Anna Cinzia Squicciarini

Trust-/spl Xscr/;: a peer-to-peer framework for trust establishment

—In this paper, we present , a comprehensive XML-based [ ] framework for trust negotiations, specifically conceived for a peer-to-peer environment. Trust negotiation is a promising approach for establishing trust in open systems like the Internet, where sensitive interactions may often occur between entities at first contact, with no prior knowledge of each other. The framework we propose takes into account all aspects related to negotiations, from the specification of the profiles and policies of the involved parties to the selection of the best strategy to succeed in the negotiation. presents a number of innovative features, such as the support for protection of sensitive policies, the use of trust tickets to speed up the negotiation, and the support of different strategies to carry on a negotiation. In this paper, besides presenting the language to encode security information, we present the system architecture and algorithms according to which negotiations can take place.

: A Peer-to-Peer Framework for Trust Establishment

—In this paper, we present , a comprehensive XML-based [ ] framework for trust negotiations, specifically conceived for a peer-to-peer environment. Trust negotiation is a promising approach for establishing trust in open systems like the Internet, where sensitive interactions may often occur between entities at first contact, with no prior knowledge of each other. The framework we propose takes into account all aspects related to negotiations, from the specification of the profiles and policies of the involved parties to the selection of the best strategy to succeed in the negotiation. presents a number of innovative features, such as the support for protection of sensitive policies, the use of trust tickets to speed up the negotiation, and the support of different strategies to carry on a negotiation. In this paper, besides presenting the language to encode security information, we present the system architecture and algorithms according to which negotiations can take place.

Collective privacy management in social networks

Social Networking is one of the major technological phenomena of the Web 2.0, with hundreds of millions of people participating. Social networks enable a form of self expression for users, and help them to socialize and share content with other users. In spite of the fact that content sharing represents one of the prominent features of existing Social Network sites, Social Networks yet do not support any mechanism for collaborative management of privacy settings for shared content. In this paper, we model the problem of collaborative enforcement of privacy policies on shared data by using game theory. In particular, we propose a solution that offers automated ways to share images based on an extended notion of content ownership. Building upon the Clarke-Tax mechanism, we describe a simple mechanism that promotes truthfulness, and that rewards users who promote co-ownership. We integrate our design with inference techniques that free the users from the burden of manually selecting privacy preferences for each picture. To the best of our knowledge this is the first time such a protection mechanism for Social Networking has been proposed. In the paper, we also show a proof-of-concept application, which we implemented in the context of Facebook, one of todays most popular social networks. We show that supporting these type of solutions is not also feasible, but can be implemented through a minimal increase in overhead to end-users.

Privacy preserving multi-factor authentication with biometrics

An emerging approach to the problem of reducing the identity theft is represented by the adoption of biometric authentication systems. Such systems however present however several challenges, related to privacy, reliability, security of the biometric data. Inter-operability is also required among the devices used for the authentication. Moreover, very often biometric authentication in itself is not sufficient as a conclusive proof of identity and has to be complemented with multiple other proofs of identity like passwords, SSN, or other user identifiers. Multi-factor authentication mechanisms are thus required to enforce strong authentication based on the biometric and identifiers of other nature.In this paper we provide a two-phase authentication mechanism for federated identity management systems. The first phase consists of a two-factor biometric authentication based on zero knowledge proofs. We employ techniques from vector-space model to generate cryptographic biometric keys. These keys are kept secret, thus preserving the confidentiality of the biometric data, and at the same time exploit the advantages of a biometric authentication. The second authentication combines several authentication factors in conjunction with the biometric to provide a strong authentication. A key advantage of our approach is that any unanticipated combination of factors can be used. Such authentication system leverages the information of the user that are available from the federated identity management system.

A Brokerage-Based Approach for Cloud Service Selection

The expanding Cloud computing services offer great opportunities for consumers to find the best service and best pricing, which however raises new challenges on how to select the best service out of the huge pool. It is time-consuming for consumers to collect the necessary information and analyze all service providers to make the decision. This is also a highly demanding task from a computational perspective, because the same computations may be conducted repeatedly by multiple consumers who have similar requirements. Therefore, in this paper, we propose a novel brokerage-based architecture in the Cloud, where the Cloud brokers is responsible for the service selection. In particular, we design a unique indexing technique for managing the information of a large number of Cloud service providers. We then develop efficient service selection algorithms that rank potential service providers and aggregate them if necessary. We prove the efficiency and effectiveness of our approach through an experimental study with the real and synthetic Cloud data.

Trust negotiations: concepts, systems, and languages

Trust negotiation is a promising approach for establishing trust in open systems like the Internet, where sensitive interactions may often occur among entities with no prior knowledge of each other. In this article, the authors present a model for trust negotiation systems, and delineate the desiderata that ideal trust negotiation systems should satisfy. In defining trust negotiation requirements, they consider two different issues, policy language requirements and system requirements. They then survey the most interesting proposals that have been presented so far and evaluate them with respect to the identified requirements. Finally, they outline future research directions and identify the open issues that still have to be explored.

Privacy policies for shared content in social network sites

Social networking is one of the major technological phenomena of the Web 2.0, with hundreds of millions of subscribed users. Social networks enable a form of self-expression for users and help them to socialize and share content with other users. In spite of the fact that content sharing represents one of the prominent features of existing Social network sites, they do not provide any mechanisms for collective management of privacy settings for shared content. In this paper, using game theory, we model the problem of collective enforcement of privacy policies on shared data. In particular, we propose a solution that offers automated ways to share images based on an extended notion of content ownership. Building upon the Clarke-Tax mechanism, we describe a simple mechanism that promotes truthfulness and that rewards users who promote co-ownership. Our approach enables social network users to compose friendship based policies based on distances from an agreed upon central user selected using several social networks metrics. We integrate our design with inference techniques that free the users from the burden of manually selecting privacy preferences for each picture. To the best of our knowledge, this is the first time such a privacy protection mechanism for social networking has been proposed. We also extend our mechanism so as to support collective enforcement across multiple social network sites. In the paper, we also show a proof-of-concept application, which we implemented in the context of Facebook, one of today’s most popular social networks. Through our implementation, we show the feasibility of such approach and show that it can be implemented with a minimal increase in overhead to end-users. We complete our analysis by conducting a user study to investigate users’ understanding of co-ownership, usefulness and understanding of our approach. Users responded favorably to the approach, indicating a general understanding of co-ownership and the auction, and found the approach to be both useful and fair.

PP-trust-X: A system for privacy preserving trust negotiations

Trust negotiation is a promising approach for establishing trust in open systems, in which sensitive interactions may often occur between entities with no prior knowledge of each other. Although, to date several trust negotiation systems have been proposed, none of them fully address the problem of privacy preservation. Today, privacy is one of the major concerns of users when exchanging information through the Web and thus we believe that trust negotiation systems must effectively address privacy issues in order to be widely applicable. For these reasons, in this paper, we investigate privacy in the context of trust negotiations. We propose a set of privacy-preserving features for inclusion in any trust negotiation system, such as the support for the P3P standard, as well as a number of innovative features, such as a novel format for encoding digital credentials specifically designed for preserving privacy. Further, we present a variety of interoperable strategies to carry on the negotiation with the aim of improving both privacy and efficiency.

/spl Xscr/-TNL: an XML-based language for trust negotiations

We present /spl Xscr/-TNL, an XML-based language for carrying on trust negotiations. The language provides a flexible way of qualifying the parties involved in the negotiation, which relies on a distinction between credentials and declarations. Additionally, it provides an expressive XML encoding of disclosure policies, where a disclosure policy regulates the disclosure of a resource by imposing conditions on both credentials and negotiations. The language we provide has been especially conceived for handling multiple and heterogeneous credentials and it is flexible enough to express a wide range of protection requirements. Besides describing the language in full details, we show examples of its applicability.

CoPE: Enabling collaborative privacy management in online social networks

Online Social Networks (OSNs) facilitate the creation and maintenance of interpersonal online relationships. Unfortunately, the availability of personal data on social networks may unwittingly expose users to numerous privacy risks. As a result, establishing effective methods to control personal data and maintain privacy within these OSNs have become increasingly important. This research extends the current access control mechanisms employed by OSNs to protect private information shared among users of OSNs. The proposed approach presents a system of collaborative content management that relies on an extended notion of a “content stakeholder.” A tool, Collaborative Privacy Management (CoPE), is implemented as an application within a popular social-networking site, , to ensure the protection of shared images generated by users. We present a user study of our CoPE tool through a survey-based study (n=80). The results demonstrate that regardless of whether Facebook users are worried about their privacy, they like the idea of collaborative privacy management and believe that a tool such as CoPE would be useful to manage their personal information shared within a social network.