SlideShare a Scribd company logo

PersoApp - Secure and User-Friendly Internet Applications

S
Sven Wohlgemuth

Introducing PersoApp to the Advisory Board at its constitutive meeting

Technology
1 of 26
Download to read offline
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity PersoApp Secure and User-Friendly Internet Applications Constitutive Meeting of the PersoApp Advisory Board Berlin, September 4, 2013 Prof. Dr. Ahmad-Reza Sadeghi Dr. Sven Wohlgemuth Head of PersoApp Consortium Technische Universität Darmstadt Center for Advanced Security Research Darmstadt (CASED)
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 2 Authentication data of bank customers stolen: Customers are re-directed to a "secure bank" to enter username, password, etc. •  Attacker gets full access on bank account •  Bank customer is not aware of it •  Majority of web security software didn't detect this attack http://www.techspot.com/news/47351-man-in-the- browser-malware-defeats-banks-two-step-online- authentication.html Malicious Authentication leads to Breach of Confidentiality Unauthorized access on personal data of 77 million customers •  Target: Sony PlayStation Network •  Detection via file “Anonymous” on Sony Online Entertainment Servers •  Costs: $170M (incl. Identity theft insurance package for customers, improvement to network security, free access to content, ...) http://www.computerworld.com/s/article/9216926/ PlayStation_Network_hack_will_cost_Sony_170M
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 3 Agenda I.  From Login to Privacy Control II.  Extending Identity Infrastructure III. PersoApp: Call for Participation
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 4 Keyword search File systems Groupware Databases Social networking Wiki Semantic search Tagging Reasoning Smart personal agents Natural language search Mashups I. From Login to Privacy Control Productivity Amount of data PC Era Web 1.0 Web 2.0 Web 3.0 Web 4.0 Desktop The World Wide Web The Social Web The Semantic Web The Intelligent Web Own figure based on Radar Networks & Nova Spivack, 2007; E. Brynjolfsson and A. McAfee, Race against the Machine, 2011.
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 5 Keyword search File systems Groupware Databases Social networking Wiki Semantic search Tagging Reasoning Smart personal agents Natural language search Mashups I. From Login to Privacy Control Productivity Amount of data PC Era Web 1.0 Web 2.0 Web 3.0 Web 4.0 Desktop The World Wide Web The Social Web The Semantic Web The Intelligent Web Human-machine interaction Machine-machine interaction Centralized data processing Ubiquitous P2P data processing Decentralized C/S data processing ... with automatic decision support Own figure based on Radar Networks & Nova Spivack, 2007; E. Brynjolfsson and A. McAfee, Race against the Machine, 2011.
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 6 Keyword search File systems Groupware Databases Social networking Wiki Semantic search Tagging Reasoning Smart personal agents Natural language search Mashups I. From Login to Privacy Control Productivity Amount of data PC Era Web 1.0 Web 2.0 Web 3.0 Web 4.0 Desktop The World Wide Web The Social Web The Semantic Web The Intelligent Web Transparency Forensics Human-machine interaction Machine-machine interaction One-factor identification Multi-factor identification Reputation Centralized data processing Ubiquitous P2P data processing Decentralized C/S data processing ... with automatic decision support Putting humans back in the loop Own figure based on Radar Networks & Nova Spivack, 2007; E. Brynjolfsson and A. McAfee, Race against the Machine, 2011.
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 7 Login and Privacy Example: Social Network Participant 1 DP/DC Social network provider DC/DP d1 d1 Participant 2 DP/DC d2 d2 DP = Data provider DC = Data consumer d, d* = Personal data Privacy legislation: "Privacy is the claim of individuals, groups and institutions to determine for themselves, when, how, and to what extent information about them is communicated to others." (Westin, 1967; regulations of Germany/EU) Own figure according to A. Pretschner, M. Hilty, and D. Basin, 2006; N. Sonehara, I. Echizen, and S. Wohlgemuth, 2011 Disclosure of personal data to third parties Participant 4 DC/DP Participant 2 DC/DP d1 * d1 *, d2 *
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 8 Login and Privacy Example: Social Network Participant 1 DP/DC Social network provider DC/DP d1 d1 Participant 2 DP/DC d2 d2 DP = Data provider DC = Data consumer d, d* = Personal data Privacy legislation: "Privacy is the claim of individuals, groups and institutions to determine for themselves, when, how, and to what extent information about them is communicated to others." (Westin, 1967; regulations of Germany/EU) Access control No control for processing of personal data Own figure according to A. Pretschner, M. Hilty, and D. Basin, 2006; N. Sonehara, I. Echizen, and S. Wohlgemuth, 2011 Disclosure of personal data to third parties Participant 4 DC/DP Participant 2 DC/DP d1 * d1 *, d2 * d1 *,d2 * d1, d2, d1 *, d2 * d1, d2, d1 *, d2 * d* 2 d* 1 Social network provider DC/DP Participant 4 DC/DP Participant 2 DC/DP d1 *, d2 *
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 9 Identity Theft and Prevention Example: Social Network •  Desired dependencies imply vulnerabilities by undesired ones (covert channels, escalation of rights, …)1 1 B. Lampson 1973; R. White 1990; L. Davi, A. Dmitrienko, A.-R. Sadeghi, and M. Winandy 2010 Assumption: Each authorized IT system is proven to be secure 2 C. Wang und S. Ju 2006 •  Impossible to automatically detect all undesired dependencies2 Case (a): Passive interference Case (b): Active interference Web 2.0 IT systems: Programming at run-time - Dependencies emerge at run-time
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 10 Identity Theft and Prevention Example: Social Network •  Desired dependencies imply vulnerabilities by undesired ones (covert channels, escalation of rights, …)1 1 B. Lampson 1973; R. White 1990; L. Davi, A. Dmitrienko, A.-R. Sadeghi, and M. Winandy 2010 Assumption: Each authorized IT system is proven to be secure 2 C. Wang und S. Ju 2006 •  Impossible to automatically detect all undesired dependencies2 Case (a): Passive interference Case (b): Active interference Web 2.0 IT systems: Programming at run-time - Dependencies emerge at run-time Detecting misuse of identity to (ex post) enforce privacy
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 11 II. Extending Identity Infrastructure •  Mobility •  Identity control •  Privacy control •  Privacy forensics
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 12 Mobility Connections and ubiquitous data processing increase Migration to mobility •  Android 4.04 (V1) •  Pre-release •  Open source software library •  Security concept and review •  Sony Xperia with USB reader •  Smartphone as personal digital assistant Human-machine interaction Machine-machine interaction
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 13 Participant 1 DP/DC Participant 2 DP/DC Identity Control Social network provider DC/DP Participant 4 DC/DP Participant 2 DC/DP d1 d1 * d1 * d2 * d2 Participant 6 DC/DP Transparency: Detecting misuse of identity by understanding disclosure of personal data Data provenance: Information to determine processing history of data, e.g. in an audit to detect evidences for an interference Personal data d2 Participant 2 Social network provider Personal data d2 Participant 2
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 14 Participant 1 DP/DC Participant 2 DP/DC Identity Control Social network provider DC/DP Participant 4 DC/DP Participant 2 DC/DP d1 d1 * d1 * d2 * d2 Participant 6 DC/DP Transparency: Detecting misuse of identity by understanding disclosure of personal data Data provenance: Information to determine processing history of data, e.g. in an audit to detect evidences for an interference Personal data d2 Participant 2 Social network provider Personal data d2 Participant 2 Social network provider Participant 6 Personal data d2 Participant 2
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 15 Participant 1 DP/DC Participant 2 DP/DC Identity Control Social network provider DC/DP Participant 4 DC/DP Participant 2 DC/DP d1 d1 * d1 * d2 * d2 Participant 6 DC/DP Transparency: Detecting misuse of identity by understanding disclosure of personal data Data provenance: Information to determine processing history of data, e.g. in an audit to detect evidences for an interference Personal data faulty d2 * Participant 2 Social network provider Participant 6 Participant 3 Personal data d2 Participant 2 Social network provider Personal data d2 Participant 2 Social network provider Participant 6 Personal data faulty d2 * Participant 2 Social network provider Participant 6 Personal data d2 Participant 2
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 16 Identity Control based on German ID Card Binding data provenance information as a tag to data In addition: eID client must enforce IT system of each participant Data Data consumer (e.g. social network provider) 4) Deliver tagged data Steps of a data disclosure: •  Online identification with German national ID card •  Disclosed data is tagged with updated provenance information •  Provenance information is authentic (e.g. secure logging, digital watermark, ...) 1) Access request eID client2) Fetch data 3) Apply tag Every disclosure of data is provable linked to re-identifiable identities No privacy Misuse of identity can be detected Security
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 17 Privacy Control Security and Privacy: Isolating disclosure of personal data by obligations according to SLA Isolation: Pseudonymous online identification of the German national ID card In addition: eID client must specify isolation by non-linkable delegation of rights System 1 DP/DC System 2 DP/DC System 3 DC/DP System 4 DC/DP System 2 DC/DP d1 d1 * d1 * d2 * d2 System 6 DC/DP Personal data d1 System 2 System 3 Personal data d2 System 2 System 3 System 6 Personal data d2 System 2 Own figure according to S. Wohlgemuth. I. Echizen, N. Sonehara, and G. Müller, 2010.
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 18 Privacy Control Security and Privacy: Isolating disclosure of personal data by obligations according to SLA Isolation: Pseudonymous online identification of the German national ID card In addition: eID client must specify isolation by non-linkable delegation of rights System 1 DP/DC System 2 DP/DC System 3 DC/DP System 4 DC/DP System 2 DC/DP d1 d1 * d1 * d2 * d2 System 6 DC/DP Personal data d1 System 2 System 3 Personal data d2 System 2 System 3 System 6 Personal data d2 System 2 Own figure according to S. Wohlgemuth. I. Echizen, N. Sonehara, and G. Müller, 2010. Personal data faulty d2 * System 2 System 3 System 6 System 3 Personal data faulty d2 * System 2 System 3 System 6 Personal data faulty d2 * System 2 System 3 System 6
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 19 Privacy Control Security and Privacy: Isolating disclosure of personal data by obligations according to SLA Isolation: Pseudonymous online identification of the German national ID card In addition: eID client must specify isolation by non-linkable delegation of rights System 1 DP/DC System 2 DP/DC System 3 DC/DP System 4 DC/DP System 2 DC/DP d1 d1 * d1 * d2 * d2 System 6 DC/DP Personal data d1 System 2 System 3 Personal data d2 System 2 System 3 System 6 Personal data d2 System 2 Own figure according to S. Wohlgemuth. I. Echizen, N. Sonehara, and G. Müller, 2010. Personal data faulty d2 * System 2 System 3 System 6 System 3 Personal data faulty d2 * System 2 System 3 System 6 Personal data faulty d2 * System 2 System 3 System 6 Preventing re-identification by linking data disclosures to pseudonyms Privacy Misuse of identity can be detected Security
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 20 Example: Identity Control, Privacy Control Exemplary data tagging •  Adding data provenance to personal images •  Does not contain information about participant from other sources Google Dashboard •  Overview on services and some data used with Google account Own figure according to S. Wohlgemuth. I. Echizen, N. Sonehara, and G. Müller, 2010.
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 21 Privacy Forensics Problem: Trust relationship leading to non-cooperating equilibrium due to unknown liability Increasing trust by coordinating and measuring privacy control for acceptable equilibriums Privacy forensics Privacy control Data provenanceOptimization Usage control policy tool box eID client assesses evidences on interferences (for each system)
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 22 Privacy Forensics Problem: Trust relationship leading to non-cooperating equilibrium due to unknown liability Increasing trust by coordinating and measuring privacy control for acceptable equilibriums Privacy forensics Privacy control Data provenanceOptimization Usage control policy tool box Privacy is an evidence for reliable data processing. New German national ID card can be used as a trust anchor for privacy in social networks eID client assesses evidences on interferences (for each system)
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 23 Key Messages •  PersoApp open source software library needs to be migrated to mobility to support Web 3.0 and Web 4.0 •  Data provenance to detect misuse of identity, since misuse cannot be completely prevented •  Privacy control with non-linkable delegation of rights based on the new German national ID card to detect misuse of identity •  Privacy forensics to decide on liability of misuse of identity, since misuse can be malicious or originate from a hidden dependency
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 24 Requirements for privacy in social networks III. PersoApp: Call for Participation Online identification of the new German nation ID card Technologies -  Delegation of rights -  Sticky policies -  Monitor for isolation -  Data provenance -  Mobility -  … PersoApp Open Source Community Data Usage Model Data provider d d, d‘Data consumer Data provider Topics -  Mobility -  Disclosure of personal/sensitive data to third parties -  Measurement of isolation of information flows -  Risk scenarios -  Isolation patterns by authorization for data usage with data protection schemes -  Risk awareness, acceptance, and coordination Data consumer Feedback Feedback Use Case Services of social networks -  Citizens -  Service providers -  … Regulations -  BSI technical guidelines -  PAuswG and PAuswV -  Data protection act -  … Deriving requirements for privacy
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 25 Call for Apps •  Identity control •  Privacy control •  Privacy forensics eID client for social networks supporting •  User-oriented requirement identification by survey •  Development of use case in particular for Apps •  Open source software library for online identification •  Integration of extensions by feature requests •  Guidelines for integrating and evaluating PersoApp software library in Apps •  Dissemination by workshops, talks, teaching, and PersoApp Internet portal We offer •  Apps for, e.g., mobile participation in a social network •  Security and privacy requirements of service providers and service users We are interested in Get in contact via www.persoapp.de
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 26 Cooperate via PersoApp! Twitter at https://www.twitter.com/persoapp •  Publication of news and interaction about PersoApp E-Mail Listings •  Contact: persoapp@trust.cased.de •  Project leaders: persoapp-projects@trust.cased.de •  Software developers: persoapp-devel@trust.cased.de • Project members: persoapp-broadcast@trust.cased.de • Steering committee: persoapp-steering@trust.cased.de • Advisory board: persoapp-advisory@trust.cased.de Code Repository at https://persoapp.googlecode.com/ •  SVN repository •  Issue tracker Internet Portal at https://www.persoapp.de •  Forum •  Pre-Release •  Demo and test service •  Documentation •  Event calendar

Recommended

Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...IJNSA Journal
 
12-19-14 CLE for South (P Garrett)
12-19-14 CLE for South (P Garrett)12-19-14 CLE for South (P Garrett)
12-19-14 CLE for South (P Garrett)Patrick Garrett
 
Dallas websecuritygroup addressing-top-security-threats-v2
Dallas websecuritygroup addressing-top-security-threats-v2Dallas websecuritygroup addressing-top-security-threats-v2
Dallas websecuritygroup addressing-top-security-threats-v2Dallas Web Security Group
 
Dallas Web Security Group - February Meeting - Addressing Top Security Threats
Dallas Web Security Group - February Meeting - Addressing Top Security ThreatsDallas Web Security Group - February Meeting - Addressing Top Security Threats
Dallas Web Security Group - February Meeting - Addressing Top Security ThreatsDallas Web Security Group
 
Deep Web and Digital Investigations
Deep Web and Digital Investigations Deep Web and Digital Investigations
Deep Web and Digital Investigations Damir Delija
 
Digital Crime & Forensics - Report
Digital Crime & Forensics - ReportDigital Crime & Forensics - Report
Digital Crime & Forensics - Reportprashant3535
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessNicholas Davis
 
Online Focus Groups Privacy and Security Considerations
Online Focus Groups Privacy and Security ConsiderationsOnline Focus Groups Privacy and Security Considerations
Online Focus Groups Privacy and Security ConsiderationsAlfonso Sintjago
 

Recommended

Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...IJNSA Journal
 
12-19-14 CLE for South (P Garrett)
12-19-14 CLE for South (P Garrett)12-19-14 CLE for South (P Garrett)
12-19-14 CLE for South (P Garrett)Patrick Garrett
 
Dallas websecuritygroup addressing-top-security-threats-v2
Dallas websecuritygroup addressing-top-security-threats-v2Dallas websecuritygroup addressing-top-security-threats-v2
Dallas websecuritygroup addressing-top-security-threats-v2Dallas Web Security Group
 
Dallas Web Security Group - February Meeting - Addressing Top Security Threats
Dallas Web Security Group - February Meeting - Addressing Top Security ThreatsDallas Web Security Group - February Meeting - Addressing Top Security Threats
Dallas Web Security Group - February Meeting - Addressing Top Security ThreatsDallas Web Security Group
 
Deep Web and Digital Investigations
Deep Web and Digital Investigations Deep Web and Digital Investigations
Deep Web and Digital Investigations Damir Delija
 
Digital Crime & Forensics - Report
Digital Crime & Forensics - ReportDigital Crime & Forensics - Report
Digital Crime & Forensics - Reportprashant3535
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessNicholas Davis
 
Online Focus Groups Privacy and Security Considerations
Online Focus Groups Privacy and Security ConsiderationsOnline Focus Groups Privacy and Security Considerations
Online Focus Groups Privacy and Security ConsiderationsAlfonso Sintjago
 
Carbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityCarbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityMighty Guides, Inc.
 
Protecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksProtecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksSocialKwan
 
C02
C02C02
C02newbie2019
 
A foundation for breach data analysis
A foundation for breach data analysisA foundation for breach data analysis
A foundation for breach data analysisAlexander Decker
 
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGS
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGSPRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGS
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGSIJCNCJournal
 
Computer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaComputer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaMohammed Mahfouz Alhassan
 
Computer security
Computer securityComputer security
Computer securityRoshanMaharjan13
 
Draft current state of digital forensic and data science
Draft current state of digital forensic and data science Draft current state of digital forensic and data science
Draft current state of digital forensic and data science Damir Delija
 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...Stefano Maria De' Rossi
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia LunaAviva Spectrum™
 
Digital forensics ahmed emam
Digital forensics ahmed emamDigital forensics ahmed emam
Digital forensics ahmed emamahmad abdelhafeez
 
Information security
Information securityInformation security
Information securityVijayananda Mohire
 
network security lec2 ccns
network security lec2 ccnsnetwork security lec2 ccns
network security lec2 ccnsDanish Mahmood
 
Cyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital DomainCyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital Domainppd1961
 
Digital forensics research: The next 10 years
Digital forensics research: The next 10 yearsDigital forensics research: The next 10 years
Digital forensics research: The next 10 yearsMehedi Hasan
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentationprashant3535
 
CYBER AWARENESS
CYBER AWARENESSCYBER AWARENESS
CYBER AWARENESSEDUJIE DOMINIC IGHODALO
 
The Future of Digital Forensics
The Future of Digital ForensicsThe Future of Digital Forensics
The Future of Digital Forensics00heights
 
DF Process Models
DF Process ModelsDF Process Models
DF Process ModelsCostas Katsavounidis
 
Ethics,security and privacy control
Ethics,security and privacy controlEthics,security and privacy control
Ethics,security and privacy controlSifat Hossain
 
ICT Resilience in EU
ICT Resilience in EUICT Resilience in EU
ICT Resilience in EUSven Wohlgemuth
 
Privacy with Secondary Use of Personal Information
Privacy with Secondary Use of Personal InformationPrivacy with Secondary Use of Personal Information
Privacy with Secondary Use of Personal InformationSven Wohlgemuth
 

More Related Content

What's hot

Carbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityCarbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityMighty Guides, Inc.
 
Protecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksProtecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksSocialKwan
 
A foundation for breach data analysis
A foundation for breach data analysisA foundation for breach data analysis
A foundation for breach data analysisAlexander Decker
 
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGS
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGSPRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGS
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGSIJCNCJournal
 
Computer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaComputer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaMohammed Mahfouz Alhassan
 
Draft current state of digital forensic and data science
Draft current state of digital forensic and data science Draft current state of digital forensic and data science
Draft current state of digital forensic and data science Damir Delija
 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...Stefano Maria De' Rossi
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia LunaAviva Spectrum™
 
Digital forensics ahmed emam
Digital forensics ahmed emamDigital forensics ahmed emam
Digital forensics ahmed emamahmad abdelhafeez
 
network security lec2 ccns
network security lec2 ccnsnetwork security lec2 ccns
network security lec2 ccnsDanish Mahmood
 
Cyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital DomainCyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital Domainppd1961
 
Digital forensics research: The next 10 years
Digital forensics research: The next 10 yearsDigital forensics research: The next 10 years
Digital forensics research: The next 10 yearsMehedi Hasan
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentationprashant3535
 
The Future of Digital Forensics
The Future of Digital ForensicsThe Future of Digital Forensics
The Future of Digital Forensics00heights
 
Ethics,security and privacy control
Ethics,security and privacy controlEthics,security and privacy control
Ethics,security and privacy controlSifat Hossain
 

What's hot (20)

Carbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityCarbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint Security
 
Protecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksProtecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaks
 
C02
C02C02
C02
 
A foundation for breach data analysis
A foundation for breach data analysisA foundation for breach data analysis
A foundation for breach data analysis
 
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGS
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGSPRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGS
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGS
 
Computer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaComputer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of Ghana
 
Computer security
Computer securityComputer security
Computer security
 
Draft current state of digital forensic and data science
Draft current state of digital forensic and data science Draft current state of digital forensic and data science
Draft current state of digital forensic and data science
 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
 
Digital forensics ahmed emam
Digital forensics ahmed emamDigital forensics ahmed emam
Digital forensics ahmed emam
 
