发布求助
文献互助 智能选刊 最新文献

2008 Sixth Annual Conference on Privacy, Security and Trust最新文献

筛选
英文 中文
Towards Privacy Taxonomy-Based Attack Tree Analysis for the Protection of Consumer Information Privacy 基于隐私分类法的消费者信息隐私保护攻击树分析
2008 Sixth Annual Conference on Privacy, Security and Trust Pub Date : 2008-10-01 DOI: 10.1109/PST.2008.18
K. Reddy, H. Venter, M. Olivier, I. Currie
{"title":"Towards Privacy Taxonomy-Based Attack Tree Analysis for the Protection of Consumer Information Privacy","authors":"K. Reddy, H. Venter, M. Olivier, I. Currie","doi":"10.1109/PST.2008.18","DOIUrl":"https://doi.org/10.1109/PST.2008.18","url":null,"abstract":"There is a strong legal and ethical imperative for organisations to protect consumer information privacy. In this paper we present a method called privacy taxonomy-based attack tree analysis (PTATA). PTATA involves the combination of privacy violation taxonomies and attack trees. It assists organisations in protecting information privacy by providing a means to analyze weaknesses in their protective measures. We define privacy violation taxonomies, as well as review attack trees, and illustrate the practical implementation of PTATA through example scenarios. The advantages and drawbacks to our method are also discussed. The paper ends with future research which may build on this work.","PeriodicalId":422934,"journal":{"name":"2008 Sixth Annual Conference on Privacy, Security and Trust","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117159738","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
CCTB: Context Correlation for Trust Bootstrapping in Pervasive Environment CCTB:普适环境下信任引导的上下文相关性
2008 Sixth Annual Conference on Privacy, Security and Trust Pub Date : 2008-10-01 DOI: 10.1109/PST.2008.19
Sheikh Iqbal Ahamed, Mehrab Monjur, M. S. Islam
{"title":"CCTB: Context Correlation for Trust Bootstrapping in Pervasive Environment","authors":"Sheikh Iqbal Ahamed, Mehrab Monjur, M. S. Islam","doi":"10.1109/PST.2008.19","DOIUrl":"https://doi.org/10.1109/PST.2008.19","url":null,"abstract":"Handheld devices in a pervasive computing environment are prone to security as well as privacy violations, while discovering, sharing and accessing services and contents. Trust models are devised to fight against such violations and breaches. Although initial trust assignment is an important issue in evolving overall trust, a little amount of work has been done in this field so far. In pervasive smart space, similar type of contexts exhibits significant correlations to each other. However, this fact is not taken into consideration while computing the initial trust values. In this paper, we describe a new mechanism to assign initial trust: CCTB (Context Correlation for Trust Bootstrapping), which takes advantage of the presence of correlations among different contexts in a context-ontology. We evaluate the effectiveness of CCTB by simulating in two different scenarios. We show that CCTB offers better initial trust values than the other models considered here. We also implement a prototype for performance measurement using .NET Compact Framework.","PeriodicalId":422934,"journal":{"name":"2008 Sixth Annual Conference on Privacy, Security and Trust","volume":"601 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132755862","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Cross-Language Weaving Approach Targeting Software Security Hardening 面向软件安全加固的跨语言编织方法
2008 Sixth Annual Conference on Privacy, Security and Trust Pub Date : 2008-10-01 DOI: 10.1109/PST.2008.22
A. Mourad, D. Alhadidi, M. Debbabi
{"title":"Cross-Language Weaving Approach Targeting Software Security Hardening","authors":"A. Mourad, D. Alhadidi, M. Debbabi","doi":"10.1109/PST.2008.22","DOIUrl":"https://doi.org/10.1109/PST.2008.22","url":null,"abstract":"In this paper, we propose an approach for systematic security hardening of software based on aspect-oriented programming and Gimple language. We also present the first steps towards a formal specification for Gimple weaving together with the implementation methodology of the proposed weaving semantics. The primary contribution of this approach is providing the software architects with the capabilities to perform systematic security hardening by applying well-defined solutions and without the need to have expertise in the security solution domain. We explore the viability of our propositions by realizing the weaving semantics for Gimple by implementing it into the GCC compiler and applying our methodologies for systematic security hardening to develop a case study for securing the connections of client applications together with experimental results.","PeriodicalId":422934,"journal":{"name":"2008 Sixth Annual Conference on Privacy, Security and Trust","volume":"292 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117337428","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Unlinkable Communication 不可链接通信
2008 Sixth Annual Conference on Privacy, Security and Trust Pub Date : 2008-10-01 DOI: 10.1109/PST.2008.8
Volker Fusenig, Eugen Staab, U. Sorger, T. Engel
{"title":"Unlinkable Communication","authors":"Volker Fusenig, Eugen Staab, U. Sorger, T. Engel","doi":"10.1109/PST.2008.8","DOIUrl":"https://doi.org/10.1109/PST.2008.8","url":null,"abstract":"In this paper we present a protocol for unlinkable communication, i.e. where an attacker cannot map the sender and receiver node of a communication. Existing anonymity protocols either do not guarantee unlinkability (e.g. Tor and Mix networks), or produce huge overhead -- the dining cryptographers network causes quadratic number of messages. Our protocol needs only a linear number of messages while it still guarantees unlinkability. We introduce a measure of unlinkability and show that our protocol offers the highest possible degree of unlinkability. We show how to use the protocol in practice by adapting it to Internet and ad hoc communication.","PeriodicalId":422934,"journal":{"name":"2008 Sixth Annual Conference on Privacy, Security and Trust","volume":"123 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115613082","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
IT Security and Privacy Issues in Global Financial Services Institutions: Do Socio-Economic and Cultural Factors Matter? 全球金融服务机构的信息技术安全和隐私问题:社会经济和文化因素重要吗?
2008 Sixth Annual Conference on Privacy, Security and Trust Pub Date : 2008-10-01 DOI: 10.1109/PST.2008.24
P. Ifinedo
{"title":"IT Security and Privacy Issues in Global Financial Services Institutions: Do Socio-Economic and Cultural Factors Matter?","authors":"P. Ifinedo","doi":"10.1109/PST.2008.24","DOIUrl":"https://doi.org/10.1109/PST.2008.24","url":null,"abstract":"Financial services institutions (FSIs) around the globe know they must proactively work toward protecting customer data and thwarting emerging security threats. Deloitte Touche Tohmatsu (DTT), an international firm that provides audit, consulting, and financial advisory services has used its networks and reach to investigate security and privacy issues in FSIs around the world. DTTpsilas first survey appeared in 2003 and four others have followed since then. This present article draws from last survey. Given that the literature has shown that socio-economic and cultural factors are important considerations for organizations when accepting innovations and new practices. This study was designed to provide a layer of understanding not seen in the DTTpsilas study by examining whether socio-economic and cultural indicators matter in how IT security and privacy issues are being perceived in global FSIs. Two relevant hypotheses were developed to test our assertions. The main finding of the study was that such contextual factors may not be sufficient in differentiating how global FISs view or respond to key IT security and privacy issues. However, our study found one item related to security awareness training for FISspsila employees to vary significantly across the surveyed regions when the gross domestic product (GDP per capita) variable was used in the analysis. It is hoped that our studypsilas findings and conclusion will be beneficial to practitioners and researchers.","PeriodicalId":422934,"journal":{"name":"2008 Sixth Annual Conference on Privacy, Security and Trust","volume":"93 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122559838","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Model-Checking for Software Vulnerabilities Detection with Multi-Language Support 多语言支持下软件漏洞检测的模型检验
2008 Sixth Annual Conference on Privacy, Security and Trust Pub Date : 2008-10-01 DOI: 10.1109/PST.2008.21
Rachid Hadjidj, Xiaochun Yang, Syrine Tlili, M. Debbabi
{"title":"Model-Checking for Software Vulnerabilities Detection with Multi-Language Support","authors":"Rachid Hadjidj, Xiaochun Yang, Syrine Tlili, M. Debbabi","doi":"10.1109/PST.2008.21","DOIUrl":"https://doi.org/10.1109/PST.2008.21","url":null,"abstract":"In this paper we develop a security verification framework for open source software with a multi-language support. We base our approach on the GCC compiler which is considered as the defacto open source compiler for several languages including C, C++, JAVA, ADA, FORTRAN,etc. To achieve our goal we use a conventional push down system model-checker for reachability properties, and turn it into a fully-fledged verification tool for both low and high level software security properties. We also allow programmers to define a wide range of temporal security properties using an automata-based specification approach. As a result, our approach can model-check large scale software against system-specific security properties.","PeriodicalId":422934,"journal":{"name":"2008 Sixth Annual Conference on Privacy, Security and Trust","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116449154","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
A Detailed Comparison of Probabilistic Approaches for Coping with Unfair Ratings in Trust and Reputation Systems 在信任和声誉系统中处理不公平评级的概率方法的详细比较
2008 Sixth Annual Conference on Privacy, Security and Trust Pub Date : 2008-10-01 DOI: 10.1109/PST.2008.16
Jie Zhang, M. Sensoy, R. Cohen
{"title":"A Detailed Comparison of Probabilistic Approaches for Coping with Unfair Ratings in Trust and Reputation Systems","authors":"Jie Zhang, M. Sensoy, R. Cohen","doi":"10.1109/PST.2008.16","DOIUrl":"https://doi.org/10.1109/PST.2008.16","url":null,"abstract":"The unfair rating problem exists when a buying agent models the trustworthiness of selling agents by also relying on ratings of the sellers from other buyers. Different probabilistic approaches have been proposed to cope with this issue. In this paper, we first summarize these approaches and provide a detailed categorization of them. This includes our own \"personalized\" approach for addressing this problem. Based on the implication of such analysis, we then focus on experimental comparison of our approach with two key models in a framework that simulates a dynamic electronic marketplace environment. We specifically examine different scenarios, including ones where the majority of buyers are dishonest, buyers lack personal experience with sellers, sellers may vary their behavior, and buyers may provide a large number of ratings. Our study provides the basis for deciding which approach is most appropriate to employ, in which scenario.","PeriodicalId":422934,"journal":{"name":"2008 Sixth Annual Conference on Privacy, Security and Trust","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130933520","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Investigating Two Different Approaches for Encrypted Traffic Classification 研究两种不同的加密流量分类方法
2008 Sixth Annual Conference on Privacy, Security and Trust Pub Date : 2008-10-01 DOI: 10.1109/PST.2008.15
Riyad Alshammari, A. Zincir-Heywood
{"title":"Investigating Two Different Approaches for Encrypted Traffic Classification","authors":"Riyad Alshammari, A. Zincir-Heywood","doi":"10.1109/PST.2008.15","DOIUrl":"https://doi.org/10.1109/PST.2008.15","url":null,"abstract":"The basic objective of this work is to compare the utility of an expert driven system and a data driven system for classifying encrypted network traffic, specifically SSH traffic from traffic log files. Pre-processing is applied to the traffic data to represent as traffic flows. Results show that the data driven system approach outperforms the expert driven system approach in terms of high detection and low false positive rates.","PeriodicalId":422934,"journal":{"name":"2008 Sixth Annual Conference on Privacy, Security and Trust","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122674322","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 57
An Effective Defense against Intrusive Web Advertising 对侵入性网络广告的有效防御
2008 Sixth Annual Conference on Privacy, Security and Trust Pub Date : 2008-10-01 DOI: 10.1109/PST.2008.10
V. Krammer
{"title":"An Effective Defense against Intrusive Web Advertising","authors":"V. Krammer","doi":"10.1109/PST.2008.10","DOIUrl":"https://doi.org/10.1109/PST.2008.10","url":null,"abstract":"Intrusive Web advertising such as pop-ups and animated layer ads, which distract the user from reading or navigating through the main content of Web pages, is being perceived as annoying by an increasing number of users. As a response to the growing amount of extraneous content on today's Web and due to the lack of regulations imposed on abusive advertisers the author discusses the pros and cons of ad blocking, explores the different types of Web advertisements currently available and presents Quero, a novel Web browser-based content filter which implements a rule-based classifier that exploits, for example, hints present in the URL in order to classify objects as ads. Additionally, the author conducts a Web study to characterize online ads and measure the effectiveness of his solution against a manual classification. As a result, it is shown that a surprisingly small number of rules is sufficient to block almost all ads on the Web.","PeriodicalId":422934,"journal":{"name":"2008 Sixth Annual Conference on Privacy, Security and Trust","volume":"96 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129037102","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 35
Utility of Knowledge Extracted from Unsanitized Data when Applied to Sanitized Data 从未清理数据中提取的知识在应用于清理数据时的效用
2008 Sixth Annual Conference on Privacy, Security and Trust Pub Date : 2008-10-01 DOI: 10.1109/PST.2008.30
Michal Sramka, R. Safavi-Naini, J. Denzinger, Mina Askari, Jie Gao
{"title":"Utility of Knowledge Extracted from Unsanitized Data when Applied to Sanitized Data","authors":"Michal Sramka, R. Safavi-Naini, J. Denzinger, Mina Askari, Jie Gao","doi":"10.1109/PST.2008.30","DOIUrl":"https://doi.org/10.1109/PST.2008.30","url":null,"abstract":"Knowledge discovery systems extract knowledge from data that can be used for making prediction about incomplete data items. Utility is a measure of the usefulness of the discovered knowledge and satisfaction of the user with that knowledge. We motivate and address the question of usefulness of sanitized data using the notion of utility in data mining systems. For this we measure the success of patterns and rules discovered from the original data to make predictions about the sanitized data using a previously developed framework. Using experimental results on a set of medical data we demonstrate that it is possible to make useful predictions about the sanitized medical data when rules discovered from the original unsanitized medical data are used. We explain our results and compare it with the case where no sanitization is involved.","PeriodicalId":422934,"journal":{"name":"2008 Sixth Annual Conference on Privacy, Security and Trust","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126137624","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信