7,646 research outputs found
PALPAS - PAsswordLess PAssword Synchronization
Tools that synchronize passwords over several user devices typically store
the encrypted passwords in a central online database. For encryption, a
low-entropy, password-based key is used. Such a database may be subject to
unauthorized access which can lead to the disclosure of all passwords by an
offline brute-force attack. In this paper, we present PALPAS, a secure and
user-friendly tool that synchronizes passwords between user devices without
storing information about them centrally. The idea of PALPAS is to generate a
password from a high entropy secret shared by all devices and a random salt
value for each service. Only the salt values are stored on a server but not the
secret. The salt enables the user devices to generate the same password but is
statistically independent of the password. In order for PALPAS to generate
passwords according to different password policies, we also present a mechanism
that automatically retrieves and processes the password requirements of
services. PALPAS users need to only memorize a single password and the setup of
PALPAS on a further device demands only a one-time transfer of few static data.Comment: An extended abstract of this work appears in the proceedings of ARES
201
Socially-Aware Distributed Hash Tables for Decentralized Online Social Networks
Many decentralized online social networks (DOSNs) have been proposed due to
an increase in awareness related to privacy and scalability issues in
centralized social networks. Such decentralized networks transfer processing
and storage functionalities from the service providers towards the end users.
DOSNs require individualistic implementation for services, (i.e., search,
information dissemination, storage, and publish/subscribe). However, many of
these services mostly perform social queries, where OSN users are interested in
accessing information of their friends. In our work, we design a socially-aware
distributed hash table (DHTs) for efficient implementation of DOSNs. In
particular, we propose a gossip-based algorithm to place users in a DHT, while
maximizing the social awareness among them. Through a set of experiments, we
show that our approach reduces the lookup latency by almost 30% and improves
the reliability of the communication by nearly 10% via trusted contacts.Comment: 10 pages, p2p 2015 conferenc
Security and Privacy Issues of Big Data
This chapter revises the most important aspects in how computing
infrastructures should be configured and intelligently managed to fulfill the
most notably security aspects required by Big Data applications. One of them is
privacy. It is a pertinent aspect to be addressed because users share more and
more personal data and content through their devices and computers to social
networks and public clouds. So, a secure framework to social networks is a very
hot topic research. This last topic is addressed in one of the two sections of
the current chapter with case studies. In addition, the traditional mechanisms
to support security such as firewalls and demilitarized zones are not suitable
to be applied in computing systems to support Big Data. SDN is an emergent
management solution that could become a convenient mechanism to implement
security in Big Data systems, as we show through a second case study at the end
of the chapter. This also discusses current relevant work and identifies open
issues.Comment: In book Handbook of Research on Trends and Future Directions in Big
Data and Web Intelligence, IGI Global, 201
- …