Security Mechanisms for Workflows in Service-Oriented Architectures

Die Arbeit untersucht, wie sich Unterstützung für Sicherheit und Identitätsmanagement in ein Workflow-Management-System integrieren lässt. Basierend auf einer Anforderungsanalyse anhand eines Beispiels aus der beruflichen Weiterbildung und einem Abgleich mit dem Stand der Technik wird eine Architektur für die sichere Ausführung von Workflows und die Integration mit Identitätsmanagement-Systemen entwickelt, die neue Anwendungen mit verbesserter Sicherheit und Privatsphäre ermöglicht

Effective Privacy-Preserving Mechanisms for Vehicle-to-Everything Services

Owing to the advancement of wireless communication technologies, drivers can rely on smart connected vehicles to communicate with each other, roadside units, pedestrians, and remote service providers to enjoy a large amount of vehicle-to-everything (V2X) services, including navigation, parking, ride hailing, and car sharing. These V2X services provide different functions for bettering travel experiences, which have a bunch of benefits. In the real world, even without smart connected vehicles, drivers as users can utilize their smartphones and mobile applications to access V2X services and connect their smartphones to vehicles through some interfaces, e.g., IOS Carplay and Android Auto. In this way, they can still enjoy V2X services through modern car infotainment systems installed on vehicles. Most of the V2X services are data-centric and data-intensive, i.e., users have to upload personal data to a remote service provider, and the service provider can continuously collect a user's data and offer personalized services. However, the data acquired from users may include users' sensitive information, which may expose user privacy and cause serious consequences. To protect user privacy, a basic privacy-preserving mechanism, i.e, anonymization, can be applied in V2X services. Nevertheless, a big obstacle arises as well: user anonymization may affect V2X services' availability. As users become anonymous, users may behave selfishly and maliciously to break the functions of a V2X service without being detected and the service may become unavailable. In short, there exist a conflict between privacy and availability, which is caused by different requirements of users and service providers. In this thesis, we have identified three major conflicts between privacy and availability for V2X services: privacy vs. linkability, privacy vs. accountability, privacy vs. reliability, and then have proposed and designed three privacy-preserving mechanisms to resolve these conflicts. Firstly, the thesis investigates the conflict between privacy and linkability in an automated valet parking (AVP) service, where users can reserve a parking slot for their vehicles such that vehicles can achieve automated valet parking. As an optional privacy-preserving measure, users can choose to anonymize their identities when booking a parking slot for their vehicles. In this way, although user privacy is protected by anonymization, malicious users can repeatedly send parking reservation requests to a parking service provider to make the system unavailable (i.e., "Double-Reservation Attack"). Aiming at this conflict, a security model is given in the thesis to clearly define necessary privacy requirements and potential attacks in an AVP system, and then a privacy-preserving reservation scheme has been proposed based on BBS+ signature and zero-knowledge proof. In the proposed scheme, users can keep anonymous since users only utilize a one-time unlinkable token generated from his/her anonymous credential to achieve parking reservations. In the meantime, by utilizing proxy re-signature, the scheme can also guarantee that one user can only have one token at a time to resist against "Double-Reservation Attack". Secondly, the thesis investigates the conflict between privacy and accountability in a car sharing service, where users can conveniently rent a shared car without human intervention. One basic demand for car sharing service is to check the user's identity to determine his/her validity and enable the user to be accountable if he/she did improper behavior. If the service provider allows users to hide their identities and achieve anonymization to protect user privacy, naturally the car sharing service is unavailable. Aiming at this conflict, a decentralized, privacy-preserving, and accountable car sharing architecture has been proposed in the thesis, where multiple dynamic validation servers are employed to build decentralized trust for users. Under this architecture, the thesis proposes a privacy-preserving identity management scheme to assist in managing users' identities in a dynamic manner based on a verifiable secret sharing/redistribution technique, i.e. the validation servers who manage users' identities are dynamically changed with the time advancing. Moreover, the scheme enables a majority of dynamic validation servers to recover the misbehaving users' identities and guarantees that honest users' identities are confidential to achieve privacy preservation and accountability at the same time. Thirdly, the thesis investigates the conflict between privacy and reliability in a road condition monitoring service, where users can report road conditions to a monitoring service provider to help construct a live map based on crowdsourcing. Usually, a reputation-based mechanism is applied in the service to measure a user's reliability. However, this mechanism cannot be easily integrated with a privacy-preserving mechanism based on user anonymization. When users are anonymous, they can upload arbitrary reports to destroy the service quality and make the service unavailable. Aiming at this conflict, a privacy-preserving crowdsourcing-based road condition monitoring scheme has been proposed in the thesis. By leveraging homomorphic commitments and PS signature, the scheme supports anonymous user reputation management without the assistance of any third-party authority. Furthermore, the thesis proposes several zero-knowledge proof protocols to ensure that a user can keep anonymous and unlinkable but a monitoring service provider can still judge the reliability of this user's report through his/her reputation score. To sum up, with more attention being paid to privacy issues, how to protect user privacy for V2X services becomes more significant. The thesis proposes three effective privacy-preserving mechanisms for V2X services, which resolve the conflict between privacy and availability and can be conveniently integrated into current V2X applications since no trusted third party authority is required. The proposed approaches should be valuable for achieving practical privacy preservation in V2X services

DOWNSTREAM RESOURCE ALLOCATION IN DOCSIS 3.0 CHANNEL BONDED NETWORKS

Modern broadband internet access cable systems follow the Data Over Cable System Interface Specification (DOCSIS) for data transfer between the individual cable modem (CM) and the Internet. The newest version of DOCSIS, version 3.0, provides an abstraction referred to as bonding groups to help manage bandwidth and to increase bandwidth to each user beyond that available within a single 6MHz. television channel. Channel bonding allows more than one channel to be used by a CM to provide a virtual channel of much greater bandwidth. This combining of channels into bonding groups, especially when channels overlap between more than one bonding group, complicates the resource allocation problem within these networks. The goal of resource allocation in this research is twofold, to provide for fairness among users while at the same time making maximum possible utilization of the available system bandwidth. The problem of resource allocation in computer networks has been widely studied by the academic community. Past work has studied resource allocation in many network types, however application in a DOCSIS channel bonded network has not been explored. This research begins by first developing a definition of fairness in a channel bonded system. After providing a theoretical definition of fairness we implement simulations of different scheduling disciplines and evaluate their performance against this theoretical ideal. The complexity caused by overlapped channels requires even the simplest scheduling algorithms to be modified to work correctly. We then develop an algorithm to maximize the use of the available system bandwidth. The approach involves using competitive analysis techniques and an online algorithm to dynamically reassign flows among the available channels. Bandwidth usage and demand requests are monitored for bandwidth that is underutilized, and demand that is unsatisfied, and real time changes are made to the flow-to-channel mappings to improve the utilization of the total available bandwidth. The contribution of this research is to provide a working definition of fairness in a channel bonded environment, the implementation of several scheduling disciplines and evaluation of their adherence to that definition, and development of an algorithm to improve overall bandwidth utilization of the system

The ARTICONF approach to decentralized car-sharing

Social media applications are essential for next-generation connectivity. Today, social media are centralized platforms with a single proprietary organization controlling the network and posing critical trust and governance issues over the created and propagated content. The ARTICONF project funded by the European Union's Horizon 2020 program researches a decentralized social media platform based on a novel set of trustworthy, resilient and globally sustainable tools that address privacy, robustness and autonomy-related promises that proprietary social media platforms have failed to deliver so far. This paper presents the ARTICONF approach to a car-sharing decentralized application (DApp) use case, as a new collaborative peer-to-peer model providing an alternative solution to private car ownership. We describe a prototype implementation of the car-sharing social media DApp and illustrate through real snapshots how the different ARTICONF tools support it in a simulated scenario

Auditing in common computer environments; Auditing procedure study;

https://egrove.olemiss.edu/aicpa_guides/1039/thumbnail.jp

Capital markets, CDFIs, and organizational credit risk

Can Community Development Financial Institutions (CDFIs) get unlimited amounts of low cost, unsecured, short- and long-term funding from the capital markets based on their organizational credit risk? Can they get pricing, flexibility, and procedural parity with for-profit corporations of equivalent credit risk? One of the key objectives of this book is to explain the reasons why the answer to the two questions above remains “no.” The other two key objectives are to show the inner workings of what has been done to date to overcome the obstacles so that we don’t have to retrace the same steps and recommend additional disciplines that position CDFIs to take advantage of the mechanisms of the capital markets once the markets stabilize