{"id":13277,"date":"2021-12-08T20:48:55","date_gmt":"2021-12-09T01:48:55","guid":{"rendered":"https:\/\/carleton.ca\/scs\/?page_id=13277"},"modified":"2021-12-08T20:53:26","modified_gmt":"2021-12-09T01:53:26","slug":"tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches","status":"publish","type":"page","link":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches\/","title":{"rendered":"TR-08-18: Localization of Credential Information to Address Increasingly Inevitable Data Breaches"},"content":{"rendered":"<p>Carleton University<br \/>\n<a href=\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/\">Technical Report<\/a> TR-08-18<br \/>\nJuly 22, 2008<\/p>\n<h2>Localization of Credential Information to Address Increasingly Inevitable Data Breaches<\/h2>\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<p class=\"tr_t3\">Mohammad Mannan &amp; P.C. van Oorschot<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div>\n<h3>Abstract<\/h3>\n<p>Large-scale data breaches exposing sensitive personal information are becoming commonplace. For numerous reasons, conventional personal (identification) information leaks from databases that store online and\/or on-site user transaction data. Collected ID numbers and supporting personal information enable malicious parties to commit large-scale identity fraud. Gates and Slonim (NSPW 2003) proposed the owner-controlled information paradigm to address privacy violations of personal information where users are expected to maintain all their information using a personal device. Rubin and Wright (FC 2001), Molloy et al. (FC 2007), and others explored the use of one-time numbers to address credit card fraud (mostly for online use). However, several other types of ID number are at least as sensitive as credit card numbers. Our fundamental assumption is that collected personal information will eventually be breached. To combat identity fraud under this new environmental attack paradigm, we introduce a more general approach involving localized or customized ID numbers for both card-present and card-not-present transactions. We also explore four variants of the general idea to spark more discussion and further research in this area.<\/p>\n<p><a href=\"https:\/\/carleton.ca\/scs\/wp-content\/uploads\/TR-08-18-Mannan.pdf\">TR-08-18.pdf<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Carleton University Technical Report TR-08-18 July 22, 2008 Localization of Credential Information to Address Increasingly Inevitable Data Breaches Mohammad Mannan &amp; P.C. van Oorschot Abstract Large-scale data breaches exposing sensitive personal information are becoming commonplace. For numerous reasons, conventional personal (identification) information leaks from databases that store online and\/or on-site user transaction data. Collected ID [&hellip;]<\/p>\n","protected":false},"author":49,"featured_media":0,"parent":12410,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","_mi_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":"","_links_to":"","_links_to_target":""},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>TR-08-18: Localization of Credential Information to Address Increasingly Inevitable Data Breaches - School of Computer Science<\/title>\n<meta name=\"description\" content=\"Carleton University Technical Report TR-08-18 July 22, 2008 Localization of Credential Information to Address Increasingly Inevitable Data Breaches\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches\/\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches\/\",\"url\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches\/\",\"name\":\"TR-08-18: Localization of Credential Information to Address Increasingly Inevitable Data Breaches - School of Computer Science\",\"isPartOf\":{\"@id\":\"https:\/\/carleton.ca\/scs\/#website\"},\"datePublished\":\"2021-12-09T01:48:55+00:00\",\"dateModified\":\"2021-12-09T01:53:26+00:00\",\"description\":\"Carleton University Technical Report TR-08-18 July 22, 2008 Localization of Credential Information to Address Increasingly Inevitable Data Breaches\",\"breadcrumb\":{\"@id\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/carleton.ca\/scs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Research\",\"item\":\"https:\/\/carleton.ca\/scs\/research\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"SCS Technical Reports\",\"item\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Technical Reports 2008\",\"item\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"TR-08-18: Localization of Credential Information to Address Increasingly Inevitable Data Breaches\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/carleton.ca\/scs\/#website\",\"url\":\"https:\/\/carleton.ca\/scs\/\",\"name\":\"School of Computer Science\",\"description\":\"Carleton University\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/carleton.ca\/scs\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"TR-08-18: Localization of Credential Information to Address Increasingly Inevitable Data Breaches - School of Computer Science","description":"Carleton University Technical Report TR-08-18 July 22, 2008 Localization of Credential Information to Address Increasingly Inevitable Data Breaches","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches\/","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches\/","url":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches\/","name":"TR-08-18: Localization of Credential Information to Address Increasingly Inevitable Data Breaches - School of Computer Science","isPartOf":{"@id":"https:\/\/carleton.ca\/scs\/#website"},"datePublished":"2021-12-09T01:48:55+00:00","dateModified":"2021-12-09T01:53:26+00:00","description":"Carleton University Technical Report TR-08-18 July 22, 2008 Localization of Credential Information to Address Increasingly Inevitable Data Breaches","breadcrumb":{"@id":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/tr-08-18-localization-of-credential-information-to-address-increasingly-inevitable-data-breaches\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/carleton.ca\/scs\/"},{"@type":"ListItem","position":2,"name":"Research","item":"https:\/\/carleton.ca\/scs\/research\/"},{"@type":"ListItem","position":3,"name":"SCS Technical Reports","item":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/"},{"@type":"ListItem","position":4,"name":"Technical Reports 2008","item":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2008\/"},{"@type":"ListItem","position":5,"name":"TR-08-18: Localization of Credential Information to Address Increasingly Inevitable Data Breaches"}]},{"@type":"WebSite","@id":"https:\/\/carleton.ca\/scs\/#website","url":"https:\/\/carleton.ca\/scs\/","name":"School of Computer Science","description":"Carleton University","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/carleton.ca\/scs\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"acf":{"banner_image_type":"none","banner_button":"no"},"_links":{"self":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/13277"}],"collection":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/users\/49"}],"replies":[{"embeddable":true,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/comments?post=13277"}],"version-history":[{"count":3,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/13277\/revisions"}],"predecessor-version":[{"id":13280,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/13277\/revisions\/13280"}],"up":[{"embeddable":true,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/12410"}],"wp:attachment":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/media?parent=13277"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}