Information security
Information securityInformation security
Information security
 
network security lec2 ccns
network security lec2 ccnsnetwork security lec2 ccns
network security lec2 ccns
 
Cyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital DomainCyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital Domain
 
Digital forensics research: The next 10 years
Digital forensics research: The next 10 yearsDigital forensics research: The next 10 years
Digital forensics research: The next 10 years
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentation
 
CYBER AWARENESS
CYBER AWARENESSCYBER AWARENESS
CYBER AWARENESS
 
The Future of Digital Forensics
The Future of Digital ForensicsThe Future of Digital Forensics
The Future of Digital Forensics
 
DF Process Models
DF Process ModelsDF Process Models
DF Process Models
 
Ethics,security and privacy control
Ethics,security and privacy controlEthics,security and privacy control
Ethics,security and privacy control
 

Viewers also liked

Privacy with Secondary Use of Personal Information
Privacy with Secondary Use of Personal InformationPrivacy with Secondary Use of Personal Information
Privacy with Secondary Use of Personal InformationSven Wohlgemuth
 
PersoApp - Sichere und benutzerfreundliche Internetanwendungen
PersoApp - Sichere und benutzerfreundliche InternetanwendungenPersoApp - Sichere und benutzerfreundliche Internetanwendungen
PersoApp - Sichere und benutzerfreundliche InternetanwendungenSven Wohlgemuth
 
Resilience by Usable Security
Resilience by Usable SecurityResilience by Usable Security
Resilience by Usable SecuritySven Wohlgemuth
 
Resilience as a new Enforcement Model for IT Security based on Usage Control
Resilience as a new Enforcement Model for IT Security based on Usage ControlResilience as a new Enforcement Model for IT Security based on Usage Control
Resilience as a new Enforcement Model for IT Security based on Usage ControlSven Wohlgemuth
 
Privacy-Enhancing Trust Infrastructure for Process Mining
Privacy-Enhancing Trust Infrastructure for Process MiningPrivacy-Enhancing Trust Infrastructure for Process Mining
Privacy-Enhancing Trust Infrastructure for Process MiningSven Wohlgemuth
 
PersoApp - An Open Source Community for the new German national ID card
PersoApp - An Open Source Community for the new German national ID cardPersoApp - An Open Source Community for the new German national ID card
PersoApp - An Open Source Community for the new German national ID cardSven Wohlgemuth
 
Tagging Disclosure of Personal Data to Third Parties to Preserve Privacy
Tagging Disclosure of Personal Data to Third Parties to Preserve PrivacyTagging Disclosure of Personal Data to Third Parties to Preserve Privacy
Tagging Disclosure of Personal Data to Third Parties to Preserve PrivacySven Wohlgemuth
 

Viewers also liked (8)

ICT Resilience in EU
ICT Resilience in EUICT Resilience in EU
ICT Resilience in EU
 
Privacy with Secondary Use of Personal Information
Privacy with Secondary Use of Personal InformationPrivacy with Secondary Use of Personal Information
Privacy with Secondary Use of Personal Information
 
PersoApp - Sichere und benutzerfreundliche Internetanwendungen
PersoApp - Sichere und benutzerfreundliche InternetanwendungenPersoApp - Sichere und benutzerfreundliche Internetanwendungen
PersoApp - Sichere und benutzerfreundliche Internetanwendungen
 
Resilience by Usable Security
Resilience by Usable SecurityResilience by Usable Security
Resilience by Usable Security
 
Resilience as a new Enforcement Model for IT Security based on Usage Control
Resilience as a new Enforcement Model for IT Security based on Usage ControlResilience as a new Enforcement Model for IT Security based on Usage Control
Resilience as a new Enforcement Model for IT Security based on Usage Control
 
Privacy-Enhancing Trust Infrastructure for Process Mining
Privacy-Enhancing Trust Infrastructure for Process MiningPrivacy-Enhancing Trust Infrastructure for Process Mining
Privacy-Enhancing Trust Infrastructure for Process Mining
 
PersoApp - An Open Source Community for the new German national ID card
PersoApp - An Open Source Community for the new German national ID cardPersoApp - An Open Source Community for the new German national ID card
PersoApp - An Open Source Community for the new German national ID card
 
Tagging Disclosure of Personal Data to Third Parties to Preserve Privacy
Tagging Disclosure of Personal Data to Third Parties to Preserve PrivacyTagging Disclosure of Personal Data to Third Parties to Preserve Privacy
Tagging Disclosure of Personal Data to Third Parties to Preserve Privacy
 

Similar to PersoApp - Secure and User-Friendly Internet Applications

Data mining in security: Ja'far Alqatawna
Data mining in security: Ja'far AlqatawnaData mining in security: Ja'far Alqatawna
Data mining in security: Ja'far AlqatawnaMaribel García Arenas
 
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...CREST @ University of Adelaide
 
Combating cyber security through forensic investigation tools
Combating cyber security through forensic investigation toolsCombating cyber security through forensic investigation tools
Combating cyber security through forensic investigation toolsVenkata Sreeram
 
TIPPSS for Enabling & Securing our Increasingly Connected World – Trust, Iden...
TIPPSS for Enabling & Securing our Increasingly Connected World – Trust, Iden...TIPPSS for Enabling & Securing our Increasingly Connected World – Trust, Iden...
TIPPSS for Enabling & Securing our Increasingly Connected World – Trust, Iden...PacificResearchPlatform
 
Data Protection
 in the Age of Big Data
Data Protection
 in the Age of Big DataData Protection
 in the Age of Big Data
Data Protection
 in the Age of Big DataArthit Suriyawongkul
 
Proceedings on Privacy Enhancing Technologies ; 2016 (3)96–11
Proceedings on Privacy Enhancing Technologies ; 2016 (3)96–11Proceedings on Privacy Enhancing Technologies ; 2016 (3)96–11
Proceedings on Privacy Enhancing Technologies ; 2016 (3)96–11DaliaCulbertson719
 
CyberSecurity-Forum-2010-Mario Hoffmann
CyberSecurity-Forum-2010-Mario HoffmannCyberSecurity-Forum-2010-Mario Hoffmann
CyberSecurity-Forum-2010-Mario Hoffmannsegughana
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
 
I spy. The world of info Security from the known to the unknown.
I spy. The world of info Security from the known to the unknown.I spy. The world of info Security from the known to the unknown.
I spy. The world of info Security from the known to the unknown.Internet Security Auditors
 
Ijeee 7-11-privacy preserving distributed data mining with anonymous id assig...
Ijeee 7-11-privacy preserving distributed data mining with anonymous id assig...Ijeee 7-11-privacy preserving distributed data mining with anonymous id assig...
Ijeee 7-11-privacy preserving distributed data mining with anonymous id assig...Kumar Goud
 
RIM On The Social Side
RIM On The Social SideRIM On The Social Side
RIM On The Social SideNatalie Alesi
 
Analysis of Rogue Access Points using Software-Defined Radio
Analysis of Rogue Access Points using Software-Defined RadioAnalysis of Rogue Access Points using Software-Defined Radio
Analysis of Rogue Access Points using Software-Defined RadioJuanRios179
 
Corporation DriveSureNumber of Individuals Impacted 38 Millio
Corporation DriveSureNumber of Individuals Impacted 38 MillioCorporation DriveSureNumber of Individuals Impacted 38 Millio
Corporation DriveSureNumber of Individuals Impacted 38 MillioAlleneMcclendon878
 
Codes of Ethics and the Ethics of Code
Codes of Ethics and the Ethics of CodeCodes of Ethics and the Ethics of Code
Codes of Ethics and the Ethics of CodeMark Underwood
 
Security and ethical issues of mobile device technology
Security and ethical issues of mobile device technologySecurity and ethical issues of mobile device technology
Security and ethical issues of mobile device technologyErik R. Ranschaert, MD, PhD
 
Data privacy over internet
Data privacy over internetData privacy over internet
Data privacy over internetdevashishicai
 

Similar to PersoApp - Secure and User-Friendly Internet Applications (20)

Data mining in security: Ja'far Alqatawna
Data mining in security: Ja'far AlqatawnaData mining in security: Ja'far Alqatawna
Data mining in security: Ja'far Alqatawna
 
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...
 
Combating cyber security through forensic investigation tools
Combating cyber security through forensic investigation toolsCombating cyber security through forensic investigation tools
Combating cyber security through forensic investigation tools
 
TIPPSS for Enabling & Securing our Increasingly Connected World – Trust, Iden...
TIPPSS for Enabling & Securing our Increasingly Connected World – Trust, Iden...TIPPSS for Enabling & Securing our Increasingly Connected World – Trust, Iden...
TIPPSS for Enabling & Securing our Increasingly Connected World – Trust, Iden...
 
Data Protection
 in the Age of Big Data
Data Protection
 in the Age of Big DataData Protection
 in the Age of Big Data
Data Protection
 in the Age of Big Data
 
AIDA ICITET
AIDA ICITETAIDA ICITET
AIDA ICITET
 
Proceedings on Privacy Enhancing Technologies ; 2016 (3)96–11
Proceedings on Privacy Enhancing Technologies ; 2016 (3)96–11Proceedings on Privacy Enhancing Technologies ; 2016 (3)96–11
Proceedings on Privacy Enhancing Technologies ; 2016 (3)96–11
 
CyberSecurity-Forum-2010-Mario Hoffmann
CyberSecurity-Forum-2010-Mario HoffmannCyberSecurity-Forum-2010-Mario Hoffmann
CyberSecurity-Forum-2010-Mario Hoffmann
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
 
I spy. The world of info Security from the known to the unknown.
I spy. The world of info Security from the known to the unknown.I spy. The world of info Security from the known to the unknown.
I spy. The world of info Security from the known to the unknown.
 
Privacy in e-Health
Privacy in e-HealthPrivacy in e-Health
Privacy in e-Health
 
Ijeee 7-11-privacy preserving distributed data mining with anonymous id assig...
Ijeee 7-11-privacy preserving distributed data mining with anonymous id assig...Ijeee 7-11-privacy preserving distributed data mining with anonymous id assig...
Ijeee 7-11-privacy preserving distributed data mining with anonymous id assig...
 
RIM On The Social Side
RIM On The Social SideRIM On The Social Side
RIM On The Social Side
 
Analysis of Rogue Access Points using Software-Defined Radio
Analysis of Rogue Access Points using Software-Defined RadioAnalysis of Rogue Access Points using Software-Defined Radio
Analysis of Rogue Access Points using Software-Defined Radio
 
Corporation DriveSureNumber of Individuals Impacted 38 Millio
Corporation DriveSureNumber of Individuals Impacted 38 MillioCorporation DriveSureNumber of Individuals Impacted 38 Millio
Corporation DriveSureNumber of Individuals Impacted 38 Millio
 
Spyware
SpywareSpyware
Spyware
 
P50 fahl
P50 fahlP50 fahl
P50 fahl
 
Codes of Ethics and the Ethics of Code
Codes of Ethics and the Ethics of CodeCodes of Ethics and the Ethics of Code
Codes of Ethics and the Ethics of Code
 
Security and ethical issues of mobile device technology
Security and ethical issues of mobile device technologySecurity and ethical issues of mobile device technology
Security and ethical issues of mobile device technology
 
Data privacy over internet
Data privacy over internetData privacy over internet
Data privacy over internet
 

More from Sven Wohlgemuth

A Secure Decision-Support Scheme for Self-Sovereign Identity Management
A Secure Decision-Support Scheme for Self-Sovereign Identity ManagementA Secure Decision-Support Scheme for Self-Sovereign Identity Management
A Secure Decision-Support Scheme for Self-Sovereign Identity ManagementSven Wohlgemuth
 
Competitive Compliance with Blockchain
Competitive Compliance with BlockchainCompetitive Compliance with Blockchain
Competitive Compliance with BlockchainSven Wohlgemuth
 
Secure Sharing of Design Information with Blockchains
Secure Sharing of Design Information with BlockchainsSecure Sharing of Design Information with Blockchains
Secure Sharing of Design Information with BlockchainsSven Wohlgemuth
 
個人情報の有効活用を可能にする (Enabling effective use of personal information)
個人情報の有効活用を可能にする (Enabling effective use of personal information) 個人情報の有効活用を可能にする (Enabling effective use of personal information)
個人情報の有効活用を可能にする (Enabling effective use of personal information)Sven Wohlgemuth
 
EN 6.3: 3 Sicherheitsmodelle
EN 6.3: 3 SicherheitsmodelleEN 6.3: 3 Sicherheitsmodelle
EN 6.3: 3 SicherheitsmodelleSven Wohlgemuth
 
Privacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity ManagementPrivacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity ManagementSven Wohlgemuth
 
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...Sven Wohlgemuth
 
On Privacy in Medical Services with Electronic Health Records
On Privacy in Medical Services with Electronic Health RecordsOn Privacy in Medical Services with Electronic Health Records
On Privacy in Medical Services with Electronic Health RecordsSven Wohlgemuth
 
EN 6.3: 2 IT-Compliance und IT-Sicherheitsmanagement
EN 6.3: 2 IT-Compliance und IT-SicherheitsmanagementEN 6.3: 2 IT-Compliance und IT-Sicherheitsmanagement
EN 6.3: 2 IT-Compliance und IT-SicherheitsmanagementSven Wohlgemuth
 
EN 6.3: 1 IT-Sicherheit und Technischer Datenschutz
EN 6.3: 1 IT-Sicherheit und Technischer DatenschutzEN 6.3: 1 IT-Sicherheit und Technischer Datenschutz
EN 6.3: 1 IT-Sicherheit und Technischer DatenschutzSven Wohlgemuth
 
International Workshop on Information Systems for Social Innovation (ISSI) 2009
International Workshop on Information Systems for Social Innovation (ISSI) 2009International Workshop on Information Systems for Social Innovation (ISSI) 2009
International Workshop on Information Systems for Social Innovation (ISSI) 2009Sven Wohlgemuth
 
Durchsetzung von Privacy Policies in Dienstenetzen
Durchsetzung von Privacy Policies in DienstenetzenDurchsetzung von Privacy Policies in Dienstenetzen
Durchsetzung von Privacy Policies in DienstenetzenSven Wohlgemuth
 
Privacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity ManagementPrivacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity ManagementSven Wohlgemuth
 
Privacy in Business Processes by Identity Management
Privacy in Business Processes by Identity ManagementPrivacy in Business Processes by Identity Management
Privacy in Business Processes by Identity ManagementSven Wohlgemuth
 
Schlüsselverwaltung - Objektorientierter Entwurf und Implementierung
Schlüsselverwaltung - Objektorientierter Entwurf und ImplementierungSchlüsselverwaltung - Objektorientierter Entwurf und Implementierung
Schlüsselverwaltung - Objektorientierter Entwurf und ImplementierungSven Wohlgemuth
 
Sicherheit in einer vernetzten Welt
Sicherheit in einer vernetzten WeltSicherheit in einer vernetzten Welt
Sicherheit in einer vernetzten WeltSven Wohlgemuth
 
Solutions for Coping with Privacy and Usability
Solutions for Coping with Privacy and UsabilitySolutions for Coping with Privacy and Usability
Solutions for Coping with Privacy and UsabilitySven Wohlgemuth
 
iManager - nutzer-zentrierter Identitätsmanager
iManager - nutzer-zentrierter IdentitätsmanageriManager - nutzer-zentrierter Identitätsmanager
iManager - nutzer-zentrierter IdentitätsmanagerSven Wohlgemuth
 
ATUS - A Toolkit for Usable Security
ATUS - A Toolkit for Usable SecurityATUS - A Toolkit for Usable Security
ATUS - A Toolkit for Usable SecuritySven Wohlgemuth
 

More from Sven Wohlgemuth (20)

A Secure Decision-Support Scheme for Self-Sovereign Identity Management
A Secure Decision-Support Scheme for Self-Sovereign Identity ManagementA Secure Decision-Support Scheme for Self-Sovereign Identity Management
A Secure Decision-Support Scheme for Self-Sovereign Identity Management
 
Competitive Compliance with Blockchain
Competitive Compliance with BlockchainCompetitive Compliance with Blockchain
Competitive Compliance with Blockchain
 
Secure Sharing of Design Information with Blockchains
Secure Sharing of Design Information with BlockchainsSecure Sharing of Design Information with Blockchains
Secure Sharing of Design Information with Blockchains
 
個人情報の有効活用を可能にする (Enabling effective use of personal information)
個人情報の有効活用を可能にする (Enabling effective use of personal information) 個人情報の有効活用を可能にする (Enabling effective use of personal information)
個人情報の有効活用を可能にする (Enabling effective use of personal information)
 
EN 6.3: 4 Kryptographie
EN 6.3: 4 KryptographieEN 6.3: 4 Kryptographie
EN 6.3: 4 Kryptographie
 
EN 6.3: 3 Sicherheitsmodelle
EN 6.3: 3 SicherheitsmodelleEN 6.3: 3 Sicherheitsmodelle
EN 6.3: 3 Sicherheitsmodelle
 
Privacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity ManagementPrivacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity Management
 
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...
 
On Privacy in Medical Services with Electronic Health Records
On Privacy in Medical Services with Electronic Health RecordsOn Privacy in Medical Services with Electronic Health Records
On Privacy in Medical Services with Electronic Health Records
 
EN 6.3: 2 IT-Compliance und IT-Sicherheitsmanagement
EN 6.3: 2 IT-Compliance und IT-SicherheitsmanagementEN 6.3: 2 IT-Compliance und IT-Sicherheitsmanagement
EN 6.3: 2 IT-Compliance und IT-Sicherheitsmanagement
 
EN 6.3: 1 IT-Sicherheit und Technischer Datenschutz
EN 6.3: 1 IT-Sicherheit und Technischer DatenschutzEN 6.3: 1 IT-Sicherheit und Technischer Datenschutz
EN 6.3: 1 IT-Sicherheit und Technischer Datenschutz
 
International Workshop on Information Systems for Social Innovation (ISSI) 2009
International Workshop on Information Systems for Social Innovation (ISSI) 2009International Workshop on Information Systems for Social Innovation (ISSI) 2009
International Workshop on Information Systems for Social Innovation (ISSI) 2009
 
Durchsetzung von Privacy Policies in Dienstenetzen
Durchsetzung von Privacy Policies in DienstenetzenDurchsetzung von Privacy Policies in Dienstenetzen
Durchsetzung von Privacy Policies in Dienstenetzen
 
Privacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity ManagementPrivacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity Management
 
Privacy in Business Processes by Identity Management
Privacy in Business Processes by Identity ManagementPrivacy in Business Processes by Identity Management
Privacy in Business Processes by Identity Management
 
Schlüsselverwaltung - Objektorientierter Entwurf und Implementierung
Schlüsselverwaltung - Objektorientierter Entwurf und ImplementierungSchlüsselverwaltung - Objektorientierter Entwurf und Implementierung
Schlüsselverwaltung - Objektorientierter Entwurf und Implementierung
 
Sicherheit in einer vernetzten Welt
Sicherheit in einer vernetzten WeltSicherheit in einer vernetzten Welt
Sicherheit in einer vernetzten Welt
 
Solutions for Coping with Privacy and Usability
Solutions for Coping with Privacy and UsabilitySolutions for Coping with Privacy and Usability
Solutions for Coping with Privacy and Usability
 
iManager - nutzer-zentrierter Identitätsmanager
iManager - nutzer-zentrierter IdentitätsmanageriManager - nutzer-zentrierter Identitätsmanager
iManager - nutzer-zentrierter Identitätsmanager
 
ATUS - A Toolkit for Usable Security
ATUS - A Toolkit for Usable SecurityATUS - A Toolkit for Usable Security
ATUS - A Toolkit for Usable Security
 

