The document discusses various factors that influence privacy such as cultural sensitivity, personal dignity, and safety concerns. It examines different types of privacy including physical, informational, and organizational privacy. Additionally, it explores related concepts like identity, reputation, and trust in the digital world and how information about individuals is exposed through electronic traces online.
Healthy Child Manitoba (HCM) is unique in the Western Hemisphere, as the only provincial or state level strategy for the comprehensive support and prevention of children's issues from prenatal through young adulthood. All data are linked, with care for confidentiality, so that the impact of provincial initiatives can be evaluated. Dr. Embry was a keynote speaker outlining what might happen in the next decade of Healthy Child Manitoba.
Privacy Issues of Cloud Computing in the Federal SectorLew Oleinick
Presentation describing potential privacy issues of implementing cloud computing in the Federal market.
NOTE: Presentation does NOT reflect any official agency position. All views expressed are my own.
Law of E-Commerce & Contractual Obligation in India
Definition of E-Commerce
E-Commerce v. E-Business
Definition of Commerce
Contracts & Business done Online
Healthy Child Manitoba (HCM) is unique in the Western Hemisphere, as the only provincial or state level strategy for the comprehensive support and prevention of children's issues from prenatal through young adulthood. All data are linked, with care for confidentiality, so that the impact of provincial initiatives can be evaluated. Dr. Embry was a keynote speaker outlining what might happen in the next decade of Healthy Child Manitoba.
Privacy Issues of Cloud Computing in the Federal SectorLew Oleinick
Presentation describing potential privacy issues of implementing cloud computing in the Federal market.
NOTE: Presentation does NOT reflect any official agency position. All views expressed are my own.
Law of E-Commerce & Contractual Obligation in India
Definition of E-Commerce
E-Commerce v. E-Business
Definition of Commerce
Contracts & Business done Online
Yesterday Pierluigi Paganini, CISO Bit4Id and founder Security Affairs, presented at the ISACA Roma & OWASP Italy conference the state of the art for the Internet of Things paradigm. The presentation highlights the security and privacy issues for the Internet of Things, a technology that is changing user’s perception of the technology.
Free Internet Information Access - Activities and Pilots for the Human Right ...Josef Noll
40 years after the Internet came to Kjeller (Norway, Europe), we now pilot the "Free Web access". Our vision is that everyone should have free access to information such as Wikipedia, News, or any other Web site. According to Internet.org two thirds of the world's population don't have access to Internet.
Through the "pure" provision of text and pictures in an encrypted and compressed way. Opera Software has demonstrated that users of their Mini browser consume between 4 MByte (normal user) and 20 MByte (intensive user) per month. Such a low data volume is available in all wireless and mobile networks.
Our pilots have two dimensions, (i) the access of users in all WLAN networks, and (ii) the building of networks in developing economies such as Africa.
see more at CWI.unik.no/wiki/Free_Web_access
Semantic technologies for attribute based access: measurable security for the...Josef Noll
This presentation provides an intro into the need for "measurable security" when envisioning an Internet for each of us ("People"), powered by sensors and devices ("Things"), and providing Services tailored to your needs.
It handles the challenge of information security, postulating that different applications need different security mechanisms: "To inform somebody about a train arrival time" requires less security than "controlling an industrial plant by automated processes, based on input from sensors".
The presentation provides an overview on areas for Master Thesis work at UNIK in the areas of Wireless Networks and Information Security (WNIS). Students from UiO, NTNU or any of our collaboration partners are invited to take contact to define a study in one of these areas. Some of these areas include:
* Radio communication, including
- Communication in the high North, advancing propagation models
- models and protocols for industrial sensor networks
- heterogeneous and adaptive networks
- Internet access and provision for emerging economies
* The 3rd wave of Internet: the Internet of People, Things and Services
- providing context-awareness for mobile and business services
- Socialtainment, integrating your social network into future (electrical) mobility
* Information Security
- establish measurable security for the sensor networks
- adaptable security for sensor-driven applications in traffic, eHealth
* Mobile Applications
- Monitoring Air Quality through mobile devices
- using mobile phones for health monitoring (and fun)
* Light-weight solutions for autonomous operations
- distributed logic for decentralised decision making
- light-weight software for autonomous operations
- semantic systems for advanced information handling in shipping
- in Norwegian
Disse foilene inneholder områder for masteroppgaver som kan gjennomføres ved UNIK, forskningsinstitutter ved Kjeller eller samarbeidene industri. Vi tilbyr masteroppgaver i området adaptive nett og informasjonssikkerhet.
Security, Privacy and Dependability in Mobile NetworksJosef Noll
This keynote has the focus on measurable security as a core element of the sensor-driven future Internet. Security is measured through a metrics approach, identifying both potential attack scenarios and the security components of the system.
The keynote was given at the The Second International Conference on Mobile Services, Resources, and Users. MOBILITY 2012, 21.-25. October 2012, Venice, Italy
The Presentation focusses on the development from current mobile networks into the future sensor-driven mobile networks. A special focus is given on security aspects, especially measurable security of systems. The presentation was given at the IDC Mobility Series 2012 in Budapest.
Internet of Things in Scandinavia - society and ecosystem for early adaptationJosef Noll
Scandinavia (including Finland) is an early adopter of technology. The Arpanet was first connected to Scandinavia (Kjeller, June 1973), and only later to England. Scandinavian researchers contributed to the TCP/IP protocol, and software developers have contributes with Linux, php, Qt.
The people of Scandinavia are demanding, and require the newest services being available.
This presentation shows why Scandinavia is on a good way to let IoT-based services become a success.
The Future Network: Users will own the access in a collaborative radio enviro...Josef Noll
The challenge of providing enough capacity for mobile users in future networks asks for innovative networks. The paper presents home base stations owned by the user as an alternative to femtocells owned by the network operators.
Coverage aspects are linked to business perspectives, and show that network costs can be reduced by more than 70% through the introduction of prosumer base stations.
"Potentials and Challenges for Mobile Commerce - a Nordic PerspectiveJosef Noll
The presentation provides service examples for mobile commerce in the Norwegian/Nordic market. It shows the fantastic increase of easy mCommerce services. Easy still means SMS-based services, as applications (applets) are still too specialised for many people. Even through trends from iPhone, Android and S60 applications show an increased usage, this increase is small as compared to the uptake of SMS-based banking services.
And we are all waiting for NFC, to give a real boost to mobile-initiated payment and access solutions.
This presentation was given at the Tamoco workshop in Merida in September 2009.
Yesterday Pierluigi Paganini, CISO Bit4Id and founder Security Affairs, presented at the ISACA Roma & OWASP Italy conference the state of the art for the Internet of Things paradigm. The presentation highlights the security and privacy issues for the Internet of Things, a technology that is changing user’s perception of the technology.
Free Internet Information Access - Activities and Pilots for the Human Right ...Josef Noll
40 years after the Internet came to Kjeller (Norway, Europe), we now pilot the "Free Web access". Our vision is that everyone should have free access to information such as Wikipedia, News, or any other Web site. According to Internet.org two thirds of the world's population don't have access to Internet.
Through the "pure" provision of text and pictures in an encrypted and compressed way. Opera Software has demonstrated that users of their Mini browser consume between 4 MByte (normal user) and 20 MByte (intensive user) per month. Such a low data volume is available in all wireless and mobile networks.
Our pilots have two dimensions, (i) the access of users in all WLAN networks, and (ii) the building of networks in developing economies such as Africa.
see more at CWI.unik.no/wiki/Free_Web_access
Semantic technologies for attribute based access: measurable security for the...Josef Noll
This presentation provides an intro into the need for "measurable security" when envisioning an Internet for each of us ("People"), powered by sensors and devices ("Things"), and providing Services tailored to your needs.
It handles the challenge of information security, postulating that different applications need different security mechanisms: "To inform somebody about a train arrival time" requires less security than "controlling an industrial plant by automated processes, based on input from sensors".
The presentation provides an overview on areas for Master Thesis work at UNIK in the areas of Wireless Networks and Information Security (WNIS). Students from UiO, NTNU or any of our collaboration partners are invited to take contact to define a study in one of these areas. Some of these areas include:
* Radio communication, including
- Communication in the high North, advancing propagation models
- models and protocols for industrial sensor networks
- heterogeneous and adaptive networks
- Internet access and provision for emerging economies
* The 3rd wave of Internet: the Internet of People, Things and Services
- providing context-awareness for mobile and business services
- Socialtainment, integrating your social network into future (electrical) mobility
* Information Security
- establish measurable security for the sensor networks
- adaptable security for sensor-driven applications in traffic, eHealth
* Mobile Applications
- Monitoring Air Quality through mobile devices
- using mobile phones for health monitoring (and fun)
* Light-weight solutions for autonomous operations
- distributed logic for decentralised decision making
- light-weight software for autonomous operations
- semantic systems for advanced information handling in shipping
- in Norwegian
Disse foilene inneholder områder for masteroppgaver som kan gjennomføres ved UNIK, forskningsinstitutter ved Kjeller eller samarbeidene industri. Vi tilbyr masteroppgaver i området adaptive nett og informasjonssikkerhet.
Security, Privacy and Dependability in Mobile NetworksJosef Noll
This keynote has the focus on measurable security as a core element of the sensor-driven future Internet. Security is measured through a metrics approach, identifying both potential attack scenarios and the security components of the system.
The keynote was given at the The Second International Conference on Mobile Services, Resources, and Users. MOBILITY 2012, 21.-25. October 2012, Venice, Italy
The Presentation focusses on the development from current mobile networks into the future sensor-driven mobile networks. A special focus is given on security aspects, especially measurable security of systems. The presentation was given at the IDC Mobility Series 2012 in Budapest.
Internet of Things in Scandinavia - society and ecosystem for early adaptationJosef Noll
Scandinavia (including Finland) is an early adopter of technology. The Arpanet was first connected to Scandinavia (Kjeller, June 1973), and only later to England. Scandinavian researchers contributed to the TCP/IP protocol, and software developers have contributes with Linux, php, Qt.
The people of Scandinavia are demanding, and require the newest services being available.
This presentation shows why Scandinavia is on a good way to let IoT-based services become a success.
The Future Network: Users will own the access in a collaborative radio enviro...Josef Noll
The challenge of providing enough capacity for mobile users in future networks asks for innovative networks. The paper presents home base stations owned by the user as an alternative to femtocells owned by the network operators.
Coverage aspects are linked to business perspectives, and show that network costs can be reduced by more than 70% through the introduction of prosumer base stations.
"Potentials and Challenges for Mobile Commerce - a Nordic PerspectiveJosef Noll
The presentation provides service examples for mobile commerce in the Norwegian/Nordic market. It shows the fantastic increase of easy mCommerce services. Easy still means SMS-based services, as applications (applets) are still too specialised for many people. Even through trends from iPhone, Android and S60 applications show an increased usage, this increase is small as compared to the uptake of SMS-based banking services.
And we are all waiting for NFC, to give a real boost to mobile-initiated payment and access solutions.
This presentation was given at the Tamoco workshop in Merida in September 2009.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
Privacy issues in network environments
1. Lappeenranta Summer School on Telecommunications 2008
-
Privacy Issues in Network
Environments
Josef Noll
University Graduate Center at Kjeller, UNIK/
University of Oslo, UiO
josef.noll@unik.no
Lappeenranta, 19 August 2008
http://wiki.unik.no -
2. Research and
!
Education at Kjeller
Close relation to FFI,
!
IFE, NILU,...
2
Privacy Issues 19. Aug 2008, Josef Noll
3. t
f the bes
o
re some n
Norwegia
tive whe
tia e
o build th
citing ini t
a very ex emselves tion”
is h
commit t
Movation a
gy innov
Norway
quot; lo
panies in s techno a
ffey, Abeli
com wireles
Paul Cha
in
nal team –
natio
“Innovation by Design”
3
Privacy Issues 19. Aug 2008, Josef Noll
4. Have you heard these ones?
from Scott Mc Nealy (Sun Microsystems)
of is
o fond
s
ou are
acy y
e priv
“Th usion”
an ill
ostly
m
“You h
ave no
privacy
. Get ov
er it.”
