Abstract
In this paper we identify an undesirable side-effect of combining different email-control mechanisms for protection from unwanted messages, namely, leakage of recipients’ private information to message senders. The problem arises because some email-control mechanisms like bonds, graph-turing tests, etc., inherently leak information, and without discontinuing their use, leakage channels cannot be closed. We formalize the capabilities of an attacker and show how she can launch guessing attacks on recipient’s mail acceptance policy that utilizes leaky mechanism in an effort to avoid unwanted mail.
The attacker in our model guesses the contents of a recipient’s private information. The recipients’ use of leaky mechanisms allow the sender to verify her guess. We assume a constraint logic programming based policy language for specification and evaluation of mail acceptance criteria and present two different program transformations that can prevent guessing attacks while allowing recipients to utilize any email-control mechanism in their policies.
Keywords
- Application layer security
- inference attacks
- information leakage channels
- secrecy
Chapter PDF
References
Adam, N.R., Worthmann, J.C.: Security-control methods for statistical databases: a comparative study. ACM Computing Surveys 21(4), 515–556 (1989)
Dantsin, E., Eiter, T., Gottlob, G., Voronkov, A.: Complexity and expressive power of logic programming. ACM Computing Surveys 33(3), 374–425 (2001)
Delaune, S., Jacquemard, F.: A theory of dictionary attacks and its complexity. In: Proceedings of the 17th IEEE Computer Security Foundations Workshop (CSFW 2004), pp. 2–15 (2004)
Denning, D.E., Schlrer, J.: Inference control for statistical databases. IEEE Computer 16(7), 69–82 (1983)
Dolev, D., Yao, A.: On the security of public-key protocols. IEEE Transaction on Information Theory 29, 198–208 (1983)
Fages, F.: Constructive negation by pruning. Journal of Logic Programming 32/2 (1997)
Jaffar, J., Maher, M.J.: Constraint logic programming: A survey. Journal of Logic Programming 19/20, 503–581 (1994)
Kaushik, S., Winsborough, W., Wijesekera, D., Ammann, P.: Email feedback: A policy-based approach to overcoming false positives. In: 3rd ACM Workshop on Formal Methods in Security Engineering (FMSE 2005), Fairfax, VA, pp. 73–82 (November 2005)
Kaushik, S., Winsborough, W., Wijesekera, D., Ammann, P.: Policy transformation for preventing leakage of sensitive information in email systems. Technical Report ISE-TR-06-05, ISE Dept., George Mason University, Fairfax, VA (May 2006)
Loder, T., Alstyne, M.V., Wash, R.: An economic solution to the spam problem. ACM E-Commerce (2004)
Meier, W., Staffelbach, O.: Fast correlation attacks on certain stream ciphers. Journal of Cryptology 1(3), 159–176 (1989)
Naor, M.: Verification of a human in the loop or identification via the turing test (1996), http://www.wisdom.weizmann.ac.il/~naor/APERS/human_abs.html
Petry, S.: Port 25: The gaping hole in the firewall. In: Proceedings of ACSAC 2002 Annual Computer Security Applications Conference (December 2002)
Reiter, R.: The predicate elimination strategy in theorem proving. In: Proceedings of the Second Annual ACM Symposium on Theory of Computing, Northampton, Massachusetts, pp. 180–183 (1970)
Sato, T.: Equivalence-preserving first-order unfold/fold transformation systems. Theoretical Computer Science 105(1), 57–84 (1992)
Simple Mail Transfer Protocol. RFC 2821 (April 2001)
Tamaki, H., Sato, T.: Unfold/fold transformation of logic programs. In: Tarnlund, S.-A. (ed.) Proceedings of the Second International Conference on Logic Programming, Uppsala, pp. 127–138 (1984)
Willenborg, L., de Waal, T.: Statistical disclosure control in practice. Springer, New York (1996)
Yerazunis, W.S.: Sparse binary polynomial hashing and the CRM114 discriminator. In: 2003 Cambridge Spam Conference Proceedings (2003)
Zhang, M., Tavares, S., Campbell, L.: Information leakage of boolean functions and its relationship to other cryptographic criteria. In: Proceedings of the 2nd ACM Conference on Computer and Communications Security (CCS 1994), Fairfax, pp. 156–165 (1994)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 IFIP International Federation for Information Processing
About this paper
Cite this paper
Kaushik, S., Winsborough, W., Wijesekera, D., Ammann, P. (2006). Policy Transformations for Preventing Leakage of Sensitive Information in Email Systems. In: Damiani, E., Liu, P. (eds) Data and Applications Security XX. DBSec 2006. Lecture Notes in Computer Science, vol 4127. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11805588_12
Download citation
DOI: https://doi.org/10.1007/11805588_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36796-3
Online ISBN: 978-3-540-36799-4
eBook Packages: Computer ScienceComputer Science (R0)