Oblivious Handshakes and Sharing of Secrets of Privacy-Preserving Matching and Authentication Protocols

Duan, Pu

2011 May 1900

The objective of this research is focused on two of the most important privacy-preserving techniques: privacy-preserving element matching protocols and privacy-preserving credential authentication protocols, where an element represents the information generated by users themselves and a credential represents a group membership assigned from an independent central authority (CA). The former is also known as private set intersection (PSI) protocol and the latter is also known as secret handshake (SH) protocol. In this dissertation, I present a general framework for design of efficient and secure PSI and SH protocols based on similar message exchange and computing procedures to confirm “commonality” of their exchanged information, while protecting the information from each other when the commonalty test fails. I propose to use the homomorphic randomization function (HRF) to meet the privacy-preserving requirements, i.e., common element/credential can be computed efficiently based on homomorphism of the function and uncommon element/credential are difficult to derive because of the randomization of the same function. Based on the general framework two new PSI protocols with linear computing and communication cost are proposed. The first protocol uses full homomorphic randomization function as the cryptographic basis and the second one uses partial homomorphic randomization function. Both of them achieve element confidentiality and private set intersection. A new SH protocol is also designed based on the framework, which achieves unlinkability with a reusable pair of credential and pseudonym and least number of bilinear mapping operations. I also propose to interlock the proposed PSI protocols and SH protocol to design new protocols with new security properties. When a PSI protocol is executed first and the matched elements are associated with the credentials in a following SH protocol, authenticity is guaranteed on matched elements. When a SH protocol is executed first and the verified credentials is used in a following PSI protocol, detection resistance and impersonation attack resistance are guaranteed on matching elements. The proposed PSI and SH protocols are implemented to provide privacy-preserving inquiry matching service (PPIM) for social networking applications and privacy-preserving correlation service (PAC) of network security alerts. PPIM allows online social consumers to find partners with matched inquiries and verified group memberships without exposing any information to unmatched parties. PAC allows independent network alert sources to find the common alerts without unveiling their local network information to each other.

Elliptic Curve Cryptography

Network Security

Relapse Among Recovering Addiction Professionals: Prevalence and Predictors

Greene, Dorothy S., Yaffe, Joanne, Kopak, Albert M.

02 October 2019

In 2013–2014, a cross-sectional, exploratory, survey design was used to obtain a conservative estimate of relapse among a sample of recovering addiction professionals in the United States and to identify potential predictors for relapse. The sample (n = 265) was drawn from the International Certification and Reciprocity Consortium. The relapse rate for the sample was 14.7%. Two predictors for relapse were identified in the stepwise logistic regression. The more mutual-aid group meetings respondents attended per month, the less likely they were to have experienced relapse (Wald = 7.956, p =.005), and the longer participants had been in recovery when their careers began, the less likely they were to have experienced relapse (Wald = 4.366, p =.037). The authors provide suggestions regarding the recovery health of recovering addiction professionals as well as recommendations for future research.

addiction counseling licensure

addiction credential

addiction workforce

recovering addiction professionals

relapse

relapse predictors

Social Work

A Research Study on Micro-Credentialing and Adult Learning

Thomsen, Amy M.

13 July 2023

No description available.

Adult Education

Technology

micro-credential

adult-learning

ADDIE

UDL

technology transfer

federal government

experiential learning

An Examination of Alternative Educational Leadership

Tyler, Millicent Denise

04 May 2022

Traditional public-school settings are not meeting the needs of all students. Alternative educational settings have been established for students who struggled in traditional public schools. According to research by Beken et al. (2009); Cotton (2004); and Groves (1998), traditional schools often lack an understanding of social issues, positive peer relationships, personal interactions with teachers, and a school-wide emphasis on maturity and responsibility. The purpose of this qualitative research study was to identify leadership practices that alternative education leaders indicate are effective in increasing positive outcomes for students in alternative education programs. Alternative education program leaders from four public high schools in Southeastern Virginia were asked 11 interview questions regarding their leadership practices in developing and implementing an effective program and practices to increase alternative student outcomes as it relates to staff characteristics, attendance, positive behavior, and graduation rates. The alternative school leaders' interview responses were analyzed and coded for themes. The study findings suggest alternative educational program leaders who share their school vision, select competent and compassionate staff, and have an atmosphere of high academic expectations that foster positive relationships with at-risk students effectively increase positive outcomes for students in alternative education programs. The researcher proposes that the study's findings could contribute to research on best practices and strategies for promoting success in alternative education programs. / Doctor of Education / The purpose of this qualitative research study was to identify leadership practices that alternative education leaders indicate are effective in increasing positive outcomes for students in alternative education programs. Alternative education program leaders from four public high schools in Southeastern Virginia were asked eleven interview questions regarding their leadership practices in developing and implementing an effective program and practices to increase alternative student outcomes as it relates to staff characteristics, attendance, positive behavior, and graduation rate. The study findings suggest alternative educational program leaders who share their school vision, select competent and compassionate staff. They have an atmosphere of high academic expectations that foster positive relationships with at-risk students effectively increase positive outcomes for students in alternative education programs. The researcher proposes that the study's findings could contribute to research on best practices and strategies for promoting success in alternative education programs.

alternative education

alternative educational leaders

at-risk

dropout

high school credential

traditional school

Webová vizualizace a demonstrátor anonymních pověření / Web visualization and demonstrator of anonymous credentials

Chwastková, Šárka

January 2021

This thesis deals with the topic of attribute based credentials with revocable anonymous credentials. The main focus of this work is the implementation of this scheme through a web application. The web application serves primarily as a visualization, which shows the functionality of this scheme through animations, and also as a practical demonstrator. Data and cryptographic calculations for individual system protocols are provided by the given cryptographic C application that communicates with the created application. The web application is also able to communicate with the connected smart card reader and the MultOS smart card and thus create the transmission of APDU commands and responses between the smart card and provided C application.

On-demand Restricted Delegation : A Framework for Dynamic, Context-Aware, Least-Privilege Delegation in Grids

Ahsant, Mehran

January 2009

In grids, delegation is a key facility that can be used to authenticate and authorize requests on behalf of disconnected users. In current grid systems,delegation is either performed dynamically, in an unrestricted manner, or by a secure but static method. Unfortunately, the former compromises security and the latter cannot satisfy the requirements of dynamic grid application execution. Therefore, development of a delegation framework that enables a restricted and flexible delegation mechanism becomes increasingly urgent as grids are adopted by new communities and grow in size. The main barriers in development of such a mechanism are the requirements for dynamic execution of grid applications, which make it difficult to anticipate required access rights for completing tasks in advance. Another significant architectural requirement in grids is federated security and trust. A considerable barrier to achieving this is cross-organizational authentication and identification. Organizations participating in Virtual Organizations (VOs) may use different security infrastructures that implement different protocols for authentication and identification; thus, there exists a need to provide an architectural mechanism for lightweight, rapid and interoperable translation of security credentials from an original format to a format understandable by recipients. This thesis contributes the development of a delegation framework that utilizes a mechanism for determining and acquiring only required rights and credentials for completing a task, when they are needed. This is what we call an on-demand delegation framework that realizes a bottom-up delegation model and provides a just-in-time acquisition of rights for restricted and dynamic delegation. In this thesis, we further contribute the development of a credential mapping mechanism using off-the-shelf standards and technologies. This mechanism provides support for an on-the-fly exchange of different types of security credentials used by the security mechanisms of existing grids. / QC 20100622

Grid Security

Restricted and Context-Aware Delegation

Delegation Protocol

On-demand Delegation

Dynamic Trust Federation

Grid Interoperability

Credential Mapping

Computer science

Datalogi

Meeting the Professional Development Needs of Early Childhood Teachers with Child Development Associate Training

Heisner, Mary J

21 May 2008

This study examined the impact of Child Development Associate (CDA) training on the beliefs and self-reported practices of early childhood teachers (N = 126) using a pre-post mixed-methods research design. Preschool teachers who were enrolled in CDA classes (n=76) and a comparison group of teachers (n = 50) completed two surveys of beliefs and self-reported practices: the Teacher Beliefs and Practices Survey: 3- to 5-Year-Olds (TBPS) (Burts, Buchanan, & Benedict, 2001) and the Early Childhood Survey of Beliefs and Practices (ECSBP) (Marcon, 1988, 1999). Repeated measures Multiple Analyses of Variance indicated teachers who had completed CDA training became significantly more developmentally appropriate on measures of beliefs and self-reported practices than a comparison group who did not attend CDA training. The CDA teachers held significantly fewer inappropriate beliefs and reported fewer inappropriate practices after training than the comparison group. Results suggest that the TBPS was a more sensitive measure than the ECSBP of beliefs and self-reported practices for these early childhood teachers, most of whom had no formal education. The decrease in developmentally inappropriate beliefs and self-reported practices on the TBPS subscales illustrates the importance of measuring not only increases in appropriate beliefs and self-reported practices but also decreases in inappropriate beliefs and self-reported practices. The Constant Comparative Method was used to organize and analyze the observation and interview data of the four case study participants. Three themes emerged which describe the effect of CDA training on the beliefs and self-reported practices of these teachers: Reflection on current practices describes the teacher who seemed to be actively considering how the material presented in the CDA training fit with her implicitly held beliefs and current practices. Confirmation of developmentally appropriate practices describes the teacher whose existing developmentally appropriate beliefs were reinforced by the training. Superficial changes describes two teachers who gained ideas for activities in the training but revealed no change in beliefs. This study suggests that CDA training decreases the developmentally inappropriateness of beliefs and self-reported practices of early childhood teachers. A change that past research suggests will ultimately impact classroom quality. Influences such as concurrent training, program requirements, and implicitly held beliefs may moderate the extent to which new concepts are accepted and existing practices are changed.

early childhood

teacher training

CDA

Child Development Associate Credential

professional development

education

preschool

Educational Psychology

Special Education and Teaching

Protecting Sensitive Credential Content during Trust Negotiation

Jarvis, Ryan D.

21 April 2003

Keeping sensitive information private in a public world is a common concern to users of digital credentials. A digital credential may contain sensitive attributes certifying characteristics about its owner. X.509v3, the most widely used certificate standard, includes support for certificate extensions that make it possible to bind multiple attributes to a public key contained in the certificate. This feature, although convenient, potentially exploits the certificate holder's private information contained in the certificate. There are currently no privacy considerations in place to protect the disclosure of attributes in a certificate. This thesis focuses on protecting sensitive credential content during trust negotiation and demonstrates, through design and implementation, the privacy benefits achieved through selective disclosure. Selective disclosure of credential content can be achieved using private attributes, a well-known technique that incorporates bit commitment within digital credentials. This technique has not been thoroughly explored or implemented in any prior work. In this thesis, a protocol for issuing and showing credentials containing private attributes is discussed and suggested as a method for concealing and selectively revealing sensitive attributes bound to credentials during trust negotiation. To demonstrate greater privacy control within a credential-based system, private attributes are incorporated into TrustBuilder, an implementation of trust negotiation. With access control at the attribute level, TrustBuilder gives users greater control over their private information and can improve the success rate of negotiations. TrustBuilder also demonstrates how credentials with private attributes can eliminate risks normally associated with exchanging credentials, such as excessive gathering of information that is not germane to the transaction and inadvertently disclosing the value of a sensitive credential attribute.

trust negotiation

privacy

bit commitment

security

ISRL

Internet Security Research Lab

TrustBuilder

selective disclosure

digital credential

X.509v3

Computer Sciences

Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management Infrastructure

Khodaei, Mohammad

January 2016

Vehicular Communication (VC) systems can greatly enhance road safety and transportation efficiency. Vehicles are equipped with sensors to sense their surroundings and the internal Controller Area Network (CAN) bus. Hence, vehicles are becoming part of a large-scale network, the so-called Internet of Vehicles (IoV). Deploying such a large-scale VC system cannot materialize unless the VC systems are secure and do not expose their users’ privacy. Vehicles could be compromised or their sensors become faulty, thus disseminating erroneous information across the network. Therefore, participating vehicles should be accountable for their actions. Moreover, user privacy is at stake: vehicles should disseminate spatio-temporal information frequently. Due to openness of the wireless communication, an observer can eavesdrop the communication to infer users’ sensitive information, thus profiling users. The objective is to secure the communication, i.e., prevent malicious or compromised entities from affecting the system operation, and ensure user privacy, i.e., keep users anonymous to any external observer but also for security infrastructure entities and service providers.In this thesis, we focus on the identity and credential management infrastructure for VC systems, taking security, privacy, and efficiency into account. We begin with a detailed investigation and critical survey of the standardization and harmonization efforts. We point out the remaining challenges to be addressed in order to build a Vehicular Public-Key Infrastructure (VPKI). We provide a VPKI design that improves upon existing proposals in terms of security and privacy protection and efficiency. More precisely, our scheme facilitates multi-domain operations in VC systems and enhances user privacy, notably preventing linking of pseudonyms based on timing information and offering increased protection in the presence of honest-but-curious VPKI entities. We further extensively evaluate the performance of the full-blown implementation of our VPKI for a large-scale VC deployment. Our results confirm the efficiency, scalability and robustness of our VPKI. / <p>QC 20160927</p>

Vehicular Communications

Security

Privacy

Access Control

Identity and Credential Management

Vehicular PKI

Elektroteknik och elektronik

Investigating employability: a study to ascertain whether attaining stackable credentials increases opportunity for employment for career technical graduates

Whittington, Amy Green

06 May 2017

Career technical education plays an important part in the mission of community colleges – providing educational opportunities needed by members of their communities. Career technical programs prepare students for entry into the workforce. Accountability standards for career technical programs, from local, state, and federal bodies, monitor placement of career technical graduates in jobs related to their field of study. To help these students become more competitive in the job market, curricula are being aligned with national certifications to help students graduate from career technical programs with stackable credentials. Stackable credentials refer to the idea of “stacking” degrees, certifications, and credentials along the way to an education in a particular field of study. Some of these credentials can be costly, though, requiring career technical program administrators to question whether implementing this stackable credential structure is truly beneficial for the students. The purpose of this study was to examine survey results of industry representatives who serve on advisory committees for career technical programs at a rural community college to ascertain whether earning stackable credentials in career technical programs at a rural community college does increase opportunities for employment. Data were obtained from an Industry Input Survey conducted at a rural community college. Descriptive statistics were used for data analysis. Results of this study indicate that while entry-level employment requirements focus more on a high-school diploma or high school equivalency exam and an earned Associate of Applied Science degree, the majority of participants did indicate that holding a national certification would give a potential employee hiring preferences. Results of the analysis are presented in narrative and table form. Conclusions and recommendations for future research follow discussion of analysis.

associate of applied science degree

employability

certificates

career technical education

certifications

Stackable credentials

nationally-recognized credential

accountability standards