Catálogo de publicaciones - libros

In this paper we revisit , a security architecture for microprocessors that provides memory encryption and memory verification using hash values, including a summary of its main features and an overview of other related architectures. We analyze the security of architecture as originally proposed, pointing out some weaknesses in security and performance. To overcome them, we supply another hashing and protection schemes which strengthen the security and improve the performance of the first proposal. Finally, we present some experimental results comparing the old and new schemes.

We propose a new Timed Release Cryptography (TRC) scheme which is based on bilinear pairings together with an S/Key-like procedure used for private key generation. Existing schemes for this task, such as time-lock puzzle approach, provide an approximate release time, dependent on the recipients’ CPU speed and the beginning time of the decryption process. Additionally, some other server-based schemes do not provide scalability and anonymity because the server is actively involved in the encryption or the decryption. However, there are already protocols based on bilinear pairings that solve most of the problems referred. Our goal is to extend and combine the existing protocols with desirable properties in order to create a secure, fast and scalable TRC scheme applied to dependent or sequential events. For this purpose we used continuous hashed time-instant private keys (hash chain) in the same way the S/Key system works. Our approach decreases dramatically the number of past time-instant private keys the server stores and only two keys are needed, the last one to construct the previous keys and the first one to recursively verify the authenticity of the next keys.

Chaotic mixing based encryption schemes for visual data are shown to be robust to lossy compression as long as the security requirements are not too high. This property facilitates the application of these ciphers in scenarios where lossy compression is applied to encrypted material – which is impossible in case traditional ciphers should be employed. If high security is required chaotic mixing loses its robustness to compression, still the lower computational demand may be an argument in favor of chaotic mixing as compared to traditional ciphers when visual data is to be encrypted.

Selective encryption of visual data and especially MPEG has attracted a considerable number of researchers in recent years. Scalable visual formats are offering additional functionality, which is of great benefit for streaming and networking applications. The MPEG-2 and MPEG-4 standards provide a scalability profile in which a resolution scalable mode is specified. In this paper we evaluate a selective encryption approach on the basis of our hierarchical MPEG video codec.

steganography of images based on the use of the LSB (Least Significant Bit), SPA (Sample Pair Analysis), RS (Regular and Singular groups) method and DIH (Difference Image Histogram) method are three powerful steganalysis methods. A comparison analysis among DIH, SPA, and RS method is discussed, and a comparison of their proofs is presented. The process of proving includes three parts, and an equivalence relationship proposition is respectively proofed in every section. This proving offers a theory base for the study of an approach that can resist these three kinds of steganalysis methods synchronously.

Current DRM implementations rely on obfuscating the inner working of the DRM client. Moreover, the rights to consume content are rather device bound than person bound. We present a first step towards an open DRM framework which is based on the security of its building blocks. The presented framework binds the right to consume content to persons instead of to devices. An extension of the current TPM specification is proposed to enhance the security of DRM clients.

Although privacy is often seen as an essential right for internet users, the provision of anonymity can also provide the ultimate cover for malicious users. Privacy Enhancing Technologies (PETs) should not only hide the identity of legitimate users but also provide means by which evidence of malicious activity can be gathered. This paper proposes a forensic investigation technique, which can be embedded in the framework of existing PETs , thereby adding network forensic functionality to the PET. This approach introduces a new dimension to the implementation of Privacy Enhancing Technologies, which enhances their viability in the global network environment.

This paper targets personal privacy protection in context-aware ubiquitous computing environments. It proposes a privacy agent technology to help notify people of relevant information disclosure, and to empower them to manage privacy with relative ease. In essence, the development of the privacy agent technology employs privacy terminology and policies specified in Platform for Privacy Preferences Project (P3P) [1], and uses ontological modeling technique to facilitate automated processes of privacy-relevant interactions on behalf of individuals. The development of privacy agent is an integrated part of our ongoing effort towards developing a privacy-respecting context-aware infrastructure.

The advances in technology have enabled us to share information, process data transactions, and enhance collaborations with relevant entities effectively. Its unparalleled adoption in both the public and private sectors is raising heightened concerns, particularly in the areas of the collection and management of personal information. The use of personal information can provide great benefits, including improved services for customers and increased revenues and decreased costs for businesses. However, it has also raised important issues such as the misuse of their personal information and loss of privacy. In this paper, we propose a framework to preserve privacy in new Public Metro Transit Systems that incorporates smartcard-based payment systems. The proposed framework leverages cryptographic protocols and an innovative privacy model to ensure the protection of privacy information of the cardholders. We also overview our system architecture for the proposed framework including case learned.

The perspective directions in evaluating network security are simulating possible malefactor’s actions, building the representation of these actions as attack graphs (trees, nets), the subsequent checking of various properties of these graphs, and determining security metrics which can explain possible ways to increase security level. The paper suggests a new approach to security evaluation based on comprehensive simulation of malefactor’s actions, construction of attack graphs and computation of different security metrics. The approach is intended for using both at design and exploitation stages of computer networks. The implemented software system is described, and the examples of experiments for analysis of network security level are considered.