In this paper, we propose two server-assisted forward secure signature schemes using Bellare-Miner Scheme. In the first scheme, the user (signer) can employ a server to help her to produce a signature. In the second scheme, the number of employed servers is increased to n, therefore, it is infeasible for an attacker to forge a valid signature if she canpsilat corrupt all servers and the signer. The both schemes maintain the forward secure property. Finally, we prove the proposed schemes are correct and forward secure.
{"title":"Construction of Server-assisted Forward Secure Signature Using Bellare-Miner Scheme","authors":"Jia Yu, Fanyu Kong, Rong Hao, Dexiang Zhang","doi":"10.1109/ISECS.2008.44","DOIUrl":"https://doi.org/10.1109/ISECS.2008.44","url":null,"abstract":"In this paper, we propose two server-assisted forward secure signature schemes using Bellare-Miner Scheme. In the first scheme, the user (signer) can employ a server to help her to produce a signature. In the second scheme, the number of employed servers is increased to n, therefore, it is infeasible for an attacker to forge a valid signature if she canpsilat corrupt all servers and the signer. The both schemes maintain the forward secure property. Finally, we prove the proposed schemes are correct and forward secure.","PeriodicalId":144075,"journal":{"name":"2008 International Symposium on Electronic Commerce and Security","volume":"199 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122555933","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The technology of Data Warehouse is being widely used in decision making and data analysis. Data Warehouse generalizes and consolidates multidimensional (MD) data. Hence, Data Warehouse has become an important platform for OLAP which is based on a MD data model. Therefore, dimensional modeling is a key factor in OLAP data analysis. In this paper, we address the technology of dimensional modeling based on Data Warehouse. Based on the technology of dimensional modeling, we integrate the characters of farm product transaction market in China and take the farm product examination as the subject of data analysis. Then the packet graphic and snowflake schema of farm product examination are designed. Finally, the paper offers the results of the OLAP with farm product examination model.
{"title":"Research and Application on OLAP-based Farm Products Examination Model","authors":"Minghua Han, Chun-hua Ju","doi":"10.1109/ISECS.2008.156","DOIUrl":"https://doi.org/10.1109/ISECS.2008.156","url":null,"abstract":"The technology of Data Warehouse is being widely used in decision making and data analysis. Data Warehouse generalizes and consolidates multidimensional (MD) data. Hence, Data Warehouse has become an important platform for OLAP which is based on a MD data model. Therefore, dimensional modeling is a key factor in OLAP data analysis. In this paper, we address the technology of dimensional modeling based on Data Warehouse. Based on the technology of dimensional modeling, we integrate the characters of farm product transaction market in China and take the farm product examination as the subject of data analysis. Then the packet graphic and snowflake schema of farm product examination are designed. Finally, the paper offers the results of the OLAP with farm product examination model.","PeriodicalId":144075,"journal":{"name":"2008 International Symposium on Electronic Commerce and Security","volume":"119 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117293272","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Increasing incidents of security breaches and identity thefts have pressured organizations to make information security a priority in order to restore consumerspsila trust. As shown in the four case studies reported in this paper, ensuring information security goes beyond advanced technological solutions as it involves a complex interaction process between human actors and these technological solutions. Therefore, we propose an Information Assurance framework to address the complexity of information security, and illustrate the usefulness of our framework by applying it to the four cases. We conclude the study with a discussion and directions for future research.
{"title":"An Information Assurance Framework on Trusted Autonomic Communications","authors":"R. Ng, Linying Dong","doi":"10.1109/ISECS.2008.217","DOIUrl":"https://doi.org/10.1109/ISECS.2008.217","url":null,"abstract":"Increasing incidents of security breaches and identity thefts have pressured organizations to make information security a priority in order to restore consumerspsila trust. As shown in the four case studies reported in this paper, ensuring information security goes beyond advanced technological solutions as it involves a complex interaction process between human actors and these technological solutions. Therefore, we propose an Information Assurance framework to address the complexity of information security, and illustrate the usefulness of our framework by applying it to the four cases. We conclude the study with a discussion and directions for future research.","PeriodicalId":144075,"journal":{"name":"2008 International Symposium on Electronic Commerce and Security","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129942375","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
While role-based access control (RBAC) as an alternative to traditional discretionary and mandatory access controls is very effective and popular, subsequent attempts to apply it in various application environments also revealed some limitations of RBAC. We developed a new type of security policy, called label-based access control policy (LBACP) that can be used for enhancing RBAC. Unlike other access control policies, LBACP is not used independently. On the contrary, it should be combined with other access control policies. The basic principle is defining some labels that specify information flow constraints, and then assigning these labels to other access control policies or their components. The usage of the labeled policy components must conform to the information flow constraints defined by the labels in order to avoid being misused. Thus, some potential information leaks can be avoided. This paper investigates how the LBACP can be used to enhance RBAC.
{"title":"Enforcing Information Flow Constraints in RBAC Environments","authors":"Wei Zhou, C. Meinel","doi":"10.1109/ISECS.2008.57","DOIUrl":"https://doi.org/10.1109/ISECS.2008.57","url":null,"abstract":"While role-based access control (RBAC) as an alternative to traditional discretionary and mandatory access controls is very effective and popular, subsequent attempts to apply it in various application environments also revealed some limitations of RBAC. We developed a new type of security policy, called label-based access control policy (LBACP) that can be used for enhancing RBAC. Unlike other access control policies, LBACP is not used independently. On the contrary, it should be combined with other access control policies. The basic principle is defining some labels that specify information flow constraints, and then assigning these labels to other access control policies or their components. The usage of the labeled policy components must conform to the information flow constraints defined by the labels in order to avoid being misused. Thus, some potential information leaks can be avoided. This paper investigates how the LBACP can be used to enhance RBAC.","PeriodicalId":144075,"journal":{"name":"2008 International Symposium on Electronic Commerce and Security","volume":"107 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129477928","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper analyzes information security in the E-commerce based on game theory, and this game analysis method is applied to information security for the first time. We set up the information security game model of the defender and the attacker, make the equilibrium analysis of this game model, and get the ideal strategy combination. Then we introduce the penalty parameter of the defender and the penalty parameter of the attacker to solve the problem that the restriction condition is not satisfied. The introduction of the penalty parameter of the defender promotes the defender to invest in information security, and the introduction of the penalty parameter of the attacker promotes the attacker to take no attack strategy. This paper provides good reference for information security in the E-commerce.
{"title":"Information Security Game Analysis with Penalty Parameter","authors":"Wei Sun, Xiangwei Kong, Dequan He, Xingang You","doi":"10.1109/ISECS.2008.149","DOIUrl":"https://doi.org/10.1109/ISECS.2008.149","url":null,"abstract":"This paper analyzes information security in the E-commerce based on game theory, and this game analysis method is applied to information security for the first time. We set up the information security game model of the defender and the attacker, make the equilibrium analysis of this game model, and get the ideal strategy combination. Then we introduce the penalty parameter of the defender and the penalty parameter of the attacker to solve the problem that the restriction condition is not satisfied. The introduction of the penalty parameter of the defender promotes the defender to invest in information security, and the introduction of the penalty parameter of the attacker promotes the attacker to take no attack strategy. This paper provides good reference for information security in the E-commerce.","PeriodicalId":144075,"journal":{"name":"2008 International Symposium on Electronic Commerce and Security","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123918922","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper proposes a digital watermarking method based on valve-value surface. First it builds the valve value of curve surface of the original image to get the outline information of the original image; then it embeds watermarks into the edge of the outline. Because the function used by the method to build valve-value surface has high gliding property and easy interpolation ability, the method has strong resistance to attacks like filtering and zooming. The experimental outcome shows that the method has the above advantages.
{"title":"A Numeric Watermark Method Based on Valve-Value Surface","authors":"Hu Zhihua, Niu Jiping","doi":"10.1109/ISECS.2008.94","DOIUrl":"https://doi.org/10.1109/ISECS.2008.94","url":null,"abstract":"This paper proposes a digital watermarking method based on valve-value surface. First it builds the valve value of curve surface of the original image to get the outline information of the original image; then it embeds watermarks into the edge of the outline. Because the function used by the method to build valve-value surface has high gliding property and easy interpolation ability, the method has strong resistance to attacks like filtering and zooming. The experimental outcome shows that the method has the above advantages.","PeriodicalId":144075,"journal":{"name":"2008 International Symposium on Electronic Commerce and Security","volume":"103 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116215577","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
High payload information hiding schemes with the good visual quality of stego images are suitable for steganographic applications such as online content distribution systems. This paper proposes a novel steganographic scheme based on the (7, 4) Hamming code for digital images.The proposed scheme embeds a segment of seven secret bits into a group of seven cover pixels at a time. The experimental results show that the proposed scheme achieves a double embedding payload and a slightly lower visual quality of stego images compared with the related works.
{"title":"A High Payload Steganographic Scheme Based on (7, 4) Hamming Code for Digital Images","authors":"Chinchen Chang, T. Kieu, Yung-Chen Chou","doi":"10.1109/ISECS.2008.222","DOIUrl":"https://doi.org/10.1109/ISECS.2008.222","url":null,"abstract":"High payload information hiding schemes with the good visual quality of stego images are suitable for steganographic applications such as online content distribution systems. This paper proposes a novel steganographic scheme based on the (7, 4) Hamming code for digital images.The proposed scheme embeds a segment of seven secret bits into a group of seven cover pixels at a time. The experimental results show that the proposed scheme achieves a double embedding payload and a slightly lower visual quality of stego images compared with the related works.","PeriodicalId":144075,"journal":{"name":"2008 International Symposium on Electronic Commerce and Security","volume":"96 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121676660","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Image watermarking has played an important role to protect and authenticate the intellectual property. One new advanced watermarking technology is presented in the paper. It incorporates two watermarks in an image to improve the protection and robustness. Before embedded in the host image, a watermark, in form of a PN sequence, is embedded in the wavelet domain of a primary watermark. It is tested by using Lena image as a host and by using the camera man as the primary watermark. The PN sequence is detectable by correlation among other five sequences, and a SNR of 44 dB was obtained. On the other hand, four types of noises are added to the watermarked image, namely luminance change, low pass filtering, compression, and salt and pepper noise. The robustness of the technology is tested by this method. In all above cases the watermark is easy to detect.
{"title":"Research on an Advanced Novel Watermarking Technology with Higher Robustness","authors":"Gengming Zhu","doi":"10.1109/ISECS.2008.143","DOIUrl":"https://doi.org/10.1109/ISECS.2008.143","url":null,"abstract":"Image watermarking has played an important role to protect and authenticate the intellectual property. One new advanced watermarking technology is presented in the paper. It incorporates two watermarks in an image to improve the protection and robustness. Before embedded in the host image, a watermark, in form of a PN sequence, is embedded in the wavelet domain of a primary watermark. It is tested by using Lena image as a host and by using the camera man as the primary watermark. The PN sequence is detectable by correlation among other five sequences, and a SNR of 44 dB was obtained. On the other hand, four types of noises are added to the watermarked image, namely luminance change, low pass filtering, compression, and salt and pepper noise. The robustness of the technology is tested by this method. In all above cases the watermark is easy to detect.","PeriodicalId":144075,"journal":{"name":"2008 International Symposium on Electronic Commerce and Security","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124388428","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper puts forward a new thought of application about the third party assure-payment platform in BtoB mode. The third payment platform has often been applied to BtoC and CtoC, as the guarantee of exchange and payment agency, but now the third payment platform has not play a security role fundamentally. The application about the third payment platform in BtoB has some obstacles. This paper discusses the improvement of guarantee mechanism of the third party payment platform, the operating mode and payment process, analyzes its value chain and charge mode.
{"title":"The Mechanism Design of Third Party Assure-Payment Platform","authors":"Yong Xu","doi":"10.1109/ISECS.2008.18","DOIUrl":"https://doi.org/10.1109/ISECS.2008.18","url":null,"abstract":"This paper puts forward a new thought of application about the third party assure-payment platform in BtoB mode. The third payment platform has often been applied to BtoC and CtoC, as the guarantee of exchange and payment agency, but now the third payment platform has not play a security role fundamentally. The application about the third payment platform in BtoB has some obstacles. This paper discusses the improvement of guarantee mechanism of the third party payment platform, the operating mode and payment process, analyzes its value chain and charge mode.","PeriodicalId":144075,"journal":{"name":"2008 International Symposium on Electronic Commerce and Security","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126202507","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The Fujisaki-Okamoto (FO) conversion is a generic conversion to enhance a public key encryption scheme with security of one-way against chosen plaintext attacks (OW-CPA) to security of indistinguishable against adaptive chosen ciphertext attacks (IND-CCA) in the random oracle model. Existing works have shown that the FO conversion also can generically upgrade the security of the identity-based encryption (IBE) schemes or certificateless public key encryption (CL-PKE) schemes. However, it is still unknown if the same holds for certificate-based encryption (CBE) schemes. In this paper, we investigate the generic security of the CBE scheme obtained by applying the FO conversion to an arbitrary underlying OW-CBE-CPA secure CBE scheme and confirm that the FO conversion can generically convert any OW-CBE-CPA secure CBE into an IND-CBE-CCA secure CBE. We also note that the straightforward application of the FO conversion only leads to a CBE scheme with a loose reduction. To solve this problem, we propose an enhanced FO conversion which just introduces minor extra computation overhead, but results in considerably more efficient security reduction.
{"title":"Applying the Fujisaki-Okamoto Conversion to Certificate-based Encryption","authors":"Yang Lu, Jiguo Li, Junmo Xiao","doi":"10.1109/ISECS.2008.61","DOIUrl":"https://doi.org/10.1109/ISECS.2008.61","url":null,"abstract":"The Fujisaki-Okamoto (FO) conversion is a generic conversion to enhance a public key encryption scheme with security of one-way against chosen plaintext attacks (OW-CPA) to security of indistinguishable against adaptive chosen ciphertext attacks (IND-CCA) in the random oracle model. Existing works have shown that the FO conversion also can generically upgrade the security of the identity-based encryption (IBE) schemes or certificateless public key encryption (CL-PKE) schemes. However, it is still unknown if the same holds for certificate-based encryption (CBE) schemes. In this paper, we investigate the generic security of the CBE scheme obtained by applying the FO conversion to an arbitrary underlying OW-CBE-CPA secure CBE scheme and confirm that the FO conversion can generically convert any OW-CBE-CPA secure CBE into an IND-CBE-CCA secure CBE. We also note that the straightforward application of the FO conversion only leads to a CBE scheme with a loose reduction. To solve this problem, we propose an enhanced FO conversion which just introduces minor extra computation overhead, but results in considerably more efficient security reduction.","PeriodicalId":144075,"journal":{"name":"2008 International Symposium on Electronic Commerce and Security","volume":"121 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122242692","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: