Catálogo de publicaciones - libros

Single sign-on (SSO) has shown to be a successful paradigm in a network environment where a large number of passwords would otherwise be required. However, the SSO paradigm leaves the practices of logging out of services undetermined. In this study, the users’ subjective satisfaction in the current implementation of login and logout was examined with both quantitative and qualitative methods. The study was carried out in a university using SSO in its intranet. The main result of this study is that when a multiservice environment uses SSO for user authentication, a single logout should also be used instead of expecting users to separately log out from each service.

Increasingly, software (SW) in embedded systems can be updated due to the rising share of flashable electronic control units (ECUs). However, current SW installation procedures are insecure: an adversary can install SW in a given ECU without any sender authentication or compatibility assessment. In addition, SW is installed on an all-or-nothing base: with the installation, the user acquires full access rights to any functionality. Concepts for solving individual deficiencies of current procedures have been proposed, but no unified solution has been published so far. In this paper we propose a method for secure SW delivery and installation in embedded systems. The automotive industry serves as a case example leading to complex trust relations and illustrates typically involved parties and their demands. Our solution combines several cryptographic techniques. For example, public key broadcast encryption enables secure SW distribution from any provider to all relevant embedded systems. Trusted computing allows to bind the distributed SW to a trustworthy configuration of the embedded system, which then fulfills a variety of security requirements. Finally, we outline the management of flexible access rights to individual functionalities of the installed SW, thus enabling new business models.

A multi-show credential system allows a user to unlinkably and anonymously demonstrate the possession of a credential as many times as the user desires. In some applications, this could be too flexible to be useful. In this paper, we propose a restricted version of such a system. The restricted multi-show credential system only allows the user to demonstrate his possession of a credential once in a given period of time. This time period can also be quantified to a sequence of discrete events. That is, each credential can only be shown once in each event. However, the same credential can still be shown anonymously in another event without being linked. On its applications, we propose a restricted multi-show credential based e-voting system. The e-voting system has the following desirable properties. (1) Simplicity: each user only registers once when he first joins the system and no additional registration/setup phase is needed for the user before casting a vote in each subsequent voting event. (2) Flexibility: the set of eligible voters can be different for different voting events with no additional overhead. (3) Unlinkability: the voters among different voting events cannot be linked. (4) Efficiency: The system maintains the same order of efficiency no matter a voting event is “yes/no” type, “1-out-of-n” type or even “t-out-of-n” type. Furthermore, we show how to extend the e-voting system into an electronic questionnaire system.

The peer-to-peer applications have recently seen an enormous success and spread over the Internet community which showed a dramatic change in the current client-server paradigm; that caused the appearance of some new concepts and protocols. One of the main new concepts introduced is the user anonymity which is in spite of being considered one of the main characteristics of the peer-to-peer paradigm it has introduced a serious security flaw due to the missing of trust between the participants in the system. This paper proposes an approach for peer-to-peer security, where the system participants can establish a trust relationship between each others based on their reputation gained by the participation in the system. The proposed technique relays on the concept of the recommendation cards. This paper discusses this technique and how to apply it to a peer-to-peer file sharing application.

Delegation is an important tool for authorization in large distributed environments. However, current delegation mechanisms used in emerging Grids have problems to allow for flexible and secure delegation. This paper presents a framework to realize restricted delegation using a specific attribute certificate with trust value in grid environments. The framework employs attribute certificates to convey rights separately from identity certificates used for authentication, and enables chained delegations by using attribute certificate chains. In the framework the verifier can enforce securely authorization with delegation by checking the trust values of AC chains, and judge if a delegation is a trusted delegation by evaluating the reputation value of the delegation chain. The paper discusses the way of computing trust and reputation for delegation, and describes some details of delegation, including the creation of delegation credential and the chained delegation protocol.

For analyzing computer system security, the system visitor could be classified into five kinds by his privilege to access system resource, and presented the model base on privilege escalation. The attacker can enhance his privilege by exploiting vulnerability, according to distribution of vulnerabilities privilege set, we could construct fault tree to reflect distinctly potential attack path, and so this method could quantificational express security state at different security policy via analyzing fault tree.

Grid security is a wide topic, touching many of the core issues in information security. It is an area that has been overlooked by the established grid community. In this paper, We explore some roles of identity-based cryptography (IBC) in grid circumstance, and propose a grid security infrastructure model based on identity cryptography. We mainly discuss the grid security authentication and authorization architecture, public key infrastructure based on identity cryptography and security group communication scheme by using weil pairing. The security property of our scheme is discussed. Finally, we compare our ID-based security infrastructure with the public key infrastructure in grid circumstance.

Digital Rights Management (DRM) systems aim at providing the appropriate environment for trading digital content while protecting the rights of authors and copyright holders. Existing DRM systems still suffer from a variety of problems that hamper their deployment: they (i) cannot guarantee policy enforcement on open platforms such as today’s PCs, (ii) offer only unilateral security, i.e., focus mainly on requirements of the content owners/providers and not on those of consumers such as privacy, and (iii) restrict users regarding many legally authorized uses (fair use), e.g., disallow consumers to make backups. In this paper we present a security architecture for computing platforms that, in the sense of multilateral security, is capable of enforcing policies defined by end-users and content providers. Our model provides methods and principles to practitioners to model and construct such systems based on a small set of assumptions. Further, we show how such a platform can be implemented based on a microkernel, existing operating system technology, and trusted computing hardware available today. Moreover, the platform’s functionality can be extended with a mechanism called property-based attestation to prevent discrimination of open-source software and to protect the consumers’ privacy.

This paper presents a novel scheme for embedding secret data into a binary image. In Tseng et al.’s scheme, a random binary matrix and a weight matrix are used as the secret keys to protect the secret information. In our scheme, we use a serial number matrix instead of a random binary matrix to reduce computation cost and to provide higher security protection on hidden secret data than Tseng et al. do. Given a cover image divided into blocks of m × n pixels each, our new scheme can hide $\lfloor{\rm log_2}(mn+1)\rfloor$ bits of hidden data with one modified bit at most in each block in the cover image. In addition, the hiding capacity of our new scheme offers is as large as that of Tseng et al.’s scheme, but we support higher stego-image quality than Tseng et al.’s scheme does.

In most existing spread spectrum watermarking algorithms, the embedding parameters, such as the embedding strength and spreading code length, are frequently determined via experiments. In this paper, the theoretical formulas that associate the embedding strength with the user number, or with the spreading code length, are estimated and tested, by analyzing the CDMA (Code Division Multiple Access) spreading strategies in quantization-based data hiding scenario. Moreover, a performance analytical schema in terms of BER (bit error rate) and SNR (signal-to-noise ratio) is proposed and tested both theoretically and experimentally. The interesting conclusions show that the performance of the CDMA-based data-hiding systems, focusing on quantization scheme, is independent of the user number under the constraints of imperceptibility, and an increase of the spreading code length will lead to a decrease of the robust performance. The simulation results are presented to support the conclusions. Although the work presented in this paper focuses on image watermarking, it may be extended to audio/video watermarking.