Recently uploaded

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

PersoApp - Secure and User-Friendly Internet Applications

  • 1. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity PersoApp Secure and User-Friendly Internet Applications Constitutive Meeting of the PersoApp Advisory Board Berlin, September 4, 2013 Prof. Dr. Ahmad-Reza Sadeghi Dr. Sven Wohlgemuth Head of PersoApp Consortium Technische Universität Darmstadt Center for Advanced Security Research Darmstadt (CASED)
  • 2. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 2 Authentication data of bank customers stolen: Customers are re-directed to a "secure bank" to enter username, password, etc. •  Attacker gets full access on bank account •  Bank customer is not aware of it •  Majority of web security software didn't detect this attack http://www.techspot.com/news/47351-man-in-the- browser-malware-defeats-banks-two-step-online- authentication.html Malicious Authentication leads to Breach of Confidentiality Unauthorized access on personal data of 77 million customers •  Target: Sony PlayStation Network •  Detection via file “Anonymous” on Sony Online Entertainment Servers •  Costs: $170M (incl. Identity theft insurance package for customers, improvement to network security, free access to content, ...) http://www.computerworld.com/s/article/9216926/ PlayStation_Network_hack_will_cost_Sony_170M
  • 3. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 3 Agenda I.  From Login to Privacy Control II.  Extending Identity Infrastructure III. PersoApp: Call for Participation
  • 4. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 4 Keyword search File systems Groupware Databases Social networking Wiki Semantic search Tagging Reasoning Smart personal agents Natural language search Mashups I. From Login to Privacy Control Productivity Amount of data PC Era Web 1.0 Web 2.0 Web 3.0 Web 4.0 Desktop The World Wide Web The Social Web The Semantic Web The Intelligent Web Own figure based on Radar Networks & Nova Spivack, 2007; E. Brynjolfsson and A. McAfee, Race against the Machine, 2011.
  • 5. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 5 Keyword search File systems Groupware Databases Social networking Wiki Semantic search Tagging Reasoning Smart personal agents Natural language search Mashups I. From Login to Privacy Control Productivity Amount of data PC Era Web 1.0 Web 2.0 Web 3.0 Web 4.0 Desktop The World Wide Web The Social Web The Semantic Web The Intelligent Web Human-machine interaction Machine-machine interaction Centralized data processing Ubiquitous P2P data processing Decentralized C/S data processing ... with automatic decision support Own figure based on Radar Networks & Nova Spivack, 2007; E. Brynjolfsson and A. McAfee, Race against the Machine, 2011.
  • 6. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 6 Keyword search File systems Groupware Databases Social networking Wiki Semantic search Tagging Reasoning Smart personal agents Natural language search Mashups I. From Login to Privacy Control Productivity Amount of data PC Era Web 1.0 Web 2.0 Web 3.0 Web 4.0 Desktop The World Wide Web The Social Web The Semantic Web The Intelligent Web Transparency Forensics Human-machine interaction Machine-machine interaction One-factor identification Multi-factor identification Reputation Centralized data processing Ubiquitous P2P data processing Decentralized C/S data processing ... with automatic decision support Putting humans back in the loop Own figure based on Radar Networks & Nova Spivack, 2007; E. Brynjolfsson and A. McAfee, Race against the Machine, 2011.
  • 7. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 7 Login and Privacy Example: Social Network Participant 1 DP/DC Social network provider DC/DP d1 d1 Participant 2 DP/DC d2 d2 DP = Data provider DC = Data consumer d, d* = Personal data Privacy legislation: "Privacy is the claim of individuals, groups and institutions to determine for themselves, when, how, and to what extent information about them is communicated to others." (Westin, 1967; regulations of Germany/EU) Own figure according to A. Pretschner, M. Hilty, and D. Basin, 2006; N. Sonehara, I. Echizen, and S. Wohlgemuth, 2011 Disclosure of personal data to third parties Participant 4 DC/DP Participant 2 DC/DP d1 * d1 *, d2 *
  • 8. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 8 Login and Privacy Example: Social Network Participant 1 DP/DC Social network provider DC/DP d1 d1 Participant 2 DP/DC d2 d2 DP = Data provider DC = Data consumer d, d* = Personal data Privacy legislation: "Privacy is the claim of individuals, groups and institutions to determine for themselves, when, how, and to what extent information about them is communicated to others." (Westin, 1967; regulations of Germany/EU) Access control No control for processing of personal data Own figure according to A. Pretschner, M. Hilty, and D. Basin, 2006; N. Sonehara, I. Echizen, and S. Wohlgemuth, 2011 Disclosure of personal data to third parties Participant 4 DC/DP Participant 2 DC/DP d1 * d1 *, d2 * d1 *,d2 * d1, d2, d1 *, d2 * d1, d2, d1 *, d2 * d* 2 d* 1 Social network provider DC/DP Participant 4 DC/DP Participant 2 DC/DP d1 *, d2 *
  • 9. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 9 Identity Theft and Prevention Example: Social Network •  Desired dependencies imply vulnerabilities by undesired ones (covert channels, escalation of rights, …)1 1 B. Lampson 1973; R. White 1990; L. Davi, A. Dmitrienko, A.-R. Sadeghi, and M. Winandy 2010 Assumption: Each authorized IT system is proven to be secure 2 C. Wang und S. Ju 2006 •  Impossible to automatically detect all undesired dependencies2 Case (a): Passive interference Case (b): Active interference Web 2.0 IT systems: Programming at run-time - Dependencies emerge at run-time
  • 10. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 10 Identity Theft and Prevention Example: Social Network •  Desired dependencies imply vulnerabilities by undesired ones (covert channels, escalation of rights, …)1 1 B. Lampson 1973; R. White 1990; L. Davi, A. Dmitrienko, A.-R. Sadeghi, and M. Winandy 2010 Assumption: Each authorized IT system is proven to be secure 2 C. Wang und S. Ju 2006 •  Impossible to automatically detect all undesired dependencies2 Case (a): Passive interference Case (b): Active interference Web 2.0 IT systems: Programming at run-time - Dependencies emerge at run-time Detecting misuse of identity to (ex post) enforce privacy
  • 11. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 11 II. Extending Identity Infrastructure •  Mobility •  Identity control •  Privacy control •  Privacy forensics
  • 12. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 12 Mobility Connections and ubiquitous data processing increase Migration to mobility •  Android 4.04 (V1) •  Pre-release •  Open source software library •  Security concept and review •  Sony Xperia with USB reader •  Smartphone as personal digital assistant Human-machine interaction Machine-machine interaction
  • 13. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 13 Participant 1 DP/DC Participant 2 DP/DC Identity Control Social network provider DC/DP Participant 4 DC/DP Participant 2 DC/DP d1 d1 * d1 * d2 * d2 Participant 6 DC/DP Transparency: Detecting misuse of identity by understanding disclosure of personal data Data provenance: Information to determine processing history of data, e.g. in an audit to detect evidences for an interference Personal data d2 Participant 2 Social network provider Personal data d2 Participant 2
  • 14. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 14 Participant 1 DP/DC Participant 2 DP/DC Identity Control Social network provider DC/DP Participant 4 DC/DP Participant 2 DC/DP d1 d1 * d1 * d2 * d2 Participant 6 DC/DP Transparency: Detecting misuse of identity by understanding disclosure of personal data Data provenance: Information to determine processing history of data, e.g. in an audit to detect evidences for an interference Personal data d2 Participant 2 Social network provider Personal data d2 Participant 2 Social network provider Participant 6 Personal data d2 Participant 2