4
Privacy Issues 19. Aug 2008, Josef Noll
5. Have you heard these ones?
from Scott Mc Nealy (Sun Microsystems)
of is
o fond
s
ou are
acy y
e priv
“Th usion”
an ill
ostly So, let’s go
m
home and do
something useful
“You h
ave no
privacy
. Get ov
er it.”
4
Privacy Issues 19. Aug 2008, Josef Noll
7. Outline
Privacy, Identity, Trust, Reputation,....
!
Network environments
!
technical: Internet and wireless networks
–
Social networks
–
.... networks
–
Technologies
!
Protection mechanisms
!
! Legal issues
! Tips and tricks
6
Privacy Issues 19. Aug 2008, Josef Noll
8. Privacy
Privacy is the ability of an individual or group to seclude themselves or
information about themselves and thereby reveal themselves selectively. The
boundaries and content of what is considered private differ among cultures and
individuals, but share basic common themes. Privacy is sometimes related to
anonymity, the wish to remain unnoticed or unidentified in the public realm.
source: Wikipedia
7
Privacy Issues 19. Aug 2008, Josef Noll
9. Privacy
Privacy is the ability of an individual or group to seclude themselves or
information about themselves and thereby reveal themselves selectively. The
boundaries and content of what is considered private differ among cultures and
individuals, but share basic common themes. Privacy is sometimes related to
anonymity, the wish to remain unnoticed or unidentified in the public realm.
source: Wikipedia
Physical:
!
intrusion into physical space (sauna, stalking,...)
-
- searching in my personal possessions
- access to my home
! Informational
- Internet, electronic traces
- Medical data
! Organisational
- Industrial property rights (IPR)
- protection of secrets
7
Privacy Issues 19. Aug 2008, Josef Noll
10. Physical privacy
don’t touch me
!
don’t kiss me
!
don’t invade
!
don’t you dare
!
8
Privacy Issues 19. Aug 2008, Josef Noll
11. Physical privacy
Factors
don’t touch me
!
! cultural sensitivity
don’t kiss me
!
! personal dignity
don’t invade
!
! shyness
don’t you dare
!
! safety concerns
8
Privacy Issues 19. Aug 2008, Josef Noll
12. Physical privacy
Factors
don’t touch me
!
! cultural sensitivity
don’t kiss me
!
! personal dignity
don’t invade
!
! shyness
don’t you dare
!
! safety concerns
The worst places
(for me)
8
Privacy Issues 19. Aug 2008, Josef Noll
13. Physical privacy
Factors
don’t touch me
!
! cultural sensitivity
don’t kiss me
!
! personal dignity
don’t invade
!
! shyness
don’t you dare
!
! safety concerns
The worst places The best places (for me)
(for me)
8
Privacy Issues 19. Aug 2008, Josef Noll
14. Physical privacy
Factors
don’t touch me
!
! cultural sensitivity
don’t kiss me
!
! personal dignity
don’t invade
!
! shyness
don’t you dare
!
! safety concerns
The worst places The best places (for me)
(for me)
8
Privacy Issues 19. Aug 2008, Josef Noll
15. Organisational privacy
What is in Coca Cola? Access to fingerprints
! !
of all people
!
When will VW launch
!
the new Golf?
9
Privacy Issues 19. Aug 2008, Josef Noll
16. Organisational privacy
What is in Coca Cola? Access to fingerprints
! !
of all people
!
When will VW launch
!
the new Golf?
Factors
! Patent (IPR)
! Trade mark
! price of information
! effect of damage
9
Privacy Issues 19. Aug 2008, Josef Noll
17. Information privacy
Information about me
! electronic information
stored about me
religion, sexual
-
orientation, political
opinion
personal activities
-
family information
-
Membership in social
!
networks
access to accounts
!
Medical information
!
Political privacy
!
10
Privacy Issues 19. Aug 2008, Josef Noll
18. Information privacy
Electronic traces
Information about me
! Mobile phone
! electronic information
stored about me GSM,
-
Bluetooth
religion, sexual -
-
orientation, political sensor data
!
opinion
traffic cameras
!
personal activities
-
surveillance
!
family information
-
payment card usage
!
Membership in social
!
networks fingerprint check-in
!
access to accounts
!
Medical information
!
Political privacy
!
10
Privacy Issues 19. Aug 2008, Josef Noll
19. Summary
Factors influencing privacy
cultural sensitivity
!
personal dignity
!
shyness
!
....
!
11
Privacy Issues 19. Aug 2008, Josef Noll
20. Summary
Factors influencing privacy
cultural sensitivity safety concerns
! !
personal dignity effect of damage
! !
shyness professional reputation
! !
.... discrimination ....
! !
11
Privacy Issues 19. Aug 2008, Josef Noll
21. Summary
Factors influencing privacy
cultural sensitivity safety concerns
! !
personal dignity effect of damage
! !
shyness professional reputation
! !
.... discrimination ....
! !
11
Privacy Issues 19. Aug 2008, Josef Noll
22. Summary
Factors influencing privacy
cultural sensitivity safety concerns
! !
personal dignity effect of damage
! !
shyness professional reputation
! !
.... discrimination ....
! !
My own understanding
Privacy is about protecting myself such that others
can’t harm me more than I can tolerate
harm
others
--> trust, relation --> my roles (identity)
11
Privacy Issues 19. Aug 2008, Josef Noll
23. Reality
What the Internet knows about me
Preface
I am not a member of a social network (yet). I do not
publishing pictures about me.
And still ...
12
Privacy Issues 19. Aug 2008, Josef Noll
24. Reality
What the Internet knows about me
Preface
I am not a member of a social network (yet). I do not
publishing pictures about me.
And still ...
12
Privacy Issues 19. Aug 2008, Josef Noll
25. Reality
What the Internet knows about me
Preface
I am not a member of a social network (yet). I do not
publishing pictures about me.
And still ...
12
Privacy Issues 19. Aug 2008, Josef Noll
26. Reality
What the Internet knows about me
Preface
I am not a member of a social network (yet). I do not
publishing pictures about me.
And still ...
12
Privacy Issues 19. Aug 2008, Josef Noll
27. Reality
What the Internet knows about me
Preface
I am not a member of a social network (yet). I do not
publishing pictures about me.
And still ...
and I’m only talking Privacy Issues my public availableJosef Noll
about data 12
19. Aug 2008,
28. Two more definitions
Roles,
Identities
User
User profile,
behaviour
privacy
Location,
Proximity
Community
Context,
Presence
13
Privacy Issues 19. Aug 2008, Josef Noll
29. Two more definitions
others
--> trust, relation
Roles,
Identities
User
User profile,
behaviour
privacy
Location,
Proximity
Community
harm Context,
--> my roles (identity) Presence
13
Privacy Issues 19. Aug 2008, Josef Noll
30. Identity
In philosophy, identity is whatever makes an entity definable
!
and recognizable, in terms of possessing a set of qualities or
characteristics.
Identity is an umbrella term used throughout the social
!
sciences for an individual's comprehension of him or herself as
a discrete, separate entity.
Digital identity also has another common usage as the digital
!
representation of a set of claims made by one digital subject
about itself or another digital subject.
An online identity is a social identity that network users
!
establish in online communities.
As more more services are accessible in digital world, digital
!
identities and their management will play a vital role in secure
service access and privacy …..
source: Wikipedia
14
Privacy Issues 19. Aug 2008, Josef Noll
31. Identity: Real world to digital world
Digital identity
Passwords
everywhere
Real world Identities
Digital world
identities
Identity
Digital world
Recommendation: Dick Hardt@OSCON,
!
Identity 2.0 15
Privacy Issues 19. Aug 2008, Josef Noll
32. The dilemma of computer science
Identity - “same as” and “not”
Identity is an umbrella term used throughout the social
!
sciences for an individual's comprehension of him or herself as
a discrete, separate entity.
16
Privacy Issues 19. Aug 2008, Josef Noll
33. The dilemma of computer science
Identity - “same as” and “not”
Identity is an umbrella term used throughout the social
!
sciences for an individual's comprehension of him or herself as
a discrete, separate entity.
Computer science: use of ontologies, binary strings ‘xFxkeyil9e4’
!
same as
Josef
Josef Noll
16
Privacy Issues 19. Aug 2008, Josef Noll
34. The dilemma of computer science
Identity - “same as” and “not”
Identity is an umbrella term used throughout the social
!
sciences for an individual's comprehension of him or herself as
a discrete, separate entity.
Computer science: use of ontologies, binary strings ‘xFxkeyil9e4’
!
same as
Josef Roles,
Identities
Josef Noll
Community
Context
16
Privacy Issues 19. Aug 2008, Josef Noll
35. The dilemma of computer science
Identity - “same as” and “not”
Identity is an umbrella term used throughout the social
!
sciences for an individual's comprehension of him or herself as
a discrete, separate entity.
Computer science: use of ontologies, binary strings ‘xFxkeyil9e4’
!
same as
Josef Roles,
Identities
Josef Noll
Community
Context
Are we in computer science in the Middle Ages?
!
G. W. Leipniz (1646): if a=b and
!
b=c, then a=c
16
Privacy Issues 19. Aug 2008, Josef Noll
36. Reputation and Trust
Reputation is the opinion (more technically, a social evaluation) of
!
the public toward a person, a group of people, or an organization. It
is an important factor in many fields, such as business, online
communities or social status.
Reputation is known to be a ubiquitous, spontaneous and highly
!
efficient mechanism of social control in natural societies.
Trust is a relationship of reliance. A trusted party is presumed to
!
seek to fulfill policies, ethical codes, law and their previous
promises.
Trust is a prediction of reliance on an action, based on what a party
!
knows about the other party. Comment: Members of “la familia”
trusts each other
17
Privacy Issues 19. Aug 2008, Josef Noll
37. Reputation and Trust
Reputation is the opinion (more technically, a social evaluation) of
!
the public toward a person, a group of people, or an organization. It
is an important factor in many fields, such as business, online
communities or social status.
Reputation is known to be a ubiquitous, spontaneous and highly
!
efficient mechanism of social control in natural societies.
Trust is a relationship of reliance. A trusted party is presumed to
!
seek to fulfill policies, ethical codes, law and their previous
promises.
Trust is a prediction of reliance on an action, based on what a party
!
knows about the other party. Comment: Members of “la familia”
trusts each other
do we really believe we can manage trust and
represent reputation? 17
Privacy Issues 19. Aug 2008, Josef Noll
40. Revisit:
Information privacy
It starts with the radio
! radio is broadcast: everyone can listen
! “radio identity” (MAC, Bluetooth,...) is known
! eavesdropping of traffic, man-in-the-middle: read-
your email (smtp is plain text)
Bluetooth and other ad-hoc networks, connectivity
!
to phone without notice
wireless networks at home: WEP easy to crack,
!
access to whole home infrastructure
Mobile phone (GSM): location, fake base-station
!
19
Privacy Issues 19. Aug 2008, Josef Noll
41. Revisit:
Information privacy
And it never stops
! Eavesdropping -> read your communication
! Crack WEP (encryption) -> read open information
! DNS forging -> leading you to a different site
! Phishing -> getting your secure information
“Click to confirm that you read the privacy issue”
!
Netvibes: Leading personal start page to manage
!
your digital life
Banking, Social Networks....
!
20
Privacy Issues 19. Aug 2008, Josef Noll
42. Revisit:
Information privacy
And it never stops
! Eavesdropping -> read your communication
! Crack WEP (encryption) -> read open information
! DNS forging -> leading you to a different site
! Phishing -> getting your secure information
“Click to confirm that you read the privacy issue”
!
Netvibes: Leading personal start page to manage
!
your digital life
Banking, Social Networks....
!
20
Privacy Issues 19. Aug 2008, Josef Noll
43. Revisit:
Information privacy
And it never stops
! Eavesdropping -> read your communication
! Crack WEP (encryption) -> read open information
! DNS forging -> leading you to a different site
! Phishing -> getting your secure information
“Click to confirm that you read the privacy issue”
!
Netvibes: Leading personal start page to manage
!
your digital life
Banking, Social Networks....
!
20
Privacy Issues 19. Aug 2008, Josef Noll
44. Some technology first
Have you heard these ones?
nsistors
more tra
roduced
world p
2007) the nor R&I
ear (
CEO, Tele
quot;Last y
Haugli,
orns”
an rice c Christian
th – Hans
“In thre
e to fiv
e years
devices
we will
in our v interac
– Mari icinity” t with t
e Auste o 30-50
nstaa, C
onnecte
d Objec
ts, Tele
nor R&I
21
Privacy Issues 19. Aug 2008, Josef Noll
45. “The speed of technology”
The speed of development
!
source: Gerhard Fettweis, TU Dresden
Do you remember: “There might be a need for 5
!
computers” (1943 Watson(?), 1951 Hartree)
Mobile: NMT, GSM, GPRS, EDGE, UMTS, 3G, HSDPA,
!
SMS, EMS, MMS,... DVB-H,...
22
Privacy Issues 19. Aug 2008, Josef Noll
46. Mobile Phone and Sensors
N. Arora, Google Europe Manager [Oslo Innovation
!
Week]:
By 2012, iPods ... be capable of holding all music
–
you will ever hear in your life (or one year of video)
By 2018 it can hold all videos ever produced
–
This speed will continue until 2025 [ITRS Roadmap]
!
23
Privacy Issues 19. Aug 2008, Josef Noll
47. Mobile Phone and Sensors
N. Arora, Google Europe Manager [Oslo Innovation
!
Week]:
By 2012, iPods ... be capable of holding all music
–
you will ever hear in your life (or one year of video)
By 2018 it can hold all videos ever produced
–
This speed will continue until 2025 [ITRS Roadmap]
!
Imagine a device, which
!
will save all the conversations you ever had
–
will record all the environments you have ever been in
–
identity all people you have ever talked to and remember what
–
you talked about
23
Privacy Issues 19. Aug 2008, Josef Noll
48. Mobile Phone and Sensors
N. Arora, Google Europe Manager [Oslo Innovation
!
Week]:
By 2012, iPods ... be capable of holding all music
–
you will ever hear in your life (or one year of video)
By 2018 it can hold all videos ever produced
–
This speed will continue until 2025 [ITRS Roadmap]
!
Imagine a device, which
!
will save all the conversations you ever had
–
will record all the environments you have ever been in
–
identity all people you have ever talked to and remember what
–
you talked about
“Your Mobile will do”
!
23
Privacy Issues 19. Aug 2008, Josef Noll
49. Let’s get at deep breath....
and see what we can do
about it
24
Privacy Issues 19. Aug 2008, Josef Noll
50. Recall
Lessions learned
Definitions of Privacy, Identity, Trust, Reputation,....
!
“It all begins with the radio”
!
location, device identity
–
eavesdropping, phishing, man-in-the-middle, forging
–
The user providing all kinds of information
!
social networks, service providers, ...
–
25
Privacy Issues 19. Aug 2008, Josef Noll
52. Privacy Requirements
“How much will it cost me if my privacy gets compromised?”
•see: lost mobile phone, security of your house
Examples of
•take appropriate measures Services
VPN, !/$
email, photo
Network access
27
Privacy Issues 19. Aug 2008, Josef Noll
53. Protecting the identity?
8 million US residents victims of identity theft in 2006
!
(4% of adults)
US total (known) cost of identity theft was $49 billion
!
~10% was paid by customers
–
remaining by merchants and financial institutions
–
Average victim spent $531 and 25 hours to repair
!
for damages Source: Lasse Øverlier & California Office of Privacy Protection
ID theft in seconds
http://itpro.no/art/11501.html
28
Privacy Issues 19. Aug 2008, Josef Noll
54. 2nd lecture
Personalisation, tips and tricks
Personalisation of service, why?
!
The role of the mobile phone
!
Seamless authentication
–
Payment and access
–
Protection mechanisms
!
Legal issues
–
Tips and tricks
–
–
29
Privacy Issues 19. Aug 2008, Josef Noll
55. User profiles/profiling -
“We have heard that before, nothing has
happened”
Complexity is ever increasing -> Need for reduction
!
Technology is in place -> Semantics, Web Services,...
!
Research projects address adaptation of services towards
!
user needs
Mobile phones are becoming the source for Internet and
!
Service access
– 20-30 % of all phones worldwide will be smartphones by
2009
– 30 % of mobile users in the Nordic will receive push
content by 2010
Market need for personalisation: “Mobile advertisement has
!
to fit to the user, otherwise it will fail completely” Phone Evolution, April 2007]
[Movation White Paper, Mobile
30
Privacy Issues 19. Aug 2008, Josef Noll
56. User profiles/profiling -
“Nobody is willing to pay for it”
“Mobile advertisement is 1000 to 10000 times more valuable
!
as Internet advertisement” [Bjarne Myklebust, NRK]
“The chances of annoying customers through mobile
!
advertisements are high. Mobile advertisements have to fit.”
“Mobile advertising isn’t only hot, it’s on fire.” [Bena Roberts,
!
GoMo News]
Operators launch mobile advertisement companies (Telenor)
!
31
Privacy Issues 19. Aug 2008, Josef Noll
57. My phone collects all my security
SIM with
NFC & PKI
32
Privacy Issues 19. Aug 2008, Josef Noll
58. Mobile Services, incl. NFC
• NFC needs next
• Focus in 2008 on
generation phones
mobile web
• S60, UIQ, ...
