22,108 research outputs found
Internet Localization of Multi-Party Relay Users: Inherent Friction Between Internet Services and User Privacy
Internet privacy is increasingly important on the modern Internet. Users are
looking to control the trail of data that they leave behind on the systems that
they interact with. Multi-Party Relay (MPR) architectures lower the traditional
barriers to adoption of privacy enhancing technologies on the Internet. MPRs
are unique from legacy architectures in that they are able to offer privacy
guarantees without paying significant performance penalties. Apple's iCloud
Private Relay is a recently deployed MPR service, creating the potential for
widespread consumer adoption of the architecture. However, many current
Internet-scale systems are designed based on assumptions that may no longer
hold for users of privacy enhancing systems like Private Relay. There are
inherent tensions between systems that rely on data about users -- estimated
location of a user based on their IP address, for example -- and the trend
towards a more private Internet.
This work studies a core function that is widely used to control network and
application behavior, IP geolocation, in the context of iCloud Private Relay
usage. We study the location accuracy of popular IP geolocation services
compared against the published location dataset that Apple publicly releases to
explicitly aid in geolocating PR users. We characterize geolocation service
performance across a number of dimensions, including different countries, IP
version, infrastructure provider, and time. Our findings lead us to conclude
that existing approaches to IP geolocation (e.g., frequently updated databases)
perform inadequately for users of the MPR architecture. For example, we find
median location errors >1,000 miles in some countries for IPv4 addresses using
IP2Location. Our findings lead us to conclude that new, privacy-focused,
techniques for inferring user location may be required as privacy becomes a
default user expectation on the Internet
Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments
Decentralized systems are a subset of distributed systems where multiple
authorities control different components and no authority is fully trusted by
all. This implies that any component in a decentralized system is potentially
adversarial. We revise fifteen years of research on decentralization and
privacy, and provide an overview of key systems, as well as key insights for
designers of future systems. We show that decentralized designs can enhance
privacy, integrity, and availability but also require careful trade-offs in
terms of system complexity, properties provided, and degree of
decentralization. These trade-offs need to be understood and navigated by
designers. We argue that a combination of insights from cryptography,
distributed systems, and mechanism design, aligned with the development of
adequate incentives, are necessary to build scalable and successful
privacy-preserving decentralized systems
Privacy Architectures: Reasoning About Data Minimisation and Integrity
Privacy by design will become a legal obligation in the European Community if
the Data Protection Regulation eventually gets adopted. However, taking into
account privacy requirements in the design of a system is a challenging task.
We propose an approach based on the specification of privacy architectures and
focus on a key aspect of privacy, data minimisation, and its tension with
integrity requirements. We illustrate our formal framework through a smart
metering case study.Comment: appears in STM - 10th International Workshop on Security and Trust
Management 8743 (2014
Next Generation Cloud Computing: New Trends and Research Directions
The landscape of cloud computing has significantly changed over the last
decade. Not only have more providers and service offerings crowded the space,
but also cloud infrastructure that was traditionally limited to single provider
data centers is now evolving. In this paper, we firstly discuss the changing
cloud infrastructure and consider the use of infrastructure from multiple
providers and the benefit of decentralising computing away from data centers.
These trends have resulted in the need for a variety of new computing
architectures that will be offered by future cloud infrastructure. These
architectures are anticipated to impact areas, such as connecting people and
devices, data-intensive computing, the service space and self-learning systems.
Finally, we lay out a roadmap of challenges that will need to be addressed for
realising the potential of next generation cloud systems.Comment: Accepted to Future Generation Computer Systems, 07 September 201
Using P3P in a web services-based context-aware application platform
This paper describes a proposal for a privacy control architecture to be applied in the WASP project. The WASP project aims to develop a context-aware service platform on top of 3G networks, using web services technology. The proposed privacy control architecture is based on the P3P privacy policy description standard defined by W3C. The paper identifies extensions to P3P and its associated preference expression language APPEL that are needed to operate in a context-aware environment
- …