privacy in cyber space
DESCRIPTION
hoiuyituiyurtyTRANSCRIPT
1
DEEPAK SINGH TOMARDepartment of Computer Science & Engineering
Maulana Azad National Institute of Technology (M.A.N.I.T) Bhopal , Madhya Pradesh
Privacy inCyber Space
Computer SecuritySecure computing platform, designed so that agents (users or programs) can only perform actions that have been allowed. This involves specifying and implementing a security. Computer security is the effort to create a policy
Information SecurityInformation security is not confined to computer systems, nor to information in an electronic or machine-readable form. It applies to all aspects of safeguarding or protecting informationor data, in whatever form.Network SecurityProtection of networks and their services from unauthorized modification, destruction, or disclosure, and provision of assurance that the network performs its critical functions correctly and there are no harmful side-effects.
2
Information Protection
�Information are an important strategic and operational asset for any organization
� Damages and misuses of information affect not only a single user or an application; they may have disastrous consequences on the entire organization
� Additionally, the advent of the Internet as well as networking capabilities has made the access to information much easier
Information Security: Examples
�Consider a payroll database in a corporation, it must be ensured that:
�Salaries of individual employees are not disclosed to arbitrary users of the database
�Salaries are modified by only those individuals that are properly authorized
�Paychecks are printed on time at the end ofeach pay period
3
Information Security: Examples
In a military environment, it is important that:� the target of a missile is not given to an
unauthorized user� the target is not arbitrarily modified� the missile is launched when it is fired
Information Security - main requirements
Confidentiality - it refers to information protection from unauthorized read operations the term privacy is often used when data to be protected refer to individuals
Integrity - it refers to information protection from modifications; it involves several goals:
� Assuring the integrity of information with respect to the original information (relevant especially in web environment) – often referred to as authenticity
� Protecting information from unauthorized modifications� Protecting information from incorrect modifications
referred to as semantic integrityAvailability - it ensures that access to information is not
denied to authorized subjects
4
Information Security –additional requirements
�Information Quality – it is not considered traditionally as part of information security but it is very relevant
�Completeness – it refers to ensure that subjects receive all information they are entitled to access, according to the stated security policies
Information Security – How?
Information must be protected at various levels:
� The operating system� The network� The data management system� Physical protection is also important
5
Information Security – Mechanisms
�Confidentiality is enforced by the access control mechanism
�Integrity is enforced by the access control mechanism and by the semantic integrity constraints
� Availability is enforced by the recovery mechanism and by detection techniques for DoS attacks – an example of which is query flood
Information Security – How?Additional mechanisms
�User authentication - to verify the identity of subjects wishing to access the information
�Information authentication - to ensure information authenticity - it is supported by signature mechanisms
� Encryption - to protect information when being transmitted across systems and when being stored on secondary storage
�Intrusion detection – to protect against impersonation of legitimate users and also against insider threats
6
Data vs Information
�Computer security is about controlling access to information and resources
�Controlling access to information can sometimes be quite elusive and it is often replaced by the more straight forward goal of controlling access to data
�The distinction between data and information is subtle but it is also the root of some of the more difficult problems in computer security
� Data represents information. Information is the (subjective) interpretation of data
Data vs Information
7
Data vs Information
�Protecting information means to protect not only the data directly representing the information
�Information must be protected also against transmissions through:
� Inference� It is typical of database systems�It refers to the derivation of sensitive
information from non sensitive data
Components of a Security Policy
�Who can use resources �Proper use of the resources �Granting access & use �System Administrator privileges �User rights & responsibilities �What to do with sensitive information �Desired security configurations of systems
8
Policies and Mechanisms
Policy says what is, and is not, allowed– This defines “security” for the information• Mechanisms enforce policies• Composition of policies– If policies conflict, discrepancies may
create security vulnerabilities
Attacks, Services and Attacks, Services and MechanismsMechanisms
�Security Attack: Any action that compromises the security of information.
�Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.
�Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.
