Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297941
A. Jøsang, Kent A. Varmedal, C. Rosenberger, R. Kumar
The concept of authentication assurance traditionally refers to the robustness of methods and mechanisms for user authentication, including the robustness of initial registration and provisioning of user credentials, as well as the robustness of mechanisms that enforce user authentication during operation. However, the user is not the only party that needs to be authenticated to ensure security of online transactions. In fact, online service provision always involves two parties, typically the user on the client side and the service provider on the server side, so that mutual authentication between the two sides is required. In contrast to the unilateral focus on user authentication by industry and academia, it is in fact equally important for the user to correctly authenticate the service provider. Unfortunately, little attention is paid to the problem of correctly authentication the service provider. This paper proposes a framework for server and service provider authentication assurance, similarly to frameworks for user authentication assurance that have already been specified, or are currently under development by many national governments.
{"title":"Service provider authentication assurance","authors":"A. Jøsang, Kent A. Varmedal, C. Rosenberger, R. Kumar","doi":"10.1109/PST.2012.6297941","DOIUrl":"https://doi.org/10.1109/PST.2012.6297941","url":null,"abstract":"The concept of authentication assurance traditionally refers to the robustness of methods and mechanisms for user authentication, including the robustness of initial registration and provisioning of user credentials, as well as the robustness of mechanisms that enforce user authentication during operation. However, the user is not the only party that needs to be authenticated to ensure security of online transactions. In fact, online service provision always involves two parties, typically the user on the client side and the service provider on the server side, so that mutual authentication between the two sides is required. In contrast to the unilateral focus on user authentication by industry and academia, it is in fact equally important for the user to correctly authenticate the service provider. Unfortunately, little attention is paid to the problem of correctly authentication the service provider. This paper proposes a framework for server and service provider authentication assurance, similarly to frameworks for user authentication assurance that have already been specified, or are currently under development by many national governments.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131082523","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297920
N. Anciaux, Benjamin Nguyen, M. Vazirgiannis
Application forms are often used by companies and administrations to collect personal data about applicants and tailor services to their specific situation. For example, taxes rates, social care, or personal loans, are usually calibrated based on a set of personal data collected through application forms. In the eyes of privacy laws and directives, the set of personal data collected to achieve a service must be restricted to the minimum necessary. This reduces the impact of data breaches both in the interest of service providers and applicants. In this article, we study the problem of limiting data collection in those application forms, used to collect data and subsequently feed decision making processes. In practice, the set of data collected is far excessive because application forms are filled in without any means to know what data will really impact the decision. To overcome this problem, we propose a reverse approach, where the set of strictly required data items to fill in the application form can be computed on the user's side. We formalize the underlying NP Hard optimization problem, propose algorithms to compute a solution, and validate them with experiments. Our proposal leads to a significant reduction of the quantity of personal data filled in application forms while still reaching the same decision.
{"title":"Limiting data collection in application forms: A real-case application of a founding privacy principle","authors":"N. Anciaux, Benjamin Nguyen, M. Vazirgiannis","doi":"10.1109/PST.2012.6297920","DOIUrl":"https://doi.org/10.1109/PST.2012.6297920","url":null,"abstract":"Application forms are often used by companies and administrations to collect personal data about applicants and tailor services to their specific situation. For example, taxes rates, social care, or personal loans, are usually calibrated based on a set of personal data collected through application forms. In the eyes of privacy laws and directives, the set of personal data collected to achieve a service must be restricted to the minimum necessary. This reduces the impact of data breaches both in the interest of service providers and applicants. In this article, we study the problem of limiting data collection in those application forms, used to collect data and subsequently feed decision making processes. In practice, the set of data collected is far excessive because application forms are filled in without any means to know what data will really impact the decision. To overcome this problem, we propose a reverse approach, where the set of strictly required data items to fill in the application form can be computed on the user's side. We formalize the underlying NP Hard optimization problem, propose algorithms to compute a solution, and validate them with experiments. Our proposal leads to a significant reduction of the quantity of personal data filled in application forms while still reaching the same decision.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129586836","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297924
D. Leblanc, R. Biddle
When people choose to engage in an online activity, such as doing their banking online, or making a purchase through an online merchant, they are making a trust decision about the supplier and source of the website in question. It appears that a large majority of users commonly place their trust in most, if not all, websites they encounter, and this causes significant security problems. Any solutions proposed to reduce the threat of online attacks must include a consideration of the psychological processes of the end users. This paper presents a study with the aim of understanding users' perceptions of the risks involved in engaging in online interactions. Our main findings suggest that users report higher risks associated with activities that are related to finances, such as online banking and online purchases, but attribute lower risk to online activities that are less financially-related, such as using a search engine or engaging in social networking, which are highly valued targets for attackers.
{"title":"Risk perception of internet-related activities","authors":"D. Leblanc, R. Biddle","doi":"10.1109/PST.2012.6297924","DOIUrl":"https://doi.org/10.1109/PST.2012.6297924","url":null,"abstract":"When people choose to engage in an online activity, such as doing their banking online, or making a purchase through an online merchant, they are making a trust decision about the supplier and source of the website in question. It appears that a large majority of users commonly place their trust in most, if not all, websites they encounter, and this causes significant security problems. Any solutions proposed to reduce the threat of online attacks must include a consideration of the psychological processes of the end users. This paper presents a study with the aim of understanding users' perceptions of the risks involved in engaging in online interactions. Our main findings suggest that users report higher risks associated with activities that are related to finances, such as online banking and online purchases, but attribute lower risk to online activities that are less financially-related, such as using a search engine or engaging in social networking, which are highly valued targets for attackers.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"108 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126200318","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297955
P. Chillakanti
Security issues in collaboration with emphasis on access management continue to be researched extensively as technology innovation allows us to collaborate in many different ways. However, this research delves into a different perspective of collaboration security where dynamic virtual teams are put together when a company A acquires company B. In this context company A brings together people, processes, and Technologies from its organization that have to collaborate with their counterparts in the acquired company. The business goal is to seamlessly integrate the acquired companies people, processes, and technologies. The paper presents the inter-enterprise collaboration focus and discusses the relevant security challenges in on boarding. The concept of self-organization and its application to collaboration security is discussed. The notion of security touch points to deal with access management is presented. Finally the security model for on boarding is discussed where four key concepts of structured organization, security touch points, three C's of collaboration, and community driven access management are discussed.
{"title":"Secure collaboration in on boarding companies","authors":"P. Chillakanti","doi":"10.1109/PST.2012.6297955","DOIUrl":"https://doi.org/10.1109/PST.2012.6297955","url":null,"abstract":"Security issues in collaboration with emphasis on access management continue to be researched extensively as technology innovation allows us to collaborate in many different ways. However, this research delves into a different perspective of collaboration security where dynamic virtual teams are put together when a company A acquires company B. In this context company A brings together people, processes, and Technologies from its organization that have to collaborate with their counterparts in the acquired company. The business goal is to seamlessly integrate the acquired companies people, processes, and technologies. The paper presents the inter-enterprise collaboration focus and discusses the relevant security challenges in on boarding. The concept of self-organization and its application to collaboration security is discussed. The notion of security touch points to deal with access management is presented. Finally the security model for on boarding is discussed where four key concepts of structured organization, security touch points, three C's of collaboration, and community driven access management are discussed.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130289800","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297937
Huiying Duan, Peng Yang
There is a serious robust issue of building Reputation Systems for travel-related services, such as hotel, restaurant, etc. This paper proposes an advanced clustering approach, Suspicion Degree Meter (SDM), to rank suspects with respect to manipulative behavior. The detection process proceeds on different layers, review layer, traveller layer and hotel layer. Regarding two types of manipulative behavior, i.e. promoting and demoting manipulation, SDM assigns two real numbers, Suspicion Index for Promoting and Suspicion Index for Demoting, to each object in different layers. Inherent logical implication among different layers is considered to adjust the original value of Suspicion Index. Sets of suspects in different layers are identified. Furthermore, some practical reputation models are proposed to enhance the robustness of Reputation Systems. In the evaluation phase, statistical character of suspects and innocent subpopulation are compared. Some interesting conclusions and phenomena are shown. Meanwhile, by using a proposed reputation-model-comparison approach, Ranking Variation Analysis, all the reputation models are compared in terms of efficiency against manipulation. One of the most significant conclusions is that, although there is not a universal reputation model which fits best for every circumstance, given a set of suspects identified by SDM, local optimization can be achieved.
{"title":"Building robust Reputation Systems for travel-related services","authors":"Huiying Duan, Peng Yang","doi":"10.1109/PST.2012.6297937","DOIUrl":"https://doi.org/10.1109/PST.2012.6297937","url":null,"abstract":"There is a serious robust issue of building Reputation Systems for travel-related services, such as hotel, restaurant, etc. This paper proposes an advanced clustering approach, Suspicion Degree Meter (SDM), to rank suspects with respect to manipulative behavior. The detection process proceeds on different layers, review layer, traveller layer and hotel layer. Regarding two types of manipulative behavior, i.e. promoting and demoting manipulation, SDM assigns two real numbers, Suspicion Index for Promoting and Suspicion Index for Demoting, to each object in different layers. Inherent logical implication among different layers is considered to adjust the original value of Suspicion Index. Sets of suspects in different layers are identified. Furthermore, some practical reputation models are proposed to enhance the robustness of Reputation Systems. In the evaluation phase, statistical character of suspects and innocent subpopulation are compared. Some interesting conclusions and phenomena are shown. Meanwhile, by using a proposed reputation-model-comparison approach, Ranking Variation Analysis, all the reputation models are compared in terms of efficiency against manipulation. One of the most significant conclusions is that, although there is not a universal reputation model which fits best for every circumstance, given a set of suspects identified by SDM, local optimization can be achieved.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121979133","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297943
Muyiwa Olurin, C. Adams, L. Logrippo
Web sites usually express their privacy practices in natural language text that is often complex, informal and possibly confusing. The platform for Privacy Preference (P3P) has been proposed by W3C as a technology for expressing privacy practices of web sites in precise, machine readable language. This paper provides an account of the current status of research on P3P and proposes directions for future research, together with some possible solutions. Cloud computing (SaaS), anti-phishing, and mobile applications are some of the aspects that we consider. We claim that P3P and P3P-based techniques have considerable potential to be developed beyond their current status. The challenge is to design formalized privacy policy languages that can enable computers to process the privacy practices of web sites. In this way, many privacy issues, such as filtering web sites, combining their policies, etc., will be able to be dealt with automatically by privacy agents.
{"title":"Platform for privacy preferences (P3P): Current status and future directions","authors":"Muyiwa Olurin, C. Adams, L. Logrippo","doi":"10.1109/PST.2012.6297943","DOIUrl":"https://doi.org/10.1109/PST.2012.6297943","url":null,"abstract":"Web sites usually express their privacy practices in natural language text that is often complex, informal and possibly confusing. The platform for Privacy Preference (P3P) has been proposed by W3C as a technology for expressing privacy practices of web sites in precise, machine readable language. This paper provides an account of the current status of research on P3P and proposes directions for future research, together with some possible solutions. Cloud computing (SaaS), anti-phishing, and mobile applications are some of the aspects that we consider. We claim that P3P and P3P-based techniques have considerable potential to be developed beyond their current status. The challenge is to design formalized privacy policy languages that can enable computers to process the privacy practices of web sites. In this way, many privacy issues, such as filtering web sites, combining their policies, etc., will be able to be dealt with automatically by privacy agents.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122322572","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297923
Fatema Rashid, A. Miri, I. Woungang
Cloud computing has empowered the individual user by providing seemingly unlimited storage space and availability and accessibility of data anytime and anywhere. Cloud service providers are able to maximize data storage space by incorporating data deduplication into cloud storage. Although data deduplication removes data redundancy and data replication, it also introduces major data privacy and security issues for the user. In this paper, a new privacy-preserving framework that addresses this issue is proposed. Our framework uses an efficient deduplication algorithm to divide a given file into smaller units. These units are then encrypted by the user using the combination of a secure hash function and a block encryption algorithm. An index tree of hash values of these units is also generated and encrypted using an asymmetric search encryption scheme by the user. This index tree will enable the cloud service provider to search through the index and return the requested units. We will show that our proposed framework will allow cloud service and storage providers to employ data deduplication techniques without giving them access to either the users' plaintexts or the users' decryption keys.
{"title":"A secure data deduplication framework for cloud environments","authors":"Fatema Rashid, A. Miri, I. Woungang","doi":"10.1109/PST.2012.6297923","DOIUrl":"https://doi.org/10.1109/PST.2012.6297923","url":null,"abstract":"Cloud computing has empowered the individual user by providing seemingly unlimited storage space and availability and accessibility of data anytime and anywhere. Cloud service providers are able to maximize data storage space by incorporating data deduplication into cloud storage. Although data deduplication removes data redundancy and data replication, it also introduces major data privacy and security issues for the user. In this paper, a new privacy-preserving framework that addresses this issue is proposed. Our framework uses an efficient deduplication algorithm to divide a given file into smaller units. These units are then encrypted by the user using the combination of a secure hash function and a block encryption algorithm. An index tree of hash values of these units is also generated and encrypted using an asymmetric search encryption scheme by the user. This index tree will enable the cloud service provider to search through the index and return the requested units. We will show that our proposed framework will allow cloud service and storage providers to employ data deduplication techniques without giving them access to either the users' plaintexts or the users' decryption keys.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122417920","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297945
A. Noman, C. Adams
In this paper, we present a Data Location Assurance Service (DLAS) solution for the well-known, honest-but-curious server model of the cloud computing environment; the proposed DLAS solution facilitates cloud users not only to give preferences regarding their data location but also to receive verifiable assurance about their data location from the Cloud Service Provider (CSP). Our proposed DLAS solution is based on cryptographic primitives such as zero knowledge sets protocol and ciphertext-policy attribute based encryption. According to the best of our knowledge, we are the first to propose a solution of this kind.
{"title":"DLAS: Data Location Assurance Service for cloud computing environments","authors":"A. Noman, C. Adams","doi":"10.1109/PST.2012.6297945","DOIUrl":"https://doi.org/10.1109/PST.2012.6297945","url":null,"abstract":"In this paper, we present a Data Location Assurance Service (DLAS) solution for the well-known, honest-but-curious server model of the cloud computing environment; the proposed DLAS solution facilitates cloud users not only to give preferences regarding their data location but also to receive verifiable assurance about their data location from the Cloud Service Provider (CSP). Our proposed DLAS solution is based on cryptographic primitives such as zero knowledge sets protocol and ciphertext-policy attribute based encryption. According to the best of our knowledge, we are the first to propose a solution of this kind.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130935998","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297940
Ayman Tajeddine, A. Kayssi, A. Chehab
In this paper, we present CENTER, a CENtralized Trust-based Efficient Routing protocol for wireless sensor networks (WSN). CENTER is a secure and efficient routing protocol that utilizes the powerful sink base station (BS) to identify and ban different types of misbehaving nodes that may interrupt or abuse the functionality of the WSN. In CENTER, the BS periodically accumulates simple local observations of every node and deduces a detailed global view of the network. The BS calculates different quality metrics - namely the maliciousness, cooperation, and compatibility, approximates the battery life, and evaluates the Data Trust and Forwarding Trust values of each node. The BS then uses an effective technique to isolate all “bad” nodes, whether misbehaving or malicious, based on their history. Finally, the BS uses an efficient method to disseminate updated routing information, indicating the uplinks and the next hop downlink for every node. Through its centralized approach, CENTER provides more efficient and secure routing while accounting for the energy-constrained sensor nodes. We present simulation results of CENTER performed using TOSSIM to verify its correctness, security, and reliability.
{"title":"CENTER: A Centralized Trust-Based Efficient Routing protocol for wireless sensor networks","authors":"Ayman Tajeddine, A. Kayssi, A. Chehab","doi":"10.1109/PST.2012.6297940","DOIUrl":"https://doi.org/10.1109/PST.2012.6297940","url":null,"abstract":"In this paper, we present CENTER, a CENtralized Trust-based Efficient Routing protocol for wireless sensor networks (WSN). CENTER is a secure and efficient routing protocol that utilizes the powerful sink base station (BS) to identify and ban different types of misbehaving nodes that may interrupt or abuse the functionality of the WSN. In CENTER, the BS periodically accumulates simple local observations of every node and deduces a detailed global view of the network. The BS calculates different quality metrics - namely the maliciousness, cooperation, and compatibility, approximates the battery life, and evaluates the Data Trust and Forwarding Trust values of each node. The BS then uses an effective technique to isolate all “bad” nodes, whether misbehaving or malicious, based on their history. Finally, the BS uses an efficient method to disseminate updated routing information, indicating the uplinks and the next hop downlink for every node. Through its centralized approach, CENTER provides more efficient and secure routing while accounting for the energy-constrained sensor nodes. We present simulation results of CENTER performed using TOSSIM to verify its correctness, security, and reliability.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"696 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116967046","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-07-16DOI: 10.1109/PST.2012.6297933
J. Golbeck, H. Warren, E. Winer
Users are able to arbitrarily make assertions about themselves online. In many spaces, it is valuable to both the users and information consumers that those statements can be validated and trusted. In this paper, we present the Publish Trust Framework. This leverages Semantic Web technologies to add provenance to the attributes a person wants to assert about themselves. That connects the statements back to their sources which are rated according to their trustworthiness. We discuss the structure of the framework, describe a pilot deployment, and present future directions for this research.
{"title":"Making trusted attribute assertions online with the publish trust framework","authors":"J. Golbeck, H. Warren, E. Winer","doi":"10.1109/PST.2012.6297933","DOIUrl":"https://doi.org/10.1109/PST.2012.6297933","url":null,"abstract":"Users are able to arbitrarily make assertions about themselves online. In many spaces, it is valuable to both the users and information consumers that those statements can be validated and trusted. In this paper, we present the Publish Trust Framework. This leverages Semantic Web technologies to add provenance to the attributes a person wants to assert about themselves. That connects the statements back to their sources which are rated according to their trustworthiness. We discuss the structure of the framework, describe a pilot deployment, and present future directions for this research.","PeriodicalId":434948,"journal":{"name":"2012 Tenth Annual International Conference on Privacy, Security and Trust","volume":"116 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124605148","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: