Privacy and Identity Management in a Layered Pervasive Service Platform

Making pervasive computing reality is a challenging task mainly due to the multitude of functional requirements and technological constraints. In parallel to the honourable research progress in specific technologies, the Daidalos project assessed that in future there will be the need for a pervasive service platform with open interfaces in order to simplify service development and provisioning. The success of such a platform depends on the balance of different aspects, e.g. operational costs with revenue potentials, collection of personal data for context-awareness with privacy protection, manual control and transparency with enhanced user experience and simplicity. In this paper we show the Daidalos approach to privacy protection and identity management for a future pervasive service platform and its architecture. We show how user identities are structured to support dynamic context information while following regulations for privacy protection in Europe. Special focus is put on the trade-off between access control for privacy protection and user experience. This is achieved by automated identity selection, automatic derivation of fine-grained access control policies and their deployment. We also present gathered performance data and implementation details of our ID Broker concept

Privacidade em redes de próxima geração

Doutoramento em Engenharia InformáticaIn the modern society, communications and digital transactions are becoming the norm rather than the exception. As we allow networked computing devices into our every-day actions, we build a digital lifestyle where networks and devices enrich our interactions. However, as we move our information towards a connected digital environment, privacy becomes extremely important as most of our personal information can be found in the network. This is especially relevant as we design and adopt next generation networks that provide ubiquitous access to services and content, increasing the impact and pervasiveness of existing networks. The environments that provide widespread connectivity and services usually rely on network protocols that have few privacy considerations, compromising user privacy. The presented work focuses on the network aspects of privacy, considering how network protocols threaten user privacy, especially on next generation networks scenarios. We target the identifiers that are present in each network protocol and support its designed function. By studying how the network identifiers can compromise user privacy, we explore how these threats can stem from the identifier itself and from relationships established between several protocol identifiers. Following the study focused on identifiers, we show that privacy in the network can be explored along two dimensions: a vertical dimension that establishes privacy relationships across several layers and protocols, reaching the user, and a horizontal dimension that highlights the threats exposed by individual protocols, usually confined to a single layer. With these concepts, we outline an integrated perspective on privacy in the network, embracing both vertical and horizontal interactions of privacy. This approach enables the discussion of several mechanisms to address privacy threats on individual layers, leading to architectural instantiations focused on user privacy. We also show how the different dimensions of privacy can provide insight into the relationships that exist in a layered network stack, providing a potential path towards designing and implementing future privacy-aware network architectures.Na sociedade moderna, as comunicações e transacções digitais estão a tornar-se a regra e não a excepção. À medida que permitimos a intromissão de dispositivos electrónicos de rede no nosso quotidiano, vamos construíndo um estilo de vida digital onde redes e dispositivos enrirquecem as nossas interacções. Contudo, ao caminharmos para um ambiente digital em rede, a nossa privacidade vai-se revestindo de maior importãncia, pois a nossa informação pessoal passa a encontrar-se cada vez mais na rede. Isto torna-se particularmente relevante ao adoptarmos redes de próxima geração, que permitem acesso ubíquo a redes, serviços e conteúdos, aumentando o impacte e pervasividade das redes actuais. Os ambientes onde a conectividade e os serviços se tornam uma constante, assentam em protocolos de rede que normalmente contemplam poucas considerações sobre privacidade, comprometendo desta forma o utlizador. O presente trabalho centra-se nos aspectos de privacidade que dizem respeito à rede devido à forma como os protocolos são utilizados nas diferentes camadas, e que resultando em ameaças à privacidade do utilizador. Abordamos especificamente os identificadores presentes nos protocolos de rede, e que são essenciais à sua função. Neste contexto exploramos a possibilidade destes identificadores comprometerem a privacidade do utilizador através da informação neles contida, bem como das relações que podem ser estabelecidas entre identificadores de diferentes protocolos. Após este estudo centrado nos identificadores, mostramos como a privacidade em redes pode ser explorada ao longo de duas dimensões: uma dimensão que acentua as relações verticais de privacidade, cruzando vários protocolos até chegar ao utilizador, e uma dimensão horizontal que destaca as ameaças causadas por cada protocolo, de forma individual, normalmente limitadas a uma única camada. Através destes conceitos, mostramos uma visão integrada de privacidade em redes, abrangendo tanto as interacçoes de privacidade verticais como as horizontais. Esta visão permite discutir vários mecanismos para mitigar ameaças específicas a cada camada de rede, resultando em instânciações arquitecturais orientadas à privacidade do utilizador. Finalmente, mostramos como as diferentes dimensões de privacidade podem fornecer uma visão diferente sobre as relações estabelecidas na pilha protocolar que assenta em camadas, mostrando um caminho possível para o desenvolvimento de futuras arquitecturas de rede com suporte para privacidade

