[IUCC-GDPR] Eduroam and GDPR
Ariel Biener
ariel at aristo.tau.ac.il
Mon Dec 18 20:56:22 IST 2017
Yup.
This data can be anonymized after a month or so.
This requirement, amongst others, steers us towards
centralizing logs using ELK like infrastructure, allowing
to perform anonymizing after a set period a lot easier
than by going over text files.
בברכה,
אריאל בינר
מנהל יחידת תשתיות ותפעול , אגף מחשוב וטכנולוגיות מידע
משרד: 03-6406086 | פקס: 03-6405158
דוא"ל: ariel at aristo.tau.ac.il | אתר: http://www.tau.ac.il
> On 18 Dec 2017, at 20:46, Eli Beker <eli.beker at iucc.ac.il> wrote:
>
> Which leads to the user location...
>
> On Dec 18, 2017 20:38, Ariel Biener <ariel at aristo.tau.ac.il> wrote:
> This is not the use IP address, it is the NAS IP address,
> usually the wireless controller.
>
> בברכה,
>
>
> אריאל בינר
> מנהל יחידת תשתיות ותפעול , אגף מחשוב וטכנולוגיות מידע
> משרד: 03-6406086 | פקס: 03-6405158
> דוא"ל: ariel at aristo.tau.ac.il | אתר: http://www.tau.ac.il
>
> On 18 Dec 2017, at 11:22, Eli Beker <eli.beker at iucc.ac.il> wrote:
>
> The visited site knows the user's account, which in most cases is the email and user name, and the IP of the users logged through.
>
> See real example from the eduroam server below.
>
> My believe a pseudoanonymization can be easily achieved by providing the users a unique identifier for eduroam and other federated services, which contains no personal data, where only the home institute will be able to identify the user, authenticate and authorize him/her. some already do that..
>
>
>
> User-Name = "XXXX at win.tu-berlin.de"
>
> NAS-IP-Address = 132.72.207.2
>
> NAS-Identifier = "WLC_4404_BGU"
>
> User-Name = "YYYY at uibk.ac.at"
>
> NAS-IP-Address = 132.72.207.2
>
> NAS-Identifier = "WLC_4404_BGU"
>
> User-Name = "ZZZZ at uibk.ac.at"
>
> NAS-IP-Address = 132.72.207.2
>
> NAS-Identifier = "WLC_4404_BGU
>
> User-Name = "AAAA at unipv.it"
>
> NAS-IP-Address = 132.72.207.9
>
> NAS-Identifier = "eduroam"
>
> User-Name = "BBBB at uni-wh.de"
>
> NAS-IP-Address = 132.64.1.222
>
> NAS-Identifier = "wlc-a"
>
>
>
> -eli
>
>
>
> From: gdpr-bounces at noc.ilan.net.il [mailto:gdpr-bounces at noc.ilan.net.il] On Behalf Of Roy Shapira
> Sent: Monday, December 18, 2017 9:00 AM
> To: Hank Nussbacher <Hank at mail.iucc.ac.il>; GDPR <gdpr at iucc.ac.il>
> Subject: Re: [IUCC-GDPR] Eduroam and GDPR
>
>
>
>
>
> So the Geist of it is that supposedly :
>
>
>
> “
>
> The visited site only knows where a roaming user comes from, not who they are, and sees no username, e-mail address or other information that would allow them to contact the user directly.
>
> ”
>
>
>
>
>
> בברכה,
>
>
>
> <image002.jpg>
>
> רועי שפירא | CISO
> מנהל אבטחת מידע
>
> הרשות למחשוב, תקשורת ומידע
> האוניברסיטה העברית בירושלים
> T +972-2-549-4969 | M +972-50-699-2414
> roy.shapira at savion.huji.ac.il
>
>
>
> “There are known knowns; … there are known unknowns… But there are also unknown unknowns… it is the latter category that tend to be the difficult ones.”
>
> Donald Rumsfeld, 12 February 2002.
>
>
>
>
>
>
>
> From: gdpr-bounces at noc.ilan.net.il [mailto:gdpr-bounces at noc.ilan.net.il] On Behalf Of Hank Nussbacher
> Sent: Friday, December 15, 2017 12:27
> To: GDPR <gdpr at iucc.ac.il>
> Subject: [IUCC-GDPR] Eduroam and GDPR
>
>
>
> בסדנא שלנו ביום רביעי נשאלה השאלה בנושא EDUROAM + GDPR.
>
> ראה בלוג של ה- NREN באנגליה:
>
> https://community.jisc.ac.uk/blogs/regulatory-developments/article/gdpr-wifi-access
>
>
>
> בברכה,
>
> הנק
>
> _______________________________________________
> GDPR mailing list
> GDPR at noc.ilan.net.il
> http://noc.ilan.net.il/mailman/listinfo/gdpr
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://noc.ilan.net.il/pipermail/gdpr/attachments/20171218/3c6fda7c/attachment-0001.html>
More information about the GDPR
mailing list