A privacy-aware access control model for distributed network monitoring

In this paper, we introduce a new access control model that aims at addressing the privacy implications surrounding network monitoring. In fact, despite its importance, network monitoring is natively leakage-prone and, moreover, this is exacerbated due to the complexity of the highly dynamic monitoring procedures and infrastructures, that may include multiple traffic observation points, distributed mitigation mechanisms and even inter-operator cooperation. Conceived on the basis of data protection legislation, the proposed approach is grounded on a rich in expressiveness information model, that captures all the underlying monitoring concepts along with their associations. The model enables the specification of contextual authorisation policies and expressive separation and binding of duty constraints. Finally, two key innovations of our work consist in the ability to define access control rules at any level of abstraction and in enabling a verification procedure, which results in inherently privacy-aware workflows, thus fostering the realisation of the Privacy by Design vision.

[1]  Nora Cuppens-Boulahia,et al.  Formal enforcement and management of obligation policies , 2012, Data Knowl. Eng..

[2]  Nora Cuppens-Boulahia,et al.  Contextual Privacy Management in Extended Role Based Access Control Model , 2009, DPM/SETOP.

[3]  John Mylopoulos,et al.  Hierarchical hippocratic databases with minimal disclosure for virtual organizations , 2006, The VLDB Journal.

[4]  Michael Huth,et al.  Program synthesis in administration of higher-order permissions , 2011, SACMAT '11.

[5]  Dimitra I. Kaklamani,et al.  A middleware architecture for privacy protection , 2007, Comput. Networks.

[6]  Xun Gong,et al.  Fingerprinting websites using remote traffic analysis , 2010, CCS '10.

[7]  Robin M. Ruefle,et al.  Handbook for Computer Security Incident Response Teams (CSIRTs) , 2003 .

[8]  Naranker Dulay,et al.  A Workflow-Based Access Control Framework for e-Health Applications , 2008, 22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008).

[9]  Nora Cuppens-Boulahia,et al.  Modeling contextual security policies , 2008, International Journal of Information Security.

[10]  Antonio F. Gómez-Skarmeta,et al.  POSITIF: A Policy-Based Security Management System , 2007, Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07).

[11]  Zhong Chen,et al.  Efficient and multi-level privacy-preserving communication protocol for VANET , 2012, Comput. Electr. Eng..

[12]  Dear Mr Sotiropoulos ARTICLE 29 Data Protection Working Party , 2013 .

[13]  A. Halim Zaim,et al.  A hybrid intrusion detection system design for computer network security , 2009, Comput. Electr. Eng..

[14]  Ramakrishnan Srikant,et al.  Hippocratic Databases , 2002, VLDB.

[15]  Ninghui Li,et al.  Purpose based access control for privacy protection in relational database systems , 2008, The VLDB Journal.

[16]  Luca Salgarelli,et al.  A statistical approach to IP-level classification of network traffic , 2006, 2006 IEEE International Conference on Communications.

[17]  Andrew Hintz,et al.  Fingerprinting Websites Using Traffic Analysis , 2002, Privacy Enhancing Technologies.

[18]  William Yurcik,et al.  CANINE : A Combined Conversion and Anonymization Tool for Processing NetFlows for Security , 2005 .

[19]  David D. Jensen,et al.  Privacy Vulnerabilities in Encrypted HTTP Streams , 2005, Privacy Enhancing Technologies.

[20]  Steven M. Bellovin,et al.  A technique for counting natted hosts , 2002, IMW '02.

[21]  Evangelos P. Markatos,et al.  A Generic Anonymization Framework for Network Traffic , 2006, 2006 IEEE International Conference on Communications.

[22]  Amirreza Masoumzadeh,et al.  PuRBAC: Purpose-Aware Role-Based Access Control , 2008, OTM Conferences.

[23]  Mostafa H. Ammar,et al.  Prefix-preserving IP address anonymization: measurement-based security evaluation and a new cryptography-based scheme , 2004, Comput. Networks.

[24]  Ruth Breu,et al.  Constraint based role based access control in the SECTET-frameworkA model-driven approach , 2008, J. Comput. Secur..

[25]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[26]  Peter Schaar,et al.  Privacy by Design , 2010 .

[27]  Jafar Habibi,et al.  Semantic web service composition testbed , 2010, Comput. Electr. Eng..

[28]  Hervé Debar,et al.  The Intrusion Detection Message Exchange Format (IDMEF) , 2007, RFC.

[29]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[30]  Lizhe Wang,et al.  Virtual workflow system for distributed collaborative scientific applications on Grids , 2011, Comput. Electr. Eng..

[31]  Ninghui Li,et al.  Administration in role-based access control , 2007, ASIACCS '07.

[32]  Nora Cuppens-Boulahia,et al.  Deploying Security Policy in Intra and Inter Workflow Management Systems , 2009, 2009 International Conference on Availability, Reliability and Security.

[33]  Mostafa Ammar,et al.  Prefix-preserving IP address anonymization , 2004 .

[34]  Jan H. P. Eloff,et al.  Separation of duties for access control enforcement in workflow environments , 2001, IBM Syst. J..

[35]  Lucas Bergkamp EU Data Protection Policy: The Privacy Fallacy: Adverse Effects of Europe's Data Protection Policy in an Information-Driven Economy , 2002, Comput. Law Secur. Rev..

[36]  Michael D Birnhack,et al.  The EU Data Protection Directive: An engine of a global regime , 2008, Comput. Law Secur. Rev..

[37]  Dimitra I. Kaklamani,et al.  Legislation-Aware Privacy Protection in Passive Network Monitoring , 2010 .

[38]  Felix C. Freiling,et al.  Measuring and Detecting Fast-Flux Service Networks , 2008, NDSS.

[39]  Lorrie Faith Cranor,et al.  'I didn't buy it for myself' privacy and ecommerce personalization , 2003, WPES '03.

[40]  Dimitra I. Kaklamani,et al.  A Contextual Privacy-Aware Access Control Model for Network Monitoring Workflows: Work in Progress , 2011, FPS.

[41]  Dimitra I. Kaklamani,et al.  An access control approach for privacy-preserving passive network monitoring , 2009, 2009 International Conference for Internet Technology and Secured Transactions, (ICITST).

[42]  Jason Lee,et al.  The devil and packet trace anonymization , 2006, CCRV.

[43]  Antonio F. Gómez-Skarmeta,et al.  Using identities to achieve enhanced privacy in future content delivery networks , 2012, Comput. Electr. Eng..

[44]  Dimitra I. Kaklamani,et al.  A Workflow Checking Approach for Inherent Privacy Awareness in Network Monitoring , 2011, DPM/SETOP.

[45]  Tommy Tranvik,et al.  IP Addresses - Just a Number? , 2011, Int. J. Law Inf. Technol..

[46]  Jun Yang,et al.  Supporting flexible streaming media protection through privacy-aware secure processors , 2009, Comput. Electr. Eng..

[47]  Dimitra I. Kaklamani,et al.  Privacy-Aware Access Control and Authorization in Passive Network Monitoring Infrastructures , 2010, 2010 10th IEEE International Conference on Computer and Information Technology.

[48]  Antonio F. Gómez-Skarmeta,et al.  Multi-layer framework for analysing and managing routing configurations , 2009, Comput. Electr. Eng..

[49]  Pierangela Samarati,et al.  Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project , 2010, J. Comput. Secur..

[50]  Antonio F. Gómez-Skarmeta,et al.  Mobility in Collaborative Alert Systems: Building Trust through Reputation , 2011, Networking Workshops.

[51]  David J. DeWitt,et al.  Limiting Disclosure in Hippocratic Databases , 2004, VLDB.

[52]  Christoph Meinel,et al.  SecureSOA Modelling Security Requirements for Service-Oriented Architectures , 2010, 2010 IEEE International Conference on Services Computing.

[53]  Octavian Fratu,et al.  Imperfect cross-correlation and amplitude balance effects on conventional multiuser decoder with turbo encoding , 2010, Digit. Signal Process..

[54]  Marc Langheinrich,et al.  Privacy By Design , 2013, IEEE Pervasive Comput..

[55]  Yves Poullet,et al.  EU data protection policy. The Directive 95/46/EC: Ten years after , 2006, Comput. Law Secur. Rev..

[56]  Benoit Claise,et al.  Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information , 2008, RFC.

[57]  van der Wmp Wil Aalst,et al.  Workflow control-flow patterns : a revised view , 2006 .

[58]  Lili Qiu,et al.  Statistical identification of encrypted Web browsing traffic , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[59]  Daniel B. Garrie,et al.  Privacy in electronic communications: the regulation of VoIP in the EU and the US , 2009 .

[60]  Dimitra I. Kaklamani,et al.  Leveraging Access Control for Privacy Protection: A Survey , 2012 .

[61]  Evangelos P. Markatos,et al.  Flexible and high-performance anonymization of NetFlow records using anontool , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[62]  Dirk Grunwald,et al.  Legal issues surrounding monitoring during network research , 2007, IMC '07.

[63]  Bernhard Plattner,et al.  The role of network trace anonymization under attack , 2010, CCRV.

[64]  Nora Cuppens-Boulahia,et al.  Dynamic deployment of context-aware access control policies for constrained security devices , 2011, J. Syst. Softw..

[65]  Mary Ellen Zurko,et al.  Separation of duty in role-based environments , 1997, Proceedings 10th Computer Security Foundations Workshop.

[66]  Simona Halunga,et al.  Performance evaluation for conventional and MMSE multiuser detection algorithms in imperfect reception conditions , 2010, Digit. Signal Process..

[67]  Dimitra I. Kaklamani,et al.  Routing in Content-Centric Networks: From Names to Concepts , 2012, 2012 5th International Conference on New Technologies, Mobility and Security (NTMS).

[68]  Jorge Lobo,et al.  Privacy-Aware Role-Based Access Control , 2007, IEEE Security & Privacy.