Georgios V. Lioudakis

Privacy-Aware Access Control and Authorization in Passive Network Monitoring Infrastructures

Despite the usefulness of passive network monitoring for the operation, maintenance, control and protection of communication networks, as well as law enforcement, network monitoring activities are surrounded by serious privacy implications. In this paper, an innovative approach for privacy-preserving authorization and access control to data originating from passive network monitoring is described. The proposed framework relies on an ontological model for the specification of the access control policies, which are evaluated and enforced on a two-phase and two-stage basis by a system that intercedes between the network link and the monitoring applications. The two stages refer to controlled access regarding both the data that are disclosed to the monitoring application from the mediating system and the raw data that the mediator retrieves from the network link. On the other hand, the two phases concern respectively the execution of “static” and “dynamic” control; the former enforces the rules that are a priori applicable, grounded on the data, role and purpose semantics, while the latter evaluates the real-time contextual parameters for the adaptation of the access control procedures to the particular conditions underlying a request.

On the use of Attribute-Based Encryption for multimedia content protection over Information-Centric Networks

Video streaming dominates the Internet traffic, a trend that is expected to increase in the next years. End users expect to access video content, regardless of their device, connection type and location. On the other hand, content providers set strict security requirements regarding the protection of their content, making up an overall difficult and challenging context for Over-the-Top service providers. A miscellany of proprietary approaches tries to address these issues, providing, however, only partial solutions, and composing a domain, highly fragmented by non-interoperable products. In this paper, we propose an architecture that utilises Information-Centric Networking ICN in order to provide scalable and efficient video distribution, and Attribute-Based Encryption ABE to securely distribute this content in the ICN environment. ABE is incorporated into Digital Rights Management DRM schemes. We present the video license acquisition process, with a focus on orchestrating multiple authorities; subsequently, the video distribution over ICN is demonstrated, and finally, we investigate user revocation techniques in the ABE and ICN context and adopt the most appropriate one. Copyright

A Proxy for Privacy: the Discreet Box

The issue of user privacy is constantly brought to the spotlight since an ever increasing number of online services collects and processes personal information from users, in the context of personalized service provision. Although technology makes the collection of data easy, their protection against abuse is left to data protection legislation. However, the privacy requirements, other than being general and abstract terms to be regarded as legislature issues, should be brought down in the technological reality and carefully accounted for in devising technical solutions. In order to limit the disclosure and avoid the misuse of personal data, this paper discusses an architectural proposal for a middleware system that will enforce protection of user privacy through technical means. This goal is facilitated by a combination of a policy framework, a sensible interpretation of regulations into policies and the introduction of a privacy broker, named the discreet box.

A privacy-aware access control model for distributed network monitoring

In this paper, we introduce a new access control model that aims at addressing the privacy implications surrounding network monitoring. In fact, despite its importance, network monitoring is natively leakage-prone and, moreover, this is exacerbated due to the complexity of the highly dynamic monitoring procedures and infrastructures, that may include multiple traffic observation points, distributed mitigation mechanisms and even inter-operator cooperation. Conceived on the basis of data protection legislation, the proposed approach is grounded on a rich in expressiveness information model, that captures all the underlying monitoring concepts along with their associations. The model enables the specification of contextual authorisation policies and expressive separation and binding of duty constraints. Finally, two key innovations of our work consist in the ability to define access control rules at any level of abstraction and in enabling a verification procedure, which results in inherently privacy-aware workflows, thus fostering the realisation of the Privacy by Design vision.

A semantic framework for privacy-aware access control

The issue of privacy is constantly brought to the spotlight since an ever increasing number of services collects and processes personal information from users. In fact, recent advances in mobile communications, location and sensing technologies and data processing are boosting the deployment of context-aware personalized services and the creation of smart environments but, at the same time, they pose a serious risk on individualspsila privacy rights. Being situated in the realms of legal and social studies, the notion of privacy is mainly left, concerning its protection, to legislation and service providerspsila self-regulation by means of privacy policies. However, all laws and codes of conduct are useless without enforcement. Based on this concept, this paper presents a framework conceived on the basis of privacy legislation. It uses a semantic model for the specification of privacy-aware data access rules and a middleware system which mediates between the service providers and the data sources and caters for the enforcement of the regulatory provisions.

A contextual privacy-aware access control model for network monitoring workflows: work in progress

Network monitoring activities are surrounded by serious privacy implications. The inherent leakage-proneness is harshened due to the increasing complexity of the monitoring procedures and infrastructures, that may include multiple traffic observation points, distributed mitigation mechanisms and even inter-operator cooperation. In this paper, we report a work in progress policy model that aims at addressing these concernes, by verifying access requests from network monitoring workflows, with privacy features already contained since their specification phase. We survey related work, outline some of their limitations, and describe an early version of our proposal.

Towards Privacy-Preserving Network Monitoring: Issues and Challenges

Passive network monitoring is required for the operation and maintenance of communication networks as well as to detect frauds and attacks. Typically, raw packet-level traffic traces are collected using suitable traffic probe devices and fed to monitoring applications (IDSs, antivirus, etc.) for analysis, with potential risks for the legitimate privacy rights of the customers. This paper aims to discuss the technical feasibility and the underlying research challenges of a two-tiered privacy-preserving network monitoring system, where carefully designed data protection mechanisms can coexist with suitably adapted monitoring applications.

An ontology-based approach towards comprehensive workflow modelling

In recent years, several mature workflow modelling technologies have emerged. Nevertheless, they all present certain expressiveness limitations concerning primarily two aspects: first, none of them manages to adequately capture all three core workflow perspectives, that is, control, data and resource; further, they typically are either data-centric or control flow oriented, being, therefore incapable of supporting domains that involve both execution patterns. In light of these issues, this study describes an innovative, highly expressive framework for workflow modelling, guided by the flexibility by design principle. Main characteristics of the proposed approach include the following: (i) it enables the comprehensive specification of workflow elements, providing extensive coverage of all aforementioned perspectives; (ii) it introduces the novel concept of assets, as a means for representing the entities being subject to the execution of workflow tasks; (iii) workflows are defined as ontologies; this, apart from the inherent benefits regarding formal semantics, offers also the advantage of their direct and transparent integration with an ontological information model; (iv) it allows the explicit modelling of both control and data flows, thus being suitable for applications based on either of them or both of them combined; and (v) its expressiveness provides for the in-design expression of sophisticated security constraints.

An access control approach for privacy-preserving passive network monitoring

Passive network monitoring is very useful for the operation, maintenance, control and protection of communication networks, while in certain cases it provides the authorities with the means for law enforcement. Nevertheless, the flip side of passive network monitoring activities is that they are natively surrounded by serious privacy implications. In this paper, an innovative approach for privacy-preserving access control to data originating from passive network monitoring is described. The proposed framework relies on an ontological model for the specification of the access control policies, which are evaluated and enforced on a two-phase and two-stage basis by a system that intercedes between the network link and the monitoring applications. The two stages refer to controlled access regarding both the data that are disclosed to the monitoring application from the mediating system and the raw data that the mediator retrieves from the network link. On the other hand, the two phases concern respectively the execution of “static” and “dynamic” control; the former enforces the rules that are a priori applicable, grounded on the data, role and purpose semantics, while the latter evaluates the real-time “privacy context” for the adaptation of the access control procedures to the particular conditions underlying a request.

On the design of a privacy aware authorization engine for collaborative environments

Business networking has substantially reshaped common enterprise procedures and has paved the way for the development of ground-breaking information sharing patterns and inter-organizational cooperative practices. Yet, critical issues still stand unaddressed; privacy and sensitive information confidentiality implications threaten to diminish the economic and social benefits derived from online collaboration. Nevertheless, privacy preservation refers to a multidimensional and cross-disciplinary subject, accompanied by both legal as well as technical challenges. In this context, this paper describes the design of a privacy-aware decision engine operating within synergistic contexts. Decision making regarding the production of authorizations and information usage rules is founded on a detailed privacy context and the enforcement of a deductive reasoning algorithm. The proposed reasoning process spans two distinct phases, taking into account an a priori perspective of the system while at the same time maintaining responsiveness in dynamic contexts.