Claudio Agostino Ardagna

Location privacy protection through obfuscation-based techniques

The widespread adoption of mobile communication devices combined with technical improvements of location technologies are fostering the development of a new wave of applications that manage physical positions of individuals to offer location-based services for business, social or informational purposes. As an effect of such innovative services, however, privacy concerns are increasing, calling for more sophisticated solutions for providing users with different and manageable levels of privacy. In this work, we propose a way to express users privacy preferences on location information in a straightforward and intuitive way. Then, based on such location privacy preferences, we discuss a new solution, based on obfuscation techniques, which permits us to achieve, and quantitatively estimate through a metric, different degrees of location privacy.

An Obfuscation-Based Approach for Protecting Location Privacy

The pervasive diffusion of mobile communication devices and the technical improvements of location techniques are fostering the development of new applications that use the physical position of users to offer location-based services for business, social, or informational purposes. In such a context, privacy concerns are increasing and call for sophisticated solutions able to guarantee different levels of location privacy to the users. In this paper, we address this problem and present a solution based on different obfuscation operators that, when used individually or in combination, protect the privacy of the location information of users. We also introduce an adversary model and provide an analysis of the proposed obfuscation operators to evaluate their robustness against adversaries aiming to reverse the obfuscation effects to retrieve a location that better approximates the location of the users. Finally, we present some experimental results that validate our solution.

A privacy-aware access control system

The protection of privacy is an increasing concern in our networked society because of the growing amount of personal information that is being collected by a number of commercial and public services. Emerging scenarios of user-service interactions in the digital world are then pushing toward the development of powerful and flexible privacy-aware models and languages. This paper aims at introducing concepts and features that should be investigated to fulfill this demand. We identify different types of privacy-aware policies: access control, release and data handling policies. The access control policies govern access/release of data/services managed by the party (as in traditional access control), and release policies govern release of personal identifiable information (PII) of the party and specify under which conditions it can be disclosed. The data handling policies allow users to specify and communicate to other parties the policy that should be enforced to deal with their data. We also discuss how data handling policies can be integrated with traditional access control systems and present a privacy control module in charge of managing, integrating, and evaluating access control, release and data handling policies.

Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project

We conduct more and more of our daily interactions over electronic media. The EC-funded project PRIME (Privacy and Identity Management for Europe) envisions that individuals will be able to interact in this information society in a secure and safe way while retaining control of their privacy. The project had set out to prove that existing privacy-enhancing technologies allow for the construction of a user-controlled identity management system that comes surprisingly close to this vision. This paper describes two key elements of the PRIME identity management systems: anonymous credentials and policy languages that fully exploit the advanced functionality offered by anonymous credentials. These two key elements enable the users to carry out transactions, e.g., over the Internet, revealing only the strictly necessary personal information. Apart from presenting for the first time these two key results, this paper also motivates the need for privacy enhancing identity management, gives concrete requirements for such a system and then describes the key principles of the PRIME identity management solution.

From Security to Assurance in the Cloud: A Survey

The cloud computing paradigm has become a mainstream solution for the deployment of business processes and applications. In the public cloud vision, infrastructure, platform, and software services are provisioned to tenants (i.e., customers and service providers) on a pay-as-you-go basis. Cloud tenants can use cloud resources at lower prices, and higher performance and flexibility, than traditional on-premises resources, without having to care about infrastructure management. Still, cloud tenants remain concerned with the cloud’s level of service and the nonfunctional properties their applications can count on. In the last few years, the research community has been focusing on the nonfunctional aspects of the cloud paradigm, among which cloud security stands out. Several approaches to security have been described and summarized in general surveys on cloud security techniques. The survey in this article focuses on the interface between cloud security and cloud security assurance. First, we provide an overview of the state of the art on cloud security. Then, we introduce the notion of cloud security assurance and analyze its growing impact on cloud security approaches. Finally, we present some recommendations for the development of next-generation cloud security and assurance solutions.

Map-Based Location and Tracking in Multipath Outdoor Mobile Networks

Technical enhancements of mobile technologies are paving the way to the definition of high-quality and accurate geolocation solutions based on data collected and managed by GSM/3G networks. We present a technique that provides geolocation and mobility prediction both at network and service level, does not require any change to the existing mobile network infrastructure, and is entirely performed on the mobile network side, making it more robust than other positioning systems with respect to location spoofing and other terminal-based security threats. Our approach is based on a novel database correlation technique over Received Signal Strength Indication (RSSI) data, and provides a geolocation and tracking technique based on advanced map- and mobility-based filtering. The performance of the geolocation algorithm has been carefully validated by an extensive experimentation, carried out on real data collected from the mobile network antennas of a complex urban environment.

Expressive and Deployable Access Control in Open Web Service Applications

Traditional access control solutions, based on preliminary identification and authentication of the access requester, are not adequate for the context of open web service systems, where servers generally do not have prior knowledge of the requesters. The research community has acknowledged such a paradigm shift and several investigations have been carried out for new approaches to regulate access control in open dynamic settings. Typically based on logic, such approaches, while appealing for their expressiveness, result not applicable in practice, where simplicity, efficiency, and consistency with consolidated technology are crucial. The eXtensible Access Control Markup Language (XACML) has established itself as the emerging technological solution for controlling access in an interoperable and flexible way. Although supporting the most common policy representation mechanisms and having acquired a significant spread in the research community and the industry, XACML still suffers from some limitations which impact its ability to support actual requirements of open web-based systems. In this paper, we provide a simple and effective formalization of novel concepts that have to be supported for enforcing the new access control paradigm needed in open scenarios, toward the aim of providing an expressive solution actually deployable with todays technology. We illustrate how the concepts of our model can be deployed in the XACML standard by exploiting its extension points for the definition of new functions, and introducing a dialog management framework to enable access control interactions between web service clients and servers.

A Web Service Architecture for Enforcing Access Control Policies

Web services represent a challenge and an opportunity for organizations wishing to expose product and services offerings through the Internet. The Web service technology provides an environment in which service providers and consumers can discover each other and conduct business transactions through the exchange of XML-based documents. However, any organization using XML and Web Services must ensure that only the right users, sending the appropriate XML content, can access their Web Services. Access control policy specification for controlling access to Web services is then becoming an emergent research area due to the rapid development of Web services in modern economy. This paper is an effort to understand the basic concepts for securing Web services and the requirements for implementing secure Web services. We describe the design and implementation of a Web service architecture for enforcing access control policies, the overall rationale and some specific choices of our design are discussed.

An XACML-based privacy-centered access control system

The widespread diffusion of the Internet as the platform for accessing distributed services makes available a huge amount of personal data, and a corresponding concern and demand from users, as well as legislation, for solutions providing users with form of control on their data. Responding to this requirement raises the emerging need of solutions supporting proper information security governance, allowing enterprises managing user information to enforce restrictions on information acquisition as well as its processing and secondary use. While the research community has acknowledged this emerging scenario, and research efforts are being devoted to it, current technologies provide still limited solutions to the problem. In this paper, we illustrate our effort in pursuing the goal of bringing information security governance restrictions deployable in current organizational contexts. Considering the large success and application of XACML, we extend the XACML architecture and modules complementing them with functionalities for effective credential-based management and privacy support. Our proposal combines XACML with PRIME, a novel solution supporting privacy-aware access control, resulting in an infrastructure that provides the flexible access functionality of XACML enriched with the data governance and privacy features of PRIME.

Open Source Systems Security Certification

Open Source Advances in Computer Applications book series provides timely technological and business information for: Enabling Open Source Systems (OSS) to become an integral part of systems and devices produced by technology companies; Inserting OSS in the critical path of complex network development and embedded products, including methodologies and tools for domain-specific OSS testing (lab code available), plus certification of security, dependability and safety properties for complex systems; Ensuring integrated systems, including OSS, meet performance and security requirements as well as achieving the necessary certifications, according to the overall strategy of OSS usage on the part of the adopter. The first attempt to create a standard for security certification of software dates back to 1985 with the creation of the TCSEC standard, commonly referred to as Orange Book (USDoD 1985) in the US. In the following years, the need of such a certification also emerged in other countries, leading to the creation of similar local security certification such as ITSEC in Europe (ITSEC 1991) and CTCPEC in Canada (CSE 1993). Since these certifications are totally independent from each other, the cost of certifying software at an international level was obviously high. This was one of the key factors that led to the creation of an international standard for software security certification. Open Source Systems Security Certification discusses Security Certification Standards and establishes the need to certify open source tools and applications. This includes the international standard for the certification of IT products (software, firmware and hardware) Common Criteria (ISO/IEC 15408) (CC 2006), a certification officially adopted by the governments of 18 nations, including United States, Germany, France, UK and Italy. Without security certification, open source tools and applications are neither secure nor trustworthy. Open Source Systems Security Certification also addresses and analyzes the urgency of security certification for security-sensible markets, such as telecommunications, government and the military through provided case studies. Open Source Systems Security Certification is designed for professionals, consultants and companies trying to implement an OSS-aware IT governance strategy, SMEs looking for a way to attract new markets traditionally held by proprietary products (e.g., network security and operation centers, Linux-based network switching systems) or to reduce costs. OSS development communities wishing to ensure their products become part of dynamically composed complex systems will find this volume invaluable. This book is also suitable for researchers and advanced-level students in computer science.