1 news about the privacy document 6 th tf-lsd meeting limerick 2.6.2002 peter gietz [email protected]
TRANSCRIPT
2
Status No comments other than the
discussion at last meeting These comments were on
crawler detection and crawler policy, which were included in new chapter 3:•Generic description of the White
Pages Indexing System Privacy enhancing technologies
were renamed to Privacy Preserving technologies
3
3.1. Motivation Replacement of the X.500 based
Nameflow service Problems: no chaining and no
knowledge information
4
3.2. Overall Architecture
3.2.1. The Common Indexing Protocol and ist implementations•Very short description of CIP and of the
DESIRE II and the LIMS implementation•Generic description of the componants
3.2.2. Referrals contain the data given away by the indexing system•Detailed analysis of the fields of an LDAP
URL• Short discussion on different posibilities
to use them
5
Referrals Two types of answers in a
referral:• Ldap://datahost:888/c=NL??sub?
(mail=xyz)• Ldap://datahost:888/c=NL, o=Univ.
XY, ou=Department of Physics, cn=Mister X?base?
6
3.3. Data Sourcrs Different modes of data subject‘s
consent:•Consent with signature on paper•Consent via email•Consent implied by non objection
7
3.4. Indexing schema
Minimalset of attributes•Common name•Surname•Given name•Organization•Organizational unit•Mail• country
8
3.5. Crawler access to the data
Server side sizelimits can be overcome by crawlers
Spammers could use such crawlers
9
3.5.1. Crawler detection
Distinct features of a crawler:•Big number of search requests•Regular patterns in sending requests• Short timeperiod in between
requests• IP address known to belong to a
spammer• IP address maps to a domain outside
the community•Crawler doesn‘t bind to authenticate
itself
10
3.5.2. Crawler policy
Crawler policy defines:•which part of the name space to
crawl•Which attributes should be crawled•Which object classes to include in
the search filter•How many levels should be crawled•Etc.
11
3.6. Protection of the Index Objects
PGP-MIME encryption