1 / 15

DNS DATA SHARING (OR NOT) Stéphane Bortzemeyer & Nathalie Boulvard

DNS DATA SHARING (OR NOT) Stéphane Bortzemeyer & Nathalie Boulvard. Summary. Technical aspects 1.1. The problem 1.2 The queries contain 1.3 The data is useful 1.4 Anonymization is the solution? Legal aspects 2.1. The issues 2.2. The texts contain

emele
Download Presentation

DNS DATA SHARING (OR NOT) Stéphane Bortzemeyer & Nathalie Boulvard

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DNS DATA SHARING (OR NOT)StéphaneBortzemeyer & Nathalie Boulvard

  2. Summary Technical aspects 1.1. The problem 1.2 The queries contain 1.3 The data is useful 1.4 Anonymization is the solution? Legal aspects 2.1. The issues 2.2. The texts contain 2.3. The contract could be useful 2.4 Anonymization is the solution? Tour de table - Debate Questions

  3. 1. Technical aspects

  4. 1.1 The problem • We operate DNS servers • They receive queries • They send responses • Very often, we record the DNS traffic (security incident analysis, business intelligence, statistics, etc.). Often called a « pcap file »

  5. 1.2 The queries contain Example: « 2001 : 660 : 3003 : 8 : : 4 : 69 » asked for the IPv6 address of www.impots.gouv.fr • The source IP adress of the resolver (not the end user’s machine). Typically a big machine at the IAP. But not always. • The complete name requested (do not believe the CENTR video, it is wrong). We see requests for _bittorrent-tracker._tcp.XXXX.abo.wanadoo.fr

  6. 1.3 The data is useful… …and many people are interested. Can we share it? • DITL http://www.caida.org/projects/ditl/ • OARC https://www.dns-oarc.net/ Is it personal data? For some requests, clearly yes, for some, clearly no and the rest is in between.

  7. 1.4 Anonymisation is the solution? • We could « anonymyze » (to replace the IP adresses by a dummy value) • Anonymization deletes data (bad for researcher) • Anonymization is never perfect (data crunchers know how to get some information back)

  8. 2. Legal aspects

  9. 2.1 The issues • Companies’ rights and interests • Reputation • Individuals’ rights • Personal data - Sensitive data

  10. 2.2 The textscontain • Under the European rules • The European Union adopted its “data protection directive” (directive 95/46) on October 24, 1995. • National independent authorities (CNIL for France) & the “Article 29 Working Party” • Reform of the data protection EU legal framework (to follow up) • Under the International rules

  11. 2.3 The contract could be useful… …but not only. Can we share? • DITL http://www.caida.org/projects/ditl/ • OARC https://www.dns-oarc.net/ An example : the OARC Participation Agreement.

  12. 2.4 Anonymisation is the solution? • Well… yes: • No personal data anymore • So, • No more legal issue! • But as anonymization is never perfect… Let’s carry on with a debate!

  13. 3. Tour de table - Debate

  14. Questions If no, why? Do you think that this entire issue is worth a debate? Are you interested in following up this discussion? If yes, how?

  15. Thank you!

More Related