Multilateral Security: Enabling Technologies and Their Evaluation

  • Andreas Pfitzmann
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3995)

Abstract

First, multilateral security and its potential are introduced. Then protection goals as well as their synergies and interferences are described. After pointing out some basic facts about security technology in general, a structured overview of technologies for multilateral security is given. An evaluation of the maturity and effectiveness of these technologies shows that some should be applied immediately, while others need quite a bit of further research and development. Finally, a vision for the future is given.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Asokan, N., Janson, P.A., Steiner, M., Waidner, M.: The State of the Art in Electronic Payment Systems. Computer 30(9), 28–35 (1997)CrossRefGoogle Scholar
  2. 2.
    Anderson, R., Needham, R., Shamir, A.: The Steganographic File System. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, pp. 73–82. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  3. 3.
    Asokan, N., Schunter, M., Waidner, M.: Optimistic Protocols for Fair Exchange. In: 4th ACM Conference on Computer and Communications Security, Zürich, pp. 6-17 (April 1997)Google Scholar
  4. 4.
    Baum-Waidner, B.: Ein Service zur Haftungsverteilung für kompromittierte digitale Signaturen. Verläßliche IT-Systeme, GI-Fachtagung VIS 1999, pp. 203–223, DuD Fachbeiträge, Vieweg, Braunschweig, (1999)Google Scholar
  5. 5.
    Bürk, H., Pfitzmann, A.: Value Exchange Systems Enabling Security and Unobservability. Computers & Security 9(8), 715–721 (1990)CrossRefGoogle Scholar
  6. 6.
    Chaum, D.: Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communications of the ACM 24(2), 84–88 (1981)CrossRefGoogle Scholar
  7. 7.
    Chaum, D.: Security without Identification: Transaction Systems to make Big Brother Obsolete. Communications of the ACM 28(10), 1030–1044 (1985)CrossRefGoogle Scholar
  8. 8.
    Chaum, D.: Privacy Protected Payments - Unconditional Payer and/or Payee Untraceability. In: SMART CARD 2000: The Future of IC Cards, Proc. of the IFIP WG 11.6 Intern. Conference, Laxenburg (Austria), 1987, pp. 69–93. North-Holland, Amsterdam (1989)Google Scholar
  9. 9.
    Chaum, D.: Showing credentials without identification: Transferring signatures between unconditionally unlinkable pseudonyms. In: Seberry, J., Pieprzyk, J.P. (eds.) AUSCRYPT 1990. LNCS, vol. 453, pp. 246–264. Springer, Heidelberg (1990)Google Scholar
  10. 10.
    Chaum, D.: Achieving Electronic Privacy. Scientific American, 96–101(August 1992)Google Scholar
  11. 11.
    Cooper, D.A., Birman, K.P.: Preserving Privacy in a Network of Mobile Computers. In: 1995 IEEE Symposium on Research in Security and Privacy, pp. 26–38. IEEE Computer Society Press, Los Alamitos (1995)Google Scholar
  12. 12.
    Canadian System Security Centre; Communications Security Establishment; Government of Canada: The Canadian Trusted Computer Product Evaluation Criteria; Version 3.0e (April 1992)Google Scholar
  13. 13.
    Department of Defense Standard: Department of Defense Trusted Computer System Evaluation Criteria; (December 1985) DOD 5200.28-STD, Supersedes CSC-STD-001-83, dtd 15 August 1983, Library No. S225,711Google Scholar
  14. 14.
    Federrath, H., Jerichow, A., Pfitzmann, A.: Mixes in mobile communication systems: Location management with privacy. In: Anderson, R. (ed.) IH 1996. LNCS, vol. 1174, pp. 121–135. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  15. 15.
    Goldschlag, D., Reed, M., Syverson, P.: Onion Routing for Anonymous and Private Internet Connections. Communications of the ACM 42(2), 39–41 (1999)CrossRefGoogle Scholar
  16. 16.
    European Communities - Commission: ITSEC: Information Technology Security Evaluation Criteria; (Provisional Harmonised Criteria, Version 1.2, 28 June 1991) Office for Official Publications of the European Communities, Luxembourg (1991) (ISBN 92-826-3004-8)Google Scholar
  17. 17.
    Jerichow, A., Müller, J., Pfitzmann, A., Pfitzmann, B., Waidner, M.: Real-Time Mixes: A Bandwidth-Efficient Anonymity Protocol. IEEE Journal on Selected Areas in Communications 16(4), 495–509 (1998)CrossRefGoogle Scholar
  18. 18.
    Pfitzmann, A., Hansen, M.: Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management – A Consolidated Proposal for Terminology, http://dud.inf.tu-dresden.de/Anon_Terminology.shtml
  19. 19.
    Pfitzmann, A.: Biometrie – wie einsetzen und wie nicht? Zum Umgang mit Sicherheitsproblemen von Biometrie und Sicherheits- und Datenschutzproblemen durch Biometrie; digma, Zeitschrift für Datenrecht und Informationssicherheit, Schulthess 5(4), 154–157 (2005)Google Scholar
  20. 20.
    Pfitzmann, A., Waidner, M.: Networks without user observability. Computers & Security 6(2), 158–166 (1987)CrossRefGoogle Scholar
  21. 21.
    Pfitzmann, A., Pfitzmann, B., Schunter, M., Waidner, M.: Trustworthy User Devices. In: Müller, G., Rannenberg, K. (eds.) Multilateral Security in Communications, pp. 137–156. Addison-Wesley, Reading (1999)Google Scholar
  22. 22.
    Pfitzmann, A., Schill, A., Westfeld, A., Wicke, G., Wolf, G., Zöllner, J.: A java-based distributed platform for multilateral security. In: Lamersdorf, W., Merz, M. (eds.) TREC 1998. LNCS, vol. 1402, pp. 52–64. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  23. 23.
    Reiter, M.K., Rubin, A.D.: Anonymous Web Transactions with Crowds. Communications of the ACM 42(2), 32–38 (1999)CrossRefGoogle Scholar
  24. 24.
    Voydock, V.L., Kent, S.T.: Security Mechanisms in High-Level Network Protocols. ACM Computing Surveys 15(2), 135–171 (1983)MathSciNetCrossRefGoogle Scholar
  25. 25.
    Wolf, G., Pfitzmann, A.: Properties of protection goals and their integration into a user interface. Computer Networks 32, 685–699 (2000)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Andreas Pfitzmann
    • 1
  1. 1.Department of Computer ScienceTU DresdenDresdenGermany

Personalised recommendations