Privacy matters in directories - FIRST · belonging to a group, with indication of diverse...

The problemThe solution

The implementationSummary

Privacy matters in directories

Jose A. Accino1 Victoriano Giralt1 Javier Masa2

1Central Computing FacilityUniversity of Malaga

2RedIRIS

Seville, June 21th 2007

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

Outline

1 The problemDefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

2 The solutionA first approachA better approach

3 The implementationUser controlPolicy enforcement

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

Outline

1 The problemDefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

2 The solutionA first approachA better approach

3 The implementationUser controlPolicy enforcement

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

Outline

1 The problemDefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

2 The solutionA first approachA better approach

3 The implementationUser controlPolicy enforcement

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Defintions¿Contradictions?. . .

According to D.R.A.E.

Directory

5. m. Roster of peoplebelonging to a group, withindication of diverseinformation about them, suchas role, location data, phonenumbers, etc.

Privacy

1. f. Part of private life that aperson has the right to protectform any kind of intrusion.

Private2. adj. Particular y personal ofeach individual.3. adj. Something that is not apublic or state property, butbelongs to individuals.

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Defintions¿Contradictions?. . .

According to D.R.A.E.

Directory

5. m. Roster of peoplebelonging to a group, withindication of diverseinformation about them, suchas role, location data, phonenumbers, etc.

Privacy

1. f. Part of private life that aperson has the right to protectform any kind of intrusion.

Private2. adj. Particular y personal ofeach individual.3. adj. Something that is not apublic or state property, butbelongs to individuals.

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Defintions¿Contradictions?. . .

According to D.R.A.E.

Directory

5. m. Roster of peoplebelonging to a group, withindication of diverseinformation about them, suchas role, location data, phonenumbers, etc.

Privacy

1. f. Part of private life that aperson has the right to protectform any kind of intrusion.

Private2. adj. Particular y personal ofeach individual.3. adj. Something that is not apublic or state property, butbelongs to individuals.

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Defintions¿Contradictions?. . .

According to D.R.A.E.

Directory

5. m. Roster of peoplebelonging to a group, withindication of diverseinformation about them, suchas role, location data, phonenumbers, etc.

Privacy

1. f. Part of private life that aperson has the right to protectform any kind of intrusion.

Private2. adj. Particular y personal ofeach individual.3. adj. Something that is not apublic or state property, butbelongs to individuals.

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Institutional mandatethat starts the problem

Public institutions must serve the public so they need to. . .

Offer information about themselves

Offer information about their members

Collaborate amongst them

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Institutional mandatethat starts the problem

Public institutions must serve the public so they need to. . .

Offer information about themselves

Offer information about their members

Collaborate amongst them

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Institutional mandatethat starts the problem

Public institutions must serve the public so they need to. . .

Offer information about themselves

Offer information about their members

Collaborate amongst them

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Institutional mandatethat starts the problem

Public institutions must serve the public so they need to. . .

Offer information about themselves

Offer information about their members

Collaborate amongst them

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Institutional mandatethat starts the problem

Public institutions must serve the public so they need to. . .

Offer information about themselves

Offer information about their members

Collaborate amongst them

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Users’ needs

Users want

To find others for communicating

To be found by possible partners for projects

but they do not want

their data exposed

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Users’ needs

Users want

To find others for communicating

To be found by possible partners for projects

but they do not want

their data exposed

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Users’ needs

Users want

To find others for communicating

To be found by possible partners for projects

but they do not want

their data exposed

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Users’ needs

Users want

To find others for communicating

To be found by possible partners for projects

but they do not want

their data exposed

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Users’ needs

Users want

To find others for communicating

To be found by possible partners for projects

but they do not want

their data exposed

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Users’ needs

Users want

To find others for communicating

To be found by possible partners for projects

but they do not want

their data exposed

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Legal mattersin the problem

People’s right to privacyPersons have the right to conceal their data

Internet searchable directories may be internationaltransfers of personal data

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Legal mattersin the problem

People’s right to privacy

Persons have the right to conceal their data

Internet searchable directories may be internationaltransfers of personal data

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Legal mattersin the problem

People’s right to privacyPersons have the right to conceal their data

Internet searchable directories may be internationaltransfers of personal data

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Legal mattersin the problem

People’s right to privacyPersons have the right to conceal their data

Internet searchable directories may be internationaltransfers of personal data

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Technical requirementsthat are part of the problem

The directory should be accessed directly

Enforce the policy regardless the access method.

