Information Security Theory and Practice. Security, Privacy and Trust in Computing Systems and Ambient Intelligent Ecosystems
6th IFIP WG 11.2 International Workshop, WISTP 2012, Egham, UK, June 20-22, 2012, Proceedings
Published on 16. June 2012
XII, 225 pages
978-3-642-30955-7 (ISBN)
Description
This volume constitutes the refereed proceedings of the 6th IFIP WG 11.2 International Workshop on Information Security Theory and Practice: Security, Privacy and Trust in Computing Systems and Ambient Intelligent Ecosystems, WISTP 2012, held in Egham, UK, in June 2012. The 9 revised full papers and 8 short papers presented together with three keynote speeches were carefully reviewed and selected from numerous submissions. They are organized in topical sections on protocols, privacy, policy and access control, multi-party computation, cryptography, and mobile security.
More details
Other editions
Additional editions
Ioannis Askoxylakis | Henrich C. Pöhls | Joachim Posegga
Information Security Theory and Practice. Security, Privacy and Trust in Computing Systems and Ambient Intelligent Ecosystems
6th IFIP WG 11.2 International Workshop, WISTP 2012, Egham, UK, June 20-22, 2012, Proceedings
Book
06/2012
Springer
€53.49
Shipment within 7-9 days
Content
- Title
- Preface
- Organization
- Table of Contents
- Keynotes
- Recent Developments in Low-Level Software Security
- Introduction
- An Illustration of Low-Level Attacks
- The Interactive Attacker Model
- The In-Process Attacker Model
- Countermeasures against the Interactive Attacker
- Safe Languages
- More Defensive Execution of Unsafe Languages
- Conclusion
- Countermeasures against the In-Process Attacker
- Isolated Execution of Security-Critical Modules
- Fully Abstract Compilation
- Conclusions
- References
- Towards a C2I Platform for Combating the Cyber-Threat
- Extended Abstract
- Veracity, Plausibility, and Reputation
- Introduction
- The Parkerian Hexad
- Outlook
- Veracity
- Veracity in Network Management
- DNS Rebinding
- Return Routability
- Secure Network Coordinates
- Plausibility and Reputation
- Fostering Veracity in Business Processes
- Securing Cyber-Physical Systems
- References
- Protocols
- Another Fallen Hash-Based RFID Authentication Protocol
- Introduction
- Preliminaries
- Protocol Description
- Secret Information Disclosure Attack
- Tag Impersonation Attack
- Traceability Attack
- Conclusions
- References
- Protocols (Short Papers)
- HTTP Botnet Detection Using Adaptive Learning Rate Multilayer Feed-Forward Neural Network
- Introduction
- Related Work
- Proposed Botnet Detection System
- Feature Extraction
- Normalization
- Classification Using Neural Network
- Experimental Results and Analysis
- Performance Evaluation
- Conclusion
- References
- How to Break EAP-MD5
- Introduction
- Preliminaries
- Brief Description of MD5
- EAP-MD5
- Related Work
- EAP-MD5-Pass Attack
- Rainbow Table
- Breaking EAP-MD5
- On-Line Length Recovery Attack to EAP-MD5
- Off-Line Fixed Length Password Cracking with Password Pre-computation
- Conclusion
- References
- Privacy
- Privacy Preserving Social Network Publication on Bipartite Graphs
- Introduction
- Preliminaries
- Bipartite Graph Generalization
- Motivation
- Algorithm Description
- Experimental Study
- Experimental Framework
- Experimental Results
- Related Work
- Conclusion and Discussion
- References
- Privacy Bubbles: User-Centered Privacy Control for Mobile Content Sharing Applications
- Introduction
- Application Scenario
- Privacy Bubbles: The Concept
- Design Drivers
- Concept and Principles
- Evaluation of the Privacy Bubble Concept
- Demographic Information
- User Study Results
- Comprehensiveness.
- User Control.
- Management Overhead.
- User Acceptance.
- Proof-of-Concept Implementation
- Bubble Creation
- Taking Pictures
- Indirect vs. Direct Localization Mechanism.
- Picture-based vs. Periodic Location Detection Mechanism.
- Reviewing Pictures
- Accessing Pictures from Other Users
- Discussions and Future Work
- Tampering with Spatiotemporal Information
- Falsification of User IDs
- Location Privacy
- Reliability of Location Information
- Modular and Malleable Bubbles
- Multimedia Contents
- Long-Term Evaluation
- Related Work
- Conclusions
- References
- Privacy (Short Paper)
- Privacy Preservation of User History Graph
- Introduction
- User History Graph
- Privacy Notion
- Adversary Model
- Notions for Untraceability of Graph
- Algorithm
- Algorithm Generating Partial (k, v)-Untraceable History Graph
- Algorithm Generating Complete (k, v)-Untraceable History Graph
- Evaluation
- Conclusion
- References
- Policy and Access Control
- HiPoLDS: A Security Policy Language for Distributed Systems
- Introduction
- Related Work
- Language Overview
- Policy Domains
- Reference Monitors
- HiPoLDS Rules
- Information Tags
- Examples
- Abstract and Concrete Rules
- Roles and Policy Domains
- From Specification to Enforcement
- From Abstract to Concrete Policies
- Firewall-Based Realization
- Introducing Information Tags
- Conclusion
- References
- ROAC: A Role-Oriented Access Control Model
- Introduction
- Background and Motivation
- The Role-Oriented Access Control Model Overview
- ROAC Reference Data Model
- Generalization in Role Oriented Access Control Model
- Discussion
- Conclusion and Future Work
- References
- Multi-Party Computation
- Optimal Parameters for Efficient Two-Party Computation Protocols
- Introduction
- Background
- Cut-and-Choose Protocol
- Efficient Two Party Computation Protocols - Cheaper Check Circuits
- Optimal Number of Check Circuits
- Same-Cost Circuits
- Cheaper Check Circuits
- Communication Complexity
- Minimize Communication Complexity
- Comparison of Communication Cost
- Conclusion
- References
- Assisting Server for Secure Multi-Party Computation
- Introduction
- Preliminaries
- Related Work
- SMC with Shamir's Secret Sharing
- Adversary Models
- Assisting Server for Secure Multi-Party Computation
- Assisting Server Model
- Equality Comparison Equal+
- Applications for Cooperative Network Monitoring
- Implementation and Evaluation
- Equal+ Performance Test
- Evaluation Summary
- Security Discussion on the New SMC Model
- Conclusion
- References
- Cryptography (Short Papers)
- An Efficient Lattice-Based Secret Sharing Construction
- Introduction
- Preliminaries
- Notations
- Basics on Lattices
- Our Construction
- Description
- Security and Performance
- Conclusion
- References
- On the Optimality of Correlation Power Attack on Embedded Cryptographic Systems
- Introduction
- The Optimality from the Estimation Theory View Point
- Practical Metrics Computation
- Deviation from Linearity Metric (DLM)
- Deviation from Normality Metric (DNM)
- Deviation from Homoscedasticity Metric (DHM)
- Experiments on Real DES Cryptographic Implementation
- Conclusion
- References
- Impossible Differential Cryptanalysis of Reduced-Round LBlock
- Introduction
- A Short Description of LBlock
- The Impossible Differential Attack Technique
- An Attack on 21-Round LBlock
- An Attack on 22-Round LBlock
- Conclusion
- References
- Mobile Security
- Efficient Java Implementation of Elliptic Curve Cryptography for J2ME-Enabled Mobile Devices
- Introduction
- Prime-Field Arithmetic in Java
- Selection of Prime Field
- Efficient Arithmetic Modulo p = 2174 - 3
- Point Arithmetic on GLV Curves
- Selection of Elliptic Curve
- Efficient Implementation of Scalar Multiplication
- Implementation Results and Discussion
- Conclusions
- References
- Kynoid: Real-Time Enforcement of Fine-Grained, User-Defined, and Data-Centric Security Policies for Android
- Introduction
- Information Processing in Today's Smart-Phones
- Contribution
- Background: Android and TaintDroid
- Dalvik Virtual Machine
- Security Architecture
- Security Issues and Deficiencies
- TaintDroid
- Approach Overview
- Kynoid
- Framework Operation
- Policy Propagation
- Inter-process Policy Tracking
- Policy Derivation and Enforcement
- Discussion
- Applicability
- Performance
- Usability
- Related Work
- Conclusions and Future Work
- References
- Author Index