9
Security AttacksSecurity Attacks
�Interruption: This is an attack on availability
�Interception: This is an attack on confidentiality
�Modification: This is an attack on integrity
�Fabrication: This is an attack on authenticity
Security AttacksSecurity Attacks
10
Security AttacksSecurity Attacks
• Interruption: This is an attack on availability• Interception: This is an attack on
confidentiality• Modification: This is an attack on integrity• Fabrication: This is an attack on authenticity
Security ServicesSecurity Services
� Confidentiality (privacy)
� Authentication (who created or sent the data)
� Integrity (has not been altered)
�Non-repudiation (the order is final)
� Access control (prevent misuse of resources)
� Availability (permanence, non-erasure)
� Denial of Service Attacks
� Virus that deletes files
11
12
Methods of Methods of DefenceDefence
�Encryption�Software Controls (access limitations in a data base, in operating system protect each user from other users)
�Hardware Controls (smartcard)�Policies (frequent changes of passwords)
�Physical Controls
Basic Terminology
� plaintext - the original message � ciphertext - the coded message � cipher - algorithm for transforming plaintext to
ciphertext� key - info used in cipher known only to sender/receiver � encipher (encrypt) - converting plaintext to ciphertext� decipher (decrypt) - recovering ciphertext from
plaintext� cryptography - study of encryption principles/methods� cryptanalysis (codebreaking) - the study of principles/
methods of deciphering ciphertext without knowing key� cryptology - the field of both cryptography and
cryptanalysis
13
14
Privacy
Privacy is the ability of a person to control the availability of information about and exposure of him- or herself.
�Where is my data?�How is it used?�Who sees it?�Is anything private anymore?
Privacy
�Additionally, the advent of theInternet as well as networking capabilities has made theaccess to information much easier.
�Damages and misuses of information affect not only a single user or an application; they may have disastrous consequences on the entire organization
15
Privacy in Cyberspace
�The Internet offers many benefits: �Electronic mail�instant messaging�Chat rooms
�Internet also creates many threats to our personal privacy.
YOU
Searchengine
Ad
Search formedical
information
BookStore
Ad
Buy book
With cooperationfrom book store, ad
company can get your name and address from
book order andlink them to your search
Readcookie
Setcookie
16
Cookies
• Cookies can be useful– used like a staple to attach multiple parts
of a form together– used to identify you when you return to a
web site so you don’t have to remember a password
– used to help web sites understand how people use them
• Cookies can be harmful– used to profile users and track their
activities without their knowledge, especially across web sites
17
Karen’s Cookie Viewer:- The Tool will automatically start analyzing
the cookies and give you the result
18
19
Detection of XSS require the correlation of event recorded by
Web Server logs
Browser logs
Windows event log
Cross Side Scripting
( XSS)
Cross Side
Scripting ( XSS)
20
<script>document.location="hack.html"</script>
Cross Side
Scripting ( XSS)
SQL Injection Attack
Web applications take user input from a formOften this user input is used literally in the construction of a SQL query submitted to a database. For example:
SELECT productdata FROM table WHERE productname = ‘ user input product name’;
• A SQL injection attack involves placing SQL statements in the user input
21
SQL InjectionAttack
Enter 100
12' or '1'='1
(OR condition pass as parameterto make where clause true “)
22
Firewall Limitation
23
Multi-step attack involve group of action where some of these actions may be legitimate but when combine together constitute malicious activity.
Code Injection attack is a type multi-step attack which is carried out by suspicious user via entering vulnerable code into web form or address bar of browser
Multi-Step Attack
Code Injection Attack Scenario
AttackerVictim
Vulnerable Web Site
2. Post malicious Code Onweb Site Suggestionbox/Guest book
3. Browse the malicious Code posted on web site
1. Find Vulnerable web Site
4. Cookies & Private information stolen
24
Information Security:Solution
25
PrivacyHow Did They Get My Data?
• Loans• Charge accounts• Orders via mail• Magazine subscriptions• Tax forms• Applications for
schools, jobs, clubs
• Insurance claim• Hospital stay• Sending checks• Fund-raisers• Advertisers• Warranties• Military draft
registration• Court petition
PrivacyHow Did They Get My Data?
26
Information Protection
�Protecting information means to protect not only the data directly representing the information
�Information must be protected also against transmissions through:
� Inference� It is typical of database systems�It refers to the derivation of sensitive
information from non sensitive data
27
Inference - Example
Assume that there is a policy stating that the average grade of a single student cannot be disclosed; however statistical summaries can be disclosed Suppose that an attacker knows that Carol is a female CS
PET ( Privacy Enhancing Technology)
� PET = Privacy Enhancing Technology – technology that enhances user control and removes personal identifiers �Users want free Privacy�Hundreds of new technologies developed
�Cf. Electronic Privacy Info Center -www.Epic.org
� 4 categories of PETs:�Encryption Tools (e.g., SSL)�Filtering Tools (e.g., Cookie Cutters, Spyware)�Anonymity Tools (e.g., Anonymizer, iPrivacy)�Policy Tools (e.g., P3P, TRUSTe)
28
Encryption Tools� Encryption tools
� File encryption� Email encryption� Encrypted network connections� Examples: SSL, PGP, Encryptionizer
� Pros:Inexpensive (free) / Easily accessible
� Cons:� Encryption Software isn’t used unless it is built-i n to the
software� Both parties need to use the same software
� Conclusions:� Easy access� All parties need to use the same tool� Good start but not sufficient enough
Encryption tools�File encryption�Email encryption
– available as plug-ins– Web-based encrypted email
• Email that self-destructs – Disappearing, Inc.
�Encrypted network connections– Secure socket layer (SSL)– Secure shell (SSH)– Virtual private networks
29
Disappearing, Inc.
Filtering ToolsCookies Cutter• Programs that prevent browsers
from exchanging cookies• Can block:
• Cookie /Pop-ups• http headers that reveal sensitive info• Banner ads / Animated graphics• Spywar
• Spyware Killer– Spyware programs gather info and send it to
websites– Downloaded without user knowledge
30
Anonymity
Anonymity is derived from the Greek word ανωνυµία, meaning "without a name" or "namelessness". In colloquial use, the term typically refers to a pers on, and often means that the personal identity, or personally identifiable information of that person i s not known.
"anonymous message"The term "anonymous message" typically refers to message (which is, for example, transmitted over some form of a network) that does not carry any information about its sender and its intended recipient. It is therefore unclear if multiple such messages have been sent by the same sender or if they have the same intended recipient.
Email spoofing :A spoofed email is one that appears to originate from one source but actually has been sent from another source .
Anonymous Remailer. These systems either give you an anonymous address, to which other people can send you mail, which is then forwarded to your real address (this is sometimes referred to as a pseudonymousserver
ANONYMITY
31
Anonymizing proxy
�Acts as a proxy for users�Hides information from end servers
�Sees all web traffic�Free and subscription services available�Some free services add advertisements to web
pages
ProxyBrowserEnd
Server
Request Request
ReplyReply
32
http://www.anonymizer.com
Pseudonymity tools
quote.com
nytimes.com
expedia.com
mfjh
asef
dsfdf
Proxy
Automatically generate user names, passwords,email addresses, etc. unique to each web site you visit
username
Enable users to communicate anonymously
Mask the IP address and personal info
33
Autonomy Enhancing Technology � Examples:
• Anonymizer, Freedom by Zero Knowledge
� No user information is stored by anybody but its “owner”
� User has complete control
� Anonymizer:– One of the first PETs– Not concerned with transaction security– Provides anonymity by:
• Routing through a proxy server• Software to manage security at the “owner’s” PC
– Erases cookies and log files, pop-up blocker, kills Spyware, unlisted IP
Steps for email forging
Start the shell prompt or the command line and type the command below:
C:\telnet www.manit.ac.in 25
34
Once you are connected to the email daemon of a remote mail server, you would to greeted with a message similar to the following
Steps for email forging
Now you can type the various commands for making forged mail
�Help
�Helo
�Mail from
�Rcpt to
�Data
Steps for email forging
35
Steps for email forging
�Each time an email is sent on the internet it not only carries the message body but also transmit relevant information on the path taken by it, this information is known as email header
�The most effective and easiest way to trace and email forging is to analyze its email header
Email Spoofing / Email Forging
36
Email Spoofing / Email Forging
37
Fakesend.com(to send fake mails)
Delivered-To: [email protected] Received: by 10.115.55.2 with SMTP id h2cs59002wak; Wed, 8 Apr 2009 10:38:05 -0700 (PDT) Received: by 10.210.53.5 with SMTP id b5mr3667848eba.12.1239212284303; Wed, 08 Apr 2009 10:38:04 -0700 (PDT) Return-Path: <[email protected]> Received: from Bumba.profithost.net ([89.248.172.66]) by mx.google.com with ESMTP id 8si8244998ewy.109.2009.04.08.10.38.03; Wed, 08 Apr 2009 10:38:04 -0700 (PDT) Received-SPF: neutral (google.com: 89.248.172.66 is neither permitted nor denied by domain of [email protected]) client-ip=89.248.172.66; Authentication-Results: mx.google.com; spf=neutral (google.com: 89.248.172.66 is neither permitted nor denied by domain of [email protected]) [email protected]: from localhost ([127.0.0.1] helo=fakesend.com) by Bumba.profithost.net with esmtp (Exim 4.67) (envelope-from <[email protected]>) id 1Lrcf9-0007hi-8i for [email protected]; Wed, 08 Apr 2009 13:38:15 -0500 Date: Wed, 8 Apr 2009 13:38:15 -0500 To: [email protected] From: drmanmohan singh <[email protected]> Subject: appointment Message-ID: <[email protected]> X-Priority: 3 X-Mailer: PHPMailer [version 1.73] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="iso-8859-1" congaratulation.............
EMAIL HEADER
38
headertool.apelord.com
39
40
CUSTOMER PC
Public Identity Private IdentityJohn Doe iPrivacy ABCDEF1 MAIN ST 1 dQg85xP26Kansas City, KS Kansas City, KS11122 11122Doe@ isp .com [email protected]
iPrivacy private shipping labels
WEB FORM
Name : iPrivacy ABCDEFAddress:: 1 dQg85xP26
City : Kansas CityState : KSZip : 11122Email : ABCDEF @iPrivacy.com
WEB e- Tailer
Order Entry SystemSubmit Credit Card
If Authorized Ship Product
Shipping SubsystemInput Private Identity
Decode AddressPRINT LABEL
iPrivacy ABCDEF
1 MAIN ST
Kansas City, KS 11122
41
Incogno SafeZoneThe merchant offers Incogno SafeZone from its site
Upon checkout, the buyer enters personal information into The Incogno SafeZone – a separate server.
Incogno SafeZoneIncogno reinforces that the purchase is anonymous.
The anonymous purchase is complete with no added software installation or setup for the buyer.
42
Privacy policies
�Policies let consumers know about site’s privacy practices
�Consumers can then decide whether or not practices are acceptable, when to opt-in or opt-out, and who to do business with
�The presence or privacy policies increases consumer trust
Policies
Policy says what is, and is not, allowed– This defines “security” for the information
Component of a security Policy� Who can use resources � Proper use of the resources � Granting access & use � System Administrator privileges � User rights & responsibilities � What to do with sensitive information � Desired security configurations of systems
43
Policy Tools
• P3P (Platform for Privacy Preferences)– Developed by World Wide Web Consortium– Usage:
• Users declare their privacy policy on their browsers• Websites register their policy with Security agencies• The website policy is compared with user policy and the
browser makes automated decisions
– Benefits:• Might help uncover privacy gaps for websites• Can block cookies or prevent access to some sites
– Built into IE 6.0 and Netscape 7 as of July 2002
Privacy policy problems
BUT policies are often �difficult to understand �hard to find�take a long time to read�change without notice
44
Basic P3P Concepts
useragent
user datarepository
preferences
service
proposal
agreementuser
datapractices
Must include disclosures in every required area
Can include as much or as little information as a site wants
Precisely scopedSometimes difficult for users to determine boundaries of what it applies to and when it might change
User agent controls presentationWeb site controls presentation
Limited ability to provide detailed explanations
Easy to provide detailed explanations
Designed to be read by a computerDesigned to be read by a human
P3P policyPrivacy policy
45
46
Regulatoryand
self-regulatoryframework
Regulatoryand
self-regulatoryframework
ServiceUser
The Internet
Secure channel
P3P user agent
Cookie cutter
Anonymizing agent
47
"Private" Services
� Virtually all online services offer some sort of "private" activity that allows subscribers to send personal e-mail messages to others.
� The federal Electronic Communications Privacy Act (ECPA) makes it unlawful under certain circumstances for someone to read or disclose the contents of an electronic communication.