  • 15. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 15 Participant 1 DP/DC Participant 2 DP/DC Identity Control Social network provider DC/DP Participant 4 DC/DP Participant 2 DC/DP d1 d1 * d1 * d2 * d2 Participant 6 DC/DP Transparency: Detecting misuse of identity by understanding disclosure of personal data Data provenance: Information to determine processing history of data, e.g. in an audit to detect evidences for an interference Personal data faulty d2 * Participant 2 Social network provider Participant 6 Participant 3 Personal data d2 Participant 2 Social network provider Personal data d2 Participant 2 Social network provider Participant 6 Personal data faulty d2 * Participant 2 Social network provider Participant 6 Personal data d2 Participant 2
  • 16. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 16 Identity Control based on German ID Card Binding data provenance information as a tag to data In addition: eID client must enforce IT system of each participant Data Data consumer (e.g. social network provider) 4) Deliver tagged data Steps of a data disclosure: •  Online identification with German national ID card •  Disclosed data is tagged with updated provenance information •  Provenance information is authentic (e.g. secure logging, digital watermark, ...) 1) Access request eID client2) Fetch data 3) Apply tag Every disclosure of data is provable linked to re-identifiable identities No privacy Misuse of identity can be detected Security
  • 17. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 17 Privacy Control Security and Privacy: Isolating disclosure of personal data by obligations according to SLA Isolation: Pseudonymous online identification of the German national ID card In addition: eID client must specify isolation by non-linkable delegation of rights System 1 DP/DC System 2 DP/DC System 3 DC/DP System 4 DC/DP System 2 DC/DP d1 d1 * d1 * d2 * d2 System 6 DC/DP Personal data d1 System 2 System 3 Personal data d2 System 2 System 3 System 6 Personal data d2 System 2 Own figure according to S. Wohlgemuth. I. Echizen, N. Sonehara, and G. Müller, 2010.
  • 18. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 18 Privacy Control Security and Privacy: Isolating disclosure of personal data by obligations according to SLA Isolation: Pseudonymous online identification of the German national ID card In addition: eID client must specify isolation by non-linkable delegation of rights System 1 DP/DC System 2 DP/DC System 3 DC/DP System 4 DC/DP System 2 DC/DP d1 d1 * d1 * d2 * d2 System 6 DC/DP Personal data d1 System 2 System 3 Personal data d2 System 2 System 3 System 6 Personal data d2 System 2 Own figure according to S. Wohlgemuth. I. Echizen, N. Sonehara, and G. Müller, 2010. Personal data faulty d2 * System 2 System 3 System 6 System 3 Personal data faulty d2 * System 2 System 3 System 6 Personal data faulty d2 * System 2 System 3 System 6
  • 19. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 19 Privacy Control Security and Privacy: Isolating disclosure of personal data by obligations according to SLA Isolation: Pseudonymous online identification of the German national ID card In addition: eID client must specify isolation by non-linkable delegation of rights System 1 DP/DC System 2 DP/DC System 3 DC/DP System 4 DC/DP System 2 DC/DP d1 d1 * d1 * d2 * d2 System 6 DC/DP Personal data d1 System 2 System 3 Personal data d2 System 2 System 3 System 6 Personal data d2 System 2 Own figure according to S. Wohlgemuth. I. Echizen, N. Sonehara, and G. Müller, 2010. Personal data faulty d2 * System 2 System 3 System 6 System 3 Personal data faulty d2 * System 2 System 3 System 6 Personal data faulty d2 * System 2 System 3 System 6 Preventing re-identification by linking data disclosures to pseudonyms Privacy Misuse of identity can be detected Security
  • 20. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 20 Example: Identity Control, Privacy Control Exemplary data tagging •  Adding data provenance to personal images •  Does not contain information about participant from other sources Google Dashboard •  Overview on services and some data used with Google account Own figure according to S. Wohlgemuth. I. Echizen, N. Sonehara, and G. Müller, 2010.
  • 21. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 21 Privacy Forensics Problem: Trust relationship leading to non-cooperating equilibrium due to unknown liability Increasing trust by coordinating and measuring privacy control for acceptable equilibriums Privacy forensics Privacy control Data provenanceOptimization Usage control policy tool box eID client assesses evidences on interferences (for each system)
  • 22. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 22 Privacy Forensics Problem: Trust relationship leading to non-cooperating equilibrium due to unknown liability Increasing trust by coordinating and measuring privacy control for acceptable equilibriums Privacy forensics Privacy control Data provenanceOptimization Usage control policy tool box Privacy is an evidence for reliable data processing. New German national ID card can be used as a trust anchor for privacy in social networks eID client assesses evidences on interferences (for each system)
  • 23. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 23 Key Messages •  PersoApp open source software library needs to be migrated to mobility to support Web 3.0 and Web 4.0 •  Data provenance to detect misuse of identity, since misuse cannot be completely prevented •  Privacy control with non-linkable delegation of rights based on the new German national ID card to detect misuse of identity •  Privacy forensics to decide on liability of misuse of identity, since misuse can be malicious or originate from a hidden dependency
  • 24. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 24 Requirements for privacy in social networks III. PersoApp: Call for Participation Online identification of the new German nation ID card Technologies -  Delegation of rights -  Sticky policies -  Monitor for isolation -  Data provenance -  Mobility -  … PersoApp Open Source Community Data Usage Model Data provider d d, d‘Data consumer Data provider Topics -  Mobility -  Disclosure of personal/sensitive data to third parties -  Measurement of isolation of information flows -  Risk scenarios -  Isolation patterns by authorization for data usage with data protection schemes -  Risk awareness, acceptance, and coordination Data consumer Feedback Feedback Use Case Services of social networks -  Citizens -  Service providers -  … Regulations -  BSI technical guidelines -  PAuswG and PAuswV -  Data protection act -  … Deriving requirements for privacy
  • 25. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 25 Call for Apps •  Identity control •  Privacy control •  Privacy forensics eID client for social networks supporting •  User-oriented requirement identification by survey •  Development of use case in particular for Apps •  Open source software library for online identification •  Integration of extensions by feature requests •  Guidelines for integrating and evaluating PersoApp software library in Apps •  Dissemination by workshops, talks, teaching, and PersoApp Internet portal We offer •  Apps for, e.g., mobile participation in a social network •  Security and privacy requirements of service providers and service users We are interested in Get in contact via www.persoapp.de
  • 26. Prof. Dr. Ahmad-Reza Sadeghi and Dr. Sven Wohlgemuth PersoApp – Secure and User-Friendly Internet Applications. Trust in Identity 26 Cooperate via PersoApp! Twitter at https://www.twitter.com/persoapp •  Publication of news and interaction about PersoApp E-Mail Listings •  Contact: persoapp@trust.cased.de •  Project leaders: persoapp-projects@trust.cased.de •  Software developers: persoapp-devel@trust.cased.de • Project members: persoapp-broadcast@trust.cased.de • Steering committee: persoapp-steering@trust.cased.de • Advisory board: persoapp-advisory@trust.cased.de Code Repository at https://persoapp.googlecode.com/ •  SVN repository •  Issue tracker Internet Portal at https://www.persoapp.de •  Forum •  Pre-Release •  Demo and test service •  Documentation •  Event calendar

Editor's Notes

  1. Zu I. Electronic Identities Wertschöpfung (utility) mit elektronischen Identitäten Sicherheitseigenschaften der Online-Ausweisfunktion des neuen Personalausweises Von Identitaetfeststellung zur Authentifikation (Die Guten sind drin und die Boesen draussen) zu Identitaetsfeststellung zur Erkennung von Stoerungen und deren Ursachen (Grenzen verschwinden; Code und Daten sind mobil)
  2. Screenshot von DETECTIVE fuer die Demo „Gesundheit“ zeigen
  3. Screenshot von DETECTIVE fuer die Demo „Gesundheit“ zeigen
  4. - Isolation ist IT-Sicherheit und eine Variante der Privatsphäre - Hier Privacy einfuehren und gleichzusetzen mit vereinbarter Datennutzung
  5. - Screenshot zu Detective - Screenshot zu Google und Facebook
  6. Aussage: - Beispiele für Vorteile eines daten-orientierten Systems: persönlicher Nutzen durch personalisierte Dienstleistung (Webbeschreibung) und Dienstleistung des Gesamtsystems (Echtzeit-Navigation) Informationsfluss zwischen Teilnehmer an einem adaptiven IT-System Persönlicher Wert und zusätzlicher Wert durch Dienstleistung des Gesamtsystems Schutz des eigenen IT-Systems, um an einem Netzwerk teilzunehmen bzw. es zu betreiben, und damit Schutz der eigenen Daten und Daten der Kooperationspartner Anomalien im Informationsfluss basierend auf der Online-Ausweisfunktion mit dem neuen Personalausweis erkennen, um eine Aussage über die Kooperationspartner zu machen