Matrix powers algorithms for trust evaluation in PKI architectures

This paper deals with the evaluation of trust in public-key infrastructures. Different trust models have been proposed to interconnect the various PKI components in order to propagate the trust between them. In this paper we provide a new polynomial algorithm using linear algebra to assess trust relationships in a network using different trust evaluation schemes. The advantages are twofold: first the use of matrix computations instead of graph algorithms provides an optimized computational solution; second, our algorithm can be used for generic graphs, even in the presence of cycles. Our algorithm is designed to evaluate the trust using all existing (finite) trust paths between entities as a preliminary to any exchanges between PKIs. This can give a precise evaluation of trust, and accelerate for instance cross-certificate validation

Private Multi-party Matrix Multiplication and Trust Computations

This paper deals with distributed matrix multiplication. Each player owns only one row of both matrices and wishes to learn about one distinct row of the product matrix, without revealing its input to the other players. We first improve on a weighted average protocol, in order to securely compute a dot-product with a quadratic volume of communications and linear number of rounds. We also propose a protocol with five communication rounds, using a Paillier-like underlying homomorphic public key cryptosystem, which is secure in the semi-honest model or secure with high probability in the malicious adversary model. Using ProVerif, a cryptographic protocol verification tool, we are able to check the security of the protocol and provide a countermeasure for each attack found by the tool. We also give a randomization method to avoid collusion attacks. As an application, we show that this protocol enables a distributed and secure evaluation of trust relationships in a network, for a large class of trust evaluation schemes.Comment: Pierangela Samarati. SECRYPT 2016 : 13th International Conference on Security and Cryptography, Lisbonne, Portugal, 26--28 Juillet 2016. 201

Mitigating Intersection Attacks in Anonymous Microblogging

Anonymous microblogging systems are known to be vulnerable to intersection attacks due to network churn. An adversary that monitors all communications can leverage the churn to learn who is publishing what with increasing confidence over time. In this paper, we propose a protocol for mitigating intersection attacks in anonymous microblogging systems by grouping users into anonymity sets based on similarities in their publishing behavior. The protocol provides a configurable communication schedule for users in each set to manage the inevitable trade-off between latency and bandwidth overhead. In our evaluation, we use real-world datasets from two popular microblogging platforms, Twitter and Reddit, to simulate user publishing behavior. The results demonstrate that the protocol can protect users against intersection attacks at low bandwidth overhead when the users adhere to communication schedules. In addition, the protocol can sustain a slow degradation in the size of the anonymity set over time under various churn rates

Semantic discovery and reuse of business process patterns

Patterns currently play an important role in modern information systems (IS) development and their use has mainly been restricted to the design and implementation phases of the development lifecycle. Given the increasing significance of business modelling in IS development, patterns have the potential of providing a viable solution for promoting reusability of recurrent generalized models in the very early stages of development. As a statement of research-in-progress this paper focuses on business process patterns and proposes an initial methodological framework for the discovery and reuse of business process patterns within the IS development lifecycle. The framework borrows ideas from the domain engineering literature and proposes the use of semantics to drive both the discovery of patterns as well as their reuse

Interrogating archaeological ethics in conflict zones: cultural heritage work in Cyprus

Much affected by viewing the Yugoslav Wars’ ruins, I resolved to study archaeology in conflict. I wanted to explore archaeology’s role in conflict and archaeologists’ responsibilities in conflict zones; but unable to conduct such work in Kosova/Kosovo, I went to Cyprus. Drawing together professional documentation and public education, professional and community interactions and interviews, and cultural heritage site visits, I researched the destruction of community places, the looting of cultural heritage, and the coping strategies of archaeologists. The key questions of this thesis are: is it legal and ethical to conduct archaeological work in occupied and secessionist territories? How is public knowledge of cultural heritage looting and destruction constructed? What are cultural heritage professionals’ responsibilities for knowledge production during conflict? How ought cultural heritage professionals to combat the looting and illicit trading of antiquities? I have addressed these questions by concentrating upon cultural heritage workers’ narratives of looting and destruction from 1955 until the present in professional discussion and mass education. First, I argue that archaeologists have misinterpreted international law, and through boycotting and blacklisting of rescue archaeology in northern Cyprus, harmed both the profession and the cultural heritage. Second, I argue that cultural heritage workers have been unwillingly coopted, or actively complicit in the conflict, in the production of nationalist histories, and thus nationalist communities, therefore in the reproduction of nationalist conflict. Third, I argue that cultural heritage workers have knowingly contributed to the conflict and its destruction, through their nationalist policies on the paramilitary-dominated illicit antiquities trade. My conclusions are: that an ethical antiquities policy would cut funding to and thereby reduce conflict-fuelling extremist activity; and that, where they have the freedom to practice it, professional and ethical archaeologies of destruction would promote intracommunal and intercommunal peace