention Embedded Database storage Message headers and time stamps for messages believed to be deleted can be found on disk in embedded databases (Mail.app in OS X) Firefox allows applications to store data that persists across sessions in an SQLite database. This storage is a sophisticated replacement for cookies, and can be a prime resource for forensic investigators to recover inadvertently retained deleted data 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 20.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data Revelation Through forensic analysis Remnants of past data and activities are revealed through forensic analysis 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 21.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data Revelation Through forensic analysis Remnants of past data and activities are revealed through forensic analysis When forensic analysis is performed by authorized investigators it can be a valuable tool, helping to hold individuals or systems accountable for malicious or mistaken actions, but 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 22.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data Revelation Through forensic analysis Remnants of past data and activities are revealed through forensic analysis When forensic analysis is performed by authorized investigators it can be a valuable tool, helping to hold individuals or systems accountable for malicious or mistaken actions, but When tools and methods of forensic analysis are used by an unauthorized party, it threatens privacy 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 23.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data Revelation Threat model Threats to privacy and confidentiality usually result from unintended retention of data in lower storage layers, where data is accessible through interfaces that are not controlled by the application or the database 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 24.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data Revelation Threat model Threats to privacy and confidentiality usually result from unintended retention of data in lower storage layers, where data is accessible through interfaces that are not controlled by the application or the database Existing security threats make it impossible to ensure that users will be limited to the intended interface provided by the application or the database where is stored the data. It is necessary to consider that an intruder will have unrestricted access to storage on disk 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 25.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Data Revelation Threat model Threats to privacy and confidentiality usually result from unintended retention of data in lower storage layers, where data is accessible through interfaces that are not controlled by the application or the database Existing security threats make it impossible to ensure that users will be limited to the intended interface provided by the application or the database where is stored the data. It is necessary to consider that an intruder will have unrestricted access to storage on disk This models the capabilities of a system administrator, a forensic investigator, a hacker who has gained privileges on the system, or an intruder who has breached physical security 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 26.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Investigation: remnant data on memory cards Description Memory cards are widely used in numerous electronic devices Provide interfaces allowing for a large array of private and confidential data to be stored into the card Investigation conducted by a team of Australian researchers [Szewczyk, Sansurooah; 2011] Goal: to determine the sensitivity, type and amount of data that remained on second hand card memory post sale In 2011, 119 second hand memory cards were randomly purchased from eBay Australia Findings: highly sensitive data is stored on memory cards and it is not destroyed prior to sale 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 27.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Investigation: remnant data on memory cards Results State of the cards 75% had their data deleted and or formatted 12% were not recoverable 13% were purchased with all data intact and no sign of data deletion attempt Some of the information types recovered driver’s license together with full name, address and date of birth and photo of the driver with a luxury card real state settlement documents including names, addresses and purchasing information together with copies of bank deposit cheques hundreds of photographics images of an office party where the name of the company was showed and exposed photos of employees towards the end of the night 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 28.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data Some concluding remarks Digital devices provide a false view of stored data Tools for removing data might not be effective Transparency principles to improve privacy seems to be needed 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data
  • 29.
    Plan Overview Data preservation and analysis Data revelation An Investigation on remnant data References T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum Data Lifetime is a System Problem. In Proceedings of ACM SIGOPS European Workshop, 2004. M. Geiger, L. Cranor Scrubbing Stubborn Data: An evaluation of counter-forensic privacy tools. IEEE Security and Privacy Magazine, 4(5): 16-25, 2006. P Stahlberg, G. Miklau, B. N. Levine . Threats to Privacy in the Forensic Analysis of Database Systems. In Proceedings of SIGMOD 07, Beijin, China, 2007. W. Enck, D. Octeau, P McDaniel,S. Chaudhuri . A Study of Android Application Security. In Proceedings of the 20th USENIX Conference on Security, Berkeley, CA, USA, 2011. P Szewczyk, K. Sansurooah . A 2011 investigation into remnant data on second hand memory cards sold in Australia. In Proceedings of the 9th Australian Digital Forensics Conference, Perth Western, Australia, 5th -7th, December 2011 34th IC Data Protection and Privacy Commissioners G. Betarte - Threats to Privacy of Stored Data