{"title":"一次性身份解决网络跟踪问题","authors":"Jacques Bou Abdo , Sherali Zeadally","doi":"10.1016/j.jisa.2024.103821","DOIUrl":null,"url":null,"abstract":"<div><p>Interrupting the web tracking kill chain is enough to disrupt the tracker’s ability to leverage the collected information; however, this may disrupt the personalized services enjoyed by many. Empowering the user to select which domains can be co-tracked gives him/her the upper hand over web trackers. This allows the user to enjoy the personalized services without fearing full inter-domain tracking. To achieve this, we propose a solution that attempts to introduce layers of anonymization serving as temporary identities to be used by the user while browsing. Those identities will be used for limited time (to sustain the customization and user experience resulting from tracking), and then discarded for a new identity. This approach allows the user to divide the activity into profiles which eliminates browsing history spilling over to other sessions. We proved the security of this approach mathematically and we demonstrated its usability using an open-source Proof-of-Concept built on top of blockchain.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"84 ","pages":"Article 103821"},"PeriodicalIF":3.8000,"publicationDate":"2024-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Disposable identities: Solving web tracking\",\"authors\":\"Jacques Bou Abdo , Sherali Zeadally\",\"doi\":\"10.1016/j.jisa.2024.103821\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Interrupting the web tracking kill chain is enough to disrupt the tracker’s ability to leverage the collected information; however, this may disrupt the personalized services enjoyed by many. Empowering the user to select which domains can be co-tracked gives him/her the upper hand over web trackers. This allows the user to enjoy the personalized services without fearing full inter-domain tracking. To achieve this, we propose a solution that attempts to introduce layers of anonymization serving as temporary identities to be used by the user while browsing. Those identities will be used for limited time (to sustain the customization and user experience resulting from tracking), and then discarded for a new identity. This approach allows the user to divide the activity into profiles which eliminates browsing history spilling over to other sessions. We proved the security of this approach mathematically and we demonstrated its usability using an open-source Proof-of-Concept built on top of blockchain.</p></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"84 \",\"pages\":\"Article 103821\"},\"PeriodicalIF\":3.8000,\"publicationDate\":\"2024-06-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212624001248\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624001248","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
Interrupting the web tracking kill chain is enough to disrupt the tracker’s ability to leverage the collected information; however, this may disrupt the personalized services enjoyed by many. Empowering the user to select which domains can be co-tracked gives him/her the upper hand over web trackers. This allows the user to enjoy the personalized services without fearing full inter-domain tracking. To achieve this, we propose a solution that attempts to introduce layers of anonymization serving as temporary identities to be used by the user while browsing. Those identities will be used for limited time (to sustain the customization and user experience resulting from tracking), and then discarded for a new identity. This approach allows the user to divide the activity into profiles which eliminates browsing history spilling over to other sessions. We proved the security of this approach mathematically and we demonstrated its usability using an open-source Proof-of-Concept built on top of blockchain.
期刊介绍:
Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
