发布求助
文献互助 智能选刊 最新文献

CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy最新文献

筛选
英文 中文
Privacy streamliner: a two-stage approach to improving algorithm efficiency 隐私流线:提高算法效率的两阶段方法
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2012-02-07 DOI: 10.1145/2133601.2133626
Wen Ming Liu, Lingyu Wang
{"title":"Privacy streamliner: a two-stage approach to improving algorithm efficiency","authors":"Wen Ming Liu, Lingyu Wang","doi":"10.1145/2133601.2133626","DOIUrl":"https://doi.org/10.1145/2133601.2133626","url":null,"abstract":"In releasing data with sensitive information, a data owner usually has seemingly conflicting goals, including privacy preservation, utility optimization, and algorithm efficiency. In this paper, we observe that a high computational complexity is usually incurred when an algorithm conflates the processes of privacy preservation and utility optimization. We then propose a novel privacy streamliner approach to decouple those two processes for improving algorithm efficiency. More specifically, we first identify a set of potential privacy-preserving solutions satisfying that an adversary's knowledge about this set itself will not help him/her to violate the privacy property; we can then optimize utility within this set without worrying about privacy breaches since such an optimization is now simulatable by adversaries. To make our approach more concrete, we study it in the context of micro-data release with publicly known generalization algorithms. The analysis and experiments both confirm our algorithms to be more efficient than existing solutions.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"22 1","pages":"193-204"},"PeriodicalIF":0.0,"publicationDate":"2012-02-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78239335","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Practical oblivious storage 实用遗忘存储器
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2012-02-07 DOI: 10.1145/2133601.2133604
M. Goodrich, M. Mitzenmacher, O. Ohrimenko, R. Tamassia
{"title":"Practical oblivious storage","authors":"M. Goodrich, M. Mitzenmacher, O. Ohrimenko, R. Tamassia","doi":"10.1145/2133601.2133604","DOIUrl":"https://doi.org/10.1145/2133601.2133604","url":null,"abstract":"We study oblivious storage (OS), a natural way to model privacy-preserving data outsourcing where a client, Alice, stores sensitive data at an honest-but-curious server, Bob. We show that Alice can hide both the content of her data and the pattern in which she accesses her data, with high probability, using a method that achieves O(1) amortized rounds of communication between her and Bob for each data access. We assume that Alice and Bob exchange small messages, of size O(N1/c), for some constant c>=2, in a single round, where N is the size of the data set that Alice is storing with Bob. We also assume that Alice has a private memory of size 2N1/c. These assumptions model real-world cloud storage scenarios, where trade-offs occur between latency, bandwidth, and the size of the client's private memory.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"47 3 1","pages":"13-24"},"PeriodicalIF":0.0,"publicationDate":"2012-02-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83138627","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 88
Risk-based security decisions under uncertainty 不确定性下基于风险的安全决策
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2012-02-07 DOI: 10.1145/2133601.2133622
Ian Molloy, Luke Dickens, C. Morisset, P. Cheng, Jorge Lobo, A. Russo
{"title":"Risk-based security decisions under uncertainty","authors":"Ian Molloy, Luke Dickens, C. Morisset, P. Cheng, Jorge Lobo, A. Russo","doi":"10.1145/2133601.2133622","DOIUrl":"https://doi.org/10.1145/2133601.2133622","url":null,"abstract":"This paper addresses the making of security decisions, such as access-control decisions or spam filtering decisions, under uncertainty, when the benefit of doing so outweighs the need to absolutely guarantee these decisions are correct. For instance, when there are limited, costly, or failed communication channels to a policy-decision-point. Previously, local caching of decisions has been proposed, but when a correct decision is not available, either a policy-decision-point must be contacted, or a default decision used. We improve upon this model by using learned classifiers of access control decisions. These classifiers, trained on known decisions, infer decisions when an exact match has not been cached, and uses intuitive notions of utility, damage and uncertainty to determine when an inferred decision is preferred over contacting a remote PDP. Clearly there is uncertainty in the predicted decisions, introducing a degree of risk. Our solution proposes a mechanism to quantify the uncertainty of these decisions and allows administrators to bound the overall risk posture of the system. The learning component continuously refines its models based on inputs from a central policy server in cases where the risk is too high or there is too much uncertainty. We have validated our models by building a prototype system and evaluating it with requests from real access control policies. Our experiments show that over a range of system parameters, it is feasible to use machine learning methods to infer access control policies decisions. Thus our system yields several benefits, including reduced calls to the PDP, reducing latency and communication costs; increased net utility; and increased system survivability.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"11 1","pages":"157-168"},"PeriodicalIF":0.0,"publicationDate":"2012-02-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84970416","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 74
Identifying native applications with high assurance 识别具有高保证的本机应用程序
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2012-02-07 DOI: 10.1145/2133601.2133635
Hussain M. J. Almohri, D. Yao, D. Kafura
{"title":"Identifying native applications with high assurance","authors":"Hussain M. J. Almohri, D. Yao, D. Kafura","doi":"10.1145/2133601.2133635","DOIUrl":"https://doi.org/10.1145/2133601.2133635","url":null,"abstract":"Main stream operating system kernels lack a strong and reliable mechanism for identifying the running processes and binding them to the corresponding executable applications. In this paper, we address the identification problem by proposing a novel secure application identification model in which user-level applications are required to present identification proofs at run time to be authenticated to the kernel. In our model, applications are supplied with unique secret keys. The secret key of an application is registered with a trusted kernel at the installation time and is used to uniquely authenticate the application. We present a protocol for the secure authentication of applications. Additionally, we develop a system call monitoring architecture that uses our model to verify the identity of applications when making designated system calls. Our system call monitoring can be integrated with existing mandatory access control systems to enforce application-level access rights. We implement and evaluate a prototype of our monitoring architecture in Linux as device drivers with no modification of the kernel. The results from our extensive performance evaluation shows that our prototype incurs low overhead, indicating the feasibility of our approach for cryptographically identifying and authenticating applications in the operating system.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"60 1","pages":"275-282"},"PeriodicalIF":0.0,"publicationDate":"2012-02-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78535942","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Cookie-based privacy issues on google services 谷歌服务中基于cookie的隐私问题
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2012-02-07 DOI: 10.1145/2133601.2133619
V. Toubiana, Vincent Verdot, B. Christophe
{"title":"Cookie-based privacy issues on google services","authors":"V. Toubiana, Vincent Verdot, B. Christophe","doi":"10.1145/2133601.2133619","DOIUrl":"https://doi.org/10.1145/2133601.2133619","url":null,"abstract":"With the success of Web applications, most of our data is now stored on various third-party servers where they are processed to deliver personalized services. Naturally, we must be authenticated to access this personal information, but the use of personalized services only restricted by identification could indirectly and silently leak sensitive data. We analyzed Google Web Search access mechanisms and found that the current policy applied to session cookies could be used to retrieve users' personal data. We describe two attack schemes based on the Google's \"SID cookie\". First, we show that it permits a session fixation attack in which the victim's searches are recorded in the attacker's Google Web Search History. The second attack leverages the search personalization (based on the same SID cookie) to retrieve a part of the victim's click history and even some of her contacts. We implemented a proof of concept of the latter attack on the Firefox Web browser and conducted an experiment with ten volunteers. Thanks to this prototype we were able to recover up to 80% of the user's search click history.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"17 1","pages":"141-148"},"PeriodicalIF":0.0,"publicationDate":"2012-02-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72641133","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
A model-theoretic approach to data anonymity and inference control 数据匿名和推理控制的模型理论方法
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2012-02-07 DOI: 10.1145/2133601.2133632
Konstantine Arkoudas, A. Vashist
{"title":"A model-theoretic approach to data anonymity and inference control","authors":"Konstantine Arkoudas, A. Vashist","doi":"10.1145/2133601.2133632","DOIUrl":"https://doi.org/10.1145/2133601.2133632","url":null,"abstract":"In secure data management the inference problem occurs when data classified at a high security level becomes inferrible from data classified at lower levels. We present a model-theoretic approach to this problem that captures the epistemic state of the database user as a set of possible worlds or models. Privacy is enforced by requiring the existence of k > 1 models assigning distinct values to sensitive attributes, and implemented via model counting. We provide an algorithm mechanizing this process and show that it is sound and complete for a large class of queries.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"34 1","pages":"249-256"},"PeriodicalIF":0.0,"publicationDate":"2012-02-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73670835","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
SWIPE: eager erasure of sensitive data in large scale systems software SWIPE:大规模系统软件中敏感数据的快速擦除
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2012-02-07 DOI: 10.1145/2133601.2133638
Kalpana Gondi, Prithvi Bisht, Praveen Venkatachari, A. Sistla, V. Venkatakrishnan
{"title":"SWIPE: eager erasure of sensitive data in large scale systems software","authors":"Kalpana Gondi, Prithvi Bisht, Praveen Venkatachari, A. Sistla, V. Venkatakrishnan","doi":"10.1145/2133601.2133638","DOIUrl":"https://doi.org/10.1145/2133601.2133638","url":null,"abstract":"We describe SWIPE, an approach to reduce the life time of sensitive, memory resident data in large scale applications written in C. In contrast to prior approaches that used a delayed or lazy approach to the problem of erasing sensitive data, SWIPE uses a novel eager erasure approach that minimizes the risk of accidental sensitive data leakage. SWIPE achieves this by transforming a legacy C program to include additional instructions that erase sensitive data immediately after its intended use. SWIPE is guided by a highly-scalable static analysis technique that precisely identifies the locations to introduce erase instructions in the original program. The programs transformed using SWIPE enjoy several additional benefits: minimization of leaks that arise due to data dependencies; erasure of sensitive data with minimal developer guidance; and negligible performance overheads.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"7 1","pages":"295-306"},"PeriodicalIF":0.0,"publicationDate":"2012-02-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84461083","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Protecting health information on mobile devices 保护移动设备上的健康信息
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2012-02-07 DOI: 10.1145/2133601.2133629
M. Ahmed, M. Ahamad
{"title":"Protecting health information on mobile devices","authors":"M. Ahmed, M. Ahamad","doi":"10.1145/2133601.2133629","DOIUrl":"https://doi.org/10.1145/2133601.2133629","url":null,"abstract":"Mobile applications running on devices such as smart phones and tablets will be increasingly used to provide convenient access to health information to health professionals and patients. Also, patients will use these devices to transmit health information captured by sensing devices in settings like the home to remote repositories. As mobile devices become targets of security threats, we must address the problem of protecting sensitive health information on them. We explore key threats to data on mobile devices and develop a security framework that can help protect it against such threats. We implemented this framework in the Android operating system and augmented it with user consent detection to enhance user awareness and control over the use of health information.\u0000 Our framework can be used to enforce security policies that govern access to sensitive health data on mobile devices. Physicians and patients using our framework can install third-party healthcare applications with the guarantee that sensitive medical information will not be sent without their knowledge even when these applications are compromised. We describe the key mechanisms implemented by our framework and how they can enforce a security policy. We also discuss our early experience with the framework.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"28 1","pages":"229-240"},"PeriodicalIF":0.0,"publicationDate":"2012-02-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76800932","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Bounding trust in reputation systems with incomplete information 信息不完全信誉系统中的边界信任
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2012-02-07 DOI: 10.1145/2133601.2133617
Xi Gong, Ting Yu, Adam J. Lee
{"title":"Bounding trust in reputation systems with incomplete information","authors":"Xi Gong, Ting Yu, Adam J. Lee","doi":"10.1145/2133601.2133617","DOIUrl":"https://doi.org/10.1145/2133601.2133617","url":null,"abstract":"Reputation mechanisms represent a major class of techniques for managing trust in decentralized systems. Quite a few reputation-based trust functions have been proposed in the literature for use in many different application domains. However, in many situations, one cannot always obtain all of the information required by the trust evaluation process. For example, access control restrictions or high collection costs might limit one's ability to gather every possible feedback that could be aggregated. Thus, one key question is how to analytically quantify the quality of reputation scores computed using incomplete information.\u0000 In this paper, we start a first effort towards answering the above question by studying the following problem: given the existence of certain missing information, what are the worst and best trust scores (i.e., the bounds of trust) a target entity can be assigned by a given reputation function? We formulate this problem based on a general model of reputation systems, and then examine the ability to bound a collection representative trust functions in the literature. We show that most existing trust functions are monotonic in terms of direct missing information about the target of a trust evaluation, which greatly simplifies this process. The problem of trust bounding with the presence of indirect missing information is much more complicated. We show that many well-known trust functions are not monotonic regarding indirect missing information, which means that a case-by-case analysis needs to be conducted for each trust function in order to bound an entity's trust.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"4 1","pages":"125-132"},"PeriodicalIF":0.0,"publicationDate":"2012-02-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88427233","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Privacy-preserving activity scheduling on mobile devices 在移动设备上保护隐私的活动调度
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2011-02-21 DOI: 10.1145/1943513.1943549
Igor Bilogrevic, Murtuza Jadliwala, J. Hubaux, I. Aad, Valtteri Niemi
{"title":"Privacy-preserving activity scheduling on mobile devices","authors":"Igor Bilogrevic, Murtuza Jadliwala, J. Hubaux, I. Aad, Valtteri Niemi","doi":"10.1145/1943513.1943549","DOIUrl":"https://doi.org/10.1145/1943513.1943549","url":null,"abstract":"Progress in mobile wireless technology has resulted in the increased use of mobile devices to store and manage users' personal schedules. Users also access popular context-based services, typically provided by third-party providers, by using these devices for social networking, dating and activity-partner searching applications. Very often, these applications need to determine common availabilities among a set of user schedules. The privacy of the scheduling operation is paramount to the success of such applications, as often users do not want to share their personal schedules with other users or third-parties. Previous research has resulted in solutions that provide privacy guarantees, but they are either too complex or do not fit well in the popular user-provider operational model. In this paper, we propose practical and privacy-preserving solutions to the server-based scheduling problem. Our novel algorithms take advantage of the homomorphic properties of well-known cryptosystems in order to privately compute common user availabilities. We also formally outline the privacy requirements in such scheduling applications and we implement our solutions on real mobile devices. The experimental measurements and analytical results show that the proposed solutions not only satisfy the privacy properties but also fare better, in regard to computation and communication efficiency, compared to other well-known solutions.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"50 1","pages":"261-272"},"PeriodicalIF":0.0,"publicationDate":"2011-02-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87589132","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 25
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信