Personal rights management (PRM) : enabling privacy rights in digital online media content

With ubiquitous use of digital camera devices, especially in mobile phones, privacy is no longer threatened by governments and companies only. The new technology creates a new threat by ordinary people, who now have the means to take and distribute pictures of one’s face at no risk and little cost in any situation in public and private spaces. Fast distribution via web based photo albums, online communities and web pages expose an individual’s private life to the public in unpreceeded ways. Social and legal measures are increasingly taken to deal with this problem. In practice however, they lack efficiency, as they are hard to enforce in practice. In this paper, we discuss a supportive infrastructure aiming for the distribution channel; as soon as the picture is publicly available, the exposed individual has a chance to find it and take proper action.Wir stellen ein System zur Wahrnehmung des Rechts am eigenen Bild bei der Veröffentlichung digitaler Fotos, zum Beispiel von Handykameras, im Internet vor. Zur Entdeckung der Veröffentlichung schlagen wir ein Watermarking-Verfahren vor, welches das Auffinden der Bilder durch die potentiell abgebildeten Personen ermöglicht, ohne die Rechte des Fotografen einzuschränken

Wendy, the Good Little Fairness Widget

The advent of decentralized trading markets introduces a number of new challenges for consensus protocols. In addition to the `usual' attacks -- a subset of the validators trying to prevent disagreement -- there is now the possibility of financial fraud, which can abuse properties not normally considered critical in consensus protocols. We investigate the issues of attackers manipulating or exploiting the order in which transactions are scheduled in the blockchain. More concretely, we look into relative order fairness, i.e., ways we can assure that the relative order of transactions is fair. We show that one of the more intuitive definitions of fairness is impossible to achieve. We then present Wendy, a group of low overhead protocols that can implement different concepts of fairness. Wendy acts as an additional widget for an existing blockchain, and is largely agnostic to the underlying blockchain and its security assumptions. Furthermore, it is possible to apply a the protocol only for a subset of the transactions, and thus run several independent fair markets on the same chain

Structural Weaknesses in the Open Smart Grid Protocol

The Open Smart Grid Protocol (OSGP) is currently deployed in various countries in large-scale Smart Metering projects. The protocol was developed by the OSGP Alliance and published as a standard by the European Telecommunications Standards Institute (ETSI). We identify several security issues in the OSG Protocol, primarily the use of a weak digest function and the way the protocol utilizes the RC4 algorithm for encryption. A straight-forward oracle attack triggers the leakage of key material of the digest function. We outline how an attacker can make use of the simple protocol structure to send maliciously altered messages with valid authentication tags to the meters

Effect of daptomycin and vancomycin on Staphylococcus epidermidis biofilms: An in vitro assessment using fluorescence in situ hybridization

Colonization of in-dwelling catheters by microbial biofilms is a major concern in patient health eventually leading to catheter-related blood stream infections. Biofilms are less susceptible to standard antibiotic therapies that are effective against planktonic bacteria. Standard procedure for the detection of microorganisms on the catheter tip is culture. However, viable but non-culturable cells (VBNCs) may be missed. The aim of this study was to evaluate the use of fluorescence in situ hybridization (FISH) as an indicator to visualize and quantify the effect of the antibiotics daptomycin and vancomycin on biofilms in situ. We established an in vitro catheter biofilm model of Staphylococcus epidermidis biofilms on polyurethane catheters. Biofilm activity was measured by FISH and correlated to colony forming units (CFU) data. Digital image analysis was used for quantification of total biofilm mass and the area of the FISH positive biofilm cells. FISH showed a pronounced effect of both antibiotics on the biofilms, with daptomycin having a significantly stronger effect in terms of both reduction of biofilm mass and number of FISH-positive cells. This supports the anti-biofilm capacity of daptomycin. Interestingly, neither antibiotic was able to eradicate all of the FISH-positive cells. In summary, FISH succeeded in visualization, quantification, and localization of antibiotic activity on biofilms. This technique adds a new tool to the arsenal of test systems for anti-biofilm compounds. FISH is a valuable complementary technique to CFU since it can be highly standardized and provides information on biofilm architecture and quantity and localization of survivor cells

Reducing Fair Exchange to Atomic Commit

The fair exchange problem is key to trading electronic items in systems of mutually untrusted parties.We consider modern variants of such systems where each party is equipped with a tamper proof security module. The security modules trust each other but can only communicate by exchanging messages through their host parties. These are untrusted and could intercept and drop those messages. We show that the fair exchange problem at the level of untrusted parties can be reduced to an atomic commit problem at the level of trusted security modules. This reduction o ers a new perspective with which fair exchange protocols can be designed. In particular, we present a new atomic commit protocol, called Monte Carlo NBAC, which helps build a new and practical fair exchange solution. The exchange does always terminate and no party commits the exchange with the wrong items. Furthermore, there is an upper bound on the the probability that the exchange ends up being unfair, and this bound is out of the control of the untrusted parties

Dumbo: Faster Asynchronous BFT Protocols

HoneyBadgerBFT, proposed by Miller et al. [32] as the first practical asynchronous atomic broadcast protocol, demonstrated impressive performance. The core of HoneyBadgerBFT (HB-BFT) is to achieve batching consensus using asynchronous common subset protocol (ACS) of Ben-Or et al., constituted with $n$ reliable broadcast protocol (RBC) to have each node propose its input, followed by $n$ asynchronous binary agreement protocol (ABA) to make a decision for each proposed value ($n$ is the total number of nodes). In this paper, we propose two new atomic broadcast protocols (called Dumbo1, Dumbo2) both of which have asymptotically and practically better efficiency. In particular, the ACS of Dumbo1 only runs a small $k$ (independent of $n$) instances of ABA, while that of Dumbo2 further reduces it to constant! At the core of our techniques are two major observations: (1) reducing the number of ABA instances significantly improves efficiency; and (2) using multi-valued validated Byzantine agreement (MVBA) which was considered sub-optimal for ACS in [32] in a more careful way could actually lead to a much more efficient ACS. We implement both Dumbo1, Dumbo2 and deploy them as well as HB-BFT on 100 Amazon EC2 t2.medium instances uniformly distributed throughout 10 different regions across the globe, and run extensive experiments in the same environments. The experimental results show that our protocols achieve multi-fold improvements over HoneyBadgerBFT on both latency and throughput, especially when the system scale becomes moderately large

Byzantine Fault Tolerance on General Hybrid Adversary Structures

Adversary structures are a generalization of the classical "at most t-out-of-n" threshold failure model which is used in many published Byzantinetolerant protocols. An adversary structure basically lists all coalitions of parties whose corruption the protocol should tolerate. Using adversary structures it is possible to encode dependent failure models, such as "either all Linux machines fail or all Windows machines but not both at the same time". We describe a general technique that allows to transform an algorithm designed for the threshold model into an algorithm that works for general adversary structures. Our technique is based on several (partly informal) rules which describe how the algorithm and its proof must be augmented so that general adversary structures can be tolerated. We demonstrate the applicability of our approach by transforming an asynchronous Byzantine-tolerant reliable broadcast protocol into one that tolerates Byzantine adversary structures. We also consider similar transformations for hybrid failures (combinations of di#erent fault models) and discuss ways to map adversary structures to the real world and manage them e#ciently