# HG changeset patch # User Christian Urban <christian dot urban at kcl dot ac dot uk> # Date 1354023691 0 # Node ID d817bb2f80e58e1e677c0a52c676a4cc2db3d126 # Parent 6334bb9143bc8d770d3f2fd2b45ecfb5fa80e7c3 added diff -r 6334bb9143bc -r d817bb2f80e5 slides09.pdf Binary file slides09.pdf has changed diff -r 6334bb9143bc -r d817bb2f80e5 slides09.tex --- a/slides09.tex Tue Nov 27 08:58:55 2012 +0000 +++ b/slides09.tex Tue Nov 27 13:41:31 2012 +0000 @@ -148,7 +148,7 @@ \begin{minipage}{1.1\textwidth} \begin{center} \begin{tabular}{@{\hspace{-2mm}}r@ {\hspace{1mm}}l@{}} -\bl{$S \rightarrow A :$} & \bl{$\{N_A, B, K_{\!AB}, T_S, \!\{K_{\!AB}, A, T_S\}_{K_{BS}} \}_{K_{AS}}$}\\ +\bl{$S \rightarrow A :$} & \bl{$\{B, K_{\!AB}, T_S, \!\{K_{\!AB}, A, T_S\}_{K_{BS}} \}_{K_{AS}}$}\\ \bl{$A \rightarrow B :$} & \bl{$\{K_{AB}, A, T_S\}_{K_{BS}} $}\\ \end{tabular} \end{center} @@ -160,15 +160,15 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode<presentation>{ \begin{frame}[t] -\frametitle{Denning-Sacco Protocol} +\frametitle{Denning-Sacco Fix} Denning-Sacco (1981) suggested to add the timestamp, but omit the handshake:\bigskip \begin{minipage}{1.1\textwidth} \begin{center} \begin{tabular}{@{\hspace{-2mm}}r@ {\hspace{1mm}}l@{}} -\bl{$A \rightarrow S :$} & \bl{$A, B, N_A$}\\ -\bl{$S \rightarrow A :$} & \bl{$\{N_A, B, K_{\!AB}, T_S, \!\{K_{\!AB}, A, T_S\}_{K_{BS}} \}_{K_{AS}}$}\\ +\bl{$A \rightarrow S :$} & \bl{$A, B$}\\ +\bl{$S \rightarrow A :$} & \bl{$\{B, K_{\!AB}, T_S, \!\{K_{\!AB}, A, T_S\}_{K_{BS}} \}_{K_{AS}}$}\\ \bl{$A \rightarrow B :$} & \bl{$\{K_{AB}, A, T_S\}_{K_{BS}} $}\\ \textcolor{lightgray}{$B \rightarrow A :$} & \textcolor{lightgray}{$\{N_B\}_{K_{AB}}$}\\ \textcolor{lightgray}{$A \rightarrow B :$} & \textcolor{lightgray}{$\{N_B-1\}_{K_{AB}}$}\\ @@ -177,14 +177,14 @@ \end{minipage}\bigskip they argue \bl{$A$} and \bl{$B$} can check that the messages are not replays of earlier -runs, by checking the time difference when the protocol is last used +runs, by checking the time difference with when the protocol is last used \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode<presentation>{ \begin{frame}[t] -\frametitle{Denning-Sacco-Lowe Protocol} +\frametitle{\begin{tabular}{@{}c@{}}Denning-Sacco-Lowe Fix of Fix\end{tabular}} Lowe (1997) disagreed and said the handshake should be kept, otherwise:\bigskip @@ -192,8 +192,8 @@ \begin{minipage}{1.1\textwidth} \begin{center} \begin{tabular}{@{\hspace{-7mm}}r@ {\hspace{1mm}}l@{}} -\bl{$A \rightarrow S :$} & \bl{$A, B, N_A$}\\ -\bl{$S \rightarrow A :$} & \bl{$\{N_A, B, K_{\!AB}, T_S, \!\{K_{\!AB}, A, T_S\}_{K_{BS}} \}_{K_{AS}}$}\\ +\bl{$A \rightarrow S :$} & \bl{$A, B$}\\ +\bl{$S \rightarrow A :$} & \bl{$\{B, K_{\!AB}, T_S, \!\{K_{\!AB}, A, T_S\}_{K_{BS}} \}_{K_{AS}}$}\\ \bl{$A \rightarrow B :$} & \bl{$\{K_{AB}, A, T_S\}_{K_{BS}} $}\\ \bl{$I(A) \rightarrow B :$} & \bl{$\{K_{AB}, A, T_S\}_{K_{BS}} $}\hspace{5mm}\textcolor{black}{replay}\\ \end{tabular} @@ -227,7 +227,7 @@ (no names, but postcodes and details such as gender, age and ethnic origin) \end{itemize}} \only<3>{\begin{itemize} -\item also in June Sony got hacked: over 1M users' personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. +\item also in June Sony, got hacked: over 1M users' personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. \end{itemize}} \end{minipage} @@ -240,7 +240,7 @@ \begin{frame}[c] \frametitle{Privacy and Big Data} -Selected sources of ``Big Data'': +Selected sources of ``Big Data'':\smallskip{} \begin{itemize} \item Facebook @@ -274,7 +274,7 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode<presentation>{ \begin{frame}[c] -\frametitle{Cookies} +\frametitle{Cookies\ldots} ``We have published a new cookie policy. It explains what cookies are and how we use them on our site. To learn more about cookies and @@ -297,6 +297,8 @@ \begin{frame}[c] \frametitle{Scare Tactics} +The actual policy reads:\bigskip + ``As we explain in our Cookie Policy, cookies help you to get the most out of our websites.\medskip @@ -321,7 +323,6 @@ \item Netflix offered in 2006 (and every year until 2010) a 1 Mio \$ prize for improving their movie rating algorithm \item dataset contained 10\% of all Netflix users (appr.~500K) \item names were removed, but included numerical ratings as well as times of rating -\item average user rated 200 movies \item some information was \alert{perturbed} (i.e., slightly modified) \end{itemize} @@ -338,7 +339,7 @@ Two researchers analysed the data: \begin{itemize} -\item with 8 ratings (2 of them can be wrong) and dates that have a 14-day error, 98\% of the +\item with 8 ratings (2 of them can be wrong) and corresponding dates that can have a margin 14-day error, 98\% of the records can be identified \item for 68\% only two ratings and dates are sufficient (for movie ratings outside the top 500)\bigskip\pause \item they took 50 samples from IMDb (where people can reveal their identity) @@ -359,10 +360,10 @@ \item Preferences in movies (99\% of 500K for 8 ratings) \end{itemize}\bigskip -Therefore best practices / or even law: +Therefore best practices / or even law (HIPAA, EU): \begin{itemize} -\item only year dates (age: 90 years or over), +\item only year dates (age group for 90 years or over), \item no postcodes (sector data is OK, similarly in the US)\\ \textcolor{gray}{no names, addresses, account numbers, licence plates} \item disclosure information needs to be retained for 5 years @@ -379,7 +380,7 @@ \only<1>{ \begin{itemize} \item Assume you make a survey of 100 randomly chosen people. -\item Say 99\% of the people in the 10 - 40 age group have seen the +\item Say 99\% of the surveyed people in the 10 - 40 age group have seen the Gangnam video on youtube.\bigskip \item What can you infer about the rest of the population? @@ -390,7 +391,7 @@ \item Not even releasing only aggregate information prevents re-identification attacks. (GWAS was a public database of gene-frequency studies linked to diseases; -you only needed enough data about phenotype (hair, eyes, skin colour...) in order +you only needed partial DNA information in order to identify whether an individual was part of the study --- DB closed in 2008) \end{itemize}}