9 research outputs found
Privacy Threats in E-Shopping (Position Paper)
The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-29883-2_14E-shopping has grown considerably in the last years, providing
customers with convenience, merchants with increased sales, and
financial entities with an additional source of income. However, it may
also be the source of serious threats to privacy. In this paper, we review
the e-shopping process, discussing attacks or threats that have been analyzed
in the literature for each of its stages. By showing that there exist
threats to privacy in each of them, we argue our following position: “It is
not enough to protect a single independent stage, as is usually done in
privacy respectful proposals in this context. Rather, a complete solution
is necessary spanning the overall process, dealing also with the required
interconnections between stages.” Our overview also reflects the diverse
types of information that e-shopping manages, and the benefits (e.g.,
such as loyalty programs and fraud prevention) that system providers
extract from them. This also endorses the need for solutions that, while
privacy preserving, do not limit or remove these benefits, if we want
prevent all the participating entities from rejecting it.This work was supported by project S2013/ICE-3095-CM (CIBERDINE) of the Comunidad de Madrid and MINECO TIN2010-19607, TIN2012-30883, TIN2014-54580-R. The work of Seung Geol Choi was supported in part by the Office of Naval Research under Grant Number N0001415WX01232. The work of Moti Yung was done in part while visiting the Simons Institute for Theory of Computing, UC Berkeley. The work of Jesus Diaz was done in part while visiting the Network Security Lab at Columbia University
Data Privacy Management, and Security Assurance. 10th International Workshop, DPM 2015, and 4th International Workshop, QASA 2015, Vienna, Austria, September 21–22, 2015. Revised Selected Papers
This book constitutes the revised selected papers of the 10th International Workshop on Data Privacy Management, DPM 2015, and the 4th International Workshop on Quantitative Aspects in Security Assurance, QASA 2015, held in Vienna, Austria, in September 2015, co-located with the 20th European Symposium on Research in Computer Security, ESORICS 2015.
In the DPM 2015 workshop edition, 39 submissions were received. In the end, 8 full papers, accompanied by 6 short papers, 2 position papers and 1 keynote were presented in this volume.
The QASA workshop series responds to the increasing demand for techniques to deal with quantitative aspects of security assurance at several levels of the development life-cycle of systems and services, from requirements elicitation to run-time operation and maintenance. QASA 2015 received 11 submissions, of which 4 papers are presented in this volume as well
Security by behavioural design: a rapid review
Security and Global AffairsCybersecurity en cybergovernanc
Fully Invisible Protean Signatures Schemes
Protean Signatures (PS), recently introduced by Krenn et al. (CANS \u2718), allow a semi-trusted third party, named the sanitizer, to modify a signed message in a controlled way.
The sanitizer can
edit signer-chosen parts to arbitrary bitstrings, while the sanitizer can also redact
admissible parts, which are also chosen by the signer. Thus, PSs generalize both redactable signature (RSS) and sanitizable signature (SSS)
into a single notion.
However, the current definition of invisibility does not prohibit that an outsider can decide which
parts of a message are redactable - only which parts can be edited are hidden. This negatively
impacts on the privacy guarantees provided by the state-of-the-art definition.
We extend PSs to be fully invisible.
This strengthened notion guarantees that an outsider can neither decide which parts of a message can be edited nor which
parts can be redacted. To achieve our goal, we introduce the new notions of Invisible RSSs and Invisible Non-Accountable SSSs (SSS\u27), along with a consolidated framework for aggregate signatures.
Using those building blocks, our resulting construction is significantly
more efficient than the original scheme by Krenn et al., which we demonstrate in a prototypical implementation
Policy-Based Sanitizable Signatures
Sanitizable signatures are a variant of signatures which allow a single, and signer-defined, sanitizer to modify signed messages in a controlled way without invalidating the respective signature. They turned out to be a versatile primitive, proven by different variants and extensions, e.g., allowing multiple sanitizers or adding
new sanitizers one-by-one. However, existing constructions are very restricted regarding their flexibility in specifying potential sanitizers.
We propose a different and more powerful approach: Instead of using sanitizers\u27 public keys directly,
we assign attributes to them. Sanitizing is then based on policies, i.e., access structures defined over attributes.
A sanitizer can sanitize, if, and only if, it holds a secret key to attributes satisfying the policy associated to a signature,
while offering full-scale accountability
Attacking and Defending Android Browsers
Android permission is a system of safeguards designed to restrict access to potentially sensitive data
and privileged components. While third-party applications are restricted from accessing privileged resources
without appropriate permissions, mobile browsers are treated by Android OS differently. Android mobile
browsers are the privileged applications that have access to sensitive data based on the permissions implicitly
granted to them.
In this research, we present a novel attack approach that allows a zero-permission app to access sensitive
data and privileged resources using mobile browsers as a proxy with the aid of toast overlay. We demonstrate
the effectiveness of our proxy attack on 8 mobile browsers across 12 Android devices ranging from Android 8.1
to Android 13. Our findings show that all current versions of Android mobile browsers are susceptible to this
attack. Despite Android touch prevention mechanisms for external apps, internal apps and those sharing the
same userID remain susceptible. Contrary to Android’s claims, devices continue to exhibit background toasts
opening an opportunity window for these overlay attacks and posing a threat to browser apps and webview
activities within the same app. We propose a detection approach that leverages a blend of static detection
and activity behavior analysis. Our detection approach enhances Android device security by addressing
overlay vulnerabilities and their potential impact on user privacy and data security. Overall, the findings of
this study highlight the need for improved security measures in Android browsers to protect against privilege
escalation and privacy leakag