Simone Fischer-Hübner

Pseudonymous audit for privacy enhanced intrusion detection

Intrusion detection systems can serve as powerful security audit analysis tools. But by analysing the user activities, they are affecting the privacy of the users at the same time. Pseudonymous audit can be the basis for privacy enhanced intrusion detection. In this paper, the concept of pseudonymous audit for privacy enhanced intrusion detection and its prototype realisations are presented. Furthermore it is discussed whether IT security evaluation criteria cover pseudonymous audit and the respective changes are suggested.*

Trust in PRIME

The PRIME project develops privacy enhancing identity management systems that allow users in various application areas such as e-commerce to regain control over their personal spheres. This paper introduces the PRIME technical architecture that also includes special trust-enhancing mechanisms, and shows how PRIME technologies can enhance privacy and trust of e-shopping customers. It also discusses the socio-psychological factors and HCI aspects influencing the end users trust in privacy enhancing identity management, and shows why HCI research, user studies, and socio-psychological research, are necessary efforts to accompany system design

Accountability for cloud and other future Internet services

Cloud and IT service providers should act as responsible stewards for the data of their customers and users. However, the current absence of accountability frameworks for distributed IT services makes it difficult for users to understand, influence and determine how their service providers honour their obligations. The A4Cloud project will create solutions to support users in deciding and tracking how their data is used by cloud service providers. By combining methods of risk analysis, policy enforcement, monitoring and compliance auditing with tailored IT mechanisms for security, assurance and redress, A4Cloud aims to extend accountability across entire cloud service value chains, covering personal and business sensitive information in the cloud.

Towards Usable Privacy Policy Display a Management

This paper discusses the approach taken within the PrimeLife project for providing user-friendly privacy policy interfaces for the PrimeLife Policy Language (PPL).We present the requirements, desig ...

Privacy and security at risk in the global information society

Abstract In the global information society, individual privacy is seriously endangered. An increasing amount of personal data is being transferred around the world, and communication data of users could be easily traced and used to create individual communication using new information infrastructures. With contemporary network technologies, it is difficult to protect personal data adequately. The Internet, as an important contemporary information highway, is missing essential features of reliability, functionality, confidentiality and integrity, and is threatened by various security attacks. This paper discusses privacy and security risks in the global information society. It also compares and critically analyses the approaches to privacy protection of different information infrastructure programmes. The difficulties for a common harmonised legal approach to privacy protection, due to cultural differences, are analysed. Finally, possibilities for designing information infrastructures adequate under social...

Blocking attacks on SIP VoIP proxies caused by external processing

As Voice over IP (VoIP) applications become increasingly popular, they are more and more facing security challenges that have not been present in the traditional Public Switched Telephone Network (PSTN). One of the reasons is that VoIP applications rely heavily on external Internet-based infrastructures (e.g., DNS server, web server), so that vulnerabilities of these external infrastructures have an impact on the security of VoIP systems as well. This article presents a Denial of Service (DoS) attack on VoIP systems by exploiting long response times of external infrastructures. This attack can lead the whole VoIP system in a blocked state thus reducing the availability of its provided signalling services. The results of our experiments prove the feasibility of blocking attacks. Finally, we also discuss several defending methods and present an improved protection mechanism against blocking attacks.

How can Cloud Users be Supported in Deciding on, Tracking and Controlling How their Data are Used?

Transparency is a basic privacy principle and factor of social trust. However, the processing of personal data along a cloud chain is often rather intransparent to the data subjects concerned. Transparency Enhancing Tools (TETs) can help users in deciding on, tracking and controlling their data in the cloud. However, TETs for enhancing privacy also have to be designed to be both privacy-preserving and usable. In this paper, we provide requirements for usable TETs for the cloud. The requirements presented in this paper were derived in two ways; at a stakeholder workshop and through a legal analysis. Here we discuss design principles for usable privacy policies and give examples of TETs which enable end users to track their personal data. We are developing them using both privacy and usability as design criteria.

Trust and Assurance HCI

In this chapter, we present our HCI (Human Computer Interaction) work for mediating the degree of trustworthiness of services sides to end users and for enhancing their trust in PrimeLife-enabled applications. For this, we will present the user interface development work of a trust evaluation function and the PrimeLife Data Track.

Towards a New Paradigm for Privacy and Security in Cloud Services

The market for cloud computing can be considered as the major growth area in ICT. However, big companies and public authorities are reluctant to entrust their most sensitive data to external parties for storage and processing. The reason for their hesitation is clear: There exist no satisfactory approaches to adequately protect the data during its lifetime in the cloud. The EU Project Prismacloud (Horizon 2020 programme; duration 2/2015–7/2018) addresses these challenges and yields a portfolio of novel technologies to build security enabled cloud services, guaranteeing the required security with the strongest notion possible, namely by means of cryptography. We present a new approach towards a next generation of security and privacy enabled services to be deployed in only partially trusted cloud infrastructures.

Benefits of Privacy-Enhancing Identity Management

Privacy-enhancing identity management systems allow users to act securely in the information society while keeping sovereignty over their personal spheres. This paper elaborates the benefits that privacy-enhancing identity management can provide for both end users and services sides. These benefits include increased privacy protection for end users and enhanced trust relations between users and services sides. The PRIME system developed within the EU project PRIME (Privacy and Identity Management for Europe) and a PRIME-enable e-shopping application scenario are used to illustrate these benefits. Besides, also potential business drivers for services sides to deploy privacy-enhancing identity management systems are discussed.