SlideShare uma empresa Scribd logo

Privacy identity and trust challenges for the future internet citizen fabio massacci (unitn)

Aniketos EU FP7 Project
Aniketos EU FP7 Project
TecnologiaNotícias e política
1 de 20
Baixar para ler offline
Università degli Studi di Trento Privacy, Identity and Trust Challenges for the Future Internet Citizen Fabio Massacci University of Trento 9/27/2010 Fabio Massacci - ICT 2010 1
Whose Future Internet? • When we think of the Future Internet we always think it is for “us” – Sophie, Fabio, Reihnard, Ksheerabdhi, Mireille etc. • It is not for “us”. That’s wrong picture • Three generations tell three stories – Nonno Paolo – Born 1939 – Papà Fabio – Born 1967 – Paolo – Born 2000 9/27/2010 Fabio Massacci - ICT 2010 2
Privacy 9/27/2010 Fabio Massacci - ICT 2010 3
Nonno Paolo – Jun. 1996 • First Picture on the internet – Age 58 • Business Related 9/27/2010 Fabio Massacci - ICT 2010 4
Papà Fabio – Feb. 1999 • First Picture on the Internet – Age 31 • Again only professional pictures 9/27/2010 Fabio Massacci - ICT 2010 5
Paolo – Feb. 2007 • First picture on the internet – Age 7 9/27/2010 Fabio Massacci - ICT 2010 6
If you don’t put, you don’t get pictures, do you? • Come on, a father should not post stuff on the internet and then complain that his boss, insurance company, wife, eu project partner, saw it… • Er… not really 9/27/2010 Fabio Massacci - ICT 2010 7
Where is the problem of Privacy? • Nobody in the family posted that picture! – Somebody from Sportivi Ghiaccio Trento put it – I didn’t even know the picture was on the net before Feb. 2010 • Paolo’s life will be entirely on the Future Internet – Can he separate his lives (note the plural) in different zones? • In physical life we are pretty good at zoning – Separate relations (eg friends, work, neighbors) by “distance”. – (legal or curious) searches difficult by people outside the zone – Law enforcement can break zones but have hurdles – Individual and government can build zones • Technical solution alone ain’t enough – He can’t put a sticky policy as the photo will be about him, not his – Regulatory action also needed 9/27/2010 Fabio Massacci - ICT 2010 8
Identity 9/27/2010 Fabio Massacci - ICT 2010 9
How to tell Identity? • Nonno Paolo – 1° use C.C. on Internet:Age 59 • Papà Fabio – 1° use C.C. on Internet: Age 29 • Paolo – 1° attempt: Age 9 – Papi, can you give me your credit card? – Er… What do you need it for? – There is this Star Wars LEGO robot that you can buy on the LEGO web site you find with Google – Er… Let me see a second… Paolo, this is not LEGO web site!!! It is just a … site … selling stuff… – [Follow long -- and for a child boring -- explanation on how to find the identity of providers] 9/27/2010 Fabio Massacci - ICT 2010 10
Commercial Identity? • Identity tech so far conceived for “client/servers” – What about “identity” of “partners” ? – You want to know who is the other! • In the physical realm – Identity of partners is regulated (you cannot just open a supermarket, a dentist’s practice or a bank) – Commercial identity is distinct but always linked to identity of human individuals (legal responsible) – strictly linked to specific attributes and taxable • How to link the identity of end point to the accountable identity for humans behind it? – Of course scams always possible (eg Maddoff) but you’ won’t get away so easily with it 9/27/2010 Fabio Massacci - ICT 2010 11
Trust 9/27/2010 Fabio Massacci - ICT 2010 12
Download and Run Internet Connected Software • Nonno Paolo: always stuff from a box • Papà Fabio: Age 28 – SSH Client/Server • Paolo: Age 10 – REVOLT • What’s that? – Running cars. Can connect over IP to a peer – Got from a friend on a usb stick – I found months later when he wanted to play multiplayer and Windows Firewall complained 9/27/2010 Fabio Massacci - ICT 2010 13
How do you trust REVOLT? • Russian Roulette • PhD in Security – For 24 other fathers – 3hours for father of (actually the children) only child without admin password 9/27/2010 Fabio Massacci - ICT 2010 14
After REVOLT, GERICO… • Come on, that’s obvious, after all that’s children downloading shady software • Er… not really – Gerico is not for the faint hearted… – Really for grown-up, corporate users… 9/27/2010 Fabio Massacci - ICT 2010 15
So, what’s GERICO? • What’s the problem of running software connecting automatically to your Tax Agency? – You just don’t know what exactly it does… 9/27/2010 Fabio Massacci - ICT 2010 16
Corporate Environment is alike… • Put everything on a very secure cloud is new trend – Good step but not enough • The problem is that “everything” – in-house developed LDAP system hiding roles from the ERP sys as you pay O#### by the role – open source PDF report generator so you won’t have to pay licensing fees to A#### – The wrapper of old legacy application controlled remotely by a university spin-off of ex-CTO turned prof. – The new S## GRC application monitoring the whole virtual network controlled by your auditors to lower your audit bill • No machine readable/checkable claim what they do 9/27/2010 Fabio Massacci - ICT 2010 17
The Wild West Ecosystem • Citizens’ Laptops and Corporate Clouds are quickly evolving (worsening?) alike – Lots of frequently changing interconnected software – With [some] natural language description – With [some] digital identity • But we don’t know what this software is doing – Compare with entering an EU Consortium Agreement… – For uploading a software you just check a signature… • Where’s the contractual, machine readable, version of security claims, rights and obligations? – Security-by-Contract? – Software should declare its claims and we should check them.. 9/27/2010 Fabio Massacci - ICT 2010 18
Challenges Ahead 9/27/2010 Fabio Massacci - ICT 2010 19
Sum-Up of Challenges • Frame of mind: – Privacy, Identity and Trust solutions must be solutions for people whose lives/data/actions have been on the Future Internet since they can read or write (age 6) • Questions – Do (regulatory & technical) solutions allow individuals to zone identities? – How to link the identity of a partner service to the accountable identity of humans behind it? – Can we provide/check a “contractual” description of the security behavior of our parners’ code? 9/27/2010 Fabio Massacci - ICT 2010 20

Recomendados

My dotJS Talk
My dotJS TalkMy dotJS Talk
My dotJS TalkBrendan Eich
 
Internet nature
Internet natureInternet nature
Internet natureaabb321
 
So you think you ….understand everyday life? Web2.0 & API theory – (still) ve...
So you think you ….understand everyday life? Web2.0 & API theory – (still) ve...So you think you ….understand everyday life? Web2.0 & API theory – (still) ve...
So you think you ….understand everyday life? Web2.0 & API theory – (still) ve...Olaf Janssen
 
Cisco certificate (14)
Cisco certificate (14)Cisco certificate (14)
Cisco certificate (14)Kemo Touray
 
PLM Innovation Congress 2011: PLM and Engineering Software Trends
PLM Innovation Congress 2011: PLM and Engineering Software Trends PLM Innovation Congress 2011: PLM and Engineering Software Trends
PLM Innovation Congress 2011: PLM and Engineering Software Trends Oleg Shilovitsky
 
LarryLangSpotlight
LarryLangSpotlightLarryLangSpotlight
LarryLangSpotlightSteven Taylor
 
InternetOfThings[1]
InternetOfThings[1]InternetOfThings[1]
InternetOfThings[1]Mvuyisi Benxa
 
Digital Citizenship Basic Education
Digital Citizenship Basic EducationDigital Citizenship Basic Education
Digital Citizenship Basic EducationMarco Fioretti
 

