[tor-commits] [privacy-docs/master] Add more patterns

hiro at torproject.org hiro at torproject.org
Sun Mar 3 14:30:52 UTC 2019 

commit 4cf3f6db14bbf89fc9ab2cd3e98b550722504485
Author: hiro <hiro at torproject.org>
Date:   Sun Mar 3 15:30:43 2019 +0100

    Add more patterns
---
 patterns/data-confinement.md |  6 ++++++
 patterns/data-store.md       |  6 ++++++
 patterns/metadata.md         | 11 ++++++++++-
 3 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/patterns/data-confinement.md b/patterns/data-confinement.md
index d428098..670eede 100644
--- a/patterns/data-confinement.md
+++ b/patterns/data-confinement.md
@@ -7,8 +7,14 @@ Categories:
 
 *Avoid the central collection of personal data*
 
+Central collection of personal data can be a threat since an attacker gaining access to a user's account can basically access all their data.
+Some amount of data processing and storing can be instead transferred to the user devices, so that trust relationship with the service is shifted.
+
 ## Threat model ##
 
+- An attacker wants to access user's data stored on a central service provider
+- The service provider is not trustworthy and might try to copy or transfer user generated data to malicious parties
+
 ## User story ##
 
 ## Use case ##
diff --git a/patterns/data-store.md b/patterns/data-store.md
index ed8f948..b4bade4 100644
--- a/patterns/data-store.md
+++ b/patterns/data-store.md
@@ -7,8 +7,14 @@ Categories:
 
 *Subjects keep control on their personal data*
 
+When stored by third parties data subjects lose control over their documents. Furthermore if the hosting service is compromised user data can be accessed and its content transferred or destroyed by a malicious party.
+
 ## Threat model ##
 
+- An attacker wants to obtain user data by compromising the hosting service
+- The hosting service is not trustworthy and might transfer or copy data to third parties
+- The hosting service might try to acquire rights over the data
+
 ## User story ##
 
 ## Use case ##
diff --git a/patterns/metadata.md b/patterns/metadata.md
index 5fc5c95..9aeb527 100644
--- a/patterns/metadata.md
+++ b/patterns/metadata.md
@@ -11,10 +11,19 @@ Categories:
 
 *Strip potentially sensitive metadata*
 
+Metadata are a way to describe data. The prefix *meta* come from ancient Greek and it is translated into English as *about*. So technically metadata are data about data. Metadata serve a purpose, and this purpose defines its form and representation. Metadata can be used to describe some information, to define how this information can be accessed, edited, stored, or to define the structure of this same information (ex: the structure of a book and its chapters and pages).
+
+Metadata are often invisible to users, yet these are automatically attached to their activity. Metadata that services generates include the user's social graph, information about their devices, networks, location data. Metadata can be attached to users generated documents (ex: exif information attached to images)
+
 ## Threat model ##
 
+- An attacker wants to access the list of ip addresses that have accessed a certain resource
+- An attacker wants to know which devices belong to a user
+- An attacker wants to track the user's locations
+- An attacker wants to track when a particular user is accessing a service
+
 ## User story ##
 
 ## Use case ##
 
-## Secondary effects ## 
+## Secondary effects ##

More information about the tor-commits mailing list