Supporting telecom business processes by means of workflow management and federated databases

This report addresses the issues related to the use of workflow management\ud systems and federated databases to support business processes that operate on\ud large and heterogeneous collections of autonomous information systems. We\ud discuss how they can enhance the overall IT-architecture. Starting from the\ud OSCA architecture, we develop an architecture that includes workflow\ud management systems and federated databases. In this architecture, the notion of\ud information systems as a monolithic entity disappears. Instead, business\ud processes are supported directly by workflows that combine presentation\ud blocks, function blocks, and data blocks. We address the specific issues of\ud transaction management and change management in such an architecture

Using Element Clustering to Increase the Efficiency of XML Schema Matching

Schema matching attempts to discover semantic mappings between elements of two schemas. Elements are cross compared using various heuristics (e.g., name, data-type, and structure similarity). Seen from a broader perspective, the schema matching problem is a combinatorial problem with an exponential complexity. This makes the naive matching algorithms for large schemas prohibitively inefficient. In this paper we propose a clustering based technique for improving the efficiency of large scale schema matching. The technique inserts clustering as an intermediate step into existing schema matching algorithms. Clustering partitions schemas and reduces the overall matching load, and creates a possibility to trade between the efficiency and effectiveness. The technique can be used in addition to other optimization techniques. In the paper we describe the technique, validate the performance of one implementation of the technique, and open directions for future research

An Identity-Based Group Signature with Membership Revocation in the Standard Model

Group signatures allow group members to sign an arbitrary number\ud of messages on behalf of the group without revealing their\ud identity. Under certain circumstances the group manager holding a\ud tracing key can reveal the identity of the signer from the\ud signature. Practical group signature schemes should support\ud membership revocation where the revoked member loses the\ud capability to sign a message on behalf of the group without\ud influencing the other non-revoked members. A model known as\ud \emph{verifier-local revocation} supports membership revocation.\ud In this model the trusted revocation authority sends revocation\ud messages to the verifiers and there is no need for the trusted\ud revocation authority to contact non-revoked members to update\ud their secret keys. Previous constructions of verifier-local\ud revocation group signature schemes either have a security proof in the\ud random oracle model or are non-identity based. A security proof\ud in the random oracle model is only a heuristic proof and\ud non-identity-based group signature suffer from standard Public Key\ud Infrastructure (PKI) problems, i.e. the group public key is not\ud derived from the group identity and therefore has to be certified.\ud \ud \ud In this work we construct the first verifier-local revocation group\ud signature scheme which is identity-based and which has a security proof in the standard model. In\ud particular, we give a formal security model for the proposed\ud scheme and prove that the scheme has the\ud property of selfless-anonymity under the decision Linear (DLIN)\ud assumption and it is fully-traceable under the\ud Computation Diffie-Hellman (CDH) assumption. The proposed scheme is based on prime order bilinear\ud groups

A Diffie-Hellman based key management scheme for hierarchical access control

All organizations share data in a carefully managed fashion\ud by using access control mechanisms. We focus on enforcing access control by encrypting the data and managing the encryption keys. We make the realistic assumption that the structure of any organization is a hierarchy of security classes. Data from a certain security class can only be accessed by another security class, if it is higher or at the same level in the hierarchy. Otherwise access is denied. Our solution is based on the Die-Hellman key exchange protocol. We show, that the theoretical worst case performance of our solution is slightly better than that of all other existing solutions. We also show, that our performance in practical cases is linear in the size of the hierarchy, whereas the best results from the literature are quadratic

Dynamic User Role Assignment in Remote Access Control

The Role-Based Access Control (RBAC) model has been widely applied to a single domain in which users are known to the administrative unit of that domain, beforehand. However, the application of the conventional RBAC model for remote access control scenarios is not straightforward. In such scenarios, the access requestor is outside of the provider domain and thus, the user population is heterogeneous and dynamic. Here, the main challenge is to automatically assign users to appropriate roles of the provider domain. Trust management has been proposed as a supporting technique to solve the problem of remote access control. The key idea is to establish a mutual trust between the requestor and provider based on credentials they exchange. However, a credential doesn't convey any information about the behavior of its holder during the time it is being used. Furthermore, in terms of privileges granted to the requestor, existing trust management systems are either too restrictive or not restrictive enough. In this paper, we propose a new dynamic user-role assignment approach for remote access control, where a stranger requests for access from a provider domain. Our approach has two advantages compared to the existing dynamic user-role assignment techniques. Firstly, it addresses the principle of least privilege without degrading the efficiency of the access control system. Secondly, it takes into account both credentials and the past behavior of the requestor in such a way that he cannot compensate for the lack of necessary credentials by having a good past behavior

A Type-and-Identity-based Proxy Re-Encryption Scheme and its Application in Healthcare

Proxy re-encryption is a cryptographic primitive developed to delegate the decryption right from one party (the delegator) to another (the delegatee). In a proxy re-encryption scheme, the delegator assigns a key to a proxy to re-encrypt all messages encrypted with his public key such that the re-encrypted ciphertexts can be decrypted with the delegatee’s private key. We propose a type-and-identity-based proxy re-encryption scheme based on the Boneh-Franklin Identity Based Encryption (IBE) scheme. In our scheme, the delegator can categorize messages into different types and delegate the decryption right of each type to the delegatee through a proxy. Our scheme enables the delegator to provide the proxy fine-grained re-encryption capability. As an application, we propose a fine-grained Personal Health Record (PHR) disclosure scheme for healthcare service by applying the proposed scheme

Public-Key Encryption with Delegated Search

In public-key setting, Alice encrypts email with public key of Bob, so that only Bob will be able to learn contents of email. Consider scenario when computer of Alice is infected and unbeknown to Alice it also embeds malware into message. Bob's company, Carol, cannot scan his email for malicious content as it is encrypted so burden is on Bob to do scan. This is not efficient. We construct mechanism that enables Bob to provide trapdoors to Carol such that Carol, given encrypted data and malware signature, is able to check whether encrypted data contains malware signature, without decrypting it. We refer to this mechanism as Public-Key Encryption with Delegated Search SPKE.\ud \ud We formalize SPKE and give construction based on ElGamal public-key encryption (PKE). proposed scheme has ciphertexts which are both searchable and decryptable. This property of scheme is crucial since entity can search entire content of message, in contrast to existing searchable public-key encryption schemes where search is done only in metadata part. We prove in standard model that scheme is ciphertext indistinguishable and trapdoor indistinguishable under Symmetric External Diffie-Hellman (sxdh) assumption. We prove also ciphertext one-wayness of scheme under modified Computational Diffie-Hellman (mcdh) assumption. We show that our PKEDS scheme can be used in different applications such as detecting encrypted malwares and forwarding encrypted emails