More Web Proxy on the site http://driver.im/

research-article

Open access

Expressive privacy control with pseudonyms

Authors:

Thomas Anderson,

Arvind Krishnamurthy,

David WetherallAuthors Info & Claims

SIGCOMM '13: Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM

Pages 291 - 302

https://doi.org/10.1145/2486001.2486032

Published: 27 August 2013 Publication History

Abstract

As personal information increases in value, the incentives for remote services to collect as much of it as possible increase as well. In the current Internet, the default assumption is that all behavior can be correlated using a variety of identifying information, not the least of which is a user's IP address. Tools like Tor, Privoxy, and even NATs, are located at the opposite end of the spectrum and prevent any behavior from being linked. Instead, our goal is to provide users with more control over linkability---which activites of the user can be correlated at the remote services---not necessarily more anonymity.

We design a cross-layer architecture that provides users with a pseudonym abstraction. To the user, a pseudonym represents a set of activities that the user is fine with linking, and to the outside world, a pseudonym gives the illusion of a single machine. We provide this abstraction by associating each pseudonym with a unique, random address drawn from the IPv6 address space, which is large enough to provide each device with multiple globally-routable addresses. We have implemented and evaluated a prototype that is able to provide unlinkable pseudonyms within the Chrome web browser in order to demonstrate the feasibility, efficacy, and expressiveness of our approach.

References

[1]

Collusion. http://bit.ly/XZgEM6.

[2]

Cookiepie. http://bit.ly/11e3HFE.

[3]

Privoxy. http://privoxy.org.

[4]

AGGRAWAL, G., BURSZTEIN, E., JACKSON, C., AND BONEH, D. An analysis of private browsing modes in modern browsers. In Usenix Security (2010).

Digital Library

[5]

CARPENTER, B. Internet transparency. RFC 2775, 2000.

Digital Library

[6]

DINGLEDINE, R., MATHEWSON, N., AND SYERSON, P. Tor: The second-generation onion router. In USENIX Security (2004).

Digital Library

[7]

ECKERSLEY, P. How unique is your web browser? In Symposium on Privacy Enhancing Technologies (2010).

Digital Library

[8]

GOEL, S., ROBSON, M., POLTE, M., AND SIRER, E. G. Herbivore: A scalable and efficient protocol for anonymous communication. Cornell University Computing and Information Science TR2003-1890, 2003.

[9]

HSIAO, H.-C., KIM, T. H.-J., PERRIG, A., YAMADA, A., NELSON, S. C., GRUTESER, M., AND MENG, W. LAP: Lightweight anonymity and privacy. In IEEE Symposium on Security and Privacy (2012).

Digital Library

[10]

JANG, K., HAN, S., HAN, S., MOON, S., AND PARK, K. SSLShader: cheap SSL acceleration with commodity processors. In NSDI (2011).

Digital Library

[11]

KONTAXIS, G., POLYCHRONAKIS, M., KEROMYTIS, A. D., AND MARKATOS, E. P. Privacy-preserving social plugins. In USENIX Security (2012).

Digital Library

[12]

KOUNAVIS, M. E., KANG, X., GREWAL, K., ESZENYI, M., GUERON, S., AND DURHAM, D. Encrypting the internet. In SIGCOMM (2010).

Digital Library

[13]

KRISHNAMURTHY, B., NARYSHKIN, K., AND WILLS, C. E. Privacy leakage vs. protection measures: the growing disconnect. In WPES (2011).

[14]

KRISHNAMURTHY, B., AND WILLS, C. E. Generating a privacy footprint on the internet. In IMC (2006).

Digital Library

[15]

KRISHNAMURTHY, B., AND WILLS, C. E. Privacy diffusion on the web: a longitudinal perspective. In WWW (2009).

Digital Library

[16]

LIU, V., HAN, S., KRISHNAMURTHY, A., AND ANDERSON, T. Tor instead of IP. In HotNets (2011).

Digital Library

[17]

MIKIANS, J., GYARMATI, L., ERRAMILLI, V., AND LAOUTARIS, N. Detecting price and search discrimination on the Internet. In HotNets (2012).

Digital Library

[18]

NARTEN, T., DRAVES, R., AND KRISHNAN, S. Privacy extensions for stateless address autoconfiguration in IPv6. RFC 4941, 2007.

[19]

NARTEN, T., HUSTON, G., AND ROBERTS, L. IPv6 address assignment to end sites. RFC 6177, 2011.

[20]

NIKIFORAKIS, N., KAPRAVELOSY, A., JOOSEN, W., KRUEGELY, C., PIESSENS, F., AND VIGNAY, G. Cookieless monster: Exploring the ecosystem of web-based device fingerprinting. In IEEE Symposium on Security and Privacy (2013).

Digital Library

[21]

PERRY, M. Torbutton design documentation. https://www.torproject.org/torbutton/en/design/index.html.en, 2011.

[22]

RAGHAVAN, B., KOHNO, T., SNOEREN, A. C., AND WETHERALL, D. Enlisting ISPs to improve online privacy: IP address mixing by default. In Symposium on Privacy Enhancing Technologies (2009).

Digital Library

[23]

ROESNER, F., KOHNO, T., AND WETHERALL, D. Detecting and defending against third-party tracking on the web. In NSDI (2012).

Digital Library

[24]

SAVOLA, P. Mtu and fragmentation issues with in-the-network tunneling. RFC 4459, 2006.

[25]

WALLS, R. J., CLARK, S. S., AND LEVINE, B. N. Functional privacy or why cookies are better with milk. In HotSec (2012).

Digital Library

[26]

WILLS, C. E., AND TATAR, C. Understanding what they do with what they know. In WPES (2012).

Digital Library

[27]

YEN, T.-F., XIE, Y., YU, F., YU, R. P., AND ABADI, M. Host fingerprinting and tracking on the web: Privacy and security implications. In NDSS (2012).

Cited By

Garcia RRamachandran GJurdak RUeyama J(2022)Blockchain-Aided and Privacy-Preserving Data Governance in Multi-Stakeholder ApplicationsIEEE Transactions on Network and Service Management10.1109/TNSM.2022.322525419:4(3781-3793)Online publication date: Dec-2022
https://doi.org/10.1109/TNSM.2022.3225254
Dorri ALuo FKanhere SJurdak RDong Z(2019)SPB: A Secure Private Blockchain-Based Solution for Distributed Energy TradingIEEE Communications Magazine10.1109/MCOM.2019.180057757:7(120-126)Online publication date: Jul-2019
https://doi.org/10.1109/MCOM.2019.1800577
Ma YWu YGe JLi J(2018)An Architecture for Accountable Anonymous Access in the Internet-of-Things NetworkIEEE Access10.1109/ACCESS.2018.28064836(14451-14461)Online publication date: 2018
https://doi.org/10.1109/ACCESS.2018.2806483
Show More Cited By

Index Terms

Expressive privacy control with pseudonyms
1. Networks
  1. Network components
  2. Network types
    1. Public Internet
2. Security and privacy
  1. Network security

Recommendations

Expressive privacy control with pseudonyms

As personal information increases in value, the incentives for remote services to collect as much of it as possible increase as well. In the current Internet, the default assumption is that all behavior can be correlated using a variety of identifying ...
A Novel Anonymous RFID Authentication Protocol Providing Strong Privacy and Security
MINES '10: Proceedings of the 2010 International Conference on Multimedia Information Networking and Security

As the radio frequency identification (RFID) technology continues to evolve and mature, RFID tags can be implemented in a wide range of applications. Due to the shared wireless medium between the RFID reader and the RFID tag, however, adversaries can ...
An authorised pseudonym system for privacy preserving location proof architectures
AISC '14: Proceedings of the Twelfth Australasian Information Security Conference - Volume 149

An emerging class of Location Based Services (LBSs) needs verified mobile device locations for service provision. For example, an automated car park billing system requires verified locations of cars to confirm the place and the duration of parked cars. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGCOMM '13: Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM

August 2013

580 pages

ISBN:9781450320566

DOI:10.1145/2486001

General Chairs:
Dah Ming Chiu
Chinese University of Hong Kong, China
,
Jia Wang
AT&T Labs - Research, USA
,
Program Chairs:
Paul Barford
University of Wisconsin, USA
,
Srinivasan Seshan
Carnegie Mellon University, USA

ACM SIGCOMM Computer Communication Review Volume 43, Issue 4
October 2013
595 pages
ISSN:0146-4833
DOI:10.1145/2534169
Issue’s Table of Contents

Copyright © 2013 Owner/Author.

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 August 2013

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SIGCOMM'13

Sponsor:

SIGCOMM

SIGCOMM'13: ACM SIGCOMM 2013 Conference

August 12 - 16, 2013

Hong Kong, China

Acceptance Rates

SIGCOMM '13 Paper Acceptance Rate 38 of 246 submissions, 15%;

Overall Acceptance Rate 462 of 3,389 submissions, 14%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

18
Total Citations
View Citations
1,008
Total Downloads

Downloads (Last 12 months)116
Downloads (Last 6 weeks)19

Reflects downloads up to 10 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Garcia RRamachandran GJurdak RUeyama J(2022)Blockchain-Aided and Privacy-Preserving Data Governance in Multi-Stakeholder ApplicationsIEEE Transactions on Network and Service Management10.1109/TNSM.2022.322525419:4(3781-3793)Online publication date: Dec-2022
https://doi.org/10.1109/TNSM.2022.3225254
Dorri ALuo FKanhere SJurdak RDong Z(2019)SPB: A Secure Private Blockchain-Based Solution for Distributed Energy TradingIEEE Communications Magazine10.1109/MCOM.2019.180057757:7(120-126)Online publication date: Jul-2019
https://doi.org/10.1109/MCOM.2019.1800577
Ma YWu YGe JLi J(2018)An Architecture for Accountable Anonymous Access in the Internet-of-Things NetworkIEEE Access10.1109/ACCESS.2018.28064836(14451-14461)Online publication date: 2018
https://doi.org/10.1109/ACCESS.2018.2806483
Son JPark JOh HBhuiyan MHur JKang K(2017)Privacy-Preserving Electrocardiogram Monitoring for Intelligent Arrhythmia DetectionSensors10.3390/s1706136017:6(1360)Online publication date: 12-Jun-2017
https://doi.org/10.3390/s17061360
Lee TPappas CBarrera DSzalachowski PPerrig AMarkopoulou AFaloutsos MSekar VKostic D(2016)Source Accountability with Domain-brokered PrivacyProceedings of the 12th International on Conference on emerging Networking EXperiments and Technologies10.1145/2999572.2999581(345-358)Online publication date: 6-Dec-2016
https://dl.acm.org/doi/10.1145/2999572.2999581
Ji SLi WSrivatsa MBeyah R(2016)Structural Data De-AnonymizationIEEE/ACM Transactions on Networking10.1109/TNET.2016.253647924:6(3523-3536)Online publication date: 1-Dec-2016
https://dl.acm.org/doi/10.1109/TNET.2016.2536479
Taeho Lee Pappas CSzalachowski PPerrig A(2016)Communication based on per-packet One-Time Addresses2016 IEEE 24th International Conference on Network Protocols (ICNP)10.1109/ICNP.2016.7784450(1-10)Online publication date: Nov-2016
https://doi.org/10.1109/ICNP.2016.7784450
Papaodyssefs FIordanou CBlackburn JLaoutaris NPapagiannaki Kde Oliveira JSmith JArgyraki KLevis P(2015)Web Identity TranslatorProceedings of the 14th ACM Workshop on Hot Topics in Networks10.1145/2834050.2834105(1-7)Online publication date: 16-Nov-2015
https://dl.acm.org/doi/10.1145/2834050.2834105
Qiu FWu FChen G(2015)Privacy and Quality Preserving Multimedia Data Aggregation for Participatory Sensing SystemsIEEE Transactions on Mobile Computing10.1109/TMC.2014.235225314:6(1287-1300)Online publication date: 1-Jun-2015
https://doi.org/10.1109/TMC.2014.2352253
Rodriguez-Natal AJakab LErmagan VNatarajan PMaino FCabellos-Aparicio A(2015)Location and identity privacy for LISP-MN2015 IEEE International Conference on Communications (ICC)10.1109/ICC.2015.7249159(5260-5265)Online publication date: Jun-2015
https://doi.org/10.1109/ICC.2015.7249159
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents