The overall network traffic patterns generated by today's smartphones result from the typically large and diverse set of installed applications. In addition to the traffic generated by the user, most applications ...
详细信息
ISBN:
(纸本)9781450319980
The overall network traffic patterns generated by today's smartphones result from the typically large and diverse set of installed applications. In addition to the traffic generated by the user, most applications generate characteristic traffic from their background activities, such as periodic update requests or server synchronisation. Although the encryption of transmitted data in 3G networks prevents an eavesdropper from analysing the content, periodic traffic patterns leak side-channel information like timing and data volume. In this work, we extract such side-channel features from network traffic generated from the most popular applications, such as Facebook, WhatsApp, Skype, Dropbox, and others, and evaluate whether they can be used to reliably identify a smartphone. By computing fingerprints from ≈6 hours of background traffic, we show that 15 minutes of monitored traffic suffice to reliably identify a smartphone based on its behavioural fingerprint with a success probability of 90%. Copyright 2013 acm.
The design of Android is based on a set of unprotected shared resources, including those inherited from Linux (e.g., Linux public directories). However, the dramatic development in Android applications (app for short)...
详细信息
In storage outsourcing services, clients store their data on a potentially untrusted server, which has more computational power and storage capacity than the individual clients. In this model, security properties such...
详细信息
ISBN:
(纸本)9781450318907
In storage outsourcing services, clients store their data on a potentially untrusted server, which has more computational power and storage capacity than the individual clients. In this model, security properties such as integrity, authenticity, and freshness of stored data ought to be provided, while minimizing computational costs at the client, and communication costs between the client and the server. Using trusted computing technology on the server's side, we propose practical constructions in the provable data possession model that provide integrity and freshness in a dynamic, multi-user setting, where groups of users can update their shared files on the remote, untrusted server. Unlike previous solutions based on a single-user, single-device model, we consider a multi-user, multi-device model. Using trusted hardware on the server helps us to eliminate some of the previously known challenges with this model, such as forking and rollback attacks by the server. We logically separate bulk storage and data authentication issues to different untrusted remote services, which can be implemented either on the same or different physical servers. With only minor modifications to existing services, the bulk storage component can be provided by large-scale storage providers such as Google, CloudDrive, DropBox, and a smaller specialized server equipped with a trusted hardware chip can be used for providing data authentication. Our constructions eliminate client-side storage costs (clients do not need to maintain persistent state), and are suitable for situations in which multiple clients work collaboratively on remotely stored, outsourced data. Copyright 2013 acm.
A virtual organization (VO) is a group of organizations that have banded together to achieve a common goal. Often a VO could function more effectively if its members were willing to share certain information. However,...
详细信息
ISBN:
(纸本)9781450318907
A virtual organization (VO) is a group of organizations that have banded together to achieve a common goal. Often a VO could function more effectively if its members were willing to share certain information. However, a typical VO member will not want to share its own information because the member will not benefit directly from the information's reuse, yet will be blamed if the reuse turns out badly. In this paper, we present insured access, the first economically sustainable system for encouraging appropriate information sharing in VOs. Before accessing information, a VO member must purchase a liability policy from the insurance arm of the VO. Insured access uses actuarial principles to set up and run the VO's insurance arm, and provides the following benefits: VO members who share their information are compensated if the information is misused, and can expect a positive benefit from sharing;members who use information well are rewarded and those who misuse it are penalized appropriately;and the level of risk-taking in the system is capped at a certain level. We demonstrate the sustainability of insured sharing through simulations of a map-sharing scenario. Copyright 2013 acm.
The proceedings contain 27 papers. The topics discussed include: distributed data usage control for web applications: a social network implementation;MyABDAC: compiling XacmL policies for attribute-based database acce...
ISBN:
(纸本)9781450304665
The proceedings contain 27 papers. The topics discussed include: distributed data usage control for web applications: a social network implementation;MyABDAC: compiling XacmL policies for attribute-based database access control;implementation and performance evaluation of privacy-preserving fair reconciliation protocols on ordered sets;an empirical assessment of approaches to distributed enforcement in role-based access control (RBAC);a language for provenance access control;non-interactive editable signatures for assured data provenance;identifying a critical threat to privacy through automatic image classification;k-out-of-n oblivious transfer based on homomorphic encryption and solvability of linear equations;mixture of gaussian models and bayes error under differential privacy;relationship-based access control: protection model and policy language;and enforcing physically restricted access control for remote data.
暂无评论