The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.04 - July/August (2010 vol.8)
pp: 31-39
Kc Claffy , University of California , La Jolla
ABSTRACT
The current reluctance to share systems and network data derives from gaps in the law, commercial pressures, and evolving considerations of threat models and ethical behavior. Internet research stakeholders have an opportunity to tip the risk scales in favor of more protected data sharing by proactively implementing appropriate privacy risk management. The privacy-sensitive sharing (PS2) framework integrates privacy-enhancing technologies with a policy framework. The authors evaluate this framework along two primary criteria: how well the policies and techniques address privacy risks, and how well policies and techniques achieve utility objectives. A case study applies the framework to enable network operational data sharing for cybersecurity RD.
INDEX TERMS
Internet measurement, information privacy, network security, information sharing, data privacy risk management
CITATION
Kc Claffy, "Dialing Privacy and Utility: A Proposed Data-Sharing Framework to Advance Internet Research", IEEE Security & Privacy, vol.8, no. 4, pp. 31-39, July/August 2010, doi:10.1109/MSP.2010.57
REFERENCES
1. M. Crovella and B. Krishnamurthy, Internet Measurement: Infrastructure, Traffic and Applications, John Wiley & Sons, 2006.
2. M. Allman and V. Paxson, "Issues and Etiquette Concerning Use of Shared Measurement Data," Proc. Internet Measurement Conf. (IMC 07), ACM Press, pp. 135–140.
3. Guide to Protecting the Confidentiality of Personally Identifiable Information, US Nat'l Inst. of Standards and Technology, 2009.
4. A. Burstein, "Amending the ECPA to Enable a Culture of Cybersecurity Research," Harvard J. Law & Technology, vol. 22, no. 1, 2008, pp. 167–222.
5. M. Burkhart et al., "The Role of Network Trace Anonymization under Attack," ACM SIGCOMM Computer Comm. Rev., vol. 40, no. 1, 2009, pp. 5–11.
6. CDT's Guide to Online Privacy, Center for Democracy and Technology, 2009.
7. M. Barbaro and T. Zeller Jr., "A Face is Exposed for AOL Searcher No. 4417749," New York Times,9 Aug. 2006; www.nytimes.com/2006/08/09/technology09aol.html .
8. L. Cauley, "NSA Has Massive Database of Americans' Phone Calls," USA Today, 11 May 2006; www.usatoday.com/news/washington2006-05-10-nsa_x.htm .
9. C. Porter, "De-Identified Data and Third Party Data Mining: The Risk of Re-Identification of Personal Information," Shilder J. Law, Comm., and Technology, vol. 3, 23 Sept. 2008; www.lctjournal.washington.edu/Vol5a03Porter.html .
10. A. Narayanan and V. Shmatikov, "Robust De-anonymization of Large Sparse Datasets," IEEE Symp. Security and Privacy, IEEE CS Press, 2008, pp. 111–125.
11. C.B. Duke et al., eds., Network Science, Nat'l Academies Press, 2006.
12. OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, Organization for Economic Cooperation and Development, 1980.
13. P.A. Swire, "Theory of Disclosure for Security and Competitive Reasons: Open Source, Proprietary Software, and Government Agencies," Houston Law Rev., vol. 42, no. 5, 2006, paper 49.
22 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool