A New Infrastructure for User Tracking Prevention and Privacy Protection in Internet Shopping
Web technologies provide several means to infringe user privacy. This is especially true when customers buying tangible goods submit orders that contain their real identity and physical address. Then, in practice, the vendor can link this information with all information gathered about the customer, obtained through various means. In this paper, we present a solution that is based on mobile agents and a new infrastructure consisting of a mobile agent base station and a cardinalityobserver. This infrastructure can be used to prevent the vendor from directly linking information gathered about the customer with identifying information usually contained in the customer’s order. The vendor can only assign customers to their correct profiles with some probability which depends on the number of candidate profiles. The new infrastructure allows the customer to decrease this probability in several ways. The usage of both the cardinality observer and the mobile agent base station deterministically guarantees to the customer that an agent only starts its journey when a desired threshold for the linking probability has been reached. In a second variant using only the mobile agent base station, the linking probability is decreased in a probabilistic manner by introducing a fixed delay before mobile agent release.
Unable to display preview. Download preview PDF.
- 1.Robert M. Arlein, Ben Jai, Markus Jakobsson, Fabian Monrose, and Michael K. Reiter. Privacy-preserving global customization (extended abstract). In Proceedings of the 2nd ACM conference on Electronic Commerce (EC’00), October 2000.Google Scholar
- 2.Feng Bao and Robert Deng. Privacy protection for transactions of digital goods. In Information and Communications Security (ICICS 2001), Third International Conference, Proceedings, number 2229 in LNCS. Springer Verlag, November 2001.Google Scholar
- 3.Roger Clarke. Internet privacy concerns confirm the case for intervention. Communications of the ACM, 42(2), February 1999.Google Scholar
- 4.Donna L. Hoffman, Thomas P. Novak, and Marcos Peralta. Building consumer trust online. Communications of the ACM, 42(4), April 1999.Google Scholar
- 6.D. Kristol and L. Montulli. HTTP State Management Mechanism. RFC 2109, February 1997.Google Scholar
- 7.Danny B. Lange and Mitsuru Oshima. Programming and Deploying Java Mobile Agents with Aglets. Addison-Wesley, 1998.Google Scholar
- 8.Michael G. Reed, Paul F. Syverson, and David M. Goldschlag. Proxies for anonymous routing. In Proceedings of 12th Annual Computer Security Applications Conference (ACSAC’96). IEEE Press, December 1996.Google Scholar
- 9.Michael K. Reiter and Aviel D. Rubin. Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security, 1(1), 1998.Google Scholar
- 10.Ron L. Rivest, Adi Shamir, and Leonard M. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), February 1978.Google Scholar
- 11.Stuart G. Stubblebine, Paul F. Syverson, and David M. Goldschlag. Unlinkable serial transactions: Protocols and applications. ACM Transactions on Information and System Security, 2(4), 1999.Google Scholar
- 12.Paul F. Syverson, Michael G. Reed, and David M. Goldschlag. Private web browsing. Journal of Computer Security — Special Issue on Web Security, 5(3), 1997.Google Scholar
- 13.Huaiqing Wang, Matthew K.O. Lee, and Chen Wang. Consumer privacy concerns about internet marketing. Communications of the ACM, 41(3), March 1998.Google Scholar
- 14.Dirk Westhoff, Markus Schneider, Claus Unger, and Firoz Kaderali. Protecting a mobile agent’s route against collusions. In Selected Areas in Cryptography, 6th Annual International Workshop (SAC’99), number 1758 in LNCS. Springer Verlag, 2000.Google Scholar