Security and Privacy Enablers for Future Identity Management Systems

Abstract: In recent years, Identity Management (IdM) has gained a lot of attention in industry, standardisation and academia. In particular, a couple of research projects, like Daidalos or Prime, have invested considerable effort to bring IdM forward, to take advantage of features like improved usability and security. Nevertheless, there are important issues that have not been addressed so far. The SWIFT project leverages IdM as a key technology of the Future Internet, tackling problems like the integration of the network and application layer from an IdM perspective as well as the use of electronic identity cards. Moreover, aspects like the integration of several user devices, backward compatibility and a new access control infrastructure are required by future IdM solutions. We consider all these aspects by extending existing IdM solutions with six new security and privacy enablers that are part of the overall SWIFT framework. These enablers have been partially implemented towards a new IdM architecture. First evaluation results of the implementation are promising to pave the way towards future IdM solutions

Segurança e privacidade em terminologia de rede

Security and Privacy are now at the forefront of modern concerns, and drive a significant part of the debate on digital society. One particular aspect that holds significant bearing in these two topics is the naming of resources in the network, because it directly impacts how networks work, but also affects how security mechanisms are implemented and what are the privacy implications of metadata disclosure. This issue is further exacerbated by interoperability mechanisms that imply this information is increasingly available regardless of the intended scope. This work focuses on the implications of naming with regards to security and privacy in namespaces used in network protocols. In particular on the imple- mentation of solutions that provide additional security through naming policies or increase privacy. To achieve this, different techniques are used to either embed security information in existing namespaces or to minimise privacy ex- posure. The former allows bootstraping secure transport protocols on top of insecure discovery protocols, while the later introduces privacy policies as part of name assignment and resolution. The main vehicle for implementation of these solutions are general purpose protocols and services, however there is a strong parallel with ongoing re- search topics that leverage name resolution systems for interoperability such as the Internet of Things (IoT) and Information Centric Networks (ICN), where these approaches are also applicable.Segurança e Privacidade são dois topicos que marcam a agenda na discus- são sobre a sociedade digital. Um aspecto particularmente subtil nesta dis- cussão é a forma como atribuímos nomes a recursos na rede, uma escolha com consequências práticas no funcionamento dos diferentes protocols de rede, na forma como se implementam diferentes mecanismos de segurança e na privacidade das várias partes envolvidas. Este problema torna-se ainda mais significativo quando se considera que, para promover a interoperabili- dade entre diferentes redes, mecanismos autónomos tornam esta informação acessível em contextos que vão para lá do que era pretendido. Esta tese foca-se nas consequências de diferentes políticas de atribuição de nomes no contexto de diferentes protocols de rede, para efeitos de segurança e privacidade. Com base no estudo deste problema, são propostas soluções que, através de diferentes políticas de atribuição de nomes, permitem introdu- zir mecanismos de segurança adicionais ou mitigar problemas de privacidade em diferentes protocolos. Isto resulta na implementação de mecanismos de segurança sobre protocolos de descoberta inseguros, assim como na intro- dução de mecanismos de atribuiçao e resolução de nomes que se focam na protecçao da privacidade. O principal veículo para a implementação destas soluções é através de ser- viços e protocolos de rede de uso geral. No entanto, a aplicabilidade destas soluções extende-se também a outros tópicos de investigação que recorrem a mecanismos de resolução de nomes para implementar soluções de intero- perabilidade, nomedamente a Internet das Coisas (IoT) e redes centradas na informação (ICN).Programa Doutoral em Informátic

Parallel and Distributed Computing

The 14 chapters presented in this book cover a wide variety of representative works ranging from hardware design to application development. Particularly, the topics that are addressed are programmable and reconfigurable devices and systems, dependability of GPUs (General Purpose Units), network topologies, cache coherence protocols, resource allocation, scheduling algorithms, peertopeer networks, largescale network simulation, and parallel routines and algorithms. In this way, the articles included in this book constitute an excellent reference for engineers and researchers who have particular interests in each of these topics in parallel and distributed computing

Privacy and identity selection

Mestrado em Engenharia de Computadores e TelemáticaEste trabalho aborda algumas das tecnologias emergentes, que visam providenciar modelos com suporte para identidade, sobre a arquitectura da internet. Enquanto que tais propostas providenciam de facto modelos de identidade mais adequados para a Web 2.0, ignoram que a arquitectura sobre a qual assentam hão pode suportar os requisitos de privacidade necessários. A fim de demonstrar que é necessário providenciar garantias de privacidade nas camadas inferiores da arquitectura existentes, este trabalho apresenta uma implementação de demonstrac¸ ˜ao que explora vulnerabilidades da arquitectura existente a ataques de privacidade, assim como uma implementação que dá garantias de privacidade para múltiplas identidades. ABSTRACT: This work presents some of the technologies, that aim at introducing user centric identity models over the existing Internet architecture. While such technologies do provide suitable identity models for theWeb 2.0, they neglect that the underlying Internet architecture does not support the necessary privacy requirements for such models. As a demonstration that the underlying network layers must provide some privacy guarantees, this work presents an implementation that explores privacy vulnerabilities and proceeds to propose mechanisms that ensure privacy between multiple identities

Personalised privacy in pervasive and ubiquitous systems

Our world is edging closer to the realisation of pervasive systems and their integration in our everyday life. While pervasive systems are capable of offering many benefits for everyone, the amount and quality of personal information that becomes available raise concerns about maintaining user privacy and create a real need to reform existing privacy practices and provide appropriate safeguards for the user of pervasive environments. This thesis presents the PERSOnalised Negotiation, Identity Selection and Management (PersoNISM) system; a comprehensive approach to privacy protection in pervasive environments using context aware dynamic personalisation and behaviour learning. The aim of the PersoNISM system is twofold: to provide the user with a comprehensive set of privacy protecting tools and to help them make the best use of these tools according to their privacy needs. The PersoNISM system allows users to: a) configure the terms and conditions of data disclosure through the process of privacy policy negotiation, which addresses the current “take it or leave it” approach; b) use multiple identities to interact with pervasive services to avoid the accumulation of vast amounts of personal information in a single user profile; and c) selectively disclose information based on the type of information, who requests it, under what context, for what purpose and how the information will be treated. The PersoNISM system learns user privacy preferences by monitoring the behaviour of the user and uses them to personalise and/or automate the decision making processes in order to unburden the user from manually controlling these complex mechanisms. The PersoNISM system has been designed, implemented, demonstrated and evaluated during three EU funded projects

Virtual Network Stacks

In this paper, we get inspiration from peer to peer file sharing networks to provide a new way of inter-networking. In our proposal, nodes having access to multiple network types can share their networking resources with other peers residing in networks with different protocols and (potentially) different addressing schemes. Such neighbor nodes will form a peer to peer overlay backbone; the purpose of it being to offer to applications and protocols access to remote network stacks that their running hosts do not implement or have no direct access to. This creates RPC-like access to foreign network stacks well in line with a federation approach that avoids introducing a global overlay for integrating heterogeneous networks