Different treatment for

Inside searchesOutside searches

Reduce the administrative burden

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Technical requirementsthat are part of the problem

The directory should be accessed directly

Enforce the policy regardless the access method.

Different treatment for

Inside searchesOutside searches

Reduce the administrative burden

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Technical requirementsthat are part of the problem

The directory should be accessed directly

Enforce the policy regardless the access method.

Different treatment for

Inside searchesOutside searches

Reduce the administrative burden

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Technical requirementsthat are part of the problem

The directory should be accessed directly

Enforce the policy regardless the access method.

Different treatment for

Inside searchesOutside searches

Reduce the administrative burden

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Technical requirementsthat are part of the problem

The directory should be accessed directly

Enforce the policy regardless the access method.

Different treatment for

Inside searches

Outside searches

Reduce the administrative burden

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Technical requirementsthat are part of the problem

The directory should be accessed directly

Enforce the policy regardless the access method.

Different treatment for

Inside searchesOutside searches

Reduce the administrative burden

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

DefinitionsInstitutional mandateUsers’ needsLegal mattersTechnical requirements

Technical requirementsthat are part of the problem

The directory should be accessed directly

Enforce the policy regardless the access method.

Different treatment for

Inside searchesOutside searches

Reduce the administrative burden

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

A first approachA better approach

Different approachesfor solving the problem

Lawyers approach

Close the directory

Users approach

None

Technicians approach

Open the directory

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

A first approachA better approach

Different approachesfor solving the problem

Lawyers approach

Close the directory

Users approach

None

Technicians approach

Open the directory

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

A first approachA better approach

Different approachesfor solving the problem

Lawyers approach

Close the directory

Users approach

None

Technicians approach

Open the directory

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

A first approachA better approach

Different approachesfor solving the problem

Lawyers approach

Close the directory

Users approach

None

Technicians approach

Open the directory

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

A first approachA better approach

Different approachesfor solving the problem

Lawyers approach

Close the directory

Users approach

None

Technicians approach

Open the directory

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

A first approachA better approach

Different approachesfor solving the problem

Lawyers approach

Close the directory

Users approach

None

Technicians approach

Open the directory

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

A first approachA better approach

Different approachesfor solving the problem

Lawyers approach

Close the directory

Users approach

None

Technicians approach

Open the directory

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

A first approachA better approach

Points to find a solution

Put control on the hands of the user

Policy is defined by the organization

Abide by the law

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

A first approachA better approach

Points to find a solution

Put control on the hands of the user

Policy is defined by the organization

Abide by the law

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

A first approachA better approach

Points to find a solution

Put control on the hands of the user

Policy is defined by the organization

Abide by the law

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

A first approachA better approach

Points to find a solution

Put control on the hands of the user

Policy is defined by the organization

Abide by the law

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

Two sides of a coinuser side / server side

User sideThe user must have control of her data

Server side

The solution must work whichever the interface

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

Two sides of a coinuser side / server side

User side

The user must have control of her data

Server side

The solution must work whichever the interface

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

Two sides of a coinuser side / server side

User sideThe user must have control of her data

Server side

The solution must work whichever the interface

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

Two sides of a coinuser side / server side

User sideThe user must have control of her data

Server side

The solution must work whichever the interface

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

Two sides of a coinuser side / server side

User sideThe user must have control of her data

Server sideThe solution must work whichever the interface

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The user decides about his data

We need:

An interface for setting user preferencesWe know what to do

: design a nice web form

Directory attribute for holding the preferences

because Europe likes the idea

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The user decides about his data

We need:

An interface for setting user preferencesWe know what to do

: design a nice web form

Directory attribute for holding the preferences

because Europe likes the idea

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The user decides about his data

We need:

An interface for setting user preferences

We know what to do: design a nice web form

Directory attribute for holding the preferences

because Europe likes the idea

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The user decides about his data

We need:

An interface for setting user preferencesWe know what to do

: design a nice web form

Directory attribute for holding the preferences

because Europe likes the idea

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The user decides about his data

We need:

An interface for setting user preferencesWe know what to do: design a nice web form

Directory attribute for holding the preferences

because Europe likes the idea

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The user decides about his datavia a nice web form

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The user decides about his data

We need:

An interface for setting user preferencesWe know what to do: design a nice web form

Directory attribute for holding the preferences

because Europe likes the idea

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The user decides about his data

We need:

An interface for setting user preferencesWe know what to do: design a nice web form

Directory attribute for holding the preferences

irisUserPrivateAttribute

because Europe likes the idea

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The user decides about his data

We need:

An interface for setting user preferencesWe know what to do: design a nice web form

Directory attribute for holding the preferences

schacUserPrivateAttribute

because Europe likes the idea

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The user decides about his data

We need:

An interface for setting user preferencesWe know what to do: design a nice web form

Directory attribute for holding the preferences

schacUserPrivateAttribute

because Europe likes the idea

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The institution sets the policy

Policy enforcement whichever the interfaceApplication level control is discarded

Policy enforcement at server level

using OpenLDAP ACLs

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The institution sets the policy

Policy enforcement whichever the interface

Application level control is discarded

Policy enforcement at server level

using OpenLDAP ACLs

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The institution sets the policy

Policy enforcement whichever the interfaceApplication level control is discarded

Policy enforcement at server level

using OpenLDAP ACLs

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The institution sets the policy

Policy enforcement whichever the interfaceApplication level control is discarded

Policy enforcement at server level

using OpenLDAP ACLs

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

User controlPolicy enforcement

The institution sets the policy

Policy enforcement whichever the interfaceApplication level control is discarded

Policy enforcement at server levelusing OpenLDAP ACLs

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

Summary

The user has control of her personal data

The policy is enforced at the server

Lawyers seem happy

The solution is simple

And it even

WORKSand we will be pleased to show it to anyone willing to

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

Summary

The user has control of her personal data

The policy is enforced at the server

Lawyers seem happy

The solution is simple

And it even

WORKS

and we will be pleased to show it to anyone willing to

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

Summary

The user has control of her personal data

The policy is enforced at the server

Lawyers seem happy

The solution is simple

And it even

WORKSand we will be pleased to show it to anyone willing to

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

Summary

The user has control of her personal data

The policy is enforced at the server

Lawyers seem happy

The solution is simple

And it even

WORKSand we will be pleased to show it to anyone willing to

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

Summary

The user has control of her personal data

The policy is enforced at the server

Lawyers seem happy

The solution is simple

And it even

WORKSand we will be pleased to show it to anyone willing to

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

Summary

The user has control of her personal data

The policy is enforced at the server

Lawyers seem happy

The solution is simple

And it even

WORKSand we will be pleased to show it to anyone willing to

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

Summary

The user has control of her personal data

The policy is enforced at the server

Lawyers seem happy

The solution is simple

And it even

WORKS

and we will be pleased to show it to anyone willing to

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

Summary

The user has control of her personal data

The policy is enforced at the server

Lawyers seem happy

The solution is simple

And it even

WORKSand we will be pleased to show it to anyone willing to

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

Revealing our attributesthough in a partial and virtual way

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

The problemThe solution

The implementationSummary

Revealing our attributesthough in a partial and virtual way

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

Definitions

LDAP, Lightweigth Directory Access Protocol

+ Network protocol used for querying and updating directoryservices over TCP/IP.

+ Usually, an LDAP directory follows the X.500 model: a treeof entries, each of which is composed of a set of attributeswith name and value.

+ Often an LDAP directory maps political, geographical andorganizational divisions.

+ The present version is LDAPv3, defined in RFC 3377

Source: Wikipedia.org

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

Definitions

LDAP, Lightweigth Directory Access Protocol

+ Network protocol used for querying and updating directoryservices over TCP/IP.

+ Usually, an LDAP directory follows the X.500 model: a treeof entries, each of which is composed of a set of attributeswith name and value.

+ Often an LDAP directory maps political, geographical andorganizational divisions.

+ The present version is LDAPv3, defined in RFC 3377

Source: Wikipedia.org

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

Definitions

LDAP, Lightweigth Directory Access Protocol

+ Network protocol used for querying and updating directoryservices over TCP/IP.

+ Usually, an LDAP directory follows the X.500 model: a treeof entries, each of which is composed of a set of attributeswith name and value.

+ Often an LDAP directory maps political, geographical andorganizational divisions.

+ The present version is LDAPv3, defined in RFC 3377

Source: Wikipedia.org

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

Definitions

LDAP, Lightweigth Directory Access Protocol

+ Network protocol used for querying and updating directoryservices over TCP/IP.

+ Usually, an LDAP directory follows the X.500 model: a treeof entries, each of which is composed of a set of attributeswith name and value.

+ Often an LDAP directory maps political, geographical andorganizational divisions.

+ The present version is LDAPv3, defined in RFC 3377

Source: Wikipedia.org

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

Definitions

LDAP, Lightweigth Directory Access Protocol

+ Network protocol used for querying and updating directoryservices over TCP/IP.

+ Usually, an LDAP directory follows the X.500 model: a treeof entries, each of which is composed of a set of attributeswith name and value.

+ Often an LDAP directory maps political, geographical andorganizational divisions.

+ The present version is LDAPv3, defined in RFC 3377

Source: Wikipedia.org

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

Definitions

OpenLDAP

+ Free Open Source implementation of LDAP protocol.

+ The software is developed by the OpenLDAP Project andis distributed under its own license: OpenLDAP PublicLicense.

Source: Wikipedia.org

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

Definitions

OpenLDAP

+ Free Open Source implementation of LDAP protocol.

+ The software is developed by the OpenLDAP Project andis distributed under its own license: OpenLDAP PublicLicense.

Source: Wikipedia.org

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

Definitions

OpenLDAP

+ Free Open Source implementation of LDAP protocol.

+ The software is developed by the OpenLDAP Project andis distributed under its own license: OpenLDAP PublicLicense.

Source: Wikipedia.org

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

Definitions

ACL, Access Control List

+ Computer security concept used to enforce privilegeseparation.

+ It’s a means of determining access rights to a certainobject depending on certain characteristics of the processthat makes the request, mainly the identity of the processuser.

Source: Wikipedia.org

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

Definitions

ACL, Access Control List

+ Computer security concept used to enforce privilegeseparation.

+ It’s a means of determining access rights to a certainobject depending on certain characteristics of the processthat makes the request, mainly the identity of the processuser.

Source: Wikipedia.org

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

Definitions

ACL, Access Control List

+ Computer security concept used to enforce privilegeseparation.

+ It’s a means of determining access rights to a certainobject depending on certain characteristics of the processthat makes the request, mainly the identity of the processuser.

Source: Wikipedia.org

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

OpenLDAP ACLs IPrivacy policy for students

irisUserPrivateAttribute may have a value of all or may beempty, denying or allowing access to ALL optional attributes,defined in attrs. Actually, our present policy for student personaldata, denies access to the whole entry.

Deny access to all attributesaccess to dn.subtree="idnc=usr,dc=uma,dc=es"

filter="(&(eduPersonAffiliation=student)(irisUserPrivateAttribute=all))"

attrs=entryby * none

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

OpenLDAP ACLs IIPrivacy policy for students

If a student clears her irisUserPrivateAttribute, then the systemallows access to the entry and, then, to the policy permittedattributes, so they may be shown.

Allow access to permited attributesaccess to dn.subtree="idnc=usr,dc=uma,dc=es"

filter="(eduPersonAffiliation=student)"attrs=entry,displayName,mail,telephoneNumberby * read

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

OpenLDAP ACLs IIIPrivacy policy for non students

The organization may decide that an entry should not appear insearches. Then irisUserPrivateAttribute receives the valueentry .

Blocking all accessaccess to dn.subtree="idnc=usr,dc=uma,dc=es"

filter="(irisUserPrivateAttribute= entry )"by * none

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

OpenLDAP ACLs IVPrivacy policy for non students

The user may decide which attributes should be hidden toanonymous searches, from a set defined by the organization’spolicy. irisUserPrivateAttribute holds the names of suchattributes. In case the search is done by a bound user, theattribute is shown.

Blocking access to the phone numberaccess to dn.subtree="idnc=usr,dc=uma,dc=es"

filter="(irisUserPrivateAttribute=telephoneNumber)"attrs=telephoneNumberby users readby * none

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters

AppendixDefinitionsOpenLDAP ACLs

OpenLDAP ACLs VPrivacy policy for non students

The user may decide to hide all attributes in the set defined bythe organization’s policy. In such case, irisUserPrivateAttributeholds a value of all . If the search is done by a bound user, theattributes are shown.

Blocking access to all attributesaccess to dn.subtree="idnc=usr,dc=uma,dc=es"

filter="(irisUserPrivateAttribute=all)"attrs=mail,telephoneNumber,facsimileTelephoneNumberby users readby * none

Jose A. Accino, Victoriano Giralt, Javier Masa Privacy matters