31 research outputs found

    Privacy-Preserving Electronic Ticket Scheme with Attribute-based Credentials

    Get PDF
    Electronic tickets (e-tickets) are electronic versions of paper tickets, which enable users to access intended services and improve services' efficiency. However, privacy may be a concern of e-ticket users. In this paper, a privacy-preserving electronic ticket scheme with attribute-based credentials is proposed to protect users' privacy and facilitate ticketing based on a user's attributes. Our proposed scheme makes the following contributions: (1) users can buy different tickets from ticket sellers without releasing their exact attributes; (2) two tickets of the same user cannot be linked; (3) a ticket cannot be transferred to another user; (4) a ticket cannot be double spent; (5) the security of the proposed scheme is formally proven and reduced to well known (q-strong Diffie-Hellman) complexity assumption; (6) the scheme has been implemented and its performance empirically evaluated. To the best of our knowledge, our privacy-preserving attribute-based e-ticket scheme is the first one providing these five features. Application areas of our scheme include event or transport tickets where users must convince ticket sellers that their attributes (e.g. age, profession, location) satisfy the ticket price policies to buy discounted tickets. More generally, our scheme can be used in any system where access to services is only dependent on a user's attributes (or entitlements) but not their identities.Comment: 18pages, 6 figures, 2 table

    Cryptographic protocols for privacy-aware and secure e-commerce

    Get PDF
    Aquesta tesi tracta sobre la investigació i el desenvolupament de tecnologies de millora de la privadesa per a proporcionar als consumidors de serveis de comerç electrònic el control sobre quanta informació privada volen compartir amb els proveïdors de serveis. Fem servir tecnologies existents, així com tecnologies desenvolupades durant aquesta tesi, per a protegir als usuaris de la recoleció excessiva de dades per part dels proveïdors de serveis en aplicacions específiques. En particular, fem servir un nou esquema de signatura digital amb llindar dinàmic i basat en la identitat per a implementar un mecanisme d'acreditació de la mida d'un grup d'usuaris, que només revela el nombre d'integrants del grup, per a implementar descomptes de grup. A continuació, fem servir una nova construcció basada en signatures cegues, proves de coneixement nul i tècniques de generalització per implementar un sistema de descomptes de fidelitat que protegeix la privadesa dels consumidors. Per últim, fem servir protocols de computació multipart per a implementar dos mecanismes d'autenticació implícita que no revelen informació privada de l'usuari al proveïdor de serveis.Esta tesis trata sobre la investigación y desarrollo de tecnologías de mejora de la privacidad para proporcionar a los consumidores de servicios de comercio electrónico el control sobre cuanta información privada quieren compartir con los proveedores de servicio. Utilizamos tecnologías existentes y desarrolladas en esta tesis para proteger a los usuarios de la recolección excesiva de datos por parte de los proveedores de servicio en aplicaciones especfíficas. En particular, utilizamos un nuevo esquema de firma digital basado en la identidad y con umbral dinámico para implementar un sistema de acreditación del tamaño de un grupo, que no desvela ninguna información de los miembros del grupo excepto el número de integrantes, para construir un sistema de descuentos de grupo. A continuación, utilizamos una nueva construcción basada en firmas ciegas, pruebas de conocimiento nulo y técnicas de generalización para implementar un sistema de descuentos de fidelidad que protege la privacidad de los consumidores. Por último, hacemos uso de protocolos de computación multiparte para implementar dos mecanismos de autenticación implícita que no revelan información privada del usuario al proveedor de servicios.This thesis is about the research and development of privacy enhancing techniques to empower consumers of electronic commerce services with the control on how much private information they want to share with the service providers. We make use of known and newly developed technologies to protect users against excessive data collection by service providers in specific applications. Namely, we use a novel identity-based dynamic threshold signature scheme and a novel key management scheme to implement a group size accreditation mechanism, that does not reveal anything about group members but the size of the group, to support group discounts. Next, we use a novel construction based on blind signatures, zero-knowledge proofs and generalization techniques to implement a privacy-preserving loyalty programs construction. Finally, we use multiparty computation protocols to implement implicit authentication mechanisms that do not disclose private information about the users to the service providers

    An identity- and trust-based computational model for privacy

    Get PDF
    The seemingly contradictory need and want of online users for information sharing and privacy has inspired this thesis work. The crux of the problem lies in the fact that a user has inadequate control over the flow (with whom information to be shared), boundary (acceptable usage), and persistence (duration of use) of their personal information. This thesis has built a privacy-preserving information sharing model using context, identity, and trust to manage the flow, boundary, and persistence of disclosed information. In this vein, privacy is viewed as context-dependent selective disclosures of information. This thesis presents the design, implementation, and analysis of a five-layer Identity and Trust based Model for Privacy (ITMP). Context, trust, and identity are the main building blocks of this model. The application layer identifies the counterparts, the purpose of communication, and the information being sought. The context layer determines the context of a communication episode through identifying the role of a partner and assessing the relationship with the partner. The trust layer combines partner and purpose information with the respective context information to determine the trustworthiness of a purpose and a partner. Given that the purpose and the partner have a known level of trustworthiness, the identity layer constructs a contextual partial identity from the user's complete identity. The presentation layer facilitates in disclosing a set of information that is a subset of the respective partial identity. It also attaches expiration (time-to-live) and usage (purpose-to-live) tags into each piece of information before disclosure. In this model, roles and relationships are used to adequately capture the notion of context to address privacy. A role is a set of activities assigned to an actor or expected of an actor to perform. For example, an actor in a learner role is expected to be involved in various learning activities, such as attending lectures, participating in a course discussion, appearing in exams, etc. A relationship involves related entities performing activities involving one another. Interactions between actors can be heavily influenced by roles. For example, in a learning-teaching relationship, both the learner and the teacher are expected to perform their respective roles. The nuances of activities warranted by each role are dictated by individual relationships. For example, two learners seeking help from an instructor are going to present themselves differently. In this model, trust is realized in two forms: trust in partners and trust of purposes. The first form of trust assesses the trustworthiness of a partner in a given context. For example, a stranger may be considered untrustworthy to be given a home phone number. The second form of trust determines the relevance or justification of a purpose for seeking data in a given context. For example, seeking/providing a social insurance number for the purpose of a membership in a student organization is inappropriate. A known and tested trustee can understandably be re-trusted or re-evaluated based on the personal experience of a trustor. In online settings, however, a software manifestation of a trusted persistent public actor, namely a guarantor, is required to help find a trustee, because we interact with a myriad of actors in a large number of contexts, often with no prior relationships. The ITMP model is instantiated as a suite of Role- and Relationship-based Identity and Reputation Management (RRIRM) features in iHelp, an e-learning environment in use at the University of Saskatchewan. This thesis presents the results of a two-phase (pilot and larger-scale) user study that illustrates the effectiveness of the RRIRM features and thus the ITMP model in enhancing privacy through identity and trust management in the iHelp Discussion Forum. This research contributes to the understanding of privacy problems along with other competing interests in the online world, as well as to the development of privacy-enhanced communications through understanding context, negotiating identity, and using trust

    Annual report of the officers of the town of Plymouth, N.H. year ending December 31, 1996 fiscal year ending June 30, 1996.

    Get PDF
    This is an annual report containing vital statistics for a town/city in the state of New Hampshire

    Modern Resignation to Postmodern Despair in Don Delillo’s ‘Cosmopolis’ and ‘Falling Man’

    Get PDF
    This article investigates how DeLillo depicts the impact of 9/11 in Cosmopolis and Falling Man through the antagonistic (intratextual) and oppositional (intertextual) connections between their characters, and then proves the importance of counter-narrative as a means to survive the encounter with communal and private tragedies. To this end, the articles provides a complementary analysis of DeLillo’s characterizations and stylistic choices in Cosmopolis and Falling Man, reading the novels through the lens of DeLillo’s essay “In the Ruins of the Future” (2001), Jean Baudrillard’s Simulacra and Simulation (1981) and “The Spirit of Terrorism” (2002), Jacques Derrida’s Writing and Difference (1967), Slavoj Žižek’s Welcome to the Desert of the Real (2002), and Søren Kierkegaard’s Either/Or (1843). While the two novels offer a Postmodern sublimation of the defining features and challenges of the post-9/11 lost sense of reality, I argue that Kierkegaard’s Modern philosophy is the key to a comprehensive reading of them, as it offers the theoretical ground for a metaphorical leap of faith that grants access to “a higher realm” of acceptance, overcoming the feeling of bewilderment and alienation in the aftermath of the late modern age

    Portland Daily Press: July 23,1883

    Get PDF
    https://digitalmaine.com/pdp_1883/1154/thumbnail.jp

    MYTHOGEOGRAPHIC PERFORMANCE AND PERFORMATIVE INTERVENTIONS IN SPACES OF HERITAGE-TOURISM

    Get PDF
    Abstract MYTHOGEOGRAPHIC PERFORMANCE AND PERFORMATIVE INTERVENTIONS IN SPACES OF HERITAGE-TOURISM by PHIL SMITH This thesis offers new models for participatory and performative interventions in sites of heritage tourism through a theorized practical engagement. Drawing on both Tourism Studies and Performance Studies, the primary aim of these interventions is to reveal and provoke ways of seeing and using these sites as places of multiple meanings rather than as ones constricted and bounded by normative heritage narratives in their production and management. The experimental phase of the project discussed in the thesis includes three contrasting case studies: GeoQuest, Sardine Street, and Water Walk. These are each analysed and evaluated through my development of a ‘mythogeographic’ framework that includes the performative techniques of layering, rhizomatic interweaving, the making of 'anywheres' and the self-mythologising of the activist. The thesis charts a trajectory through praxis, from developing models for ambulatory, signage-based and ‘mis-guided’ interventions to be undertaken by performance ‘specialists’, towards a dispersal of their tactics for use by heritage tourists in general. It thus describes a related change in the balance of the research methodology from ethnographic participant observation towards practice-as-research (PaR), the latter of which both generated and enacted knowledge and understanding. This PaR took the form of various visits and forays to and across heritage sites and landscape, and also the production of a ‘toolkit’ of handbook, pocketbook, website and online short films for the dispersal of tactics and a strategy that is eventually called ‘counter-tourism’. The thesis thus includes the publications A Sardine Street box of tricks, Counter-tourism: the handbook, Counter-tourism: a pocketbook and the DVD, Tactics for counter-tourism, as well as their fully theorized critical contextualisation. These represent a PaR enquiry that attempts to creatively express my research findings from productions made in the field through a popular form of writing and presentation that is capable of inspiring general, ‘non-specialist’ tourists to make their own performance interventions in heritage sites
    corecore