The overall network traffic patterns generated by today's smartphones result from the typically large and diverse set of installed applications. In addition to the traffic generated by the user, most applications ...
详细信息
ISBN:
(纸本)9781450319980
The overall network traffic patterns generated by today's smartphones result from the typically large and diverse set of installed applications. In addition to the traffic generated by the user, most applications generate characteristic traffic from their background activities, such as periodic update requests or server synchronisation. Although the encryption of transmitted data in 3G networks prevents an eavesdropper from analysing the content, periodic traffic patterns leak side-channel information like timing and data volume. In this work, we extract such side-channel features from network traffic generated from the most popular applications, such as Facebook, WhatsApp, Skype, Dropbox, and others, and evaluate whether they can be used to reliably identify a smartphone. By computing fingerprints from ≈6 hours of background traffic, we show that 15 minutes of monitored traffic suffice to reliably identify a smartphone based on its behavioural fingerprint with a success probability of 90%. Copyright 2013 acm.
The design of Android is based on a set of unprotected shared resources, including those inherited from Linux (e.g., Linux public directories). However, the dramatic development in Android applications (app for short)...
详细信息
In storage outsourcing services, clients store their data on a potentially untrusted server, which has more computational power and storage capacity than the individual clients. In this model, security properties such...
详细信息
ISBN:
(纸本)9781450318907
In storage outsourcing services, clients store their data on a potentially untrusted server, which has more computational power and storage capacity than the individual clients. In this model, security properties such as integrity, authenticity, and freshness of stored data ought to be provided, while minimizing computational costs at the client, and communication costs between the client and the server. Using trusted computing technology on the server's side, we propose practical constructions in the provable data possession model that provide integrity and freshness in a dynamic, multi-user setting, where groups of users can update their shared files on the remote, untrusted server. Unlike previous solutions based on a single-user, single-device model, we consider a multi-user, multi-device model. Using trusted hardware on the server helps us to eliminate some of the previously known challenges with this model, such as forking and rollback attacks by the server. We logically separate bulk storage and data authentication issues to different untrusted remote services, which can be implemented either on the same or different physical servers. With only minor modifications to existing services, the bulk storage component can be provided by large-scale storage providers such as Google, CloudDrive, DropBox, and a smaller specialized server equipped with a trusted hardware chip can be used for providing data authentication. Our constructions eliminate client-side storage costs (clients do not need to maintain persistent state), and are suitable for situations in which multiple clients work collaboratively on remotely stored, outsourced data. Copyright 2013 acm.
A virtual organization (VO) is a group of organizations that have banded together to achieve a common goal. Often a VO could function more effectively if its members were willing to share certain information. However,...
详细信息
ISBN:
(纸本)9781450318907
A virtual organization (VO) is a group of organizations that have banded together to achieve a common goal. Often a VO could function more effectively if its members were willing to share certain information. However, a typical VO member will not want to share its own information because the member will not benefit directly from the information's reuse, yet will be blamed if the reuse turns out badly. In this paper, we present insured access, the first economically sustainable system for encouraging appropriate information sharing in VOs. Before accessing information, a VO member must purchase a liability policy from the insurance arm of the VO. Insured access uses actuarial principles to set up and run the VO's insurance arm, and provides the following benefits: VO members who share their information are compensated if the information is misused, and can expect a positive benefit from sharing;members who use information well are rewarded and those who misuse it are penalized appropriately;and the level of risk-taking in the system is capped at a certain level. We demonstrate the sustainability of insured sharing through simulations of a map-sharing scenario. Copyright 2013 acm.
The proceedings contain 31 papers. The topics discussed include: secure and efficient proof of storage with deduplication;measuring query privacy in location-based services;deriving implementation-level policies for u...
ISBN:
(纸本)9781450310918
The proceedings contain 31 papers. The topics discussed include: secure and efficient proof of storage with deduplication;measuring query privacy in location-based services;deriving implementation-level policies for usage control enforcement;discovering access-control misconfigurations: new approaches and evaluation methodologies;comparison-based encryption for fine-grained access control in clouds;relationship-based access control: its expression and enforcement through hybrid logic;bounding trust in reputation systems with incomplete information;cookie-based privacy issues on Google services;refinement-based design of a group-centric secure information sharing model;risk-based security decisions under uncertainty;quantitative access control with partially-observable Markov decision processes;role engineering: from theory to practice;and privacy streamliner: a two-stage approach to improving algorithm efficiency.
暂无评论