Abstract
Privacy issues are becoming more and more important especially since the cyber and the real world are converging up to certain extent when using mobile devices. Means that really protect privacy are still missing. The problem is, as soon as a user provides data to a service provider the user looses control over her data. The simple solution is not to provide any data but then many useful services, e.g. navigation applications, cannot be used. In order to solve this problem, we propose privacy guaranteeing execution containers (PGEC). Basically the concept is that the application obtains access to the user data in a specially protected and certified environment, the PGEC. PGECs enable applications to access private user data and guarantee that the user data is deleted as soon as the service is quit. The PGEC also restricts the communication between the application and the service provider to what is explicitly allowed by the service user. In addition to those means the PGEC also implements countermeasures against malicious attacks such as modified host systems and covert channel attacks, which might be misusing CPU load to signal data out of the PGEC. Thus, the PGEC guarantees a “one time use” of the provided private data.
Similar content being viewed by others
Notes
We are aware that there exist multiple ways to queue a print from Java. In this example we show the simplest approach.
There might be other channels that we are not aware of. But the container can render the most prominent ones already useless, which improves its security level significantly.
We are aware that embedded keys are subject to attacks similar to the approaches to extract decryption keys from software players for HD-DVD and Blu-Ray discs [30]. To reduce the chances for extracting the keys it should be considered to embed them into (tamper proof) hardware dongles or trusted platform modules [26].
References
Bennicke M, Langendörfer P (2003) Towards automatic negotiation of privacy contracts for internet services. In: Proceedings of the 11th IEEE conference on networks, ICON. IEEE Society Press, Piscataway, pp 312–324
Bruschi D, Cavallaro L, Lanzi A, Monga M (2005) Attacking a trusted computing platform—improving the security of the tcg specification. Technical report rt 05-05, Universit’a degli Studi di Milano, Milano MI, Italy
Cranor LF, Dobbs B, Egelman S, Hogben G, Humphrey J, Langheinrich M, Marchiori M, Presler-Marshall M, Reagle J, Schunter M, Stampley DA, Wenning R (2006) W3c: platform for privacy preferences (p3p) project. http://www.w3.org/P3P/
Cranor LF, Langheinrich M, Marchiori M (2002) W3c: a p3p preference exchange language 1.0 (appel1.0). W3C Working Draft. http://www.w3.org/TR/P3P-preferences/
Cuellar J, Morris J, Mulligan D, Peterson J, Polk J (2004) Geopriv requirements. Request for comments: 3693. http://www.rfc-archive.org/getrfc.php?rfc=3693
Garcia-Molina H, Ketchpel S, Shivakumar N (1998) Safeguarding and charging for content on the internet. In: Proceedings of the international conference on data engineering ’98. International conference on data engineering, Orlando, 23–27 February 1998
Gruteser M, Grunwald D (2003) Anonymous usage of location-based services through spatial and temporal cloaking. In: Proceedings of the international conference on mobile systems, applications, and services. ACM/USENIX international conference on mobile systems, applications, and services (MobiSys), San Francisco, 5–8 May 2003
Guan X, Yang Y, You J (2000) Pom—a mobile agent security model against malicious hosts. In: Proceedings of the fourth international conference/exhibition on high performance computing in the asia-pacific region, vol 02. IEEE Computer Society, Beijing, pp 1165–1166. doi:http://doi.ieeecomputersociety.org/10.1109/HPC.2000.843621
Haragutchi R, Nusbaum BD, de Luna Sáenz C, Batista NT, Oku RM, Schmitt-Heinrich P, Macgregor R (1996) IBM redbook: building the infrastructure for the internet, chap. Chapter 12 networked applications. IBM, p 526, Cryptolope. http://www.redbooks.ibm.com/redbooks/pdfs/sg244824.pdf.
