Nikos Alexandris

Secure linking of customers, merchants and banks in electronic commerce

Abstract We use the concept of designated 2-verifier proofs to design simple and secure electronic payment systems. Two on-line protocols which link securely Customers, Merchants and Banks are presented. In the first the identity of the Customer is traceable. This protocol can be used for general electronic payment systems. The second protocol can be used for anonymous electronic cash payments. Both protocols have a simple structure and are provably secure.

An Empirical Model for Quantifying Security Based on Services

This paper presents a novel approach for quantifying the security of specific services as well as that of a whole organisation. This is done by reducing the security of any service to five selected security factors which can be measured by posing questions with objective answers. The security of any specific service is the weighted average of those five factors, whereas the overall security is the weighted average of the services.

From High Availability Systems to Fault Tolerant Production Infrastructures

Disaster Recovery Infrastructures, which become an important part of all major IT infrastructures, are usually implemented in a stand-by mode, anticipating a disaster to justify their existence. This paper suggests the transformation of existing High Availability Standby Systems to fully Fault Tolerant Production Infrastructures in order to increase productivity, effectiveness and availability. The most important differences of the two approaches are presented and a transformation strategy that brings together technical and managerial points of view is suggested.

Disaster Recovery Sites as a Tool of Managing Extreme Attacks

This paper presents the use of overlay networks as a tool to confront the consequences of extreme network attacks. In particular, it suggests the use of disaster recovery sites, which are becoming a common practice of all major IT infrastructures. The main goals of this attempt are to enable IT infrastructures to deal with severe network attacks such as denial of service and distributed denial of service attacks as well as insider attacks

Participative HIS development: an approach and a case study

User participation in HIS development is considered essential for achieving systems implementation success. Realizing a participative HIS development, where users are full members of the development team, requires not only choosing an appropriate methodology but also organizing the participation process in a way that is tailored to the particular situation in order to achieve the desired results. A general approach to this problem is presented in this paper. An application of the approach to the particular context of a Greek hospital is described.

Efficient and provably secure key agreement

Data security in computer networks is becoming increasingly important due to the expanding role of distributed computation, distributed databases and tele-communication applications such as electronic mail and electronic funds transfer. For privacy, information which may be highly sensitive or privileged must be encrypted with secret keys which are shared by the communicating parties. These keys are generated by key agreement protocols. Traditionally such protocols were designed by trial and error. History has proven this method to be unreliable: many protocols were broken or serious flaws were exposed. In this paper we discuss the security aspects of key agreement protocols. In particular, we consider two models for provable security, one based on probabilistic encryption, the other on zero-knowledge. We propose a variant of the Diffie-Hellman key agreement protocol which is provably secure and efficient.

Software-Based Receipt-Freeness in On-Line Elections

Electronic elections could be a viable alternative for real-life elections in a democratic society. In traditional elections, a voting booth does more than allow voters to keep their vote secret. The voting booth actually requires that voters vote secretly. If the privacy of the vote was allowed but not required, then a voter could easily sell his vote to a vote-buyer, or be coerced by a coercer. We present a receipt-free election scheme without making any hardware or physical assumptions about the communication channel between the voter and the voting authorities. Our solution is software-based i.e. voters are able to exercise their electoral rights from their home by using a personal computer with Internet access. The only physical assumption we make use of is an untappable channel between the two voting authorities that are employed in our scheme. This scheme satisfies most requirements of a secure electronic election. We make use of well-known cryptographic techniques such as time-lock puzzles and blind signatures.

Designated 2-verifier proofs and their application to electronic commerce

Designated verifier interactive proofs have been used as nonmalleable mechanisms and to prevent man-in-the-middle attacks. In this paper we use designated 2-verifier proofs to design simple and secure electronic payment systems. Two on-line protocols are presented. These link the Customer (the prover) with the Merchant and Bank (the two verifiers) inextricably to their transactions. In the first protocol the identity of the Customer is traceable. This can be used for general electronic payment systems. The second protocol can be used for anonymous electronic cash payments. Both protocols have a simple structure and are provably secure.

Secure group communication: a dynamic approach

Key distribution is a major cryptographic component for secure communication. To ensure privacy data must be encrypted with keys which are distributed securely. The keys must be properly authenticated. Most of the research on key distribution has focussed on two-party systems although there is some notable work on conference systems (with more than two parties). However the dynamic aspect of such systems has been neglected. In this paper we address this issue and consider a scenario appropriate for internet applications. We show how a conference system can be extended efficiently to enable new participants to join, in such a way that all earlier communication within the conference is protected. We also consider the case when participants leave a conference. Our approach is general and can be used with any conference system. The security of our dynamic extension is essentially the same as that of the conference system. Finally we discuss several threats to dynamic conferencing.