Privacy and forensics investigation process: The ERPINA protocol

The rights of an Internet user acting anonymously conflicts with the rights of a Server victim identifying the malicious user. The ERPINA protocol, introduced in this paper, allows an honest user communicating anonymously with a Server through a PET, while the identity of a dishonest user is revealed. Prior research failed to distinguish objectively between an honest user and an attacker; and a reliable and objective distinguishing technique is lacking. The ERPINA protocol addresses the reliability issue efficiently by defining from the beginning of the communication what is considered as malicious and what is not.

[1]  S. Gritzalis,et al.  RPINA- Network Forensics Protocol Embedding Privacy Enhancing Technologies , 2006, 2006 International Symposium on Communications and Information Technologies.

[2]  A. Pfitzmann,et al.  Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management – A Consolidated Proposal for Terminology , 2002 .

[3]  Joos Vandewalle,et al.  Revocable anonymous access to the Internet? , 2003, Internet Res..

[4]  Dario V. Forte Advances in Onion Routing: Description and backtracing/investigation problems , 2006, Digit. Investig..

[5]  Richard E. Overill,et al.  Proceedings of the 4th Australian Information Security Management Conference , 2006 .

[6]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[7]  Helen L. Armstrong,et al.  Internet anonymity practices in computer crime , 2003, Inf. Manag. Comput. Secur..

[8]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .

[9]  Shiuh-Jeng Wang,et al.  Measures of retaining digital evidence to prosecute computer-based cyber-crimes , 2007, Comput. Stand. Interfaces.

[10]  Dimitris Geneiatakis,et al.  PPINA - A Forensic Investigation Protocol for Privacy Enhancing Technologies , 2006, Communications and Multimedia Security.

[11]  Stefanos Gritzalis,et al.  Uncontrollable Privacy - The right that every attacker desires , 2006 .

[12]  Lorrie Faith Cranor,et al.  The platform for privacy preferences , 1999, CACM.