发布求助
文献互助 智能选刊 最新文献

Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society最新文献

筛选
英文 中文
Investigating privacy-aware distributed query evaluation 调查感知隐私的分布式查询评估
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2010-10-04 DOI: 10.1145/1866919.1866926
Nicholas L. Farnan, Adam J. Lee, Ting Yu
{"title":"Investigating privacy-aware distributed query evaluation","authors":"Nicholas L. Farnan, Adam J. Lee, Ting Yu","doi":"10.1145/1866919.1866926","DOIUrl":"https://doi.org/10.1145/1866919.1866926","url":null,"abstract":"Historically, privacy and efficiency have largely been at odds with one another when querying remote data sources: traditional query optimization techniques provide efficient retrieval by exporting information about the intension of a query to data sources, while private information retrieval (PIR) schemes hide query intension at the cost of extreme computational or communication overheads. Given the increasing use of Internet-scale distributed databases, exploring the spectrum between these two extremes is worthwhile. In this paper, we explore the degree to which query intension is leaked to remote data sources when a variety of existing query processing and view materialization techniques are used. We show that these information flows can be quantified in a concrete manner, and investigate the notion of privacy-aware distributed query evaluation. We then propose two techniques to improve the balance between privacy and efficiency when processing distributed queries, and discuss a number of interesting directions for future work.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"30 1","pages":"43-52"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80407095","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Unraveling an old cloak: k-anonymity for location privacy 揭开旧斗篷:k-匿名的位置隐私
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2010-10-04 DOI: 10.1145/1866919.1866936
R. Shokri, C. Troncoso, Claudia Díaz, Julien Freudiger, J. Hubaux
{"title":"Unraveling an old cloak: k-anonymity for location privacy","authors":"R. Shokri, C. Troncoso, Claudia Díaz, Julien Freudiger, J. Hubaux","doi":"10.1145/1866919.1866936","DOIUrl":"https://doi.org/10.1145/1866919.1866936","url":null,"abstract":"There is a rich collection of literature that aims at protecting the privacy of users querying location-based services. One of the most popular location privacy techniques consists in cloaking users' locations such that k users appear as potential senders of a query, thus achieving k-anonymity. This paper analyzes the effectiveness of k-anonymity approaches for protecting location privacy in the presence of various types of adversaries. The unraveling of the scheme unfolds the inconsistency between its components, mainly the cloaking mechanism and the k-anonymity metric. We show that constructing cloaking regions based on the users' locations does not reliably relate to location privacy, and argue that this technique may even be detrimental to users' location privacy. The uncovered flaws imply that existing k-anonymity scheme is a tattered cloak for protecting location privacy.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"14 1","pages":"115-118"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90917180","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 153
Turning privacy leaks into floods: surreptitious discovery of social network friendships and other sensitive binary attribute vectors 将隐私泄露变成洪水:秘密发现社交网络友谊和其他敏感的二元属性向量
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2010-10-04 DOI: 10.1145/1866919.1866923
A. Asuncion, M. Goodrich
{"title":"Turning privacy leaks into floods: surreptitious discovery of social network friendships and other sensitive binary attribute vectors","authors":"A. Asuncion, M. Goodrich","doi":"10.1145/1866919.1866923","DOIUrl":"https://doi.org/10.1145/1866919.1866923","url":null,"abstract":"We study methods for attacking the privacy of social networking sites, collaborative filtering sites, databases of genetic signatures, and other data sets that can be represented as vectors of binary relationships. Our methods are based on reductions to nonadaptive group testing, which implies that our methods can exploit a minimal amount of privacy leakage, such as contained in a single bit that indicates if two people in a social network have a friend in common or not. We analyze our methods for turning such privacy leaks into floods using theoretical characterizations as well as experimental tests. Our empirical analyses are based on experiments involving privacy attacks on the social networking sites Facebook and LiveJournal, a database of mitochondrial DNA, a power grid network, and the movie-rating database released as a part of the Netflix Prize contest. For instance, with respect to Facebook, our analysis shows that it is effectively possible to break the privacy of members who restrict their friends lists to friends-of-friends.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"27 1","pages":"21-30"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75048339","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Deniable cloud storage: sharing files via public-key deniability 可否认的云存储:通过公钥可否认性共享文件
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2010-10-04 DOI: 10.1145/1866919.1866925
Paolo Gasti, G. Ateniese, Marina Blanton
{"title":"Deniable cloud storage: sharing files via public-key deniability","authors":"Paolo Gasti, G. Ateniese, Marina Blanton","doi":"10.1145/1866919.1866925","DOIUrl":"https://doi.org/10.1145/1866919.1866925","url":null,"abstract":"Cloud computing provides users with ample computing resources, storage, and bandwidth to meet their computing needs, often at minimal cost. As such services become popular and available to a larger body of users, security mechanisms become an integral part of them. Conventional means for protecting data privacy, such as encryption, can protect communication and stored data from unauthorized access including the service provider itself. Such tools, however, are not sufficient against powerful adversaries who can force users into opening their encrypted content. In this work we introduce the concept of deniable cloud storage that guarantees privacy of data even when one's communication and storage can be opened by an adversary. We show that existing techniques and systems do not adequately solve this problem. We design the first sender-and-receiver deniable public-key encryption scheme that is both practical and is built from standard tools. Furthermore, we treat practical aspects of user collaboration and provide an implementation of a deniable shared file system, DenFS.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"1 1","pages":"31-42"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85546957","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 48
Token attempt: the misrepresentation of website privacy policies through the misuse of p3p compact policy tokens 令牌尝试:通过滥用p3p紧凑策略令牌来歪曲网站隐私政策
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2010-10-04 DOI: 10.1145/1866919.1866932
P. Leon, L. Cranor, Aleecia M. McDonald, R. McGuire
{"title":"Token attempt: the misrepresentation of website privacy policies through the misuse of p3p compact policy tokens","authors":"P. Leon, L. Cranor, Aleecia M. McDonald, R. McGuire","doi":"10.1145/1866919.1866932","DOIUrl":"https://doi.org/10.1145/1866919.1866932","url":null,"abstract":"P3P compact policies (CPs) are a collection of three-character and four-character tokens that summarize a website's privacy policy pertaining to cookies. User agents, including Microsoft's Internet Explorer (IE) web browser, use CPs to evaluate websites' data collection practices and allow, reject, or modify cookies based on sites' privacy practices. CPs can provide a technical means to enforce users' privacy preferences if CPs accurately reflect websites' practices. Confirming the accuracy of CPs would require first-hand knowledge of each site's practices. However, through automated analysis we can identify CPs that are erroneous due to syntax errors or semantic conflicts. We collected CPs from 33,139 websites and detected errors in 11,176 of them. We found large numbers of sites using identical invalid CPs that had been recommended as workarounds for IE cookie blocking. Other sites had CPs with typos in their tokens, or other errors. Most invalid CPs resulted in cookies remaining unblocked by IE under it's default cookie settings. It appears that large numbers of websites that use CPs are misrepresenting their privacy practices, thus misleading users and rendering privacy protection tools ineffective.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"1 1","pages":"93-104"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83509665","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 52
A framework for privacy-conducive recommendations 一个有利于隐私的建议框架
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2010-10-04 DOI: 10.1145/1866919.1866934
Richard Chow, Jessica Staddon
{"title":"A framework for privacy-conducive recommendations","authors":"Richard Chow, Jessica Staddon","doi":"10.1145/1866919.1866934","DOIUrl":"https://doi.org/10.1145/1866919.1866934","url":null,"abstract":"Recommendations and advertisements based on consumer behavior patterns are increasingly prevalent, yet carry significant privacy concerns. We propose an easily implemented alternative framework in which publicly available Web data is mined to discover product preference associations.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"1 1","pages":"105-108"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77342678","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Supporting privacy preferences in credential-based interactions 在基于凭证的交互中支持隐私首选项
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2010-10-04 DOI: 10.1145/1866919.1866931
C. Ardagna, S. Vimercati, S. Foresti, S. Paraboschi, P. Samarati
{"title":"Supporting privacy preferences in credential-based interactions","authors":"C. Ardagna, S. Vimercati, S. Foresti, S. Paraboschi, P. Samarati","doi":"10.1145/1866919.1866931","DOIUrl":"https://doi.org/10.1145/1866919.1866931","url":null,"abstract":"Users can today enjoy the many benefits brought by the development and widespread adoption of Internet and related services conveniently accessing digital resources. Servers offering such resources typically require users to release information about them, which servers can then use for enforcing possible access policies on the offered services. A major problem in this context relates to providing users with the ability of determining which information to release to satisfy the server requests during their electronic interactions.\u0000 In this paper, we provide an approach for empowering the user in the release of her digital portfolio based on simple sensitivity labels expressing how much the user values different properties, credentials or combinations thereof, as well as on additional constraints that the user might impose on information disclosure. We provide a generic modeling of the problem and illustrate its translation in terms of a Weighted MaxSat problem, which can be conveniently and efficiently managed by off the shelf SAT solvers, thus resulting efficient and scalable.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"28 1","pages":"83-92"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87895205","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Balancing the shadows 平衡阴影
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2010-10-04 DOI: 10.1145/1866919.1866921
Max Schuchard, Alexander W. Dean, Victor Heorhiadi, Nicholas Hopper, Yongdae Kim
{"title":"Balancing the shadows","authors":"Max Schuchard, Alexander W. Dean, Victor Heorhiadi, Nicholas Hopper, Yongdae Kim","doi":"10.1145/1866919.1866921","DOIUrl":"https://doi.org/10.1145/1866919.1866921","url":null,"abstract":"In this paper, we examine the ShadowWalker peer-to-peer anonymity scheme. ShadowWalker attempts to provide anonymity via circuits built using random walks over a secured topology. ShadowWalker's topology is secured through the use of shadows, peers that certify another node's routing information. We demonstrate two flaws in ShadowWalker. First, an attacker can compromise the underlying topology of ShadowWalker as a result of an insufficient numbers of shadows. We show that the failure of the underlying topology directly results in the failure of ShadowWalker to provide anonymity guarantees. Second, the dependence on untrusted nodes to certify other nodes allows an attacker to launch a selective denial of service attack. We show that there is an inherent tension between protecting against these two attacks: weakening the first attack strengthens the second attack and vice versa. We introduce a mechanism that generalizes ShadowWalker's lookup defense, and show that this mechanism can be tuned to simultaneously provide strong protection against both these attacks. Last, we implement ShadowWalker and provide performance measurements from a prototype deployment on PlanetLab.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"49 1","pages":"1-10"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88513468","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
Key allocation schemes for private social networks 私有社交网络的密钥分配方案
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2009-11-09 DOI: 10.1145/1655188.1655191
Keith B. Frikken, P. Srinivas
{"title":"Key allocation schemes for private social networks","authors":"Keith B. Frikken, P. Srinivas","doi":"10.1145/1655188.1655191","DOIUrl":"https://doi.org/10.1145/1655188.1655191","url":null,"abstract":"In this paper we introduce a novel scheme for key management in social networks that is a first step towards the creation of a private social network. A social network graph (i.e., the graph of friendship relationships) is private and social networks are often used to share content, which may be private, amongst its users. In the status quo, the social networking server has access to both this graph and to all of the content, effectively requiring that it is a trusted third party. The goal of this paper is to produce a mechanism through which users can control how their content is shared with other users, without relying on a trusted third party to manage the social network graph and the users' data. The specific access control model considered here is that users will specify access policies based on distance in the social network; for example some content is visible to friends only, while other content is visible to friends of friends, etc. This access control is enforced via key management. That is for each user, there is a key that only friends should be able to derive, there is a key that both friends of the user and friends of friends can derive, etc. The proposed scheme enjoys the following properties: i) the scheme is asynchronous in that it does not require users to be online at the same time, ii) the scheme provides key indistinguishability (that is if a user is not allowed to derive a key according to the access policy, then that key is indistinguishable from a random value), iii) the scheme is efficient in terms of server storage and key derivation time, and iv) the scheme is collusion resistant.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"19 1","pages":"11-20"},"PeriodicalIF":0.0,"publicationDate":"2009-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75392285","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
On the risks of serving whenever you surf: vulnerabilities in Tor's blocking resistance design 关于无论何时上网都提供服务的风险:Tor阻塞抵抗设计中的漏洞
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2009-11-09 DOI: 10.1145/1655188.1655193
Jon McLachlan, Nicholas Hopper
{"title":"On the risks of serving whenever you surf: vulnerabilities in Tor's blocking resistance design","authors":"Jon McLachlan, Nicholas Hopper","doi":"10.1145/1655188.1655193","DOIUrl":"https://doi.org/10.1145/1655188.1655193","url":null,"abstract":"In Tor, a bridge is a client node that volunteers to help censored users access Tor by serving as an unlisted, first-hop relay. Since bridging is voluntary, the success of this circumvention mechanism depends critically on the willingness of clients to act as bridges. We identify three key architectural shortcomings of the bridge design: (1) bridges are easy to find; (2) a bridge always accepts connections when its operator is using Tor; and (3) traffic to and from clients connected to a bridge interferes with traffic to and from the bridge operator. These shortcomings lead to an attack that can expose the IP address of bridge operators visiting certain web sites over Tor. We also discuss mitigation mechanisms.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"27 1","pages":"31-40"},"PeriodicalIF":0.0,"publicationDate":"2009-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81527659","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 56
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信