Title:
|
ANALYSIS OF THE VOLUNTARY EXPOSURE OF PRIVATE INFORMATION OVER THE INTERNET |
Author(s):
|
Juliano Quadrado, André Peres |
ISBN:
|
978-989-8533-01-2 |
Editors:
|
Bebo White, Pedro Isaías and Flávia Maria Santoro |
Year:
|
2011 |
Edition:
|
Single |
Keywords:
|
Web security, privacy, privacy exposure, public proxy |
Type:
|
Full Paper |
First Page:
|
61 |
Last Page:
|
68 |
Language:
|
English |
Cover:
|
|
Full Contents:
|
click to dowload
|
Paper Abstract:
|
In a simple web browsing, where personal data are entered and stored in a website, users private data may be exposed. In this research, we assume that, besides all the security knowledge about cryptography, there are still many websites without a simple cryptography mechanism (such as SSL) and also that the users security culture still inadequate to the type of transaction we are doing over the web. As the enterprises security concerns keeps growing, more and more security mechanisms are included in their environment (with one of the most used being the web proxy server). As the internal users have their navigation controlled, the internet open proxies emerged in order to bypass those security mechanisms. The internet open proxies are one way to the internal users bypass the local proxy and navigate without its restrictions. The problem is: when the users navigate trough open proxies, all the information exchanged between the browser and the final web servers passes through the open proxy. As the traffic passes, the open proxy administrator can store all users private information for further analysis. Seeking to demonstrate how dangerous a navigation or site registrations can be, we set up a public open proxy with the ability of capture and traffic analysis. The obtained data (private information) are tabulated in order to demonstrate the data exposure, and a method of a more complete privacy attack based on this information is presented. |
|
|
|
|