186 research outputs found
Mandatory Enforcement of Privacy Policies using Trusted Computing Principles
Modern communication systems and information technology create significant new threats to information privacy. In this paper, we discuss the need for proper privacy protection in cooperative intelligent transportation systems (cITS), one instance of such systems. We outline general principles for data protection and their legal basis and argue why pure legal protection is insufficient. Strong privacy-enhancing technologies need to be deployed in cITS to protect user data while it is generated and processed. As data minimization cannot always prevent the need for disclosing relevant personal information, we introduce the new concept of mandatory enforcement of privacy policies. This concept empowers users and data subjects to tightly couple their data with privacy policies and rely on the system to impose such policies onto any data processors. We also describe the PRECIOSA Privacy-enforcing Runtime Architecture that exemplifies our approach. Moreover, we show how an application can utilize this architecture by applying it to a pay as you drive (PAYD) car insurance scenario
On the Potential of Generic Modeling for VANET Data Aggregation Protocols
In-network data aggregation is a promising communication mechanism to reduce bandwidth requirements of applications in vehicular ad-hoc networks (VANETs). Many aggregation schemes have been proposed, often with varying features. Most aggregation schemes are tailored to specific application scenarios and for specific aggregation operations. Comparative evaluation of different aggregation schemes is therefore difficult. An application centric view of aggregation does also not tap into the potential of cross application aggregation. Generic modeling may help to unlock this potential. We outline a generic modeling approach to enable improved comparability of aggregation schemes and facilitate joint optimization for different applications of aggregation schemes for VANETs. This work outlines the requirements and general concept of a generic modeling approach and identifies open challenges
ACM WiSec 2011 Poster and Demo Session
This edited article of MC2R features abstracts of posters and demos that were shown at the ACM Wireless Security Conference (ACM WiSec 2011)
Analyzing Attacks on Cooperative Adaptive Cruise Control (CACC)
Cooperative Adaptive Cruise Control (CACC) is one of the driving applications
of vehicular ad-hoc networks (VANETs) and promises to bring more efficient and
faster transportation through cooperative behavior between vehicles. In CACC,
vehicles exchange information, which is relied on to partially automate
driving; however, this reliance on cooperation requires resilience against
attacks and other forms of misbehavior. In this paper, we propose a rigorous
attacker model and an evaluation framework for this resilience by quantifying
the attack impact, providing the necessary tools to compare controller
resilience and attack effectiveness simultaneously. Although there are
significant differences between the resilience of the three analyzed
controllers, we show that each can be attacked effectively and easily through
either jamming or data injection. Our results suggest a combination of
misbehavior detection and resilient control algorithms with graceful
degradation are necessary ingredients for secure and safe platoons.Comment: 8 pages (author version), 5 Figures, Accepted at 2017 IEEE Vehicular
Networking Conference (VNC
Evaluation of the Deployment Status of RPKI and Route Filtering
The Border Gateway Protocol (BGP) is an essential infrastructure element, often termed “the glue that keeps the Internet together”. Even in its current version 4 , BGP misses essential security mechanisms that would allow to validate routing information distributed through BGP in terms of its authenticity and integrity. While mechanisms like BGPsec have been proposed many years ago, so far they have not found widespread adoption and many experts believe they never will due to their inherent complexity.
To ensure a minimal level of protection, most Internet service providers (ISPs) rely on heuristic filtering of routing information advertised from neighboring autonomous systems (AS). One approach is called Path Origin Validation where an ISP tries to verify whether the AS advertising a certain IP prefix is actually the legitimate owner of this prefix
A Flexible Network Approach to Privacy of Blockchain Transactions
For preserving privacy, blockchains can be equipped with dedicated mechanisms
to anonymize participants. However, these mechanism often take only the
abstraction layer of blockchains into account whereas observations of the
underlying network traffic can reveal the originator of a transaction request.
Previous solutions either provide topological privacy that can be broken by
attackers controlling a large number of nodes, or offer strong and
cryptographic privacy but are inefficient up to practical unusability. Further,
there is no flexible way to trade privacy against efficiency to adjust to
practical needs. We propose a novel approach that combines existing mechanisms
to have quantifiable and adjustable cryptographic privacy which is further
improved by augmented statistical measures that prevent frequent attacks with
lower resources. This approach achieves flexibility for privacy and efficency
requirements of different blockchain use cases.Comment: 6 pages, 2018 IEEE 38th International Conference on Distributed
Computing Systems (ICDCS
- …