Online Privacy & Security PDF
Document Details
Tags
Summary
This document discusses online privacy and security, including the roles of data collectors and data brokers. It analyzes various security challenges associated with web servers and common vulnerabilities. The document also covers mobile application security aspects.
Full Transcript
IT2028 Online Privacy Data collectors collect information directly from their customers, Online Ecosystem (Stallings, 2019) audience, or other types of users of their services. Onl...
IT2028 Online Privacy Data collectors collect information directly from their customers, Online Ecosystem (Stallings, 2019) audience, or other types of users of their services. Online privacy refers to privacy concerns related to user Data brokers compile large amounts of personal data from interaction with Internet services through web servers and several data collectors and other data brokers without having mobile apps. direct online contact with the individuals whose information is in Websites collect personal information explicitly through a variety the collected data. Data brokers repackage and sell the collected of means, including registration pages, user surveys, and online information to various data users, typically without the contests, application forms, and order forms permission or input of the individuals involved. Because It also collects personal information through means that are not consumers generally do not directly interact with data brokers, obvious to consumers, such as cookies and other tracking they have no means of knowing the extent and nature of the technologies. Figure 1 illustrates the many players involved in information that data brokers collect about them and share with the online collection and use of personal data. others for their financial gain. Data brokers can collect information about consumers from various public and nonpublic sources, including courthouse records, website cookies, and loyalty card programs. Typically, brokers create profiles of individuals for marketing purposes and sell them to data users. The data users category encompasses a broad range. One type of data user is a business that wants to target its advertisements and special offers. Other uses are fraud prevention and credit risk assessment. Web Security and Privacy (Stallings, 2019) The WWW is fundamentally a client/server application running over the Internet. The use of the Web presents several security challenges: o The Web is vulnerable to attacks on web servers over the Internet. o Casual and untrained (in security matters) users are common clients for web-based services. Such users are not necessarily aware of the security risks that exist and do not have the tools or knowledge to take effective countermeasures. o A web server can be exploited as a launching pad into a corporation’s or an agency’s entire computer complex. Once a web server is subverted, an attacker may be able to gain access to data and systems not part of the Web itself but connected to the server at the local site. A useful way of breaking down the issues involved is to consider Figure 1. Personal Data Ecosystem the following classification of security and privacy issues: 04 Handout 1 *Property of STI [email protected] Page 1 of 4 IT2028 o Web server security and privacy are concerned with Figure 2 shows the following elements in the ecosystem within the vulnerabilities and threats associated with the which mobile device applications function: platform that hosts a website, including the operating o Cellular and Wi-Fi infrastructure: Modern mobile system (OS), file and database systems, and network devices are typically equipped with the capability to use traffic. cellular and Wi-Fi networks to access the Internet and to o Web application security and privacy are concerned place telephone calls. Cellular network cores also rely with web software, including any applications accessible upon authentication servers to use and store customer via the Web. authentication information. o Web browser security and privacy are concerned with o Public application stores (public app stores): Public the browser used from a client system to access a web app stores include native app stores; these are digital server. distribution services operated and developed by mobile OS vendors. For Android, the official app store is Google Mobile Ecosystem Play, and for iOS, it is simply called the App Store. These The execution of mobile applications on a mobile device may stores invest considerable effort in detecting and involve communication across several networks and interaction thwarting malware and ensuring that the apps do not with some systems owned and operated by a variety of parties. cause unwanted behavior on mobile devices. In addition, there are numerous third-party app stores. The danger with third-party stores is uncertainty about what level of trust the user or the enterprise should have that the apps are free of malware. o Device and OS vendor infrastructure: Mobile device and OS vendors host servers to provide updates and patches to the OS and apps. Other cloud-based services may be offered, such as storing user data and wiping a missing device. o Enterprise mobility management systems: Enterprise mobility management (EMM) is a general term that refers to everything involved in managing mobile devices and related components (e.g., wireless networks). EMM is much broader than just information security; it includes mobile application management, inventory management, and cost management. Although EMM is not directly classified as a security technology, it can help in deploying policies to an enterprise’s device pool and monitoring a device’s state. Figure 2. Mobile Ecosystem 04 Handout 1 *Property of STI [email protected] Page 2 of 4 IT2028 Mobile Application Vetting evaluates additional criteria to determine if the app violates any organization-specific security requirements that could not be ascertained by the analyzers The auditor then makes a recommendation to someone in the organization who has the authority to approve or reject an app for deployment on mobile devices. If the approver approves an app, the administrator can then deploy the app on the organization’s mobile devices. Threats from Application The first step in developing privacy by design and privacy engineering solutions for online privacy is to define the threats to online privacy. These threats are divided into two (2) areas: web application privacy and mobile app privacy. Web application privacy: The Open Web Application Security Project (OWASP) top 10 privacy risks project provides a list of the top privacy risks in web applications. The goal of the project is to identify the most important technical and organizational privacy risks for web applications from the perspectives of both Figure 3. App Vetting Process the user (data subject) and the provider (data owner). The risks are: The process of evaluation and approval or rejection of apps o Web application vulnerabilities: Failing to suitable within an organization, referred to as app vetting, is illustrated in design and implement an application, detect a problem, Figure 3. The vetting process begins when an app is acquired or promptly apply a fix (patch), which is likely to result in from a public or enterprise store or submitted by an in-house or a privacy breach. Vulnerability is a key problem in any third-party developer. system that guards or operates on sensitive user data. An administrator is a member of the organization who is o User-side data leakage: Failing to prevent the leakage responsible for deploying, maintaining, and securing the of any information containing or related to user data, or organization’s mobile devices as well as ensuring that deployed the data itself, to any unauthorized party resulting in loss devices and their installed apps conform to the organization’s of data confidentiality. Leakage may be introduced due security requirements. to either intentional malicious breach or mistake (e.g., The administrator submits the app to an app testing facility in caused by insufficient access management controls, the organization that employs automated and/or human insecure storage, duplication of data, or a lack of analyzers to evaluate the security characteristics of an app, awareness). including searching for malware, identifying vulnerabilities, and o Insufficient data breach response: Not informing the assessing risks. The resulting security report and risk affected persons (data subjects) about a possible assessment are conveyed to an auditor or auditors. breach or data leak, resulting in either from intentional The role of an auditor is to inspect reports and risk assessments or unintentional events; failure to remedy the situation from one or more analyzers to ensure that an app meets the by fixing the cause; not attempting to limit the leaks. security requirements of the organization. The auditor also 04 Handout 1 *Property of STI [email protected] Page 3 of 4 IT2028 o Insufficient deletion of personal data: Failing to o Insecure network communications: Network traffic delete personal data effectively and/or in a timely needs to be securely encrypted to prevent an adversary fashion after the termination of the specified purpose or from eavesdropping. Apps need to properly authenticate upon request. the remote server when connecting to prevent man-in- o Non-transparent policies, terms, and conditions: Not the-middle attacks and connection to malicious servers. providing sufficient information describing how data are o Web browser vulnerabilities: Adversaries can exploit processed, such as their collection, storage, and vulnerabilities in mobile device web browser processing. Failure to make this information easily applications as an entry point to gain access to a mobile accessible and understandable for non-lawyers. device. o Collection of data not required for the primary o Vulnerabilities in third-party libraries: Third-party purpose: Collecting descriptive, demographic, or any software libraries are reusable components that may be other user-related data that are not needed for the distributed freely or offered for a fee to other software system. Applies also to data for which the user did not vendors. Software development by component or provide consent. modules may be more efficient, and third-party libraries o Sharing of data with a third party: Providing user data are routinely used across the industry. However, a to a third party without obtaining the user’s consent. flawed library can introduce vulnerabilities in any app Sharing results either due to transfer or exchanging for that includes or makes use of that library. Depending on monetary compensation or otherwise due to the pervasiveness of the library, its use can potentially inappropriate use of third-party resources included in affect thousands of apps and millions of users. websites, such as widgets (e.g., maps, social networking buttons), analytics, or web bugs. o Outdated personal data: Using outdated, incorrect, or bogus user data and failing to update or correct the data. o Missing or insufficient session expiration: Failing to effectively enforce session termination. May result in the collection of additional user data without the user’s consent or awareness. o Insecure data transfer: Failing to provide data transfers over encrypted and secured channels, excluding the possibility of data leakage. Failing to enforce mechanisms that limit the leaking surface (e.g., allowing to infer any user data out of the mechanics of web application operation). Mobile app privacy: Legitimate mobile apps may be vulnerable References: to several privacy and security threats, typically due to poor Kumar, G., Saini, DK., Huy Cuong, NH. (2020). Cyber defense mechanisms: Security, coding practices used in app development or underlying privacy, and challenges. CRC Press. vulnerabilities in the mobile device operating system. Consider Stallings, W. (2019). Information privacy engineering and privacy by design: the following threats against vulnerable applications, Understanding privacy threats, technologies, and regulations. Assison-Wesley Professional. Torra, V. (2018). Data privacy: Foundations, new developments, and the encompassing both privacy and security threats: big data challenge. Springer International Publishing. 04 Handout 1 *Property of STI [email protected] Page 4 of 4