bringing pets to the mainstream by using evaluation
Download
Skip this Video
Download Presentation
Bringing PETs to the Mainstream by Using Evaluation

Loading in 2 Seconds...

play fullscreen
1 / 29

Mr Ken Anderson Speaker Presentation - PowerPoint PPT Presentation


  • 407 Views
  • Uploaded on

Bringing PETs to the Mainstream by Using Evaluation. Ken Anderson Assistant Privacy Commissioner Information & Privacy Commissioner/Ontario [email protected] Agenda. Trends in large scale electronic systems Privacy Defined Privacy Enhancing Technologies (PETs)

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Mr Ken Anderson Speaker Presentation' - adamdaniel


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
bringing pets to the mainstream by using evaluation

Bringing PETs to the Mainstream by Using Evaluation

Ken Anderson

Assistant Privacy Commissioner

Information & Privacy Commissioner/Ontario

[email protected]

agenda
Agenda
  • Trends in large scale electronic systems
  • Privacy Defined
  • Privacy Enhancing Technologies (PETs)
  • Privacy Enhancing Technologies Testing and Evaluation Project (PETTEP)
  • Common Criteria
  • PETTEP developments
trends in large scale electronic systems1
Trends in Large Scale Electronic Systems
  • Governments around the world are increasingly moving to smart cards and PKI to provide better identification and additional services to the public (e.g. UK Chip and PIN Program, Canada E-Pass))
    • Enhance ID process
      • Prevent counterfeiting and protect against Identity Theft
      • Integrate different forms of IDs used for several purposes into one (Italy’s national id combines biometric, driver’s license, official id and health card)
    • Improve and add new services
      • Movement from “interacting” in-person to on-line
      • Combine with 3rd party services (e.g. Hong Kong Octopus Card, combines, fare transport card and digital cash in some outlets)
more trends in large scale electronic systems
More Trends in Large Scale Electronic Systems
  • Services incorporated on National/Enterprise Scale (for example):
    • Government-to-Citizen
      • Identification Documents (Italian national ID cards)
      • Voting
      • Taxes Online (Canada Customs and Revenue Agency)
      • Personal forms and documents
      • On-line access to government services and information (Hong Kong Electronic Service Delivery)
      • Digital notary (PKI)
    • Government-to-Business
      • Taxes
      • Business forms and documents
      • On-line access to government services and information
      • Digital notary (PKI)
privacy defined1
Privacy Defined
  • Personal control over the collection, use and disclosure of any recorded information about an identifiable individual
  • An organization\'s responsibility for data protection and safeguarding personal information in its custody or control
slide8

Privacy Concerns are increasing

  • Concern that information is collected, used, disclosed and protected properly
  • Compliance with legislation
privacy enhancing technologies1
Privacy Enhancing Technologies

PETs have been defined as

“a coherent system of Information and Communications Technology measures that protect privacy by eliminating or reducing personal data or by preventing unnecessary and/or undesired processing of personal data; all without losing the functionality of the data system“

- Dr. John Borking

privacy enhancing technologies2
Privacy Enhancing Technologies
  • A Partial List of Types of PETs
    • Anonymizers/Pseudonymizers
    • Limited Show Blind Signatures
    • Biometric Encryption
    • Secret Sharing
    • Privacy Preserving Data Mining
    • Unlinkable databases
    • Unobservable data management
slide13

The Concern.

Need to be able to trust PETs in order to Deploy

Are barriers to…

Different Testing schemes

No defined criteria

PETs Proliferation

No international coordination

Need to evaluate PETs under a common standard recognized internationally

pettep
PETTEP
  • March 2001: Ontario IPC formed an international team to take on the challenge of developing testing criteria for PET’s
  • Privacy Enhancing Technologies Testing and Evaluation Project (PETTEP)
  • Members included Privacy and CC experts from government, industry and legal
    • US Department of Defense
    • IBM
    • Microsoft
    • Data Protection/Privacy Commissions.
pettep goals
PETTEP Goals
  • Goals: Short Term to Long Term
    • Develop Testing Criteria for Labs
    • Implement Pilot Testing
    • Foster PET Technology Development
    • Advocate Technology Implementation
    • Design Privacy Protections into Technology Standards
enter the common criteria
Enter the Common Criteria

The Common Criteria (CC) represents the outcome of a series of efforts to develop criteria for evaluation of IT security that are broadly useful within the international community.

http://www.commoncriteria.org/

slide18

PETTEP

  • Consider basing evaluation of PETs on the CC
    • Internationally accepted criteria for ITS products
    • National evaluation schemes already exist to provide oversight, lab accreditation and evaluation methodology
    • Although intended for security - Privacy elements already included
    • “Security Functionality Requirements” may be mapped to the elements of the Privacy Fair Information Practices
why the common criteria as foundation
Why the Common Criteria as Foundation?
  • The Common Criteria had a place-holder already developed for privacy technologies that dealt with observability, linkability, traceability and anonymity.
  • The Communications & Security Establishment (CSE), US National Security Agency’s Canadian equivalent, joined the project and funded two initial contracts to examine elements of this project
  • The Common Criteria scheme was both endorsed by a growing number of national governments and formed an International Standards Organization (ISO) standard.
  • Independent testing labs around the world are accredited Common Criteria certifiers.
using the protection profile model in the common criteria
Using the Protection Profile Model in the Common Criteria
  • Protection Profile (a standard tool of the Common Criteria)
    • A statement of user need
    • A system design document
    • A consistent thread from ‘what’ to ‘how’
    • Based on fair information practices
    • Provides high-level guidelines
    • Implementation independent
  • Protection profile is an agreed upon approach within PETTEP to address evaluation of privacy functionality.
slide21

PETTEP Approach

  • Map Fair Information Practices to CC where possible
  • Determine how to approach evaluation of PETs – based on technology grouping, multiple Protects, single Protection Profiles, package?
  • Gain understanding and consensus within PETTEP membership on way ahead
  • Work within PETTEP to make reality soon
slide22

PETTEP 1st Workshop

  • Sept 11 2001 – Kiel, Germany
    • Initial meeting
    • Agreed upon use of Common Criteria (CC)
    • Reviewed & discussed Straw Man Privacy Protection Profile developed by DOMUS IT Security Lab.
pettep the 2nd workshop
PETTEP: The 2nd Workshop

April 2002: San Francisco

  • Undertook analysis of Electronic Warfare Associates-Canada Limited approach which proposed a new set of functional requirements directly related to Privacy that needed to be introduced to the Common Criteria
pettep the 3 rd workshop dresden
PETTEP - The 3rd Workshop - Dresden

March 2003: Dresden Germany

Fair Information Practices divided into 4 categories – allowing for the development of 4 Protection Profiles

US Department of Defense consultants presented the first Protection Profile – Privacy Security

Draft Protection Profile reviewed and generally accepted by Participants

slide25

PETTEP – Privacy PP Development

Security

Accuracy

Collection

Accountability

Includes:

  • Security and Safeguards
  • Openness
  • Includes:
  • Data Accuracy
  • Includes:
  • Consent
  • Identifying purpose
  • Limit use/disclosure
  • Limit collection
  • Includes:
  • Accountability
  • Challenging compliance
  • Individual access
pettep the 4 th workshop kiel
PETTEP - The 4th Workshop - Kiel
  • Analysis of CC for re-usable elements for Privacy
  • Final review of Privacy Security PP developed by DoD
  • Planned DoD CC evaluation of smart card using Privacy Protection Profiles
  • Review of proposed Data Protection Commission Privacy Seals as interim step in PETTEP
  • Examination of issues and way ahead
challenges remaining
Challenges remaining
  • How to use the existing functionality of the CC in creation of Privacy Protection Profiles (PP’s) (mapping of FIPS) – OR – are additional privacy functions required?
  • Development of the other PP’s
  • Evaluation of the designated PET products to the PP (proof of concept)
  • The need to evaluate more PET products (via PP or Security Targets)
  • How to encourage vendors to have PET products evaluated
  • Gaining acceptance of the PETTEP approach by the International Common Criteria
  • Time!and Money!!
summary and closing thoughts
Summary and Closing Thoughts
  • Next Steps for next 18 months:
    • Continue PETTEP workshops to review work by partners
    • Test technologies using Privacy Protection Profiles
    • Refine Privacy component of Common Criteria
    • Present to International CC body to accept Privacy additions to the Common Criteria
slide29

Thank You

Ken Anderson

Assistant Privacy Commissioner

Information & Privacy Commissioner/Ontario

[email protected]

ad