research-article

Bootstrapping privacy services in today's internet

Authors:

Christos Pappas,

Adrian PerrigAuthors Info & Claims

ACM SIGCOMM Computer Communication Review, Volume 48, Issue 5

Pages 21 - 30

https://doi.org/10.1145/3310165.3310169

Published: 28 January 2019 Publication History

Abstract

Internet users today have few solutions to cover a large space of diverse privacy requirements. We introduce the concept of privacy domains, which provide flexibility in expressing users' privacy requirements. Then, we propose three privacy services that construct meaningful privacy domains and can be offered by ISPs. Furthermore, we illustrate that these services introduce little overhead for communication sessions and that they come with a low deployment barrier for ISPs.

References

[1]

A. Rouvroy and Y. Poullet, "The Right to Informational Self-Determination and the Value of Self-Development," in Reinventing Data Protection? Springer Netherlands, 2009, ch. 2, pp. 45--76.

[2]

A. F. Westin, Privacy and Freedom. Scribner, 1967.

[3]

S. Fischer-Hübner, C. Hoofnagle, K. Rannenberg, M. Waidner, I. Krontiris, and M. Marhöfer, "Online Privacy: Towards Informational Self-Determination on the Internet (Dagstuhl Perspectives Workshop 11061)," Dagstuhl, Tech. Rep. 2, 2011.

[4]

"Senate Votes to Let ISPs Sell Your Web Browsing History to Advertisers," http://bit.ly/2nNetnc, 2017.

[5]

"NSA Collecting Phone Records of Millions of Verizon Customers Daily," http://bit.ly/2brf9H0, 2013.

[6]

C. Díaz, S. Seys,J. Claessens, and B.Preneel, "Towards Measuring Anonymity," in Proceedings of the Workshop on Designing Privacy Enhancing Technologies (PETS), 2003.

Digital Library

[7]

A. Serjantov and G. Danezis, "Towards an Information Theoretic Metric for Anonymity," in Proceedings of the Workshop on Designing Privacy Enhancing Technologies (PETS),2003.

Digital Library

[8]

R. Dingledine, N. Mathewson, and P. Syverson, "Tor: The Second-generation Onion Router," in Proceedings of the USENIX Security Symposium,2004.

Digital Library

[9]

Y. Zhu, X. Fu, B. Graham, R. Bettati, and W. Zhao, "On Flow Correlation Attacks and Countermeasures in Mix Networks," in Proceedings of the Workshop on Designing Privacy Enhancing Technologies (PETS),2004.

Digital Library

[10]

X. Wang, S. Chen, and S. Jajodia, "Tracking Anonymous Peer-to-Peer VoIP Calls on the Internet," in Proceedings of the ACM Conference on Computer & Communications Security (CCS),2005.

Digital Library

[11]

V. Shmatikov and M.-H. Wang, "Timing Analysis in Low-latency Mix Networks: Attacks and Defenses," in Proceedings of the European Symposium on Research in Computer Security (ESORICS),2006.

Digital Library

[12]

P. Syverson, G. Tsudik, M. Reed, and C. Landwehr, "Towards an Analysis of Onion Routing Security," in Proceedings of the Workshop on Designing Privacy Enhancing Technologies (PETS),2001.

Digital Library

[13]

Y. Sun, A. Edmundson, L. Vanbever, O. Li, J. Rexford, M. Chiang, and P. Mittal, "RAPTOR: Routing Attacks on Privacy in Tor," in Proceedings of the USENIX Security Symposium,2015.

Digital Library

[14]

S. W. L. Meiser, "Quantitative Anonymity Guarantees for Tor," Ph.D. dissertation, Saarland University, 2016.

[15]

B. Raghavan, T. Kohno, A. C. Snoeren, and W. David, "Enlisting ISPs to improve online privacy: IP Address Mixing by Default," in Proceedings of the Privacy En-hancing Technologies Symposium (PETS),2009.

Digital Library

[16]

"The Heartbleed Bug," heartbleed.com, 2014.

[17]

"CRIME Attack Uses Compression Ratio of TLS Requests as Side Channel to Hijack Secure Sessions," http://bit.ly/2rn7QbT, 2012.

[18]

"A Perfect CRIME? Only TIME Will Tell," http://ubm.io/2rn5qtU, 2013.

[19]

"The BREACH Attack," http://www.breachattack.com/, 2013.

[20]

"SSL Pulse," https://www.trustworthyinternet.org/ssl-pulse/, 2017.

[21]

"SSL by Default Usage Statistics," http://bit.ly/2rnj1S7, 2017.

[22]

A. Johnson, C. Wacek, R. Jansen, M. Sherr, and P. Syverson, "Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries," in Proceedings of the ACM Conference on Computer & Communications Security (CCS), 2013.

Digital Library

[23]

"Russian-controlled Telecom Hijacks Financial Services' Internet Traffic," http://bit.ly/2pp44fp, 2017.

[24]

"Iran's Porn Censorship Broke Browsers as Far Away as Hong Kong," http://bit.ly/2s4E90s, 2017.

[25]

"BackConnect's Suspicious BGP Hijacks," http://bit.ly/2rnhBa8, 2016.

[26]

"Large Hijack Affects Reachability of High Traffic Destinations," http://bit.ly/2qMW6Rm, 2016.

[27]

H. Yi, "This is how Internet speed and price in the U.S. compares to the rest of the world," http://to.pbs.org/1z5AGNQ, April 2015.

[28]

V. C. Perta, M. V. Barbera, G. Tyson, H. Haddadi, and A. Mei, "A Glance through the VPN Looking Glass: IPv6 Leakage and DNS Hijacking in Commercial VPN Clients," in Proceedings on Privacy Enhancing Technologies (PoPETs),2015.

[29]

S. Jiang, D. Guo, and B. Carpenter, "An Incremental Carrier-Grade NAT (CGN) for IPv6 Transition," RFC 6264 (Informational), IETF, Jun. 2011. {Online}. Available: http://www.ietf.org/rfc/rfc6264.txt

[30]

I. Yamagata, Y. Shirasaki, A. Nakagawa, J. Yamaguchi, and H. Ashida, "NAT444," https://tools.ietf.org/id/draft-shirasaki-nat444-06.txt, 2012.

[31]

M. Bellare, T. Ristenpart, P. Rogaway, and T. Stegers, "Format-Preserving Encryption," in Proceedings of the Workshop on Selected Areas in Cryptography,2009.

Digital Library

[32]

M. Dworkin, "Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption," NIST Special Publication, vol.800,2016.

[33]

"Data Plane Development Kit," http://dpdk.org, Sep 2015, retrieved on 1/2016.

[34]

A. Morton, "IMIX Genome: Specification of Variable Packet Sizes for Additional Testing," RFC 6985 (Informational), IETF, Jul. 2013. {Online}. Available: http://www.ietf.org/rfc/rfc6985.txt

[35]

S. Kent and K. Seo, "Security Architecture for the Internet Protocol," RFC 4301, IETF, 2005.

[36]

R. Bush and R. Austein, "The Resource Public Key Infrastructure(RPKI) to Router Protocol," RFC 6810, IETF, 2013.

[37]

G. Huston, G. Michaelson, and R. Loomans, "A Profile for X.509 PKIX Resource Certificates," RFC 6487, IETF, 2012.

[38]

M. Lepinski, S. Kent, and D. Kong, "A Profile for Route Origin Authorizations (ROAs)," RFC 6482, IETF, 2012.

[39]

C. Kaufman, P. Hoffman, Y. Nir, P. Eronen, and T. Kivinen, "Internet Key Exchange Protocol Version 2 (IKEv2)," RFC 7296, IETF, 2014.

[40]

D. A. McGrew and J. Viega, "The Galois/Counter Mode of Operation(GCM)," http://goo.gl/9sl9kK, 2004.

[41]

J. Moy, "OSPF Version 2," RFC 2328 (INTERNET STANDARD), IETF, Apr. 1998, updated by RFCs 5709, 6549, 6845, 6860, 7474. {Online}. Available: http://www.ietf.org/rfc/rfc2328.txt

[42]

ISO, "Intermediate System to Intermediate System intra-domain routing information exchange protocol for use in conjunction with th protocol for providing the connectionless-mode network service (ISO 8473)," International Standard, vol. 10589, 2002.

[43]

C. Chen, D. E. Asoni, D. Barrera, G. Danezis, and A. Perrig, "HORNET: High-speed Onion Routing at the Network Layer," in Proceedings of the ACM Conference on Computer & Communications Security (CCS),2015.

Digital Library

[44]

M. Akhoondi, C. Yu, and H. V. Madhyastha, "LASTor: a low-latency AS-aware tor client," Transactions on Networking (TON), IEEE/ACM,2014.

Digital Library

[45]

H.-C. Hsiao, T. H.-J. Kim, A. Perrig, A. Yamada, S. C. Nelson, M. Gruteser, and W. Meng, "LAP: Lightweight Anonymity and Privacy," in Proceedings of the IEEE Symposium on Security and Privacy (S&P),2012.

Digital Library

[46]

V. Liu, S. Han, A. Krishnamurthy, and T. Anderson, "Tor Instead of IP," in Proceedings of the ACM Workshop on Hot Topics in Networks (HotNets), 2011.

Digital Library

[47]

R. Lychev, S. Goldberg, and M. Schapira, "BGP Security in Partial Deployment: Is the Juice Worth the Squeeze?" in Proceedings ofthe ACM Conference on SIG-COMM,2013.

Digital Library

[48]

"Etisalat, Singtel, Softbank, and Telefonica create Global Cyber Security Alliance," https://goo.gl/tEhM1H, 2018, retrieved on 6/2018.

[49]

E. Yu, "Four telcos set up global cybersecurity group," goo.gl/GaqiHd, 2018, retrieved on 6/2018.

[50]

"ngena," www.ngena.net, 2018, retrieved on 6/2018.

[51]

K. Compton, "ngena: Creating Next-Gen Global Business Networks," https://blogs.cisco.com/digital/ngena, 2018, retrieved on 6/2018.

Cited By

Kita KKoizumi YHasegawa T(2022) Private retrieval of location-related content using -anonymity and application to ICN Computer Networks10.1016/j.comnet.2022.108908209(108908)Online publication date: May-2022
https://doi.org/10.1016/j.comnet.2022.108908
Matzutt RPennekamp JBuchholz EWehrle KSun HShieh SGu GAteniese G(2020)Utilizing Public Blockchains for the Sybil-Resistant Bootstrapping of Distributed Anonymity ServicesProceedings of the 15th ACM Asia Conference on Computer and Communications Security10.1145/3320269.3384729(531-542)Online publication date: 5-Oct-2020
https://dl.acm.org/doi/10.1145/3320269.3384729

Index Terms

Bootstrapping privacy services in today's internet
1. Networks
  1. Network properties
    1. Network privacy and anonymity
    2. Network security
      1. Security protocols

Recommendations

Freedom of Privacy: Anonymous Data Collection with Respondent-Defined Privacy Protection

The massive amount of sensitive survey data about individuals that agencies collect and share through the Internet is causing a great deal of privacy concerns. These concerns may discourage individuals from revealing their sensitive information. ...
Quality aware privacy protection for location-based services
DASFAA'07: Proceedings of the 12th international conference on Database systems for advanced applications

Protection of users' privacy has been a central issue for location-based services (LBSs). In this paper, we classify two kinds of privacy protection requirements in LBS: location anonymity and identifier anonymity.While the location cloaking technique ...
Minimal privacy disclosure for Accessing Web services
INFOS '16: Proceedings of the 10th International Conference on Informatics and Systems

Web services are considered as a powerful solution for information systems integration which is based on the service oriented architecture (SOA). Privacy is a big obstacle when using web services. Therefore, accessing web service with minimal privacy ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM SIGCOMM Computer Communication Review

ACM SIGCOMM Computer Communication Review Volume 48, Issue 5

October 2018

83 pages

ISSN:0146-4833

DOI:10.1145/3310165

Editor:
Olivier Bonaventure

Issue’s Table of Contents

Copyright © 2019 Authors.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 January 2019

Published in SIGCOMM-CCR Volume 48, Issue 5

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
169
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Kita KKoizumi YHasegawa T(2022) Private retrieval of location-related content using -anonymity and application to ICN Computer Networks10.1016/j.comnet.2022.108908209(108908)Online publication date: May-2022
https://doi.org/10.1016/j.comnet.2022.108908
Matzutt RPennekamp JBuchholz EWehrle KSun HShieh SGu GAteniese G(2020)Utilizing Public Blockchains for the Sybil-Resistant Bootstrapping of Distributed Anonymity ServicesProceedings of the 15th ACM Asia Conference on Computer and Communications Security10.1145/3320269.3384729(531-542)Online publication date: 5-Oct-2020
https://dl.acm.org/doi/10.1145/3320269.3384729

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents