Efficient schemes for anonymous credential with reputation support

Yu, Kin-ying., 余見英.

January 2012

Anonymous credential is an important tool to protect the identity of users in the Internet for various reasons (e.g. free open speech) even when a service provider (SP) requires user authentication. Yet, misbehaving users may use anonymity for malicious purposes and SP would have no way to refrain these users from creating further damages. Revocable anonymous credential allows SP to revoke a particular anonymous user based on the observed behavior of a session the user conducted. However, such kind of all-or-nothing revocation does not work well with the “Web 2.0” applications because it does not give a user a second chance to remedy a misconduct, nor rewards for positive behaviors. Reputation support is vital for these platforms. In this thesis, we propose two schemes with different strengths that solve this privacy and reputation dilemma. Our first scheme, PE(AR)2, aims to empower anonymous credential based authentication with revocation and rewarding support. The scheme is efficient, outperforms PEREA which was the most efficient solution to this problem, with an authentication time complexity O(1) as compared with other related works that has dependency on either the user side storage or the blacklist size. PEREA has a few drawbacks that make it vulnerable and not practical enough. Our scheme fixes PEREA's vulnerability together with efficiency improvement. Our benchmark on PE(AR)2 shows that an SP can handle over 160 requests/second when the credentials store 1000 single-use tickets, which outperforms PEREA with a 460 fold efficiency improvement. Our second scheme, SAC, aims to provide a revocation and full reputation support over anonymous credential based authentication system. With a small efficiency trade-o_ as compared with PE(AR)2, the scheme now supports both positive and negative scores. The scoring mechanism is now much more flexible, that SP could modify the rated score of any active sessions, or declare that no more rating should be given to it and mark it as finalized. SAC provides a much more elastic user side credential storage, there is no practical limit on the number of authentication sessions associated with a credential. Unlike other schemes, SAC make use of a combined membership proof instead of multiple non-membership proofs to distinguish if a session is active, finalized, or blacklisted. This special consideration has contributed to the reduction of efficiency-flexibility trade-off from PE(AR)2, making the scheme stay practical in terms of authentication time. Our benchmark on SAC shows that an SP can handle over 2.9 requests/second when the credentials store 10000 active sessions, which outperforms BLACR-Express (a related work based on pairing cryptography with full reputation support) with a 131 fold efficiency improvement. Then we analyze the potential difficulties for adopting the solutions to any existing web applications. We present a plugin based approach such that our solutions could run on a user web browser directly, and how a service provider could instruct the plugin to communicate using our protocol in HTML context. We conclude our thesis stating the solutions are practical, efficient and easy to integrate in real world scenario, and discuss potential future works. / published_or_final_version / Computer Science / Doctoral / Doctor of Philosophy

Internet - Security measures.

Secure multi-party protocol using modern cryptographic technique and tamper resistant hardware

Zhang, Ping, Echo., 张萍.

January 2012

Secure Multi-party Computation (SMC) is one significant research area in information security. In SMC, multiple parties jointly work on some function and no parties take the risk of revealing their private data. Since A.C. Yao first proposed this problem in 1982, there have been a lot of researchers working on different versions of SMC. In this thesis, we address three different researches in this setting, including the Privacy-Preserving Cooperative Scientific Computation, Privacy Preserving Data Mining (PPDM), and PPDM in cloud environment. In Privacy-Preserving Cooperative Scientific Computation, we propose a solution to the Privacy Preserving Weighted Average Problem (PPWAP) under the hybrid security model, which guarantees the malicious parties will not get the correct final result if they behalf maliciously. Later, the extended version of our scheme is shown as a highly efficient and secure PPWAP solution under the malicious model, a stronger security model requiring more resource. Privacy reserving data mining is one important branch of SMC, where all participants want to get the same and correct mining result from collaborated data mining without any threat of disclosing their private data. In another word, each party refuses to review its individual private database while carrying out collaborated data mining. We propose a PPDM solution of building up a decision tree from a hybrid distributed database, which is a quite common situation in real life but has not been solved before. Previous research works only focus on horizontally or vertically distributed database. With the great development of cloud computing, it provides a much more flexible and efficient platform for Internet service providers and users. However, the privacy issues of cloud service has become the bottleneck of its further development, and this problem also draw a lot of researchers' attention in recent decade. In this thesis, we propose the first solution to cloud-based PPDM. The cloud server carries out data mining on encrypted databases, and our solution can guarantee the privacy of each client. This scheme can protect client from malicious users. With aid of a hardware box, our design can also protect clients from untrusted cloud server. Another novel feature of this solution is that it works even when the databases from different parties share overlapped parts. Furthermore, with the help of homomorphic encryption and black box, our scheme can carry out the calculation on the overlapped data. This kind of problem has never been resolved by previous works as far as we know. / published_or_final_version / Computer Science / Doctoral / Doctor of Philosophy

Computer security.

Cryptography.

Information security deviant behavior: its typology, measures, and causes

Chu, Man-ying., 朱文英.

January 2012

Although information security is important to all organizations, little behavioral research has been carried out in this area. Particularly lacking is research on negative forms of behavior involved in information security. The aim of this thesis is to fill this research gap by conducting three related studies on information security deviant behavior (ISDB), which refers to the voluntary behavior of employees within organizations that differs markedly from the information security norms of the organizations and that is normally considered by other employees to be wrong. Prior research work on this topic is insufficient, and the information security deviance concept remains unclear. This thesis explores the topic by considering three fundamental research questions: 1) What is ISDB? 2) How can ISDB be measured? 3) Why do employees commit ISDB? Study I addresses the first question—“What is ISDB?”—by identifying and organizing ISDB using a typology. A four-step method, comprising content analysis, multidimensional scaling, expert judgmental analysis, and empirical testing, is proposed for the development of typologies, which can fulfill the criteria for being a theory. The findings of this study suggest that ISDB can be organized into four ideal types that are interrelated along two dimensions—severity and frequency. Four constructs are identified from this typology. They are resource misuse (“high frequency, high severity” deviance), security carelessness (“high frequency, low severity” deviance), access control deviance (“low frequency, low severity” deviance), and system protection deviance (“low frequency, high severity” deviance). Study I not only develops an organized and theoretical framework for systematic research on ISDB and constitutes a critical starting point for the development of measures of the behavior, but also makes an important theoretical contribution by demonstrating the development of a typology, which is a unique form of theory building for an underdeveloped topic. Study II focuses on the second research question—“How can ISDB be measured?”—by developing valid and reliable scales to measure ISDB. My target is to develop scales to measure commonly found types of ISDB using an empirical method. Accordingly, the two “low frequency” types of deviance, access control and system protection deviance, are omitted from consideration. A rigorous measurement development process which includes three surveys and a number of tests is adopted. A four-item scale of resource misuse and a three-item scale of security carelessness are developed. The development of these two scales makes an important contribution to future ISDB research by providing a means to measure two types of information security deviance, thus facilitating the empirical study of ISDB. Study III is aimed at answering the third research question—“Why do employees commit ISDB?”—through construction of a causal model. Rather than consider “intention” as existing behavioral research on information security commonly does, Study III investigates actual behavior and employs resource misuse (“high frequency, high severity” deviance) as the dependent variable. Data from a Web-based survey are analyzed using the partial least squares approach. Considering the dual-process approach in the theory of planned behavior, the findings suggest that resource misuse may be both an intentional type of behavior and an unreasoned action. Perceived behavioral control influences employees’ resource misuse actions via their desires or intentions, whereas attitude toward resource misuse affects these actions via employees’ desires alone. Subjective norm is found not to affect employees’ resource misuse via either desires or intentions. In terms of the theoretical contributions, Study III takes steps to consider information security deviance by incorporating the dual-process approach and the theory of planned behavior. In terms of managerial significance, the results of Study III can help managers to better understand why employees commit resource misuse. In conclusion, this thesis provides a number of significant insights into ISDB and useful guidelines for further research on the topic. In addition, the findings of the three studies can help managers to develop better company strategies and policies to reduce internal security threats. / published_or_final_version / Business / Doctoral / Doctor of Philosophy

Computer security.

Deviant behavior.

A security and safety rover made from off-the-shelf parts

Wang, James Ho

17 February 2015

This report describes the security and safety rover capable of monitoring the the indoor areas of a home and alerting the homeowner of events, such as burglary, fire, or flood. Physical security has always been a concern for homeowners. Digital video security systems are becoming commonplace in modern homes. The majority of the cameras available in this consumer market are fixed-mount cameras with limited capability. The pan-tilt-zoom feature is much less common due to cost. However, with the recent availability of low-cost, powerful, micro-controller boards along with high definition cameras and a myriad of electronic sensors this nascent product comes to mind. This report describes an experimental effort to build a robot using ``off-the-shelf'' hardware and custom software. Specifically, it will answer the question: ``Is it possible to build such a rover with the requisite capability and, if so, at what cost?'' / text

Robot

Rover

Security

Dispersability and vulnerability analysis certificate systems

Jung, Eunjin

28 August 2008

Not available / text

Internet--Security measures

A theory for the design and analysis of firewalls

Liu, Xiang-Yang Alexander

28 August 2008

Not available / text

Firewalls (Computer security)

The strategic use of diaspora politics in Russia's national security policy : evidence from the Commonwealth of Independent States, 1991-2010

Le Noan, Rachel

January 2012

This thesis examines Russia’s national security policies and objectives by strictly focusing on the role of Russia and the strategic use of diaspora politics in Moldova, Ukraine and Georgia. The research specifically emphasises the emergence of the Russian diaspora as an instrument of power and specifically assesses the strategic use of diaspora politics and the varied relationships existing between the Kremlin and the diaspora Diasporas do not only represent sociological or economic phenomena, these formations are also political and redefine the notions of sovereignty, power and national identity that permeate world politics. In the current geopolitical environment, sovereign states need to find new ways of enhancing their influence locally, regionally and internationally. Consequently, it is worth considering the impact of these socio-political formations as national security actors, and as worthy subjects of attention in the field of security studies. By focusing on Moscow’s view and the examples of Moldova, Ukraine and Georgia, the purpose of the thesis is threefold. Firstly, it will demonstrate the pertinence of diaspora politics as an element of the international security logic by proposing a framework that emphasises a realist interpretation of diaspora politics highlighting the use of diasporas as tools of power politics. Secondly, it will determine in what ways Moscow has shaped its diaspora as an instrument of power in the Commonwealth of Independent States exploiting both ‘hard’ and ‘soft’ power resources resulting in the establishment of ‘ethnic’ and ‘legal’ relationships with compatriots abroad. Thirdly, it will emphasise the continuities and changes of diaspora politics from Boris Yeltsin to Dmitri Medvedev. This thesis highlights the extent to which the Russian diaspora has either been ignored, treated as an asset or treated as a liability depending on the evolution of Russia's national strategic interests and circumstances between 1991 and 2010.

320

National security

Identitying vulnerabilities and controls in complex composite security architectures

Taylor, Barry

January 2014

The ability to design and reason about architectures (here understood as organisations which are designed according to hierarchies of roles and those processes that link them) which co-exist and interact within complex environments is of increasing importance. With the introduction of more interconnected technology affecting the way in which stakeholders manage information and conduct their operations, the need for such a capability is clear. Current approaches either address this issue with a mathematical approach which presents an obstacle to most non-specialist analysts, or they choose not to incorporate the full spread of factors that fall within the scope of this thesis. This thesis aims to develop a capability that provides those decision-makers who have information security management responsibilities with the means to analyse isolated, as well as interacting, security and business architectures. It aims to provide this capability at a level of modelling abstraction that is accessible to such non-technical specialists. The first stage of the thesis builds on earlier work on hierarchical structures by Beautement and Pym (2010b). It is dedicated to the development of a suitable conceptual framework which is both general and flexible enough to embody the required properties of a system, as well as their method of implementation spread across hierarchies of rˆoles describing organisations. This concept is expanded to describe how such architectures may interact with one another, and notation which is helpful in discussing these operations carefully is also developed. The framework is then applied to three broad areas within information security, those of trust (which is interpreted as a specific property within a given domain), heuristics (which are broadly treated as actions that should be undertaken during certain conditions), and access control. In each case the suitability of the framework is investigated, leading to refinements in the model which support the common goal of providing a novel view on these approaches to security analysis. This view is characterised by a unified consideration of the underlying architectures, to properties and policies applied across organisations. A key driver in conducting this analysis is to enable the description of how properties, fundamental to the legitimacy of systems, may firstly be established and then by how they may be compromised—providing a view on system vulnerabilities in that controls may fail or be circumvented. Following this, the framework is also intended as a tool to address such vulnerabilities, and to provide a means by which to scope measures designed to mitigate them.

004

Computer security

SECURITY OF COMMUNICATION IN COMPUTER NETWORKS (KEY MANAGEMENT, VERIFICATION).

LU, WEN-PAI.

January 1986

This dissertation concerns investigations on two of the most important problems in establishing communication security in computer networks: (1) developing a model which precisely describes the mechanism that enforces the security policy and requirements for a secure network, and (2) designing a key management scheme for establishing a secure session for end-to-end encryption between a pair of communicants. The security mechanism attempts to ensure secure flow of information between entities assigned to different security classes in different computer systems attached to a computer communication network. The mechanism also controls the accesses to the network devices by the subjects (users and processes executed on behalf of the users). The communication security problem is formulated by using a mathematical model which precisely describes the security requirements for the network. The model integrates the notions of access control and information flow control to provide a Trusted Network Base (TNB) for the network. The demonstration of security of the network when the security mechanism is designed following the present model is given by using mathematical induction techniques. The problem of designing key management schemes for establishing end-to-end encrypted sessions between source-destination pairs when the source and the destination are on different networks interconnected via Gateways and intermediate networks is examined. In such an internet environment, the key management problem attains a high degree of complexity due to the differences in the key distribution mechanisms used in the constituent networks and the infeasibility of effecting extensive hardware and software changes to the existing networks. A hierarchical approach for key management is presented which utilizes the existing network specific protocols at the lower levels and protocols between Authentication Servers and/or Control Centers of different networks at the higher levels. Details of this approach are discussed for specific illustrative scenarios to demonstrate the implementational simplicity. A formal verification of the security of the resulting system is also conducted by an axiomatic procedure utilizing certain combinatory logic principles. This approach is general and can be used for verifying the security of any existing key management scheme.

Computer networks -- Security measures.

Community partnerships- enhancing municipal food security policy

Malan, LP, van Rooyen, EJ

January 2010

Whilst many developing countries engage in sound policy processes on macro level as far as economic and social development are concerned, the day-to-day victual needs of impoverished communities also depend on sound policies as well as appropriate arrangements, which take effect in the municipal sphere. Such needs, as food security, is dependant on the establishment of effective partnership agreements among all stakeholders, including local councils, district councils as well as metropolitan councils; the actual entities that are responsible to create the enabling environment in which food security could be enhanced. In this article, issues relating to food security, partnership models, the enabling environment, and community involvement in this partnership process, are discussed briefly. Public administration practitioners should ensure they contributively involve themselves in this debate. The article concludes by emphasising the need for a proper and structured approach to be followed, of a food security policy is due to be operationalised in practice.

Food security

Municipalities