20,056 research outputs found
Enhancing user's privacy : developing a model for managing and testing the lifecycle of consent and revocation
Increasingly, people turn to the Internet for access to services, which often require
disclosure of a significant amount of personal data. Networked technologies have
enabled an explosive growth in the collection, storage and processing of personal
information with notable commercial potential. However, there are asymmetries in
relation to how people are able to control their own information when handled by
enterprises. This raises significant privacy concerns and increases the risk of privacy
breaches, thus creating an imperative need for mechanisms offering information
control functionalities.
To address the lack of controls in online environments, this thesis focuses on
consent and revocation mechanisms to introduce a novel approach for controlling
the collection, usage and dissemination of personal data and managing privacy ex-
pectations. Drawing on an extensive multidisciplinary review on privacy and on
empirical data from focus groups, this research presents a mathematical logic as the
foundation for the management of consent and revocation controls in technological
systems.
More specifically, this work proposes a comprehensive conceptual model for con-
sent and revocation and introduces the notion of 'informed revocation'. Based on
this model, a Hoare-style logic is developed to capture the effects of expressing indi-
viduals' consent and revocation preferences. The logic is designed to support certain
desirable properties, defined as healthiness conditions. Proofs that these conditions
hold are provided with the use of Maude software. This mathematical logic is
then verified in three real-world case study applications with different consent and
revocation requirements for the management of employee data in a business envi-
ronment, medical data in a biobank and identity assurance in government services.
The results confirm the richness and the expressiveness of the logic. In addition, a
novel testing strategy underpinned by this logic is presented. This strategy is able
to generate testing suites for systems offering consent and revocation controls, such
as the EnCoRe system, where testing was carried out successfully and resulted in
identifying faults in the EnCoRe implementation
Design, modeling, and simulation of secure X.509 certificate revocation
TLS communication over the internet has risen rapidly in the last seven years (2015--2022), and there were over 156M active SSL certificates in 2022. The state-of-the-art Public Key Infrastructure (PKI), encompassing protocols, computational resources, and digital certificates, has evolved for 24 years to become the de-facto choice for encrypted communication over the Internet even on newer platforms such as mobile devices and Internet-of-Things (IoT) (despite being low powered with computational constraints). However, certificate revocation is one sub-protocol in TLS communication that fails to meet the rising scalability demands and remains open to exploitation. In this dissertation, the standard for X.509 revocation is systematically reviewed and critically evaluated to identify its limitations and assess their impact on internet security. Because of fragmented revocation information and limited scalability, even the latest version of the X.509 revocation standard is susceptible to Man-in-the-Middle (MiTM) attacks. Blockchain technology can provide a decentralized and peer-to-peer distributed ledger to enable a unified, tamper-proof platform for X.509 certificate authorities to collaborate securely in a trustless environment. To understand blockchain technology\u27s capabilities and limitations in distributing X.509 revocation information, different blockchain platforms are explored and compared in terms of scalability, degree of decentralization, and cost of operation. Moreover, the unification of the revocation lists leads to a massive expansion in the number of revoked certificates to query by a verifying client thus increasing the latency during revocation lookup. And, to minimize revocation-status lookup times, cryptographic constructions and approximate set-membership data structures are prototyped and analyzed. The key contributions of this dissertation are twofold: 1) the novel design of a secure and robust system for distributing X.509 certificate revocation information; and, 2) the prototype, experimentation, and optimization of cascading XOR filter, fuse filter, and cuckoo filter for quick lookup with zero false positives (and zero false negatives). The Secure Certificate Revocation as a Peer Service (SCRaaPS) is designed using the Lightweight Mining consensus algorithm-based Scrybe blockchain protocol to store and distribute certificate revocation lists. And, the cascading fuse filter (demonstrating the highest space efficiency and fastest build time) is applied to minimize the revocation lookup time with zero false positives
ABE-Cities: An attribute-based encryption system for smart cities
In the near future, a technological revolution will involve our cities, where a variety of smart services based on the Internet of Things will be developed to facilitate the needs of the citizens. Sensing devices are already being deployed in urban environments, and they will generate huge amounts of data. Such data are typically outsourced to some cloud storage because this lowers capital and operating expenses and guarantees high availability. However, cloud storage may have incentives to release stored data to unauthorized entities. In this work we present ABE-Cities, an encryption scheme for urban sensing which solves the above problems while ensuring fine-grained access control on data by means of Attribute-Based Encryption (ABE). Basically, ABE-Cities encrypts data before storing it in the cloud and provides users with keys able to decrypt only those portions of data the user is authorized to access. In ABE-Cities, the sensing devices perform only lightweight symmetric cryptography operations, thus they can also be resource-constrained. ABE-Cities provides planned expiration of keys, as well as their unplanned revocation. We propose methods to make the key revocation efficient, and we show by simulations the overall efficiency of ABE-Cities
On the Release of Crls in Public Key Infrastructure
Public key infrastructure provides a promising founda-tion for verifying the authenticity of communicating par-ties and transferring trust over the internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this aspect has con-centrated on the tradeoffs that can be made among dif-ferent revocation options. No rigorous efforts have been made to understand the probability distribution of certifi-cate revocation requests based on real empirical data. In this study, we first collect real empirical data from VeriSign and derive the probability function for certifi-cate revocation requests. We then prove that a revocation system will become stable after a period of time. Based on these, we show that different certificate authorities should take different strategies for releasing certificate revocation lists for different types of certificate services. We also provide the exact steps by which certificate au-thorities can derive optimal releasing strategies.
PKI Scalability Issues
This report surveys different PKI technologies such as PKIX and SPKI and the
issues of PKI that affect scalability. Much focus is spent on certificate
revocation methodologies and status verification systems such as CRLs,
Delta-CRLs, CRS, Certificate Revocation Trees, Windowed Certificate Revocation,
OCSP, SCVP and DVCS.Comment: 23 pages, 2 figure
PKI Safety Net (PKISN): Addressing the Too-Big-to-Be-Revoked Problem of the TLS Ecosystem
In a public-key infrastructure (PKI), clients must have an efficient and
secure way to determine whether a certificate was revoked (by an entity
considered as legitimate to do so), while preserving user privacy. A few
certification authorities (CAs) are currently responsible for the issuance of
the large majority of TLS certificates. These certificates are considered valid
only if the certificate of the issuing CA is also valid. The certificates of
these important CAs are effectively too big to be revoked, as revoking them
would result in massive collateral damage. To solve this problem, we redesign
the current revocation system with a novel approach that we call PKI Safety Net
(PKISN), which uses publicly accessible logs to store certificates (in the
spirit of Certificate Transparency) and revocations. The proposed system
extends existing mechanisms, which enables simple deployment. Moreover, we
present a complete implementation and evaluation of our scheme.Comment: IEEE EuroS&P 201
- …