Catálogo de publicaciones - libros

The problem of defending software against tampering by a malicious host is not expected to be solved soon. Rather than trying to defend against the first attack, randomization tries to minimize the impact of a successful attack. Unfortunately, widespread adoption of this technique is hampered by its incompatibility with the current software distribution model, which requires identical physical copies. The ideas presented in this paper are a compromise between distributing identical copies and unique executions by diversifying at run time, based upon additional chaff input and variable program state. This makes it harder to zoom in on a point of interest and may fool an attacker into believing that he has succeeded, while the attack will work only for a short period of time, a small number of computers, or a subset of the input space.

With the evolution of e-commerce, privacy is becoming a major concern. Many e-companies employ collaborative filtering (CF) techniques to increase their sales by providing truthful recommendations to customers. Many algorithms have been employed for CF purposes; and Eigentaste-based algorithm is one of them. Customers’ preferences about products they purchased previously or showed interest are needed to provide recommendations. However, due to privacy concerns, customers refuse to contribute their ratings at all; or they might decide to give false data. Providing truthful referrals based on such inadequate and false data is impossible. Therefore, providing privacy measures is vital for collecting truthful data and producing recommendations. In this paper, we investigate how to achieve CF tasks (predictions and top- N recommendations) using Eigentaste, which is a constant time CF algorithm, without greatly exposing users’ privacy. To accomplish privacy, we employ randomized perturbation techniques (RPT). We modify and/or simplify original Eigentaste algorithm in such a way to provide private referrals efficiently with decent accuracy. We investigate our proposed schemes in terms of privacy. To evaluate the overall performance of our schemes, we conduct experiments using real data sets. We then analyze our outcomes and finally provide some suggestions.

Advertisement dissemination is a promising M-commerce application which exploits the capabilities of mobile ad hoc networks to increase the visibility of the products being offered by merchants. The starting point is a merchant who generates an advertisement that is subsequently disseminated by citizens who carry mobile devices acting as network nodes. In this paper we present a novel system where users collaborating in offer dissemination are incentivized with e-coin rewards. Our system is proven to be secure and to preserve the privacy of nodes.

We present a voter verifiable Internet voting scheme which provides anonymity and eliminates the danger of vote selling even if the computer used by the voter cannot be fully trusted. The ballots cast remain anonymous - even the machine does not know the choice of the voter. It makes no sense to buy votes - the voter can cheat the buyer even if his machine cooperates with the buyer. Nevertheless, the voter can verity that his vote has been counted.

The main focus of Trusted Operating System (TOS) research these days is on the enhanced access control of reference monitors which, in turn, control the individual operations on a given access instance. However, many real-life runtime attacks involve behavioral semantics. It is desirable, therefore, to enforce an integrated security policy that includes both behavioral security and access control policies. We have proposed an extended reference monitor to support both access and behavior controls. This results in a sequence of operations which is also of concern in security enforcement. This paper presents the design of the extended reference monitor for integrated policy enforcement and describes its implementation in Linux operating systems.

We have developed a privacy-aware operating system that focuses on preventing leakage of sensitive data such as personal information. The existing mandatory access control model is too restrictive for processes required to sustain the operations of user programs such as FTP, e-mail client applications, etc. In order to solve this problem, the proposed approach employs two techniques. First, the operating system kernel limits the execution of system calls only if the process could contribute to data leakage. Second, we implemented contexts; contexts are parameter or hints facilitating the evaluation of the risk of data leakage. These contexts also determine whether the kernel allows or disallows the execution of system calls. These techniques make it possible to realize a more adaptive and flexible data protection mechanism than the existing ones. This study describes the proposed approach.

Information leakage from client PCs has grown into a serious problem in recent years. To address the problem, we propose file lifetime monitoring technology that enables users to accurately trace modifications of confidential documents by user commands such as copy, rename, and save, as well as copy/paste editing operations. The File Lifetime Monitoring Technology is based on analyzing primitive events from the file system and GUI and anticipates confidentiality risks using prepared knowledge of applications. Using monitoring results effectively, confidential information can be managed on workers’PCs. The prototype system has been successfully operated, and 243 co-workers tried it out. The trial shows that our system is practical in terms of performance degradation. Experiments show that both the quality and quantity of monitoring results are better than conventional monitoring software. In particular, the log size of our system can be reduced eleven times from the size of conventional software.

With the digitization of society and the continuous migration of services to the electronic world, individuals have lost significant control over their data. In this paper, we consider the problem of protecting personal information subjects. More specifically, we propose a new primitive allowing a data subject to decide when, how, and by whom his data can be accessed, without the database manager learning anything about his identity, at the time the data is retrieved. The proposed solution, which we call Accredited SPIR , combines symmetrically private information retrieval and privacy-preserving digital credentials. We present three constructions based on the discrete logarithm and RSA problems. Despite the added privacy safeguards, the extra cost incurred by our constructions is negligeable compared to that of the underlying building blocks.

Despite the large number of certificateless encryption schemes recently proposed, many of them have been found to be insecure under a practical attack called malicious-but-passive KGC attack, since they all follow the same key generation procedure as that of the one proposed by Al-Riyami and Paterson in ASIACRYPT 2003. The only scheme that remains secure against this attack is due to Libert and Quisquater (PKC 2006). However, the security can only be shown in the random oracle model. In this paper, we first show that a scheme which has a different key generation procedure from that of Al-Riyami and Paterson also suffers from the malicious-but-passive KGC attack. Our attacking techniques are different and may cause greater extent of damage than the previous ones. We also propose a generic construction of certificateless encryption which can be proven secure against this attack in the standard model . This generic scheme not only is the first one proven secure in the standard model, but is also very efficient to instantiate. We also describe how to use short signature and hybrid encryption to construct highly efficient instantiations of this generic scheme.

Group key exchange (GKE) protocols can be used to guarantee confidentiality and authentication in group applications. The paradigm of provable security subsumes an abstract formalization (security model) that considers the protocol environment and identifies its security goals. The first security model for GKE protocols was proposed by Bresson, Chevassut, Pointcheval, and Quisquater in 2001, and has been subsequently applied in many security proofs. Their definitions of AKE-security (authenticated key exchange; a.k.a. indistinguishability of the key) and MA-security (mutual authentication) became meanwhile standard. In this paper we analyze the BCPQ model and some of its variants and identify several risks resulting from its technical core construction – the notion of partnering . Consequently, we propose a revised model extending AKE- and MA-security in order to capture attacks by malicious participants and strong corruptions. Then, we turn to generic solutions (known as compilers ) for AKE- and MA-security in BCPQ-like models. We describe a compiler compauthma which provides AKE- and MA-security for any GKE protocol, under standard cryptographic assumptions, that eliminates some identified limitations in existing compilers.