MoPS: A Modular Protection Scheme for Long-Term Storage

Current trends in technology, such as cloud computing, allow outsourcing the storage, backup, and archiving of data. This provides efficiency and flexibility, but also poses new risks for data security. It in particular became crucial to develop protection schemes that ensure security even in the long-term, i.e. beyond the lifetime of keys, certificates, and cryptographic primitives. However, all current solutions fail to provide optimal performance for different application scenarios. Thus, in this work, we present MoPS, a modular protection scheme to ensure authenticity and integrity for data stored over long periods of time. MoPS does not come with any requirements regarding the storage architecture and can therefore be used together with existing archiving or storage systems. It supports a set of techniques which can be plugged together, combined, and migrated in order to create customized solutions that fulfill the requirements of different application scenarios in the best possible way. As a proof of concept we implemented MoPS and provide performance measurements. Furthermore, our implementation provides additional features, such as guidance for non-expert users and export functionalities for external verifiers.Comment: Original Publication (in the same form): ASIACCS 201

Real Time Big Data Analytics Dependence on Network Monitoring Solutions using Tensor Networks and its Decomposition

Organizations dealing with huge volumes of data must have a big data infrastructure in place that can accommodate the load of storing, analysing and transporting the data. Suboptimal network performance represents a potential point of failure. Therefore, it is essential to implement redundancy and/or a fail over strategy in order to minimize downtime. With network monitoring, we come to know the status of everything on the network without having to watch it personally and be able to take the timely action to correct problems. But to the extent that companies increase their reliance on real-time streams of marketing and performance big data, the network will become a central part of big data application performance. This is why incorporating network monitoring should be on the company's big data road map if we anticipate using live streaming and analytics of big data in business applications. Keywords: Big Data analytics, suboptimal network performance, network monitoring, live streaming, WAN Management, Network Application Performance Management, Tensor Network

Two-tier blockchain timestamped notarization with incremental security

Digital notarization is one of the most promising services offered by modern blockchain-based solutions. We present a digital notary design with incremental security and cost reduced with respect to current solutions. A client of the service receives evidence in three steps. In the first step, evidence is received almost immediately, but a lot of trust is required. In the second step, less trust is required, but evidence is received seconds later. Finally, in the third step evidence is received within minutes via a public blockchain.Comment: Accepted for presentation at the 2nd Distributed Ledger Technology Workshop (DLT 2019), Pis

Time Stamped Proxy Blind Signature Scheme With Proxy Revocation Based on Discrete Logarithm Problem

Proxy blind signature combines both the properties of blind signature and proxy signature. In a proxy blind signature scheme, the proxy signer is allowed to generate a blind signature on behalf of the original signer. It is a protocol played by three parties in which a user obtains a proxy signer’s signature for a desired message and the proxy signer learns nothing about the message. During the verification of a proxy blind signature scheme, the verifier cannot get whether signing is within the delegation period or after delegation period. In this thesis a time stamped proxy blind signature scheme with proxy revocation is proposed which records the time stamp during the proxy signing phase and satisfies all the security properties of proxy blind signature i.e distinguishability, nonrepudiation, unforgeability, verifiability, identifiability, unlinkability, prevention of misuse. In a proxy revocation scheme, the original signer can terminate the delegation power of a proxy signer before the completion of delegation period. Proxy blind signature has wide applications in real life scenarios, such as, e-cash, e-voting and e-commerece applications

Extending the Liaison Workflow Model and Engine to Support Different Signature Purposes

Currently, many software systems are developed in offices geographically distributed in different locations. Furthermore, it is also common for a software system development project to contract to different software houses. These contracted software development projects, very often, are further sub-contracted to some other software houses. These software development modes can be supported and managed by good distributed workflow systems. Signatures play an important role in these software development modes. Most workflow systems, at best, can only support digital signatures. Digital signatures with public key cryptosystem are limited to authentication, integrity, confidentiality and non-repudiation. The wide variety of signature purposes such as authorization or multiple signatures in group decision making are not supported explicitly by most workflow systems. We have studied different kinds of signature in software development and workflow systems. The paper discusses the problems and solutions of incorporating these signatures in a distributed workflow engine, in particular, the Liaison Workflow Engine, to support the contemporary modes of software developments.published_or_final_versio

Electronic security - risk mitigation in financial transactions : public policy issues

This paper builds on a previous series of papers (see Claessens, Glaessner, and Klingebiel, 2001, 2002) that identified electronic security as a key component to the delivery of electronic finance benefits. This paper and its technical annexes (available separately at http://www1.worldbank.org/finance/) identify and discuss seven key pillars necessary to fostering a secure electronic environment. Hence, it is intended for those formulating broad policies in the area of electronic security and those working with financial services providers (for example, executives and management). The detailed annexes of this paper are especially relevant for chief information and security officers responsible for establishing layered security. First, this paper provides definitions of electronic finance and electronic security and explains why these issues deserve attention. Next, it presents a picture of the burgeoning global electronic security industry. Then it develops a risk-management framework for understanding the risks and tradeoffs inherent in the electronic security infrastructure. It also provides examples of tradeoffs that may arise with respect to technological innovation, privacy, quality of service, and security in designing an electronic security policy framework. Finally, it outlines issues in seven interrelated areas that often need attention in building an adequate electronic security infrastructure. These are: 1) The legal framework and enforcement. 2) Electronic security of payment systems. 3) Supervision and prevention challenges. 4) The role of private insurance as an essential monitoring mechanism. 5) Certification, standards, and the role of the public and private sectors. 6) Improving the accuracy of information on electronic security incidents and creating better arrangements for sharing this information. 7) Improving overall education on these issues as a key to enhancing prevention.Knowledge Economy,Labor Policies,International Terrorism&Counterterrorism,Payment Systems&Infrastructure,Banks&Banking Reform,Education for the Knowledge Economy,Knowledge Economy,Banks&Banking Reform,International Terrorism&Counterterrorism,Governance Indicators

Middleware support for non-repudiable business-to-business interactions

The wide variety of services and resources available over the Internet presents new opportunities for organisations to collaborate to reach common goals. For example, business partners wish to access each other’s services and share information along the supply chain in order to compete more successfully in the delivery of goods or services to the ultimate customer. This can lead to the investment of significant resources by business partners in the resulting collaboration. In the context of such high value business-to-business (B2B) interactions it is desirable to regulate (monitor and control) the behaviour of business partners to ensure that they comply with agreements that govern their interactions. Achieving this regulation is challenging because, while wishing to collaborate, organisations remain autonomous and may not unguardedly trust each other. Two aspects must be addressed: (i) the need for high-level mechanisms to encode agreements (contracts) between the interacting parties such that they can be used for run-time monitoring and enforcement, and (ii) systematic support to monitor a given interaction for conformance with contract and to ensure accountability. This dissertation concerns the latter aspect — the definition, design and implementation of underlying middleware support for the regulation of B2B interactions. To this end, two non-repudiation services are identified — non-repudiable service invocation and non-repudiable information sharing. A flexible nonrepudiation protocol execution framework supports the delivery of the identified services. It is shown how the services can be used to regulate B2B interactions. The non-repudiation services provide for the accountability of the actions of participants; including the acknowledgement of actions, their run-time validation with respect to application-level constraints and logging for audit. The framework is realised in the context of interactions with and between components of a J2EE application server platform. However, the design is sufficiently flexible to apply to other common middleware platforms.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Adapting hybrid approaches for electronic medical record management and sharing using blockchain sharding

In the past few years, it is noticed that management and sharing medical records is a key step towards increasing healthcare provider connectivity and making the healthcare system more efficient. The scalability and sustainability issues confer to mismanagement of patient is record and also raised several issues in privacy and security. The study aims to suggest more efficient alternatives for Electronic Healthcare System. Scalability and privacy are the major limitations that existing systems contain so the goal of this study is to define alternatives about how parameters like scalability, usability and data protection could be achieved in an efficient manner for healthcare system. In the healthcare industry, providing accurate, thorough, and up-to-date information on patients is critical. Another feature that allows researchers to consider efficient EHR systems is rapid access to patient records for boosting efficiency and coordination. Blockchain sharding technique is utilized along with hyper-ledger protocols and Proof-of-Authority to carry out our model implementation