The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In this paper, we present an implementation of the FairPlay framework for secure two-party function computation on Android smartphones, which we call MobileFairPlay. Mobile-FairPlay allows high-level programming of several secure two-party protocols, including protocols for the Millionaire problem, set intersection, computation of Jaccard similarity coefficient, etc. All these functions are useful...
Many web applications employ session management to keep track of visitors' activities across pages and over periods of time. A session is a period of time linked to a visitor, which is initiated when he/she arrives at a web application and it ends when his/her browser is closed or after a certain time of inactivity. Attackers can hijack a user's session by exploiting session management vulnerabilities...
The aim of privacy-preserving data mining is to construct highly accurate predictive models while not disclosing privacy information. Aggregation functions, such as sum and count are often used to pre-process the data prior to applying data mining techniques to relational databases. Often, it is implicitly assumed that the aggregated (or summarized) data are less likely to lead to privacy violations...
When people choose to engage in an online activity, such as doing their banking online, or making a purchase through an online merchant, they are making a trust decision about the supplier and source of the website in question. It appears that a large majority of users commonly place their trust in most, if not all, websites they encounter, and this causes significant security problems. Any solutions...
In this paper we present an open multi-agent based Desktop Grid System that improves the performance of cooperative clients while decreasing the performance of non-cooperative clients as an incentive for good conduct. This is achieved by trust-based job client and worker algorithms that take into account the local and global history of the credibility and reliability experiences between agents, as...
One aspect of self-organizing systems is their desired ability to be self-learning, i.e., to be able to adapt dynamically to conditions in their environment. This quality is awkward especially if it comes to applications in security or safety-sensitive areas. Here a step towards more trustful systems could be taken by providing transparency of the processes of a system. An important means of giving...
Security issues in collaboration with emphasis on access management continue to be researched extensively as technology innovation allows us to collaborate in many different ways. However, this research delves into a different perspective of collaboration security where dynamic virtual teams are put together when a company A acquires company B. In this context company A brings together people, processes,...
Traditional security technologies are based on numerous assumptions about the environment in which systems are used. This includes assumptions about the enforcement of legislative and contractual frameworks, limitations of particular technologies and the constraints on human behaviour imposed by social and religious norms. Most of these assumptions, however, are implicit and they will fail when the...
We present a two-party secure information processing protocol referred to as SIPPA-2.0 - targeted towards privacy preserving biometric data comparison and reconstruction. The original intention of SIPPA as reported previously is to enable private data comparison and reconstruction between a client and a server when (a) the client possesses some data that are “sufficiently similar” to that of the server,...
In new generation social networks, we expect that the demand of tools allowing the user to effectively control privacy, without relying on the provider trustworthiness, will be more and more increasing. A lot of precious information is currently released by users with no privacy control whenever they evaluate resources, which, for example, is done in Facebook through the “Like Button”. A mechanism...
One of the main security concerns related to the cloud hosting and virtualization, is the lack of Trust in the infrastructure. This lack of trust is due to the absence of transparency concerning the data handling and storage conditions. There are no concrete technical guarantees that can convince a potential cloud customer that he is fully controlling his data. In this paper we propose a security...
We first review the notion of social secret sharing and its trust function. We then illustrate how this construction can be used in cloud computing to create a self-organizing environment. In fact, we show distributed secure systems using threshold secret sharing can be adjusted automatically based on the resource availability of the cloud providers. Accordingly, we propose a new trust function with...
We take a detailed look at how users, while focusing on non-permission tasks, notice and fix access-control permission errors depending on where the access-control policy is spatially located on a photo-sharing website. The access-control policy was placed on an online photo-sharing website under the photo or album, on the sidebar, or on a separate settings page. We find that placing the access-control...
The increasing need to share information in dynamic environments has created a requirement for risk-aware access control systems. In this paper, we present a metamodel for risk-aware authorization that captures the key aspects of a system in relation to risk mitigation. In particular, we develop various risk-aware models as instances of the metamodel that broadly differ in the form of risk mitigation...
Wiki systems form a subclass of the more general Open Collaborative Authoring Systems, where content is created and maintained by a user community. The ability of anyone to edit the content is, at the same time, their strength and their weakness. Anyone can write documents that improve the value of the wiki-system, but at the same time, anyone can also introduce errors into these documents, by accident...
Twitter is a popular micro-blogging website which allows users to post 140-character limit messages called tweets. We demonstrate a cheap and elegant solution - WhACKY! - to harness the multi-source information from tweets to link Twitter profiles across other external services. In particular, we exploit activity feed sharing patterns to map Twitter profiles to their corresponding external service...
For a long time PDF documents have arrived in the everyday life of the average computer user, corporate businesses and critical structures, as authorities and military. Due to its wide spread in general, and because out-of-date versions of PDF readers are quite common, using PDF documents has become a popular malware distribution strategy. In this context, malicious documents have useful features:...
Cloud computing has empowered the individual user by providing seemingly unlimited storage space and availability and accessibility of data anytime and anywhere. Cloud service providers are able to maximize data storage space by incorporating data deduplication into cloud storage. Although data deduplication removes data redundancy and data replication, it also introduces major data privacy and security...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.