Catálogo de publicaciones - libros

Compartir en
redes sociales


Advances in Information and Computer Security: 2nd International Workshop on Security, IWSEC 2007, Nara, Japan, October 29-31, 2007. Proceedings

Atsuko Miyaji ; Hiroaki Kikuchi ; Kai Rannenberg (eds.)

En conferencia: 2º International Workshop on Security (IWSEC) . Nara, Japan . October 29, 2007 - October 31, 2007

Resumen/Descripción – provisto por la editorial

No disponible.

Palabras clave – provistas por la editorial

Data Encryption; Systems and Data Security; Operating Systems; Management of Computing and Information Systems; Computers and Society; Computer Communication Networks

Disponibilidad
Institución detectada Año de publicación Navegá Descargá Solicitá
No detectada 2007 SpringerLink

Información

Tipo de recurso:

libros

ISBN impreso

978-3-540-75650-7

ISBN electrónico

978-3-540-75651-4

Editor responsable

Springer Nature

País de edición

Reino Unido

Fecha de publicación

Información sobre derechos de publicación

© Springer-Verlag Berlin Heidelberg 2007

Tabla de contenidos

Run-Time Randomization to Mitigate Tampering

Bertrand Anckaert; Mariusz Jakubowski; Ramarathnam Venkatesan; Koen De Bosschere

The problem of defending software against tampering by a malicious host is not expected to be solved soon. Rather than trying to defend against the first attack, randomization tries to minimize the impact of a successful attack. Unfortunately, widespread adoption of this technique is hampered by its incompatibility with the current software distribution model, which requires identical physical copies. The ideas presented in this paper are a compromise between distributing identical copies and unique executions by diversifying at run time, based upon additional chaff input and variable program state. This makes it harder to zoom in on a point of interest and may fool an attacker into believing that he has succeeded, while the attack will work only for a short period of time, a small number of computers, or a subset of the input space.

Palabras clave: Diversity System; Basic Block; Code Size; Undesired Behavior; Successful Attack.

Pp. 153-168

Privacy-Preserving Eigentaste-Based Collaborative Filtering

Ibrahim Yakut; Huseyin Polat

With the evolution of e-commerce, privacy is becoming a major concern. Many e-companies employ collaborative filtering (CF) techniques to increase their sales by providing truthful recommendations to customers. Many algorithms have been employed for CF purposes; and Eigentaste-based algorithm is one of them. Customers’ preferences about products they purchased previously or showed interest are needed to provide recommendations. However, due to privacy concerns, customers refuse to contribute their ratings at all; or they might decide to give false data. Providing truthful referrals based on such inadequate and false data is impossible. Therefore, providing privacy measures is vital for collecting truthful data and producing recommendations. In this paper, we investigate how to achieve CF tasks (predictions and top- N recommendations) using Eigentaste, which is a constant time CF algorithm, without greatly exposing users’ privacy. To accomplish privacy, we employ randomized perturbation techniques (RPT). We modify and/or simplify original Eigentaste algorithm in such a way to provide private referrals efficiently with decent accuracy. We investigate our proposed schemes in terms of privacy. To evaluate the overall performance of our schemes, we conduct experiments using real data sets. We then analyze our outcomes and finally provide some suggestions.

Palabras clave: Lookup Table; Test User; Collaborative Filter; Mean Absolute Error; Principal Eigenvector.

Pp. 169-184

Secure and Private Incentive-Based Advertisement Dissemination in Mobile Ad Hoc Networks

Alexandre Viejo; Francesc Sebé; Josep Domingo-Ferrer

Advertisement dissemination is a promising M-commerce application which exploits the capabilities of mobile ad hoc networks to increase the visibility of the products being offered by merchants. The starting point is a merchant who generates an advertisement that is subsequently disseminated by citizens who carry mobile devices acting as network nodes. In this paper we present a novel system where users collaborating in offer dissemination are incentivized with e-coin rewards. Our system is proven to be secure and to preserve the privacy of nodes.

Palabras clave: Advertisement dissemination; Incentive; M-Commerce; Mobile ad hoc network; Privacy; Security.

Pp. 185-198

Verifiable Internet Voting Solving Secure Platform Problem

Mirosław Kutyłowski; Filip Zagórski

We present a voter verifiable Internet voting scheme which provides anonymity and eliminates the danger of vote selling even if the computer used by the voter cannot be fully trusted. The ballots cast remain anonymous - even the machine does not know the choice of the voter. It makes no sense to buy votes - the voter can cheat the buyer even if his machine cooperates with the buyer. Nevertheless, the voter can verity that his vote has been counted.

Palabras clave: electronic voting; vote selling; coercion resistance; anonymity.

Pp. 199-213

Enforcement of Integrated Security Policy in Trusted Operating Systems

Hyung Chan Kim; R. S. Ramakrishna; Wook Shin; Kouichi Sakurai

The main focus of Trusted Operating System (TOS) research these days is on the enhanced access control of reference monitors which, in turn, control the individual operations on a given access instance. However, many real-life runtime attacks involve behavioral semantics. It is desirable, therefore, to enforce an integrated security policy that includes both behavioral security and access control policies. We have proposed an extended reference monitor to support both access and behavior controls. This results in a sequence of operations which is also of concern in security enforcement. This paper presents the design of the extended reference monitor for integrated policy enforcement and describes its implementation in Linux operating systems.

Palabras clave: Access Control; Policy Language; Security Policy; Behavior Control; Access Control Policy.

Pp. 214-229

Salvia: A Privacy-Aware Operating System for Prevention of Data Leakage

Kazuhisa Suzuki; Koichi Mouri; Eiji Okubo

We have developed a privacy-aware operating system that focuses on preventing leakage of sensitive data such as personal information. The existing mandatory access control model is too restrictive for processes required to sustain the operations of user programs such as FTP, e-mail client applications, etc. In order to solve this problem, the proposed approach employs two techniques. First, the operating system kernel limits the execution of system calls only if the process could contribute to data leakage. Second, we implemented contexts; contexts are parameter or hints facilitating the evaluation of the risk of data leakage. These contexts also determine whether the kernel allows or disallows the execution of system calls. These techniques make it possible to realize a more adaptive and flexible data protection mechanism than the existing ones. This study describes the proposed approach.

Palabras clave: System Call; Trust Platform Module; Access Control Model; Data Leakage; Access Control List.

Pp. 230-245

InfoCage: A Development and Evaluation of Confidential File Lifetime Monitoring Technology by Analyzing Events from File Systems and GUIs

Koji Kida; Hisashi Sakamoto; Hideo Shimazu; Hiroyuki Tarumi

Information leakage from client PCs has grown into a serious problem in recent years. To address the problem, we propose file lifetime monitoring technology that enables users to accurately trace modifications of confidential documents by user commands such as copy, rename, and save, as well as copy/paste editing operations. The File Lifetime Monitoring Technology is based on analyzing primitive events from the file system and GUI and anticipates confidentiality risks using prepared knowledge of applications. Using monitoring results effectively, confidential information can be managed on workers’PCs. The prototype system has been successfully operated, and 243 co-workers tried it out. The trial shows that our system is practical in terms of performance degradation. Experiments show that both the quality and quantity of monitoring results are better than conventional monitoring software. In particular, the log size of our system can be reduced eleven times from the size of conventional software.

Palabras clave: Secure Office; Information Leakage Countemesure; Operation Monitoring; Log Analysis; Knowledge Base.

Pp. 246-261

Accredited Symmetrically Private Information Retrieval

Mohamed Layouni

With the digitization of society and the continuous migration of services to the electronic world, individuals have lost significant control over their data. In this paper, we consider the problem of protecting personal information subjects. More specifically, we propose a new primitive allowing a data subject to decide when, how, and by whom his data can be accessed, without the database manager learning anything about his identity, at the time the data is retrieved. The proposed solution, which we call Accredited SPIR , combines symmetrically private information retrieval and privacy-preserving digital credentials. We present three constructions based on the discrete logarithm and RSA problems. Despite the added privacy safeguards, the extra cost incurred by our constructions is negligeable compared to that of the underlying building blocks.

Palabras clave: Symmetrically private information retrieval; anonymous credentials; policy enforcement.

Pp. 262-277

Generic Certificateless Encryption in the Standard Model

Qiong Huang; Duncan S. Wong

Despite the large number of certificateless encryption schemes recently proposed, many of them have been found to be insecure under a practical attack called malicious-but-passive KGC attack, since they all follow the same key generation procedure as that of the one proposed by Al-Riyami and Paterson in ASIACRYPT 2003. The only scheme that remains secure against this attack is due to Libert and Quisquater (PKC 2006). However, the security can only be shown in the random oracle model. In this paper, we first show that a scheme which has a different key generation procedure from that of Al-Riyami and Paterson also suffers from the malicious-but-passive KGC attack. Our attacking techniques are different and may cause greater extent of damage than the previous ones. We also propose a generic construction of certificateless encryption which can be proven secure against this attack in the standard model . This generic scheme not only is the first one proven secure in the standard model, but is also very efficient to instantiate. We also describe how to use short signature and hybrid encryption to construct highly efficient instantiations of this generic scheme.

Palabras clave: Encryption Scheme; Signature Scheme; Random Oracle; Random Oracle Model; Challenge Ciphertext.

Pp. 278-291

On Security Models and Compilers for Group Key Exchange Protocols

Emmanuel Bresson; Mark Manulis; Jörg Schwenk

Group key exchange (GKE) protocols can be used to guarantee confidentiality and authentication in group applications. The paradigm of provable security subsumes an abstract formalization (security model) that considers the protocol environment and identifies its security goals. The first security model for GKE protocols was proposed by Bresson, Chevassut, Pointcheval, and Quisquater in 2001, and has been subsequently applied in many security proofs. Their definitions of AKE-security (authenticated key exchange; a.k.a. indistinguishability of the key) and MA-security (mutual authentication) became meanwhile standard. In this paper we analyze the BCPQ model and some of its variants and identify several risks resulting from its technical core construction – the notion of partnering . Consequently, we propose a revised model extending AKE- and MA-security in order to capture attacks by malicious participants and strong corruptions. Then, we turn to generic solutions (known as compilers ) for AKE- and MA-security in BCPQ-like models. We describe a compiler compauthma which provides AKE- and MA-security for any GKE protocol, under standard cryptographic assumptions, that eliminates some identified limitations in existing compilers.

Palabras clave: Security Model; Mutual Authentication; Forward Secrecy; Security Goal; Passive Adversary.

Pp. 292-307