DOCSLIB.ORG

Model-Based Privacy by Design

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Model-Based Privacy by Design Model-Based Privacy by Design by Amirshayan Ahmadian, M.Sc. Approved Dissertation thesis for the partial fulfilment of the requirements for a Doctor of Natural Sciences (Dr. rer. nat.) Fachbereich 4: Informatik Universität Koblenz-Landau Chair of PhD Board: Prof. Dr. Maria A. Wimmer Chair of PhD Commission: Prof. Dr. Harald F.O. Von Korflesch Examiner and Supervisor: Prof. Dr. Jan Jürjens Further Examiner: Prof. Dr. Patrick Delfmann Co-Supervisor: Dr. Daniel Strüber Date of the doctoral viva: January 22, 2020 iii Dedicated to my beloved parents. v Abstract Nowadays, almost any IT system involves personal data processing. In such sys- tems, many privacy risks arise when privacy concerns are not properly addressed from the early phases of the system design. The General Data Protection Regu- lation (GDPR) prescribes the Privacy by Design (PbD) principle. As its core, PbD obliges protecting personal data from the onset of the system development, by ef- fectively integrating appropriate privacy controls into the design. To operationalize the concept of PbD, a set of challenges emerges: First, we need a basis to define pri- vacy concerns. Without such a basis, we are not able to verify whether personal data processing is authorized. Second, we need to identify where precisely in a system, the controls have to be applied. This calls for system analysis concerning privacy concerns. Third, with a view to selecting and integrating appropriate con- trols, based on the results of system analysis, a mechanism to identify the privacy risks is required. Mitigating privacy risks is at the core of the PbD principle. Fourth, choosing and integrating appropriate controls into a system are complex tasks that besides risks, have to consider potential interrelations among privacy controls and the costs of the controls. This thesis introduces a model-based privacy by design methodology to handle the above challenges. Our methodology relies on a precise definition of privacy con- cerns and comprises three sub-methodologies: model-based privacy analysis, model- based privacy impact assessment and privacy-enhanced system design modeling. First, we introduce a definition of privacy preferences, which provides a basis to spec- ify privacy concerns and to verify whether personal data processing is authorized. Second, we present a model-based methodology to analyze a system model. The results of this analysis denote a set of privacy design violations. Third, taking into account the results of privacy analysis, we introduce a model-based privacy im- pact assessment methodology to identify concrete privacy risks in a system model. Fourth, concerning the risks, and taking into account the interrelations and the costs of the controls, we propose a methodology to select appropriate controls and integrate them into a system design. Using various practical case studies, we evalu- ate our concepts, showing a promising outlook on the applicability of our method- ology in real-world settings. vi Abstract vii Zusammenfassung In IT-Systemen treten viele Datenschutzrisiken auf, wenn Datenschutzbedenken in den frühen Phasen des Entwicklungsprozesses nicht angemessen berücksichtigt werden. Die Datenschutz-Grundverordnung (DSGVO) schreibt das Prinzip des Datenschutz durch Technikgestaltung (PbD) vor. PbD erfordert den Schutz person- enbezogener Daten von Beginn des Entwicklungsprozesses an, durch das frühzei- tige Integrieren geeigneter Maßnahmen. Bei der Realisierung von PbD ergeben sich nachfolgende Herausforderungen: Erstens benötigen wir eine präzise Defi- nition von Datenschutzbedenken. Zweitens müssen wir herausfinden, wo genau in einem System die Maßnahmen angewendet werden müssen. Drittens ist zur Auswahl geeigneter