Practical privacy enhancing technologies for mobile systems

dc.contributorAalto-yliopistofi
dc.contributorAalto Universityen
dc.contributor.authorLindqvist, Janne
dc.contributor.departmentTietotekniikan laitosfi
dc.date.accessioned2012-08-23T05:20:32Z
dc.date.available2012-08-23T05:20:32Z
dc.date.issued2009
dc.description.abstractMobile computers and handheld devices can be used today to connect to services available on the Internet. One of the predominant technologies in this respect for wireless Internet connection is the IEEE 802.11 family of WLAN standards. In many countries, WLAN access can be considered ubiquitous; there is a hotspot available almost anywhere. Unfortunately, the convenience provided by wireless Internet access has many privacy tradeoffs that are not obvious to mobile computer users. In this thesis, we investigate the lack of privacy of mobile computer users, and propose practical enhancements to increase the privacy of these users. We show how explicit information related to the users' identity leaks on all layers of the protocol stack. Even before an IP address is configured, the mobile computer may have already leaked their affiliation and other details to the local network as the WLAN interface openly broadcasts the networks that the user has visited. Free services that require authentication or provide personalization, such as online social networks, instant messengers, or web stores, all leak the user's identity. All this information, and much more, is available to a local passive observer using a mobile computer. In addition to a systematic analysis of privacy leaks, we have proposed four complementary privacy protection mechanisms. The main design guidelines for the mechanisms have been deployability and the introduction of minimal changes to user experience. More specifically, we mitigate privacy problems introduced by the standard WLAN access point discovery by designing a privacy-preserving access-point discovery protocol, show how a mobility management protocol can be used to protect privacy, and how leaks on all layers of the stack can be reduced by network location awareness and protocol stack virtualization. These practical technologies can be used in designing a privacy-preserving mobile system or can be retrofitted to current systems.en
dc.format.extentVerkkokirja (476 KB, 56 s.)
dc.format.mimetypeapplication/pdf
dc.identifier.isbn978-951-22-9903-4
dc.identifier.isbn978-951-22-9902-7476 (printed)#8195;
dc.identifier.issn1795-4584
dc.identifier.urihttps://aaltodoc.aalto.fi/handle/123456789/4624
dc.identifier.urnURN:ISBN:978-951-22-9903-4
dc.language.isoenen
dc.publisherTeknillinen korkeakouluen
dc.relation.haspart[Publication 1]: Janne Lindqvist and Laura Takkinen. 2006. Privacy management for secure mobility. In: Ari Juels and Marianne Winslett (editors). Proceedings of the 5th ACM Workshop on Privacy in the Electronic Society (WPES 2006). Alexandria, Virginia, USA. 30 October 2006.en
dc.relation.haspart[Publication 2]: Tuomas Aura, Janne Lindqvist, Michael Roe, and Anish Mohammed. 2008. Chattering laptops. In: Nikita Borisov and Ian Goldberg (editors). Proceedings of the 8th Privacy Enhancing Technologies Symposium (PETS 2008). Leuven, Belgium. 23-25 July 2008. Springer. Lecture Notes in Computer Science, volume 5134, pages 167-186. © 2008 by authors.en
dc.relation.haspart[Publication 3]: Janne Lindqvist and Juha-Matti Tapio. 2008. Protecting privacy with protocol stack virtualization. In: Vijay Atluri and Marianne Winslett (editors). Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society (WPES 2008). Alexandria, Virginia, USA. 27 October 2008.en
dc.relation.haspart[Publication 4]: Janne Lindqvist, Tuomas Aura, George Danezis, Teemu Koponen, Annu Myllyniemi, Jussi Mäki, and Michael Roe. 2009. Privacy-preserving 802.11 access-point discovery. Cambridge, United Kingdom. Microsoft Research Technical Report, MSR-TR-2009-7. An abridged version of this article is available in: David Basin, Srdjan Capkun, and Wenke Lee (editors). Proceedings of the Second ACM Conference on Wireless Network Security (WiSec 2009). Zürich, Switzerland. 16-18 March 2009, pages 123-130. © 2009 by authors.en
dc.relation.ispartofseriesTKK dissertations, 168en
dc.subject.keywordprivacyen
dc.subject.keywordmobile systemsen
dc.subject.keywordIEEE 802.11en
dc.subject.keywordanonymityen
dc.subject.keywordwireless networksen
dc.subject.otherComputer scienceen
dc.titlePractical privacy enhancing technologies for mobile systemsen
dc.typeG5 Artikkeliväitöskirjafi
dc.type.dcmitypetexten
dc.type.ontasotVäitöskirja (artikkeli)fi
dc.type.ontasotDoctoral dissertation (article-based)en
local.aalto.digiauthask
local.aalto.digifolderAalto_67652
Files
Original bundle
Now showing 1 - 3 of 3
No Thumbnail Available
Name:
isbn9789512299034.pdf
Size:
464.89 KB
Format:
Adobe Portable Document Format
No Thumbnail Available
Name:
publication2.pdf
Size:
270.16 KB
Format:
Adobe Portable Document Format
No Thumbnail Available
Name:
publication4.pdf
Size:
391 KB
Format:
Adobe Portable Document Format