• Push content upcoming
• Common Application
development
• Integrated
SMS authentication Mobile Web
Push content NFC payment
60
development
45
30
15
0
2006 2008 2010
Expected customer usage [%] “have tried” of
mobile services in the Nordic Market
[“Mobile Phone Evolution”, Movation White paper, May 2007]
33
Josef Noll, “Who owns the SIM?”, 5 June 2007
59. Mobile Services, incl. NFC
• NFC needs next
• Focus in 2008 on
generation phones
mobile web
• S60, UIQ, ...
• Push content upcoming
• Common Application
development
• Integrated
SMS authentication Mobile Web
Push content NFC payment
60
development
45
30
15
0
2006 2008 2010
Expected customer usage [%] “have tried” of
mobile services in the Nordic Market
[“Mobile Phone Evolution”, Movation White paper, May 2007]
33
Josef Noll, “Who owns the SIM?”, 5 June 2007
60. Operator supported service access
Seamless
Authentication authentication
provider
34
Privacy Issues 19. Aug 2008, Josef Noll
61. Operator supported service access
Seamless
Authentication authentication
provider
Service
access
34
Privacy Issues 19. Aug 2008, Josef Noll
62. Operator supported service access
Seamless
Authentication authentication
provider
Service Physical
VPN
access access
34
Privacy Issues 19. Aug 2008, Josef Noll
63. Operator supported service access
Seamless
Authentication authentication
provider
Home
Service Physical access, .mp3,
VPN
access access .jpg
34
Privacy Issues 19. Aug 2008, Josef Noll
70. WAP gateway
Seamless authentication
HTTP request HTTP request
Hash
94815894 !quot;#$%&'()*+,-.//
Pictures for ’rzso’.
Password:1234
sID: cTHG8aseJPIjog==
Source: Erzsebet Somogyi, UNIK
36
Privacy Issues 19. Aug 2008, Josef Noll
71. Banking
from the mobile phone
Security considerations
! Equally secure as SMS Welcome Josef:
(get your account status) SIM authentication
! Easy to use
! Advanced functionality
through PIN (if required)
quot; Seamless phone (SIM)
authentication
! Advanced security when
required
BankID or
–
NFC
communication
PIN
– unit
NFC2
SIM
SIM
Smartcard interfaces
ISO/IEC 7816
37
Privacy Issues 19. Aug 2008, Josef Noll
72. Banking
from the mobile phone
Security considerations
! Equally secure as SMS Welcome Josef:
(get your account status) SIM authentication
! Easy to use
! Advanced functionality
through PIN (if required) Information:
quot; Seamless phone (SIM)
Using SIM,
authentication no customer input
! Advanced security when required
required
BankID or
–
NFC
communication
Account status
PIN
– unit
NFC2
SIM
SIM
Smartcard interfaces
ISO/IEC 7816
37
Privacy Issues 19. Aug 2008, Josef Noll
73. Banking
from the mobile phone
Security considerations
! Equally secure as SMS Welcome Josef:
(get your account status) SIM authentication
! Easy to use
! Advanced functionality
Advanced
through PIN (if required) Information: functionality
quot; Seamless phone (SIM)
Using SIM,
authentication BankID or PIN
no customer input
(double security)
! Advanced security when required
required
BankID or
–
Transfer,
NFC
communication
Account status
PIN
– unit
payments
NFC2
SIM
SIM
Smartcard interfaces
ISO/IEC 7816
37
Privacy Issues 19. Aug 2008, Josef Noll
74. MyBank example:
User incentive:
! “My account is just one
click away”
! “enhanced security for
transactions”
quot;Phone (SIM) authentication
quot;Level 2 security through
PKI/BankID/PIN?
38
Privacy Issues 19. Aug 2008, Josef Noll
75. RFID and NFC
example: Birkebeiner
Online information to mobile
!
phone
Could be used for photo, video,
!
etc
39
Privacy Issues 19. Aug 2008, Josef Noll
76. NFC –
Near field communication
Based on RFID technology at 13.56
! • ECMA-340, ISO/IEC 18092 &
MHz ECMA-352, …standards
Typical operating distance 10 cm
! • Powered and non-self powered
devices
Compatible with RFID
!
Data rate today up to 424 kbit/s
!
Philips and Sony
!
Photo: Nokia
40
Privacy Issues 19. Aug 2008, Josef Noll
77. NFC is ...
RFID at 13.56 MHz
!
RF (modem) and protocolls
!
41
Privacy Issues 19. Aug 2008, Josef Noll
78. NFC is ...
Passive operation:
RFID at 13.56 MHz
!
1) Phone=Reader has static
RF (modem) and protocolls
! magnetic field
2) Tag acts as resonator, “takes
energy” ~1/r^6
41
Privacy Issues 19. Aug 2008, Josef Noll
79. NFC is ...
Passive operation:
RFID at 13.56 MHz
!
1) Phone=Reader has static
RF (modem) and protocolls
! magnetic field
2) Tag acts as resonator, “takes
energy” ~1/r^6
41
Privacy Issues 19. Aug 2008, Josef Noll
80. NFC is ...
Passive operation:
RFID at 13.56 MHz
!
1) Phone=Reader has static
RF (modem) and protocolls
! magnetic field
2) Tag acts as resonator, “takes
energy” ~1/r^6
1
Power decrease of static and electromagnetic field
0,75
0,5
1/r^2
0,25
1/r^6
0 0,8 1,6 2,4 3,2 4 4,8 5,6 6,4 7,2 8 8,8 9,6
41
Privacy Issues 19. Aug 2008, Josef Noll
81. NFC use cases
Payment and access
!
include Master-/Visacard in the phone
–
have small amount money electronically
–
admittance to work
–
Service Discovery
!
easy access to mobile services:
–
Web page, SMS, call, ...
local information and proximity services (get
–
a game)
Ticketing
!
Mobile tickets for plain, train, bus:
–
Parents can order and distribute, ...
Source: Nokia 6131 NFC Technical Product Description
42
Privacy Issues 19. Aug 2008, Josef Noll
85. NFCIP-2 Interface and protocol
Proximity Card Vicinity Card
NFC device
Reader Reader
Interface
Standards
NO
15693 okay
ECMA-340 ISO/IEC 14443 ISO/IEC 15693
PCD mode VCD mode
(MIFARE, FeliCa) (facility access)
44
Privacy Issues 19. Aug 2008, Josef Noll
86. The radio
NFC and privacy
NFC is “as bad” as
!
your contactless Master and Visa card
–
your passport
–
Typical reading distance up to 4 cm (for activation)
!
Eavesdropping possible under operation (1/r^2),
!
encrypted communication
–
45
Privacy Issues 19. Aug 2008, Josef Noll
87. The radio
NFC and privacy
NFC is “as bad” as
!
your contactless Master and Visa card
–
your passport
–
Typical reading distance up to 4 cm (for activation)
!
Eavesdropping possible under operation (1/r^2),
!
encrypted communication
–
Passport
USA: passport can only be read when
!
opened
European passport: just place it on NFC
!
reader
45
Privacy Issues 19. Aug 2008, Josef Noll
88. New current SIM to Future SIM
visions GlobalPlatform
From Real Estate 3.r
ionsfor mobile / UICC GlobalPlatform’s Party sec. dom
vision
Real Estate 3.rd
! To comply with 3G networking requirements
UICC Party sec. domains
(USIM)
vision
Security features (algorithms and protocols),
–
longer key lengths
GSM uses EAP SIM: client authentication
–
UMTS uses EAP AKA: Mutual authentication
–
3rd party identities
!
ISIM application (IMS)
–
Current Telenor private user identity
On-board On-board –
WEB server ! WEB server !
SIM (UICC) card one or more public user
–
(from 2001) identities
Multi-
Multi-
Thread
Plus ETSI SCP– Long term secret
Thread
Plus ETSI
3 new phys IFs:
3 new phy
12 Mb/s USB
SUN
2009?
12 Mb/s
SUN
(Java) NFC (SWP)
2009?
Source: Judith Rossebø, Telenor
(Java) NFC (S
46
Privacy Issues 19. Aug 2008, Josef Noll
89. Network privacy
GSM
!
client-based positioning allows user to take control
–
trustworthy operators?
–
WLAN
!
open for all kinds of attacks
–
example: TraceRoute for exposing packet origin
–
encrypted communication and more....
–
Bluetooth
!
are you afraid, then switch it off
–
I leave it on, danger for getting tapped is rather small
–
Social Network
!
Web tools, e.g. search present significant privacy
!
issue 47
Privacy Issues 19. Aug 2008, Josef Noll
91. Privacy is not about ...
Privacy is not about getting your private space
Sources: isolatr.com; Stefan Weiss,Aug 2008, & Touche, 200749
19. Deloite Josef Noll
Privacy Issues
92. Privacy is not about ...
50
Privacy Issues 19. Aug 2008, Josef Noll
93. Privacy is not about ...
Switching off the lights
50
Privacy Issues 19. Aug 2008, Josef Noll
94. Private Sphere and Privacy
Directive 95/46/EC of the European parliament
Data must be fairly and lawfully processed
!
They must be processed for prior specified and
!
limited purposes
Adequate, relevant and not excessive
!
Accurate
!
Not kept longer than necessary
!
Processed in accordance with the data subject’s
!
rights
Secure
!
Not transferred to countries without adequate
!
protection
51
Privacy Issues 19. Aug 2008, Josef Noll
95. And the law might be applicable
to Google
Google has to obey Norwegian law
! Art. 29-group looks how privacy is
handled in the EU
! “Google is using cookies on PCs”
thus they use equipment physically
located in an EU state
! Art. 29 is valid for everyone using
equipment in an EU state, thus
also Google
52
Privacy Issues 19. Aug 2008, Josef Noll
96. Tips and Tricks
If you put your data into the social networks, it is your
!
responsibility
Security, Your data, Anonymity, .....
!
53
Privacy Issues 19. Aug 2008, Josef Noll
111. !quot;#$%#&%%'#("&)*+,)-
Anonymity is a shield from the tyranny of the majority.
- US Supreme Court decision No. 93-986, April 19 1995
but what ....
!
! !
Source: Lasse Øverlier, “Anonymity, Privacy and Hidden Services”
60
Privacy Issues 19. Aug 2008, Josef Noll
112. !quot;#$$%&'()*+',*-$%./-0%#)%01
“Disabling traffic flow analysis”
!
What can be resolved?
!
who communicates to/with whom
!
who communicates when
!
activity type
!
movement
!
chain of command
!
type of information
!
! !
Source: Lasse Øverlier, “Anonymity, Privacy and Hidden Services”
61
Privacy Issues 19. Aug 2008, Josef Noll
113. !quot;#$%&'$&'quot;'()*+($#quot;,-.
We need to distribute trust quot;#$%&'
!
Use an anonymizing network
!
Independent nodes
!
+0
+,
Encrypted tunnels
!
+-
using (perfect) forward secrecy
!
+.
+/
changing appearance of data
!
Any user, or server, of the
!
+2
+1
network can be the originator 3&4&56$7$&8!&%'94):
torproject.org
(%)*%)
! !
Source: Lasse Øverlier, “Anonymity, Privacy and Hidden Services”
62
Privacy Issues 19. Aug 2008, Josef Noll
114. And we have not talked about
Semantic technologies “the Web of
!
Services”
the car and future car2x communication
!
and what about all the sensor networks
!
who takes care of my data
!
63
Privacy Issues 19. Aug 2008, Josef Noll
115. Semantic Web Services
Dynamic
Semantic Web
WWW
Static RDF, RDF(S), OWL
URI, HTML, HTTP
Syntactic Semantic
source: Juan Miguel Gomez, UC3M
64
Privacy Issues 19. Aug 2008, Josef Noll
116. Semantic Web Services
Dynamic
Semantic Web
WWW
Static RDF, RDF(S), OWL
URI, HTML, HTTP
Syntactic Semantic
source: Juan Miguel Gomez, UC3M
64
Privacy Issues 19. Aug 2008, Josef Noll
117. Semantic Web Services
Web Services
Dynamic
UDDI, WSDL, SOAP
Semantic Web
WWW
Static RDF, RDF(S), OWL
URI, HTML, HTTP
Syntactic Semantic
source: Juan Miguel Gomez, UC3M
64
Privacy Issues 19. Aug 2008, Josef Noll
118. Semantic Web Services
Bringing the web
to its full potential
Intelligent Web
Web Services
Dynamic
Services
UDDI, WSDL, SOAP
Semantic Web
WWW
Static RDF, RDF(S), OWL
URI, HTML, HTTP
Syntactic Semantic
source: Juan Miguel Gomez, UC3M
64
Privacy Issues 19. Aug 2008, Josef Noll
119. Semantics in Business:
Enable a paradigm switch in searching information
!
From
!
Information Retrieval
–
To
!
Question Answering
–
65
Privacy Issues 19. Aug 2008, Josef Noll
120. Semantics in Business:
Enable a paradigm switch in searching information
!
Google: “Josef Noll”
From
!
Information Retrieval
–
To
!
Question Answering
–
65
Privacy Issues 19. Aug 2008, Josef Noll
121. Semantics in Business:
Enable a paradigm switch in searching information
!
Google: “Josef Noll”
From
!
Information Retrieval
–
Why did Josef Noll come to
Norway?
To
!
Question Answering
–
“It is important to educate
female engineers, ...”
65
Privacy Issues 19. Aug 2008, Josef Noll
122. ITEA-Wellcom project
Future TV
source: Sony
And some of the partners working on tomorows TV experience:
66
Privacy Issues 19. Aug 2008, Josef Noll
126. ITEA-WellCom.org
TV today and tomorrow
Content
Service
Trust &
Personalisation
Provider
Commun-
Service
ication
adaptation
Context
(jabber)
TV
BT
STB
NFC
67
Privacy Issues 19. Aug 2008, Josef Noll
127. ITEA-WellCom.org
TV today and tomorrow
Content
Service
Trust &
Personalisation
Provider
Commun-
Service
ication
adaptation
Context
(jabber)
TV
BT
STB
NFC
67
Privacy Issues 19. Aug 2008, Josef Noll
128. Third party business model
• Media,
• Banks, Service providers
Content
provider
• Telecom, Corporate, Home
Service Payment
aggregator provider
Identity and
personalisation
provider
Customer
Authentication
care
and Access
provider
68
Josef Noll, “Who owns the SIM?”, 5 June 2007
129. Third party business model
• Media,
• Banks, Service providers
Content
provider
• Telecom, Corporate, Home
Service Payment
aggregator
• Service aggregator
provider
• Convenient interfaces
• Ease of use
Identity and
personalisation
provider
Customer
Authentication
care
and Access
provider
68
Josef Noll, “Who owns the SIM?”, 5 June 2007
130. Third party business model
• Media,
• Banks, Service providers
Content
provider
• Telecom, Corporate, Home
Service Payment
aggregator
• Service aggregator
provider
• Convenient interfaces
• Ease of use
Identity and
personalisation
• Identity and personalisation
provider
provider
Customer
Authentication
care
and Access • Convenience
provider
• Trust
68
Josef Noll, “Who owns the SIM?”, 5 June 2007
131. The secure element:
SIM card
Identity and
personalisation Service
Authentication
provider aggregator
and Access
provider
Send key and Send info to
credentials recipient
NFC
communication
Send service to
unit
phone
NFC2SIM
SIM
Smartcard interfaces
ISO/IEC 7816
Josef Noll, “Who owns the SIM?”, 5 June 2007
132. The secure element:
SIM card
Identity and
personalisation Service
Authentication
provider aggregator
and Access
provider
Send key and Send info to
• SIM is secure credentials recipient
element NFC
communication
Send service to
unit
• controlled environment phone
NFC2SIM
• over-the-air update
• open for applications
SIM
Smartcard interfaces
ISO/IEC 7816
• SIM will be owned
by user
• managed by trusted
third party
Josef Noll, “Who owns the SIM?”, 5 June 2007
133. Challenges and Benefits
200 Convenience
How insecure is the
of usage
Internet?
Will the phone be the only
150 secure element?
100 Visa and Mastercard
enable convenient small amount
purchases
Are Google, facebook
and flickr more trusted than telecom
50 operators?
Dynamic service environment?
On-the-fly creation of services?
0
2006 2008 2010
Telco favourite Third party favourite 70
Josef Noll, “Who owns the SIM?”, 5 June 2007
134. Conclusions
• “The last time we were
connected by a wire was at
birth!” [Motorola]
• The service world is wireless
– Q: “what is if you loose your
phone?”
– A: “A real crisis in life!”
• Easy access to devices and
services, dependent on the
context of the user
• Challenges
– get control of complexity
– get people understanding what
they are doing and us
understanding people
http://wiki.unik.no
!
71
Privacy Issues 19. Aug 2008, Josef Noll
135. Thanks to contributions from
My PhD students György Kálmán, Mohammad M. R. Chowdhury
!
Lasse Øverlier, “Anonymity, Privacy and Hidden Services”, PhD thesis at
!
University of Oslo
Stefan Weiss, “Your Users’ Privacy”, Deloite & Touche, 2007
!
Thomas Hintz, “Protecting your Internet Privacy”, University of Florida, http://
!
notebook.ifas.ufl.edu/privacy/
Wikipedia; Dick Hardt, Identity 2.0
!
Erzsebet Somogyi, UNIK - now CanalDigital.no; Judith Rossebø, Telenor
!
Movation - White paper 'Mobile Phone Evolution', April 2007
!
GPG(GNU Privacy Guard), based on PGP http://www.gnupg.org/
!
Anonymizer http://www.anonymizer.com/
!
Tor network, http://www.torproject.org
!
The New York Times, Sony Europe, Facebook; isolatr.com
!
Heung-Gyoon Ryu from Chungbuk National University, Korea
!
ID theft in seconds, itpro.no
!
72
Privacy Issues 19. Aug 2008, Josef Noll