1 / 14

A New Approach to Privacy Protection

A New Approach to Privacy Protection. January 14, 2003 Presented by Eugene Lishak. Prepared by Eugene Lishak With the help of Rajiv Aria. Summary of Today’s Presentation. 1. A general overview of the proposed solution

moanna
Download Presentation

A New Approach to Privacy Protection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. A New Approach to Privacy Protection January 14, 2003 Presented by Eugene Lishak Prepared by Eugene Lishak With the help of Rajiv Aria

  2. Summary of Today’s Presentation 1. A general overview of the proposed solution 2. Implementation of the proposed solution for databases of personal information held by government and private sector organizations 3. The use of smart cards in the proposed solution

  3. Consider the following databases Transportation Ministry Revenue Ministry Information System Organizational Structure Driver’s License No. Name Residential Address Driving Record Driving history SIN Name Income/Tax History Family data Each organization has its own database. There is no connection between them Bank Employer Bank Account # Debit Card # Name SIN Account data PIN-associated data Debit card data Employee No. Name SIN Payroll History Pass code

  4. Paradox of Database Integration • Operational efficiency and convenience demand that the databases be integrated • Security and privacy demand that databases be segregated How can we resolve this paradox?

  5. Preconditions of any Solution • Must maintain the present relationship between government and private sector organizations • Must permit each party to continue to control the personal information in their custody

  6. Proposed Solution: Two Levels of Resolution • At the Macro Level: • proposed solution will use encrypted indexes and hardware security modules (“HSMs”) • At the Micro Level: • proposed solution will use smart cards

  7. Index Encryption Employ individual’s SIN as universal index for database integration SIN 435 765 345

  8. Index Encryption Encrypted SIN cannot be tracked in any database SIN 5ef476e7c87d

  9. Questions Raised by Proposed Solution • If “Bad Guy” can not match personal data, how will “Good Guy” achieve this? • If “Good Guy” can match personal data, what are the rules to separate good guys from bad ones?

  10. Answer • Hardware Security Modules (HSM) will do the job

  11. New Organizational Model Transportation Ministry Revenue Ministry Driving license # SIN Name Residential Address Driving history SIN Income/tax history Family data Information System Organizational Structure HSM HSM Internet Each organization still maintains its own database Secure connection is provided by HSM HSM HSM Bank Account No. Debit Card No SIN PIN-associated data Account data Debit card data Employee # SIN Payroll History Pass code Bank Employer

  12. Example of Real-World Use of HSMEmployer is going to pay salary (A) Electronic paycheck with bank account number encrypted with employer’s key Email with paycheck. Bank account number is encrypted with bank’s public key Employee DB Employer’s HSM Employer’s. key Bank’s public key

  13. Example of Real-World Use of HSMEmployer is going to pay salary (B) Bank’s database Email with paycheck. Bank account number is encrypted with bank’s public key Account debit Bank,s HSM Bank’s key for accounts Bank’s private key

  14. PersonalSmart Card SIN Transportation Ministry Revenue Ministry Driving License Driver’s License No. SIN Name Residential Address Driving history SIN Income/tax history Family data HSM HSM Internet HSM HSM Bank Account # Debit Card Number SIN PIN-associated data Account data Debit card data Employee No. SIN Payroll History Pass code Employment Letter Bank Book Bank Employer Debit Card

More Related