Skip to main content
SpringerLink
Log in

Privacy from Promises to Protection

Privacy Guaranteeing Execution Container

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

Privacy issues are becoming more and more important especially since the cyber and the real world are converging up to certain extent when using mobile devices. Means that really protect privacy are still missing. The problem is, as soon as a user provides data to a service provider the user looses control over her data. The simple solution is not to provide any data but then many useful services, e.g. navigation applications, cannot be used. In order to solve this problem, we propose privacy guaranteeing execution containers (PGEC). Basically the concept is that the application obtains access to the user data in a specially protected and certified environment, the PGEC. PGECs enable applications to access private user data and guarantee that the user data is deleted as soon as the service is quit. The PGEC also restricts the communication between the application and the service provider to what is explicitly allowed by the service user. In addition to those means the PGEC also implements countermeasures against malicious attacks such as modified host systems and covert channel attacks, which might be misusing CPU load to signal data out of the PGEC. Thus, the PGEC guarantees a “one time use” of the provided private data.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Figure 1
Figure 2
Figure 3
Figure 4

Similar content being viewed by others

Notes

  1. We are aware that there exist multiple ways to queue a print from Java. In this example we show the simplest approach.

  2. There might be other channels that we are not aware of. But the container can render the most prominent ones already useless, which improves its security level significantly.

  3. We are aware that embedded keys are subject to attacks similar to the approaches to extract decryption keys from software players for HD-DVD and Blu-Ray discs [30]. To reduce the chances for extracting the keys it should be considered to embed them into (tamper proof) hardware dongles or trusted platform modules [26].

References

  1. Bennicke M, Langendörfer P (2003) Towards automatic negotiation of privacy contracts for internet services. In: Proceedings of the 11th IEEE conference on networks, ICON. IEEE Society Press, Piscataway, pp 312–324

  2. Bruschi D, Cavallaro L, Lanzi A, Monga M (2005) Attacking a trusted computing platform—improving the security of the tcg specification. Technical report rt 05-05, Universit’a degli Studi di Milano, Milano MI, Italy

  3. Cranor LF, Dobbs B, Egelman S, Hogben G, Humphrey J, Langheinrich M, Marchiori M, Presler-Marshall M, Reagle J, Schunter M, Stampley DA, Wenning R (2006) W3c: platform for privacy preferences (p3p) project. http://www.w3.org/P3P/

  4. Cranor LF, Langheinrich M, Marchiori M (2002) W3c: a p3p preference exchange language 1.0 (appel1.0). W3C Working Draft. http://www.w3.org/TR/P3P-preferences/

  5. Cuellar J, Morris J, Mulligan D, Peterson J, Polk J (2004) Geopriv requirements. Request for comments: 3693. http://www.rfc-archive.org/getrfc.php?rfc=3693

  6. Garcia-Molina H, Ketchpel S, Shivakumar N (1998) Safeguarding and charging for content on the internet. In: Proceedings of the international conference on data engineering ’98. International conference on data engineering, Orlando, 23–27 February 1998

  7. Gruteser M, Grunwald D (2003) Anonymous usage of location-based services through spatial and temporal cloaking. In: Proceedings of the international conference on mobile systems, applications, and services. ACM/USENIX international conference on mobile systems, applications, and services (MobiSys), San Francisco, 5–8 May 2003

  8. Guan X, Yang Y, You J (2000) Pom—a mobile agent security model against malicious hosts. In: Proceedings of the fourth international conference/exhibition on high performance computing in the asia-pacific region, vol 02. IEEE Computer Society, Beijing, pp 1165–1166. doi:http://doi.ieeecomputersociety.org/10.1109/HPC.2000.843621

  9. Haragutchi R, Nusbaum BD, de Luna Sáenz C, Batista NT, Oku RM, Schmitt-Heinrich P, Macgregor R (1996) IBM redbook: building the infrastructure for the internet, chap. Chapter 12 networked applications. IBM, p 526, Cryptolope. http://www.redbooks.ibm.com/redbooks/pdfs/sg244824.pdf.

