21,459 research outputs found
Authentication and authorisation in entrusted unions
This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two pilot studies in two different domains, viz, Bio-security incident management and Ambient Assisted Living (eHealth). Interim results in terms of security requirements, privacy preserving authentication, and authorisation are reported
Some Directions beyond Traditional Quantum Secret Sharing
We investigate two directions beyond the traditional quantum secret sharing
(QSS). First, a restriction on QSS that comes from the no-cloning theorem is
that any pair of authorized sets in an access structure should overlap. From
the viewpoint of application, this places an unnatural constraint on secret
sharing. We present a generalization, called assisted QSS (AQSS), where access
structures without pairwise overlap of authorized sets is permissible, provided
some shares are withheld by the share dealer. We show that no more than
withheld shares are required, where is the minimum number
of {\em partially linked classes} among the authorized sets for the QSS. Our
result means that such applications of QSS need not be thwarted by the
no-cloning theorem. Secondly, we point out a way of combining the features of
QSS and quantum key distribution (QKD) for applications where a classical
information is shared by quantum means. We observe that in such case, it is
often possible to reduce the security proof of QSS to that of QKD.Comment: To appear in Physica Scripta, 7 pages, 1 figure, subsumes
arXiv:quant-ph/040720
Converses for Secret Key Agreement and Secure Computing
We consider information theoretic secret key agreement and secure function
computation by multiple parties observing correlated data, with access to an
interactive public communication channel. Our main result is an upper bound on
the secret key length, which is derived using a reduction of binary hypothesis
testing to multiparty secret key agreement. Building on this basic result, we
derive new converses for multiparty secret key agreement. Furthermore, we
derive converse results for the oblivious transfer problem and the bit
commitment problem by relating them to secret key agreement. Finally, we derive
a necessary condition for the feasibility of secure computation by trusted
parties that seek to compute a function of their collective data, using an
interactive public communication that by itself does not give away the value of
the function. In many cases, we strengthen and improve upon previously known
converse bounds. Our results are single-shot and use only the given joint
distribution of the correlated observations. For the case when the correlated
observations consist of independent and identically distributed (in time)
sequences, we derive strong versions of previously known converses
From usability to secure computing and back again
Secure multi-party computation (MPC) allows multiple parties
to jointly compute the output of a function while preserving
the privacy of any individual party’s inputs to that function.
As MPC protocols transition from research prototypes to realworld
applications, the usability of MPC-enabled applications
is increasingly critical to their successful deployment and
widespread adoption. Our Web-MPC platform, designed with
a focus on usability, has been deployed for privacy-preserving
data aggregation initiatives with the City of Boston and the
Greater Boston Chamber of Commerce. After building and
deploying an initial version of the platform, we conducted a
heuristic evaluation to identify usability improvements and
implemented corresponding application enhancements. However,
it is difficult to gauge the effectiveness of these changes
within the context of real-world deployments using traditional
web analytics tools without compromising the security guarantees
of the platform. This work consists of two contributions
that address this challenge: (1) the Web-MPC platform has
been extended with the capability to collect web analytics
using existing MPC protocols, and (2) as a test of this feature
and a way to inform future work, this capability has been
leveraged to conduct a usability study comparing the two versions
ofWeb-MPC. While many efforts have focused on ways
to enhance the usability of privacy-preserving technologies,
this study serves as a model for using a privacy-preserving
data-driven approach to evaluate and enhance the usability of
privacy-preserving websites and applications deployed in realworld
scenarios. Data collected in this study yields insights
into the relationship between usability and security; these can
help inform future implementations of MPC solutions.Published versio
- …