发布求助
文献互助 智能选刊 最新文献

Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society最新文献

筛选
英文 中文
Privacy management for secure mobility 用于安全移动的隐私管理
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2006-10-30 DOI: 10.1145/1179601.1179612
J. Lindqvist, Laura Takkinen
{"title":"Privacy management for secure mobility","authors":"J. Lindqvist, Laura Takkinen","doi":"10.1145/1179601.1179612","DOIUrl":"https://doi.org/10.1145/1179601.1179612","url":null,"abstract":"Anonymous Internet access has been researched extensively and many proposals exist for enhancing the privacy of users. However, there are vast amounts of legacy authentication systems that do not take the privacy of the users into consideration. Many networks use, for example, MAC address or IP address based authentication, despite of their limited security properties. These authentication systems hinder the possibility to use e.g. pseurandom MAC addresses for privacy protection. In this paper, we propose a privacy management system for layers below the transport layer in the IP stack. Our implementation allows the users to decide their privacy parameters depending on their current situation. The implementation uses the Host Identity Protocol to provide authenticated and secure seamless handovers for mobile nodes. The approach is also applicable to an IP stack without the Host Identity Protocol.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"10 1","pages":"63-66"},"PeriodicalIF":0.0,"publicationDate":"2006-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90633032","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
Scanning electronic documents for personally identifiable information 扫描电子文件以获取个人身份信息
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2006-10-30 DOI: 10.1145/1179601.1179608
T. Aura, T. A. Kuhn, M. Roe
{"title":"Scanning electronic documents for personally identifiable information","authors":"T. Aura, T. A. Kuhn, M. Roe","doi":"10.1145/1179601.1179608","DOIUrl":"https://doi.org/10.1145/1179601.1179608","url":null,"abstract":"Sometimes, it is necessary to remove author names and other personally identifiable information (PII) from documents before publication. We have implemented a novel defensive tool for detecting such data automatically. By using the detection tool, we have learned about where PII may be stored in documents and how it is put there. A key observation is that, contrary to common belief, user and machine identifiers and other metadata are not embedded in documents only by a single piece of software, such as a word processor, but by various tools used at different stages of the document authoring process.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"14 3 1","pages":"41-50"},"PeriodicalIF":0.0,"publicationDate":"2006-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78182444","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 45
Scratch & vote: self-contained paper-based cryptographic voting Scratch & vote:独立的基于纸张的加密投票
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2006-10-30 DOI: 10.1145/1179601.1179607
B. Adida, R. Rivest
{"title":"Scratch & vote: self-contained paper-based cryptographic voting","authors":"B. Adida, R. Rivest","doi":"10.1145/1179601.1179607","DOIUrl":"https://doi.org/10.1145/1179601.1179607","url":null,"abstract":"We present Scratch & Vote; (S&V), a cryptographic voting system designed to minimize cost and complexity: (1) ballots are paper-based and can be printed using today's technology, (2) ballots are universally verifiable without electionofficial intervention, and (3) tallying requires only one trustee decryption per race, thanks to homomorphic aggregation. Scratch & Vote combines the multi-candidate election techniques of Baudron et al. with the ballot-casting simplicity of Chaum and Ryan's paper-based techniques. In addition, S&V allows each voter to participate directly in the audit process on election day, prior; to casting their own ballot.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"18 1","pages":"29-40"},"PeriodicalIF":0.0,"publicationDate":"2006-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82002544","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 165
Measuring relationship anonymity in mix networks 混合网络中关系匿名性的度量
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2006-10-30 DOI: 10.1145/1179601.1179611
Vitaly Shmatikov, Ming-Hsiu Wang
{"title":"Measuring relationship anonymity in mix networks","authors":"Vitaly Shmatikov, Ming-Hsiu Wang","doi":"10.1145/1179601.1179611","DOIUrl":"https://doi.org/10.1145/1179601.1179611","url":null,"abstract":"Many applications of mix networks such as anonymousWeb browsing require relationship anonymity: it should be hard for the attacker to determine who is communicating with whom. Conventional methods for measuring anonymity, however, focus on sender anonymity instead. Sender anonymity guarantees that it is difficult for the attacker to determine the origin of any given message exiting the mix network, but this may not be sufficient to ensure relationship anonymity. Even if the attacker cannot identify the origin of messages arriving to some destination, relationship anonymity will fail if he can determine with high probability that at least one of the messages originated from a particular sender, without necessarily being able to recognize this message among others. We give a formal definition and a calculation methodology for relationship anonymity. Our techniques are similar to those used for sender anonymity, but, unlike sender anonymity, relationship anonymity is sensitive to the distribution of message destinations. In particular, Zipfian distributions with skew values characteristic of Web browsing provide especially poor relationship anonymity. Our methodology takes route selection algorithms into account, and incorporates information-theoretic metrics such as entropy and min-entropy. We illustrate our methodology by calculating relationship anonymity in several simulated mix networks.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"29 1","pages":"59-62"},"PeriodicalIF":0.0,"publicationDate":"2006-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85211489","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 67
Private social network analysis: how to assemble pieces of a graph privately 私人社交网络分析:如何私下组装图的碎片
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2006-10-30 DOI: 10.1145/1179601.1179619
Keith B. Frikken, P. Golle
{"title":"Private social network analysis: how to assemble pieces of a graph privately","authors":"Keith B. Frikken, P. Golle","doi":"10.1145/1179601.1179619","DOIUrl":"https://doi.org/10.1145/1179601.1179619","url":null,"abstract":"Connections in distributed systems, such as social networks, online communities or peer-to-peer networks, form complex graphs. These graphs are of interest to scientists in fields as varied as marketing, epidemiology and psychology. However, knowledge of the graph is typically distributed among a large number of subjects, each of whom knows only a small piece of the graph. Efforts to assemble these pieces often fail because of privacy concerns: subjects refuse to share their local knowledge of the graph. To assuage these privacy concerns, we propose reconstructing the whole graph privately, i.e., in a way that hides the correspondence between the nodes and edges in the graph and the real-life entities and relationships that they represent. We first model the privacy threats posed by the private reconstruction of a distributed graph. Our model takes into account the possibility that malicious nodes may report incorrect information about the graph in order to facilitate later attempts to de-anonymize the reconstructed graph. We then propose protocols to privately assemble the pieces of a graph in ways that mitigate these threats. These protocols severely restrict the ability of adversaries to compromise the privacy of honest subjects.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"5 1","pages":"89-98"},"PeriodicalIF":0.0,"publicationDate":"2006-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88205095","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 67
Enhancing privacy of federated identity management protocols: anonymous credentials in WS-security 增强联邦身份管理协议的隐私性:WS-security中的匿名凭据
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2006-10-30 DOI: 10.1145/1179601.1179613
J. Camenisch, Thomas Gross, Dieter Sommer
{"title":"Enhancing privacy of federated identity management protocols: anonymous credentials in WS-security","authors":"J. Camenisch, Thomas Gross, Dieter Sommer","doi":"10.1145/1179601.1179613","DOIUrl":"https://doi.org/10.1145/1179601.1179613","url":null,"abstract":"Federated Identity Management (FIM) allows for securely provisioning certified user identities and attributes to relying parties. It establishes higher security and data quality compared to user-asserted attributes and provides for stronger user privacy protection than technologies based upon user-side attribute certificates. Therefore, industry pursues the deployment of FIM solutions as one cornerstone of the WS-Security framework. Current research proposes even more powerful methods for security and privacy protection in identity management with so called anonymous credential systems. Being based on new, yet well-researched, signature schemes and cryptographic zero-knowledge proofs, these systems have the potential to improve the capabilities of FIM by superior privacy protection, user control, and multiple use of single credentials. Unfortunately, anonymous credential systems and their semantics being based upon zero-knowledge proofs are incompatible with the XML Signature Standard which is the basis for the WS-Security and most FIM frameworks. We put forth a general construction for integrating anonymous credential systems with the XML Signature Standard and FIM protocols. We apply this method to the WS-Security protocol framework and thus obtain a very flexible WS-Federation Active Requestor Profile with strong user control and superior privacy protection.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"14 1","pages":"67-72"},"PeriodicalIF":0.0,"publicationDate":"2006-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75281561","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Maintaining privacy on derived objects 维护派生对象的私密性
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2005-11-07 DOI: 10.1145/1102199.1102202
Nicola Zannone, S. Jajodia, F. Massacci, D. Wijesekera
{"title":"Maintaining privacy on derived objects","authors":"Nicola Zannone, S. Jajodia, F. Massacci, D. Wijesekera","doi":"10.1145/1102199.1102202","DOIUrl":"https://doi.org/10.1145/1102199.1102202","url":null,"abstract":"Protecting privacy means to ensure users that access to their personal data complies with their preferences. However, information can be manipulated in order to derive new objects that may disclose part of the original information. Therefore, control of information flow is necessary for guaranteeing privacy protection since users should know and control not only who access their personal data, but also who access information derived from their data. Actually, current approaches for access control do not provide support for managing propagation of information and for representing user preferences.This paper proposes to extend the Flexible Authorization Framework (FAF) in order to automatically verify whether a subject is entitled to process personal data and derive the authorizations associated with the outcome of data processing. In order to control information flow, users may specify the range of authorizations that can be associated with objects derived from their data. The framework guarantees that every \"valid\" derived object does not disclose more information than users want and preserves the permissions that users want to maintain. To make the discussion more concrete, we illustrate the proposal with a bank case study.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"21 1","pages":"10-19"},"PeriodicalIF":0.0,"publicationDate":"2005-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81648347","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
The privacy cost of the second-chance offer 第二次机会的隐私成本
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2005-11-07 DOI: 10.1145/1102199.1102218
Sumit Joshi, Yu-An Sun, P. Vora
{"title":"The privacy cost of the second-chance offer","authors":"Sumit Joshi, Yu-An Sun, P. Vora","doi":"10.1145/1102199.1102218","DOIUrl":"https://doi.org/10.1145/1102199.1102218","url":null,"abstract":"This paper examines a generalization of a two-stage game common on eBay: an ascending-price auction followed by price discrimination (the second chance offer). High bids in the auction lead to high price offers during price discrimination, and a financial disadvantage in the second stage. The disadvantage depends on (a) the amount of information revealed to the seller in the first stage, and hence the extent of privacy protection provided and (b) whether the bidder is non-strategic (ignores the possibility of price discrimination) or rational. A privacy cost of one mechanism over another is defined and studied.For the non-strategic bidder, the second chance offer provides a zero payoff. Addition of privacy protection (anonymity and bid secrecy) decreases revenue and increases expected payoff, with higher bidders benefiting more. Privacy protection can, however, decrease an individual bidder's payoff by shielding potential buyers from the seller and thus causing an opportunity loss.If the bidder is rational, price discrimination results in a lower revenue than consecutive auctions, and is a bad strategy for the seller. Additionally, rational behavior provides more advantage to the bidder than does anonymity protection.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"30 1","pages":"97-106"},"PeriodicalIF":0.0,"publicationDate":"2005-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87483616","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Anonymous yet accountable access control 匿名但可靠的访问控制
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2005-11-07 DOI: 10.1145/1102199.1102208
M. Backes, J. Camenisch, Dieter Sommer
{"title":"Anonymous yet accountable access control","authors":"M. Backes, J. Camenisch, Dieter Sommer","doi":"10.1145/1102199.1102208","DOIUrl":"https://doi.org/10.1145/1102199.1102208","url":null,"abstract":"This paper introduces a novel approach for augmenting attribute-based access control systems in a way that allows them to offer fully anonymous access to resources while at the same time achieving strong accountability guarantees. We assume that users hold attribute certificates and we show how to exploit cryptographic zero-knowledge proofs to allow requesting users to prove that they hold suitable certificates for accessing a resource. In contrast to the commonly taken approach of sending all possibly relevant certificates to the access control system, our approach hence does not release any information to the access control system except for the presence of a set of certificates satisfying the access condition. This constitutes the minimal amount of information that has to be released for coming up with a correct access decision, and our approach is the first to achieve this. Additionally given a trusted third party for identity escrow, we furthermore show that a concise application of zero-knowledge proofs offers the access control system the capability to hold a requesting user accountable for her actions under specific, well-defined conditions. All the employed cryptographic techniques are highly efficient, and an architecture for exploiting our approach in practical scenarios is already in place.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"18 1","pages":"40-46"},"PeriodicalIF":0.0,"publicationDate":"2005-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74471643","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 56
Determining user privacy preferences by asking the right questions: an automated approach 通过询问正确的问题来确定用户的隐私偏好:一种自动化的方法
Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society Pub Date : 2005-11-07 DOI: 10.1145/1102199.1102209
Keith Irwin, Ting Yu
{"title":"Determining user privacy preferences by asking the right questions: an automated approach","authors":"Keith Irwin, Ting Yu","doi":"10.1145/1102199.1102209","DOIUrl":"https://doi.org/10.1145/1102199.1102209","url":null,"abstract":"One fundamental aspect of user privacy is to respect the privacy preferences that users have. A clear prerequisite to doing this is accurately gauging what user's privacy preferences are. Current approaches either offer limited privacy options or have so many choices that users are likely to be overwhelmed. We present a framework for modeling user privacy preferences in terms of a hierarchy of questions which can be asked. We describe two means of dynamically choosing which questions should be asked to efficiently determine what a user's privacy preferences are.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"6 1","pages":"47-50"},"PeriodicalIF":0.0,"publicationDate":"2005-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75021607","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信