Trust Building and Usage Control for Electronic Business Processes

Information technology (IT) supports companies to streamline their business processes. The main contributions of IT are the digitalization of data and efficient communication networks, which allow companies to automatize their business processes and thus increase their efficiency, i.e., their value creation. This effort started with the optimization of internal business processes within a company. Nowadays, it also includes external business processes, in which multiple enterprises and even customers are involved. However, using IT also causes undesirable side effects for companies. They are exposed to a wide range of vulnerabilities and threats. Digitalizing data, e.g., documents, spurs the access to that data and the exchange of it. However, a disadvantageous result of digitalizing data is the increased risk of unauthorized access to that data. Communication networks provide an excellent foundation for collaboration between companies. At the same time, the open and anonymous character of communication networks is a reason for distrust towards business partners offering their goods and services over such networks. As a result of these undesirable side effects, the outcome of a certain business process supported by IT may be suboptimal or companies may refrain from using IT. Against this background, this thesis focuses on securing electronic business processes with regard to two aspects, i.e., building trust in open networks and controlling the usage of digital objects. Trust is the prerequisite for all kinds of commercial transactions. Using reputation information is one possible way to build up trust among business partners. In this thesis, we propose two new reputation systems to establish trust for ad-hoc processes in open markets. The first reputation system facilitates trust building in the context of electronic negotiations which are performed with the help of a centralized system. The reputation system enables companies to find trustworthy business partners and provides decision support during a negotiation. The second reputation system supports trust building in decentralized Peer-to-Peer (P2P) networks. A main feature of this system is its robustness against coalition attacks, which is proven with the help of a simulation. Controlling the usage of digital objects demands two functionalities. First, we need methods for defining usage rules. Second, mechanisms for enforcing the defined usage rules are required. In this thesis, we address both aspects of usage control. Digital documents play a central role in business processes, since they are a means of integration and are handled among business partners. Some documents are sensitive and thus have to be protected from being accessed by unauthorized parties. For this purpose, we propose a flexible and expressive access control model for electronic documents. Our model captures the information about the operations performed on documents. This history information can be used to define access control rules. Customers are involved in the execution of special kinds of business processes, such as selling and consuming digital goods. In these cases, digital goods have to be protected from being used in an unauthorized way, e.g., being shared in public networks. Thus, the trustworthiness of customers' platforms has to be verified before transferring digital goods. For this, we propose a robust integrity reporting protocol which is necessary when a remote platform has to perform security relevant operations, e.g., to enforce a security policy which controls the usage of digital content. This integrity reporting protocol is a building block of a new Digital Rights Management system which is also presented in this thesis. This system provides a high protection level. At the same time, it allows users to transfer their purchased content to other devices or users.

Demystifying Internet of Things Security

Break down the misconceptions of the Internet of Things by examining the different security building blocks available in Intel Architecture (IA) based IoT platforms. This open access book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth. The IoT presents unique challenges in implementing security and Intel has both CPU and Isolated Security Engine capabilities to simplify it. This book explores the challenges to secure these devices to make them immune to different threats originating from within and outside the network. The requirements and robustness rules to protect the assets vary greatly and there is no single blanket solution approach to implement security. Demystifying Internet of Things Security provides clarity to industry professionals and provides and overview of different security solutions What You'll Learn Secure devices, immunizing them against different threats originating from inside and outside the network Gather an overview of the different security building blocks available in Intel Architecture (IA) based IoT platforms Understand the threat pyramid, secure boot, chain of trust, and the software stack leading up to defense-in-depth Who This Book Is For Strategists, developers, architects, and managers in the embedded and Internet of Things (IoT) space trying to understand and implement the security in the IoT devices/platforms

Security, Trust and Privacy (STP) Model for Federated Identity and Access Management (FIAM) Systems

The federated identity and access management systems facilitate the home domain organization users to access multiple resources (services) in the foreign domain organization by web single sign-on facility. In federated environment the user’s authentication is performed in the beginning of an authentication session and allowed to access multiple resources (services) until the current session is active. In current federated identity and access management systems the main security concerns are: (1) In home domain organization machine platforms bidirectional integrity measurement is not exist, (2) Integrated authentication (i.e., username/password and home domain machine platforms mutual attestation) is not present and (3) The resource (service) authorization in the foreign domain organization is not via the home domain machine platforms bidirectional attestation

Attestation in Trusted Computing: Challenges and Potential Solutions

This report examines the state of play in TCG attestation. It asks the question: how practical is the attestation specification and does it meet the needs of designs that propose to take advantage of trusted computing functionality? It is shown that, broadly speaking, both specification and implementation falls short of its stated goals. Application designs expect different semantics. Straightforward application of attestation to a running system does not provide adequate assurance nor does it scale. It is argued that extending the TCG architecture and reworking application designs are the most viable routes to making attestation a practical proposition

Who Can Find My Devices? Security and Privacy of Apple's Crowd-Sourced Bluetooth Location Tracking System

Overnight, Apple has turned its hundreds-of-million-device ecosystem into the world's largest crowd-sourced location tracking network called offline finding (OF). OF leverages online finder devices to detect the presence of missing offline devices using Bluetooth and report an approximate location back to the owner via the Internet. While OF is not the first system of its kind, it is the first to commit to strong privacy goals. In particular, OF aims to ensure finder anonymity, untrackability of owner devices, and confidentiality of location reports. This paper presents the first comprehensive security and privacy analysis of OF. To this end, we recover the specifications of the closed-source OF protocols by means of reverse engineering. We experimentally show that unauthorized access to the location reports allows for accurate device tracking and retrieving a user's top locations with an error in the order of 10 meters in urban areas. While we find that OF's design achieves its privacy goals, we discover two distinct design and implementation flaws that can lead to a location correlation attack and unauthorized access to the location history of the past seven days, which could deanonymize users. Apple has partially addressed the issues following our responsible disclosure. Finally, we make our research artifacts publicly available.Comment: Accepted at Privacy Enhancing Technologies Symposium (PETS) 202

Twenty security considerations for cloud-supported Internet of Things

To realise the broad vision of pervasive computing, underpinned by the “Internet of Things” (IoT), it is essential to break down application and technology-based silos and support broad connectivity and data sharing; the cloud being a natural enabler. Work in IoT tends towards the subsystem, often focusing on particular technical concerns or application domains, before offloading data to the cloud. As such, there has been little regard given to the security, privacy and personal safety risks that arise beyond these subsystems; that is, from the wide-scale, crossplatform openness that cloud services bring to IoT. In this paper we focus on security considerations for IoT from the perspectives of cloud tenants, end-users and cloud providers, in the context of wide-scale IoT proliferation, working across the range of IoT technologies (be they things or entire IoT subsystems). Our contribution is to analyse the current state of cloud-supported IoT to make explicit the security considerations that require further work.This work was supported by UK Engineering and Physical Sciences Research Council grant EP/K011510 CloudSafetyNet: End-to-End Application Security in the Cloud and Microsoft through the Microsoft Cloud Computing Research Centre

A Survey on Wireless Sensor Network Security

Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed nature of these networks and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes is also very likely in real-life deployment scenarios. Due to resource constraints in the sensor nodes, traditional security mechanisms with large overhead of computation and communication are infeasible in WSNs. Security in sensor networks is, therefore, a particularly challenging task. This paper discusses the current state of the art in security mechanisms for WSNs. Various types of attacks are discussed and their countermeasures presented. A brief discussion on the future direction of research in WSN security is also included.Comment: 24 pages, 4 figures, 2 table