Michael Schläpfer

A new approach towards coercion-resistant remote e-voting in linear time

Remote electronic voting has attracted increasing attention in cryptographic research. A promising protocol presented by Juels et al. is currently widely discussed. Although it offers a remarkably high degree of coercion-resistance under reasonable assumptions, it can not be employed in practice due to its poor efficiency. The improvements that have been proposed either require stronger trust assumptions or turned out to be insecure. In this paper, we present an enhancement of the protocol, which runs in linear time without changing the underlying trust assumptions.

Automatic generation of smart, security-aware GUI models

In many software applications, users access application data using graphical user interfaces (GUIs). There is an important, but little explored, link between visualization and security: when the application data is protected by an access control policy, the GUI should be aware of this and respect the policy. For example, the GUI should not display options to users for actions that they are not authorized to execute on application data. Taking this idea one step further, the application GUI should not just be security-aware, it should also be smart. For example, the GUI should not display options to users for opening other widgets when these widgets will only display options for actions that the users are not authorized to execute on application data. We establish this link between visualization and security using a model-driven development approach. Namely, we define and implement a many-models-to-model transformation that, given a security-design model and a GUI model, makes the GUI model both security-aware and smart.

Efficient vote authorization in coercion-resistant internet voting

Some years ago, Juels et al. introduced the first coercion-resistant Internet voting protocol. Its basic concept is still the most viable approach to address voter coercion and vote selling in Internet voting. However, one of the main open issues is its unrealistic computational requirements of the quadratic-time tallying procedure. In this paper, we examine the cause of this issue, namely the authorization of votes, and summarize the most recent proposals to perform this step in linear time. We explain the key underlying concepts of these proposals and introduce a new protocol based on anonymity sets. The size of these anonymity sets serves as an adjustable security parameter, which determines the degree of coercion-resistance. The main advantage of the new protocol is to move computational complexity introduced in recent works from the voter side to the tallying authority side.

SSG: a model-based development environment for smart, security-aware GUIs

We present a development environment for automatically building smart, security-aware GUIs following a model-based approach. Our environment consists of a number of plugins that have been developed using the Eclipse framework and includes three model editors, a model-transformation tool, and a code generator.

Authentication and Access Control

Access control is the means by which access to system resources is restricted to authorized subjects. Access control has a wide scope and can be found in hardware and software, at all levels of the software stack. This includes memory management, operating systems, middleware application servers, databases and applications.

Logging and Log Analysis

Operating systems and applications typically come with mechanisms for reporting errors as well as security-relevant actions such as users logging on and off. These events are reported as entries in log files. The objective of logging is to make these events transparent and comprehensible. The log files can be used to analyze and optimize services as well as to detect and diagnose security breaches.

The Virtual Environment

In the following chapters we examine a variety of problems related to information security, as they arise in modern computer and communication systems. To deepen your understanding of these problems, we do not merely consider them abstractly. Rather, we additionally provide you with a set of preconfigured virtual machines that allow you to work through the examples actively in a virtual environment.

Certificates and Public Key Cryptography

We concluded the previous chapter by describing the standard way of enabling HTTPS on an Apache web server. Our main goal was to protect the information exchanged between clients and the server from adversaries eavesdropping on communication. In this chapter, we will brush up on public key cryptography and examine its use in more detail.

Web Application Security

This chapter covers web applications and their associated security mechanisms. You will audit web applications and identify vulnerabilities from a user’s (or adversary’s), a maintainer’s and a developer’s perspective. You will exploit the vulnerabilities and see their consequences. Then you will investigate the reasons for the vulnerabilities and finally work on the source code to rectify the underlying problems.