Mobile networks not only provide great benefits to their users but they also introduce inherent security issues. With respect to security, the emerging risks of denial of service (DOS) attacks will evolve into a critical danger as the availability of mobile networks becomes more and more important for the modern information society. This paper outlines a critical flaw in GSM networks which opens the avenue for distributed denial of service attacks. We propose a way to mitigate the attacks by adding minimal authentication to the GSM channel assignment protocol.
{"title":"Mitigating denial of service threats in GSM networks","authors":"V. Bocan, V. Cretu","doi":"10.1109/ARES.2006.81","DOIUrl":"https://doi.org/10.1109/ARES.2006.81","url":null,"abstract":"Mobile networks not only provide great benefits to their users but they also introduce inherent security issues. With respect to security, the emerging risks of denial of service (DOS) attacks will evolve into a critical danger as the availability of mobile networks becomes more and more important for the modern information society. This paper outlines a critical flaw in GSM networks which opens the avenue for distributed denial of service attacks. We propose a way to mitigate the attacks by adding minimal authentication to the GSM channel assignment protocol.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130106785","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The growth of the Internet has been accompanied by the growth of e-health services (e.g. online medical advice, online pharmacies). This proliferation of services and the increasing regulatory and legal requirements for personal privacy have fueled the need to protect the personal privacy of service users. Existing approaches for privacy protection such as access control are predicated on the e-service provider having possession and control over the user's personal data. In this paper, we propose a new approach to protecting personal privacy for e-health services: keeping possession and control over the user's personally identifiable information in the hands of the user as much as possible. Our approach can also be characterized as distributing personally identifiable information only on a "need to know" basis.
{"title":"Ensuring privacy for e-health services","authors":"George Yee, L. Korba, R. Song","doi":"10.1109/ARES.2006.59","DOIUrl":"https://doi.org/10.1109/ARES.2006.59","url":null,"abstract":"The growth of the Internet has been accompanied by the growth of e-health services (e.g. online medical advice, online pharmacies). This proliferation of services and the increasing regulatory and legal requirements for personal privacy have fueled the need to protect the personal privacy of service users. Existing approaches for privacy protection such as access control are predicated on the e-service provider having possession and control over the user's personal data. In this paper, we propose a new approach to protecting personal privacy for e-health services: keeping possession and control over the user's personally identifiable information in the hands of the user as much as possible. Our approach can also be characterized as distributing personally identifiable information only on a \"need to know\" basis.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125543908","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Radio frequency identification (RFID) technology that is used to identify objects and users and automatically takes advantage of contextual information such as user's location is expected to become an important and a core technology of ubiquitous infrastructure. This technology has been applied to many applications such as retail and supply chain. At recent, there are an increasing number of researches related to mobile RFID that provides RFID service to user with a reader embedded in the mobile device as the one of RFID applications. However, there are an increasing number of concerns, and even some resistance, related to user tracking and profiling using RFID technology. Therefore, in this paper, we review privacy threats that have been reported in various RFID applications and bring up some additional privacy threats in mobile RFID, impeding the deployment of mobile RFID. And we analyze whether various privacy protecting measures that have been proposed to address privacy problems in RFID can also apply to mobile RFID.
{"title":"Privacy threats and issues in mobile RFID","authors":"Hyangjin Lee, Jeeyeon Kim","doi":"10.1109/ARES.2006.96","DOIUrl":"https://doi.org/10.1109/ARES.2006.96","url":null,"abstract":"Radio frequency identification (RFID) technology that is used to identify objects and users and automatically takes advantage of contextual information such as user's location is expected to become an important and a core technology of ubiquitous infrastructure. This technology has been applied to many applications such as retail and supply chain. At recent, there are an increasing number of researches related to mobile RFID that provides RFID service to user with a reader embedded in the mobile device as the one of RFID applications. However, there are an increasing number of concerns, and even some resistance, related to user tracking and profiling using RFID technology. Therefore, in this paper, we review privacy threats that have been reported in various RFID applications and bring up some additional privacy threats in mobile RFID, impeding the deployment of mobile RFID. And we analyze whether various privacy protecting measures that have been proposed to address privacy problems in RFID can also apply to mobile RFID.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128767422","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Johannes Osrael, Lorenz Froihofer, K. M. Göschka, S. Beyer, Pablo Galdámez, F. D. Muñoz-Escoí
We present a system architecture which facilitates enhanced availability of tightly coupled distributed systems by temporarily relaxing constraint consistency. Three different types of consistency are distinguished in tightly coupled distributed systems - replica consistency, concurrency consistency, and constraint consistency. Constraint consistency defines the correctness of the system with respect to a set of data integrity rules (application defined predicates). Traditional systems either guarantee strong constraint consistency or no constraint consistency at all. However, a class of systems exists, where data integrity can be temporarily relaxed in order to enhance availability, i.e. constraint consistency can be traded against availability. This allows for a context- and situation-specific optimum of availability. This paper presents the basic concepts of the trading process and the proposed system architecture to enable a fine-grained tuning of the trade-off in tightly coupled distributed systems.
{"title":"A system architecture for enhanced availability of tightly coupled distributed systems","authors":"Johannes Osrael, Lorenz Froihofer, K. M. Göschka, S. Beyer, Pablo Galdámez, F. D. Muñoz-Escoí","doi":"10.1109/ARES.2006.19","DOIUrl":"https://doi.org/10.1109/ARES.2006.19","url":null,"abstract":"We present a system architecture which facilitates enhanced availability of tightly coupled distributed systems by temporarily relaxing constraint consistency. Three different types of consistency are distinguished in tightly coupled distributed systems - replica consistency, concurrency consistency, and constraint consistency. Constraint consistency defines the correctness of the system with respect to a set of data integrity rules (application defined predicates). Traditional systems either guarantee strong constraint consistency or no constraint consistency at all. However, a class of systems exists, where data integrity can be temporarily relaxed in order to enhance availability, i.e. constraint consistency can be traded against availability. This allows for a context- and situation-specific optimum of availability. This paper presents the basic concepts of the trading process and the proposed system architecture to enable a fine-grained tuning of the trade-off in tightly coupled distributed systems.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128302581","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The issue of reliable authentication is of increasing importance in modern society. Corporations, businesses and individuals often wish to restrict access to logical or physical resources to those with relevant privileges. A popular method for authentication is the use of biometric data, but the uncertainty that arises due to the lack of uniqueness in biometrics has lead there to be a great deal of effort invested into multimodal biometrics. These multimodal biometric systems can give rise to large, distributed data sets that are used to decide the authenticity of a user. Bayesian model averaging (BMA) methodology has been used to allow experts to evaluate the reliability of decisions made in data mining applications. The use of decision tree (DT) models within the BMA methodology gives experts additional information on how decisions are made. In this paper we discuss how DT models within the BMA methodology can be used for authentication in multimodal biometric systems.
{"title":"Using a Bayesian averaging model for estimating the reliability of decisions in multimodal biometrics","authors":"C. Maple, V. Schetinin","doi":"10.1109/ARES.2006.141","DOIUrl":"https://doi.org/10.1109/ARES.2006.141","url":null,"abstract":"The issue of reliable authentication is of increasing importance in modern society. Corporations, businesses and individuals often wish to restrict access to logical or physical resources to those with relevant privileges. A popular method for authentication is the use of biometric data, but the uncertainty that arises due to the lack of uniqueness in biometrics has lead there to be a great deal of effort invested into multimodal biometrics. These multimodal biometric systems can give rise to large, distributed data sets that are used to decide the authenticity of a user. Bayesian model averaging (BMA) methodology has been used to allow experts to evaluate the reliability of decisions made in data mining applications. The use of decision tree (DT) models within the BMA methodology gives experts additional information on how decisions are made. In this paper we discuss how DT models within the BMA methodology can be used for authentication in multimodal biometric systems.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122982005","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We present a P2P filesharing system that allows redundant storage of shared files in a way that no participating server ever stores data that could compromise its operator. Instead, only fragments that do not contain any information about the original file in the information theoretic sense are uploaded. Reconstruction of a file requires all fragments it has been decomposed into. By this, in conjunction with other cryptographic methods, we yield significant legal advantages for server operators, as well as censorship-resistance, anonymity, secure routing, authenticated file update and integrity checks.
{"title":"Censorship-resistant and anonymous P2P filesharing","authors":"Regine Endsuleit, Thilo Mie","doi":"10.1109/ARES.2006.41","DOIUrl":"https://doi.org/10.1109/ARES.2006.41","url":null,"abstract":"We present a P2P filesharing system that allows redundant storage of shared files in a way that no participating server ever stores data that could compromise its operator. Instead, only fragments that do not contain any information about the original file in the information theoretic sense are uploaded. Reconstruction of a file requires all fragments it has been decomposed into. By this, in conjunction with other cryptographic methods, we yield significant legal advantages for server operators, as well as censorship-resistance, anonymity, secure routing, authenticated file update and integrity checks.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"146 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116464495","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Elke Franz, Hagen Wahrig, Alexander Böttcher, K. Borcea-Pfitzmann
Access control is necessary to prevent illegal accesses to shared resources. Within eLearning, access control is required in order to protect provided contents and services as well as user data. Usually, access rights are assigned to users of a system. However, in a system that applies privacy-enhancing identity management (PIM) common approaches cannot be directly utilized since users do not act under fix login names. Within this paper, we want to discuss how protection of contents as well as of user data can be realized in such an environment. The context of our work is the eLearning application BluES'n which additionally aims at providing users a flexible working environment. All functionality needed for realizing access control is provided by a PIM-aware platform which is currently developed within the European project PRIME.
{"title":"Access control in a privacy-aware eLearning environment","authors":"Elke Franz, Hagen Wahrig, Alexander Böttcher, K. Borcea-Pfitzmann","doi":"10.1109/ARES.2006.20","DOIUrl":"https://doi.org/10.1109/ARES.2006.20","url":null,"abstract":"Access control is necessary to prevent illegal accesses to shared resources. Within eLearning, access control is required in order to protect provided contents and services as well as user data. Usually, access rights are assigned to users of a system. However, in a system that applies privacy-enhancing identity management (PIM) common approaches cannot be directly utilized since users do not act under fix login names. Within this paper, we want to discuss how protection of contents as well as of user data can be realized in such an environment. The context of our work is the eLearning application BluES'n which additionally aims at providing users a flexible working environment. All functionality needed for realizing access control is provided by a PIM-aware platform which is currently developed within the European project PRIME.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"113 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116017844","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mobile ad-hoc networks with their arbitrary topologies are a difficult domain for providing highly available Web services. Since hosts can move unpredictably, finding services and featuring their constant and reliable functionality poses a challenge. In this paper we present a flexible system which is not only bound to ad-hoc networks, but can be used in any other environment. Our solution offers a discovery technique which keeps UDDI information in distributed registries up-to-date and includes a replication and synchronization mechanism which provides backup services for a highly increased service dependability.
{"title":"Web service discovery, replication, and synchronization in ad-hoc networks","authors":"Lukasz Juszczyk, J. Lazowski, S. Dustdar","doi":"10.1109/ARES.2006.143","DOIUrl":"https://doi.org/10.1109/ARES.2006.143","url":null,"abstract":"Mobile ad-hoc networks with their arbitrary topologies are a difficult domain for providing highly available Web services. Since hosts can move unpredictably, finding services and featuring their constant and reliable functionality poses a challenge. In this paper we present a flexible system which is not only bound to ad-hoc networks, but can be used in any other environment. Our solution offers a discovery technique which keeps UDDI information in distributed registries up-to-date and includes a replication and synchronization mechanism which provides backup services for a highly increased service dependability.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130476250","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
To ensure the availability of e-government, it is necessary to handle diversity of administrative cases properly. This paper proposes RAQ (rarely asked questions) to cover minor, non-conforming cases which are overlooked. We focused on effects of anonymity to prevent prejudice and to decrease the barrier to join. We did case study on non-conforming case in Japan, treating four kinds of mutual-aid on the Internet. As a result, we discovered that unofficial ways of information sharing are more effective to solve problems than official ways .The process to solve problems itself plays a role of covering diversity of cases, which are not aggregated to FAQ. Thus, we led RAQ, instead of FAQ. RAQ contains details of problems and empathy among people concerned. We argue that to ensure to RAQ functions in e-government, it is necessary not only to make the best use of unofficial, informal mutual-aids but also promote information disclosure to be referred.
{"title":"Designing mutual-aid model for RAQ (rarely asked question) in e-government: practical use of anonymity","authors":"Akiko Orita","doi":"10.1109/ARES.2006.51","DOIUrl":"https://doi.org/10.1109/ARES.2006.51","url":null,"abstract":"To ensure the availability of e-government, it is necessary to handle diversity of administrative cases properly. This paper proposes RAQ (rarely asked questions) to cover minor, non-conforming cases which are overlooked. We focused on effects of anonymity to prevent prejudice and to decrease the barrier to join. We did case study on non-conforming case in Japan, treating four kinds of mutual-aid on the Internet. As a result, we discovered that unofficial ways of information sharing are more effective to solve problems than official ways .The process to solve problems itself plays a role of covering diversity of cases, which are not aggregated to FAQ. Thus, we led RAQ, instead of FAQ. RAQ contains details of problems and empathy among people concerned. We argue that to ensure to RAQ functions in e-government, it is necessary not only to make the best use of unofficial, informal mutual-aids but also promote information disclosure to be referred.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"139 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115095347","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The BRIDGES project was funded by the UK Department of Trade and Industry (DTI) to address the needs of cardiovascular research scientists investigating the genetic causes of hypertension as part of the Wellcome Trust funded (#4.34M) cardiovascular functional genomics (CFG) project. Security was at the heart of the BRIDGES project and an advanced data and compute grid infrastructure incorporating latest grid authorisation technologies was developed and delivered to the scientists. We outline these grid infrastructures and describe the perceived security requirements at the project start including data classifications and how these evolved throughout the lifetime of the project. The uptake and adoption of the project results are also presented along with the challenges that must be overcome to support the secure exchange of life science data sets. We also present how we will use the BRIDGES experiences in future projects at the National e-Science Centre.
{"title":"Grid infrastructures for secure access to and use of bioinformatics data: experiences from the BRIDGES project","authors":"R. Sinnott, Micha Bayer, A. Stell, J. Koetsier","doi":"10.1109/ARES.2006.69","DOIUrl":"https://doi.org/10.1109/ARES.2006.69","url":null,"abstract":"The BRIDGES project was funded by the UK Department of Trade and Industry (DTI) to address the needs of cardiovascular research scientists investigating the genetic causes of hypertension as part of the Wellcome Trust funded (#4.34M) cardiovascular functional genomics (CFG) project. Security was at the heart of the BRIDGES project and an advanced data and compute grid infrastructure incorporating latest grid authorisation technologies was developed and delivered to the scientists. We outline these grid infrastructures and describe the perceived security requirements at the project start including data classifications and how these evolved throughout the lifetime of the project. The uptake and adoption of the project results are also presented along with the challenges that must be overcome to support the secure exchange of life science data sets. We also present how we will use the BRIDGES experiences in future projects at the National e-Science Centre.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115962645","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: