Lothar Fritsch

A multilaterally secure, privacy-friendly location-based service for disaster management and civil protection

Information technology and modern challenges in civil protection create many questions concerning infrastructure security and reliability. In particular, mobile communications and the spread of mobile phones among citizens offer new opportunities of fine-grained disaster management using location based services (LBS). At the same time, location based services are regarded as very privacy-invading, and are regulated in many countries by law. In our article, we analyze the requirements of a LBS based disaster management scenario and propose a solution on how to build a privacy-friendly, multilaterally secure disaster management infrastructure based on robust, mobile phone infrastructures with high reachability of citizens and the possibility to manage disaster specialists.

Efficient oblivious augmented maps: location-based services with a payment broker

Secure processing of location data in location-based services (LBS) can be implemented with cryptographic protocols. We propose a protocol based on oblivious transfer and homomorphic encryption. Its properties are the avoidance of personal information on the services side, and a fair revenue distribution scheme. We discuss this in contrast to other LBS solutions that seek to anonymize information as well as possible towards the services. For this purpose, we introduce a proxy party. The proxy interacts with multiple services and collects money from subscribing users. Later on, the proxy distributes the collected payment to the services based on the number of subscriptions to each service. Neither the proxy nor the services learn the exact relation between users and the services they are subscribed to.

On the Internet of Things, Trust is Relative

End-users on the Internet of Things (IoT) will encounter many different devices and services; they will need to decide whether or not they can trust these devices and services with their information. We identify three items of trust information that end-users will need to determine if they should trust something on the IoT. We create a taxonomy of the likely scenarios end-users will encounter on the IoT and present five trust strategies for obtaining this trust information. Upon applying these strategies to our scenarios, we find that there is no strategy that can work efficiently and effectively in every situations; end-users will need to apply the strategy that best fits their current situation. Offering multiple trust strategies in parallel and having this information transparent to end-users will ensure a sustainable IoT.

Enabling Privacy of Real-Life LBS

Privacy in computerized environments is perceived very differently depending on the respective point of view. Often “privacy enhancing technologies” — initiated by the user, as a measure of self-defense — are seen as conflicting with business goals such as cost-efficiency, revenue assurance, and options for further business development based on existing data. This paper presents the design and implementation of an architecture and prototype for privacy-friendly, interoperable location-based services (LBS), based on intermediation of location data via a location middleware component. The aim is to combine privacy-friendliness, efficiency, and market potential. Therefore the security interests of the stakeholders are analyzed and an architecture solution including an intermediary is introduced. Then the prototype implementation (at a mobile operator) is described and the usage of the prototype for a commercial service and product offer by the operator involved in the development is discussed.

Exploitation of Public and Private WiFi Coverage for New Business Models

The expected boom in wireless networking and the rapidly increasing number of private and public access points prepare the ground for additional - initially unintended - usage possibilities of this fast growing infrastructure.

A Taxonomy of Privacy and Security Risks Contributing Factors

Identity management system(s) (IDMS) do rely on tokens in order to function. Tokens can contribute to privacy or security risk in IDMS. Specifically, the characteristics of tokens contribute greatly to security and privacy risks in IDMS. Our understanding of how the characteristics of token contribute to privacy and security risks will help us manage the privacy and security risks in IDMS. In this article, we introduce a taxonomy of privacy and security risks contributing factors to improve our understanding of how tokens affect privacy and security in IDMS. The taxonomy is based on a survey of IDMS articles. We observed that our taxonomy can form the basis for a risk assessment model.

Personal rights management – taming camera-phones for individual privacy enforcement

With ubiquitous use of digital camera devices, especially in mobile phones, privacy is no longer threatened by governments and companies only. The new technology creates a new threat by ordinary people, who could take and distribute pictures of an individual with no risk and little cost in any situation in public or private spaces. Fast distribution via web based photo albums, online communities and web pages expose an individuals private life to the public. Social and legal measures are increasingly taken to deal with this problem, but they are hard to enforce in practice. In this paper, we proposed a model for privacy infrastructures aiming for the distribution channel such that as soon as the picture is publicly available, the exposed individual has a chance to find it and take proper action in the first place. The implementation issues of the proposed protocol are discussed. Digital rights management techniques are applied in our proposed infrastructure, and data identification techniques such as digital watermarking and robust perceptual hashing are proposed to enhance the distributed content identification.

Privacy policy referencing

Data protection legislation was originally defined for a context where personal information is mostly stored on centralized servers with limited connectivity and openness to 3rd party access. Currently, servers are connected to the Internet, where a large amount of personal information is continuously being exchanged as part of application transactions. This is very different from the original context of data protection regulation. Even though there are rather strict data protection laws in an increasing number of countries, it is in practice rather challenging to ensure an adequate protection for personal data that is communicated on-line. The enforcement of privacy legislation and policies therefore might require a technological basis, which is integrated with adequate amendments to the legal framework. This article describes a new approach called Privacy Policy Referencing, and outlines the technical and the complementary legal framework that needs to be established to support it.

A Literature Study on Privacy Patterns Research

Context: Facing the implementation of the EU General Data Protection Regulation in May 2018, many commercial software providers will soon need to adapt their products to new privacy-related constraints. Privacy patterns defined for different aspects of the software engineering process promise to be a useful concept for this task. In this situation, it seems valuable to characterize the state of the research related to privacy patterns.Objective: To identify, characterize and classify the contributions made by published research results related to patterns in the context of considering privacy concerns in engineering software. Method: A literature review in form of a mapping study of scientific articles was performed. The resulting map structures the relevant body of work into multiple dimensions, illustrating research focuses and gaps.Results: Results show that empirical evidence in this field is scarce and that holistic approaches to engineering privacy into software based on patterns are lacking. This potentially hinders industrial adoption.Conclusion: Based on these results, we recommend to empirically validate existing privacy patterns, to consolidate them in pattern catalogues and languages, and to move towards seamless approaches from engineering privacy requirements to implementation.

A Holistic Approach to Open-Source VoIP Security: Preliminary Results from the EUX2010sec Project

This paper describes the approach and preliminary results from the research project EUX2010sec. The project works closely with Voice-over-IP (VoIP) companies and users. It aims at providing better security of open source VoIP installations. The work towards this goal is organized by gathering researchers and practitioners around several scientific activities that range from security modeling and verification up to testbed testing. The expected outcomes of the project are a solid scientific and practical understanding of the security options for setting up VoIP infrastructures, particular guidance on secure, typical setups of such infrastructures, The project’s special focus is on producing results relevant to the practitioners in the project, aiming at the stimulation of innovation and the provision of highest quality in open-source based VoIP products and services.