Introducing Privacy Awareness in Network Monitoring Ontologies

  • Giuseppe Tropea
  • Georgios V. Lioudakis
  • Nicola Blefari-Melazzi
  • Dimitra I. Kaklamani
  • Iakovos S. Venieris
Chapter

Abstract

The availability of IP traffic monitoring data is of great importance to network operators, researchers and law enforcement agencies. However, privacy legislation, commercial concerns and their implications constitute an impediment in the exploitation of such data. In order to allow compliance to the derived issues and protect privacy without compromising information usability, this chapter leverages findings from two separate research initiatives and aims at paving the way towards a unified approach for privacy-aware collection, processing and exchange of data that stem from network monitoring activities. It investigates the fundamental principles and requirements for a privacy-aware ontological model in the semantic domain of monitoring-data management and exchange, as well as a rule-based approach in specifying the appropriate privacy policies, and enables a clean separation between data models and security semantics. It pursues the definition of the appropriate structures for seamlessly introducing privacy awareness in network monitoring ontologies, including user context, intended usage purpose, data age and privacy obligations. Such an approach enables to transfer the expressiveness of legislation rules into the model and allow their automatic processing.

Keywords

Network monitoring Privacy Ontology 

References

  1. 1.
    Ohm, P., Sicker, D., Grunwald, D.: Legal issues surrounding monitoring during network research, In: Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement (IMC ‘07), San Diego, USA, October 24–26, pp. 141–148 (2007)Google Scholar
  2. 2.
    Zugenmaier, A., Claessens, J.: Privacy in electronic communications. In: Douligeris, C., Serpanos, D.N. (eds.) Network Security: Current Status and Future Directions, pp. 419–440. Wiley-Interscience, Hoboken (2007)Google Scholar
  3. 3.
    Lioudakis, G.V., Koutsoloukas, E.A., Dellas, N., Tselikas, N., Kapellaki, S., Prezerakos, G.N., Kaklamani, D.I., Venieris, I.S.: A middleware architecture for privacy protection. Comput. Netw. 51(16), 4679–4696 (2007)MATHCrossRefGoogle Scholar
  4. 4.
    Cranor, L.F.: I didn’t buy it for myself. In: Karat, C.-M., Blom, J.O., Karat, J. (eds.) Designing Personalized User Experiences in E-Commerce, pp. 57–73. Kluwer, Norwell (2004)CrossRefGoogle Scholar
  5. 5.
    Bissias, G.D., Liberatore, M., Jensen, D., Levine, B.N.: Privacy vulnerabilities in encrypted http streams. In: Proceedings of the 5th Workshop on Privacy Enhancing Technologies (PET 2005), Cavtat, Croatia, May 30–June 1, LNCS 3856 (2005)Google Scholar
  6. 6.
    Crotti, M., Gringoli, F., Pelosato, P., Salgarelli, L.: A statistical approach to IP-level classification of network traffic. In: Proceedings of the IEEE International Conference on Communications (ICC) 2006, Istanbul, Turkey, June 11–15, 2006Google Scholar
  7. 7.
    Hintz, A.: Fingerprinting websites using traffic analysis. In: Proceedings of the 2nd Workshop on Privacy Enhancing Technologies (PET 2002), San Francisco, CA, USA, April 14–15, LNCS 2482 (2002)Google Scholar
  8. 8.
    Sun, Q., Simon, D.R., Wang, Y.-M., Russell, W., Padmanabhan, V.N., Qiu, L.: Statistical identification of encrypted web browsing traffic. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy (SP’ 02), Marseille, France, May 12–15, 2002Google Scholar
  9. 9.
    Bellovin, S.: A technique for counting NATted hosts. In: Proceedings of the 2nd ACM Workshop on Internet Measurement (IMW’ 02), Berkeley, CA, USA, November 6–8, 2002Google Scholar
  10. 10.
    European Parliament and Council: Directive 2002/58/EC of the European parliament and of the council concerning the processing of personal data and the protection of privacy in the electronic communications sector (directive on privacy and electronic communications). Off. J. Eur. Communities L 201, 37–47 (2002)Google Scholar
  11. 11.
    European Parliament and Council: Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC. Off. J. Eur. Communities L 105, 54–63 (2006)Google Scholar
  12. 12.
    United States Code 18, § 2701: Unlawful access to stored communicationsGoogle Scholar
  13. 13.
    European Parliament and Council: Directive 95/46/EC of the European parliament and of the council on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Off. J. Eur. Communities L 281, 31–50 (1995)Google Scholar
  14. 14.
    Lioudakis, G.V., Gaudino, F., Boschi, E., Bianchi, G., Kaklamani, D.I., Venieris, I.S.: Legislation-aware privacy protection in passive network monitoring. In: Portela, I.M., Cruz-Cunha, M.M. (eds.) Information Communication Technology Law, Protection and Access Rights: Global Approaches and Issues. IGI Global, Hershey (2010)Google Scholar
  15. 15.
    Koukis, D., Antonatos, S., Antoniades, D., Trimintzios, P., Markatos, E.P.: “A generic anonymization framework for network traffic. In: Proceedings of the IEEE International Conference on Communications 2006 (ICC 2006), Istanbul, Turkey, June 11–15, 2006Google Scholar
  16. 16.
    Claise, B. (ed.): Specification of the IP flow information export (IPFIX) protocol for the exchange of IP traffic flow information. In: IETF RFC 5101, January 2008Google Scholar
  17. 17.
    Boschi, E., Trammel, B.: IP flow anonymisation support. IETF Internet Draft (2009). http://www.ietf.org/id/draft-ietf-ipfix-anon-01.txt
  18. 18.
    Pang, R., Allman, M., Paxson, V., Lee, J.: The devil and packet trace anonymization. ACM Comput. Commun. Rev. 36(1), 29–38 (2006)CrossRefGoogle Scholar
  19. 19.
    Burkhart, M., Schatzmann, D., Trammell, B., Boschi, E., Plattner, B.: The role of network trace anonymization under attack. Comput. Commun. Rev. 40(1), 5–11 (2010)Google Scholar
  20. 20.
    McSherry, F., Mahajan, R.: Differentially-private network trace analysis. In: Proceedings of the ACM SIGCOMM 2010, New Delhi, India, August 30–September 03, 2010Google Scholar
  21. 21.
    Mittal, P., Paxson, V., Summer, R., Winterrowd, M.: Securing mediated trace access using black-box permutation analysis. In: Proceedings of the 8th ACM Workshop on Hot Topics in Networks (HotNets 2009), New York, USA, October 22–23, 2009Google Scholar
  22. 22.
    FP7 ICT Project PRISM (PRIvacy-aware Secure Monitoring), Home Page: http://fp7-prism.eu/
  23. 23.
    FP7 ICT Project MOMENT (Monitoring and Measurement in the Next Generation Technologies), Home Page: http://fp7-moment.eu/
  24. 24.
    Papazoglou, M.P., van den Heuvel, W.-J.: Service oriented architectures: approaches, technologies and research issues. VLDB J. 16(3), 389–425 (2007)CrossRefGoogle Scholar
  25. 25.
    FP7 ICT Project DEMONS (DEcentralized, Cooperative, and Privacy-Preserving MONitoring for Trustworthiness), Home Page: http://fp7-demons.eu/
  26. 26.
    ETSI Industry Specification Group on “Measurement Ontology for IP Traffic” (ETSI ISG MOI), Home Page: http://portal.etsi.org/MOI/
  27. 27.
    Gruber, T.R.: A translation approach to portable ontology specifications. Knowl. Acquis. 5(2), 199–220 (1993)CrossRefGoogle Scholar
  28. 28.
    Tropea, G., Scibilia, F., Blefari-Melazzi, N.: A semantic framework to anonymize network data and define their acceptable use. In: Proceedings of the 18th ICT Mobile & Wireless Communications Summit 2009, Santander, Spain, June 10–12, 2009Google Scholar
  29. 29.
    Salvador, A., López de Vergara, J.E., Tropea, G., Blefari-Melazzi, N., Ferreiro, Á., Katsu, Á.: A semantically distributed approach to map IP traffic measurements to a standardized ontology. IRCC IJCNC Int. J. Comput. Netw. Commun. 2(1), 13–31 (2010)Google Scholar
  30. 30.
    Lioudakis, G.V., Gogoulos, F., Antonakopoulou, A., Kaklamani, D.I., Venieris, I.S.: Privacy protection in passive network monitoring: an access control approach. In: Proceedings of the 23rd IEEE International Conference on Advanced Information Networking and Applications (IEEE AINA-09), Bradford, UK, May 26–29, 2009Google Scholar
  31. 31.
    Gogoulos, F., Antonakopoulou, A., Lioudakis, G.V., Mousas, A., Kaklamani, D.I., Venieris, I.S.: Privacy-aware access control and authorization in passive network monitoring infrastructures. In: Proceedings of the 3rd IEEE International Symposium on Trust, Security and Privacy for Emerging Applications (TSP-10), Bradford, UK, June 29–July 1, 2010Google Scholar
  32. 32.
    International Telecommunication Union (ITU)—Telecommunication Standardization Sector: Information technology—open systems interconnection—the directory: public-key and attribute certificate frameworks. ITU-T Recommendation X.509, August 2005Google Scholar
  33. 33.
    Casassa Mont, M.: Dealing with privacy obligations: important aspects and technical approaches. In: Proceedings of the International Workshop on Trust and Privacy in Digital Business (TrustBus 2004), Zaragoza, Spain, August 30–September 3, 2004Google Scholar
  34. 34.
    Parsia, B., Sirin, E., Grau, B.C., Ruckhaus, E., Hewlett, D.: Cautiously approaching SWRL. Technical Report, University of Maryland (2005)Google Scholar
  35. 35.
    O’Connor, M.J., Das, A.K.: SQWRL: a query language for OWL. In: Proceedings of the 5th International Workshop on OWL: Experiences and Directions (OWLED 2009), Chantilly, VA, United States, October 23–24, 2009Google Scholar
  36. 36.
    SPARQL Query Language for RDF, W3C Recommendation. http://www.w3.org/TR/rdf-sparql-query/, January 2008
  37. 37.
    Samwald, M.: Classes versus individuals: fundamental design issues for ontologies on the biomedical semantic web. In: Proceedings of the European Federation for Medical Informatics, Special Topic Conference, Timisoara, Romania, April 6–8, 2006Google Scholar

Copyright information

© Springer-Verlag Italia Srl 2011

Authors and Affiliations

  • Giuseppe Tropea
    • 1
  • Georgios V. Lioudakis
  • Nicola Blefari-Melazzi
    • 1
  • Dimitra I. Kaklamani
  • Iakovos S. Venieris
  1. 1.CNIT - Consorzio Nazionale Interuniversitario per le TelecomunicazioniUdR Roma Tor VergataRomeItaly

Personalised recommendations