Abstract
Nowadays, digital data can be protected by several security services. For example, confidentiality can be provided using encryption mechanisms and authentication can be realized by digital signatures. However, it is usually assumed that only unauthorized users want to manipulate data or attack the system. Often the attacks committed by allegedly trusted users are neglected.
A question following secured transmissions is addressed by the non-repudiation of forwarding service: How to find the responsible person if a data leak comes up? The service provides traceability of confidential data via multiple recipients. Unique tracking data are added to the message each time it is forwarded, and these data are used to generate evidence in case of a conflict. This paper deals with the security aspects of the non-repudiation of forwarding service and explains how the tracking data are protected against targeted manipulations.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Schick, R., Ruland, C.: Document Tracking - On the Way to a New Security Service. In: Conference on Network and Information Systems Security. Conference Proceedings, pp. 89–93 (2011)
Schick, R., Ruland, C.: Data Leakage Tracking – Non-Repudiation of Forwarding. In: Abd Manaf, A., Zeki, A., Zamani, M., Chuprat, S., El-Qawasmeh, E. (eds.) ICIEIS 2011, Part I. CCIS, vol. 251, pp. 163–173. Springer, Heidelberg (2011)
InfoWatch, Global Data Leakage Report (2011), http://infowatch.com/sites/default/files/report/InfoWatch_global_data_leakage_report_2011.pdf
International Organization for Standardization, 13888-1: Information technology - Security techniques - Non-repudiation - Part 1: General (2009)
International Organization for Standardization, 13888-2: Information technology - Security techniques - Non-repudiation - Part 2: Mechanisms using symmetric techniques (2010)
International Organization for Standardization, 13888-3: Information technology - Security techniques - Non-repudiation - Part 3: Mechanisms using asymmetric techniques (2009)
Zhou, J., Gollmann, D.: Evidence and Non-Repudiation. Journal of Network and Computer Applications 20, 267–281 (1997)
International Organization for Standardization, 10181-4: Information technology - Open Systems Interconnection - Security frameworks for open systems: Non-repudiation framework (1997)
Zhou, J., Gollmann, D.: A Fair Non-Repudiation Protocol. In: IEEE Symposium on Security and Privacy, pp. 55–61. IEEE Press (1996)
Cox, I., Miller, M., Bloom, J., Fridrich, J., Kalker, T.: Digital Watermarking and Steganography, 2nd edn. Elsevier (2008)
Network Working Group, Internet X.509 Public Key Infrastructure - Time-Stamp Protocol, TSP (2001)
Network Working Group, Internet X.509 Public Key Infrastructure - Certificate and Certificate Revocation List (CRL) Profile (2008)
Schick, R., Ruland, C.: Introduction of a New Non-Repudiation Service to Protect Sensitive Private Data. In: Advances in Information and Communication Technologies, pp. 71–76. Conference Proceedings (2011)
Provos, N.: A universal steganographic tool (2001), http://www.outguess.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Schick, R., Ruland, C. (2012). On the Security of the Non-Repudiation of Forwarding Service. In: Fischer-Hübner, S., Katsikas, S., Quirchmayr, G. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2012. Lecture Notes in Computer Science, vol 7449. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32287-7_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-32287-7_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32286-0
Online ISBN: 978-3-642-32287-7
eBook Packages: Computer ScienceComputer Science (R0)