1,223 research outputs found
Privacy-Preserving Trust Management Mechanisms from Private Matching Schemes
Cryptographic primitives are essential for constructing privacy-preserving
communication mechanisms. There are situations in which two parties that do not
know each other need to exchange sensitive information on the Internet. Trust
management mechanisms make use of digital credentials and certificates in order
to establish trust among these strangers. We address the problem of choosing
which credentials are exchanged. During this process, each party should learn
no information about the preferences of the other party other than strictly
required for trust establishment. We present a method to reach an agreement on
the credentials to be exchanged that preserves the privacy of the parties. Our
method is based on secure two-party computation protocols for set intersection.
Namely, it is constructed from private matching schemes.Comment: The material in this paper will be presented in part at the 8th DPM
International Workshop on Data Privacy Management (DPM 2013
Constitution Writing and Conflict Resolution
constitutions, Commonwealth, democracy, governance
A Scalable Model for Secure Multiparty Authentication
Distributed system architectures such as cloud computing or the emergent
architectures of the Internet Of Things, present significant challenges for
security and privacy. Specifically, in a complex application there is a need to
securely delegate access control mechanisms to one or more parties, who in turn
can govern methods that enable multiple other parties to be authenticated in
relation to the services that they wish to consume. We identify shortcomings in
an existing proposal by Xu et al for multiparty authentication and evaluate a
novel model from Al-Aqrabi et al that has been designed specifically for
complex multiple security realm environments. The adoption of a Session
Authority Cloud ensures that resources for authentication requests are
scalable, whilst permitting the necessary architectural abstraction for myriad
hardware IoT devices such as actuators and sensor networks, etc. In addition,
the ability to ensure that session credentials are confirmed with the relevant
resource principles means that the essential rigour for multiparty
authentication is established
Algorithmic Mechanism Construction bridging Secure Multiparty Computation and Intelligent Reasoning
This work presents the construction of intelligent algorithmic mechanism based on multidimensional view of intelligent reasoning, threat analytics, cryptographic solutions and secure multiparty computation. It is basically an attempt of the cross fertilization of distributed AI, algorithmic game theory and cryptography. The mechanism evaluates innate and adaptive system immunity in terms of collective, machine, collaborative, business and security intelligence. It also shows the complexity analysis of the mechanism and experimental results on three test cases: (a) intrusion detection, (b) adaptively secure broadcast and (c) health security
Dynamic Multiparty Authentication of Data Analytics Services within Cloud Environments
Business analytics processes are often composed from orchestrated,
collaborating services, which are consumed by users from multiple cloud systems
(in different security realms), which need to be engaged dynamically at
runtime. If heterogeneous cloud systems located in different security realms do
not have direct authentication relationships, then it is a considerable
technical challenge to enable secure collaboration. In order to address this
security challenge, a new authentication framework is required to establish
trust amongst business analytics service instances and users by distributing a
common session secret to all participants of a session. We address this
challenge by designing and implementing a secure multiparty authentication
framework for dynamic interaction, for the scenario where members of different
security realms express a need to access orchestrated services. This novel
framework exploits the relationship of trust between session members in
different security realms, to enable a user to obtain security credentials that
access cloud resources in a remote realm. The mechanism assists cloud session
users to authenticate their session membership, thereby improving the
performance of authentication processes within multiparty sessions. We see
applicability of this framework beyond multiple cloud infrastructure, to that
of any scenario where multiple security realms has the potential to exist, such
as the emerging Internet of Things (IoT).Comment: Submitted to the 20th IEEE International Conference on High
Performance Computing and Communications 2018 (HPCC2018), 28-30 June 2018,
Exeter, U
A Collaborative Access Control Model for Shared Items in Online Social Networks
The recent emergence of online social networks (OSNs) has changed the communication behaviors of thousand of millions of users. OSNs have become significant platforms for connecting users, sharing information, and a valuable source of private and sensitive data about individuals. While OSNs insert constantly new social features to increase the interaction between users, they, unfortunately, offer primitive access control mechanisms that place the burden of privacy policy configuration solely on the holder who has shared data in her/his profile regardless of other associated users, who may have different privacy preferences. Therefore, current OSN privacy mechanisms violate the privacy of all stakeholders by giving one user full authority over another’s privacy settings, which is extremely ineffective. Based on such considerations, it is essential to develop an effective and flexible access control model for OSNs, accommodating the special administration requirements coming from multiple users having a variety of privacy policies over shared items.
In order to solve the identified problems, we begin by analyzing OSN scenarios where at least two users should be involved in the access control process. Afterward, we propose collaborative access control framework that enables multiple controllers of the shared item to collaboratively specify their privacy settings and to resolve the conflicts among co-controllers with different requirements and desires. We establish our conflict resolution strategy’s rules to achieve the desired equilibrium between the privacy of online users and the utility of sharing data in OSNs. We present a policy specification scheme for collaborative access control and authorization administration. Based on these considerations, we devise algorithms to achieve a collaborative access control policy over who can access or disseminate the shared item and who cannot. In our dissertation, we also present the implementation details of a proof-of-concept prototype of our approach to demonstrate the effectiveness of such an approach. With our approach, sharing and interconnection among users in OSNs will be promoted in a more trustworthy environment
Policy resolution of shared data in online social networks
Online social networks have practically a go-to source for information divulging, social exchanges and finding new friends. The popularity of such sites is so profound that they are widely used by people belonging to different age groups and various regions. Widespread use of such sites has given rise to privacy and security issues. This paper proposes a set of rules to be incorporated to safeguard the privacy policies of related users while sharing information and other forms of media online. The proposed access control network takes into account the content sensitivity and confidence level of the accessor to resolve the conflicting privacy policies of the co-owners
- …