7 Lecture 340 Online Tracking Encryption

7/27/2019 7 Lecture 340 Online Tracking Encryption

1/59

1

Online TrackingEncryption

Janine L. Spears, Ph.D.

May 8, 2012

DePaul University

CNS 340


2/59

2

1. Announcements

2. Online tracking and data re-identification

3. Encryption

a) Whole disk

b) Database

c) Key managementd) Example of tools

e) Public vs. private encryption algorithms

This Evenings Agenda


3/59

3

HW 3 due today1. John the Ripper

2. Recuva

3. Eraser

4. Secunia

HW 4 (Policy) is due next Tues, May 15th by 5:45pm CST

Announcements


4/59

4

Reading assignment: To Track or Do Not Track byTene and Polonetsky, Aug 2011

Read pages 1-14

Article is posted in Week 7 folder on D2L

This article will be helpful for:1. Extra credit assignment

2. Quiz #3

3. Group project

The browser security assignment that was listed in thecourse schedule will be a group assignment

There is one remaining individual assignment (HW 5) that willbe assigned next week

Announcements


5/59

5

Group assignment posted this week:

Due Mon, Jun 4th, 11:59pm (night b4 Final Exam meeting)

Group presentations will be in place of a final exam

Form groups either:

a) In person (on-campus section)

b) Via CATME survey (online and on-campus sections; an email will besent from CATME)

Announcements


6/59

6

Extra credit assignment will be emailed later this week

Quiz #2 review.

Announcements


7/59

7

Personally Identifiable Information (PII) Identified data

Identifiable data

Non-PII, but when aggregated or combined with

other data could lead to the identification of anindividual

In other words, Non-PII can be transformed into PII

Identified vs. Identifiable Data


8/59

8

De-identification of data occurs when personallyidentifiable information is stripped from a dataset in

order to make the data anonymous

Re-identification = linking de-identified data to identifieddata

Re-identification of data occurs when a third party joinsanonymized data with a small amount of auxiliary data

from another database and de-anonymizes the data (Porter2008)

Data Re-Identification


9/59

9

Re-identification may occur through data aggregation

Aggregation refers to the combination of various types of data

Data Aggregation


10/59

10

Example of Data Re-Identification

Anonymous data set:

Name: Unique alpha-numericalidentifier

Age: 13

Favorite Toy: Legos

Favorite Movie: Batman

Favorite Candy: Snickers

Favorite Restaurant: McDonalds

Zip Code: 20052

Facebook data set:

Name: Billy Doe

Age: 13Location: I live in Washington, DC

Narrative: I love to build things with Legos. I

love Snickers bars. I recently saw the

Batman movie and thought it was the coolest

movie ever!

Another data set:

Name: William Doe

Date of Birth: 04-04-1996

Address: 2000 H Street, NW, Washington, DC 20052

Schwartz & Solove, NY University Law Review 2011


11/59

11

According to an academic study, a combination of the

following info is sufficient to identify 87%

of the population:

1. Birth date

2. Zip code

3. Gender

Re-Identification using Simple Demographic Data (1 of 3)

Data typically considered non-PII Generally not considered

embarrassing or sensitive

Available via census data

Latanya Sweeney (2000)


12/59

12

In the 1970s, the US Census Bureau began sellingcensus data

The data only contained addresses, not names

How were marketing companies able to identify

individuals?

1. Telephone lists

2. Voter registration lists



13/59

13

Predicting social security numbers

http://www.youtube.com/watch?v=sqjTyN8-q2w

http://www.cnn.com/2009/US/07/10/social.security.number

s/index.html?iref=allsearch

Study was conducted by Alessandro Acquisti and Ralph

Gross

http://www.heinz.cmu.edu/news/news-

detail/index.aspx?nid=991

http://www.youtube.com/watch?v=sqjTyN8-q2whttp://www.cnn.com/2009/US/07/10/social.security.numbers/index.html?iref=allsearchhttp://www.cnn.com/2009/US/07/10/social.security.numbers/index.html?iref=allsearchhttp://www.heinz.cmu.edu/news/news-detail/index.aspx?nid=991http://www.heinz.cmu.edu/news/news-detail/index.aspx?nid=991http://www.heinz.cmu.edu/news/news-detail/index.aspx?nid=991http://www.heinz.cmu.edu/news/news-detail/index.aspx?nid=991http://www.heinz.cmu.edu/news/news-detail/index.aspx?nid=991http://www.cnn.com/2009/US/07/10/social.security.numbers/index.html?iref=allsearchhttp://www.cnn.com/2009/US/07/10/social.security.numbers/index.html?iref=allsearchhttp://www.youtube.com/watch?v=sqjTyN8-q2whttp://www.youtube.com/watch?v=sqjTyN8-q2whttp://www.youtube.com/watch?v=sqjTyN8-q2w


14/59

14

Data aggregation and data re-identification

Are not within scope of existing US privacy laws

Are a privacy concern with regard to onlinebehavioral tracking (targeted advertising)

Data Aggregation


15/59

15

The anonymity myth refers to the incorrectassumption that a person remains anonymous (i.e., is

not identifiable) while on the web, as long as he/she

does not use his/her name

The anonymity myth stems from a mistaken conflation

between momentary anonymity and actual

untraceability

Anonymity Myth (1 of 2)


16/59

16

What is the key piece of information that enables

traceability of ones actions once connected to theinternet?

The IP address is a unique identifier that is assigned to

every computer connected to the Internet.

Due to the shiftfrom dynamic IP addresses for dial-up

connections to static IP addresses for broadband

connections, ISPs now have logs (that could span years)that link IP addresses with particular computers and, in

many cases, eventually to specific users.

Only 5% of Americans still use dial-up (Pew Research Center 2010)

Anonymity Myth (2 of 2)


17/59

17

Connection to a website requires a browser to provide

the users IP address

Various tools can provide info on an IP address, such as:

Host name

Geographic location

A map

IP Address


18/59

18

Identify browser tools that reduce the amount of: Browser footprinting

Online tracking

Group Project Assignment


19/59

19

Two issues are driving a major increase in the useof encryption

What are they?

Data Encryption


20/59


21/59

21

Encryption is the process ofconverting an original

message into a form that is unreadable (aka ciphertext).

Decryption is the process ofconverting the ciphertext

message back into plaintext so that it is readable.

Data Encryption


22/59

22

Encrypting data at rest:

a) Whole disk encryption

Hard drive encryption

USB drive encryption

b) Folder/file encryption

c) Database encryption

Data Encryption


23/59

23

How Whole Disk Encryption works:

http://www.symantec.com/content/en/us/enterprise/white

_papers/b-

pgp_how_wholedisk_encryption_works_WP_21158817.en-

us.pdf

Whole Disk Encryption (1 of 5)
http://www.symantec.com/content/en/us/enterprise/white_papers/b-pgp_how_wholedisk_encryption_works_WP_21158817.en-us.pdfhttp://www.symantec.com/content/en/us/enterprise/white_papers/b-pgp_how_wholedisk_encryption_works_WP_21158817.en-us.pdfhttp://www.symantec.com/content/en/us/enterprise/white_papers/b-pgp_how_wholedisk_encryption_works_WP_21158817.en-us.pdfhttp://www.symantec.com/content/en/us/enterprise/white_papers/b-pgp_how_wholedisk_encryption_works_WP_21158817.en-us.pdfhttp://www.symantec.com/content/en/us/enterprise/white_papers/b-pgp_how_wholedisk_encryption_works_WP_21158817.en-us.pdfhttp://www.symantec.com/content/en/us/enterprise/white_papers/b-pgp_how_wholedisk_encryption_works_WP_21158817.en-us.pdfhttp://www.symantec.com/content/en/us/enterprise/white_papers/b-pgp_how_wholedisk_encryption_works_WP_21158817.en-us.pdfhttp://www.symantec.com/content/en/us/enterprise/white_papers/b-pgp_how_wholedisk_encryption_works_WP_21158817.en-us.pdfhttp://www.symantec.com/content/en/us/enterprise/white_papers/b-pgp_how_wholedisk_encryption_works_WP_21158817.en-us.pdfhttp://www.symantec.com/content/en/us/enterprise/white_papers/b-pgp_how_wholedisk_encryption_works_WP_21158817.en-us.pdf


24/59

24

What gets encrypted:

Encrypts the entire disk including system files,

temporary files, etc.

Whole disk encryption automatically encryptseverything the user or O/S creates

Encryption/decryption is transparent to user

Benefit: If encrypted disk is lost, stolen, or placedinto another computer, drive remains encrypted



25/59

25

When is data encrypted:

Works in conjunction with the O/S file system

Data is encrypted blocks at a time first time

When a user accesses a file, the data is decrypted

in memory

If user makes changes to a file, the data is

encrypted in memory and written back to drive

Decrypted data is never availableon the disk



26/59

26

Limitation of whole disk encryption:

Once user logs into the system during startup, filescan be opened by anyone

If user has logged in and leaves computerunattended (e.g., in a coffee shop), anunauthorized user can access data



27/59

27

Recovery methods:

1. Local self-recovery (users customizable pre-definedquestions)

2. Recovery Token (one-time use)

3. Administrator key stored on a token or smart card

Best practices: before encrypting whole disk,

1. Create a Recovery CD

2. Backup the drive



28/59

28

If someone reports a lost or stolen PC, what are

some questions that need to be asked?

Was the user logged on to the system?

If so, was user logged on to network?

If so, what data does user have access to?

Company also should define lost and stolen. At what point is a device considered stolen?

Lost or Stolen Laptops with Whole Disk Encryption


29/59

29

An example of layered security (aka defense-in-depth) for protecting data stored on hard disks:

If data on an encrypted hard disk is vulnerable

after user logs on, what additional layer ofsecurity can be added to encrypt sensitive data on

a hard disk?

Layered Security


30/59

30

From HW 3:

what is an example of a file encryption tool?

What is an example of an open source

whole disk encryption tool?

Examples of Whole Disk and File Encryption Tools


31/59

31

3. Checkpoint Full Disk Encryption

http://www.checkpoint.com/products/datasecurity/pc/index.html

4. Pretty Good Privacy (PGP)

Demo for whole disk encryption:http://www.symantec.com/business/products/videos.jsp?pcid=pcat_info_risk_c

omp&pvid=wd_encryption_1

5. TrueCrypt

Free open-source encryption for Windows, Mac, Linux

http://www.truecrypt.org/

6. IronKey

Demo for flash drive encryption (also note key mgmt app):

https://www.ironkey.com/demo-enterprise

Examples of Whole Disk Encryption Tools
http://www.checkpoint.com/products/datasecurity/pc/index.htmlhttp://www.symantec.com/business/products/videos.jsp?pcid=pcat_info_risk_comp&pvid=wd_encryption_1http://www.symantec.com/business/products/videos.jsp?pcid=pcat_info_risk_comp&pvid=wd_encryption_1http://www.truecrypt.org/https://www.ironkey.com/demo-enterprisehttps://www.ironkey.com/demo-enterprisehttps://www.ironkey.com/demo-enterprisehttps://www.ironkey.com/demo-enterprisehttp://www.truecrypt.org/http://www.symantec.com/business/products/videos.jsp?pcid=pcat_info_risk_comp&pvid=wd_encryption_1http://www.symantec.com/business/products/videos.jsp?pcid=pcat_info_risk_comp&pvid=wd_encryption_1http://www.checkpoint.com/products/datasecurity/pc/index.html


32/59

32

Using the file or folder encryption feature in

Windows:

Overview of the Encrypting File System (EFS)http://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-links

Training video on using EFS to encrypt or decrypthttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-file

Back up Encrypting File System (EFS) certificate

http://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificate

SWF Encrypt Encrypt Adobe Flash SWF files:

http://www.amayeta.com/software/swfencrypt/

Examples of File Encryption Tools
http://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-linkshttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://www.amayeta.com/software/swfencrypt/http://www.amayeta.com/software/swfencrypt/http://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-US/windows7/Back-up-Encrypting-File-System-EFS-certificatehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-us/windows7/Encrypt-or-decrypt-a-folder-or-filehttp://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-linkshttp://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-linkshttp://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-linkshttp://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-linkshttp://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-linkshttp://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-linkshttp://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-linkshttp://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-linkshttp://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-linkshttp://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-linkshttp://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-linkshttp://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-linkshttp://windows.microsoft.com/en-US/windows7/Encrypting-File-System-EFS-recommended-links


33/59

33

Server-side vs. Client-side encryption

Whole disk encryption is an example of client-side

encryption (i.e., stored on client PC)

Encryption of databases residing on a server is anexample of server-side encryption

Two basic types ofdatabase encryption

1. Whole database (aka file-level) encryption

2. Column-level encryption

Database Encryption


34/59

34

Features of whole database encryption:

Encrypts an entire database file

Secures files at rest not currently in use by a

database system (e.g., SQL Server, Oracle)

Without this, data in a DB file residing on a storage

disk can be viewed with text editor

Works at the O/S layer, so does not require

additional application program code

Simplest to implement

Minimal impact on database performance

File-level Database Encryption (1 of 5)


35/59

35

A database without encryption:


Source: NetLib Encryptionizer, http://www.netlib.com/how-it-works.asp


36/59

36

DB file encrypted but not enabled:




37/59

37

DBMS enabled to process encrypted DB file:




38/59

39

Benefits ofcolumn-level encryption:

Encrypts individual columns of data within a table(e.g., SSN)

Enables more granular encryption by allowing a

group of users to only access part of table, whileencrypting other parts (e.g., employee table containingaddress book info + personal info)

Different columns can be encrypted with differentkeys

API enables customized programs to be writtenthat control who, when, where, how data isaccessed

Column-level Database Encryption (1 of 2)

Source: NetLib, http://www.netlib.com/column-vs-database.asp


39/59

40

Limitations of column-level encryption:

Impact on performance(estimated at 5-6% slower thanaccess plaintext columns)

The more columns encrypted, the greater the

performance degradation

Performance may be significantly degraded forcomplex database queries on encrypted columns(e.g., LastName begins with S, Salary between $50,000 and $60,000)

Cannot protect the intellectual property of thedatabase (e.g., schema, views)

Column-level Database Encryption (2 of 2)

Source: NetLib, http://www.netlib.com/column-vs-database.asp


40/59

41

Database activity monitoring (DAM):

Operates independently of DBMS

Monitors privileged user access (e.g., DBA)

Monitors application activity

Provides cyber-attack prevention

Establishing a baseline of normal application activity and SQLstructures and identifies when there is a diversion

Sample DAM vendor: Nitro Security

http://www.nitrosecurity.com/products/database-monitor/

Nitro Security acquired by MacAfee

http://www.networkworld.com/community/node/78826

Database Activity Monitoring
http://www.nitrosecurity.com/products/database-monitor/http://www.networkworld.com/community/node/78826http://www.networkworld.com/community/node/78826http://www.nitrosecurity.com/products/database-monitor/http://www.nitrosecurity.com/products/database-monitor/http://www.nitrosecurity.com/products/database-monitor/


41/59

42

Encryption has two components:

1. Algorithm

Is typically publically available

2. Key

Is the parameter used in the algorithm that determines

how data will be transformed from plaintext to

cyphertext

Is kept secret

Is a very large number that should be impossible to

guess

Data Encryption


42/59

43

The encryption key is the critical component in effectiveencryption

Key management is becoming increasingly challenging as

more encryption software is added to the storage

infrastructure due to increase in # of keys

Proper Encryption Key Management is Essential


43/59

44

Effective key management is essential: Unauthorized access to keys renders encryption

useless

A lost key makes it impossible to retrieveencrypted data

Encryption key management involves managing

the key lifecycle

What is a keys lifecycle?



44/59

45

Encryption key management involves thecreation, secure storage, handling, and deletion

of encryption keys

i.e., managing the key lifecycle



45/59

46

Encryption key mgmt systems are intended to:

a) provide centralized management of an orgns encryptionkeys

b) manage the lifecycle of keys

c) store keys securely

d) distribute keys more easily

These systems are typically unable to manage keys from

disparate storage systems

Key mgmt standards are currently being developed

1) Key Management Interoperability Protocol (KMIP)

2) IEEE P1619.3 (for stored data)

Enterprise Encryption Key Management Systems

Cath Everett 2010


46/59

47

Policies and procedures come first, and then

automated tools are used to enforce them.

Some key management policies:

1. Which group(s) should manage keys?2. How often should keys be changed?

3. Level of key granularity (i.e., different key per ___)

4. Segregation of duties

Encryption Key Management Policies & Procedures (1 of 2)

SearchStorage, Nov 2009


47/59

48

Key management policies contd:

5. For encrypted data that must be archived, ensure

the key used to encrypt the data is stored securely

and accessible for X years

6. Backup keys in case system goes down

7. Plan for dealing with encrypted data in case of

merger, acquisition, or divestment

8. When outsourcing to ESP, must decide:

a) Encryption mechanism to use

b) Outsourcers role, if any, in key mgmt

Encryption Key Management Policies & Procedures (2 of 2)

Cath Everett 2010


48/59

49

Where to manage and store keys

Hardware-based solutions store encryption keys on an

appliance, offering a centralized location.

Software-based encryption products store encryption

keys on the servers where the encrypted data is

locateda distributed approach to key storage

although some software vendors offer an optional

appliance for key storage. Centralized storage offers an easy target for attack, but

distributed storage is only as good as the most recent

security patch on your server.

Considerations for Encryption Key Storage

http://www.sqlmag.com/article/encryption2/database-encryption-solutions.aspx


49/59

50

Key considerations for encryption controls: What data needs to be protected?

Where does this data reside? (Apps, servers,

databases, devices, etc.)

How should keys be managed? (where stored,

how many, accessible by whom)

What trade-offs are users willing to make for

performance vs. protection?

Considerations for Encryption Solutions


50/59

51

One of two methods of encryption used:

1. Public key encryption (AKA asymmetric)

2. Secret key encryption (AKA symmetric)

Data Encryption


51/59

52

Public key encryption

Two keys are necessary: a public key and a private

key

The public key is known to many people and is not

kept secret The private key must be kept secret

The two keys are used to code and decode

messages

A message coded with one can only be decoded

with the other

RSA is most common public key method

Asymmetric Key Encryption


52/59

53

Public key encryption contd

The RSA method is provided in Web browsers

Full two-way secure communication requires both

parties to have a public and private key

Most B2C transactions are only secure from the

consumer to the merchant, since the consumer

likely does not have a private key



53/59

54



54/59

55


Source: http://www.networksorcery.com/enp/data/encryption.htm


55/59

56

Secret key encryption (AKA symmetric)

The sender and receiver use the same key to code

and decode a message

The level of security is a function of the size of the

key Common secret key algorithms used:

1. Data Encryption Standard (DES)

2. Triple DES (3DES)3. Advanced Encryption Standard (AES)

Symmetric Key Encryption


56/59

57


Source: http://www.networksorcery.com/enp/data/encryption.htm


57/59

58



58/59

59

Digital signature

Since a private key is only known by the one party,

it can be used as a digital signature

RSA method used for private (secret) key

A certification agency must issue the keys in theform of a digital certificate containing:

a) Users name

b) Users public key

c) Digital signature of the certificate issuer

The digital certificate can be attached to a

message to verify the identity of the sender

Another Use of Encryption Keys


59/59

60

Key extraction from monitoring cache memory

access patterns

http://web.mit.edu/newsoffice/2009/cryptography.html

The memory access patterns that is, which memoryaddresses are accessed are heavily influenced by the

specific secret key being used in that operation

AKA cache-timing attacks against AES

Researchers demonstrated a concise and efficient

procedure for learning the secret keys given just this crude

information about the memory access patterns.

Limitations with Encryption
http://web.mit.edu/newsoffice/2009/cryptography.htmlhttp://web.mit.edu/newsoffice/2009/cryptography.html

7 Lecture 340 Online Tracking Encryption

Documents

Transcript of 7 Lecture 340 Online Tracking Encryption