Collaborative Research: Formal Privacy

合作研究：正式隐私

• 批准号: 0506546
• 负责人: Carl Gunter
• 金额: $ 7.42万
• 依托单位: University of Illinois at Urbana-Champaign
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2004
• 资助国家: 美国
• 起止时间: 2004-11-01 至 2006-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0506546&HistoricalAwards=false
• 关键词: Collaborative; Research; Formal; Privacy

Growing pressure to collect information on the Internet has created a need formore sophisticated ways to characterize privacy rights and balance them againstlegitimate commercial and law enforcement objectives. A wide range of businessesnow rely on their ability to collect information about online customers as afoundation of their added value in the market place. The use or potential use ofthe Internet for purposes such as child pornography and planning of hate crimesand terrorism have heighted interest in (and loosened regulations on) networkmonitoring. Theft of intellectual property has led to the development ofnumerous protection mechanisms; these often involve registrations and involuntarymonitoring of various kinds. In order to make security easier (and explore alucrative business model), a number of companies seek to act as third-partycaretakers of private information such as keys, authentication secrets, andcredit card numbers. Arrayed against these trends are many citizens incensed byaggressive means used to collect information from them and a variety of groupsthat champion privacy rights.There have been many advances in technologies both to aid information gatheringand limit it. One important trend is toward more advanced systems for creatingand managing digital credentials and authorization databases. In currentpractice credentials are sometimes `pushed' (like presenting a ticket to get intoa movie theater) sometimes `pulled' (like getting access to an airplane seat witha `paperless' ticket) and sometimes both (like making a purchase at a store witha credit card whose validity is confirmed online). These approaches haveInternet-based analogs, and technical advances have increased the range ofoptions considerably in recent years. For example, work on public key systemshas advanced techniques for delegation based on chains of `pushed' credentialsand increased the automation of credential collection. Another important trendis toward more advanced systems for protecting privacy using anonymizingtechniques. Tools such as onion routers and anonymous web publication serversprovide some support but other techniques directly aid fine-grained mechanismsfor obtaining privileges without exposing information unnecessarily. This work aims to develop formal support for characterizing privacy in thecontext of these advances. Efforts to improve access control systems andcredential distribution have paid little attention to privacy mechanisms so far,resulting in systems that are good at propagating credentials reliably, but nottuned to do so within well-understood privacy constraints. This collaborationwill build on our work in credential distribution and anonymity to create anintegrated architecture and protocols to provide advanced access control withinthe limitations of privacy constraints.

在互联网上收集信息的压力越来越大，这就需要更复杂的方法来确定隐私权的特征，并使其与合法的商业和执法目标相平衡。 现在，许多企业都依赖于他们收集在线客户信息的能力，以此作为他们在市场上增加价值的基础。 使用或潜在使用互联网的目的，如儿童色情和仇恨犯罪和恐怖主义的规划，提高了兴趣（和放松管制）网络监控。 盗窃知识产权导致了许多保护机制的发展;这些机制通常涉及各种登记和非自愿监督。 为了使安全性更容易（并探索一种富有成效的商业模式），许多公司寻求充当私人信息（如密钥、身份验证秘密和信用卡号码）的第三方管理者。 与这些趋势相反的是，许多公民对从他们和各种捍卫隐私权的团体那里收集信息的侵略性手段感到愤怒。在帮助信息保密和限制信息保密方面，技术已经取得了许多进步。一个重要的趋势是建立和管理数字证书和授权数据库的更先进的系统。 在目前的实践中，凭证有时是“推”（如出示电影票进入电影院），有时是“拉”（如使用“无纸”票进入飞机座位），有时两者兼而有之（如在商店购买信用卡，其有效性在网上确认）。 这些方法有基于互联网的类似物，近年来技术进步大大增加了选择的范围。 例如，关于公用钥匙系统的工作采用了先进的授权技术，以“推送”证书链为基础，并提高了证书收集的自动化程度。 另一个重要的趋势是使用匿名技术来保护隐私的更先进的系统。 洋葱路由器和匿名网络发布服务器等工具提供了一些支持，但其他技术直接帮助细粒度机制获得权限，而不会暴露不必要的信息。 这项工作的目的是发展正式的支持，在这些进步的背景下表征隐私。 到目前为止，在改进访问控制系统和证书分发方面所做的努力很少关注隐私机制，导致系统擅长可靠地传播证书，但没有在充分理解的隐私约束下这样做。 这种合作将建立在我们在凭证分发和匿名方面的工作基础上，以创建一个集成的架构和协议，在隐私约束的限制下提供高级访问控制。