Recomendados

My dotJS Talk
My dotJS TalkMy dotJS Talk
My dotJS TalkBrendan Eich
 
Internet nature
Internet natureInternet nature
Internet natureaabb321
 
So you think you ….understand everyday life? Web2.0 & API theory – (still) ve...
So you think you ….understand everyday life? Web2.0 & API theory – (still) ve...So you think you ….understand everyday life? Web2.0 & API theory – (still) ve...
So you think you ….understand everyday life? Web2.0 & API theory – (still) ve...Olaf Janssen
 
Cisco certificate (14)
Cisco certificate (14)Cisco certificate (14)
Cisco certificate (14)Kemo Touray
 
PLM Innovation Congress 2011: PLM and Engineering Software Trends
PLM Innovation Congress 2011: PLM and Engineering Software Trends PLM Innovation Congress 2011: PLM and Engineering Software Trends
PLM Innovation Congress 2011: PLM and Engineering Software Trends Oleg Shilovitsky
 
LarryLangSpotlight
LarryLangSpotlightLarryLangSpotlight
LarryLangSpotlightSteven Taylor
 
InternetOfThings[1]
InternetOfThings[1]InternetOfThings[1]
InternetOfThings[1]Mvuyisi Benxa
 
Digital Citizenship Basic Education
Digital Citizenship Basic EducationDigital Citizenship Basic Education
Digital Citizenship Basic EducationMarco Fioretti
 
Open Data in and from schools
Open Data in and from schoolsOpen Data in and from schools
Open Data in and from schoolsMarco Fioretti
 
L19 Network Platforms
L19 Network PlatformsL19 Network Platforms
L19 Network PlatformsÓlafur Andri Ragnarsson
 
Certificate of Completion IoE
Certificate of Completion IoECertificate of Completion IoE
Certificate of Completion IoEDaniel Brooks
 
Bmi workshop - Ronnie Hash
Bmi workshop - Ronnie HashBmi workshop - Ronnie Hash
Bmi workshop - Ronnie Hashblacksintechnology
 
The Wi-Fi Boom - The New York Times - by Adam Baer
The Wi-Fi Boom - The New York Times - by Adam BaerThe Wi-Fi Boom - The New York Times - by Adam Baer
The Wi-Fi Boom - The New York Times - by Adam BaerAdam Baer
 
Linked Data: Building Standards and Communities
Linked Data: Building Standards and CommunitiesLinked Data: Building Standards and Communities
Linked Data: Building Standards and CommunitiesRobert Sanderson
 
David Recordon's Presentation at eComm 2008
David Recordon's Presentation at eComm 2008David Recordon's Presentation at eComm 2008
David Recordon's Presentation at eComm 2008eComm2008
 
"If I Don't Like Your Online Profile, I Will Not Hire You!"
"If I Don't Like Your Online Profile, I Will Not Hire You!""If I Don't Like Your Online Profile, I Will Not Hire You!"
"If I Don't Like Your Online Profile, I Will Not Hire You!"Kaido Kikkas
 
„The four most-used passwords are love, sex, secret, and God“: password secur...
„The four most-used passwords are love, sex, secret, and God“: password secur...„The four most-used passwords are love, sex, secret, and God“: password secur...
„The four most-used passwords are love, sex, secret, and God“: password secur...Kaido Kikkas
 
100 paper cuts
100 paper cuts100 paper cuts
100 paper cutsAlexander Limi
 
Monetizing social games globally
Monetizing social games globallyMonetizing social games globally
Monetizing social games globallyBenjamin Joffe
 
6-10-2010-PEMCI 2010
6-10-2010-PEMCI 20106-10-2010-PEMCI 2010
6-10-2010-PEMCI 2010Mathieu Plourde
 
Hunter Public Relations ( Jason Winocour )
Hunter Public Relations ( Jason Winocour )Hunter Public Relations ( Jason Winocour )
Hunter Public Relations ( Jason Winocour )용직 이
 
Ownership of web content
Ownership of web contentOwnership of web content
Ownership of web contentImran Ali
 
S cambie scarlett_abbott_final
S cambie scarlett_abbott_finalS cambie scarlett_abbott_final
S cambie scarlett_abbott_finalSilvia Cambie
 
UX for Multi Device applications
UX for Multi Device applicationsUX for Multi Device applications
UX for Multi Device applicationsJoe Johnston
 
Presentation Cendoo tech eng
Presentation Cendoo tech engPresentation Cendoo tech eng
Presentation Cendoo tech engCENDOO AG
 
Users becoming-designers-begona pino
Users becoming-designers-begona pinoUsers becoming-designers-begona pino
Users becoming-designers-begona pinoBegoña Pino
 
GI2010 symposium-longhorn (longhorn keynote-presentation_14_may)
GI2010 symposium-longhorn (longhorn keynote-presentation_14_may)GI2010 symposium-longhorn (longhorn keynote-presentation_14_may)
GI2010 symposium-longhorn (longhorn keynote-presentation_14_may)IGN Vorstand
 
Social media services in Tieto
Social media services in TietoSocial media services in Tieto
Social media services in TietoTieto Corporation
 
Web 4.0 and beyond
Web 4.0 and beyondWeb 4.0 and beyond
Web 4.0 and beyondJohan Koren
 
IoT: A glance into the future
IoT: A glance into the futureIoT: A glance into the future
IoT: A glance into the futureJWORKS powered by Ordina
 

Mais conteúdo relacionado

Mais procurados

Open Data in and from schools
Open Data in and from schoolsOpen Data in and from schools
Open Data in and from schoolsMarco Fioretti
 
Certificate of Completion IoE
Certificate of Completion IoECertificate of Completion IoE
Certificate of Completion IoEDaniel Brooks
 
The Wi-Fi Boom - The New York Times - by Adam Baer
The Wi-Fi Boom - The New York Times - by Adam BaerThe Wi-Fi Boom - The New York Times - by Adam Baer
The Wi-Fi Boom - The New York Times - by Adam BaerAdam Baer
 
Linked Data: Building Standards and Communities
Linked Data: Building Standards and CommunitiesLinked Data: Building Standards and Communities
Linked Data: Building Standards and CommunitiesRobert Sanderson
 
David Recordon's Presentation at eComm 2008
David Recordon's Presentation at eComm 2008David Recordon's Presentation at eComm 2008
David Recordon's Presentation at eComm 2008eComm2008
 
"If I Don't Like Your Online Profile, I Will Not Hire You!"
"If I Don't Like Your Online Profile, I Will Not Hire You!""If I Don't Like Your Online Profile, I Will Not Hire You!"
"If I Don't Like Your Online Profile, I Will Not Hire You!"Kaido Kikkas
 
„The four most-used passwords are love, sex, secret, and God“: password secur...
„The four most-used passwords are love, sex, secret, and God“: password secur...„The four most-used passwords are love, sex, secret, and God“: password secur...
„The four most-used passwords are love, sex, secret, and God“: password secur...Kaido Kikkas
 

Mais procurados (9)

Open Data in and from schools
Open Data in and from schoolsOpen Data in and from schools
Open Data in and from schools
 
L19 Network Platforms
L19 Network PlatformsL19 Network Platforms
L19 Network Platforms
 
Certificate of Completion IoE
Certificate of Completion IoECertificate of Completion IoE
Certificate of Completion IoE
 
Bmi workshop - Ronnie Hash
Bmi workshop - Ronnie HashBmi workshop - Ronnie Hash
Bmi workshop - Ronnie Hash
 
The Wi-Fi Boom - The New York Times - by Adam Baer
The Wi-Fi Boom - The New York Times - by Adam BaerThe Wi-Fi Boom - The New York Times - by Adam Baer
The Wi-Fi Boom - The New York Times - by Adam Baer
 
Linked Data: Building Standards and Communities
Linked Data: Building Standards and CommunitiesLinked Data: Building Standards and Communities
Linked Data: Building Standards and Communities
 
David Recordon's Presentation at eComm 2008
David Recordon's Presentation at eComm 2008David Recordon's Presentation at eComm 2008
David Recordon's Presentation at eComm 2008
 
"If I Don't Like Your Online Profile, I Will Not Hire You!"
"If I Don't Like Your Online Profile, I Will Not Hire You!""If I Don't Like Your Online Profile, I Will Not Hire You!"
"If I Don't Like Your Online Profile, I Will Not Hire You!"
 
„The four most-used passwords are love, sex, secret, and God“: password secur...
„The four most-used passwords are love, sex, secret, and God“: password secur...„The four most-used passwords are love, sex, secret, and God“: password secur...
„The four most-used passwords are love, sex, secret, and God“: password secur...
 

Semelhante a Privacy identity and trust challenges for the future internet citizen fabio massacci (unitn)

Monetizing social games globally
Monetizing social games globallyMonetizing social games globally
Monetizing social games globallyBenjamin Joffe
 
Hunter Public Relations ( Jason Winocour )
Hunter Public Relations ( Jason Winocour )Hunter Public Relations ( Jason Winocour )
Hunter Public Relations ( Jason Winocour )용직 이
 
Ownership of web content
Ownership of web contentOwnership of web content
Ownership of web contentImran Ali
 
S cambie scarlett_abbott_final
S cambie scarlett_abbott_finalS cambie scarlett_abbott_final
S cambie scarlett_abbott_finalSilvia Cambie
 
UX for Multi Device applications
UX for Multi Device applicationsUX for Multi Device applications
UX for Multi Device applicationsJoe Johnston
 
Presentation Cendoo tech eng
Presentation Cendoo tech engPresentation Cendoo tech eng
Presentation Cendoo tech engCENDOO AG
 
Users becoming-designers-begona pino
Users becoming-designers-begona pinoUsers becoming-designers-begona pino
Users becoming-designers-begona pinoBegoña Pino
 
GI2010 symposium-longhorn (longhorn keynote-presentation_14_may)
GI2010 symposium-longhorn (longhorn keynote-presentation_14_may)GI2010 symposium-longhorn (longhorn keynote-presentation_14_may)
GI2010 symposium-longhorn (longhorn keynote-presentation_14_may)IGN Vorstand
 
Social media services in Tieto
Social media services in TietoSocial media services in Tieto
Social media services in TietoTieto Corporation
 
Web 4.0 and beyond
Web 4.0 and beyondWeb 4.0 and beyond
Web 4.0 and beyondJohan Koren
 
Dfinity Vietnam presentation -Final-1701.pptx
Dfinity Vietnam presentation -Final-1701.pptxDfinity Vietnam presentation -Final-1701.pptx
Dfinity Vietnam presentation -Final-1701.pptxTamHoan1
 
Future Internet Arch - Open Workshop
Future Internet Arch - Open WorkshopFuture Internet Arch - Open Workshop
Future Internet Arch - Open WorkshopSOFIProject
 
Web 4.0 and beyond
Web 4.0 and beyondWeb 4.0 and beyond
Web 4.0 and beyondJohan Koren
 
FUTURE INTERNET AND THE “THINGS”, NANOTHINGS!
FUTURE INTERNET AND THE “THINGS”, NANOTHINGS!FUTURE INTERNET AND THE “THINGS”, NANOTHINGS!
FUTURE INTERNET AND THE “THINGS”, NANOTHINGS!Antonio Marcos Alberti
 
Internet Science
Internet ScienceInternet Science
Internet Sciencei_scienceEU
 

Semelhante a Privacy identity and trust challenges for the future internet citizen fabio massacci (unitn) (20)

100 paper cuts
100 paper cuts100 paper cuts
100 paper cuts
 
Monetizing social games globally
Monetizing social games globallyMonetizing social games globally
Monetizing social games globally
 
6-10-2010-PEMCI 2010
6-10-2010-PEMCI 20106-10-2010-PEMCI 2010
6-10-2010-PEMCI 2010
 
Hunter Public Relations ( Jason Winocour )
Hunter Public Relations ( Jason Winocour )Hunter Public Relations ( Jason Winocour )
Hunter Public Relations ( Jason Winocour )
 
Ownership of web content
Ownership of web contentOwnership of web content
Ownership of web content
 
S cambie scarlett_abbott_final
S cambie scarlett_abbott_finalS cambie scarlett_abbott_final
S cambie scarlett_abbott_final
 
UX for Multi Device applications
UX for Multi Device applicationsUX for Multi Device applications
UX for Multi Device applications
 
Presentation Cendoo tech eng
Presentation Cendoo tech engPresentation Cendoo tech eng
Presentation Cendoo tech eng
 
Users becoming-designers-begona pino
Users becoming-designers-begona pinoUsers becoming-designers-begona pino
Users becoming-designers-begona pino
 
GI2010 symposium-longhorn (longhorn keynote-presentation_14_may)
GI2010 symposium-longhorn (longhorn keynote-presentation_14_may)GI2010 symposium-longhorn (longhorn keynote-presentation_14_may)
GI2010 symposium-longhorn (longhorn keynote-presentation_14_may)
 
Social media services in Tieto
Social media services in TietoSocial media services in Tieto
Social media services in Tieto
 
Web 4.0 and beyond
Web 4.0 and beyondWeb 4.0 and beyond
Web 4.0 and beyond
 
IoT: A glance into the future
IoT: A glance into the futureIoT: A glance into the future
IoT: A glance into the future
 
Dfinity Vietnam presentation -Final-1701.pptx
Dfinity Vietnam presentation -Final-1701.pptxDfinity Vietnam presentation -Final-1701.pptx
Dfinity Vietnam presentation -Final-1701.pptx
 
Future Of Internet IV | AAAS
Future Of Internet IV | AAASFuture Of Internet IV | AAAS
Future Of Internet IV | AAAS
 
Cv marco dibiase_eng
Cv marco dibiase_engCv marco dibiase_eng
Cv marco dibiase_eng
 
Future Internet Arch - Open Workshop
Future Internet Arch - Open WorkshopFuture Internet Arch - Open Workshop
Future Internet Arch - Open Workshop
 
Web 4.0 and beyond
Web 4.0 and beyondWeb 4.0 and beyond
Web 4.0 and beyond
 
FUTURE INTERNET AND THE “THINGS”, NANOTHINGS!
FUTURE INTERNET AND THE “THINGS”, NANOTHINGS!FUTURE INTERNET AND THE “THINGS”, NANOTHINGS!
FUTURE INTERNET AND THE “THINGS”, NANOTHINGS!
 
Internet Science
Internet ScienceInternet Science
Internet Science
 

Mais de Aniketos EU FP7 Project

A heuristic approach for secure service composition adaptation final
A heuristic approach for secure service composition adaptation finalA heuristic approach for secure service composition adaptation final
A heuristic approach for secure service composition adaptation finalAniketos EU FP7 Project
 
TSSG paper for International Symposium on Integrated Network Management (IM)
TSSG paper for International Symposium on Integrated Network Management (IM) TSSG paper for International Symposium on Integrated Network Management (IM)
TSSG paper for International Symposium on Integrated Network Management (IM) Aniketos EU FP7 Project
 
Wewst11 trustworthiness monitoring of dynamic service compositions v2
Wewst11 trustworthiness monitoring of dynamic service compositions v2Wewst11 trustworthiness monitoring of dynamic service compositions v2
Wewst11 trustworthiness monitoring of dynamic service compositions v2Aniketos EU FP7 Project
 

Mais de Aniketos EU FP7 Project (10)

20120709 cyber patterns2012
20120709 cyber patterns201220120709 cyber patterns2012
20120709 cyber patterns2012
 
A heuristic approach for secure service composition adaptation final
A heuristic approach for secure service composition adaptation finalA heuristic approach for secure service composition adaptation final
A heuristic approach for secure service composition adaptation final
 
Dynamic monitoring of composed services
Dynamic monitoring of composed servicesDynamic monitoring of composed services
Dynamic monitoring of composed services
 
Aniketos effects plus_6sep_2012-v04
Aniketos effects plus_6sep_2012-v04Aniketos effects plus_6sep_2012-v04
Aniketos effects plus_6sep_2012-v04
 
Aniketos trust bus_sept_2012
Aniketos trust bus_sept_2012Aniketos trust bus_sept_2012
Aniketos trust bus_sept_2012
 
Soc july-2012-dmitri-botvich
Soc july-2012-dmitri-botvichSoc july-2012-dmitri-botvich
Soc july-2012-dmitri-botvich
 
Demo summer soc-28062012
Demo summer soc-28062012Demo summer soc-28062012
Demo summer soc-28062012
 
Aniketos summary
Aniketos summaryAniketos summary
Aniketos summary
 
TSSG paper for International Symposium on Integrated Network Management (IM)
TSSG paper for International Symposium on Integrated Network Management (IM) TSSG paper for International Symposium on Integrated Network Management (IM)
TSSG paper for International Symposium on Integrated Network Management (IM)
 
Wewst11 trustworthiness monitoring of dynamic service compositions v2
Wewst11 trustworthiness monitoring of dynamic service compositions v2Wewst11 trustworthiness monitoring of dynamic service compositions v2
Wewst11 trustworthiness monitoring of dynamic service compositions v2
 

Último

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 

Último (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 

Privacy identity and trust challenges for the future internet citizen fabio massacci (unitn)

  • 1. Università degli Studi di Trento Privacy, Identity and Trust Challenges for the Future Internet Citizen Fabio Massacci University of Trento 9/27/2010 Fabio Massacci - ICT 2010 1
  • 2. Whose Future Internet? • When we think of the Future Internet we always think it is for “us” – Sophie, Fabio, Reihnard, Ksheerabdhi, Mireille etc. • It is not for “us”. That’s wrong picture • Three generations tell three stories – Nonno Paolo – Born 1939 – Papà Fabio – Born 1967 – Paolo – Born 2000 9/27/2010 Fabio Massacci - ICT 2010 2
  • 3. Privacy 9/27/2010 Fabio Massacci - ICT 2010 3
  • 4. Nonno Paolo – Jun. 1996 • First Picture on the internet – Age 58 • Business Related 9/27/2010 Fabio Massacci - ICT 2010 4
  • 5. Papà Fabio – Feb. 1999 • First Picture on the Internet – Age 31 • Again only professional pictures 9/27/2010 Fabio Massacci - ICT 2010 5
  • 6. Paolo – Feb. 2007 • First picture on the internet – Age 7 9/27/2010 Fabio Massacci - ICT 2010 6
  • 7. If you don’t put, you don’t get pictures, do you? • Come on, a father should not post stuff on the internet and then complain that his boss, insurance company, wife, eu project partner, saw it… • Er… not really 9/27/2010 Fabio Massacci - ICT 2010 7
  • 8. Where is the problem of Privacy? • Nobody in the family posted that picture! – Somebody from Sportivi Ghiaccio Trento put it – I didn’t even know the picture was on the net before Feb. 2010 • Paolo’s life will be entirely on the Future Internet – Can he separate his lives (note the plural) in different zones? • In physical life we are pretty good at zoning – Separate relations (eg friends, work, neighbors) by “distance”. – (legal or curious) searches difficult by people outside the zone – Law enforcement can break zones but have hurdles – Individual and government can build zones • Technical solution alone ain’t enough – He can’t put a sticky policy as the photo will be about him, not his – Regulatory action also needed 9/27/2010 Fabio Massacci - ICT 2010 8
  • 9. Identity 9/27/2010 Fabio Massacci - ICT 2010 9
  • 10. How to tell Identity? • Nonno Paolo – 1° use C.C. on Internet:Age 59 • Papà Fabio – 1° use C.C. on Internet: Age 29 • Paolo – 1° attempt: Age 9 – Papi, can you give me your credit card? – Er… What do you need it for? – There is this Star Wars LEGO robot that you can buy on the LEGO web site you find with Google – Er… Let me see a second… Paolo, this is not LEGO web site!!! It is just a … site … selling stuff… – [Follow long -- and for a child boring -- explanation on how to find the identity of providers] 9/27/2010 Fabio Massacci - ICT 2010 10
  • 11. Commercial Identity? • Identity tech so far conceived for “client/servers” – What about “identity” of “partners” ? – You want to know who is the other! • In the physical realm – Identity of partners is regulated (you cannot just open a supermarket, a dentist’s practice or a bank) – Commercial identity is distinct but always linked to identity of human individuals (legal responsible) – strictly linked to specific attributes and taxable • How to link the identity of end point to the accountable identity for humans behind it? – Of course scams always possible (eg Maddoff) but you’ won’t get away so easily with it 9/27/2010 Fabio Massacci - ICT 2010 11
  • 12. Trust 9/27/2010 Fabio Massacci - ICT 2010 12
  • 13. Download and Run Internet Connected Software • Nonno Paolo: always stuff from a box • Papà Fabio: Age 28 – SSH Client/Server • Paolo: Age 10 – REVOLT • What’s that? – Running cars. Can connect over IP to a peer – Got from a friend on a usb stick – I found months later when he wanted to play multiplayer and Windows Firewall complained 9/27/2010 Fabio Massacci - ICT 2010 13
  • 14. How do you trust REVOLT? • Russian Roulette • PhD in Security – For 24 other fathers – 3hours for father of (actually the children) only child without admin password 9/27/2010 Fabio Massacci - ICT 2010 14
  • 15. After REVOLT, GERICO… • Come on, that’s obvious, after all that’s children downloading shady software • Er… not really – Gerico is not for the faint hearted… – Really for grown-up, corporate users… 9/27/2010 Fabio Massacci - ICT 2010 15
  • 16. So, what’s GERICO? • What’s the problem of running software connecting automatically to your Tax Agency? – You just don’t know what exactly it does… 9/27/2010 Fabio Massacci - ICT 2010 16
  • 17. Corporate Environment is alike… • Put everything on a very secure cloud is new trend – Good step but not enough • The problem is that “everything” – in-house developed LDAP system hiding roles from the ERP sys as you pay O#### by the role – open source PDF report generator so you won’t have to pay licensing fees to A#### – The wrapper of old legacy application controlled remotely by a university spin-off of ex-CTO turned prof. – The new S## GRC application monitoring the whole virtual network controlled by your auditors to lower your audit bill • No machine readable/checkable claim what they do 9/27/2010 Fabio Massacci - ICT 2010 17
  • 18. The Wild West Ecosystem • Citizens’ Laptops and Corporate Clouds are quickly evolving (worsening?) alike – Lots of frequently changing interconnected software – With [some] natural language description – With [some] digital identity • But we don’t know what this software is doing – Compare with entering an EU Consortium Agreement… – For uploading a software you just check a signature… • Where’s the contractual, machine readable, version of security claims, rights and obligations? – Security-by-Contract? – Software should declare its claims and we should check them.. 9/27/2010 Fabio Massacci - ICT 2010 18
  • 19. Challenges Ahead 9/27/2010 Fabio Massacci - ICT 2010 19
  • 20. Sum-Up of Challenges • Frame of mind: – Privacy, Identity and Trust solutions must be solutions for people whose lives/data/actions have been on the Future Internet since they can read or write (age 6) • Questions – Do (regulatory & technical) solutions allow individuals to zone identities? – How to link the identity of a partner service to the accountable identity of humans behind it? – Can we provide/check a “contractual” description of the security behavior of our parners’ code? 9/27/2010 Fabio Massacci - ICT 2010 20