Maßnahmen, ein Mechanismus zur Ermittlung der Daten- schutzrisiken erforderlich. Viertens müssen bei der Auswahl und Integration geeigneter Maßnahmen, neben den Risiken, die Abhängigkeiten zwischen Maß- nahmen und die Kosten der Maßnahmen berücksichtigt werden. Diese Dissertation führt eine modellbasierte Methodik ein, um die oben genannten Herausforderungen zu bewältigen und PbD zu operationalisieren. Unsere Methodik basiert auf einer präzisen Definition von Datenschutzbe- denken und umfasst drei Untermethodiken: modellbasierte Datenschutzanalyse, mo- dellbasierte Datenschutz-Folgenabschätzung und datenschutzfreundliche Systemmodel- lierung. Zunächst führen wir eine Definition für Datenschutzpräferenzen ein, an- hand derer die Datenschutzbedenken präzisiert werden können und überprüft werden kann, ob die Verarbeitung personenbezogener Daten autorisiert ist. Zwei- tens präsentieren wir eine modellbasierte Methodik zur Analyse eines Systemmo- dells. Die Ergebnisse dieser Analyse ergeben die Menge der Verstöße gegen die Datenschutzpräferenzen in einem Systemmodell. Drittens führen wir eine mo- dellbasierte Methode zur Datenschutz-folgenabschätzung ein, um konkrete Daten- schutzrisiken in einem Systemmodell zu identifizieren. Viertens schlagen wir in Bezug auf die Risiken, Abhängigkeiten zwischen Maßnahmen und Kosten der Maßnahmen, eine Methodik vor, um geeignete Maßnahmen auszuwählen und in ein Systemdesign zu integrieren. In einer Reihe von realistischen Fallstudien be- werten wir unsere Konzepte und geben einen vielversprechenden Ausblick auf die Anwendbarkeit unserer Methodik in der Praxis. ix Contents Abstract v Zusammenfassung vii Abbreviations xxi Acknowledgements xxiii 1 Introduction 1 1.1 Challenges and Research Directions . 4 1.1.1 Privacy Preferences . 5 1.1.2 Privacy Analysis . 5 1.1.3 Privacy Impact Assessment . 6 1.1.4 Privacy Enhancement . 6 1.2 Contributions . 7 1.3 Methodology . 9 1.4 Thesis Outline . 11 1.5 How to Read this PhD Thesis . 12 1.6 Preliminary Publications . 13 2 Model-Based Privacy by Design: An Overview of the Methodology 15 2.1 The Common Terms in this Thesis . 15 2.2 Running Example . 16 2.3 Walk-Through: Model-Based Privacy by Design . 20 2.3.1 Privacy Preferences . 20 2.3.2 Model-Based Privacy Analysis . 22 2.3.3 Model-Based Privacy Impact Assessment . 22 2.3.4 Privacy-Enhanced System Design Modeling . 23 3 Privacy Preferences: A Foundation 25 3.1 Introduction . 26 x Contents 3.2 Background . 27 3.2.1 The Four Key Elements of Privacy . 27 3.2.2 A Background on the Theory of Sets and Lattices . 28 3.2.3 Privacy Level Agreements . 30 3.3 Privacy Preferences . 31 3.4 Formalized Privacy Level Agreements . 43 3.4.1 A Brief Description of the Differences Between the GDPR and Directive 95/46/EC . 43 3.4.2 The PLA Metamodel . 44 3.5 Discussion and Limitations . 46 3.5.1 Revisiting the Research Questions . 46 3.5.2 Limitations . 47 3.6 Related Work . 48 3.7 Preliminary Conclusion . 51 4 Model-Based Privacy Analysis 53 4.1 Introduction . 54 4.2 Background . 56 4.2.1 Unified Modeling Language (UML) . 56 4.2.1.1 Class Diagram . 57 4.2.1.2 Activity Diagram . 57 4.2.1.3 Deployment Diagram . 58 4.2.1.4 State Machines . 59 4.2.2 UML Profile . 59 4.2.3 Model-Based Security Analysis Using UMLsec . 60 4.2.3.1 Secure Links . 60 4.2.3.2 Secure Dependency . 62 4.3 Model-Based Privacy Analysis in Industrial Ecosystems . 64 4.3.1 The Modular Privacy Analysis . 64 4.3.2 Privacy Analysis Based on the Four Fundamental Privacy El- ements . 66 4.3.3 UML Privacy Extension . 68 4.3.3.1 Privacy Profile . 69 4.3.3.2 rabac Profile . 71 4.3.4 The Privacy Checks . 73 4.3.5 Applying the Privacy Checks: Example . 80 4.4 Case Studies and a Survey . 82 4.4.1 Case Studies . 83 4.4.2 Investigating the Required Support to Carry out the Pro- posed Methodology . 85 4.4.2.1 A Survey on System Modeling within the VisiOn Project . 85 Contents xi 4.4.2.2 Our Observation and Conclusion . 87 4.5 Discussion and Limitations . 89 4.6 Related Work . 91 4.7 Preliminary Conclusion . 93 5 Supporting Privacy Impact Assessment by Model-Based Privacy Analysis 95 5.1 Introduction . 96 5.2 Background . 97 5.2.1 Risk, Threat, and Risk Analysis . 97 5.2.2 Privacy Impact Assessment . 98 5.2.3 Privacy Targets . 99 5.2.4 Privacy Threats . 99 5.3 Model-Based Privacy Impact Assessment . 100 5.3.1 Systematic Specification of System and its Privacy-Critical Parts100 5.3.2 Model-Based Privacy and Security Analysis . 102 5.3.3 Identification of Harmful Activities and Threats . 103 5.3.4 Impact Assessment . 106 5.3.5 Identification of Appropriate Controls . 113 5.3.6 Privacy Impact Assessment Report . 114 5.4 Case Studies and Evaluation . 115 5.4.1 Case Studies . 115 5.4.2 Comparative Evaluation . 116 5.5 Discussion and Limitations . 118 5.6 Related Work . 120 5.7 Preliminary Conclusion . 123 6 Privacy-Enhanced System Design Modeling Based on Privacy Features 125 6.1 Introduction . 126 6.2 Background . 128 6.2.1 Privacy Design Strategies, Patterns, and Privacy-Enhancing Technologies . 128 6.2.2 Function Point Analysis (FPA) . 128 6.2.3 Reusable Aspect Models (RAMs) . 129 6.3 Running Example . 130 6.4 Privacy-Enhanced System Design Modeling . 132 6.4.1 The Privacy Design Strategies Feature Model . 133 6.4.2 Model-Based Cost Estimation . 136 6.4.3 Model-Based Privacy Enhancement . 138 6.4.3.1 UML Profile for Privacy Enhancement. 138 6.4.3.2 Using and Extending RAMs for Privacy by Design. 141 6.5 Case Studies and Evaluation . 143 6.6 Discussion and Limitations . 144 xii Contents 6.7 Related Work . 146 6.8 Preliminary Conclusion . 147 7 Tool Support 149 7.1 Introduction . 149 7.2 Model-Based Privacy Analysis with CARiSMA in the Context of the VPP . 150 7.2.1 Overview and New Features . 152 7.2.2 Security and Privacy Analysis within the VisiOn Privacy Plat- form . 153 7.2.2.1 The Architecture of VPP . 153 7.2.2.2 System Model Analysis Using CARiSMA . 155 7.2.2.3 RABAC . 157.
Load more

Recommended publications
  • Low-Cost Traffic Analysis Of
    Low-Cost Traffic Analysis of Tor Steven J. Murdoch and George Danezis University of Cambridge, Computer Laboratory 15 JJ Thomson Avenue, Cambridge CB3 0FD United Kingdom {Steven.Murdoch,George.Danezis}@cl.cam.ac.uk Abstract Other systems, based on the idea of a mix, were de- veloped to carry low latency traffic. ISDN mixes [33] Tor is the second generation Onion Router, supporting propose a design that allows phone conversations to be the anonymous transport of TCP streams over the Inter- anonymised, and web-mixes [6] follow the same design pat- net. Its low latency makes it very suitable for common terns to anonymise web traffic. A service based on these tasks, such as web browsing, but insecure against traffic- ideas, the Java Anon Proxy (JAP)1 has been implemented analysis attacks by a global passive adversary. We present and is running at the University of Dresden. These ap- new traffic-analysis techniques that allow adversaries with proaches work in a synchronous fashion, which is not well only a partial view of the network to infer which nodes are adapted for the asynchronous nature of widely deployed being used to relay the anonymous streams and therefore TCP/IP networks [8]. greatly reduce the anonymity provided by Tor. Furthermore, The Onion Routing project has been working on stream- we show that otherwise unrelated streams can be linked level, low-latency, high-bandwidth anonymous communi- back to the same initiator. Our attack is feasible for the cations [35]. Their latest design and implementation, adversary anticipated by the Tor designers. Our theoreti- Tor [18], has many attractive features, including forward se- cal attacks are backed up by experiments performed on the curity and support for anonymous servers.
