Tatjana Welzer

Privacy antecedents for SNS self-disclosure

Social networking sites privacy issues and self-disclosure are examined.A research model of privacy issues and self-disclosure is built.Structural equations modeling is used to assess the model fit.Path analysis is done to analyze hypothesis whereas 11 out of 14 are accepted.Final model shows privacy and its shaping of self-disclosure in Facebook. In recent years, social networking sites have spread rapidly, raising new issues in terms of privacy and self-disclosure online. For a better understanding of how privacy issues determine self-disclosure, a model which includes privacy awareness, privacy social norms, privacy policy, privacy control, privacy value, privacy concerns and self-disclosure was built. A total of 661 respondents participated in an online survey and a structural equation modeling was used to evaluate the model. The findings indicated a significant relationship between privacy value/privacy concerns and self-disclosure, privacy awareness and privacy concerns/self-disclosure, privacy social norms and privacy value/self-disclosure, privacy policy and privacy value/privacy concerns/self-disclosure, privacy control and privacy value/privacy concerns. The model from the study should contribute new knowledge concerning privacy issues and their shaping of self-disclosure on social networking sites. It could also help networking sites service providers understand how to encourage users to disclose more information.

Two proposed identity-based three-party authenticated key agreement protocols from pairings

The use of pairings has been shown promising for many two-party and three-party identity-based authenticated key agreement protocols. In recent years, several identity-based authenticated key agreement protocols have been proposed and most of them broken. In this paper, we propose two three-party identity-based authenticated key agreement protocols applying bilinear pairings. We show that the proposed protocols are secure (i.e. conform to defined security attributes) while being efficient.

An improved two-party identity-based authenticated key agreement protocol using pairings

Two-party authenticated key agreement protocols using pairings have gained much attention in the cryptographic community. Several protocols of this type where proposed in the past of which many were found to be flawed. This resulted in attacks or the inability to conform to security attributes. In this paper, we propose an efficient identity-based authenticated key agreement protocol employing pairings which employs a variant of a signature scheme and conforms to security attributes. Additionally, existing competitive and the proposed protocol are compared regarding efficiency and security. The criteria for efficiency are defined in this paper, whereas the criteria for security are defined by the fulfilment of security attributes from literature.

Two improved two-party identity-based authenticated key agreement protocols

Many authenticated key agreement protocols based on identity information were published in recent years. Hsieh et al. presented their protocol in 2002. However, Tseng et al. found a flaw in the protocol which resulted in a key compromise impersonation attack. Later, Tseng proposed his protocol conforming which conforms to all desirable security properties and is efficient. In this paper we propose two new two-party identity-based authenticated key agreement protocols. The first is based on Hsieh et al.s protocol and makes it immune against Tseng et al.s attack, while the second is an efficiently improved protocol based on Tsengs protocol.

Performance Assesment Framework for Distributed Object Architectures

Accurate, efficient and predictable performance assessment of distributed object models is necessary to make a founded decision about which model to use in a given application domain. This article presents a performance assessment framework for distributed object models. It presents two contributions to the study of distributed object performances: it defines the performance criteria for all important aspects of distributed object computing, including single and multi-client scenarios, and, it presents the high and low-level design of the framework and gives insights into implementation details for several important distributed object models, like CORBA, RMI and RMI-IIOP.

A universal system for fair non-repudiable certified e-mail without a trusted third party

Certified e-mail delivery is a quickly emerging field with significant legal benefits for e-commerce and e-government. Existing service-providers provide individual solutions that rely on a trusted third party and are in general limited in their scope and interoperability; as a consequence, they are unsuitable for cross-border application as required by transnational unions like the EU.In contrast to existing service-providers, we present a working system for certified e-mail that does not rely on a trusted third party for fair non-repudiation of receipt. We achieve fair non-repudiation of receipt through a novel protocol that involves splitting an encrypted message into a chain of parts, which the addressee gradually acquires, generating proof-of-receipt for each individual part. The protocol cryptographically prevents the addressee from obtaining the message in case they terminate the protocol prematurely.The universality of the presented system makes it feasible for unobtrusive operation using existing user agents and e-mail providers. The system is presented as a proof-of-concept implementation for the open-source Mozilla Thunderbird user agent.

Improvement of the Peyravian-Jeffries's user authentication protocol and password change protocol

Remote authentication of users supported by passwords is a broadly adopted method of authentication within insecure network environments. Such protocols typically rely on pre-established secure cryptographic keys or public key infrastructure. Recently, Peyravian and Jeffries [M. Peyravian, C. Jeffries, Secure remote user access over insecure networks, Computer Communications 29 (5-6) (2006) 660-667] proposed a protocol for secure remote user access over insecure networks. Shortly after the protocol was published Shim [K.A. Shim, Security flaws of remote user access over insecure networks, Computer Communications 30 (1) (2006) 117-121] and Munilla et al. [J. Munilla, A. Peinado, Off-line password-guessing attack to Peyravian-Jeffriess remote user authentication protocol, Computer Communications 30 (1) (2006) 52-54] independently presented an off-line guessing attack on the protocol. Based on their findings we present an improved secure password-based protocol for remote user authentication, password change, and session key establishment over insecure networks, which is immune against the attack.

Attacks and Improvement of an Efficient Remote Mutual Authentication and Key Agreement Scheme

Abstract In 2006, Shieh et al. proposed an efficient remote mutual authentication and key agreement scheme which uses smart cards and requires only hash function operations. In this paper, we show that Shieh et al.s scheme is vulnerable to guessing attacks, forgery attacks and key compromise attacks. To eliminate these weaknesses, an improvement of Shieh et al.s scheme with increased security is proposed. The security and efficiency of the improved scheme raises the attractiveness for implementation.

Medical diagnostic and data quality

The spread of electronic use of data in various areas has pushed the importance of data quality to a higher level. Data quality has syntactic and semantic components; the syntactic component is relatively easy to achieve if supported by tools (either off-the-shelf or our own), while the semantic component requires more research. In many cases such data come from different sources, are distributed across enterprises and are at different quality levels. Special attention needs to be paid to data upon which critical decisions are met, such as medical data for example. The starting point for research is in our case the risk of the medical area. We focus on the semantic component of medical data quality.

Meta Data Model for Database Design

Software re-use has become a major issue in software engineering research to overcome the so called application backlog in software production. In this paper we introduce a meta data model as a tool to apply re-use concepts also to database design. The main idea is to provide a structured repository of data models such that a database designer can use models or submodels of previous projects in his actual design and thus accelerating the design process. In this meta data model objects are thus organized according to their similarity. In particular, the structure supports the search for similar objects.