� But, ECPA is a complicated law and contains many exceptions.
Some exceptions to the ECPA:
� The online service may view private e-mail if it suspects the sender is attempting to damage the system or harm another user.
� The service may legally view and disclose private e-mail if either the sender or the recipient of the message consents to the inspection or disclosure.
� If the e-mail system is owned by an employer, the employer may inspect the contents of employee e-mail on the system.
� Services may be required to disclose private information in response to a court order or subpoena
48
Privacy in Cyberspace
• The Internet offers many benefits: – Web sites provide a vast world of information,
entertainment, and shopping at our fingertips.– Electronic mail, instant messaging, and chat rooms
enable us to communicate with friends, family, and strangers in ways we never dreamed of a decade ago.
• But the Internet also creates many threats to our personal privacy.
Online Communications
� Information sent over this vast global network may pass through dozens of different computer systems on the way to its destination.
� Each of these systems is operated by its own administrator and may be capable of capturing and storing online communications.
� Furthermore, Our online activities can potentially be monitored by Internet Service Provider (ISP) and by web sites that you visit
49
Public Activities
• Newsgroups.– For example, a message you post to a public
newsgroup or forum is available for anyone to view, copy, and store.
– In addition, your name, electronic mail (e-mail) address, and information about your service provider are usually available for inspection as part of the message itself.
– Before you post a message to a public forum, ask yourself if want an employer or family member to be able to read your posting in years to come.
• List serves.– Other public activities may allow message to be
sent to multiple recipients.
– Online newsletters and "listserves" are sent to a mailing list of subscribers.
– If you wish to privately reply to an individual who has posted a message in an online newsletter or listserve, be sure you address it specifically to that person's address, not to the newsletter address.
Public Activities
50
Public ActivitiesSubscriber directories.
�Most ISPs provide online member directories that publicly list all subscribers to the service.
�Some of these directories may list additional personal information. Most service providers will allow users to remove their information from these directories upon request.
�Be aware that some service providers may sell their membership lists to direct marketers.
• Domain registration.– Many individuals obtain their own website
name, called domain names, for example, www.XYZfamily.org.
– Domain registrations are public information. Anyone can look up the owner of a domain name online by using a service such as www.checkdomain.com or www.internic.net/whois.html.
– Don't use personal e-mail or home address information when you register for a personal domain name.
Public Activities
51
52
�Do not use public terminals :- Publicly-available Internet terminals are not likely to be closely supervised to ensure online privacy and security. They are used by many individuals every day.
�Create passwords with nonsensical combinations of upper and lower case letters, numbers and symbols, for example tY8%uX.
Protect privacy in cyberspace?
53
Protect privacy in cyberspace?
� Look for the privacy policy of the online services you use. . If you are not satisfied with the policy, or if there is no policy or seal logo posted, avoid using the site.
� Check your browser's cookie settings.
� Shop around. Investigate new services before using them. Post a question about a new service in a dependable forum or newsgroup.
�Do not provide sensitive personal information
�Be cautious of "start-up" software that registers you as a product user and makes an initial connection to the service for you. Typically, these programs require you to provide financial account data or other personal information, and then upload this information automatically to the service.
�Use a pseudonym and a non descriptive e-mail address when you participate in public forums.
Protect my privacy in cyberspace
54
� The "delete" command does not make your e-mail messages disappear..
� Your online biography , if you create one, may be searched system-wide or
� remotely "fingered" by anyone. If for any reason you need to safeguard your identity, don't create an online "bio.“
� If you publish information on a personal web page , note that marketers and others may collect your address, phone number, e-mail address and other information that you provide. If you are concerned about your personal privacy, be discreet in your personal web site.
Protect my privacy in cyberspace
USBdevices pluggedinto thismachine
55
56
57
58
59
60
Firewall log
61
References
1.Privacy Enhancing Technologies (PET), Bobby Vellanki Computer Science Dept. Yale University Oct . 2003
2.Overview of Information Security Elisa BertinoCERIAS and CS &ECE Departments Purdue University.
3.Online Privacy Technologies Dr. Lorrie Faith Cranor AT&T Labs-Research
62
ByDEEPAK SINGH TOMAR
Deptt. of Computer Science & Engg.M.A.N.I.T. , Bhopal
Email :[email protected]