This paper proposes a general model for hiding control flow graph flattening in C programs. We explain what control flow graph flattening is and illustrate why it is successful as protection against static control flow analysis. Furthermore, we propose a scheme, complementary to control flow graph flattening, which does not leak any control flow graph information statically. Instead of relying on ad hoc security by using variable aliasing and global pointers to complicate data flow analysis of the switch variable, we try to base our security claims more on information theory, data flow, and cryptography. Our formal model is structured and extendable. Moreover, it can specify which minimum of information to hide from the program (e.g. a secret value or function) such that no control flow information is leaked. To express the robustness of our scheme we present some attacks and their feasibility. Finally, we sketch a few scenarios in which our solution could be deployed.
{"title":"A general model for hiding control flow","authors":"J. Cappaert, B. Preneel","doi":"10.1145/1866870.1866877","DOIUrl":"https://doi.org/10.1145/1866870.1866877","url":null,"abstract":"This paper proposes a general model for hiding control flow graph flattening in C programs. We explain what control flow graph flattening is and illustrate why it is successful as protection against static control flow analysis. Furthermore, we propose a scheme, complementary to control flow graph flattening, which does not leak any control flow graph information statically. Instead of relying on ad hoc security by using variable aliasing and global pointers to complicate data flow analysis of the switch variable, we try to base our security claims more on information theory, data flow, and cryptography. Our formal model is structured and extendable. Moreover, it can specify which minimum of information to hide from the program (e.g. a secret value or function) such that no control flow information is leaked. To express the robustness of our scheme we present some attacks and their feasibility. Finally, we sketch a few scenarios in which our solution could be deployed.","PeriodicalId":124354,"journal":{"name":"ACM Digital Rights Management Workshop","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122190968","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this talk I will explore a connection between traitor tracing schemes and the problem of sanitizing data to remove personal information while allowing statistically meaningful information to be released. It is based on joint work with Cynthia Dwork, Omer Reingold, Guy N. Rothblum and Salil Vadhan [5].
在这次演讲中,我将探讨叛徒追踪方案与数据净化问题之间的联系,以便在允许发布统计上有意义的信息的同时删除个人信息。它是基于与Cynthia Dwork, Omer Reingold, Guy N. Rothblum和Salil Vadhan的联合工作[5]。
{"title":"The privacy of tracing traitors","authors":"M. Naor","doi":"10.1145/1866870.1866871","DOIUrl":"https://doi.org/10.1145/1866870.1866871","url":null,"abstract":"In this talk I will explore a connection between traitor tracing schemes and the problem of sanitizing data to remove personal information while allowing statistically meaningful information to be released. It is based on joint work with Cynthia Dwork, Omer Reingold, Guy N. Rothblum and Salil Vadhan [5].","PeriodicalId":124354,"journal":{"name":"ACM Digital Rights Management Workshop","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126995385","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The emergence of different licenses has led to problems with the smooth flow of digital content across them. To activate digital content distribution, license interoperability must be revealed. In this paper, we present a framework for formally examining license interoperability by using many-sorted first-order logic. We show how the framework can be used to formalize three actual licenses and examine the interoperability between them. The results show that the framework reveals the relationship between licenses.
{"title":"An analysis of interoperability between licenses","authors":"K. Fujita, Yasuyuki Tsukada","doi":"10.1145/1866870.1866884","DOIUrl":"https://doi.org/10.1145/1866870.1866884","url":null,"abstract":"The emergence of different licenses has led to problems with the smooth flow of digital content across them. To activate digital content distribution, license interoperability must be revealed. In this paper, we present a framework for formally examining license interoperability by using many-sorted first-order logic. We show how the framework can be used to formalize three actual licenses and examine the interoperability between them. The results show that the framework reveals the relationship between licenses.","PeriodicalId":124354,"journal":{"name":"ACM Digital Rights Management Workshop","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132795207","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
V. Gowadia, E. Scalavino, Emil C. Lupu, Dmitry Starostin, Alexey Orlov
Crisis management requires rapid sharing of data among organizations responders. Existing crisis management practices rely on ad hoc or centralized data sharing based on agreements written in natural language. The ambiguity of natural language specifications often leads to errors and can hinder data availability. Therefore, it is desirable to develop automatic data sharing systems. This also presents additional challenges, such as evaluation of security constraints in different administrative domains and in situations with intermittent network connectivity. We compare two different architectural approaches to develop secure data sharing solutions. The first approach assumes reliable network connectivity, while the second approach works in ad hoc networks. We then suggest a unified architecture that caters for both scenarios.
{"title":"Secure cross-domain data sharing architecture for crisis management","authors":"V. Gowadia, E. Scalavino, Emil C. Lupu, Dmitry Starostin, Alexey Orlov","doi":"10.1145/1866870.1866879","DOIUrl":"https://doi.org/10.1145/1866870.1866879","url":null,"abstract":"Crisis management requires rapid sharing of data among organizations responders. Existing crisis management practices rely on ad hoc or centralized data sharing based on agreements written in natural language. The ambiguity of natural language specifications often leads to errors and can hinder data availability. Therefore, it is desirable to develop automatic data sharing systems. This also presents additional challenges, such as evaluation of security constraints in different administrative domains and in situations with intermittent network connectivity. We compare two different architectural approaches to develop secure data sharing solutions. The first approach assumes reliable network connectivity, while the second approach works in ad hoc networks. We then suggest a unified architecture that caters for both scenarios.","PeriodicalId":124354,"journal":{"name":"ACM Digital Rights Management Workshop","volume":"336 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133409724","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mohammad Jafari, R. Safavi-Naini, Chad Saunders, N. Sheppard
We propose a digital rights management approach for sharing electronic health records in a health research facility and argue advantages of the approach. We also give an outline of the system under development and our implementation of the security features and discuss challenges that we faced and future directions.
{"title":"Using digital rights management for securing data in a medical research environment","authors":"Mohammad Jafari, R. Safavi-Naini, Chad Saunders, N. Sheppard","doi":"10.1145/1866870.1866883","DOIUrl":"https://doi.org/10.1145/1866870.1866883","url":null,"abstract":"We propose a digital rights management approach for sharing electronic health records in a health research facility and argue advantages of the approach. We also give an outline of the system under development and our implementation of the security features and discuss challenges that we faced and future directions.","PeriodicalId":124354,"journal":{"name":"ACM Digital Rights Management Workshop","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114170587","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We describe a new public-key and provably secure attribute-based broadcast encryption scheme which supports complex access policies with AND, OR and NOT gates. Our scheme, especially targetting the implemention of efficient Pay-TV systems, can handle conjunctions of disjunctions by construction and disjunctions of conjunctions by concatenation, which are the most general forms of Boolean expressions. It is based on a modification of the Boneh-Gentry-Waters broadcast encryption scheme in order to achieve attribute collusion resistance and to support complex Boolean access policies. The security of our scheme is proven in the generic model of groups with pairings. Finally, we compare our scheme to several other Attribute-based Broadcast Encryption designs, both in terms of bandwidth requirements and implementation costs.
{"title":"An efficient public-key attribute-based broadcast encryption scheme allowing arbitrary access policies","authors":"P. Junod, A. Karlov","doi":"10.1145/1866870.1866875","DOIUrl":"https://doi.org/10.1145/1866870.1866875","url":null,"abstract":"We describe a new public-key and provably secure attribute-based broadcast encryption scheme which supports complex access policies with AND, OR and NOT gates. Our scheme, especially targetting the implemention of efficient Pay-TV systems, can handle conjunctions of disjunctions by construction and disjunctions of conjunctions by concatenation, which are the most general forms of Boolean expressions. It is based on a modification of the Boneh-Gentry-Waters broadcast encryption scheme in order to achieve attribute collusion resistance and to support complex Boolean access policies. The security of our scheme is proven in the generic model of groups with pairings. Finally, we compare our scheme to several other Attribute-based Broadcast Encryption designs, both in terms of bandwidth requirements and implementation costs.","PeriodicalId":124354,"journal":{"name":"ACM Digital Rights Management Workshop","volume":"92 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126924596","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pramod A. Jamkhedkar, G. Heileman, Christopher C. Lamb
In this paper, we describe a formal framework for usage management that provides a scaffolding upon which interoperable usage management systems can be built. We apply the principles of system design to standardize certain features of the framework, such as the operational semantics, and leave free of standards areas that necessitate choice and innovation. We demonstrate that such an approach enables us to achieve a balance of flexibility and usability for the purpose of interoperability in usage management systems. We provide a formal model that allows us to define formal semantics for interoperability.
{"title":"An interoperable usage management framework","authors":"Pramod A. Jamkhedkar, G. Heileman, Christopher C. Lamb","doi":"10.1145/1866870.1866885","DOIUrl":"https://doi.org/10.1145/1866870.1866885","url":null,"abstract":"In this paper, we describe a formal framework for usage management that provides a scaffolding upon which interoperable usage management systems can be built. We apply the principles of system design to standardize certain features of the framework, such as the operational semantics, and leave free of standards areas that necessitate choice and innovation. We demonstrate that such an approach enables us to achieve a balance of flexibility and usability for the purpose of interoperability in usage management systems. We provide a formal model that allows us to define formal semantics for interoperability.","PeriodicalId":124354,"journal":{"name":"ACM Digital Rights Management Workshop","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123980898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Changjiang Zhang, Jianmin Wang, C. Thomborson, Chaokun Wang, C. Collberg
Software protection and security has been a more and more important issue. In order to prevent software from unauthorized use and modification, a great many techniques have been proposed and developed. In this paper, we address this issue through a prevention technique called software watermarking, and we propose a novel software watermarking scheme, which can embed multiple non-interfering watermarks into the same program. Unlike published schemes, this scheme encodes the watermark into mapping functions and then embeds the mapping codes, which are generated from these functions, into the program at the articulation points of its control flow graph. The extraction in this scheme, which is based on dynamically loading a reconstructed program to recover the watermark, is also a novel approach to the software watermarking field. Experimental results indicate that the size and performance overheads caused by this scheme can keep steady.
{"title":"A semi-dynamic multiple watermarking schemefor java applications","authors":"Changjiang Zhang, Jianmin Wang, C. Thomborson, Chaokun Wang, C. Collberg","doi":"10.1145/1655048.1655058","DOIUrl":"https://doi.org/10.1145/1655048.1655058","url":null,"abstract":"Software protection and security has been a more and more important issue. In order to prevent software from unauthorized use and modification, a great many techniques have been proposed and developed. In this paper, we address this issue through a prevention technique called software watermarking, and we propose a novel software watermarking scheme, which can embed multiple non-interfering watermarks into the same program. Unlike published schemes, this scheme encodes the watermark into mapping functions and then embeds the mapping codes, which are generated from these functions, into the program at the articulation points of its control flow graph. The extraction in this scheme, which is based on dynamically loading a reconstructed program to recover the watermark, is also a novel approach to the software watermarking field. Experimental results indicate that the size and performance overheads caused by this scheme can keep steady.","PeriodicalId":124354,"journal":{"name":"ACM Digital Rights Management Workshop","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114534753","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We propose an operational model for formalising and enforcing rights expression languages based on the concept of a rights expression compiler. Our compiler transforms an XML-based rights expression into a programme for a virtual machine. This approach provides a formal way of defining semantics for rights expression languages that can be directly used in practice to enforce the expressions while ensuring their consistency and correctness. We further argue that our model eliminates a number of limitations in previous attempts to associate rights expression languages with formal semantics. We demonstrate the power and practicality of our model by using it to develop operational semantics for the OMA Rights Expression Language, from which a real interpreter can be derived with relatively little effort.
{"title":"On the operational semantics of rights expression languages","authors":"N. Sheppard, R. Safavi-Naini","doi":"10.1145/1655048.1655052","DOIUrl":"https://doi.org/10.1145/1655048.1655052","url":null,"abstract":"We propose an operational model for formalising and enforcing rights expression languages based on the concept of a rights expression compiler. Our compiler transforms an XML-based rights expression into a programme for a virtual machine. This approach provides a formal way of defining semantics for rights expression languages that can be directly used in practice to enforce the expressions while ensuring their consistency and correctness. We further argue that our model eliminates a number of limitations in previous attempts to associate rights expression languages with formal semantics. We demonstrate the power and practicality of our model by using it to develop operational semantics for the OMA Rights Expression Language, from which a real interpreter can be derived with relatively little effort.","PeriodicalId":124354,"journal":{"name":"ACM Digital Rights Management Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128681098","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
J. Troncoso-Pastoriza, Pedro Comesaña Alfaro, L. Pérez-Freire, F. Pérez-González
Privacy and security have always been key concerns for individuals. They have also been closely related concepts: in order to increase their perception of security, people sacrifice a part of their privacy by accepting to be surveilled by others. The tradeoff between both is usually reasonable and commonly accepted; however, the case of videosurveillance systems has been particularly controversial since their inception, as their benefits are not perceived to compensate for the privacy loss in many cases. The situation has become even worse during the last years with the massive deployment of these systems, which often do not provide satisfactory guarantees for the citizens. This paper proposes a DRM-based framework for videosurveillance to achieve a better balance between both concepts: it protects privacy of the surveilled individuals, whilst giving support to efficient automated surveillance.
{"title":"Videosurveillance and privacy: covering the two sides of the mirror with DRM","authors":"J. Troncoso-Pastoriza, Pedro Comesaña Alfaro, L. Pérez-Freire, F. Pérez-González","doi":"10.1145/1655048.1655061","DOIUrl":"https://doi.org/10.1145/1655048.1655061","url":null,"abstract":"Privacy and security have always been key concerns for individuals. They have also been closely related concepts: in order to increase their perception of security, people sacrifice a part of their privacy by accepting to be surveilled by others. The tradeoff between both is usually reasonable and commonly accepted; however, the case of videosurveillance systems has been particularly controversial since their inception, as their benefits are not perceived to compensate for the privacy loss in many cases. The situation has become even worse during the last years with the massive deployment of these systems, which often do not provide satisfactory guarantees for the citizens. This paper proposes a DRM-based framework for videosurveillance to achieve a better balance between both concepts: it protects privacy of the surveilled individuals, whilst giving support to efficient automated surveillance.","PeriodicalId":124354,"journal":{"name":"ACM Digital Rights Management Workshop","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132843710","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: