Wicker-WiretapsToFacebook

Download Report

Transcript Wicker-WiretapsToFacebook

Steve Wicker
Cornell University
TRUST Autumn 2011 Conference
1

One of several “Intro to Engineering” courses
◦ College of Engineering freshmen must take one
◦ Designed to entice freshmen to affiliate with ECE,
CS, or Information Science

Three Modules
◦ Info Networking Technology
◦ Security
◦ Privacy

Currently being taught for the second time.
TRUST Autumn 2011 Conference
2



Journal and newspaper articles
Text (in development)
Guest lectures
TRUST Autumn 2011 Conference
3

Information Networking Technology
◦ 3G and 4G Cellular
 Voice/Data/Everything else Convergence
 Centralized Architecture
◦ WiFi
◦ Internet
 TCP/IP
 End to End Design
◦ Voice over IP
TRUST Autumn 2011 Conference
4

Information Security and Cryptology
◦ Symmetric and Asymmetric Key Cryptography
 PKIs
◦ The Trusted Platform Module
◦ Zero-Knowledge Proofs and Anonymous
Authentication
◦ National Crypto Policy
User A
Encryption
User A
User B
Unsecure Channel
Decryption
User B
Encryption
Key
Generator
Unsecure Channel
Decryption
Public
Encryption
Key
Private
Decryption
Key
Secure Channel
Unsecure Channel
TRUST Autumn 2011 Conference
PC Driven
Key
Generation
5

Network Security
◦ Private Computing though Cryptography
◦ Key Distribution Schemes
◦ Remote Attestation in Distributed Systems
TRUST Autumn 2011 Conference
6

Information Privacy
◦
◦
◦
◦
Definitions of Privacy
Why Should We Care?
The Societal Impact of Privacy Invasion
Privacy and Security on Social Networking Sites
TRUST Autumn 2011 Conference
7

Privacy Law
◦
◦
◦
◦
Technical and Legal History of the Wiretap
Information Content vs. Context
The Electronic Communication Privacy Act
CALEA and VoIP
TRUST Autumn 2011 Conference
8



Privacy-Aware Design Practices
Behavioral Economics and Technologies that
“Nudge”
Student Project
TRUST Autumn 2011 Conference
9



Students select a networked technology
and explore how it might be used as a
surveillance technology.
They apply privacy-aware design practices
to re-design the system to make it more
privacy-friendly.
Suggested technologies:
◦ cellular networks, smart meters for power
consumption monitoring, and wireless Internet
services.
TRUST Autumn 2011 Conference
10

Privacy-Aware Design of Web Browsers and
Websites

Taking Back Locational Privacy

Privacy-aware RFIDs
TRUST Autumn 2011 Conference
11