The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST...
Transcript of The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST...
![Page 1: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/1.jpg)
The Balancing Act BetweenPrivacy and Security
Joseph A. O’Sullivan, PhD
Electrical and Systems Engineering
Associate Director, Center for Security Technologies
Chair, Faculty Senate
![Page 2: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/2.jpg)
The Balancing Act Between Privacy and Security
• The Center for Security Technologies• Happy Mardi Gras!• Information Searches: Security and
Privacy• Information Hiding: Steganography
and Copyright Proctection• Cameras and Sensing• Conclusions
![Page 3: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/3.jpg)
Washington University and theCenter for Security Technologies
• Washington University– USNWR: ranked 9th nationally, top 10 in endowment– 8 Schools: Medicine, Social Work ranked in the top 3
• CST– interdisciplinary academic research center– built on existing strengths
in security research
![Page 4: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/4.jpg)
CST MissionTo advance research in basic science, mathematics, and engineering in those areas which can most directly improve security including:• physical aspects of security
(intrusion detection, border security, biological and chemical substance identification)
• information aspects of security (networking, searching of massive databases, and information theory)
• law, economics, public policyand to transfer these technologies into practice
![Page 5: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/5.jpg)
CST Coverage
• First multidisciplinary security research center– more than information assurance– over 50 researchers from five schools
• Security is more than counterterrorism– planned attacks and natural disasters– security of food, water, access, network, borders, . . .– information awareness
• Synergy between technology and policy– incorporate early as ‘design criteria’– provide policy impact statement
• Systems integration– sensors through signal processing to implementations– leading to technology transfer
![Page 6: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/6.jpg)
Happy Mardi Gras
![Page 7: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/7.jpg)
Happy Mardi Gras
![Page 8: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/8.jpg)
Happy Mardi Gras
![Page 9: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/9.jpg)
Happy Mardi Gras
![Page 10: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/10.jpg)
Happy Mardi Gras
![Page 11: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/11.jpg)
Happy Mardi Gras
![Page 12: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/12.jpg)
Happy Mardi Gras
![Page 13: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/13.jpg)
Happy Mardi Gras
![Page 14: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/14.jpg)
Happy Mardi Gras
![Page 15: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/15.jpg)
Happy Mardi Gras
![Page 16: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/16.jpg)
Happy Mardi Gras
![Page 17: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/17.jpg)
Happy Mardi Gras
![Page 18: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/18.jpg)
Happy Mardi Gras?
![Page 19: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/19.jpg)
Brazil’s President
![Page 20: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/20.jpg)
Mardi Gras Security and Privacy• Large crowds who love
anonymity• Large crowds as
potential targets• Unexpected behavior
(even by presidents)• Security: perimeter,
remote sensing, imaging, noninvasive
![Page 21: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/21.jpg)
The Balancing Act Between Privacy and Security
• The Center for Security Technologies• Happy Mardi Gras!• Information Searches: Security and
Privacy• Information Hiding: Steganography
and Copyright Proctection• Cameras and Sensing• Conclusions
![Page 22: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/22.jpg)
A bit about Bytes
• 1’s and 0’s: a trim alphabet• bits and Bytes: usually 8 bits/Byte• kilo, Mega, Giga, Tera, Peta, Exa: 103
– kilobyte: printed page of text– Megabyte: novel– Gigabyte: movie– Terabyte: US library of Congress – Petabyte: all US academic research libraries– Exabyte: every word produced by humans
1011100110101011110010314- 935- 4767
![Page 23: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/23.jpg)
Massive Data
• Storage industry will ship 6,000,000,000,000,000,000 Bytes this year;– Cost decreasing ~3%/week;
• MasterCard recently installed 200 TBytes of disk;
• Humanoids have produced 12 Exabytes over the past ~30,000 years– Next 12 Exabytes in just over a year!
![Page 24: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/24.jpg)
Application: Intelligence Data
• Lots of data– US intelligence collects data equaling the printed
collection of the US Library of Congress every day!
• Changing constantly• Many perturbations
– Osama, Osamma, Ossamma, . . .
• Query and field types aren’t known a priori
![Page 25: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/25.jpg)
Application: Genomics
• Genome maps being expanded daily– 80,000 genes, 3 billion base pairs (A,C,G,T)
• Look for matches– Identify function– Disease: understand, diagnose, detect, medicine,
therapy– Biofuels, warfare, toxic waste– Understand evolution– Forensics, organ donors, authentication– More effective crops, disease resistance
![Page 26: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/26.jpg)
Today: Information
• Generation and storage• Transmission• Securing of information
– . . . security ↔ privacy
![Page 27: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/27.jpg)
DNA String Matching
• Looking for CACGTTAGT…TAGC• Interested in matches and near matches• Search human genome and other gene
oceans– Need to search entire data sets
![Page 28: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/28.jpg)
Application: Image Databases
Challenging database– Massive data sets– Unstructured– Don’t know what we need to look
for in each picture
![Page 29: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/29.jpg)
Saint Louis Zoo
Living World
![Page 30: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/30.jpg)
![Page 31: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/31.jpg)
Satellite Data
• Low orbit fly-over every 90 minutes• Look for differences in images
– Large objects– Troops– Changes to landscape
• Flag, transmit these differences immediately• National Reconnaissance Office• City assessors . . .
![Page 32: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/32.jpg)
How do we find what we’re looking for most effectively?!
![Page 33: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/33.jpg)
Task: Search all Books in the Library for a Particular Word
Process:• Transfer books to home• Read each one• Keep those interested• Go get more books . . .
![Page 34: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/34.jpg)
To find what we’re looking formost effectively . . .
. . . push the request to the data!
![Page 35: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/35.jpg)
• Security & intelligence
• Medical & genomics
• Internet & search engines
• Unstructured data: Text, images & signals
• Personal & server computers
Dramatic Application Performance Gains – 200x
![Page 36: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/36.jpg)
Example: The Case of Maury Travis
Suspect in over 20 murders
Sent map to Post-Dispatch
Contacted Expedia (M’Soft)
ID’ed IP address
Contacted MCI-Worldcom
Tailed him . . . Apprehended!
Per Sgt. Muffler
![Page 37: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/37.jpg)
Question:
• Who has access to these data?– Who grants access?
• Consider medical records:– Can be an incredible medical research tool– Can be ‘useful’ for insurance actuaries
![Page 38: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/38.jpg)
Data Transmission
• 120 TBytes/sec internet peak rate• 120 PBytes/month Internet• 100 PBytes/month telephone
![Page 39: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/39.jpg)
What’s the problem?
– Computer virus infections are spreading• New virus spreads though email and web
– Copyrights on digital content are violated• Rampant sharing of music and videos
– Confidential data are leaking through company networks• Trade secrets stolen
– Internet infrastructure is at risk
![Page 40: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/40.jpg)
Who Cares?– About computer virus infections
• People that own a business with a network• People that operate a network• People use a network
– About copyright violations• Content owners• Record Companies and Movie Studios• Entertainers, Authors
– About confidential data leaks• Any business with proprietary information• Any person with proprietary information
– About infrastructure failures• Network operators (Sprint, Level3)• Electronic Commerce• Government
![Page 41: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/41.jpg)
What needs to be done?
Distinguish between legitimate and illegitimate content– Stop the illegitimate traffic– Forward legitimate traffic – Don’t slow down the network
![Page 42: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/42.jpg)
A Potential Solution:The Network Watchman
• Electronic postmen– direct packets to destination via headers
• Secure network– watch headers– view payload– copy/redirect/stop packets
• Identifies & acts on content in Internet packets without delay
![Page 43: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/43.jpg)
What Can We Do Now?
• Routinely update system software, especially security patches
• Enable your firewall, especially wireless
![Page 44: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/44.jpg)
Concern
• Who gets to read your email or monitor your buying habits?– Law enforcement officers? Marketers?– Compare to paper mail or telephone; store
card purchasing data
• Who controls this access?
![Page 45: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/45.jpg)
Securing Data: Encryption
• Data Encryption Scheme (DES)– 56 bit key
• 1 million-billion possibilities
– 3DES (two keys, 3 DES operations)• 112 bits (1 trillion-billion-billion)
– AES (NIST)
– need to exchange (secret) keys
![Page 46: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/46.jpg)
Public Key Encryption
• Public key encryption– can send information easily on open channels– Diffie-Hellman-Merkle
• send private keys on public channel– Rivest-Shamir-Adelman (RSA)
• publish key so others can send message to you (N)
• keep decrypting piece private• use two (large) prime numbers (N=p*q)
![Page 47: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/47.jpg)
Strong Encryption
Too good for our security?-clipper chip
-legislate accessible strength
![Page 48: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/48.jpg)
Information Hiding
U.S. officials say Osama bin Laden is posting instructions for terrorist activities on sports chat rooms, pornographic bulletin boards and other Web sites.
(AP News)
![Page 49: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/49.jpg)
Steganography in Text
We start with plaintext:We explore new steganographic and
cryptographic algorithms and techniques throughout the world to produce wide variety and security in the electronic web called the Internet.
![Page 50: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/50.jpg)
Steganography in Text
. . . and apply a word shifting algorithm:We explore new steganographic and
cryptographic algorithms and techniques throughout the world to produce wide variety and security in the electronic web called the Internet.
![Page 51: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/51.jpg)
Steganography in Text
. . . and uncover:We explore new steganographic and
cryptographic algorithms and techniques throughout the world to produce wide variety and security in the electronic web called the Internet.
. . . explore the world wide web . . .
![Page 52: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/52.jpg)
Steganography in Pictures
Renoir
![Page 53: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/53.jpg)
Covert Data
![Page 54: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/54.jpg)
‘Composite’ Image
![Page 55: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/55.jpg)
Undetectable (unless aware)
Original Composite
![Page 56: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/56.jpg)
Digital Fingerprinting andTraitor Tracing
• Digital fingerprinting– Authenticate– Who bought/sold/ . . .– Printers/copiers
• Mark copies to find out where the data are being compromised
![Page 57: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/57.jpg)
Consider . . .
This can perfectly hide data so that no one, not even the ‘good guys’, can find it.
![Page 58: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/58.jpg)
The Balancing Act Between Privacy and Security
• The Center for Security Technologies• Happy Mardi Gras!• Information Searches: Security and
Privacy• Information Hiding: Steganography
and Copyright Proctection• Cameras and Sensing• Conclusions
![Page 59: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/59.jpg)
Smart Borders – Smart Cameras
![Page 60: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/60.jpg)
X-ray Scanning andSecurity Imaging
Conventional Transmission
![Page 61: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/61.jpg)
Scanning at Borders/Airports
Low Energy Backscattered
Behavior Analysis
![Page 62: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/62.jpg)
Network of Video Cameras• Missouri Rapid Screen• License plate ID system
– consider sniper case
![Page 63: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/63.jpg)
Concerns
• Do you want to be in these pictures?– It might demonstrate your innocence?
• Consider the AVID chip– Think about cell phone ‘tracking’!
![Page 64: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/64.jpg)
Safe at Home
• Technology expected to (and will!) respond with improved solutions to new threats– Applies to both planned and natural attacks
• Coordinate with law, privacy, economics, and public policy– Expect that reason will be applied
www.cst.wustl.edu
![Page 65: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/65.jpg)
![Page 66: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/66.jpg)
Privacy, Public Policy, and Ethics
– Societal Issues, Security-Privacy Perception and Reality
– Economic Issues, Cost-Benefit Analysis – Legal Issues– Technological Solutions to Privacy Issues– Facilitate Discourse on Technology and its
Implications
![Page 67: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/67.jpg)
Center for Security Technologies
• Established critical mass in security technologies• Many complementary projects• Widespread applications• Fundamental scientific and engineering issues• Guiding standards and impact policy• Uniquely integrating economic and privacy issues• Synergy between WUSTL, region, and nation
![Page 68: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/68.jpg)
Center for Security TechnologiesSecuring our World through Technology
• An established critical mass in security technologies• Addressing fundamental scientific issues• Many complementary projects• Wide range of applications• Uniquely integrating privacy issues• Guiding standards and impacting policy• Providing synergy between WUSTL, region, nation,
and other countries
![Page 69: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/69.jpg)
CST External Advisory BoardMr. Earle Harbison (retired President and COO, Monsanto), ChairDr. Massoud Amin (Director of Infrastructure Security, EPRI)Dr. Allen Atkins (Vice President, Boeing)Dr. Tony Cantu (Chief Scientist, US Secret Service)Prof. Jerry Cox (Senior Professor, Washington University)Col. Tim Daniel (Director, Missouri Office of Homeland Security)Mr. Will Eatherton (Chief Architect, Cisco)Mr. Richard Fleming (CEO, RCGA)Dr. Mark Kryder (CTO, Seagate Technologies)Mr. Jerry McElhatton (President GTO, MasterCard International)Mr. Scott Charney (CSO, Microsoft)Dr. Sharon Nunes (Vice President, IBM)Mr. Joe Leonelli (Vice President, Veridian Systems)Ms. Jan Newton (President TX, SBC)Gen. Tony Robertson (retired AF)Dr. Don Ross (Chairman, Ross and Baruzzini: Cernium)Hon. William Webster (retired Director, CIA and FBI)Prof. Murray Wedeinbaum (Washington University)
![Page 70: The Balancing Act Between Privacy and Securityjao/Talks/CSTTalks/OASIS.pdf · 2004-06-10 · CST Coverage • First multidisciplinary security research center – more than information](https://reader033.fdocuments.in/reader033/viewer/2022042003/5e6e7e8c53eaea45495ad777/html5/thumbnails/70.jpg)
Scientific and Engineering ResourceScientific and Engineering Resource
Center for Security TechnologiesSecuring our World through Technology