发布求助
文献互助 智能选刊 最新文献

CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy最新文献

筛选
英文 中文
On the suitability of dissemination-centric access control systems for group-centric sharing 以传播为中心的访问控制系统对群中心共享的适用性研究
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2014-03-03 DOI: 10.1145/2557547.2557566
W. C. Garrison, Yechen Qiao, Adam J. Lee
{"title":"On the suitability of dissemination-centric access control systems for group-centric sharing","authors":"W. C. Garrison, Yechen Qiao, Adam J. Lee","doi":"10.1145/2557547.2557566","DOIUrl":"https://doi.org/10.1145/2557547.2557566","url":null,"abstract":"The Group-centric Secure Information Sharing (g-SIS) family of models has been proposed for modeling environments in which group dynamics dictate information-sharing policies and practices. This is in contrast to traditional, dissemination-centric sharing models, which focus on attaching policies to resources that limit their flow from producer to consumer. The creators of g-SIS speculate that it may not be strictly more expressive than dissemination-centric models, but that it nevertheless has pragmatic efficiency advantages in group-centric scenarios [12]. In this paper, we formally and systematically test these characteristics of an access control system's suitability for a scenario - expressiveness and cost - to evaluate the capabilities of dissemination-centric systems within group-centric workloads. We show that several common dissemination-centric systems lack the expressiveness to meet all security guarantees while implementing the wide range of behavior that is characteristic of the g-SIS models, except via impractical, convoluted encodings. Further, even more efficient implementations (admissible under relaxed security requirements) suffer from high storage and computational overheads. These observations support the practical and theoretical significance of the g-SIS models, and provide insight into techniques for evaluating and comparing access control systems in terms of both expressiveness and cost.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"28 1","pages":"1-12"},"PeriodicalIF":0.0,"publicationDate":"2014-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88059514","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Situational awareness through reasoning on network incidents 基于网络事件推理的态势感知
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2014-03-03 DOI: 10.1145/2557547.2557562
A. Squicciarini, Giuseppe Petracca, Bill G. Horne, Aurnob Nath
{"title":"Situational awareness through reasoning on network incidents","authors":"A. Squicciarini, Giuseppe Petracca, Bill G. Horne, Aurnob Nath","doi":"10.1145/2557547.2557562","DOIUrl":"https://doi.org/10.1145/2557547.2557562","url":null,"abstract":"Corporations worldwide work with teams of often dedicated system administrators to maintain, detect and prevent network infringements. This is a highly user-driven process that consumes hundreds (if not thousands) of man hours yearly. User reporting, the basis of most of these incident detection systems suffers from various biases and leads to below-par security measures. In the paper, we provide an approach for near real-time analysis of ongoing events on controlled networks, while requiring no end-user interaction and saving on system administrator's effort. Our proposed solution, ReasONets, a lightweight, distributed system, provides situational awareness in case of network incidents. ReasONets combines aspects of anomaly detection with Case-Based Reasoning (CBR) methodologies to reason about ongoing security events in a network, including their nature, severity and sources. We build a fully running prototype of ReasONets, to demonstrate the accuracy of the system, in doing reasoning and inference on the network status by exploiting events and network features. To the best of our knowledge, ReasONets is the first of its kind system combining detection and classification of network events with realtime reasoning while being capable of scaling up to large network sizes.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"14 1","pages":"111-122"},"PeriodicalIF":0.0,"publicationDate":"2014-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80069085","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
An efficient privacy-preserving system for monitoring mobile users: making searchable encryption practical 用于监控移动用户的有效隐私保护系统:使可搜索的加密实用
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2014-03-03 DOI: 10.1145/2557547.2557559
Gabriel Ghinita, R. Rughinis
{"title":"An efficient privacy-preserving system for monitoring mobile users: making searchable encryption practical","authors":"Gabriel Ghinita, R. Rughinis","doi":"10.1145/2557547.2557559","DOIUrl":"https://doi.org/10.1145/2557547.2557559","url":null,"abstract":"Monitoring location updates from mobile users has important applications in several areas, ranging from public safety and national security to social networks and advertising. However, sensitive information can be derived from movement patterns, so protecting the privacy of mobile users is a major concern. Users may only be willing to disclose their locations when some condition is met, for instance in proximity of a disaster area, or when an event of interest occurs nearby. Currently, such functionality is achieved using searchable encryption. Such cryptographic primitives provide provable guarantees for privacy, and allow decryption only when the location satisfies some predicate. Nevertheless, they rely on expensive pairing-based cryptography (PBC), and direct application to the domain of location updates leads to impractical solutions.\u0000 We propose secure and efficient techniques for private processing of location updates that complement the use of PBC and lead to significant gains in performance by reducing the amount of required pairing operations. We also implement two optimizations that further improve performance: materialization of results to expensive mathematical operations, and parallelization. Extensive experimental results show that the proposed techniques significantly improve performance compared to the baseline, and reduce the searchable encryption overhead to a level that is practical in a computing environment with reasonable resources, such as the cloud.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"257 1","pages":"321-332"},"PeriodicalIF":0.0,"publicationDate":"2014-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72714161","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 29
Privacy-preserving publication of provenance workflows 保护出处工作流的隐私发布
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2014-03-03 DOI: 10.1145/2557547.2557586
Mihai Maruseac, Gabriel Ghinita, R. Rughinis
{"title":"Privacy-preserving publication of provenance workflows","authors":"Mihai Maruseac, Gabriel Ghinita, R. Rughinis","doi":"10.1145/2557547.2557586","DOIUrl":"https://doi.org/10.1145/2557547.2557586","url":null,"abstract":"Provenance workflows capture the data movement and the operations changing the data in complex applications such as scientific computations, document management in large organizations, content generation in social media, etc. Provenance is essential to understand the processes and operations that data undergo, and many research efforts focused on modeling, capturing and analyzing provenance information. Sharing provenance brings numerous benefits, but may also disclose sensitive information, such as secret processes of synthesizing chemical substances, confidential business practices and private details about social media participants' lives. In this paper, we study privacy-preserving provenance workflow publication using differential privacy. We adapt techniques designed for sanitization of multi-dimensional spatial data to the problem of provenance workflows. Experimental results show that such an approach is feasible to protect provenance workflows, while at the same time retaining a significant amount of utility for queries. In addition, we identify influential factors and trade-offs that emerge when sanitizing provenance workflows.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"96 1","pages":"159-162"},"PeriodicalIF":0.0,"publicationDate":"2014-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75578401","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
DroidBarrier: know what is executing on your android DroidBarrier:知道你的android上正在执行什么
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2014-03-03 DOI: 10.1145/2557547.2557571
Hussain M. J. Almohri, D. Yao, D. Kafura
{"title":"DroidBarrier: know what is executing on your android","authors":"Hussain M. J. Almohri, D. Yao, D. Kafura","doi":"10.1145/2557547.2557571","DOIUrl":"https://doi.org/10.1145/2557547.2557571","url":null,"abstract":"Many Android vulnerabilities share a root cause of malicious unauthorized applications executing without user's consent. In this paper, we propose the use of a technique called process authentication for Android applications to overcome the shortcomings of current Android security practices. We demonstrate the process authentication model for Android by designing and implementing our runtime authentication and detection system referred to as DroidBarrier. Our malware analysis shows that DroidBarrier is capable of detecting real Android malware at the time of creating independent processes. A","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"121 1","pages":"257-264"},"PeriodicalIF":0.0,"publicationDate":"2014-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76307856","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 28
Systematic audit of third-party android phones 对第三方安卓手机进行系统审计
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2014-03-03 DOI: 10.1145/2557547.2557557
Michael Mitchell, Guanyu Tian, Zhi Wang
{"title":"Systematic audit of third-party android phones","authors":"Michael Mitchell, Guanyu Tian, Zhi Wang","doi":"10.1145/2557547.2557557","DOIUrl":"https://doi.org/10.1145/2557547.2557557","url":null,"abstract":"Android has become the leading smartphone platform with hundreds of devices from various manufacturers available on the market today. All these phones closely resemble each other with similar hardware and software features. Manufacturers must therefore customize the official Android system to differentiate their devices. Unfortunately, such heavily customization by third-party manufacturers often leads to serious vulnerabilities that do not exist in the official Android system. In this paper, we propose a comparative approach to systematically audit software in third-party phones by comparing them side-by-side to the official system. Specifically, we first retrieve pre-loaded apps and libraries from the phone and build a matching base system from the Android open source project repository. We then compare corresponding apps and libraries for potential vulnerabilities. To facilitate this process, we have designed and implemented DexDiff, a system that can pinpoint fine structural differences between two Android binaries and also present the changes in their surrounding contexts. Our experiments show that DexDiff is efficient and scalable. For example, it spends less than two and half minutes to process two 16.5MB (in total) files. DexDiff is also able to reveal a new vulnerability and details of the invasive CIQ mobile intelligence software.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"3 1","pages":"175-186"},"PeriodicalIF":0.0,"publicationDate":"2014-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83713880","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
WebWinnow: leveraging exploit kit workflows to detect malicious urls WebWinnow:利用漏洞利用工具包工作流来检测恶意url
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2014-03-03 DOI: 10.1145/2557547.2557575
Birhanu Eshete, V. Venkatakrishnan
{"title":"WebWinnow: leveraging exploit kit workflows to detect malicious urls","authors":"Birhanu Eshete, V. Venkatakrishnan","doi":"10.1145/2557547.2557575","DOIUrl":"https://doi.org/10.1145/2557547.2557575","url":null,"abstract":"Organized cybercrime on the Internet is proliferating due to exploit kits. Attacks launched through these kits include drive-by-downloads, spam and denial-of-service. In this paper, we tackle the problem of detecting whether a given URL is hosted by an exploit kit. Through an extensive analysis of the workflows of about 40 different exploit kits, we develop an approach that uses machine learning to detect whether a given URL is hosting an exploit kit. Central to our approach is the design of distinguishing features that are drawn from the analysis of attack-centric and self-defense behaviors of exploit kits. This design is based on observations drawn from exploit kits that we installed in a laboratory setting as well as live exploit kits that were hosted on the Web. We discuss the design and implementation of a system called WEBWINNOW that is based on this approach. Extensive experiments with real world malicious URLs reveal that WEBWINNOW is highly effective in the detection of malicious URLs hosted by exploit kits with very low false-positives.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"105 1","pages":"305-312"},"PeriodicalIF":0.0,"publicationDate":"2014-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81617891","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 43
POSTER: a pairing-free certificateless hybrid sign-cryption scheme for advanced metering infrastructures POSTER:用于高级计量基础设施的无配对无证书混合签名加密方案
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2014-03-03 DOI: 10.1145/2557547.2557582
Seung-Hyun Seo, Jongho Won, E. Bertino
{"title":"POSTER: a pairing-free certificateless hybrid sign-cryption scheme for advanced metering infrastructures","authors":"Seung-Hyun Seo, Jongho Won, E. Bertino","doi":"10.1145/2557547.2557582","DOIUrl":"https://doi.org/10.1145/2557547.2557582","url":null,"abstract":"CertificateLess Hybrid SignCryption (CL-HSC) scheme is useful for efficiently encapsulating symmetric keys for secure communications. It solves the key escrow problem and the certificate management problem. However, the existing scheme is not suitable for Advanced Metering Infrastructure (AMI) networks because of the utilization of expensive pairing operations. As smart meter devices have limited computing power, we need efficient algorithms for AMI networks. In this poster, we propose a novel CL-HSC scheme without pairing operations. In order to evaluate its performance, we implemented our CL-HSC scheme and conventional hybrid encryption approaches. The experimental results show that our CL-HSC scheme is efficient and suitable for secure communications in AMI networks.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"117 1","pages":"143-146"},"PeriodicalIF":0.0,"publicationDate":"2014-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76871043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Privacy-preserving audit for broker-based health information exchange 基于代理的健康信息交换的隐私保护审计
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2014-03-03 DOI: 10.1145/2557547.2557576
Se Eun Oh, J. Chun, Limin Jia, D. Garg, Carl A. Gunter, Anupam Datta
{"title":"Privacy-preserving audit for broker-based health information exchange","authors":"Se Eun Oh, J. Chun, Limin Jia, D. Garg, Carl A. Gunter, Anupam Datta","doi":"10.1145/2557547.2557576","DOIUrl":"https://doi.org/10.1145/2557547.2557576","url":null,"abstract":"Developments in health information technology have encouraged the establishment of distributed systems known as Health Information Exchanges (HIEs) to enable the sharing of patient records between institutions. In many cases, the parties running these exchanges wish to limit the amount of information they are responsible for holding because of sensitivities about patient information. Hence, there is an interest in broker-based HIEs that keep limited information in the exchange repositories. However, it is essential to audit these exchanges carefully due to risks of inappropriate data sharing. In this paper, we consider some of the requirements and present a design for auditing broker-based HIEs in a way that controls the information available in audit logs and regulates their release for investigations. Our approach is based on formal rules for audit and the use of Hierarchical Identity-Based Encryption (HIBE) to support staged release of data needed in audits and a balance between automated and manual reviews. We test our methodology via an extension of a standard for auditing HIEs called the Audit Trail and Node Authentication Profile (ATNA) protocol.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"4 1","pages":"313-320"},"PeriodicalIF":0.0,"publicationDate":"2014-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87588294","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
On protection in federated social computing systems 联邦社会计算系统中的保护问题
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2014-03-03 DOI: 10.1145/2557547.2557555
Ebrahim Tarameshloo, Philip W. L. Fong, Payman Mohassel
{"title":"On protection in federated social computing systems","authors":"Ebrahim Tarameshloo, Philip W. L. Fong, Payman Mohassel","doi":"10.1145/2557547.2557555","DOIUrl":"https://doi.org/10.1145/2557547.2557555","url":null,"abstract":"Nowadays, a user may belong to multiple social computing systems (SCSs) in order to benefit from a variety of services that each SCS may provide. To facilitate the sharing of contents across the system boundary, some SCSs provide a mechanism by which a user may \"connect\" his accounts on two SCSs. The effect is that contents from one SCS can now be shared to another SCS. Although such a connection feature delivers clear usability advantages for users, it also generates a host of privacy challenges. A notable challenge is that the access control policy of the SCS from which the content originates may not be honoured by the SCS to which the content migrates, because the latter fails to faithfully replicate the protection model of the former.\u0000 In this paper we formulate a protection model for a federation of SCSs that support content sharing via account connection. A core feature of the model is that sharable contents are protected by access control policies that transcend system boundary - they are enforced even after contents are migrated from one SCS to another. To ensure faithful interpretation of access control policies, their evaluation involves querying the protection states of various SCSs, using Secure Multiparty Computation (SMC). An important contribution of this work is that we carefully formulate the conditions under which policy evaluation using SMC does not lead to the leakage of information about the protection states of the SCSs. We also study the computational problem of statically checking if an access control policy can be evaluated without information leakage. Lastly, we identify useful policy idioms.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"30 1","pages":"75-86"},"PeriodicalIF":0.0,"publicationDate":"2014-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76307645","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信