Flocks : distributed proxies for browsing privacy

This paper introduces a Privacy-Enhancing Technology (PET) based on a hybrid of Crowds and anonymising proxies. The PET--referred to as Flocks --operates by establishing a number of Web proxies and letting these proxies randomly forward requests to other proxies (or the final destination). This distributes users' requests over a number of such proxies, thereby helping to protect their (browsing) privacy. The problem that the paper considers is the effect of two primary design parameters on the privacy of the overall system. These parameters are the probability with which a proxy sends a request to the destination server rather than another proxy (α) and the number of proxies in the system (N). Two privacy objectives are identified, namely the number of hops used to satisfy a request and the portion of proxies that 'know' about a request. A third requirement deals with the external communication costs of the system. A formal analysis is performed to determine these three factors from the two identified parameters. Finally numerical examples are used to explore the impact of these two parameter choices in concrete terms. The proposed PET differs from existing PETs in two significant manners: It is primarily intended to be used inside an organisation to protect the privacy of users inside the organisation (in particular, employees) and it takes explicit cognisance of forensic factors.

[1]  Martin S. Olivier Forensics and Privacy-Enhancing Technologies - Logging and Collecting Evidence in Flocks , 2005, IFIP Int. Conf. Digital Forensics.

[2]  A Lewis,et al.  The Role of Technology , 2005, Literacy and Augmentative and Alternative Communication.

[3]  Yossi Matias,et al.  Consistent, yet anonymous, Web access with LPWA , 1999, CACM.

[4]  Tomaz Klobucar,et al.  Privacy-Enhancing Technologies - approaches and development , 2003, Comput. Stand. Interfaces.

[5]  Paul F. Syverson,et al.  Hiding Routing Information , 1996, Information Hiding.

[6]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1998, IEEE J. Sel. Areas Commun..

[7]  Ramakrishnan Srikant,et al.  Hippocratic Databases , 2002, VLDB.

[8]  Martin S. Olivier Flocks : distributed proxies for browsing privacy : reviewed article , 2005 .

[9]  Michael Waidner,et al.  Platform for Enterprise Privacy Practices: Privacy-Enabled Management of Customer Data , 2002, Privacy Enhancing Technologies.

[10]  David A. Wagner,et al.  Privacy-enhancing technologies for the Internet , 1997, Proceedings IEEE COMPCON 97. Digest of Papers.

[11]  Andreas Pfitzmann,et al.  Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[12]  Paul F. Syverson,et al.  Onion routing , 1999, CACM.

[13]  M. A. Caloyannides Encryption wars: shifting tactics , 2000 .

[14]  Paul Ashley,et al.  E-P3P privacy policies and privacy authorization , 2002, WPES '02.

[15]  Michael K. Reiter,et al.  Anonymous Web transactions with Crowds , 1999, CACM.

[16]  Martin S. Olivier A layered architecture for privacy - enhancing technologies , 2003, South Afr. Comput. J..

[17]  George Lawton Is Technology Meeting the Privacy Challenge? , 2001, Computer.

[18]  Lorrie Faith Cranor,et al.  Internet privacy , 1999, CACM.