50,989 research outputs found
Data Minimisation in Communication Protocols: A Formal Analysis Framework and Application to Identity Management
With the growing amount of personal information exchanged over the Internet,
privacy is becoming more and more a concern for users. One of the key
principles in protecting privacy is data minimisation. This principle requires
that only the minimum amount of information necessary to accomplish a certain
goal is collected and processed. "Privacy-enhancing" communication protocols
have been proposed to guarantee data minimisation in a wide range of
applications. However, currently there is no satisfactory way to assess and
compare the privacy they offer in a precise way: existing analyses are either
too informal and high-level, or specific for one particular system. In this
work, we propose a general formal framework to analyse and compare
communication protocols with respect to privacy by data minimisation. Privacy
requirements are formalised independent of a particular protocol in terms of
the knowledge of (coalitions of) actors in a three-layer model of personal
information. These requirements are then verified automatically for particular
protocols by computing this knowledge from a description of their
communication. We validate our framework in an identity management (IdM) case
study. As IdM systems are used more and more to satisfy the increasing need for
reliable on-line identification and authentication, privacy is becoming an
increasingly critical issue. We use our framework to analyse and compare four
identity management systems. Finally, we discuss the completeness and
(re)usability of the proposed framework
A Bayesian Approach to Identify Bitcoin Users
Bitcoin is a digital currency and electronic payment system operating over a
peer-to-peer network on the Internet. One of its most important properties is
the high level of anonymity it provides for its users. The users are identified
by their Bitcoin addresses, which are random strings in the public records of
transactions, the blockchain. When a user initiates a Bitcoin-transaction, his
Bitcoin client program relays messages to other clients through the Bitcoin
network. Monitoring the propagation of these messages and analyzing them
carefully reveal hidden relations. In this paper, we develop a mathematical
model using a probabilistic approach to link Bitcoin addresses and transactions
to the originator IP address. To utilize our model, we carried out experiments
by installing more than a hundred modified Bitcoin clients distributed in the
network to observe as many messages as possible. During a two month observation
period we were able to identify several thousand Bitcoin clients and bind their
transactions to geographical locations
User-Relative Names for Globally Connected Personal Devices
Nontechnical users who own increasingly ubiquitous network-enabled personal
devices such as laptops, digital cameras, and smart phones need a simple,
intuitive, and secure way to share information and services between their
devices. User Information Architecture, or UIA, is a novel naming and
peer-to-peer connectivity architecture addressing this need. Users assign UIA
names by "introducing" devices to each other on a common local-area network,
but these names remain securely bound to their target as devices migrate.
Multiple devices owned by the same user, once introduced, automatically merge
their namespaces to form a distributed "personal cluster" that the owner can
access or modify from any of his devices. Instead of requiring users to
allocate globally unique names from a central authority, UIA enables users to
assign their own "user-relative" names both to their own devices and to other
users. With UIA, for example, Alice can always access her iPod from any of her
own personal devices at any location via the name "ipod", and her friend Bob
can access her iPod via a relative name like "ipod.Alice".Comment: 7 pages, 1 figure, 1 tabl
Compromising Tor Anonymity Exploiting P2P Information Leakage
Privacy of users in P2P networks goes far beyond their current usage and is a
fundamental requirement to the adoption of P2P protocols for legal usage. In a
climate of cold war between these users and anti-piracy groups, more and more
users are moving to anonymizing networks in an attempt to hide their identity.
However, when not designed to protect users information, a P2P protocol would
leak information that may compromise the identity of its users. In this paper,
we first present three attacks targeting BitTorrent users on top of Tor that
reveal their real IP addresses. In a second step, we analyze the Tor usage by
BitTorrent users and compare it to its usage outside of Tor. Finally, we depict
the risks induced by this de-anonymization and show that users' privacy
violation goes beyond BitTorrent traffic and contaminates other protocols such
as HTTP
Human dynamics revealed through Web analytics
When the World Wide Web was first conceived as a way to facilitate the
sharing of scientific information at the CERN (European Center for Nuclear
Research) few could have imagined the role it would come to play in the
following decades. Since then, the increasing ubiquity of Internet access and
the frequency with which people interact with it raise the possibility of using
the Web to better observe, understand, and monitor several aspects of human
social behavior. Web sites with large numbers of frequently returning users are
ideal for this task. If these sites belong to companies or universities, their
usage patterns can furnish information about the working habits of entire
populations. In this work, we analyze the properly anonymized logs detailing
the access history to Emory University's Web site. Emory is a medium size
university located in Atlanta, Georgia. We find interesting structure in the
activity patterns of the domain and study in a systematic way the main forces
behind the dynamics of the traffic. In particular, we show that both linear
preferential linking and priority based queuing are essential ingredients to
understand the way users navigate the Web.Comment: 7 pages, 8 figure
The Development of British Commercial and Political Networks in the Straits Settlements 1800 to 1868: The Rise of a Colonial and Regional Economic Identity?
This paper examines the growth of the British commercial communities in the Straits Settlements in the first half of the nineteenth century. It describes how they emerged as a coherent commercial and political interest group, separate from the Indian empire, with their own network of allies and commercial partners in Britain. As such, the Straits merchants emerged as a significant political lobby in their own right. It contends that in the process, they revived earlier notions of Southeast Asia as a discrete geographical region, in which political and ethnic diversity was bridged by the flourishing of maritime commercial networks
The Intersections of Biological Diversity and Cultural Diversity: Towards Integration
There is an emerging recognition that the diversity of life comprises both biological and cultural diversity. In the past, however, it has been common to make divisions between nature and culture, arising partly out of a desire to control nature. The range of interconnections between biological and cultural diversity are reflected in the growing variety of environmental sub-disciplines that have emerged. In this article, we present ideas from a number of these sub-disciplines. We investigate four bridges linking both types of diversity (beliefs and worldviews, livelihoods and practices, knowledge bases and languages, and norms and institutions), seek to determine the common drivers of loss that exist, and suggest a novel and integrative path forwards. We recommend that future policy responses should target both biological and cultural diversity in a combined approach to conservation. The degree to which biological diversity is linked to cultural diversity is only beginning to be understood. But it is precisely as our knowledge is advancing that these complex systems are under threat. While conserving nature alongside human cultures presents unique challenges, we suggest that any hope for saving biological diversity is predicated on a concomitant effort to appreciate and protect cultural diversity
- …