Anonymous certification for E-assessment opinion polls

Anonymous certification (AC) refers to cryptographic mechanisms in which users get certified from trusted issuers, with regard to some pre-defined user attributes, in order to produce presentation tokens. Such tokens satisfy service providers’ access policies, without revealing sensitive user information. AC systems are generally classified under two main different categories: (1) one-time show credentials that can be shown once for avoiding their originating user being traced from one transaction to another, and (2) multi-show credentials that can be used many times while avoiding their originating user to be traced. In this paper, we consider e-assessment opinion polls scenarios and propose an AC scheme where the one-time show property is relevant for making sure each user cannot hand in more than one poll in order to get significant results. To mitigate cheating, the scheme is provided with two extra procedures: attribute revocation and anonymity removal. The correctness of our scheme, as well as unforgeability, privacy and anonymity removal, are analyzed and demonstrated

Flexible fair and collusion resistant pseudonym providing system

In service providing systems, user authentication is required for different purposes such as billing, restricting unauthorized access, etc., to protect the privacy of users, their real identities should not be linked to the services that they use during authentication. A good solution is to use pseudonyms as temporary identities. On the other hand, it may also be required to have a backdoor in pseudonym systems for identity revealing that can be used by law enforcement agencies for legal reasons. Existing systems that retain a backdoor are either punitive (full user anonymity is revealed), or they are restrictive by revealing only current pseudonym identity of. In addition to that, existing systems are designed for a particular service and may not fit into others. In this paper, we address this gap and we propose a novel pseudonym providing and management system. Our system is flexible and can be tuned to fit into services for different service providers. The system is privacy-preserving and guarantees a level of anonymity for a particular number of users. Trust in our system is distributed among all system entities instead of centralizing it into a single trusted third party. More importantly, our system is highly resistant to collusions among the trusted entities. Our system also has the ability to reveal user identity fairly in case of a request by law enforcement. Analytical and simulation based performance evaluation showed that Collusion Resistant Pseudonym Providing System (CoRPPS) provides high level of anonymity with strong resistance against collusion attacks

Digital Copyright Protection: Focus on Some Relevant Solutions

Copyright protection of digital content is considered a relevant problem of the current Internet since content digitalization and high performance interconnection networks have greatly increased the possibilities to reproduce and distribute digital content. Digital Rights Management (DRM) systems try to prevent the inappropriate or illegal use of copyrighted digital content. They are promoted by the major global media players, but they are also perceived as proprietary solutions that give rise to classic problems of privacy and fair use. On the other hand, watermarking protocols have become a possible solution to the problem of copyright protection. They have evolved during the last decade, and interesting proposals have been designed. This paper first presents current trends concerning the most significant solutions to the problem of copyright protection based on DRM systems and then focuses on the most promising approaches in the field of watermarking protocols. In this regard, the examined protocols are discussed in order to individuate which of them can better represent the right trade-off between opposite goals, such as, for example, security and easy of use, so as to prove that it is possible to implement open solutions compatible with the current web context without resorting to proprietary architectures or impairing the protection of copyrighted digital content

Preventing Intimate Image Abuse Via Privacy-Preserving Credentials

The problem of non-consensual pornography (“NCP”), sometimes known as intimate image abuse or revenge porn, is well known. Despite its distribution being illegal in most states, it remains a serious problem, if only because it is often difficult to prove who uploaded the pictures. Furthermore, the Federal statute commonly known as Section 230 generally protects Internet sites, such as PornHub, from liability for content created by their users; only the users are liable, not the sites. One obvious countermeasure would be to require Internet sites to strongly authenticate their users, but this is not an easy problem to solve. Furthermore, while strong authentication would provide accountability for the immedi- ate upload, such a policy would threaten the ability to speak anonymously, a vital constitutional right. Also, it often would not help identify the original offender—many people download images from one site and upload them to another, which adds another layer of complexity. We instead propose a more complex scheme, based on a privacy- preserving cryptographic credential scheme originally devised by researcher Jan Camenisch and Professor Anna Lysyanskaya. While the details (and the underlying mathematics) are daunting, the essential properties of their scheme are straightforward. Users first obtain a primary credential from a trusted iden- tity provider; this provider verifies the person’s identity, generally via the usual types of government-issued ID documents, and hence knows a user’s real iden- tity. To protect privacy, this primary credential can be used to arbitrarily generate many anonymous but provably valid sub-credentials, perhaps one per website; these sub-credentials cannot be linked either to each other or to the primary credential. For technical reasons, sub-credentials cannot be used directly to digitally sign images. Instead, they are used to obtain industry-standard crypto- graphic “certificates,” which can be used to verify digital signatures on images. The certificate-issuing authority also receives and retains an encrypted, random pseudonym known by the identity provider, which is used to identify the web- site user. If NCP is alleged to be present in an image, information extracted from the image’s metadata—plus the encrypted pseudonym—can be sent to a deanonymization agent, the only party who can decrypt it. The final step to reveal the uploader’s identity is to send the decrypted pseudonym to the identity provider; which knows the linkage between the pseudonym and real person. In other words, three separate parties must cooperate to identify someone. The scheme is thus privacy-preserving, accountable, and abuse-resistant. It is privacy-preserving because sub-credentials are anonymous and not link- able to anything. It provides accountability, because all images are signed before upload and the identity of the original uploader can be determined if necessary. It is abuse-resistant, because it requires the cooperation of those three parties—the certificate issuer, the deanonymization agent, and the identity provider—to identify an image uploader. The paper contains a reasonably detailed description of how the scheme works technically, albeit without the mathematics. Our paper describes the necessary legal framework for this scheme. We start with a First Amendment analysis, to show that this potential violation of the constitutional right to anonymity is acceptable. We conclude that exacting scrutiny (as opposed to the generally higher standard of strict scrutiny), which balances different rights, is the proper standard to use. Exacting Scrutiny is what the Supreme Court has used in, e.g., Citizens United, to justify viola- tions of anonymity. Here, the balance is the right to anonymous publication of images versus the right to intimate privacy, a concept that we show has also been endorsed by the Supreme Court. We go on to discuss the requirements for the different parties—e.g., their trustworthiness and if they are in a juris- diction where aggrieved parties would have effective recourse—and the legal and procedural requirements, including standing, for opposing deanonymization. We suggest that all three parties should have the right to challenge dean- onymization requests, to ensure that they are valid. We also discuss how to change Section 230 in a way that would be constitutional (it is unclear if use of this scheme can be mandated), to induce Internet sites to adopt it. Finally, we discuss other barriers to adoption of this scheme and how to work around them: not everyone will have a suitable government-issued ID, and some sites, especially news and whistleblower sites, may wish to eschew strongly authenticated images to protect the identities of their sources

Framework for privacy-aware content distribution in peer-to- peer networks with copyright protection

The use of peer-to-peer (P2P) networks for multimedia distribution has spread out globally in recent years. This mass popularity is primarily driven by the efficient distribution of content, also giving rise to piracy and copyright infringement as well as privacy concerns. An end user (buyer) of a P2P content distribution system does not want to reveal his/her identity during a transaction with a content owner (merchant), whereas the merchant does not want the buyer to further redistribute the content illegally. Therefore, there is a strong need for content distribution mechanisms over P2P networks that do not pose security and privacy threats to copyright holders and end users, respectively. However, the current systems being developed to provide copyright and privacy protection to merchants and end users employ cryptographic mechanisms, which incur high computational and communication costs, making these systems impractical for the distribution of big files, such as music albums or movies.El uso de soluciones de igual a igual (peer-to-peer, P2P) para la distribución multimedia se ha extendido mundialmente en los últimos años. La amplia popularidad de este paradigma se debe, principalmente, a la distribución eficiente de los contenidos, pero también da lugar a la piratería, a la violación del copyright y a problemas de privacidad. Un usuario final (comprador) de un sistema de distribución de contenidos P2P no quiere revelar su identidad durante una transacción con un propietario de contenidos (comerciante), mientras que el comerciante no quiere que el comprador pueda redistribuir ilegalmente el contenido más adelante. Por lo tanto, existe una fuerte necesidad de mecanismos de distribución de contenidos por medio de redes P2P que no supongan un riesgo de seguridad y privacidad a los titulares de derechos y los usuarios finales, respectivamente. Sin embargo, los sistemas actuales que se desarrollan con el propósito de proteger el copyright y la privacidad de los comerciantes y los usuarios finales emplean mecanismos de cifrado que implican unas cargas computacionales y de comunicaciones muy elevadas que convierten a estos sistemas en poco prácticos para distribuir archivos de gran tamaño, tales como álbumes de música o películas.L'ús de solucions d'igual a igual (peer-to-peer, P2P) per a la distribució multimèdia s'ha estès mundialment els darrers anys. L'àmplia popularitat d'aquest paradigma es deu, principalment, a la distribució eficient dels continguts, però també dóna lloc a la pirateria, a la violació del copyright i a problemes de privadesa. Un usuari final (comprador) d'un sistema de distribució de continguts P2P no vol revelar la seva identitat durant una transacció amb un propietari de continguts (comerciant), mentre que el comerciant no vol que el comprador pugui redistribuir il·legalment el contingut més endavant. Per tant, hi ha una gran necessitat de mecanismes de distribució de continguts per mitjà de xarxes P2P que no comportin un risc de seguretat i privadesa als titulars de drets i els usuaris finals, respectivament. Tanmateix, els sistemes actuals que es desenvolupen amb el propòsit de protegir el copyright i la privadesa dels comerciants i els usuaris finals fan servir mecanismes d'encriptació que impliquen unes càrregues computacionals i de comunicacions molt elevades que fan aquests sistemes poc pràctics per a distribuir arxius de grans dimensions, com ara àlbums de música o pel·lícules

EIB Fraud Investigations Activity Report 2020

This Fraud Investigations Activity Report describes the activities of the Inspectorate General’s Fraud Investigations Division (IG/IN) in 2020, giving an overview of IG/IN’s work to prevent, detect, investigate and remedy Prohibited Conduct affecting EIB Group activities. In particular, the report provides: A chapter dedicated to the impact of the Covid-19 pandemic on IG/IN’s investigations; Relevant statistics and analysis on the number of allegations received and investigations conducted; A number of internal and external case studies reflecting the range of allegations handled by investigators as well as the findings and lessons learned; An overview of the fraud detection tools and methodology developed by IG/IN as well as relevant case studies showcasing how on-the-ground Proactive Integrity Reviews are performed; An overview on deterrence and rehabilitation activities; and Information on the policy work undertaken by IG/IN, such as fraud and corruption training and awareness initiatives for EIB Group staff members, and continued efforts in outreach and global partnerships

PARFAIT:Privacy-preserving, secure, and low-delay service access in fog-enabled IoT ecosystems

Traditional fog-enabled IoT ecosystems always assume fully-trusted and secure fog nodes, offering computational capabilities and storage space closer to constrained IoT devices. However, such security-related assumptions can easily fall when considering the exposure of fog nodes’ location, the heterogeneity of device providers, and the ease of misuse and misconfigurations by end-users, to name a few. As a result, compromised fog nodes can stealthily steal sensitive information, such as the devices’ location, path, and private personal attributes. This paper presents PARFAIT, a privacy-preserving, secure, and low-delay framework for securely accessing services in fog-enabled IoT ecosystems. PARFAITguarantees low-delay authentication and authorization to local fog nodes, protecting the identity and the attributes possessed by the IoT devices. Moreover, PARFAITuses rolling ephemeral identities, providing unlinkability among access requests, thus preventing the tracking of mobile IoT devices by multiple compromised fog nodes. We performed several experimental tests on a reference proof-of-concept to show the viability of PARFAIT. Specifically, adopting an elliptic curve with a group size of 512 bits, PARFAITallows the access to a single protected resource in only 0.274 s, and such a delay rises to only 0.359 s with 10 consecutive requests (66.8% less than the quickest competing approach).</p

Multi - owner Secure Data Sharing in Cloud Computing Environment

Data sharing in the cloud is a technique that allows users to conveniently access data over the cloud. The data owner outsources their data in the cloud due to cost reduction and the great conveniences provided by cloud services. Data owner is not able to control over their data, because cloud service provider is a third party provider.  The main crisis with data sharing in the cloud is the privacy and security issues. Various techniques are available to support user privacy and secure data sharing. This paper focus on various schemes to deal with secure data sharing such as Data sharing with forward security, secure data sharing for dynamic groups, Attribute based data sharing, encrypted data sharing and Shared Authority Based Privacy-Preserving Authentication Protocol for access control of outsourced data