Title page for ETD etd-12052007-135923


Type of Document Master's Thesis
Author Bian, Kaigui
Author's Email Address kgbian@vt.edu
URN etd-12052007-135923
Title New Approaches for Ensuring User Online Privacy
Degree Master of Science
Department Electrical and Computer Engineering
Advisory Committee
Advisor Name Title
Park, Jung-Min Jerry Committee Chair
Hou, Yiwei Thomas Committee Member
Yang, Yaling Committee Member
Keywords
  • phishing attack
  • child's online privacy
  • COPPA
  • online privacy disclosure
Date of Defense 2007-11-26
Availability unrestricted
Abstract
With the increase of requesting personal information online, unauthorized disclosure of user privacy is a significant problem faced by today’s Internet. As a typical identity theft, phishing usually employs fraudulent emails and spoofed web sites to trick unsuspecting users into divulging their private information. Even legitimate web sites may collect private information from unsophisticated users such as children for commercial purposes without their parents’ consent. The Children’s Online Privacy Protection Act (COPPA) of 1998 was enacted in reaction to the widespread collection of information from children and subsequent abuses identified by the Federal Trade Commission (FTC).

COPPA is aimed at protecting child’s privacy by requiring parental consent before collecting information from children under thirteen.

In this thesis, we propose two solutions for ensuring user online privacy. By analyzing common characteristics of phishing pages, we propose a client-side tool, Trident, which works as a browser plug-in for filtering phishes. The experiment results show that Trident can identify 98-99% online and valid phishing pages, as well as automatically validate legitimate pages. To protect child’s privacy, we introduce the POCKET (parental online consent on kids’ electronic privacy) framework, which is a technically feasible and legally sound solution to enforce COPPA. Parents answer a questionnaire on their privacy requirements and the POCKET user agent generates a privacy preferences file. Meantime, the merchants are required to possess a privacy policy that is authenticated by a trusted third party. Only web sites that possess and adhere to their privacy policies are allowed to collect child’s information; web sites whose policies do not match the client’s preferences are blocked. POCKET framework incorporates a transaction protocol to secure the data exchange between an authenticated client and a POCKET-compliant merchant.

Files
  Filename       Size       Approximate Download Time (Hours:Minutes:Seconds) 
 
 28.8 Modem   56K Modem   ISDN (64 Kb)   ISDN (128 Kb)   Higher-speed Access 
  Kaigui_thesis.pdf 2.82 Mb 00:13:04 00:06:43 00:05:52 00:02:56 00:00:15

Browse All Available ETDs by ( Author | Department )

dla home
etds imagebase journals news ereserve special collections
virgnia tech home contact dla university libraries

If you have questions or technical problems, please Contact DLA.