  10. Hohl F (1998) Time limited blackbox security: protecting mobile agents from malicious hosts. In: Mobile agents and security. Springer, London, pp 92–113

    Chapter  Google Scholar 

  11. Huda N, Yamada S, Kamioka E (2005) Privacy protection in mobile agent based service domain. In: Proceedings of the third international conference on information technology and applications (ICITA’05), Sydney, 2005

  12. Kauer B (2007) Oslo: improving the security of trusted computing. In: Proceedings of 16th USENIX security symposium on usenix security symposium

  13. Langendörfer P, Kraemer R (2002) Towards user defined privacy in location-aware platforms. In: Proceedings of the 3rd international conference on internet computing. 3rd international conference on internet computing. CSREA

  14. Lee H, Alves-Foss J, Harrison S (2004) The use of encrypted functions for mobile agent security. In: HICSS ’04: proceedings of the proceedings of the 37th annual Hawaii international conference on system sciences (HICSS’04) - Track 9, vol 9. IEEE Computer Society, Washington, DC, p 90297.2

  15. López J, Maña A, Pimentel E, Troya JM, Yagüe MI (2002) Access control infrastructure for digital objects. In: Proceedings of the international conference on information and communications security (ICICS’02). International conference on information and communications security (ICICS’02), LNCS 2513. Springer, Singapore, pp 399–410

  16. Maaser M, Langendörfer P (2005) Automated negotiation of privacy contracts. In: Proceedings of the 29th annual international computer software and applications conference (COMPSAC). IEEE Society Press, Edinburgh

  17. Maaser M, Ortmann S, Langendörfer P (2008) The privacy advocate: assertion of privacy by personalised contracts. In: Books of selected papers from WEBIST conferences, pp 85–97

  18. Maña A, Lopez J, Ortega JJ, Pimentel E, Troya JM (2004) A framework for secure execution of software. Int J Inf Secur 2(4):99–112

    Article  Google Scholar 

  19. Page J, Zaslavsky A, Indrawan M (2004) Countering security vulnerabilities in agent execution using a self executing security examination. In: Proceedings of the third international joint conference on autonomous agents and multiagent systems (AAMAS’04), vol 3. IEEE Computer Society, Los Alamitos, pp 1486–1487. doi:http://doi.ieeecomputersociety.org/10.1109/AAMAS.2004.10229

  20. Poggi A, Rimassa G, Tomaiuolo M (2001) Multi-user and security support for multi-agent systems. In: Proceedings of WOA 2001 workshop. Modena

  21. Riordan J, Schneier B (1998) Environmental key generation towards clueless agents. In: Mobile agents and security. Springer, London, pp 15–24

    Chapter  Google Scholar 

  22. Sailer R, Zhang X, Jaeger T, van Doorn L (2004) Design and implementation of a tcg-based integrity measurement architecture. In: Proceedings of the USENIX security symposium

  23. Seshadri A, Luk M, Shi E, Perrig A, van Doorn L, Khosla P (2005) Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. In: 20th ACM symposium on operating systems principles (SOSP 2005)

  24. Seshadri A, Perrig A, van Doorn L (2004) Using software-based attestation for verifying embedded systems in cars. In: Proceedings of the embedded security in cars workshop ’04. Embedded security in cars workshop (escar)

  25. Synnes K, Nord J, Parnes P (2003) Location privacy in the alipes platform. In: Proceedings of the Hawai’i international conference on system sciences. Hawai’i international conference on system sciences (HICSS-36). Big Island, Hawaii

  26. Trusted Computing Group (2008) Trusted Computing Group Administration (2008) http://www.trustedcomputinggroup.org

  27. Wagealla W, Terzis S, English C (2003) Trust-based model for privacy control in context-aware systems. In: Proceedings of the 2nd workshop on security in ubiquitous computing. 2nd workshop on security in ubiquitous computing

  28. Yamada S, Kamioka E (2005) Access control for security and privacy in ubiquitous computing environments. IEICE Trans Commun E88-B(3):846–856. doi:10.1093/ietcom/e88-b.3.846

    Article  Google Scholar 

  29. Yannopoulos A, Stavroulasa Y, Papadakis N, Halkos D, Varvarigou T (2002) A method which enables the assessment of private data by an untrusted party using arbitrary algorithms but prevents disclosure of their content. In: Langendoerfer P, Tsaoussidis V (eds) Proceedings of the 3rd international conference on internet computing. 3rd international conference on internet computing. CSREA Press

  30. Zota V (2007) Dvd-nachfolger in der bredouille. http://www.heise.de/newsticker/DVD-Nachfolger-in-der-Bredouille–/meldung/85467

Download references

Author information

Authors and Affiliations

  1. IHP microelectronics, Im Technologiepark 25, 15236, Frankfurt(Oder), Germany

    Michael Maaser & Peter Langendörfer

Authors
  1. Michael Maaser
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Peter Langendörfer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Michael Maaser.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Maaser, M., Langendörfer, P. Privacy from Promises to Protection. Mobile Netw Appl 14, 65–81 (2009). https://doi.org/10.1007/s11036-008-0116-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11036-008-0116-7

Keywords

Search

Navigation