2,366 research outputs found
Anonymous reputation based reservations in e-commerce (AMNESIC)
Online reservation systems have grown over the last recent
years to facilitate the purchase of goods and services. Generally,
reservation systems require that customers provide
some personal data to make a reservation effective. With
this data, service providers can check the consumer history
and decide if the user is trustable enough to get the reserve.
Although the reputation of a user is a good metric to implement
the access control of the system, providing personal
and sensitive data to the system presents high privacy risks,
since the interests of a user are totally known and tracked
by an external entity. In this paper we design an anonymous
reservation protocol that uses reputations to profile
the users and control their access to the offered services, but
at the same time it preserves their privacy not only from the
seller but the service provider
Secure and robust multi-constrained QoS aware routing algorithm for VANETs
Secure QoS routing algorithms are a fundamental part of wireless networks that aim to provide services with QoS and security guarantees. In Vehicular Ad hoc Networks (VANETs), vehicles perform routing functions, and at the same time act as end-systems thus routing control messages are transmitted unprotected over wireless channels. The QoS of the entire network could be degraded by an attack on the routing process, and manipulation of the routing control messages. In this paper, we propose a novel secure and reliable multi-constrained QoS aware routing algorithm for VANETs. We employ the Ant Colony Optimisation (ACO) technique to compute feasible routes in VANETs subject to multiple QoS constraints determined by the data traffic type. Moreover, we extend the VANET-oriented Evolving Graph (VoEG) model to perform plausibility checks on the exchanged routing control messages among vehicles. Simulation results show that the QoS can be guaranteed while applying security mechanisms to ensure a reliable and robust routing service
An evaluation framework for pre-distribution strategies of certificates in VANETs
Security and privacy in vehicular communication are expected to be ensured by the pervasive use of pseudonymous certificates and signed messages. The design and establishment of necessary public key infrastructure and hierarchies of cer- tificate authorities is ongoing in industry consortia, such as the Car-to-Car Communication Consortium. The privacy pre- serving dissemination of pseudonymous certificates is however still expected to be limited to single-hop exchanges between vehicles. This limitation to one-hop strategies might not be ideal, especially considering the importance of ensuring trustworthy stateless information exchange upon reception of the very first communication packets. We propose to investigate multi-hop pre- distribution strategies for certificates to significantly reduce this first encounter problem
Analyzing Attacks on Cooperative Adaptive Cruise Control (CACC)
Cooperative Adaptive Cruise Control (CACC) is one of the driving applications
of vehicular ad-hoc networks (VANETs) and promises to bring more efficient and
faster transportation through cooperative behavior between vehicles. In CACC,
vehicles exchange information, which is relied on to partially automate
driving; however, this reliance on cooperation requires resilience against
attacks and other forms of misbehavior. In this paper, we propose a rigorous
attacker model and an evaluation framework for this resilience by quantifying
the attack impact, providing the necessary tools to compare controller
resilience and attack effectiveness simultaneously. Although there are
significant differences between the resilience of the three analyzed
controllers, we show that each can be attacked effectively and easily through
either jamming or data injection. Our results suggest a combination of
misbehavior detection and resilient control algorithms with graceful
degradation are necessary ingredients for secure and safe platoons.Comment: 8 pages (author version), 5 Figures, Accepted at 2017 IEEE Vehicular
Networking Conference (VNC
Federated Identity Management Systems: A Privacy-based Characterization
Identity management systems store attributes associated with users and facilitate authorization on the basis of these attributes. A privacy-driven characterization of the principal design choices for identity management systems is given, and existing systems are fit into this framework. The taxonomy of design choices also can guide public policy relating to identity management, which is illustrated using the United States NSTIC initiative
Movement Leadership and Messaging Platforms in Preemptive Repressive Settings: Telegram and the Navalny Movement in Russia
People who lead anti-authoritarian digitally enabled movements face a leadership visibility dilemma—a necessity to balance security with publicity while mobilizing followers. The article asks how the reliance on instant messaging platforms (IMPs) to coordinate protest internally shapes the response to this dilemma revealed through internal movement organizing analysis. Our case study is social media protest mobilization by Alexei Navalny’s movement in Russia in 2017. We rely on semi-structured interviews and thematic analysis of communication on Telegram during this mobilization. We offer a theory of leadership in an IMP-organized anti-authoritarian movement. It suggests that the use of messaging platforms during social media protest mobilization enhances capacities for visibility management and polycentricity in such movements. It also fosters the emergence of a specific type of protest movement leader—or shadow anti-authoritarian leadership—that is collective, polycentric, and concealed
Introducing Accountability to Anonymity Networks
Many anonymous communication (AC) networks rely on routing traffic through
proxy nodes to obfuscate the originator of the traffic. Without an
accountability mechanism, exit proxy nodes risk sanctions by law enforcement if
users commit illegal actions through the AC network. We present BackRef, a
generic mechanism for AC networks that provides practical repudiation for the
proxy nodes by tracing back the selected outbound traffic to the predecessor
node (but not in the forward direction) through a cryptographically verifiable
chain. It also provides an option for full (or partial) traceability back to
the entry node or even to the corresponding user when all intermediate nodes
are cooperating. Moreover, to maintain a good balance between anonymity and
accountability, the protocol incorporates whitelist directories at exit proxy
nodes. BackRef offers improved deployability over the related work, and
introduces a novel concept of pseudonymous signatures that may be of
independent interest.
We exemplify the utility of BackRef by integrating it into the onion routing
(OR) protocol, and examine its deployability by considering several
system-level aspects. We also present the security definitions for the BackRef
system (namely, anonymity, backward traceability, no forward traceability, and
no false accusation) and conduct a formal security analysis of the OR protocol
with BackRef using ProVerif, an automated cryptographic protocol verifier,
establishing the aforementioned security properties against a strong
adversarial model
- …