71 research outputs found
Burnable Pseudo-Identity: A Non-Binding Anonymous Identity Method for Ethereum
The concept of identity has become one common research topic in security and privacy where the real identity of users must be preserved, usually covered by pseudonym identifiers. With the rise of Blockchain-based systems, identities are becoming even more critical than before, mainly due to the immutability property. In fact, many publicly accessible Blockchain networks like Ethereum rely on pseudonymization as a method for identifying subject actions. Pseudonyms are often employed to maintain anonymity, but true anonymity requires unlinkability. Without this property, any attacker can examine the messages sent by a specific pseudonym and learn new information about the holder of this pseudonym. This use of Blockchain collides with regulations because of the right to be forgotten, and Blockchain-based solutions are ensuring that every data stored within the chain will not be modified. In this paper we define a method and a tool for dealing with digital identities within Blockchain environments that are compliant with regulations. The proposed method provides a way to grant digital pseudo identities unlinked to the real identity. This new method uses the benefits of key derivation systems to ensure a non-binding interaction between users and the information model associated with their identity. The proposed method is demonstated in the Ethereum context and illustrated with a case study.PoSeID-on is a project funded by the European Commission. This project has received funding from the European Unionâs Horizon 2020 program under Grant Agreement n⊠786713
Attribute-based encryption for cloud computing access control: A survey
National Research Foundation (NRF) Singapore; AXA Research Fun
Accountable privacy preserving attribute based framework for authenticated encrypted access in clouds
In this paper, we propose an accountable privacy
preserving attribute-based framework, called Ins-PAbAC, that
combines attribute based encryption and attribute based signature techniques for securely sharing outsourced data contents via
public cloud servers. The proposed framework presents several
advantages. First, it provides an encrypted access control feature,
enforced at the data ownerâs side, while providing the desired
expressiveness of access control policies. Second, Ins-PAbAC
preserves usersâ privacy, relying on an anonymous authentication
mechanism, derived from a privacy preserving attribute based
signature scheme that hides the usersâ identifying information.
Furthermore, our proposal introduces an accountable attribute
based signature that enables an inspection authority to reveal
the identity of the anonymously-authenticated user if needed.
Third, Ins-PAbAC is provably secure, as it is resistant to both
curious cloud providers and malicious users adversaries. Finally,
experimental results, built upon OpenStack Swift testbed, point
out the applicability of the proposed scheme in real world
scenarios
Accountable Authority Ciphertext-Policy Attribute-Based Encryption with White-Box Traceability and Public Auditing in the Cloud
As a sophisticated mechanism for secure fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) is a highly promising solution for commercial applications such as cloud computing. However, there still exists one major issue awaiting to be solved, that is, the prevention of key abuse. Most of the existing CP-ABE systems missed this critical functionality, hindering the wide utilization and commercial application of CP-ABE systems to date. In this paper, we address two practical problems about the key abuse of CP-ABE: (1) The key escrow problem of the semi-trusted authority; and, (2) The malicious key delegation problem of the users. For the semi-trusted authority, its misbehavior (i.e., illegal key (re-)distribution) should be caught and prosecuted. And for a user, his/her malicious behavior (i.e., illegal key sharing) need be traced. We affirmatively solve these two key abuse problems by proposing the first accountable authority CP-ABE with white-box traceability that supports policies expressed in any monotone access structures. Moreover, we provide an auditor to judge publicly whether a suspected user is guilty or is framed by the authority
Blockchain for Genomics:A Systematic Literature Review
Human genomic data carry unique information about an individual and offer
unprecedented opportunities for healthcare. The clinical interpretations
derived from large genomic datasets can greatly improve healthcare and pave the
way for personalized medicine. Sharing genomic datasets, however, pose major
challenges, as genomic data is different from traditional medical data,
indirectly revealing information about descendants and relatives of the data
owner and carrying valid information even after the owner passes away.
Therefore, stringent data ownership and control measures are required when
dealing with genomic data. In order to provide secure and accountable
infrastructure, blockchain technologies offer a promising alternative to
traditional distributed systems. Indeed, the research on blockchain-based
infrastructures tailored to genomics is on the rise. However, there is a lack
of a comprehensive literature review that summarizes the current
state-of-the-art methods in the applications of blockchain in genomics. In this
paper, we systematically look at the existing work both commercial and
academic, and discuss the major opportunities and challenges. Our study is
driven by five research questions that we aim to answer in our review. We also
present our projections of future research directions which we hope the
researchers interested in the area can benefit from
Blockchain for Genomics:A Systematic Literature Review
Human genomic data carry unique information about an individual and offer
unprecedented opportunities for healthcare. The clinical interpretations
derived from large genomic datasets can greatly improve healthcare and pave the
way for personalized medicine. Sharing genomic datasets, however, pose major
challenges, as genomic data is different from traditional medical data,
indirectly revealing information about descendants and relatives of the data
owner and carrying valid information even after the owner passes away.
Therefore, stringent data ownership and control measures are required when
dealing with genomic data. In order to provide secure and accountable
infrastructure, blockchain technologies offer a promising alternative to
traditional distributed systems. Indeed, the research on blockchain-based
infrastructures tailored to genomics is on the rise. However, there is a lack
of a comprehensive literature review that summarizes the current
state-of-the-art methods in the applications of blockchain in genomics. In this
paper, we systematically look at the existing work both commercial and
academic, and discuss the major opportunities and challenges. Our study is
driven by five research questions that we aim to answer in our review. We also
present our projections of future research directions which we hope the
researchers interested in the area can benefit from
Trusted systems of records based on Blockchain technology â a prototype for mileage storing in the automotive industry
Blockchain technology has the potential to bring transparency and trust to a multitude of use cases. Our research demonstrates that the technology can reduce asymmetric information in markets by bridging trust gaps. The combination of blockchain and Internet of Things technology that automatically collects sensor data, provides a feasible, decentralized technological solution for such an inefficient âMarket of Lemonsâ coined by nobel laureate Georg Akerlof. In this paper, we develop a system prototype to reduce mileage fraud on the used car markets. Our work demonstrates the feasibility of a trusted system of records for (vehicle) data such as mileage data using a distributed database based on the public Ethereum network and smart contracts. We have identified eight requirements that are fulfilled by the prototype and the functional logic and design of thesolution can be reproduced to any other application area characterized by a lack of trust between actors or by the absence of a trusted central authority. However, the developed prototype suffers from similar limitations and challenges as the technology itself. Low throughput causes limitations in scalability and transaction costs are unpredictable. Further development of the blockchain technology and considering more costâefficient consensus mechanisms will address these issues.TU Berlin, Open-Access-Mittel â 202
Using virtualisation to create a more secure online banking infrastructure
M.Sc. (Computer Science)Sim swop, Phishing, Zeus and SpyEye are all terms that may be found in articles concerning online banking fraud. Home users are unsure of how the configuration of their computers affects the risk profile for conducting online banking. Software installed by a home user on their computer may be malware designed to steal banking details. Customers expect banks to provide a safe online banking system. The challenge that banks have is that they cannot control the configuration that exists on a client operating system. The V-Bank system was designed to determine whether virtualisation can be used as a means to increase the security for online banking. The V-Bank system uses a virtual machine that is run from a guest that is single purpose, read-only and fulfils the configuration requirements that the bank has for a client system. The V-Bank system also utilises public and private key encryption for identification, authentication and authorisation mechanisms in the online banking system. The architecture of the V-Bank system defines online banking as an end-to-end system. It approaches online banking as a system that consists of three major components. The three major components is a client-side component, network and server-side environment. The V-Bank system gives banks the ability to provide customers with a system that is controlled from the client, through the network to the server. The V-Bank system demonstrates that virtualisation can be used to increase the security of online banking
- âŠ