Abstract
The availability of IP traffic monitoring data is of great importance to network operators, researchers and law enforcement agencies. However, privacy legislation, commercial concerns and their implications constitute an impediment in the exploitation of such data. In order to allow compliance to the derived issues and protect privacy without compromising information usability, this chapter leverages findings from two separate research initiatives and aims at paving the way towards a unified approach for privacy-aware collection, processing and exchange of data that stem from network monitoring activities. It investigates the fundamental principles and requirements for a privacy-aware ontological model in the semantic domain of monitoring-data management and exchange, as well as a rule-based approach in specifying the appropriate privacy policies, and enables a clean separation between data models and security semantics. It pursues the definition of the appropriate structures for seamlessly introducing privacy awareness in network monitoring ontologies, including user context, intended usage purpose, data age and privacy obligations. Such an approach enables to transfer the expressiveness of legislation rules into the model and allow their automatic processing.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Ohm, P., Sicker, D., Grunwald, D.: Legal issues surrounding monitoring during network research, In: Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement (IMC ‘07), San Diego, USA, October 24–26, pp. 141–148 (2007)
Zugenmaier, A., Claessens, J.: Privacy in electronic communications. In: Douligeris, C., Serpanos, D.N. (eds.) Network Security: Current Status and Future Directions, pp. 419–440. Wiley-Interscience, Hoboken (2007)
Lioudakis, G.V., Koutsoloukas, E.A., Dellas, N., Tselikas, N., Kapellaki, S., Prezerakos, G.N., Kaklamani, D.I., Venieris, I.S.: A middleware architecture for privacy protection. Comput. Netw. 51(16), 4679–4696 (2007)
Cranor, L.F.: I didn’t buy it for myself. In: Karat, C.-M., Blom, J.O., Karat, J. (eds.) Designing Personalized User Experiences in E-Commerce, pp. 57–73. Kluwer, Norwell (2004)
Bissias, G.D., Liberatore, M., Jensen, D., Levine, B.N.: Privacy vulnerabilities in encrypted http streams. In: Proceedings of the 5th Workshop on Privacy Enhancing Technologies (PET 2005), Cavtat, Croatia, May 30–June 1, LNCS 3856 (2005)
Crotti, M., Gringoli, F., Pelosato, P., Salgarelli, L.: A statistical approach to IP-level classification of network traffic. In: Proceedings of the IEEE International Conference on Communications (ICC) 2006, Istanbul, Turkey, June 11–15, 2006
Hintz, A.: Fingerprinting websites using traffic analysis. In: Proceedings of the 2nd Workshop on Privacy Enhancing Technologies (PET 2002), San Francisco, CA, USA, April 14–15, LNCS 2482 (2002)
Sun, Q., Simon, D.R., Wang, Y.-M., Russell, W., Padmanabhan, V.N., Qiu, L.: Statistical identification of encrypted web browsing traffic. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy (SP’ 02), Marseille, France, May 12–15, 2002
Bellovin, S.: A technique for counting NATted hosts. In: Proceedings of the 2nd ACM Workshop on Internet Measurement (IMW’ 02), Berkeley, CA, USA, November 6–8, 2002
European Parliament and Council: Directive 2002/58/EC of the European parliament and of the council concerning the processing of personal data and the protection of privacy in the electronic communications sector (directive on privacy and electronic communications). Off. J. Eur. Communities L 201, 37–47 (2002)
European Parliament and Council: Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC. Off. J. Eur. Communities L 105, 54–63 (2006)
United States Code 18, § 2701: Unlawful access to stored communications
European Parliament and Council: Directive 95/46/EC of the European parliament and of the council on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Off. J. Eur. Communities L 281, 31–50 (1995)
Lioudakis, G.V., Gaudino, F., Boschi, E., Bianchi, G., Kaklamani, D.I., Venieris, I.S.: Legislation-aware privacy protection in passive network monitoring. In: Portela, I.M., Cruz-Cunha, M.M. (eds.) Information Communication Technology Law, Protection and Access Rights: Global Approaches and Issues. IGI Global, Hershey (2010)
Koukis, D., Antonatos, S., Antoniades, D., Trimintzios, P., Markatos, E.P.: “A generic anonymization framework for network traffic. In: Proceedings of the IEEE International Conference on Communications 2006 (ICC 2006), Istanbul, Turkey, June 11–15, 2006
Claise, B. (ed.): Specification of the IP flow information export (IPFIX) protocol for the exchange of IP traffic flow information. In: IETF RFC 5101, January 2008
Boschi, E., Trammel, B.: IP flow anonymisation support. IETF Internet Draft (2009). http://www.ietf.org/id/draft-ietf-ipfix-anon-01.txt
Pang, R., Allman, M., Paxson, V., Lee, J.: The devil and packet trace anonymization. ACM Comput. Commun. Rev. 36(1), 29–38 (2006)
Burkhart, M., Schatzmann, D., Trammell, B., Boschi, E., Plattner, B.: The role of network trace anonymization under attack. Comput. Commun. Rev. 40(1), 5–11 (2010)
McSherry, F., Mahajan, R.: Differentially-private network trace analysis. In: Proceedings of the ACM SIGCOMM 2010, New Delhi, India, August 30–September 03, 2010
Mittal, P., Paxson, V., Summer, R., Winterrowd, M.: Securing mediated trace access using black-box permutation analysis. In: Proceedings of the 8th ACM Workshop on Hot Topics in Networks (HotNets 2009), New York, USA, October 22–23, 2009
FP7 ICT Project PRISM (PRIvacy-aware Secure Monitoring), Home Page: http://fp7-prism.eu/
FP7 ICT Project MOMENT (Monitoring and Measurement in the Next Generation Technologies), Home Page: http://fp7-moment.eu/
Papazoglou, M.P., van den Heuvel, W.-J.: Service oriented architectures: approaches, technologies and research issues. VLDB J. 16(3), 389–425 (2007)
FP7 ICT Project DEMONS (DEcentralized, Cooperative, and Privacy-Preserving MONitoring for Trustworthiness), Home Page: http://fp7-demons.eu/
ETSI Industry Specification Group on “Measurement Ontology for IP Traffic” (ETSI ISG MOI), Home Page: http://portal.etsi.org/MOI/
Gruber, T.R.: A translation approach to portable ontology specifications. Knowl. Acquis. 5(2), 199–220 (1993)
Tropea, G., Scibilia, F., Blefari-Melazzi, N.: A semantic framework to anonymize network data and define their acceptable use. In: Proceedings of the 18th ICT Mobile & Wireless Communications Summit 2009, Santander, Spain, June 10–12, 2009
Salvador, A., López de Vergara, J.E., Tropea, G., Blefari-Melazzi, N., Ferreiro, Á., Katsu, Á.: A semantically distributed approach to map IP traffic measurements to a standardized ontology. IRCC IJCNC Int. J. Comput. Netw. Commun. 2(1), 13–31 (2010)
Lioudakis, G.V., Gogoulos, F., Antonakopoulou, A., Kaklamani, D.I., Venieris, I.S.: Privacy protection in passive network monitoring: an access control approach. In: Proceedings of the 23rd IEEE International Conference on Advanced Information Networking and Applications (IEEE AINA-09), Bradford, UK, May 26–29, 2009
Gogoulos, F., Antonakopoulou, A., Lioudakis, G.V., Mousas, A., Kaklamani, D.I., Venieris, I.S.: Privacy-aware access control and authorization in passive network monitoring infrastructures. In: Proceedings of the 3rd IEEE International Symposium on Trust, Security and Privacy for Emerging Applications (TSP-10), Bradford, UK, June 29–July 1, 2010
International Telecommunication Union (ITU)—Telecommunication Standardization Sector: Information technology—open systems interconnection—the directory: public-key and attribute certificate frameworks. ITU-T Recommendation X.509, August 2005
Casassa Mont, M.: Dealing with privacy obligations: important aspects and technical approaches. In: Proceedings of the International Workshop on Trust and Privacy in Digital Business (TrustBus 2004), Zaragoza, Spain, August 30–September 3, 2004
Parsia, B., Sirin, E., Grau, B.C., Ruckhaus, E., Hewlett, D.: Cautiously approaching SWRL. Technical Report, University of Maryland (2005)
O’Connor, M.J., Das, A.K.: SQWRL: a query language for OWL. In: Proceedings of the 5th International Workshop on OWL: Experiences and Directions (OWLED 2009), Chantilly, VA, United States, October 23–24, 2009
SPARQL Query Language for RDF, W3C Recommendation. http://www.w3.org/TR/rdf-sparql-query/, January 2008
Samwald, M.: Classes versus individuals: fundamental design issues for ontologies on the biomedical semantic web. In: Proceedings of the European Federation for Medical Informatics, Special Topic Conference, Timisoara, Romania, April 6–8, 2006
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Italia Srl
About this chapter
Cite this chapter
Tropea, G., Lioudakis, G.V., Blefari-Melazzi, N., Kaklamani, D.I., Venieris, I.S. (2011). Introducing Privacy Awareness in Network Monitoring Ontologies. In: Salgarelli, L., Bianchi, G., Blefari-Melazzi, N. (eds) Trustworthy Internet. Springer, Milano. https://doi.org/10.1007/978-88-470-1818-1_24
Download citation
DOI: https://doi.org/10.1007/978-88-470-1818-1_24
Published:
Publisher Name: Springer, Milano
Print ISBN: 978-88-470-1817-4
Online ISBN: 978-88-470-1818-1
eBook Packages: EngineeringEngineering (R0)