Thông tin tài liệu
Lecture Notes in Computer Science 5185
Commenced Publication in 1973
Founding and Former Series Editors:
Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen
Editorial Board
David Hutchison
Lancaster University, UK
Takeo Kanade
Carnegie Mellon University, Pittsburgh, PA, USA
Josef Kittler
University of Surrey, Guildford, UK
Jon M. Kleinberg
Cornell University, Ithaca, NY, USA
Alfred Kobsa
University of California, Irvine, CA, USA
Friedemann Mattern
ETH Zurich, Switzerland
John C. Mitchell
Stanford University, CA, USA
Moni Naor
Weizmann Institute of Science, Rehovot, Israel
Oscar Nierstrasz
University of Bern, Switzerland
C. Pandu Rangan
Indian Institute of Technology, Madras, India
Bernhard Steffen
University of Dortmund, Germany
Madhu Sudan
Massachusetts Institute of Technology, MA, USA
Demetri Terzopoulos
University of California, Los Angeles, CA, USA
Doug Tygar
University of California, Berkeley, CA, USA
Gerhard Weikum
Max-Planck Institute of Computer Science, Saarbruecken, Germany
Steven Furnell Sokratis K. Katsikas
Antonio Lioy (Eds.)
Trust, Privacy
and Security
in Digital Business
5th International Conference, TrustBus 2008
Turin, Italy, September 4-5, 2008
Proceedings
13
Volume Editors
Steven Furnell
University of Plymouth
School of Computing, Communications and Electronics
A310, Portland Square, Drake Circus, Plymouth, Devon PL4 8AA, UK
E-mail: sfurnell@jack.see.plymouth.ac.uk
Sokratis K. Katsikas
University of Piraeus
Department of Technology Education and Digital Systems
150 Androutsou St., 18534 Piraeus, Greece
E-mail: ska@unipi.gr
Antonio Lioy
Politecnico di Torino
Dipartimento di Automatica e Informatica
Corso Duca degli Abruzzi 24, 10129 Torino, Italy
E-mail: lioy@polito.it
Library of Congress Control Number: 2008933371
CR Subject Classification (1998): K.4.4, K.4, K.6, E.3, C.2, D.4.6, J.1
LNCS Sublibrary: SL 4 – Security and Cryptology
ISSN
0302-9743
ISBN-10
3-540-85734-6 Springer Berlin Heidelberg New York
ISBN-13
978-3-540-85734-1 Springer Berlin Heidelberg New York
This work is subject to copyright. All rights are reserved, whether the whole or part of the material is
concerned, specifically the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting,
reproduction on microfilms or in any other way, and storage in data banks. Duplication of this publication
or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965,
in its current version, and permission for use must always be obtained from Springer. Violations are liable
to prosecution under the German Copyright Law.
Springer is a part of Springer Science+Business Media
springer.com
© Springer-Verlag Berlin Heidelberg 2008
Printed in Germany
Typesetting: Camera-ready by author, data conversion by Scientific Publishing Services, Chennai, India
Printed on acid-free paper SPIN: 12511266 06/3180 543210
Preface
This book contains the proceedings of the 5th International Conference on Trust,
Privacy and Security in Digital Business (TrustBus 2008), held in Turin, Italy on 4–5
September 2008. Previous events in the TrustBus series were held in Zaragoza, Spain
(2004), Copenhagen, Denmark (2005), Krakow, Poland (2006), and Regensburg,
Germany (2007). TrustBus 2008 brought together academic researchers and industrial
developers to discuss the state of the art in technology for establishing trust, privacy
and security in digital business. We thank the attendees for coming to Turin to partici-
pate and debate upon the latest advances in this area.
The conference program included one keynote presentation and six technical paper
sessions. The keynote speech was delivered by Andreas Pfitzmann from the Technical
University of Dresden, Germany, on the topic of “Biometrics – How to Put to Use and
How Not at All”. The reviewed paper sessions covered a broad range of topics, in-
cluding trust and reputation systems, security policies and identity management, pri-
vacy, intrusion detection and authentication, authorization and access control. Each of
the submitted papers was assigned to five referees for review. The program committee
ultimately accepted 18 papers for inclusion in the proceedings.
We would like to express our thanks to the various people who assisted us in orga-
nizing the event and formulating the program. We are very grateful to the program
committee members and the external reviewers for their timely and thorough reviews
of the papers. Thanks are also due to the DEXA organizing committee for supporting
our event, and in particular to Gabriela Wagner for her assistance and support with the
administrative aspects.
Finally we would like to thank all the authors that submitted papers for the event,
and contributed to an interesting set of conference proceedings.
September 2008
Steven Furnell
Sokratis Katsikas
Antonio Lioy
Organization
Program Committee
General Chairperson
Antonio Lioy Politecnico di Torino, Italy
Conference Program Chairpersons
Steven Furnell, University of Plymouth, UK
Sokratis Katsikas University of Piraeus, Greece
Program Committee Members
Vijay Atluri Rutgers University, USA
Marco Casassa Mont HP Labs Bristol, UK
David Chadwick University of Kent, UK
Nathan Clarke University of Plymouth, UK
Richard Clayton University of Cambridge, UK
Frederic Cuppens ENST Bretagne, France
Ernesto Damiani Università degli Studi di Milano, Italy
Ed Dawson Queensland University of Technology, Australia
Sabrina De Capitani di Vimercati University of Milan, Italy
Hermann De Meer University of Passau, Germany
Jan Eloff University of Pretoria, South Africa
Eduardo B. Fernandez Florida Atlantic University, USA
Carmen Fernandez-Gago University of Malaga, Spain
Elena Ferrari University of Insubria, Italy
Simone Fischer-Huebner University of Karlstad, Sweden
Carlos Flavian University of Zaragoza, Spain
Juan M. Gonzalez-Nieto Queensland University of Technology, Australia
Rüdiger Grimm University of Koblenz, Germany
Dimitris Gritzalis Athens University of Economics and Business,
Greece
Stefanos Gritzalis University of the Aegean, Greece
Ehud Gudes Ben-Gurion University, Israel
Sigrid Gürgens Fraunhofer Institute for Secure Information
Technology, Germany
Carlos Gutierrez University of Castilla-La Mancha, Spain
Organization
VIII
Marit Hansen Independent Center for Privacy Protection,
Germany
Audun Jøsang Queensland University of Technology, Australia
Tom Karygiannis NIST, USA
Dogan Kesdogan NTNU Trondheim, Norway
Hiroaki Kikuchi Tokai University, Japan
Spyros Kokolakis University of the Aegean, Greece
Costas Lambrinoudakis University of the Aegean, Greece
Leszek Lilien Western Michigan University, USA
Javier Lopez University of Malaga, Spain
Antonio Mana Gomez University of Malaga, Spain
Olivier Markowitch Université Libre de Bruxelles, Belgium
Fabio Martinelli CNR, Italy
Chris Mitchell Royal Holloway College, University of London,
UK
Guenter Mueller University of Freiburg, Germany
Eiji Okamoto University of Tsukuba, Japan
Martin S. Olivier University of Pretoria, South Africa
Rolf Oppliger eSecurity Technologies, Switzerland
Maria Papadaki University of Plymouth, UK
Ahmed Patel Kingston University, UK
Guenther Pernul University of Regensburg, Germany
Andreas Pfitzmann Dresden University of Technology, Germany
Hartmut Pohl FH Bonn-Rhein-Sieg, Germany
Karl Posch University of Technology Graz, Austria
Torsten Priebe Capgemini, Austria
Gerald Quirchmayr University of Vienna, Austria
Christoph Ruland University of Siegen, Germany
Pierangela Samarati University of Milan, Italy
Matthias Schunter IBM Zurich Research Lab., Switzerland
Mikko T. Siponen University of Oulu, Finland
Adrian Spalka CompuGROUP Holding AG, Germany
A Min Tjoa Technical University of Vienna, Austria
Allan Tomlinson Royal Holloway College, University of London,
UK
Christos Xenakis University of Piraeus, Greece
Jianying Zhou I2R, Singapore
External Reviewers
Carlos A. Gutierrez Garcia University of Castilla-La Mancha, Spain
Andrea Perego University of Insubria, Italy
Table of Contents
Invited Lecture
Biometrics–HowtoPuttoUseandHowNotatAll? 1
Andreas Pfitzmann
Trust
A Map of Trust between Trading Partners 8
John Debenham and Carles Sierra
Implementation of a TCG-Based Trusted Computing in Mobile
Device 18
SuGil Choi, JinHee Han, JeongWoo Lee, JongPil Kim, and
SungIk Jun
A Model for Trust Metrics Analysis 28
Isaac Agudo, Carmen Fernandez-Gago, and Javier Lopez
Authentication, Authorization and Access Control
Patterns and Pattern Diagrams for Access Control 38
Eduardo B. Fernandez, G¨unther Pernul, and
Maria M. Larrondo-Petrie
A Spatio-temporal Access Control Model Supporting Delegation for
Pervasive Computing Applications 48
Indrakshi Ray and Manachai Toahchoodee
A Mechanism for Ensuring the Validity and Accuracy of the Billing
Services in IP Telephony 59
Dimitris Geneiatakis, Georgios Kambourakis, and
Costas Lambrinoudakis
Reputation Systems
Multilateral Secure Cross-Community Reputation Systems for Internet
Communities 69
Franziska Pingel and Sandra Steinbrecher
Fairness Emergence through Simple Reputation 79
Adam Wierzbicki and Radoslaw Nielek
X Table of Contents
Combining Trust and Reputation Management for Web-Based
Services 90
Audun Jøsang, Touhid Bhuiyan, Yue Xu, and Clive Cox
Security Policies and Identity Management
Controlling Usage in Business Process Workflows through Fine-Grained
Security Policies 100
Benjamin Aziz, Alvaro Arenas, Fabio Martinelli,
Ilaria Matteucci, and Paolo Mori
Spatiotemporal Connectives for Security Policy in the Presence of
Location Hierarchy 118
Subhendu Aich, Shamik Sural, and Arun K. Majumdar
BusiROLE: A Model for Integrating Business Roles into Identity
Management 128
Ludwig Fuchs and Anton Preis
Intrusion Detection and Applications of Game
Theory to IT Security Problems
The Problem of False Alarms: Evaluation with Snort and DARPA 1999
Dataset 139
Gina C. Tjhai, Maria Papadaki, Steven M. Furnell, and
Nathan L. Clarke
A Generic Intrusion Detection Game Model in IT Security 151
Ioanna Kantzavelou and Sokratis Katsikas
On the Design Dilemma in Dining Cryptographer Networks 163
Jens O. Oberender and Hermann de Meer
Privacy
Obligations: Building a Bridge between Personal and Enterprise
Privacy in Pervasive Computing 173
Susana Alcalde Bag¨u´es, Jelena Mitic, Andreas Zeidler,
Marta Tejada, Ignacio R. Matias, and Carlos Fernandez Valdivielso
A User-Centric Protocol for Conditional Anonymity
Revocation 185
Suriadi Suriadi, Ernest Foo, and Jason Smith
Preservation of Privacy in Thwarting the Ballot Stuffing Scheme 195
Wesley Brandi, Martin S. Olivier, and Alf Zugenmaier
Author Index 205
Biometrics –
How to Put to Use and How Not at All?
Andreas Pfitzmann
TU Dresden, Faculty of Computer Science, 01062 Dresden, Germany
Andreas.Pfitzmann@tu-dresden.de
Abstract. After a short introduction to biometrics w.r.t. IT security,
we derive conclusions on how biometrics should be put to use and how
not at all. In particular, we show how to handle security problems of
biometrics and how to handle security and privacy problems caused by
biometrics in an appropriate w ay. The main conclusion is that biometrics
should be used between human being and his/her personal devices only.
1 Introduction
Biometrics is advocated as the solution to admission control nowadays. But
what can biometrics achieve, what not, which side effects do biometrics cause
and which challenges in system design do emerge?
1.1 What Is Biometrics?
Measuring physiological or behavioral characteristics of persons is called biomet-
rics. Measures include the physiological characteristics
– (shape of) face,
– facial thermograms,
– fingerprint,
– hand geometry,
– vein patterns of the retina,
– patterns of the iris, and
– DNA
and the be havioral characteristics
– dynamics of handwriting (e.g., handwritten signatures),
– voice print, and
– gait.
One might make a distinction whether the person whose physiological or behav-
ioral characteristics are measured has to participate explicitly (active biomet-
rics), so (s)he gets to know that a measurement takes place, or whether his/her
explicit participation is not necessary (passive biometrics), so (s)he might not
notice that a measurement takes place.
S.M. Furnell, S.K. Katsikas, and A. Lioy (Eds.): TrustBus 2008, LNCS 5185, pp. 1–7, 2008.
c
Springer-Verlag Berlin Heidelberg 2008
2A.Pfitzmann
1.2 Biometrics for What Purpose?
Physiological or behavioral characteristics are measured and compared with ref-
erence values to
Authenticate (Is this the person (s)he claims to be?), or even to
Identify (Who is this person?).
Both decision problems are the more difficult the larger the set of persons of
which individual persons have to be authenticated or even identified. Particularly
in the case of identification, the precision of the decision degrades with the
number of possible persons drastically.
2 Security Problems of Biometrics
As with all decision problems, biometric authentication/identification may pro-
duce two kinds of errors [1]:
False nonmatch rate: Persons are wrongly not authenticated or wrongly not
identified.
False match rate: Persons are wrongly authenticated or wrongly identified.
False nonmatch rate and false match rate can be traded off by adjusting the
decision threshold. Practical experience has shown that only one error rate can
be kept reasonably small – at the price of a unreasonably high error rate for the
other type.
A biometric technique is more secure for a certain application area than an-
other biometric technique if both error types occur more rarely. It is possible to
adapt the threshold of similarity tests used in biometrics to various application
areas. But if only one of the two error rates should be minimized to a level that
can be provided by well managed authentication and identification systems that
are based on people’s knowledge (e.g., passphrase) or possession (e.g., chip card),
today’s biometric techniques can only provide an unacceptably high error rate
for the other error rate.
Since more than two decades we hear announcements that biometric research
will change this within two years or within four years at the latest. In the mean-
time, I doubt whether such a biometric technique exists, if the additional features
promised by advocates of biometrics shall be provided as well:
– user-friendliness, which limits the quality of data available to pattern recog-
nition, and
– acceptable cost despite possible attackers who profit from technical progress
as well (see below).
In addition to this decision problem being an inherent security problem of bio-
metrics, the implementation of biometric authentication/identification has to en-
sure that the biometric data come from the person at the time of verification and
are neither replayed in time nor relayed in space [2]. This may be more difficult
than it sounds, but it is a common problem of all authentication/identification
mechanisms.
[...]... in a few decades, will possibly undermine the security of biometrics which are predictable from these data – Genome databases and ubiquitous computing (= pervasive computing = networked computers in all physical things) will undermine privacy primarily in the physical world – we will leave biological or digital traces wherever we are – Privacy spaces in the digital world are possible (and needed) and. .. instead of trying to gather and store traffic data for a longer period of time at high costs and for (very) limited use (in the sense of balancing across applications) Acknowledgements Many thanks to my colleagues in general and Rainer B¨hme, Katrin Borceao Pfitzmann, Dr.-Ing Sebastian Clauß, Marit Hansen, Matthias Kirchner, and Sandra Steinbrecher in particular for suggestions to improve this paper and. .. in a world where several countries with different legal systems and security interests (and usually with no regard of foreigners’ privacy) accept entry of foreigners into their country only if the foreigner’s country issued a passport with machine readable and testable digital biometric data or the foreigner holds a stand-alone visa document containing such data? 6 A Pfitzmann 5.3 Stand-Alone Visas Including... between Bayesian and Maximum Entropy Inference In: Bayesian Inference and Maximum Entropy Methods in Science and Engineering, pp 445–461 American Institute of Physics, Melville (2004) 15 Paris, J.: Common sense and maximum entropy Synthese 117, 75–93 (1999) 16 Sierra, C., Debenham, J.: The LOGIC Negotiation Model In: Proceedings Sixth International Conference on Autonomous Agents and Multi Agent Systems... platform and transferred to another platform The TPM provides a range of cryptographic primitives including SHA-1 hash, and signing and verification using RSA There are also protected registers called PCR MPWG defines a new specification on MTM which adds new commands and structures to existing TPM specification in order to enable trusted computing in a mobile device context Integrity Measurement and Verification... structure authorizing a measurement value that is extended into a Platform Configuration Register (PCR) defined in the RIM Cert RIM Cert is a new feature introduced in MPWG [2][3] We wrote a program called RIMCertTool for generating a RIM Cert which is inserted into a section in Executable and Linkable Format (ELF) file As, nowadays, ELF is the standard format for Linux executables and libraries, we use... distributions x and y Finally merging Eqn 3 and Eqn 1 we obtain the method for updating a distribution Xi on receipt of a message µ: Pt+1 (Xi ) = Γi (D(Xi ), Pt (Xi(µ) )) (4) This procedure deals with integrity decay, and with two probabilities: first, the probability z in the percept µ, and second the belief Rt (α, β, µ) that α attached to µ The interaction between agents α and β will involve β making contractual... model (as described in Section 3.1) then the (Shannon) information in u with respect to the distributions in M t is: I(u) = H(M t ) − H(M t+1 ) Let N t ⊆ M t be α’s model of agent β If β sends the utterance u to α then the information about β within u is: H(N t ) − H(N t+1 ) We note that by defining information in terms of the change in uncertainty in M t our measure is based on the way in which that update... give a succinct view of trust References 1 Reece, S., Rogers, A., Roberts, S., Jennings, N.R.: Rumours and reputation: Evaluating multi-dimensional trust within a decentralised reputation system In: 6th International Joint Conference on Autonomous Agents and Multi-agent Systems AAMAS 2007 (2007) 2 Ramchurn, S., Huynh, T., Jennings, N.: Trust in multi-agent systems The Knowledge Engineering Review 19,... according to the German constitution, nobody can be forced to co-operate in producing evidence against himself or against close relatives As infrastructures, e.g., for border control, cannot be upgraded as fast as single machines (in the hands of the attackers) to fabricate replicas of fingers, a loss of security is to be expected overall 3.2 Stealing Body Parts (Safety Problem of Biometrics) In the . researchers and industrial
developers to discuss the state of the art in technology for establishing trust, privacy
and security in digital business. We. Conference on Trust,
Privacy and Security in Digital Business (TrustBus 2008), held in Turin, Italy on 4–5
September 2008. Previous events in the TrustBus
Ngày đăng: 17/01/2014, 02:20
Xem thêm: Tài liệu Trust, Privacy and Security in Digital Business ppt, Tài liệu Trust, Privacy and Security in Digital Business ppt