A Bibtex version of the bibliography contained in this page is available
Η αυθεντικοποίηση ενός μηνύματος διακρίνεται στην επαλήθευση της ακεραιότητας του περιεχόμενού του (data integrity) και την επαλήθευση της προέλευσής του (data origin authentication). Οι μηχανισμοί που χρησιμοποιούνται για την υλοποίηση της υπηρεσίας αυθεντικοποίησης μηνυμάτων φέρουν την ονομασία Message Authentication Codes - MAC (Κώδικες Αυθεντικοποίησης Μηνύματος)...
Κακόβουλο είναι το λογισμικό που περιέχει τις απαιτούμενες εντολές για μία επίθεση σε ένα υπολογιστικό σύστημα. Το Κακόβουλο Λογισμικό διακρίνεται σε κατηγορίες, ανάλογα με τον τρόπο αναπαραγωγής του και την αυτονομία του από άλλα προγράμματα-ξενιστές, και σε επιμέρους είδη ανάλογα με τον τρόπο δράσης του. Τα αντίμετρα κατά του Κακόβουλου Λογισμικού διακρίνονται σε τρεις κατηγορίες: αντίμετρα πρόληψης, ανίχνευσης και επανόρθωσης. Κάθε κατηγορία περιλαμβάνει διάφορα είδη αντιμέτρων, εκ των οποίων το πλέον γνωστό είναι το αντιβιοτικό λογισμικό. Το Κακόβουλο Λογισμικό απασχολεί -πλέον- ιδιαίτερα τόσο την επιστημονική κοινότητα, όσο και τους υπεύθυνους διαχείρισης Πληροφοριακών Συστημάτων, λόγω της μεγάλης εξάπλωσής του. Η μεγάλη εξάπλωση του Κακόβουλου Λογισμικού οφείλεται σε τρεις -κυρίως- λόγους: η εξάπλωση των δικτύων δεδομένων, μέσω των οποίων το Κακόβουλο Λογισμικό αναπαράγεται με γρήγορους ρυθμούς, το γεγονός ότι δεν υπάρχει πλέον σαφής διαχωρισμός μεταξύ των εννοιών "δεδομένα" και "εκτελέσιμο πρόγραμμα" (εξαιτίας της εμφάνισης αρχείων δεδομένων που περιέχουν και μακρο-εντολές), και η έλλειψη επίγνωσης των χρηστών σχετικά με τους τρόπους αντιμετώπισης του Κακόβουλου Λογισμικού Σε αυτό το κεφάλαιο παρουσιάζουμε μία κατηγοριοποίηση του Κακόβουλου Λογισμικού και αναλύουμε τα επιμέρους είδη του. Επιπλέον, παρουσιάζουμε τα αντίμετρα που χρησιμοποιούνται κατά του Κακόβουλου Λογισμικού και αναλύουμε ειδικότερα τον τρόπο λειτουργίας του αντιβιοτικού λογισμικού. Τέλος, παρουσιάζουμε συγκεκριμένες μελέτες περιπτώσεων Κακόβουλου Λογισμικού.
We present a set of requirements for Internet voting protocols. We also present a short overview of the most prominent Internet voting protocols published so far, and we provide a comparative evaluation of those protocols, using the set of requirements we have developed. We proceed with discussing our thoughts regarding possible improvements in e-voting protocols. Internet is an application with a vision to the future. Nevertheless, a lot of work needs to be done before it can be accepted for large-scale elections.
A common practice among companies with an online presence is to sign on to a "seal" programme in order to provide customers with a sense of security regarding the protection of their personal data. Companies must adhere to a set of rules, forming a privacy protection policy designed by the seal issuer in accordance to underlying laws, regulatory frameworks and related best practice. Some of the most widely used seal programmes are TRUSTe, BBOnline, WebTrust and BetterWeb. Using the functionality they offer a user can verify online that a specific organisation adheres to a published privacy policy. In this paper, we argue that the verifications means these programmes use are vulnerable to DNS spoofing attacks. Furthermore, we present a privacy policy verification ("seal") scheme, which is not vulnerable to the aforementioned attack. We also argue that there are disadvantages in operating seal schemes that attempt to publicly certify compliance levels with a self-regulatory privacy protection model. On the contrary, these disadvantages are softened when used in a regulatory model that has adopted comprehensive laws to ensure privacy protection.
A wide spectrum of certificate revocation mechanisms is currently in use. A number of them have been proposed by standardisation bodies, while some others have originated from academic or private institutions. What is still missing is a systematic and robust framework for the sound evaluation of these mechanisms. We present a mechanism-neutral framework for the evaluation of certificate status information (CSI) mechanisms. These mechanisms collect, process and distribute CSI. A detailed demonstration of its exploitation is also provided. The demonstration is mainly based on the evaluation of Certificate Revocation Lists, as well as of the Online Certificate Status Protocol. Other well-known CSI mechanisms are also mentioned for completeness.
Several mechanisms have been proposed for disseminating information regarding the status of a digital certificate, each one with its own advantages and disadvantages. We believe that what is still missing from such mechanisms is transparency. A user should not need to comprehend the mechanics of such mechanisms in order to verify a certificate. In this paper, we present a mechanism called ADoCSI that supports transparency in disseminating certificate status information.
Traditional business practice depends on trust relations between the transacting parties. One of the most important aspects of this trust is the quality of the offered services or products. The Web currently constitutes an enabler for Electronic Commerce, providing a global transaction platform that does not require physical presence. However, transferring trust from the physical world to the electronic one is a process that requires a trust infrastructure to be provided by the electronic world. We believe that current infrastructure models based on Trusted Third Parties can be enhanced. We introduce the notion of Digital Seals and we provide a mechanism for transferring the trust placed by users to companies in the physical world, to the electronic one
In this paper we describe a pilot architecture aiming at protecting Web-based medical applications through the development of a virtual private medical network. The basic technology, which is utilized by this integrated architecture, is the Trusted Third Party (TTP). In specific, a TTP is used to generate, distribute, and revoke digital certificates to/from medical practitioners and healthcare organizations wishing to communicate in a secure way. Digital certificates and digital signatures are, in particular, used to provide peer and data origin authentication and access control functionalities. We also propose a logical Public Key Infrastructure (PKI) architecture, which is robust, scalable, and based on standards. This architecture aims at supporting large-scale healthcare applications It supports openness, scalability, flexibility and extensibility, and can be integrated with existing TTP schemes and infrastructures offering transparency and adequate security. Finally, it is demonstrated that the proposed architecture enjoys all desirable usability characteristics, and meets the set of criteria, which constitutes an applicable framework for the development of trusted medical services over the Web.
A Secure Electronic Marketplace involves a significant number of real-time transactions between remote systems, either for commercial or for authentication purposes. The underlying infrastructure of choice to support these transactions seems to be a Distributed Component Architecture. Distributed Component Software (DCS) is the natural convergence of client/server network computing and object oriented technology in a mix providing reusability, scalability and maintainability for software constructs. In DCS a client acquires references to objects provided by components located to remote machines and invokes methods of them as if they were located in its native environment. One implementation [20] also provides the ability to pass objects by value, an approach recently examined also by others [18]. The three major models in the distributed component software industry are OMGs CORBA, Suns Enterprise Java Beans, and Microsofts DCOM. Besides these, we will discuss the progress for interoperable DCS systems performed in TINA, an open architecture for telecommunication services based on CORBA distributed components. In this paper the security models of each architecture are described and their efficiency and flexibility are evaluated in a comparative manner. Finally, upcoming extensions are discussed.
The EUROMED-ETS schema provides a robust security framework for telemedical applications operating over the World Wide Web. It is based on a trusted third party architecture under which certificate authorities store the public-key certificates of participating hospitals and medical practitioners. Digital signatures are used to provide peer and data origin authentication, and, in combination with access control lists, to provide access control. The deployed infrastructure is based on off-the-shelf available clients and servers, and provides functions for electronic registration of participants, session initialisation, user authentication, key generation and personalisation, certificate generation, distribution, storage and retrieval, certificate revocation lists, and auditing. It was found that, as the underlying technologies mature, a Web-based trusted third party architecture provides a viable solution for delivering secure telemedical applications.
The EUROMED-ETS pilot system offers a number of security functionalities using off-the-shelf available products, in order to protect Web-based medical applications. The basic concept used by the proposed security architecture is the Trusted Third Party (TTP). A TTP is used in order to generate, distribute and revoke digital certificates to medical practitioners and healthcare organisations that wish communicate securely. Digital certificates and digital signatures are used to provide peer and data origin authentication and access control. The paper demonstrates how TTPs can be used effectively in order to develop medical applications that run securely over the World Wide Web.
This paper reports on the results obtained by the pilot operation of Trusted Third Parties (TTP) for secure telemedical applications over the WWW The work reported on herein was carried out within the context of EUROMED-ETS, a R&D project funded by the INFOSEC office of Directorate General XIII of the European Union. The paper discusses the platform used, the security needs of the specific application, the TTP solution provided, the steps taken in order to implement the solution at a pilot scale and the results of the pilot opreration; it is compiled using material included in the project deliverables.
There is a scale between authentication and anonymity, which is currently leaning towards the side of authentication, when it comes to e-commerce. Service providers and merchants are usually keeping track of user-related information in order to construct behavioural profiles of their customers. Service providers and merchants also correlate profiles of this kind, stemming from different sources, in order to increase their profit. This correlation is usually performed with the use of Unified Codes. Authentication, confidentiality, integrity, authentication, and non-repudiation are necessary functionalities for enabling e-commerce. Most of the currently used mechanisms that support these services do not provide anonymity. This paper presents PyTHIA, a mechanism, which is based on the use of Message Digest Algorithms and the intermediation of Trusted Third Parties in order to provide anonymity to e-commerce users who have to authenticate themselves in order to access services or buy goods from service providers and merchants respectively. With PyTHIA e-commerce users are able to authenticate without giving away any personal data and without using Unified Codes. In addition, PyTHIA ensures that service providers and merchants can effectively trace a customer in case he behaves maliciously.
A wide spectrum of certificate revocation mechanisms is currently in use. A number of them have been proposed by standardisation bodies, while some others have originated from academic or private institutions. What is still missing is systematic and robust framework for the sound evaluation of these mechanisms. We present a mechanism-neutral framework for the evaluation of mechanisms, which collect, process and distribute certificate status information. A detailed demonstration of its exploitation is also provided. The demonstration is mainly based on the evaluation of Certificate Revocation Lists, as well as of the Online Certificate Status Protocol.
A number of mechanisms have been proposed for generating and disseminating information on the status of certificates. Their operation is different, if not contradicting sometimes, and advantages and disadvantages depend on the requirements of the underlying PKI. PKI designers and implementors should perform a small scale study before deploying such a mechanism in a specific PKI, in order to select the most suitable mechanism for their environment. This paper presents a method for categorising Certificate Status Information mechanisms, depending on their elementary functionality. This taxonomy can be used as a guide for selecting CSI mechanisms to be used in large-scale PKI deployment efforts.
Java is a programming language that conforms to the concept of downloadable, executable content. Java offers a wide range of capabilities to the application programmer, the most important being that a program may be executed remotely, without any modification, on almost any computer regardless of hardware configuration and operating system differences. However, this advantage raises a serious concern : security. When one downloads and executes code from various Internet sources, he is vulnerable to attacks by the code itself. A security scheme must be applied in order to secure the operations of Java programs. In this paper, the Java security scheme is examined and current implementations are evaluated on the basis of their efficiency and flexibility. Finally, proposed enhancements and upcoming extensions to the security model are described.
JAVA is claimed to be a programming language that introduces new methods for platform?independent development and remote execution. However, the ability to download, integrate, and execute code from a remote computer raises serious concerns about JAVA's effect on network security. In this paper, a brief introduction to the JAVA programming language is given, the potential security risks of downloadable executable content is discussed, the details of the proposed JAVA security mechanism are presented, and an evaluation of the current implementations is discussed. Finally, proposed enhancements and upcoming extensions to the security model are described.
The services offered to the Internet community have been constantly increasing the last few years. This is mainly due to the fact that mobile code has matured enough in order to provide the Internet users with high quality applications that can be executed remotely. When a user downloads and executes code from various Internet sources, security issues arise. In this paper, we are addressing the latter and we present a comparative evaluation of the methods used by Java, Safe-Tcl and ActiveX in order to confront with these issues, based on current security functions and implementations as well as on future adjustments and extensions.
This paper reports on the results obtained by the pilot operation of Trusted Third Parties (TTP) for secure telemedical applications over the WWW The work reported on herein was carried out within the context of EUROMED-ETS, a R&D project funded by the INFOSEC office of Directorate General XIII of the European Union. The paper discusses the platform used, the security needs of the specific application, the TTP solution provided, the steps taken in order to implement the solution at a pilot scale and the results of the pilot opreration; it is compiled using material included in the project deliverables.
This paper reports on the results obtained by the pilot operation of Trusted Third Parties (TTP) for secure telemedical applications over the WWW The work reported on herein was carried out within the context of EUROMED-ETS, a R&D project funded by the INFOSEC office of Directorate General XIII of the European Union. The paper discusses the platform used, the security needs of the specific application, the TTP solution provided, the steps taken in order to implement the solution at a pilot scale and the results of the pilot opreration; it is compiled using material included in the project deliverables.
PKI seems to be here to stay. PKI does provide solutions to quite many problems but at the same time it introduces a new problem to be solved: certificate lifecycle management. In this thesis, we focus on certificate revocation and the way that Certificate Status Information (CSI) is being disseminated to the appropriate stakeholders. Quite many CSI mechanisms have been proposed already, each one attempting to improve some aspect or aspects of the CSI dissemination process. This is good for research, simply because this is how research moves on. Step after step, improvement over improvement, counter proposition over proposition, trial and error. However, there does not seem to exist a unified framework for the comparative evaluation (be it qualitative and/or quantitative) of the various CSI mechanisms already proposed in literature. We argue that such an evaluation framework could prove to be useful in further advancing research in the domain, especially now that many different CSI mechanisms have already appeared in the literature. Such an evaluation framework could also prove to be useful in real life scenarios (i.e. outside the research lab), when someone has to decide on the CSI mechanism to use, depending on the needs of the particular case. Another issue with the proposed CSI mechanisms is that they focus on improving performance and timeliness of information, downsizing bandwidth requirements, meeting legal requirements. However, there is one actor in the PKI scene one almost always neglects to take into account: the end user. PKI addresses to the masses, but the average end user is probably not tech savvy. One should not expect the end user to comprehend the inner workings of the CSI mechanism in order to use it effectively. One should not probably expect as well the end user to appreciate the need for locating, retrieving and verifying CSI and to act upon that. It seems that right now the weakest link in the chain of PKI is the end user who may (or may not) use the available CSI mechanisms to verify some signed piece of information or verify the authentication data some entity provides. CSI research should also focus on improving this aspect, i.e. the transparency of CSI mechanisms. In this thesis, we present a taxonomy of CSI mechanisms and an evaluation framework for them. We also use our evaluation framework in order to present a comparative evaluation of the CSI mechanisms proposed in the literature. We believe our evaluation framework can be of use in further researching CSI mechanisms. We then focus on the issue that most CSI mechanisms tend to neglect: that of CSI mechanism transparency. A user should not have to comprehend the mechanics of CSI mechanisms in order to use them and should not also be highly trained regarding security to be able to operate in the PKI world. We develop a prototype for a CSI dissemination mechanism, which we call Alternative Dissemination of Certificate Status Information (ADoCSI). This mechanism uses Software Agents in order to disseminate CSI, and also uses some of the properties and functionality offered by the other CSI mechanisms. We believe that ADoCSI addresses some of the issues that emerge from the use of the other Certificate Status Information dissemination mechanisms. It certainly increases the level of transparency, thus providing a solution to the aforementioned βweakest linkβ problem, being the dependent entity, which one should not expect to have high levels of information security awareness.
There has been an increasing interest in the deployment of Public Key Infrastructures, the past few years. Security issues emerge from the operation of Certification Authorities, as well as the operation of other PKIΒ βΒ related security service providers. Most of them have been addressed and efficient solutions have been found. One of the areas which has to be studied further is the generation and dissemination of information regarding the status of a digital certificate. i In this dissertation, we present a set of evaluation criteria for mechanisms that are used to generate and disseminate Certificate Status Information (CSI). We evaluate the proposed CSI mechanisms according to the aforementioned criteria, and identify the security and performance issues that emerge from their use. i Finally, we develop a prototype specification for a CSI dissemination mechanism, which we call Alternative Dissemination of Certificate Status Information (ADOCSI). This mechanism uses the functionality offered by Software Agents in order to disseminate CSI, and also uses some of the properties and functionality offered by the other CSI mechanisms. We believe that ADOCSI addresses some of the issues that emerge from the use of the other Certificate Status Information dissemination mechanisms.