    [Show full text]
  • [email protected]
    PRIVACY TOOLKIT FOR LIBRARIANS [email protected] libraryfreedomproject.org/resources/privacy-toolkit-for-librarians/ THREAT MODELING ● assets ● adversaries ● capabilities ● consequences how much trouble are you willing to go through in order to try to prevent those? FREE SOFTWARE FOSS: the freedom to run, copy, distribute, study, change and improve the software (gnu.org) -vs. proprietary software -why does this matter for privacy? -most of these tools are free software SAFER BROWSING ● who owns your browser? ● what is a browser extension? ● Firefox and Tor ● Firefox privacy settings ● Firefox extensions menu ENCRYPTED WEBSITES ● what is encryption? 1. confidentiality 2. authenticity 3. integrity ● http vs https ● HTTPS Everywhere ● Let's Encrypt THIRD PARTY TRACKING ● cookies ● widgets ● analytics ● beacons ● behavioral advertising ● Privacy Badger This is a real image from an online marketing company. SEARCH TRACKING ● Google, Bing, and Yahoo collect and store your searches ● DuckDuckGo does not. They even have an extension! ● alerting patrons: “You might notice that your search engine looks different” ● embedded Google searchbars: Google Sharing TERMS OF SERVICE Image credit: xkcd.com E.U.L.A. = end user license agreement Terms of Service; Didn't Read WIFI SECURITY ● Open wifi access and plausible deniability ● Closed wifi encryption (authenticity – and integrity) ● Wired network snooping is possible but requires a physical connection FILE DELETION Clean system and protect privacy: trash, logs, recent places, cache, session data, etc CCLeaner – Windows and Mac OSX, not FOSS *Windows users, do not ever use the registry cleaner! Bleachbit – Windows and Linux, FOSS Deep Freeze/Clean Slate on patron PCs: very useful, easy to use, but not totally secure deletion.
    [Show full text]
  • Privacy As Security
    Privacy as Security Dr George Danezis Microsoft Research, Cambridge, UK. [email protected] Dr George Danezis Privacy as Security Key Thesis and Outline What is this talk about? I Explore the relations between notions of `privacy' and `traditional security'. I Key thesis: Privacy is better understood as security! How do we proceed? I Introduction to Privacy. I Revisiting security/privacy properties. Dr George Danezis Privacy as Security Scope Ground rules of this talk: I High-level: keep out the very technical details. Implementation issues, system specific, cryptography, statistics, standards. I Focus on technology and technology policy. There is also law, sociology, political science, and politics. I Look at privacy in the context of computer security Security properties, adversary models, security policies, . I A clear focus on the real world and its constraints. Dr George Danezis Privacy as Security Caricature of the debate: Security or Privacy \Privacy" important but. I . what about abuse and accountability? I . difficulties for Law Enforcement? I . copyright or libel? I (. what does a good, honest person has to hide anyway?) Established wisdom: I Need for a balance... I Control/limit dangerous technology (or research). I Result: Surveillance by design ! no privacy (often). Caricature conclusion: Security is most important! Dr George Danezis Privacy as Security Security and Privacy in Context A brief history of security, and where does privacy fit? I Early days (Pre-1970s): Security for the Government and Military. Focus on confidentiality properties. Some work on Tamper resistance, signal intelligence, . Keep secrets using computer security. I 70s to 90s: Commercial security and security for enterprises.
    [Show full text]
  • Versatile Exploitation Techniques: Drone Hacking and Jamming with Raspberry-Pi and Wi-Fi Pineapple
    International Journal of Innovative Technology and Exploring Engineering (IJITEE) ISSN: 2278-3075, Volume-9, Issue-1, November 2019 Versatile Exploitation Techniques: Drone Hacking and Jamming with Raspberry-Pi and Wi-Fi Pineapple J Caroline El Fiorenza, Revanth Kumar Lokku, Kirthika Sivakumar, M Reene Stephanie Unmanned aerial (UAVs) vehicles, or drones, are an Abstract—The utilization of Internet-of-Things (IoT) unmanned aerial vehicle that has no pilot ready, and are innovation is developing exponentially as more shoppers and explored by either a remote control, or by ready PCs. Drones organizations recognize the benefits offered by the savvy and are normally partitioned into three unique sorts of classes: (a) shrewd gadgets. The major purpose of this paper arose due to the reason that since drone innovation is a quickly rising segment recreational, (b) business and (c) military drones. inside the IoT and the danger of hacking couldn't just purpose an The expansion of recreational drone usage has prompted information break, it could likewise represent a noteworthy discourses in regards to the security of the unregulated drone hazard to the open well-being. On account of their flexible usage, and how to maintain a strategic distance from specialist applications and access to ongoing data, commercial drones are abusing airspace rules. At a similar time as buyers utilized used across a wide variety of smart city applications. However, with many IoT devices, security is frequently an untimely idea, drones as specialists, organizations have progressively leaving numerous drones helpless against programmers. What is investigated utilizing rambles for business use. being done in this paper is that this paper examines the present In 2016 they uncovered that they were trying a conveyance condition of automation security and exhibits a lot of Wi-Fi administration where clients could get little bundles up to five empowered drone vulnerabilities.
    [Show full text]
  • Efficient Anonymous Group Communication
    Efficient Anonymous Group Communication Vom Fachbereich Informatik der Technischen Universität Darmstadt genehmigte Dissertation zur Erlangung des akademischen Grades Doctor rerum naturalium (Dr. rer. nat.) Eingereicht von: Tim Grube geboren in Seeheim-Jugenheim Tag der Einreichung: 15. Mai 2018 Tag der Disputation: 10. Juli 2018 Erstreferent: Prof. Dr. Max Mühlhäuser Korreferent: Prof. Dr. Mathias Fischer Fachgebiet Telekooperation Fachbereich Informatik Technische Universität Darmstadt Hochschulkennziffer D 17 Darmstadt 2018 Tim Grube: Efficient Anonymous Group Communication, Darmstadt, Technische Universität Darmstadt Jahr der Veröffentlichung der Dissertation auf TUprints: 2018 Veröffentlicht unter CC BY-NC-ND 4.0 International https://creativecommons.org/licenses/ Things are only impossible until they’re not. — Captain Jean-Luc Picard, Star Trek: The Next Generation, “When The Bough Breaks” (1988) Dedicated to the loving memory of my father Volker Grube 1958 – 2007 ABSTRACT This dissertation addresses the important challenge of efficiency in anonymous communication. Solving this challenge is essen- tial to provide anonymity in group communication. Every exchanged message leaks metadata: this information de- scribes the communication itself with, among others, sender, re- cipients, frequency of the communication. While the law pro- tects this information, it is often published and misused with consequences for the participants of the communication—often consequences particular for the senders of information. Anonymous communication systems like Tor break the link be- tween senders and recipients of messages and diminish emerg- ing metadata. However, their design requires duplicating mes- sages for all recipients early, mostly at the sender itself. With that, the system has to handle an unnecessary burden of pro- cessing identical messages. This dissertation contributes a novel mechanism that establishes communication groups such that the message duplication is pushed as close to the recipients as pos- sible.
    [Show full text]
  • Walking Onions: Scaling Distribution of Information Safely in Anonymity Networks
    Walking Onions: Scaling Distribution of Information Safely in Anonymity Networks by Chelsea Holland Komlo A thesis presented to the University of Waterloo in fulfillment of the thesis requirement for the degree of Masters of Mathematics in Computer Science Waterloo, Ontario, Canada, 2020 c Chelsea Holland Komlo 2020 Author’s Declaration This thesis consists of material all of which I authored or co-authored: see Statement of Con- tributions included in the thesis. This is a true copy of the thesis, including any required final revisions, as accepted by my examiners. I understand that my thesis may be made electronically available to the public. ii Statement of Contributions Walking Onions first originated as a Tor proposal authored by Nick Mathewson [Mat20c], who is a co-author of this work. In this original proposal, Nick proposed the concept of ENDIVEs and SNIPs, as well as the concept of one protocol variant presented in this work which we call Telescoping Walking Onions. Additionally this proposal introduced the concept of bootstrapping using a circuit through a directory cache. Our collaboration on the published version of Walking Onions has since been accepted to the USENIX Security Symposium [KMG20]. In his capacity as co-author of our joint work, Nick created the framework for our bandwidth and CPU performance analysis, and used this framework to assess the performance of Telescop- ing Walking Onions relative to Idealized Tor. Nick also wrote the python script for our real numbers analysis, which we use to compare the performance of Walking Onions in actualized estimates against a simplified Tor-like network.
    [Show full text]
  • Using Onion Routing to Secure Peer-To-Peer Supported Business
    Using Onion Routing to Secure Peer-to- Peer Supported Business Collaboration Fabian STÄBER, Udo BARTLANG, Jörg P. MÜLLER Siemens AG, Corporate Technology, Information and Communications Otto-Hahn-Ring 6, Munich, D-81739, Germany Tel: +49 (0)89 636-41619, Fax: +49 (0)89 636-41423 e-mail: {fabian.staeber, udo.bartlang, joerg.p.Mueller}[email protected] Abstract: Peer-to-Peer computing provides reliable self-organizing adaptable architectures, fitting perfectly as a foundation for enabling enterprises to seamlessly inter-operate with one another in a loosely coupled fashion. However, the absence of hierarchical structures in P2P architectures raises security challenges, especially in scenarios that are of “co-opetitive” nature, i.e., where the involved business partners may be cooperating and competing, at the same time, and where there is only limited trust between the partners. This paper addresses some of these security issues. We propose an approach using onion routing, which is a well known algorithm, originally used for anonymous email communication. We present a real-world use case regarding business integration in the automotive industry, and show how onion routing can be integrated into our peer-to-peer platform to meet the security requirements of business collaboration environments. 1. Introduction Over the past few years, the peer-to-peer paradigm received broad attention in academic research and industry. Offering easy to use plug-and-play networks in combination with resilience, reliability, and the capability of decentral management and loosely coupled control, peer-to-peer systems have become target platforms for a growing number of applications, ranging from Internet file sharing over IP telephony to distributed corporate information management.
    [Show full text]
  • Air Force Institute of Technology
    to A TAXONOMY FOR AND ANALYSIS OF ANONYMOUS COMMUNICATIONS NETWORKS DISSERTATION Douglas Kelly, GG-14 AFIT/DCS/ENG/09-08 AIR FORCE INSTITUTE OF TECHNOLOGY Wright-Patterson Air Force Base, Ohio APPROVED FOR PUBLIC RELEASE; DISTRIBUTION UNLIMITED The views expressed in this dissertation are those of the author and do not reflect the official policy or position of the United States Air Force, Department of Defense, or the U.S. Government. A TAXONOMY FOR AND ANALYSIS OF ANONYMOUS COMMUNICATIONS NETWORKS DISSERTATION Presented to the Faculty Graduate School of Engineering and Management Air Force Institute of Technology Air University Air Education and Training Command In Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy Douglas J. Kelly, BS, MS, MBA March 2009 APPROVED FOR PUBLIC RELEASE; DISTRIBUTION UNLIMITED AFIT/DCS/ENG/09-08 A TAXONOMY FOR AND ANALYSIS OF ANONYMOUS COMMUNICATIONS NETWORKS DISSERTATION Douglas J. Kelly, BS, MS, MBA Approved: __________//SIGNED//________________ _16 Mar 09_ Dr. Richard A. Raines (Chairman) Date __________//SIGNED//________________ _16 Mar 09_ Dr. Barry E. Mullins (Member) Date __________//SIGNED//________________ _16 Mar 09_ Dr. Rusty O. Baldwin (Member) Date __________//SIGNED//________________ _16 Mar 09_ Dr. Michael R. Grimaila (Member) Date Accepted: __________//SIGNED//________________ _18 Mar 09_ Dr. M. U. Thomas Date Dean, Graduate School of Engineering and Management - iii - AFIT/DCS/ENG/09-08 Abstract Any entity operating in cyberspace is susceptible to debilitating attacks. With cyber attacks intended to gather intelligence and disrupt communications rapidly replacing the threat of conventional and nuclear attacks, a new age of warfare is at hand.
    [Show full text]
  • Download Ubuntu Torrent to Install on Virtualbox Top 7 Torrent Clients for Ubuntu & Other Linux Distributions
    download ubuntu torrent to install on virtualbox Top 7 Torrent Clients for Ubuntu & Other Linux Distributions. Looking for the best torrent client for Ubuntu ? Indeed, there are a number of torrent clients available for Linux. Even though I’ve primarily mentioned Ubuntu, you can get most of them working on any other Linux distribution out there. You can also check the best download managers for Ubuntu if you’re not just looking for torrent downloaders. In this article, among all the available torrent clients for Linux, I’m going to curate the best ones that you should try. Best torrent programs for Ubuntu and other Linux distributions. No matter what your preferences are, a torrent client needs to have the essential features needed along with an easy-to-use interface. Here, you’ll find the list of the best torrent clients for Linux. Note: This list is in no particular order of ranking. Some applications mentioned here are not open source. They are listed here because they are available on Linux and the article’s focus is on Linux. 1. qBittorent. qBittorrent is one of the most popular open-source torrent clients available across multiple platforms. The user interface (which is based on Qt) is quite simple and gets the job done. It supports magnet links as well. In addition to the basic functionalities, you also get a bunch of useful features like the web user interface, the ability to tweak the speeds, configuring the number of connections per torrent download, and more such options. You can take a look at their GitHub page to explore the source code.
    [Show full text]
  • Covert Channel Vulnerabilities in Anonymity Systems
    UCAM-CL-TR-706 Technical Report ISSN 1476-2986 Number 706 Computer Laboratory Covert channel vulnerabilities in anonymity systems Steven J. Murdoch December 2007 15 JJ Thomson Avenue Cambridge CB3 0FD United Kingdom phone +44 1223 763500 http://www.cl.cam.ac.uk/ c 2007 Steven J. Murdoch This technical report is based on a dissertation submitted August 2007 by the author for the degree of Doctor of Philosophy to the University of Cambridge, Girton College. Technical reports published by the University of Cambridge Computer Laboratory are freely available via the Internet: http://www.cl.cam.ac.uk/techreports/ ISSN 1476-2986 Covert channel vulnerabilities in anonymity systems Steven J. Murdoch Summary The spread of wide-scale Internet surveillance has spurred interest in ano- nymity systems that protect users’ privacy by restricting unauthorised access to their identity. This requirement can be considered as a flow control policy in the well established field of multilevel secure systems. I apply previous re- search on covert channels (unintended means to communicate in violation of a security policy) to analyse several anonymity systems in an innovative way. One application for anonymity systems is to prevent collusion in compe- titions. I show how covert channels may be exploited to violate these pro- tections and construct defences against such attacks, drawing from previous covert channel research and collusion-resistant voting systems. In the military context, for which multilevel secure systems were designed, covert channels are increasingly eliminated by physical separation of intercon- nected single-role computers. Prior work on the remaining network covert channels has been solely based on protocol specifications.
    [Show full text]
  • Security Threats and Attacks on Tor
    Security Threats and Attacks on Tor Maria Khan, Muhammad Saddique, Muhammad Zohaib Umar Pirzada, Afzaal Ali, Bilal Wadud Electrical and Electronics Engineering Department Cecos University of IT & Emerging Sciences Near East University, North Cyprus Peshawar, Pakistan [email protected] [email protected] Imran Ahmad Faculty of Computing, Riphah International University Lahore, Pakistan [email protected] Additional systems were also developed on the as- sumption that a mix will take low latency traffic. To Abstract anonymize the conversation of phone calls ISDN mixes [10], is designed, and for anonym zing web-mixes [12], The Internet is in use nowadays all over the it also follows the same pattern. At the University of world. While using the Internet, the identi- Dresden the Java Anon Proxy (JAP) is based on this ties of the sender and receiver are not hid- idea and it is fulfilled and running. den; to hide the sender and receiver iden- tities anonymous communication was intro- Tor is a connected network for anonymizing TCP duced. There are many anonymous commu- streams over the Internet [1]. It can report boundaries nication systems developed but, the Onion in design of previous Onion Routing [2-5], by build- Router (Tor) is the most deployed anonymous ing up unspoiled forward confidentiality, then bottle- communication system that provides online neck control, then data purity or integrity, then cus- anonymity and privacy. There are vast se- tomizable exit policies, then index servers, and then curity threats/attacks on Tor that are to be location-hidden services using meeting points. Tor considered.
    [Show full text]
  • Privacy Enhancing Technologies for the Internet III: Ten Years Later
    Privacy Enhancing Technologies for the Internet III: Ten Years Later Ian Goldberg David R. Cheriton School of Computer Science University of Waterloo Waterloo, ON [email protected] 1 Introduction In 1997 with Wagner and Brewer, and again in 2002, we looked at the then-current state of privacy-enhancing technologies (PETs) for the Internet. [27, 26] Now, in 2007, we take a third look. Technologies to help users maintain their privacy online are as important today as ever before—if not more so. Identity theft is the fastest-growing crime in the US today [47] and it is all too easy for would-be identity thieves to harvest personal information from the online trails Internet users leave every day. Losses of large databases of personal information are an almost daily occurrence [2]; for example, retailers’ servers are penetrated [44], databases are traded between government and private companies [36] and laptops containing social security numbers are stolen [35]. In 1997, we discussed the dossier effect: all available information about a person gets cross-referenced, and the resulting dossier ends up being used for many purposes, lawful and not. This practice has expanded over the years; the companies that compile and sell these dossiers are known as data brokers. Choicepoint is a prime example—in 2005, this data broker sold dossiers on over 150,000 Americans to a group of criminals. [10] The PETs we discuss here give people a way to control how much of their personal information is revealed when they use the Internet. By controlling the spread of this information, they can limit the size of the data brokers’ dossiers about them.
    [Show full text]