Sasha Romanosky
Alessandro Acquisti
Jason Hong
Lorrie Faith Cranor
ABSTRACT
A proper security architecture is an essential part of implementing robust and reliable networked applications. Security patterns have shown how reoccurring problems can be best solved with proven solutions. However, while they are critical for ensuring the confidentiality, integrity and availability of computing systems, security patterns do not specifically (or necessarily) address the privacy of individuals. Building on existing privacy pattern work, we identify three privacy patterns for web-based activity: INFORMED CONSENT FOR WEB-BASED TRANSACTIONS, MASKED ONLINE TRAFFIC, and MINIMAL INFORMATION ASYMMETRY. The first pattern addresses a system architecture issue and draws on Friedman's model for informed consent. The second and third patterns provide support for end users and extend Jiang's 'Principle of Minimum Asymmetry.' These patterns describe how users can protect their privacy by both revealing less about themselves, and acquiring more information from the party with whom they are communicating.
- Yoder, J. and Baraclow, J., "Architectural Patterns for Enabling Application Security," In Proceedings of Pattern Languages of Programs (PLoP), 1997.Google Scholar
- Matjaz, M., Nashi, N., Berry, C., Kunnumpurath, M., Carnell, J. and Romanosky, S., "J2EE Design Patterns Applied," WROX Press, 2002.Google Scholar
- Markus, M., Fernandez, E., Hybertson, D., Buschmann, F. and Sommerlad P. (editors) "Security Patterns: Integrating Security and System Engineering," Wiley Press, 2006.Google Scholar
- Blakely, B., Health, C., "Security Design Patterns," The Open Group, 2004.Google Scholar
- Steel, C., Nagappan, R. and Lai, R., "Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management," Prentice Hall, 2005.Google Scholar
- International Standards Organisation, "Common Criteria for Information Technology Security Evaluation," http://www.commoncriteriaportal.org/public/consumer/index.php?menu=2, 1999.Google Scholar
- Schumacher, M., "Security Patterns and Security Standards - With Selected Security Patterns for Anonymity and Privacy," European Conference on Pattern Languages of Programs (EuroPLoP), 2002.Google Scholar
- Chung, E. S., Hong, J., Lin, J., Prabaker, M. K., Landay, J. A., and Liu, A., "Development and Evaluation of Emerging Design Patterns for Ubiquitous Computing," In Proceedings of Designing Interactive Systems (DIS2004), 2004. Google ScholarDigital Library
- Schümmer, T., "The Public Privacy -- Patterns for Filtering Personal Information in Collaborative Systems," In Proceedings of the Conference on Human Factors in Computing Systems (CHI) 2004.Google Scholar
- Friedman, B., Millett, L. and Felten, E., "Informed consent online: A conceptual model and design principles," UW CSE Technical Report 00-12-02. Seattle, WA: University of Washington, Department of Computer Science and Engineering, 2000.Google Scholar
- Friedman, B., Howe, D. C. and Felten, E., "Informed consent in the Mozilla browser: Implementing Value-Sensitive Design," In Proceedings of the Thirty-Fifth Annual Hawai'i International Conference on System Sciences, 2002. Google ScholarDigital Library
- Duncan, G. and Pearson, R., "Enhancing Access to Microdata while Protecting Confidentiality: Prospects for the Future," Statistical Science, Vol 6, No3, pp219--239, 1991.Google ScholarCross Ref
- Buschmann, F., Meunier, R., Rohnert, H., Sommerlad, P. and Stal, P., "Pattern-Oriented Software Architecture," John Wiley & Sons, 1996. Google ScholarDigital Library
- Acquisti, A., "Privacy in Electronic Commerce and the Economics of Immediate Gratification", In Proceedings of the ACM Electronic Commerce Conference (EC 04). New York, NY: ACM Press, 21--29, 2004. Google ScholarDigital Library
- Cranor, L. F., "Web Privacy with P3P," O'Reilly Media Inc., 2002. Google ScholarDigital Library
- Jiang, X., Hong, J. and Landay, J., "Approximate Information Flows: Socially-based Modeling of Privacy in Ubiquitous Computing," University of California Berkeley, 2002.Google Scholar
- Goldschlag, D., Reed, M., and Syverson, P., "Onion Routing for Anonymous and Private Internet Connections," Communications of the ACM, vol. 42, num. 2, February 1999. Google ScholarDigital Library
- Serjantov, A., Danezis, G., "Towards an Information Theoretic Metric for Anonymity," University of Cambridge, 2002.Google Scholar
- Engelman, S., Cranor, L. F. and Chowdury, A., "An analysis of P3P-Enabled web sites among Top-20 Search Results," Carnegie Mellon University, 2005.Google Scholar
- Odlyzko, A., "Privacy, Economics, and Price Discrimination" Digital Technology Center, University of Minnesota, 2003.Google Scholar
- Cranor, L. F., Reagle, J. and Ackerman, M., "Beyond Concern: Understanding Net Users' Attitudes About Online Privacy," AT&T Labs, 1999.Google Scholar
- Reiter, M. and Rubin, A., "Crowds: Anonymity for Web Transactions," Communications of the ACM, 1999.Google Scholar
- Chaum, D., "Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms," Communications of the ACM, v. 24, n. 2, pp. 84--88, 1981. Google ScholarDigital Library
- Dingledine, R., Mathewson, N., and Syverson, P., "Tor: The Second-Generation Onion Router," In Proceedings of the 13th USENIX Security Symposium, 2004. Google ScholarDigital Library
- Danezis, G., Dingledine, R. and Mathewson. N., "Mixminion: Design of a Type III Anonymous Remailer Protocol," IEEE Symposium on Security and Privacy, 2003. Google ScholarDigital Library
- Davis, J., "The Experience of 'Bad' Behavior in Online Social Spaces: A Survey of Online Users," Social Computing Group, Microsoft Research, 2002.Google Scholar
- Noam, E., "Privacy and Self-Regulation: Markets for Electronic Privacy" Privacy and Self-Regulation in the Information Age," US Department of Commerce, 1997.Google Scholar
- Akerlof, G., "The Market for Lemons: Quality uncertainty and the Market Mechanism," Quarterly Journal of Economics, 84(3), pp. 488--500, 1970.Google ScholarCross Ref
- Sadicoff, M., Larrondo-Petrie, M., and Fernandez, E., "Privacy-Aware Network Client Pattern," Proceedings of the Pattern Languages of Programs, 2005.Google Scholar
Index Terms
- Privacy patterns for online interactions
Recommendations
Toward Applying Online Privacy Patterns Based on the Design Problem: A Systematic Review
Design, User Experience, and Usability: Theory and PracticeAbstractPrivacy patterns are design solutions to common privacy problems—a way to translate “privacy-by-design” into practical advice for software engineering. This paper aims to provide a collection of privacy patterns proposed by previous work through a ...
Land of the lost: privacy patterns' forgotten properties: enhancing selection-support for privacy patterns
SAC '21: Proceedings of the 36th Annual ACM Symposium on Applied ComputingPrivacy patterns describe core aspects of privacy-enhancing solutions to recurring problems and can, therefore, be instrumental to the privacy-by-design paradigm. However, the privacy patterns domain is still evolving. While the main focus is currently ...
The Pseudonym Broker Privacy Pattern in Medical Data Collection
TRUSTCOM '15: Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA - Volume 01This paper presents a privacy pattern for the collection of personal data from various sources and combining these into a single database, whilst protecting the privacy of the data subjects involved by using pseudonyms that prevent the joining of data. ...
Comments