Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297921
Yasser Jafer, H. Viktor, E. Paquet
The aim of privacy-preserving data mining is to construct highly accurate predictive models while not disclosing privacy information. Aggregation functions, such as sum and count are often used to pre-process the data prior to applying data mining techniques to relational databases. Often, it is implicitly assumed that the aggregated (or summarized) data are less likely to lead to privacy violations during data mining. This paper investigates this claim, within the relational database domain. We introduce the PBIRD (Privacy Breach Investigation in Relational Databases) methodology. Our experimental results show that aggregation potentially introduces new privacy violations. That is, potentially harmful attributes obtained with aggregation are often different from the ones obtained from non-aggregated databases. This indicates that, even when privacy is enforced on non-aggregated data, it is not automatically enforced on the corresponding aggregated data. Consequently, special care should be taken during model building in order to fully enforce privacy when the data are aggregated.
{"title":"Aggregation and privacy in multi-relational databases","authors":"Yasser Jafer, H. Viktor, E. Paquet","doi":"10.1109/PST.2012.6297921","DOIUrl":"https://doi.org/10.1109/PST.2012.6297921","url":null,"abstract":"The aim of privacy-preserving data mining is to construct highly accurate predictive models while not disclosing privacy information. Aggregation functions, such as sum and count are often used to pre-process the data prior to applying data mining techniques to relational databases. Often, it is implicitly assumed that the aggregated (or summarized) data are less likely to lead to privacy violations during data mining. This paper investigates this claim, within the relational database domain. We introduce the PBIRD (Privacy Breach Investigation in Relational Databases) methodology. Our experimental results show that aggregation potentially introduces new privacy violations. That is, potentially harmful attributes obtained with aggregation are often different from the ones obtained from non-aggregated databases. This indicates that, even when privacy is enforced on non-aggregated data, it is not automatically enforced on the corresponding aggregated data. Consequently, special care should be taken during model building in order to fully enforce privacy when the data are aggregated.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124815100","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297922
S. Trabelsi, Jakub Sendor
One of the main security concerns related to the cloud hosting and virtualization, is the lack of Trust in the infrastructure. This lack of trust is due to the absence of transparency concerning the data handling and storage conditions. There are no concrete technical guarantees that can convince a potential cloud customer that he is fully controlling his data. In this paper we propose a security service (called SPACE) in the cloud that provides all the tools to data owner to impose his privacy preferences during the virtualization phase. SPACE is based on the sticky policy technology and offers access and usage control functionalities to the data anywhere in the cloud. In addition to the main security features offered by SPACE, new visualization and control functionalities are proposed to make the user fully aware on the storage condition of his private information.
{"title":"Sticky policies for data control in the cloud","authors":"S. Trabelsi, Jakub Sendor","doi":"10.1109/PST.2012.6297922","DOIUrl":"https://doi.org/10.1109/PST.2012.6297922","url":null,"abstract":"One of the main security concerns related to the cloud hosting and virtualization, is the lack of Trust in the infrastructure. This lack of trust is due to the absence of transparency concerning the data handling and storage conditions. There are no concrete technical guarantees that can convince a potential cloud customer that he is fully controlling his data. In this paper we propose a security service (called SPACE) in the cloud that provides all the tools to data owner to impose his privacy preferences during the virtualization phase. SPACE is based on the sticky policy technology and offers access and usage control functionalities to the data anywhere in the cloud. In addition to the main security features offered by SPACE, new visualization and control functionalities are proposed to make the user fully aware on the storage condition of his private information.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124848085","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297942
Jonathan Lung
reCAPTCHA is a technology that aims to stop computers from abusing automated services (e.g., stop spamming) while harnessing a large amount of brainpower to complete tasks amenable to being broken into small quanta. The technology, currently owned by Google, is being used to make old documents searchable with digital text through the process of optical character recognition (OCR). It has proven to be accurate and effective. In this paper, the ethics and legality of reCAPTCHA as it is currently used is discussed. Solutions for improving reCAPTCHA in these two contexts are proposed.
{"title":"Ethical and legal considerations of reCAPTCHA","authors":"Jonathan Lung","doi":"10.1109/PST.2012.6297942","DOIUrl":"https://doi.org/10.1109/PST.2012.6297942","url":null,"abstract":"reCAPTCHA is a technology that aims to stop computers from abusing automated services (e.g., stop spamming) while harnessing a large amount of brainpower to complete tasks amenable to being broken into small quanta. The technology, currently owned by Google, is being used to make old documents searchable with digital text through the process of optical character recognition (OCR). It has proven to be accurate and effective. In this paper, the ethics and legality of reCAPTCHA as it is currently used is discussed. Solutions for improving reCAPTCHA in these two contexts are proposed.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121692443","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297949
C. Müller-Schloer, W. Reif, Jan-Philipp Steghöfer
Nietzsche describes what is at the core of the concept of trust as it is used in agent societies and self-organising systems. Trust describes the expectation of one entity that the other behaves according to a set of rules. If that trust is broken, it is very hard to repair. If it exists, however, it is the basis of cooperation and enables a collective effort that gives a society purpose and allows it to succeed in its respective goals. Self-organisation is often at the root of such collective efforts as it allows the restructuring of a society to adapt to changing objectives, a changing environment, and new cooperation partners. Trust arises in such systems from the interactions of agents and the experiences of attempts to collaborate. It is thus only natural to regard trust and self-organisation together and explore the concepts' relation.
{"title":"3rd edition of the workshop on trustworthy self-organizing systems (TSOS 2012)","authors":"C. Müller-Schloer, W. Reif, Jan-Philipp Steghöfer","doi":"10.1109/PST.2012.6297949","DOIUrl":"https://doi.org/10.1109/PST.2012.6297949","url":null,"abstract":"Nietzsche describes what is at the core of the concept of trust as it is used in agent societies and self-organising systems. Trust describes the expectation of one entity that the other behaves according to a set of rules. If that trust is broken, it is very hard to repair. If it exists, however, it is the basis of cooperation and enables a collective effort that gives a society purpose and allows it to succeed in its respective goals. Self-organisation is often at the root of such collective efforts as it allows the restructuring of a society to adapt to changing objectives, a changing environment, and new cooperation partners. Trust arises in such systems from the interactions of agents and the experiences of attempts to collaborate. It is thus only natural to regard trust and self-organisation together and explore the concepts' relation.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132821799","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297931
Liang Chen, J. Crampton, M. Kollingbaum, T. Norman
The increasing need to share information in dynamic environments has created a requirement for risk-aware access control systems. In this paper, we present a metamodel for risk-aware authorization that captures the key aspects of a system in relation to risk mitigation. In particular, we develop various risk-aware models as instances of the metamodel that broadly differ in the form of risk mitigation that is used (system obligations and user obligations respectively), and study how those obligations are applied to reduce and account for the risk incurred by granting access. Unlike system obligations, an access control system cannot guarantee that user obligations are fulfilled. We propose two approaches to defining risk-aware authorization semantics that takes unfulfilled obligations into account: one is to restrict users' future access because of prior failure to fulfill obligations, and the other is to “reward” users who have been diligent in fulfilling their obligations by permitting risky access requests.
{"title":"Obligations in risk-aware access control","authors":"Liang Chen, J. Crampton, M. Kollingbaum, T. Norman","doi":"10.1109/PST.2012.6297931","DOIUrl":"https://doi.org/10.1109/PST.2012.6297931","url":null,"abstract":"The increasing need to share information in dynamic environments has created a requirement for risk-aware access control systems. In this paper, we present a metamodel for risk-aware authorization that captures the key aspects of a system in relation to risk mitigation. In particular, we develop various risk-aware models as instances of the metamodel that broadly differ in the form of risk mitigation that is used (system obligations and user obligations respectively), and study how those obligations are applied to reduce and account for the risk incurred by granting access. Unlike system obligations, an access control system cannot guarantee that user obligations are fulfilled. We propose two approaches to defining risk-aware authorization semantics that takes unfulfilled obligations into account: one is to restrict users' future access because of prior failure to fulfill obligations, and the other is to “reward” users who have been diligent in fulfilling their obligations by permitting risky access requests.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"136 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132465452","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297947
S. Marouf, Mohamed Shehab, Adharsh Desikan
In this paper we implement a runtime framework that monitors the accesses made by third party Chrome extensions, informs users of the accesses, & allows them to customize extension permissions. The custom permission settings are enforced by the framework at runtime. We evaluated our framework on popular Chrome extensions and were successful in monitoring and controlling their accesses with little overhead.
{"title":"REM: A runtime browser extension manager with fine-grained access control","authors":"S. Marouf, Mohamed Shehab, Adharsh Desikan","doi":"10.1109/PST.2012.6297947","DOIUrl":"https://doi.org/10.1109/PST.2012.6297947","url":null,"abstract":"In this paper we implement a runtime framework that monitors the accesses made by third party Chrome extensions, informs users of the accesses, & allows them to customize extension permissions. The custom permission settings are enforced by the framework at runtime. We evaluated our framework on popular Chrome extensions and were successful in monitoring and controlling their accesses with little overhead.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131316653","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297927
Yusuke Takamatsu, Yuji Kosuga, K. Kono
Many web applications employ session management to keep track of visitors' activities across pages and over periods of time. A session is a period of time linked to a visitor, which is initiated when he/she arrives at a web application and it ends when his/her browser is closed or after a certain time of inactivity. Attackers can hijack a user's session by exploiting session management vulnerabilities by means of session fixation and cross-site request forgery attacks. Even though such session management vulnerabilities can be eliminated in the development phase of web applications, the test operator is required to have detailed knowledge on the attacks and to set up a test environment each time he/she attempts to detect vulnerabilities. We propose a technique that automatically detects session management vulnerabilities in web applications by simulating real attacks. Our technique requires the test operator to only enter a few pieces of basic information about the web application, without requiring a test environment to be set up or detailed knowledge on the web application. Our experiments demonstrated that our technique could detect vulnerabilities in five web applications deployed in the real world.
{"title":"Automated detection of session management vulnerabilities in web applications","authors":"Yusuke Takamatsu, Yuji Kosuga, K. Kono","doi":"10.1109/PST.2012.6297927","DOIUrl":"https://doi.org/10.1109/PST.2012.6297927","url":null,"abstract":"Many web applications employ session management to keep track of visitors' activities across pages and over periods of time. A session is a period of time linked to a visitor, which is initiated when he/she arrives at a web application and it ends when his/her browser is closed or after a certain time of inactivity. Attackers can hijack a user's session by exploiting session management vulnerabilities by means of session fixation and cross-site request forgery attacks. Even though such session management vulnerabilities can be eliminated in the development phase of web applications, the test operator is required to have detailed knowledge on the attacks and to set up a test environment each time he/she attempts to detect vulnerabilities. We propose a technique that automatically detects session management vulnerabilities in web applications by simulating real attacks. Our technique requires the test operator to only enter a few pieces of basic information about the web application, without requiring a test environment to be set up or detailed knowledge on the web application. Our experiments demonstrated that our technique could detect vulnerabilities in five web applications deployed in the real world.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134562025","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297918
D. Correa, A. Sureka, Raghav Sethi
Twitter is a popular micro-blogging website which allows users to post 140-character limit messages called tweets. We demonstrate a cheap and elegant solution - WhACKY! - to harness the multi-source information from tweets to link Twitter profiles across other external services. In particular, we exploit activity feed sharing patterns to map Twitter profiles to their corresponding external service accounts using publicly available APIs. We illustrate a proof-of-concept by mapping 69,496 Twitter profiles to at least one of the five popular external services : Flickr (photo-sharing service), Foursquare (location-based service), YouTube (video-sharing service), Facebook (a popular social network) and LastFM (music-sharing service). We evaluate our solution against a commercial social identity mapping service - FlipTop - and demonstrate the efficiency of our approach. WhACKY! guarantees that the mapped profiles are 100% true-positive and helps quantify the unintended leakage of Personally Identifiable Information (PII) attributes. During the process, WhACKY! is also able to detect duplicate Twitter profiles connected to multiple external services.We also develop a web application based on WhACKY!1 for perusal by Twitterers which can help them better understand unintended leakage of their PII.
{"title":"WhACKY! - What anyone could know about you from Twitter","authors":"D. Correa, A. Sureka, Raghav Sethi","doi":"10.1109/PST.2012.6297918","DOIUrl":"https://doi.org/10.1109/PST.2012.6297918","url":null,"abstract":"Twitter is a popular micro-blogging website which allows users to post 140-character limit messages called tweets. We demonstrate a cheap and elegant solution - WhACKY! - to harness the multi-source information from tweets to link Twitter profiles across other external services. In particular, we exploit activity feed sharing patterns to map Twitter profiles to their corresponding external service accounts using publicly available APIs. We illustrate a proof-of-concept by mapping 69,496 Twitter profiles to at least one of the five popular external services : Flickr (photo-sharing service), Foursquare (location-based service), YouTube (video-sharing service), Facebook (a popular social network) and LastFM (music-sharing service). We evaluate our solution against a commercial social identity mapping service - FlipTop - and demonstrate the efficiency of our approach. WhACKY! guarantees that the mapped profiles are 100% true-positive and helps quantify the unintended leakage of Personally Identifiable Information (PII) attributes. During the process, WhACKY! is also able to detect duplicate Twitter profiles connected to multiple external services.We also develop a web application based on WhACKY!1 for perusal by Twitterers which can help them better understand unintended leakage of their PII.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133941643","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297926
Florian Schmitt, Jan Gassen, E. Gerhards-Padilla
For a long time PDF documents have arrived in the everyday life of the average computer user, corporate businesses and critical structures, as authorities and military. Due to its wide spread in general, and because out-of-date versions of PDF readers are quite common, using PDF documents has become a popular malware distribution strategy. In this context, malicious documents have useful features: they are trustworthy, attacks can be camouflaged by inconspicuous document content, but still, they can often download and install malware undetected by firewall and anti-virus software. In this paper we present PDF Scrutinizer, a malicious PDF detection and analysis tool. We use static, as well as, dynamic techniques to detect malicious behavior in an emulated environment. We evaluate the quality and the performance of the tool with PDF documents from the wild, and show that PDF Scrutinizer reliably detects current malicious documents, while keeping a low false-positive rate and reasonable runtime performance.
{"title":"PDF Scrutinizer: Detecting JavaScript-based attacks in PDF documents","authors":"Florian Schmitt, Jan Gassen, E. Gerhards-Padilla","doi":"10.1109/PST.2012.6297926","DOIUrl":"https://doi.org/10.1109/PST.2012.6297926","url":null,"abstract":"For a long time PDF documents have arrived in the everyday life of the average computer user, corporate businesses and critical structures, as authorities and military. Due to its wide spread in general, and because out-of-date versions of PDF readers are quite common, using PDF documents has become a popular malware distribution strategy. In this context, malicious documents have useful features: they are trustworthy, attacks can be camouflaged by inconspicuous document content, but still, they can often download and install malware undetected by firewall and anti-virus software. In this paper we present PDF Scrutinizer, a malicious PDF detection and analysis tool. We use static, as well as, dynamic techniques to detect malicious behavior in an emulated environment. We evaluate the quality and the performance of the tool with PDF documents from the wild, and show that PDF Scrutinizer reliably detects current malicious documents, while keeping a low false-positive rate and reasonable runtime performance.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"133 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131655673","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297939
Johannes Viehmann
This paper presents the idea for achieving trustworthiness by splitting responsibilities between different parties mutually mistrusting one another. These parties are called mistrust-parties because some kind of mistrust between these parties is actively created to prevent potentially manipulative cooperation. The birth of the S-Network, a universally applicable trustworthy repository, should enable users to make and access reliable publications and secure deposits. The S-Network combines secure long term data storage and preservation in a computer network with non-repudiation and legal validity. This paper describes how one can apply the concept of creating trust with the help of mistrust-parties for the S-Network so that the S-Network itself would be highly trustworthy. Besides being a potential application, the S-Network could also be used as a tool for vital parts in the measures for creating trust with a set of mistrust-parties described in this paper.
{"title":"The theory of creating trust with a set of mistrust-parties","authors":"Johannes Viehmann","doi":"10.1109/PST.2012.6297939","DOIUrl":"https://doi.org/10.1109/PST.2012.6297939","url":null,"abstract":"This paper presents the idea for achieving trustworthiness by splitting responsibilities between different parties mutually mistrusting one another. These parties are called mistrust-parties because some kind of mistrust between these parties is actively created to prevent potentially manipulative cooperation. The birth of the S-Network, a universally applicable trustworthy repository, should enable users to make and access reliable publications and secure deposits. The S-Network combines secure long term data storage and preservation in a computer network with non-repudiation and legal validity. This paper describes how one can apply the concept of creating trust with the help of mistrust-parties for the S-Network so that the S-Network itself would be highly trustworthy. Besides being a potential application, the S-Network could also be used as a tool for vital parts in the measures for creating trust with a set of mistrust-parties described in this paper.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130819463","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: