Addressing the Location in Spontaneous Networks Enabling BOTH: Privacy and E-Commerce Design by Moritz Strasser 1
Disappearing computers Trends Mobility and Spontaneous Networks (MANET = Mobile Ad hoc Network) E-Commerce 2
UC Paradigm Spontane Vernetzung: Überall, alles, jederzeit Privacy? 3
Security: Authenticity, Trust: Identity IDENTITY AUTHENTICITY shopping behavior criminal record family status vita / career health finances Name Server ID Information - marriage - children -divorce -etc. - income - credit lines - insurances - real estate -etc. 4
Security: Authenticity, Trust: Identity Privacy: Right of disposition Trust Predictability of subjects actions through identity IDENTITY shopping behavior criminal record family status vita / carrer health finances Privacy Disposition about collection, access, transformation and distribution of private data? reputation i? reputation j? reputation k Security AUTHENTICITY Reference: Holger Eggs, Günter Müller: Security and Trust, Added Value for E-Commerce, Berlin 2001 Name Server ID Information 5
Desired... Protecting the identity in a spontaneous network of small mobile devices (Privacy!). Remaining anonymous during roaming and information retrieval. Revealing the identity not until the exchange of values (i.e. not until authentication and other security mechanisms are really necessary). 6
Classical Means to Protect the Identity Mixes (Chaum) Onion Routing (Goldschlag, Reed, Syverson) Crowds (Reiter and Rubin) Hordes (Shields, Levine) Anonymizer: Proxies... They all have one severe disadvantage: They need a complex infrastructure! 7
Device Privacy Diamond Action Action Action t Location Location Location t User The Diamond shows how to cope with Pervasive Computing! 8
Relationships in the Privacy Diamond Relationships can be strengthened or weakened! Strengthen to from Action Action Location Which action was performed at the location? Device Which action was performed with this device? User Which action was performed by the user? Weaken Accountability Privacy Location Device User From where was the action initiated? Which device have been used? Which user performed the action? Which device was at the location? Which user was at the location? Where was the device? Which user operated the device? Where was the user? Which device did the user use? 9
Strengthen: PKI in the Internet Action [[ a ]] CA Device [[ d ]] CA CA Location [[ l l ]] User [[ u ]] 10
Strengthen: Location Stamp Action [[ a ]] CA CA Device [[ d ]] CA Location [[ l l ]] CA User [[ u ]] 11
Relationships that threaten Privacy Action [[ a ]] Device [[ d ]] Location [[ l l ]] User [[ u ]] RED: Privacy threatened! 12
Device [[ d ]] Mixes in the Internet Requires a Complexe Infrastructure Action [[ a ]] Location [[ l l ]] User [[ u ]] Trying to weaken [Device Action]! 13
Internet Café Action [[ a ]] Device [[ d ]] Location [[ l l ]] User [[ u ]] Trying to weaken [User Location]! 14
Location Addressing Action [[ a ]] Device [[ d ]] Location [[ l l ]] User [[ u ]] [Device Location] is weakened for a mobile user! 15
Natural Pseudonym Location/Time Asahi Shinbun und BZ? Asahi Shinbun und BZ! Anonymity partially possible Controlled transparency 16
Transactional Security Mobile Device 1. Request Shop / Service Provider 2. Value without certificate, Nonce 3. Token based money, signed Nonce 4. Certificate to unlock value A = Atomicity: all or none C = Consistency: valid state to valid state I = Isolation: no concurrent access to same data D = Durability: changes are permanent 17