S. Mauw, Zach Smith, Jorge Toro-Pozo, Rolando Trujillo-Rasua
Distance-bounding protocols are cryptographic protocols that securely establish an upper bound on the physical distance between the participants. Existing symbolic verification frameworks for distance-bounding protocols consider timestamps and the location of agents. In this work we introduce a causality-based characterization of secure distance-bounding that discards the notions of time and location. This allows us to verify the correctness of distance-bounding protocols with standard protocol verification tools. That is to say, we provide the first fully automated verification framework for distance-bounding protocols. By using our framework, we confirmed known vulnerabilities in a number of protocols and discovered unreported attacks against two recently published protocols.
{"title":"Distance-Bounding Protocols: Verification without Time and Location","authors":"S. Mauw, Zach Smith, Jorge Toro-Pozo, Rolando Trujillo-Rasua","doi":"10.1109/SP.2018.00001","DOIUrl":"https://doi.org/10.1109/SP.2018.00001","url":null,"abstract":"Distance-bounding protocols are cryptographic protocols that securely establish an upper bound on the physical distance between the participants. Existing symbolic verification frameworks for distance-bounding protocols consider timestamps and the location of agents. In this work we introduce a causality-based characterization of secure distance-bounding that discards the notions of time and location. This allows us to verify the correctness of distance-bounding protocols with standard protocol verification tools. That is to say, we provide the first fully automated verification framework for distance-bounding protocols. By using our framework, we confirmed known vulnerabilities in a number of protocols and discovered unreported attacks against two recently published protocols.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"10 1","pages":"549-566"},"PeriodicalIF":0.0,"publicationDate":"2018-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79544652","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Michael Z Lee, Alan M Dunn, Jonathan Katz, Brent Waters, Emmett Witchel
We present the design, security proof, and implementation of an anonymous subscription service. Users register for the service by providing some form of identity, which might or might not be linked to a real-world identity such as a credit card, a web login, or a public key. A user logs on to the system by presenting a credential derived from information received at registration. Each credential allows only a single login in any authentication window, or epoch. Logins are anonymous in the sense that the service cannot distinguish which user is logging in any better than random guessing. This implies unlinkability of a user across different logins. We find that a central tension in an anonymous subscription service is the service provider's desire for a long epoch (to reduce server-side computation) versus users' desire for a short epoch (so they can repeatedly "re-anonymize" their sessions). We balance this tension by having short epochs, but adding an efficient operation for clients who do not need unlinkability to cheaply re-authenticate themselves for the next time period. We measure performance of a research prototype of our protocol that allows an independent service to offer anonymous access to existing services. We implement a music service, an Android-based subway-pass application, and a web proxy, and show that adding anonymity adds minimal client latency and only requires 33 KB of server memory per active user.
{"title":"Anon-Pass: Practical Anonymous Subscriptions.","authors":"Michael Z Lee, Alan M Dunn, Jonathan Katz, Brent Waters, Emmett Witchel","doi":"10.1109/SP.2013.29","DOIUrl":"https://doi.org/10.1109/SP.2013.29","url":null,"abstract":"<p><p>We present the design, security proof, and implementation of an anonymous subscription service. Users register for the service by providing some form of identity, which might or might not be linked to a real-world identity such as a credit card, a web login, or a public key. A user logs on to the system by presenting a credential derived from information received at registration. Each credential allows only a single login in any authentication window, or <i>epoch</i>. Logins are anonymous in the sense that the service cannot distinguish which user is logging in any better than random guessing. This implies unlinkability of a user across different logins. We find that a central tension in an anonymous subscription service is the service provider's desire for a long epoch (to reduce server-side computation) versus users' desire for a short epoch (so they can repeatedly \"re-anonymize\" their sessions). We balance this tension by having short epochs, but adding an efficient operation for clients who do not need unlinkability to cheaply re-authenticate themselves for the next time period. We measure performance of a research prototype of our protocol that allows an independent service to offer anonymous access to existing services. We implement a music service, an Android-based subway-pass application, and a web proxy, and show that adding anonymity adds minimal client latency and only requires 33 KB of server memory per active user.</p>","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"2013 ","pages":"319-333"},"PeriodicalIF":0.0,"publicationDate":"2013-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1109/SP.2013.29","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"32096088","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This article is a retrospective of concepts and people who have contributed significantly to the IEEE Symposium on Security and Privacy over the past 30 years. The authors identify many individuals who have contributed to SSP as program chairs, general chairs, and heads of the overseeing IEEE technical committee. They recognize SSP participants who have provided significant leadership in creating and funding opportunities for research and development in security and privacy. Some contributions to advances in security are also discussed in following articles by Carl Landwehr and Douglas Maughan, both of whom have been major instigators of R&D programs at multiple US government agencies. The authors also highlight some influential SSP papers from three decades, and also efforts that have had significant impact in providing or stimulating effective technology transfer, as well as authors and educators whose work provided major contributions to academic curricula, all helping instill trustworthiness into computercommunication security. Finally, they identify some of the anniversary event honorees.
{"title":"Reflections on the 30th Anniversary of the IEEE Symposium on Security and Privacy","authors":"P. Neumann, M. Bishop, S. Peisert, M. Schaefer","doi":"10.1109/SP.2010.43","DOIUrl":"https://doi.org/10.1109/SP.2010.43","url":null,"abstract":"This article is a retrospective of concepts and people who have contributed significantly to the IEEE Symposium on Security and Privacy over the past 30 years. The authors identify many individuals who have contributed to SSP as program chairs, general chairs, and heads of the overseeing IEEE technical committee. They recognize SSP participants who have provided significant leadership in creating and funding opportunities for research and development in security and privacy. Some contributions to advances in security are also discussed in following articles by Carl Landwehr and Douglas Maughan, both of whom have been major instigators of R&D programs at multiple US government agencies. The authors also highlight some influential SSP papers from three decades, and also efforts that have had significant impact in providing or stimulating effective technology transfer, as well as authors and educators whose work provided major contributions to academic curricula, all helping instill trustworthiness into computercommunication security. Finally, they identify some of the anniversary event honorees.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"2 1","pages":"3-13"},"PeriodicalIF":0.0,"publicationDate":"2010-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76006603","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A report on SecureWorld Expo 2005, held 21 to 22 September 2005 in Dearborn, Michigan. The SecureWorld Expo targets business and IT professionals with security concerns and provides them with an industry-wide agenda to help solve those concerns through a partnership with government agencies.
{"title":"SecureWorld Expo 2005","authors":"Faith M. Keikkila","doi":"10.1109/MSP.2005.156","DOIUrl":"https://doi.org/10.1109/MSP.2005.156","url":null,"abstract":"A report on SecureWorld Expo 2005, held 21 to 22 September 2005 in Dearborn, Michigan. The SecureWorld Expo targets business and IT professionals with security concerns and provides them with an industry-wide agenda to help solve those concerns through a partnership with government agencies.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"54 1","pages":"57-60"},"PeriodicalIF":0.0,"publicationDate":"2005-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84592582","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Modern research and development has produced various language-level supports for secure systems design. Safe languages provide a flexible and reliable foundation on which to build. Language-based security abstractions provide systems programmers with an effective means of defining and enforcing security models. Controlled language-execution models can impose fine-grained and powerful restrictions on code at varying levels of trust. Arguably, the most popular modern general-purpose languages, Java and C#, bear witness to the importance of programming language safety and security, being both safe and endowed with sophisticated security models. Research into these topics is ongoing, but perhaps the most important current task is the integration of modern language security technologies (much more efficient and effective than past technologies) with realistic systems design.
{"title":"Programming languages and systems security","authors":"C. Salka","doi":"10.1109/MSP.2005.77","DOIUrl":"https://doi.org/10.1109/MSP.2005.77","url":null,"abstract":"Modern research and development has produced various language-level supports for secure systems design. Safe languages provide a flexible and reliable foundation on which to build. Language-based security abstractions provide systems programmers with an effective means of defining and enforcing security models. Controlled language-execution models can impose fine-grained and powerful restrictions on code at varying levels of trust. Arguably, the most popular modern general-purpose languages, Java and C#, bear witness to the importance of programming language safety and security, being both safe and endowed with sophisticated security models. Research into these topics is ongoing, but perhaps the most important current task is the integration of modern language security technologies (much more efficient and effective than past technologies) with realistic systems design.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"39 1","pages":"80-83"},"PeriodicalIF":0.0,"publicationDate":"2005-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86158780","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
To keep up with malware writers, software producers in both the commercial and open-source software worlds have adopted various automatic software update mechanisms. Some of these mechanisms distribute updates after requesting a user's permission; others install updates automatically. Although such systems provide some short-term relief, they will likely soon become ineffective, and further, they will also become extremely dangerous once they are inevitably co-opted by attackers. If we want the Internet to remain a viable way to communicate and collaborate, we must adopt another, perhaps radically different, model for securing our computers. To better understand this conclusion, we should first re-examine why developers and users are embracing automated update systems.
{"title":"How to win an evolutionary arms race","authors":"Anil Somayaji","doi":"10.1109/MSP.2004.100","DOIUrl":"https://doi.org/10.1109/MSP.2004.100","url":null,"abstract":"To keep up with malware writers, software producers in both the commercial and open-source software worlds have adopted various automatic software update mechanisms. Some of these mechanisms distribute updates after requesting a user's permission; others install updates automatically. Although such systems provide some short-term relief, they will likely soon become ineffective, and further, they will also become extremely dangerous once they are inevitably co-opted by attackers. If we want the Internet to remain a viable way to communicate and collaborate, we must adopt another, perhaps radically different, model for securing our computers. To better understand this conclusion, we should first re-examine why developers and users are embracing automated update systems.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"5 1","pages":"70-72"},"PeriodicalIF":0.0,"publicationDate":"2004-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83539449","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-09-01DOI: 10.1109/MSECP.2003.1236241
I. Acre
The emergence of networkable gadgets, ranging from printers and DSL routers to gaming consoles, cameras, and personal data assistants (PDA), can pose serious risks to an otherwise secure infrastructure. In this installment of Attack Trends, the author examines sample vulnerabilities and research that might point to novel attack vectors that administrators should consider when planning a well thought-out information security strategy.
{"title":"The rise of the gadgets","authors":"I. Acre","doi":"10.1109/MSECP.2003.1236241","DOIUrl":"https://doi.org/10.1109/MSECP.2003.1236241","url":null,"abstract":"The emergence of networkable gadgets, ranging from printers and DSL routers to gaming consoles, cameras, and personal data assistants (PDA), can pose serious risks to an otherwise secure infrastructure. In this installment of Attack Trends, the author examines sample vulnerabilities and research that might point to novel attack vectors that administrators should consider when planning a well thought-out information security strategy.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"102 1","pages":"78-81"},"PeriodicalIF":0.0,"publicationDate":"2003-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90350363","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-07-01DOI: 10.1109/MSECP.2003.1219073
B. Endicoytt-Popuvsky
Has the US become an ethically challenged nation? If so, what does that mean for information assurance (IA) educators? The annual Computer Security Institute (CSI)-Federal Bureau of Investigations (FBI) Computer Crime Survey, typically a barometer of computer crime in the US, presents alarming statistics about rising digital crime rates over our public networks. The survey, which gathered voluntary responses firm US corporations and government agencies, reports that computer crime incidents are reaching epidemic proportions. The erosion of teaching and practicing ethics, coupled with the widespread belief that the Internet provides unbreakable anonymity for users, is a recipe for disaster. The paper discusses ethics in an IA curriculum and IA educational recommendations.
{"title":"Ethics and teaching information assurance","authors":"B. Endicoytt-Popuvsky","doi":"10.1109/MSECP.2003.1219073","DOIUrl":"https://doi.org/10.1109/MSECP.2003.1219073","url":null,"abstract":"Has the US become an ethically challenged nation? If so, what does that mean for information assurance (IA) educators? The annual Computer Security Institute (CSI)-Federal Bureau of Investigations (FBI) Computer Crime Survey, typically a barometer of computer crime in the US, presents alarming statistics about rising digital crime rates over our public networks. The survey, which gathered voluntary responses firm US corporations and government agencies, reports that computer crime incidents are reaching epidemic proportions. The erosion of teaching and practicing ethics, coupled with the widespread belief that the Internet provides unbreakable anonymity for users, is a recipe for disaster. The paper discusses ethics in an IA curriculum and IA educational recommendations.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"47 1","pages":"65-67"},"PeriodicalIF":0.0,"publicationDate":"2003-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84867867","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Our ultimate goal here is to be able to develop robust systems and applications that are capable of satisfying serious requirements, not merely for security but also for reliability, fault tolerance, human safety, and survivability in the face of a wide range of realistic adversities - including hardware malfunctions, software glitches, inadvertent human actions, massive coordinated attacks, and acts of God. Also relevant are additional operational requirements such as interoperability, evolvability and maintainability, as well as discipline in the software development process.
{"title":"Robust Nonproprietary Software","authors":"Peter G. Neumann","doi":"10.1109/SP.2000.10003","DOIUrl":"https://doi.org/10.1109/SP.2000.10003","url":null,"abstract":"Our ultimate goal here is to be able to develop robust systems and applications that are capable of satisfying serious requirements, not merely for security but also for reliability, fault tolerance, human safety, and survivability in the face of a wide range of realistic adversities - including hardware malfunctions, software glitches, inadvertent human actions, massive coordinated attacks, and acts of God. Also relevant are additional operational requirements such as interoperability, evolvability and maintainability, as well as discipline in the software development process.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"34 1","pages":"122-123"},"PeriodicalIF":0.0,"publicationDate":"2000-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83821744","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
“You have zero privacy anyway. Get over it.” Scott McNealy, Sun MicrosystemsWhile secrecy and integrity policies are most often crafted for protection of corporate (e.g., commercial, educational and government) information, we understand privacy policies to be targeted toward the protection of information for and about individuals. The purpose of this panel is to focus on how new technologies are affecting privacy.
{"title":"Is Electronic Privacy Achievable?","authors":"C. Irvine, T. Levin","doi":"10.1109/SP.2000.10001","DOIUrl":"https://doi.org/10.1109/SP.2000.10001","url":null,"abstract":"“You have zero privacy anyway. Get over it.” Scott McNealy, Sun MicrosystemsWhile secrecy and integrity policies are most often crafted for protection of corporate (e.g., commercial, educational and government) information, we understand privacy policies to be targeted toward the protection of information for and about individuals. The purpose of this panel is to focus on how new technologies are affecting privacy.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"62 1","pages":"76-77"},"PeriodicalIF":0.0,"publicationDate":"2000-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77920697","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: