Abstract
Flocks is a privacy-enhancing technology (PET) used to hide the web usage patterns of employees in an organization against profiling or mere inspection by administrators and other officials. However, Flocks is intended to support the identification of senders of malicious requests by means of a legitimate forensic investigation.
This paper formalizes what should be logged for an appropriate forensic investigation. Also, it considers exactly what evidence should be explored once a malicious request has been noticed. It argues that (i) evidence that would have been collected about a malicious request if the PET were not used, should still be collected, and (ii) evidence that becomes visible by some legitimate means because the PET is used, should be collected. However, information that has not become visible by such legitimate means, but is available because the PET is being used, should not be collected. In the latter case, privacy concerns override the fact that a malicious request might be uncovered by investigating more logged information. These positions are defended and formalized using mathematical notation.
Chapter PDF
Similar content being viewed by others
References
R. Agrawal, J. Kiernan, R. Srikant and Y. Xu, Hippocratic databases, Proceedings of the Twenty-Eighth International Conference on Very Large Databases, 2002.
P. Ashley, S. Hada, G. Karjoth and M. Schunter, E-P3P privacy policies and privacy authorization, Proceedings of the ACM Workshop on Privacy in the Electronic Society, pp. 103–109, 2003.
C. Boyd and P. Forster, Time and date issues in forensic computing — A case study, Digital Investigation, vol. 1(1), pp. 8–23, 2004.
D. Brezinski and T. Killalea, Guidelines for evidence collection and archiving, RFC 3227, The Internet Society, February 2002.
I. Brown and B. Laurie, Security against compelled disclosure, Proceedings of the Sixteenth Annual Computer Security Applications Conference, pp. 2–10, 2000.
M. Caloyannides, Encryption wars: Shifting tactics, IEEE Spectrum, vol. 37(5), pp. 46–51, 2000.
D. Chaum, Untraceable electronic mail, return addresses and digital pseudonyms, Communications of the ACM, vol. 24(2), pp. 84–88, 1981.
G. Du Pont, The time has come for limited liability operators of true anonymity remailers in cyberspace: An examination of the possibilities and the perils, Journal of Technology Law & Policy, vol. 6(2), pp. 175–217, 2001.
A. Froomkin, Flood control on the information ocean: Living with anonymity, digital cash and distributed databases, University of Pittsburgh Journal of Law and Commerce, vol. 395(15), 1996.
E. Gabber, P. Gibbons, D. Kristol, Y. Matias and A. Mayer, Consistent, yet anonymous, web access with LPWA, Communications of the ACM, vol. 42(2), pp. 42–47, 1999.
I. Goldberg, D. Wagner and E. Brewer, Privacy-enhancing technologies for the Internet, Proceedings of the Forty-Second IEEE International Computer Conference, pp. 103–109, 1997.
D. Goldschlag, M. Reed and P. Syverson, Onion routing, Communications of the ACM, vol. 42(2), pp. 39–41, 1999.
IBM, Privacy in a connected world (www-l.ibm.com/industries/government/doc/content/bin/private.pdf), 2002.
G. Karjoth, M. Schunter and M. Waidner, Platform for Enterprise Privacy Practices: Privacy-enabled management of customer data, Proceedings of the Second International Workshop on Privacy Enhancing Technologies, 2003.
M. Olivier, A layered architecture for privacy-enhancing technologies, South African Computer Journal, vol. 31, pp. 53–61, 2003.
M. Olivier, Flocks: Distributed proxies for browsing privacy, in Proceedings of SAICSIT 2004 — Fulfilling the Promise of ICT, G. Marsden, P. Kotze and A. Adesina-Ojo (Eds.), pp. 79–88, 2004.
Organization for Economic Cooperation and Development (OECD), Inventory of privacy-enhancing technologies (PETs), Report DSTI/ICCP/REG(2001)l/FINAL, 2002.
J. Postel, Transmission control protocol, RFC 793, Defense Advanced Research Projects Agency, Fairfax, Virginia, 1981.
D. Price, Micro View — Clipper: Soon a de facto standard? IEEE Micro, vol. 14(4), pp. 80–79, 1994.
PrivacyRight, Control of personal information: The economic benefits of adopting an enterprise-wide permissions management platform (www.privacyright.com/info/economic.html), 2001.
M. Reiter and A. Rubin, Anonymous web transactions with Crowds, Communications of the ACM, vol. 42(2), pp. 32–48, 1999.
A. Rieke and T. Demuth, JANUS: Server anonymity in the worldwide web, Proceedings of the EICAR International Conference, pp. 195–208, 2001.
V. Seničar, B. Jerman-Blažič and T. Klobučar, Privacy-enhancing technologies: Approaches and development, Computer Standards & Interfaces, vol. 25, pp. 147–158, 2003.
Wave Systems, User managed privacy: A new approach for addressing digital privacy and personal information on the Internet (www.wave.com/technology/PrivacyWhitePaper.pdf), 2000.
H. Wolfe, Evidence acquisition, Computers & Security, vol. 22(3), pp. 193–195, 2003.
H. Wolfe, Evidence analysis, Computers & Security, vol. 22(4), pp. 289–291, 2003.
H. Wolfe, Encountering encryption, Computers & Security, vol. 22(5), pp. 388–391, 2003.
H. Wolfe, Presenting the evidence report, Computers & Security, vol. 22(6), pp. 479–481, 2003.
H. Wolfe, Forensic evidence testimony — Some thoughts, Computers & Security, vol. 22(7), pp. 577–579, 2003.
H. Wolfe, Setting up an electronic evidence forensics laboratory, Computers & Security, vol. 22(8), pp. 670–672, 2003.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 International Federation for Information Processing
About this paper
Cite this paper
Olivier, M. (2006). Forensics and Privacy-Enhancing Technologies. In: Pollitt, M., Shenoi, S. (eds) Advances in Digital Forensics. DigitalForensics 2005. IFIP — The International Federation for Information Processing, vol 194. Springer, Boston, MA. https://doi.org/10.1007/0-387-31163-7_2
Download citation
DOI: https://doi.org/10.1007/0-387-31163-7_2
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-30012-2
Online ISBN: 978-0-387-31163-0
eBook Packages: Computer ScienceComputer Science (R0)