The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Secure multi-party computation allows mutually distrusting parties to compute securely over their private data. However, even in the semi-honest two-party setting, most interesting functions cannot be computed securely in the information-theoretic plain model. Intuitively, the objective of accurately evaluating the output of such functions is inherently inimical to the privacy concerns of the parties...
OAuth has become a widespread authorization protocol to allow inter-enterprise sharing of user preferences and data: a Consumer that wants access to a user's protected resources held by a Service Provider can use OAuth to ask for the user's authorization for access to these resources. However, it can be tedious for a Consumer to use OAuth as a way to organize user identities, since doing so requires...
In MANET, the cooperative authentication mechanism requires the cooperation of the neighbor nodes and significantly enhances the authentication probability. However, it exposes location privacy of neighbor nodes and is costly. How to balance the authentication and location privacy is a key issue. In this paper, we use game theory to analyze the behavior of neighbor nodes in cooperative authentication...
A formal analysis of a key management protocol, called LEAP (Localized Encryption and Authentication Protocol), intended for wireless sensor networks is presented in this paper. LEAP is modeled using the high level formal language HLSPL and checked using the AVISPA tool for attacks on the security and authenticity of the exchanges. We focus on the protocol's establishment of pairwise keys for nearest...
A formal analysis of a key management protocol, called LEAP (Localized Encryption and Authentication Protocol), intended for wireless sensor networks is presented in this paper. LEAP is modeled using the high level formal language HLSPL and checked using the AVISPA tool for attacks on the security and authenticity of the exchanges. We focus on the protocol's establishment of pairwise keys for nearest...
Communication privacy techniques that protect the locations of source sensor nodes and sink nodes have received significant attention recently. Several communication protocols that improve the capture time, which is the time it takes for an adversary to identify the location of the source, have been proposed and their effectiveness is analyzed using simulation models. A simple anonymous communication...
In this paper, we point out the deficiencies of the existing DAA schemes on member revocation, inter-domain attestation and Rudolph's attack prevention and present a new scheme called Enhanced Privacy Inter-domain Anonymity Attestation based on Peer-to-Peer Networks. We add a new party called Trusted Auditor (TA) and construct a TA level above the existing DAA scheme. Analysis shows that the proposed...
The difficulties of e-commerce protocol security are mainly reflected in two aspects: First, the industry has not yet come to a uniform conclusion for the requirements of the security properties of e-commerce, while new properties are continually proposed and updated. The second is the difficulty of the protocol design and verification. This paper makes a new explanation of the protection of individual's...
With the aim to preserve privacy over a communications network, a plethora of anonymous protocols have been proposed along with many empirical investigations into specific adversary attacks over those networks. However, few formal methods have been adequately developed and applied towards anonymous systems with the goal of modeling how an adversary reasons about anonymity. Indeed, many analyses assume...
Technology adoption analysis is one of the key exercises in managing technology innovation and diffusion. In this paper, we present a service platform for technology adoption analysis, with aim tailored to provide service provisioning to potential technology users and providers. With two service models provided in this platform, a practical privacy preserving framework is developed to help relieve...
RFID technology has become one of the most hotly debated ubiquitous computing technologies, and public fears of its alleged capability for comprehensive surveillance have prompted a flurry of research trying to alleviate such concerns. Security mechanisms for RFID systems are therefore of utmost important. In this paper, we describe problems of previous work on RFID security protocols and specify...
A recent privacy protocol for secure e-polls aims at ensuring the submitting individuals that the pollster will preserve the privacy of their submitted preferences. Otherwise the individuals can indict the pollster, provided that the pollster participates actively in this phase. The analysis of the protocol in a realistic threat model denounces that a malicious pollster that abuses the private preferences...
Internet users interact with multiple Web Service Providers (WSP), and therefore, must remember and manage multiple passwords. Users try to overcome the burden of password management by employing insecure solutions such as reusing the same password with several WSP. Identity management systems provide a solution for such problems. The common "assertion-based"' Identity Management systems...
Several vulnerability analysis techniques in web-based applications detect and report on different types of vulnerabilities. However, no single technique provides a generic technology-independent handling of Web-based vulnerabilities. In this paper we present our experience with and experimental exemplification of using the application vulnerability description language (AVDL) to realize a unified...
Information privacy typically concerns the confidentiality of personal identifiable information (PII) and protected health information (PHI) such as electronic medical records. Thus, the information access control mechanism for e-health services must be embedded with privacy-enhancing technologies. Role-based access control (RBAC) model has been widely investigated and applied to various applications...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.