Identity-Based Privacy
(IBP)
07/2013
Privacy
• associated with Western culture, English and North
American in particular
• strong ties with freedom and liberty...
Types of Privacy
• Individual privacy: Individuals
• Organizational privacy: Corp, Government, Family, …
• Shared privacy:...
Cloud Computing, Data Security and
Information Privacy
• Cloud Computing & Security – meet very well
• Cloud Computing & P...
Privacy preserving
Encryption is one of the most effective
information protection techniques.
• Security - Data at Rest En...
Privacy preserving - existing solutions
• PKI – Public-Key Infrastructure
• PGP – Pretty Good Privacy
• IBE – Identity-Bas...
Privacy preserving - existing solutions
(cont.)
Drawbacks:
• PKI – very expensive, usability
• PGP – usability
• IBE – str...
Identity-Based Privacy (IBP)
A lightweight alternative to PKI/PGP/IBE systems
• Internet of Things – a Personal Key Ring
s...
IBP - Technical background
• Identity Provider – email address as identifier
• Authentication – OpenID Connect/OAuth2
• On...
IBP - Technical background (cont.)
Client-side zero-knowledge encryption:
• All users' data are encrypted on the client si...
Business model
Customer
User Agent
(Browser)

Data/App Provider

Google, Microsoft, Oracle, AWS

Identity Provider +
Encry...
IBP - Pros
• usability (no passwords, no certificates)
• no certificates management
(creation, storage, distribution, revo...
IBP - Cons
• online solution
• master key security
Business Opportunities
•
•
•
•
•
•
•
•
•
•
•

Data Storage / Sharing
Health Records / Medical Data Sharing
Big Data
Data B...
Featured links
• www.leadict.com
• igi64.github.io
Upcoming SlideShare
Loading in …5
×

Identity-Based Privacy (IBP)

623 views

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
623
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
7
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Identity-Based Privacy (IBP)

  1. 1. Identity-Based Privacy (IBP) 07/2013
  2. 2. Privacy • associated with Western culture, English and North American in particular • strong ties with freedom and liberty • unknown in some cultures • the word Privacy is missing in some languages My attempt to define Privacy Ability of an individual or group to govern level of information disclosure about themselves.
  3. 3. Types of Privacy • Individual privacy: Individuals • Organizational privacy: Corp, Government, Family, … • Shared privacy: Among all of the above-mentioned
  4. 4. Cloud Computing, Data Security and Information Privacy • Cloud Computing & Security – meet very well • Cloud Computing & Privacy – contradictory Privacy is the issue! • Business information • Personal information
  5. 5. Privacy preserving Encryption is one of the most effective information protection techniques. • Security - Data at Rest Encryption, Data in Transit Encryption • Privacy - Data in Use Encryption
  6. 6. Privacy preserving - existing solutions • PKI – Public-Key Infrastructure • PGP – Pretty Good Privacy • IBE – Identity-Based Encryption • PKI, PGI – it’s more about key management then encryption • IBE – heavy mathematics
  7. 7. Privacy preserving - existing solutions (cont.) Drawbacks: • PKI – very expensive, usability • PGP – usability • IBE – strong patents
  8. 8. Identity-Based Privacy (IBP) A lightweight alternative to PKI/PGP/IBE systems • Internet of Things – a Personal Key Ring separated from cloud application and data storage • User Agent – only there meet your encryption key, application and data • Identity Management – the gateway to your privacy
  9. 9. IBP - Technical background • Identity Provider – email address as identifier • Authentication – OpenID Connect/OAuth2 • One-Time Identity-Based Key Generator • Identity encryption key generated from identity • Identity-Based Encryption[1] • Data encryption key encrypted by identity encryption key 1. a simple HMAC-SHA/AES(GCM) symmetric encryption, not the type of public-key encryption as stated on Wikipedia
  10. 10. IBP - Technical background (cont.) Client-side zero-knowledge encryption: • All users' data are encrypted on the client side and never touch servers in a plain form. • Cloud data storage provider has zero knowledge of the encryption keys. • Key generator server has zero knowledge of users' data.
  11. 11. Business model Customer User Agent (Browser) Data/App Provider Google, Microsoft, Oracle, AWS Identity Provider + Encryption Key Generator home or corp. computer, tablet, smartph one
  12. 12. IBP - Pros • usability (no passwords, no certificates) • no certificates management (creation, storage, distribution, revocation) • lost key prevention • IBE like features, key escrow/fair encryption, no need for receiver’s public key before encryption • no IBE revocation problem (online service)
  13. 13. IBP - Cons • online solution • master key security
  14. 14. Business Opportunities • • • • • • • • • • • Data Storage / Sharing Health Records / Medical Data Sharing Big Data Data Boxes Databases Reporting / Business Intelligence Management Information System e-mail eForms / Workflow Document Management / Workflow Internet of Things
  15. 15. Featured links • www.leadict.com • igi64.github.io

×