Preventing Unofficial Information Propagation

  • Zhengyi Le
  • Yi Ouyang
  • Yurong Xu
  • James Ford
  • Fillia Makedon
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4861)

Abstract

Digital copies are susceptible to theft and vulnerable to leakage, copying, or manipulation. When someone (or some group), who has stolen, leaked, copied, or manipulated digital documents propagates the documents over the Internet and/or distributes those through physical distribution channels many challenges arise which document holders must overcome in order to mitigate the impact to their privacy or business. This paper focuses on the propagation problem of digital credentials, which may contain sensitive information about a credential holder. Existing work such as access control policies and the Platform for Privacy Preferences (P3P) assumes that qualified or certified credential viewers are honest and reliable. The proposed approach in this paper uses short-lived credentials based on reverse forward secure signatures to remove this assumption and mitigate the damage caused by a dishonest or honest but compromised viewer.

Keywords

Signature Scheme Access Control Policy Privacy Preference Trust Negotiation Digital Credential 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Revocation Made Simpler (January 2006), http://www.pgp.com/downloads/whitepapers
  2. 2.
    The Platform for Privacy Preferences 1.1 (P3P1.1) Specification (November 2006), http://www.w3.org/TR/P3P11/
  3. 3.
    Abdalla, M., Reyzin, L.: A New Forward-Secure Digital Signature Scheme. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 116–129. Springer, Heidelberg (2000)Google Scholar
  4. 4.
    Bellare, M., Miner, S.K.: A Forward-Secure Digital Signature Scheme. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 431–448. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Yee, B.: Forward-Security in Private-Key Cryptography. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 1–18. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Bertino, E., Ferrari, E., Squicciarini, A.C.: Privacy-Preserving Trust Negotiation. In: Proc. of the 4th Workshop on Privacy Enhancing Technologies, pp. 283–301 (2004)Google Scholar
  7. 7.
    Bertino, E., Ferrari, E., Squicciarini, A.C.: Trust-X: A Peer-to-Peer Framework for Trust Establishment. IEEE Trans. Knowl. Data Eng. 16(7), 827–842 (2004)CrossRefGoogle Scholar
  8. 8.
    Canetti, R., Halevi, S., Katz, J.: A Forward-Secure Public-Key Encryption Scheme. In: Biham, E. (ed.) EUROCRPYT 2003. LNCS, vol. 2656, pp. 255–271. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Dodis, Y., Katz, J., Xu, S., Yung, M.: Strong Key-Insulated Signature Schemes. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 130–144. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  10. 10.
    Domingo-Ferrer, J.: On the Synergy Between Certificate Verification Trees and PayTree-like Micropayments. In: Katsikas, S.K., Gritzalis, S., Lopez, J. (eds.) EuroPKI 2004. LNCS, vol. 3093, pp. 180–190. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  11. 11.
    Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1986)CrossRefGoogle Scholar
  12. 12.
    Guillou, L.C., Quisquater, J.-J.: A “Paradoxical” Indentity-Based Signature Scheme Resulting from Zero-Knowledge. In: Proc. of Advances in Cryptology - Advances in Cryptology - CRYPTO 88, 8th Annual International Cryptology Conference, pp. 216–231 (1988)Google Scholar
  13. 13.
    Itkis, G., Reyzin, L.: Forward-Secure Signatures with Optimal Signing and Verifying. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 332–354. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Itkis, G., Reyzin, L.: SiBIR: Signer-Base Intrusion-Resilient Signatures. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 499–514. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Kozlov, A., Reyzin, L.: Forward-Secure Signatures with Fast Key Update. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 241–256. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Krawczyk, H.: Simple Forward-Secure Signatures From Any Signature Scheme. In: Proc. of the 7th ACM Conference on Computer and Communication Security, CCS 2000, pp. 108–115 (2000)Google Scholar
  17. 17.
    Muñoz, J.L., Forné, J., Castro, J.C.: Evaluation of Certificate Revocation Policies: OCSP vs. Overissued-CRL. In: Hameurlain, A., Cicchetti, R., Traunmüller, R. (eds.) DEXA 2002, pp. 511–518. IEEE Computer Society, Los Alamitos (2002)Google Scholar
  18. 18.
    Ong, H., Schnorr, C.: Fast Signature Generation with a Fiat Shamir—Like Scheme. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 432–440. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  19. 19.
    Seamons, K.E., Winslett, M., Yu, T., Yu, L., Jarvis, R.: Protecting Privacy during On-Line Trust Negotiation. In: Proceedings of the 4th Workshop on Privacy Enhancing Technologies, pp. 129–143 (2002)Google Scholar
  20. 20.
    Winsborough, W.H., Li, N.: Protecting sensitive attributes in automated trust negotiation. In: WPES 2002. Proc. of the 2002 ACM Workshop on Privacy in the Electronic Society, pp. 41–51 (2002)Google Scholar
  21. 21.
    Winsborough, W.H., Seamons, K., Jones, V.: Automated Trust Negotiation. In: DARPA Information Survivability Conference and Exposition (DISCEX 2000), 1st edn, pp. 64–73 (2000)Google Scholar
  22. 22.
    Yu, T., Winslett, M.: A Unified Scheme for Resource Protection in Automated Trust Negotiation. In: IEEE Symposium on Security and Privacy, pp. 110–122 (2003)Google Scholar
  23. 23.
    Yu, T., Winslett, M., Seamons, K.E.: Interoperable strategies in automated trust negotiation. In: Proc. of the 8th ACM Conference on Computer and Communications Security, CCS 2001, pp. 146–155 (2001)Google Scholar
  24. 24.
    Yu, T., Winslett, M., Seamons, K.E.: Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Trans. Inf. Syst. Secur. 6(1), 1–42 (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Zhengyi Le
    • 1
  • Yi Ouyang
    • 1
  • Yurong Xu
    • 1
  • James Ford
    • 2
  • Fillia Makedon
    • 2
  1. 1.Computer Science Department, Dartmouth College, Hanover, NH, 03755USA
  2. 2.Heracleia Lab, Computer Science and Engineering Department, University of Texas at Arlington, Arlington, TX, 76019USA

Personalised recommendations