Global ETD Search

1	Outsourced Private Information Retrieval with Pricing and Access Control Huang, Yizhou 15 May 2013 (has links) We propose a scheme for outsourcing Private Information Retrieval (PIR) to untrusted servers while protecting the privacy of the database owner as well as that of the database clients. We observe that by layering PIR on top of an Oblivious RAM (ORAM) data layout, we provide the ability for the database owner to perform private writes, while database clients can perform private reads from the database even while the owner is offline. We can also enforce pricing and access control on a per-record basis for these reads. This extends the usual ORAM model by allowing multiple database readers without requiring trusted hardware; indeed, almost all of the computation in our scheme during reads is performed by untrusted cloud servers. Built on top of a simple ORAM protocol, we implement a real system as a proof of concept. Our system privately updates a 1 MB record in a 16 GB database with an average end-to-end overhead of 1.22 seconds and answers a PIR query within 3.5 seconds over a 2 GB database. We make an observation that the database owner can always conduct a private read as an ordinary database client, and the private write protocol does not have to provide a "read" functionality as a standard ORAM protocol does. Based on this observation, we propose a second construction with the same privacy guarantee, but much faster. We also implement a real system for this construction, which privately writes a 1 MB record in a 1 TB database with an amortized end-to-end response time of 313 ms. Our first construction demonstrates the fact that a standard ORAM protocol can be used for outsourcing PIR computations in a privacy-friendly manner, while our second construction shows that an ad-hoc modification of the standard ORAM protocol is possible for our purpose and allows more efficient record updates. Privacy Enhancing Technology Applied Cryptography Computer Science
2	Outsourced Private Information Retrieval with Pricing and Access Control Huang, Yizhou 15 May 2013 (has links) We propose a scheme for outsourcing Private Information Retrieval (PIR) to untrusted servers while protecting the privacy of the database owner as well as that of the database clients. We observe that by layering PIR on top of an Oblivious RAM (ORAM) data layout, we provide the ability for the database owner to perform private writes, while database clients can perform private reads from the database even while the owner is offline. We can also enforce pricing and access control on a per-record basis for these reads. This extends the usual ORAM model by allowing multiple database readers without requiring trusted hardware; indeed, almost all of the computation in our scheme during reads is performed by untrusted cloud servers. Built on top of a simple ORAM protocol, we implement a real system as a proof of concept. Our system privately updates a 1 MB record in a 16 GB database with an average end-to-end overhead of 1.22 seconds and answers a PIR query within 3.5 seconds over a 2 GB database. We make an observation that the database owner can always conduct a private read as an ordinary database client, and the private write protocol does not have to provide a "read" functionality as a standard ORAM protocol does. Based on this observation, we propose a second construction with the same privacy guarantee, but much faster. We also implement a real system for this construction, which privately writes a 1 MB record in a 1 TB database with an amortized end-to-end response time of 313 ms. Our first construction demonstrates the fact that a standard ORAM protocol can be used for outsourcing PIR computations in a privacy-friendly manner, while our second construction shows that an ad-hoc modification of the standard ORAM protocol is possible for our purpose and allows more efficient record updates. Privacy Enhancing Technology Applied Cryptography Computer Science
3	Network Performance Improvements for Low-Latency Anonymity Networks Al-Sabah, Mashael January 2013 (has links) While advances to the Internet have enabled users to easily interact and exchange information online, they have also created several opportunities for adversaries to prey on users’ private information. Whether the motivation for data collection is commercial, where service providers sell data for marketers, or political, where a government censors, blocks and tracks its people, or even personal, for cyberstalking purposes, there is no doubt that the consequences of personal information leaks can be severe. Low-latency anonymity networks have thus emerged as a solution to allow people to surf the Internet without the fear of revealing their identities or locations. In order to provide anonymity to users, anonymity networks route users’ traffic through several intermediate relays, which causes unavoidable extra delays. However, although these networks have been originally designed to support interactive applications, due to a variety of design weaknesses, these networks offer anonymity at the expense of further intolerable performance costs, which disincentivize users from adopting these systems. In this thesis, we seek to improve the network performance of low-latency anonymity networks while maintaining the anonymity guarantees they provide to users today. As an experimentation platform, we use Tor, the most widely used privacy-preserving network that empowers people with low-latency anonymous online access. Since its introduction in 2003, Tor has successfully evolved to support hundreds of thousands of users using thousands of volunteer-operated routers run all around the world. Incidents of sudden increases in Tor’s usage, coinciding with global political events, confirm the importance of the Tor network for Internet users today. We identify four key contributors to the performance problems in low-latency anonymity networks, exemplified by Tor, that significantly impact the experience of low-latency application users. We first consider the lack of resources problem due to the resource-constrained routers, and propose multipath routing and traffic splitting to increase throughput and improve load balancing. Second, we explore the poor quality of service problem, which is exacerbated by the existence of bandwidth-consuming greedy applications in the network. We propose online traffic classification as a means of enabling quality of service for every traffic class. Next, we investigate the poor transport design problem and propose a new transport layer design for anonymous communication networks which addresses the drawbacks of previous proposals. Finally, we address the problem of the lack of congestion control by proposing an ATM-style credit-based hop-by-hop flow control algorithm which caps the queue sizes and allows all relays to react to congestion in the network. Our experimental results confirm the significant performance benefits that can be obtained using our privacy-preserving approaches. Anonymity network Tor performance Privacy-Enhancing Technology Computer Science
4	Network Performance Improvements for Low-Latency Anonymity Networks Al-Sabah, Mashael January 2013 (has links) While advances to the Internet have enabled users to easily interact and exchange information online, they have also created several opportunities for adversaries to prey on users’ private information. Whether the motivation for data collection is commercial, where service providers sell data for marketers, or political, where a government censors, blocks and tracks its people, or even personal, for cyberstalking purposes, there is no doubt that the consequences of personal information leaks can be severe. Low-latency anonymity networks have thus emerged as a solution to allow people to surf the Internet without the fear of revealing their identities or locations. In order to provide anonymity to users, anonymity networks route users’ traffic through several intermediate relays, which causes unavoidable extra delays. However, although these networks have been originally designed to support interactive applications, due to a variety of design weaknesses, these networks offer anonymity at the expense of further intolerable performance costs, which disincentivize users from adopting these systems. In this thesis, we seek to improve the network performance of low-latency anonymity networks while maintaining the anonymity guarantees they provide to users today. As an experimentation platform, we use Tor, the most widely used privacy-preserving network that empowers people with low-latency anonymous online access. Since its introduction in 2003, Tor has successfully evolved to support hundreds of thousands of users using thousands of volunteer-operated routers run all around the world. Incidents of sudden increases in Tor’s usage, coinciding with global political events, confirm the importance of the Tor network for Internet users today. We identify four key contributors to the performance problems in low-latency anonymity networks, exemplified by Tor, that significantly impact the experience of low-latency application users. We first consider the lack of resources problem due to the resource-constrained routers, and propose multipath routing and traffic splitting to increase throughput and improve load balancing. Second, we explore the poor quality of service problem, which is exacerbated by the existence of bandwidth-consuming greedy applications in the network. We propose online traffic classification as a means of enabling quality of service for every traffic class. Next, we investigate the poor transport design problem and propose a new transport layer design for anonymous communication networks which addresses the drawbacks of previous proposals. Finally, we address the problem of the lack of congestion control by proposing an ATM-style credit-based hop-by-hop flow control algorithm which caps the queue sizes and allows all relays to react to congestion in the network. Our experimental results confirm the significant performance benefits that can be obtained using our privacy-preserving approaches. Anonymity network Tor performance Privacy-Enhancing Technology Computer Science
5	Polar: proxies collaborating to achieve anonymous web browsing Tillwick, Heiko Mark 05 July 2007 (has links) User tracking and profiling is a growing threat to online privacy. Whilst Internet users can choose to withhold their personal information, their Internet usage can still be traced back to a unique IP address. This study considers anonymity as a strong and useful form of privacy protection. More specifically, we examine how current anonymity solutions suffer from a number of deficiencies: they are not commonly used, are vulnerable to a host of attacks or are impractical or too cumbersome for daily use. Most anonymity solutions are centralised or partially centralised and require trust in the operators. It is additionally noted how current solutions fail to promote anonymity for common Web activities such as performing online search queries and general day-to-day Web browsing. A primary objective of this research is to develop an anonymising Web browsing protocol which aims to be (1) fully distributed, (2) offer adequate levels of anonymity and (3) enable users to browse the Internet anonymously without overly complex mixing techniques. Our research has led to an anonymising protocol called Polar. Polar is a peer-to-peer network which relays Web requests amongst peers before forwarding it to a Web server, thus protecting the requester's identity. This dissertation presents the Polar model. Design choices and enhancements to the model are discussed. The author's implementation of Polar is also presented demonstrating that an implementation of Polar is feasible. / Dissertation (MSc (Computer Science))--University of Pretoria, 2007. / Computer Science / unrestricted Anonymous web browsing Privacy-enhancing technology Proxies UCTD
6	"Patterns": Stories Glenn, Brittany Rose 05 1900 (has links) A collection of short stories exploring patterns that play out in people's lives and relationships. Interpersonal communication attachment patterns intimate relationships scapegoat privacy and technology
7	New Surveillance Technologies and the Invasion of Privacy Rights Simsek, Yilmaz 08 1900 (has links) Definition of privacy has changed by the changes and improvements in information and surveillance technologies. These changes and improvement need new legal decisions for new kinds of privacy invasions. This study explores the scope of privacy right, particularly when a technological surveillance has occurred by law enforcement agencies. It focuses in particular on increasing law enforcements' surveillance technologies and devices that have the potential to impact citizens' information privacy. These increasing changes in surveillance technologies have important implications both for law enforcements and citizens. This study also discusses increasing law enforcement surveillance for the public's security, changes of the laws that allow law enforcements to use new surveillance powers as a war on terrorism, and the citizens concerns of information privacy. A particular attention is given to the recent public opinion surveys which show citizens' increasing privacy concerns. Finally, a set of recommendations to figure out security-privacy debate and reduce the privacy concerns of the citizens is offered. Privacy, Right of. Intelligence service. Information privacy privacy and technology privacy concerns protections of privacy
8	Designing for user awareness and usability : An evaluation of authorization dialogs on a mobile device Lindegren, Daniel January 2017 (has links) Personal data is often disclosed with every registration, sharing, or request of an online service. With the increased usage of things connected to the Internet, users' information being collected and stored, the risks related to unknowingly sharing personal data increases. Sharing of personal information is a sensitive subject and can hurt people’s assets, dignity, personal integrity and other social aspects. In general, users’ concerns have grown regarding protecting their personal information which has led to the development of multiple privacy-oriented systems. In scenarios where users are logging onto a website or system, they rarely notice, understand or have desire to read the conditions to which they are implicitly agreeing. These systems are often referred to as identity management systems or single sign-on systems. Recent studies have shown that users are not aware of what data transactions take place by using various authentication solutions. It is critical for these types of system dealing with privacy that researchers examine users' understanding of the concepts through interface design. The purpose of this study is to investigate the usability and user awareness of data transactions for identity management systems on mobile devices by constructing and evaluating different design concepts. Therefore, four different mobile prototypes were designed (called CREDENTIAL Wallet) and explored to measure the usability and also the user awareness of users’ disclosures. 20 usability tests were conducted per prototype. Multiple conclusions can be drawn from this study. The findings showed that the drag-and-drop prototype scored a high user awareness score in terms of participants remembering their shared data and having a good idea of them not sharing more data than they had actually shared. Consequently, the drag-and-drop prototype achieved the highest usability result. A prototype that utilized swiping was created to fit the mobile medium. The prototype showed the highest user awareness score in the context of participants stating what data they had shared. However, people using the swiping prototype thought they were sharing more data than they actually were. Data show that users have an incorrect mental model of the sharing of their fingerprint pattern. Finally, the writing concerns recommendations and challenges of identity management systems – e.g. the importance of tutorial screens. Future studies within the CREDENTIAL project are already underway concerning users' incorrect mental model of sharing fingerprint to the service provider side. / CREDENTIAL User awareness data transaction usability usable privacy privacy enhancing technology identity management system CREDENTIAL mobile Human Computer Interaction
9	Kontrola aktivit partnera na dálku v prostředí nových médií / Monitoring of long distance relationship's partner activity in the context of new media Plecitá, Pavlína January 2020 (has links) The text of the thesis deals with controlling, monitoring, tracking and analyzing an individual's online activities by another person and the influence of this Internet behavior on its reflection in reality. The theoretical part deals with relevant issues from the field of ethics, psychology, theory of computer communication and theory of privacy and technological supervision. The practical part is focused on qualitative analysis of behavior of individuals living in long distance relationships and their strategies for using new media as a means to control the activity of their faraway partner.
10	Towards Automated Negotiation : A qualitative study on privacy preferences Huang, Zhiqian, Mrška, Dalibor January 2023 (has links) Users have limited knowledge and control over their data, while needing personalization-based services that are requesting their data. The Automated Privacy Negotiation Agent (APNA) model is brought up as a solution by assisting users’ privacy management with less effort, but more accurate options. To bring insights for APNA to gather requirements from different users, this research described how users have been managing their privacy settings and consenting, and their preferences when it comes to their data processing through semi-structured interviews. We conducted interviews on 11 participants with different levels of motivation and knowledge to enhance privacy, from ages 21 to 35, living in Jönköping, Sweden. By thematic analysis we identified and described 5 types of behaviour and how users have articulated their considerations behind each of the 5 types of behaviour. We found 22 privacy preferences of users when it comes to how their data should be collected, stored, and used. These could be considered as required options to be implemented in the preference set-up. online privacy privacy preferences automated privacy negotiation privacy settings privacy-enhancing technology consenting behaviour personal data Övrig annan teknik

Search results