Hohl F (1998) Time limited blackbox security: protecting mobile agents from malicious hosts. In: Mobile agents and security. Springer, London, pp 92–113
Huda N, Yamada S, Kamioka E (2005) Privacy protection in mobile agent based service domain. In: Proceedings of the third international conference on information technology and applications (ICITA’05), Sydney, 2005
Kauer B (2007) Oslo: improving the security of trusted computing. In: Proceedings of 16th USENIX security symposium on usenix security symposium
Langendörfer P, Kraemer R (2002) Towards user defined privacy in location-aware platforms. In: Proceedings of the 3rd international conference on internet computing. 3rd international conference on internet computing. CSREA
Lee H, Alves-Foss J, Harrison S (2004) The use of encrypted functions for mobile agent security. In: HICSS ’04: proceedings of the proceedings of the 37th annual Hawaii international conference on system sciences (HICSS’04) - Track 9, vol 9. IEEE Computer Society, Washington, DC, p 90297.2
López J, Maña A, Pimentel E, Troya JM, Yagüe MI (2002) Access control infrastructure for digital objects. In: Proceedings of the international conference on information and communications security (ICICS’02). International conference on information and communications security (ICICS’02), LNCS 2513. Springer, Singapore, pp 399–410
Maaser M, Langendörfer P (2005) Automated negotiation of privacy contracts. In: Proceedings of the 29th annual international computer software and applications conference (COMPSAC). IEEE Society Press, Edinburgh
Maaser M, Ortmann S, Langendörfer P (2008) The privacy advocate: assertion of privacy by personalised contracts. In: Books of selected papers from WEBIST conferences, pp 85–97
Maña A, Lopez J, Ortega JJ, Pimentel E, Troya JM (2004) A framework for secure execution of software. Int J Inf Secur 2(4):99–112
Page J, Zaslavsky A, Indrawan M (2004) Countering security vulnerabilities in agent execution using a self executing security examination. In: Proceedings of the third international joint conference on autonomous agents and multiagent systems (AAMAS’04), vol 3. IEEE Computer Society, Los Alamitos, pp 1486–1487. doi:http://doi.ieeecomputersociety.org/10.1109/AAMAS.2004.10229
Poggi A, Rimassa G, Tomaiuolo M (2001) Multi-user and security support for multi-agent systems. In: Proceedings of WOA 2001 workshop. Modena
Riordan J, Schneier B (1998) Environmental key generation towards clueless agents. In: Mobile agents and security. Springer, London, pp 15–24
Sailer R, Zhang X, Jaeger T, van Doorn L (2004) Design and implementation of a tcg-based integrity measurement architecture. In: Proceedings of the USENIX security symposium
Seshadri A, Luk M, Shi E, Perrig A, van Doorn L, Khosla P (2005) Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. In: 20th ACM symposium on operating systems principles (SOSP 2005)
Seshadri A, Perrig A, van Doorn L (2004) Using software-based attestation for verifying embedded systems in cars. In: Proceedings of the embedded security in cars workshop ’04. Embedded security in cars workshop (escar)
Synnes K, Nord J, Parnes P (2003) Location privacy in the alipes platform. In: Proceedings of the Hawai’i international conference on system sciences. Hawai’i international conference on system sciences (HICSS-36). Big Island, Hawaii
Trusted Computing Group (2008) Trusted Computing Group Administration (2008) http://www.trustedcomputinggroup.org
Wagealla W, Terzis S, English C (2003) Trust-based model for privacy control in context-aware systems. In: Proceedings of the 2nd workshop on security in ubiquitous computing. 2nd workshop on security in ubiquitous computing
Yamada S, Kamioka E (2005) Access control for security and privacy in ubiquitous computing environments. IEICE Trans Commun E88-B(3):846–856. doi:10.1093/ietcom/e88-b.3.846
Yannopoulos A, Stavroulasa Y, Papadakis N, Halkos D, Varvarigou T (2002) A method which enables the assessment of private data by an untrusted party using arbitrary algorithms but prevents disclosure of their content. In: Langendoerfer P, Tsaoussidis V (eds) Proceedings of the 3rd international conference on internet computing. 3rd international conference on internet computing. CSREA Press
Zota V (2007) Dvd-nachfolger in der bredouille. http://www.heise.de/newsticker/DVD-Nachfolger-in-der-Bredouille–/meldung/85467
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Maaser, M., Langendörfer, P. Privacy from Promises to Protection. Mobile Netw Appl 14, 65–81 (2009). https://doi.org/10.1007/s11036-008-0116-7
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-008-0116-7