2 research outputs found
Anonymously Establishing Digital Provenance in Reseller Chains
An increasing number of products are exclusively digital items, such as media
files, licenses, services, or subscriptions. In many cases customers do not
purchase these items directly from the originator of the product but through a
reseller instead. Examples of some well known resellers include GoDaddy, the
iTunes music store, and Amazon.
This thesis considers the concept of provenance of digital items in reseller
chains. Provenance is defined as the origin and ownership history of an item. In
the context of digital items, the origin of the item refers to the supplier that created
it and the ownership history establishes a chain of ownership from the supplier to
the customer. While customers and suppliers are concerned with the provenance
of the digital items, resellers will not want the details of the transactions they have
taken part in made public. Resellers will require the provenance information to
be anonymous and unlinkable to prevent third parties building up large amounts
of information on the transactions of resellers. This thesis develops security
mechanisms that provide customers and suppliers with assurances about the
provenance of a digital item, even when the reseller is untrusted, while providing
anonymity and unlinkability for resellers .
The main contribution of this thesis is the design, development, and analysis
of the tagged transaction protocol. A formal description of the problem and
the security properties for anonymously providing provenance for digital items
in reseller chains are defined. A thorough security analysis using proofs by
contradiction shows the protocol fulfils the security requirements. This security
analysis is supported by modelling the protocol and security requirements
using Communicating Sequential Processes (CSP) and the Failures Divergences
Refinement (FDR) model checker. An extended version of the tagged transaction
protocol is also presented that provides revocable anonymity for resellers that
try to conduct a cloning attack on the protocol. As well as an analysis of the
security of the tagged transaction protocol, a performance analysis is conducted
providing complexity results as well as empirical results from an implementation
of the protocol
Fine-Grained Tracking of Grid Infections
Abstract—Previous distributed anomaly detection efforts have operated on summary statistics gathered from each node. This has the advantage that the audit trail is limited in size since event sets can be succinctly represented. While this minimizes the bandwidth consumed and helps scale the detection to a large number of nodes, it limits the infrastructure’s ability to identify the source of anomalies. We describe three optimizations that together allow fine-grained tracking of the sources of anomalous activity in a Grid, thereby facilitating precise responses. We demonstrate the scheme’s scalability in terms of storage and network bandwidth overhead with an implementation on nodes running BOINC. The results generalize to other types of Grids as well. Keywords-anomalies, correlation, filtration, lineage, monitoring, provenance, temporal, vaccinatio