7,969 research outputs found
I2PA : An Efficient ABC for IoT
Internet of Things (IoT) is very attractive because of its promises. However,
it brings many challenges, mainly issues about privacy preserving and
lightweight cryptography. Many schemes have been designed so far but none of
them simultaneously takes into account these aspects. In this paper, we propose
an efficient ABC scheme for IoT devices. We use ECC without pairing, blind
signing and zero knowledge proof. Our scheme supports block signing, selective
disclosure and randomization. It provides data minimization and transactions'
unlinkability. Our construction is efficient since smaller key size can be used
and computing time can be reduced. As a result, it is a suitable solution for
IoT devices characterized by three major constraints namely low energy power,
small storage capacity and low computing power
Privacy-Preserving Electronic Ticket Scheme with Attribute-based Credentials
Electronic tickets (e-tickets) are electronic versions of paper tickets,
which enable users to access intended services and improve services'
efficiency. However, privacy may be a concern of e-ticket users. In this paper,
a privacy-preserving electronic ticket scheme with attribute-based credentials
is proposed to protect users' privacy and facilitate ticketing based on a
user's attributes. Our proposed scheme makes the following contributions: (1)
users can buy different tickets from ticket sellers without releasing their
exact attributes; (2) two tickets of the same user cannot be linked; (3) a
ticket cannot be transferred to another user; (4) a ticket cannot be double
spent; (5) the security of the proposed scheme is formally proven and reduced
to well known (q-strong Diffie-Hellman) complexity assumption; (6) the scheme
has been implemented and its performance empirically evaluated. To the best of
our knowledge, our privacy-preserving attribute-based e-ticket scheme is the
first one providing these five features. Application areas of our scheme
include event or transport tickets where users must convince ticket sellers
that their attributes (e.g. age, profession, location) satisfy the ticket price
policies to buy discounted tickets. More generally, our scheme can be used in
any system where access to services is only dependent on a user's attributes
(or entitlements) but not their identities.Comment: 18pages, 6 figures, 2 table
A flexible architecture for privacy-aware trust management
In service-oriented systems a constellation of services cooperate, sharing potentially sensitive information and responsibilities. Cooperation is only possible if the different participants trust each other. As trust may depend on many different factors, in a flexible framework for Trust Management (TM) trust must be computed by combining different types of information. In this paper we describe the TAS3 TM framework which integrates independent TM systems into a single trust decision point. The TM framework supports intricate combinations whilst still remaining easily extensible. It also provides a unified trust evaluation interface to the (authorization framework of the) services. We demonstrate the flexibility of the approach by integrating three distinct TM paradigms: reputation-based TM, credential-based TM, and Key Performance Indicator TM. Finally, we discuss privacy concerns in TM systems and the directions to be taken for the definition of a privacy-friendly TM architecture.\u
Confidentiality-Preserving Publish/Subscribe: A Survey
Publish/subscribe (pub/sub) is an attractive communication paradigm for
large-scale distributed applications running across multiple administrative
domains. Pub/sub allows event-based information dissemination based on
constraints on the nature of the data rather than on pre-established
communication channels. It is a natural fit for deployment in untrusted
environments such as public clouds linking applications across multiple sites.
However, pub/sub in untrusted environments lead to major confidentiality
concerns stemming from the content-centric nature of the communications. This
survey classifies and analyzes different approaches to confidentiality
preservation for pub/sub, from applications of trust and access control models
to novel encryption techniques. It provides an overview of the current
challenges posed by confidentiality concerns and points to future research
directions in this promising field
Handling privacy and concurrency in an online educational evaluation system
Nowadays, all academic institutions exhibit and distribute their material over Internet. Moreover, e-learning and e-evaluation products is one of the most rapidly expanding areas of education and training, with nearly 30% of U.S. college and university students now taking at least one online course. However, Internet increases the vulnerability of digital educational content exploitation since it is a potential hostile environment for secure data management. The challenge is that providing current online educational tools that are accessible by a large number of users, these educational environments handle data of varying sensitivity thus it is increasingly important to reason about and enforce information privacy guarantees in the presence of concurrency. The present paper provides a privacy preserving approach in a concurrent online educational evaluation system. It introduces a privacy preserving approach for utilizing online concurrent evaluation of acquired student competencies that handles the increasingly complex issues of designing, developing and e-competence evaluation systems suitable for educational and e-learning environments. The proposed architecture for an online competence evaluation system offers access control and protect users' private data while, it provides concurrent procedures for evaluating competencies. © 2019 International Press of Boston, Inc. All rights reserved.European Commission, ECThis work has been partially supported by the “Implementation of Software Engineering Com-petence Remote Evaluation for Master Program Graduates (iSECRET)” project No 2015-1-LVo1-KA203-013439 funded by ERASMUS+ of the European Commission
Trust models in ubiquitous computing
We recapture some of the arguments for trust-based technologies in ubiquitous computing, followed by a brief survey of some of the models of trust that have been introduced in this respect. Based on this, we argue for the need of more formal and foundational trust models
Non-Disclosing Credential On-chaining for Blockchain-based Decentralized Applications
Many service systems rely on verifiable identity-related information of their
users. Manipulation and unwanted exposure of this privacy-relevant information,
however, must at the same time be prevented and avoided. Peer-to-peer
blockchain-based decentralization with a smart contract-based execution model
and verifiable off-chain computations leveraging zero-knowledge proofs promise
to provide the basis for next-generation, non-disclosing credential management
solutions. In this paper, we propose a novel credential on-chaining system that
ensures blockchain-based transparency while preserving pseudonymity. We present
a general model compliant to the W3C verifiable credential recommendation and
demonstrate how it can be applied to solve existing problems that require
computational identity-related attribute verification. Our zkSNARKs-based
reference implementation and evaluation show that, compared to related
approaches based on, e.g., CL-signatures, our approach provides significant
performance advantages and more flexible proof mechanisms, underpinning our
vision of increasingly decentralized, transparent, and trustworthy service
systems
- …