Visible to the public Computing Theory and Privacy, 2014

SoS Newsletter- Advanced Book Block

SoS Logo

Computing Theory and Privacy, 2014

Getting to the Science of Security will both require and generate fresh looks at computing theory.  Privacy, too, is a research area with a theoretical underpinning worth researching.  The material cited here was presented in 2014.

Wu Tianshui; Zhao Gang, "A New Security and Privacy Risk Assessment Model for Information System Considering Influence Relation of Risk Elements," Broadband and Wireless Computing, Communication and Applications (BWCCA), 2014 Ninth International Conference on, pp. 233, 238, 8-10 Nov. 2014. doi: 10.1109/BWCCA.2014.76
Abstract: Considering the influence relations among risk assessment elements and the uncertainty generated in the security and privacy risk assessment process, this paper proposes a new security and privacy risk assessment model for information system which is based on DEMATEL-ANP combined with grey system theory. On the basis of risk assessment standard process, this model utilizes the DEMATEL method to identify risk assessment elements and evaluate comprehensive influence relations. Further, the model combines with ANP to solve the weight distribution ratio of the subordinate element of each evaluation elements. Finally the paper uses grey system theory to obtain grey evaluation matrix, and computes final security and privacy risk level. Examples simulation demonstrates that it is an effective method for information system on security and privacy risk assessment, which the model not only weighs up the association influence among the various evaluation factors in practical evaluation system, reduces the subjective evaluation, but also can effectively mitigate the uncertainty of expert evaluation.
Keywords: data privacy; decision making; grey systems; information systems; risk management; security of data; DEMATEL-ANP; analytic network process; decision making trial-and-evaluation laboratory; final security; grey evaluation matrix; grey system theory; information system; privacy risk assessment model; privacy risk level; security risk assessment model; weight distribution ratio; Computational modeling; Indexes; Information security; Privacy; Risk management; analytic network process (ANP); decision making trial and evaluation laboratory (DEMATEL);grey system theory; risk assessment; security and privacy (ID#: 15-5616)


Qiuwei Yang; Changquan Cheng; Xiqiang Che, "A Cost-Aware Method of Privacy Protection for Multiple Cloud Service Requests," Computational Science and Engineering (CSE), 2014 IEEE 17th International Conference on, pp. 583, 590, 19-21 Dec. 2014. doi: 10.1109/CSE.2014.131Abstract: In cloud computing environment, service requests usually carry some sensitive information that will be treated as privacy and cloud service request privacy leakage problem has become a hotspot of cloud security research. Existing studies assumed that potential attackers only collected and dealt with the relevant information
of single service request sequence, they did not distinguish the emphasis degree of users for these information. When applying directly to the scenes of multiple cloud service requests privacy protection, their strategies couldn't meet the needs of protection due to the limitations of their analytical perspective, and their cost would also increase. In this paper, we propose a method of sensitive information relation description and privacy measurement that caters to multiple cloud service requests, and conduct privacy leakage risk assessment under this scenario based on D-S evidence theory, then give the strategy of obfuscation choice and noise generation for multiple cloud service requests, finally build a cost-aware privacy protection framework for them. The simulation and analysis shows that our approach ensures the security of multiple service requests in cloud environment without significantly increasing the system overhead and saves the noise cost.
Keywords: cloud computing; data privacy; inference mechanisms; security of data; uncertainty handling; D-S evidence theory; cloud computing environment; cloud security; cloud service request privacy leakage problem; cloud service requests privacy protection; cost-aware method; cost-aware privacy protection framework; noise generation; obfuscation choice; privacy leakage risk assessment; privacy measurement; sensitive information relation description; Clouds; Correlation coefficient; Joints;Noise; Privacy; Risk management; Security; Cloud computing; D-S evidence theory; Multiple service requests; Privacy protection; Risk assessment (ID#: 15-5617)


Yingxu Wang; Wiebe, V.J., "Big Data Analyses for Collective Opinion Elicitation in Social Networks," Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on, pp. 630, 637, 24-26 Sept. 2014. doi: 10.1109/TrustCom.2014.81
Abstract: Big data are extremely large-scaled data in terms of quantity, complexity, semantics, distribution, and processing costs in computer science, cognitive informatics, web-based computing, cloud computing, and computational intelligence. Censuses and elections are a typical paradigm of big data engineering in modern digital democracy and social networks. This paper analyzes the mechanisms of voting systems and collective opinions using big data analysis technologies. A set of numerical and fuzzy models for collective opinion analyses is presented for applications in social networks, online voting, and general elections. A fundamental insight on the collective opinion equilibrium is revealed among electoral distributions and in voting systems. Fuzzy analysis methods for collective opinions are rigorously developed and applied in poll data mining, collective opinion determination, and quantitative electoral data processing.
Keywords: Big Data; cloud computing; computer science; data mining; fuzzy set theory; politics; social networking (online);Big Data analysis; Web-based computing; cloud computing; cognitive informatics; collective opinion determination; collective opinion elicitation; computational intelligence; computer science; digital democracy; fuzzy analysis; large-scaled data; poll data mining; quantitative electoral data processing; social networks; Algorithm design and analysis; Benchmark testing; Big data; Data models; Nominations and elections; Polynomials; Semantics; Big data; big data engineering; collective opinion; fuzzy models of big data; numerical methods; opinion poll; quantitative analyses; social networks; voting (ID#: 15-5618)


Duo Liu; Chung-Horng Lung; Seddigh, N.; Nandy, B., "Network Traffic Anomaly Detection Using Adaptive Density-Based Fuzzy Clustering," Trust, Security and Privacy in Computing and Communications (TrustCom),  2014 IEEE 13th International Conference on, pp. 823, 830, 24-26 Sept. 2014. doi: 10.1109/TrustCom.2014.109
Abstract: Fuzzy C-means (FCM) clustering has been used to distinguish communication network traffic outliers based on the uncommon statistical characteristics of network traffic data. The raditional FCM does not leverage spatial information in its analysis, which leads to inaccuracies in certain instances. To address this challenge, this paper proposes an adaptive fuzzy clustering technique based on existing possibilistic clustering algorithms. The proposed technique simultaneously considers distance, density, and the trend of density change of data instances in the membership degree calculation. Specifically the membership degree is quickly updated when the distance or density is beyond the pre-defined threshold, or density change does not match the data distribution. In contrast, the traditional FCM updates its membership degree only based on the distance between data points and the cluster centroid. The proposed approach enables the clustering to reflect the inherent diversity nature of communication network traffic. Further, an adaptive threshold is introduced to speed up the iterative clustering process. The proposed algorithm has been evaluated via experiments using traffic from a real network. The results indicate that the adaptive fuzzy clustering reduces false negatives while improves true positive results.
Keywords: data handling; fuzzy set theory; pattern clustering; statistical analysis; FCM clustering; adaptive density-based fuzzy clustering; data distribution; fuzzy C-means clustering; network traffic anomaly detection; network traffic data; spatial information; statistical characteristics; Conferences; Privacy; Security; Fuzzy C-means; Network anomaly detection; Partitional clustering; Possibilistic clustering (ID#: 15-5619)


Li Lin; Tingting Liu; Jian Hu; Jianbiao Zhang, "A Privacy-Aware Cloud Service Selection Method Toward Data Life-Cycle," Parallel and Distributed Systems (ICPADS), 2014 20th IEEE International Conference on, pp. 752, 759, 16-19 Dec. 2014. doi: 10.1109/PADSW.2014.7097878
Abstract: Recent years have witnessed the rapid development of cloud computing, which leverages its unique services to cloud customers in a pay-as-you-go, anytime, anywhere manner. However, a significant barrier to the adoption of cloud services is that users fear data leakage and loss of privacy if their sensitive data is processed in the cloud. Hence, the cloud customer must be able to select appropriate services according to his or her privacy and security needs. In this paper, we propose a novel cloud service selection method called PCSS, where a cloud service is estimated based on its capability of privacy protection (CoPP) covering the entire life-cycle of users' data. A scalable assessment index system with a 2-level hierarchy structure is constructed to analyze and quantify the CoPP of cloud service. The first-level index is composed of all stages of data life-cycle and the second-level index involves privacy-aware security mechanisms at each stage. We employ a fuzzy comprehensive evaluation technique to count the privacy-preserving value of security mechanism. An AHP- based approach is exploited to decide the impact weight of different security mechanisms to the CoPP of each stage. By calculating a comprehensive CoPP metric of all life-cycle stages, all cloud services can be sorted and recommended to users. An example analysis is given, and the reasonableness of the proposed method is proved. Comprehensive experiments have been conducted, which demonstrate the effectiveness of the proposed method by the comparison with the baseline method at the service selection performance.
Keywords: analytic hierarchy process; cloud computing; data privacy; fuzzy set theory;2-level hierarchy structure; AHP- based approach; CoPP; PCSS; analytic hierarchy process; capability of privacy protection; cloud computing; cloud customer; data leakage; first-level index; fuzzy comprehensive evaluation technique; privacy loss; privacy-aware cloud service selection method; privacy-aware security mechanisms; privacy-preserving value; scalable assessment index system; second-level index; security needs; service selection performance; user data life-cycle; Data privacy; Filtering; Phase locked loops; Privacy; Security; cloud service selection; data life-cycle; privacy-aware (ID#: 15-5620)


Bijral, S.; Mukhopadhyay, D., "Efficient Fuzzy Search Engine with B -Tree Search Mechanism," Information Technology (ICIT), 2014 International Conference on, pp. 118, 122, 22-24 Dec. 2014. doi: 10.1109/ICIT.2014.19
Abstract: Search engines play a vital role in day to day life on internet. People use search engines to find content on internet. Cloud computing is the computing concept in which data is stored and accessed with the help of a third party server called as cloud. Data is not stored locally on our machines and the software's and information are provided to user if user demands for it. Search queries are the most important part in searching data on internet. A search query consists of one or more than one keywords. A search query is searched from the database for exact match, and the traditional searchable schemes do not tolerate minor typos and format inconsistencies, which happen quite frequently. This drawback makes the existing techniques unsuitable and they offer very low efficiency. In this paper, i will for the first time formulate the problem of effective fuzzy search by introducing tree search methodologies. I will explore the benefits of B trees in search mechanism and use them to have an efficient keyword search. I have taken into consideration the security analysis strictly so as to get a secure and privacy-preserving system.
Keywords: cloud computing; data privacy; fuzzy set theory; query processing; search engines; trees (mathematics); Internet; b-tree search mechanism; cloud computing; data searching; format inconsistencies; fuzzy search engine; keyword search; minor typos; privacy-preserving system; search query; secure system; security analysis; third party server; traditional searchable schemes; Cloud computing; Dictionaries; Encryption; Indexes; Information technology; Keyword search; B-Tree Search; Fuzzy keyword Search; Typos and format Inconsistencies (ID#: 15-5621)


Bistarelli, S.; Santini, F., "Two Trust Networks In One: Using Bipolar Structures To Fuse Trust And Distrust," Privacy, Security and Trust (PST), 2014 Twelfth Annual International Conference on, pp. 383, 390, 23-24 July 2014. doi: 10.1109/PST.2014.6890964
Abstract: In this paper we study weighted trust-networks, where each edge is associated with either a positive or negative score. Hence, we consider a distrust relationship as well, allowing a user to rate poor experiences with other individuals in his web of acquaintances. We propose an algorithm to compose two of such networks in a single one, in order to merge the knowledge obtained in two different communities of individuals (possibly partially-overlapping), through two different trust management-systems. Our algorithm is based on semiring algebraic-structures, in order to have a parametric computational-framework. Such composition can be adopted whenever two trust-based communities (with the same scope) need to be amalgamated: for instance, two competitor-companies that need to unify the trust-based knowledge on their (sub-) suppliers.
Keywords: algebra; network theory (graphs);trusted computing; bipolar structures; distrust relationship; semiring algebraic structures ;trust management systems; trust-based communities; trust-based knowledge; weighted trust networks; Communities; Complexity theory; Electronic mail; Lattices; Measurement; Periodic structures; Security (ID#: 15-5622)


Chi Chen; Chaogang Wang; Tengfei Yang; Dongdai Lin; Song Wang; Jiankun Hu, "Optional Multi-Biometric Cryptosystem Based On Fuzzy Extractor," Fuzzy Systems and Knowledge Discovery (FSKD), 2014 11th International Conference on, pp. 989, 994, 19-21 Aug. 2014. doi: 10.1109/FSKD.2014.6980974
Abstract: Following the wide use of smart devices, biometric cryptosystem is used to protect users' privacy data. However, biometric cryptosystem is rarely used in the scenario of mobile cloud, because the biometric sensors are different on various devices. In this paper, an optional multi-biometric cryptosystem based on fuzzy extractor and secret share technology is proposed. Each of the enrolled biometric modality generates a feature vector, and then the feature vector is put into a fuzzy extractor to get a stable codeword, namely a bit-string. All the codewords are used to bind a random key based on a secret share method, and the key can be used to encrypt users' privacy data. During the verification phase, part of the enrolled biometric modalities are enough to recover the random key. Therefore, the proposed scheme can provide a user the same biometric key on different devices. In addition, experiment on a virtual multi-biometric database shows that the novel concept of optional multi-biometric cryptosystem is better than the corresponding uni-biometric cryptosystem both in matching accuracy and key entropy.
Keywords: biometrics (access control); cloud computing; cryptography; entropy; fuzzy set theory; mobile computing; vectors; bit-string; codewords; feature vector; fuzzy extractor; key entropy; mobile cloud; optional multibiometric cryptosystem; smart devices; users privacy data; Accuracy;Cryptography; Databases; Feature extraction; Fingerprint recognition; Iris recognition; cryptosystem; fuzzy extractor; key generation; mobile cloud; multi-biometric; secret share (ID#: 15-5623)


Yunmei Lu; Phoungphol, P.; Yanqing Zhang, "Privacy Aware Non-linear Support Vector Machine for Multi-source Big Data," Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on, pp. 783, 789, 24-26 Sept. 2014. doi: 10.1109/TrustCom.2014.103
Abstract: In order to build reliable prediction models and attain high classification accuracy, assembling datasets from multiple databases maintained by different sources (such as different hospitals) has become increasingly common. However, assembling these composite datasets involves the disclosure of individuals' records, therefore many local owners are reluctant to share their data due to privacy concerns. This paper presents a framework for building a Privacy-Aware Non-linear Support Vector Machine (PAN-SVM) classifier using distributed data sources. The framework with three layers can do global classification based on distributed data sources and protect individuals' records at the same time. At the bottom layer, k-means clustering is used to select landmarks that will be used by the medium layer after they are encrypted by a secure sum protocol. The medium layer employs Nystrom low-rank approximation and kernel matrix decomposition techniques to construct a global SVM classifier which is accelerated at the top layer by employing a cutting-plane technique. Simulation results on multiple datasets indicate that the new framework can solve the classification problem on distributed data sources effectively and efficiently, and protect the privacy of individuals' data as well.
Keywords: approximation theory; data privacy; matrix algebra; support vector machines; Nystrom low-rank approximation; PAN-SVM classifier; assembling datasets; cutting plane technique; distributed data sources; global SVM classifier; kernel matrix decomposition techniques; multiple databases; multisource big data; privacy aware nonlinear support vector machine; secure sum protocol; Accuracy; Data models; Data privacy; Distributed databases; Kernel; Support vector machines; Training; Cutting-plane Method; Distributed data-mining; Low-rank Approximation; Matrix Decomposition; Multi-source Data; Privacy preserving; SVM (ID#: 15-5624)


Keith, M.J.; Babb, J.S.; Lowry, P.B., "A Longitudinal Study of Information Privacy on Mobile Devices," System Sciences (HICSS), 2014 47th Hawaii International Conference on, pp. 3149, 3158, 6-9 Jan. 2014. doi: 10.1109/HICSS.2014.391
Abstract: The real value of mobile applications is heavily dependent on consumers' trust in the privacy of their personal information and location data. However, research has generated few results based on actual information disclosure and even less that is based on longitudinal behavior. The purpose of this study is to execute a unique and authentic field experiment involving real risks and consumer behaviors regarding information disclosure over mobile devices. We compare two theoretical explanations of disclosure decisions: privacy calculus and prospect theory. Our results indicate that consumers are best modeled as "bounded" rational actors concerning their disclosure behavior. Also, actual information disclosure behavior over mobile applications is a more multifaceted issue than research has treated it thus far. For practice, mobile application providers should be aware that increasing the benefits of information disclosure via the app may have the counterintuitive effect of increasing perceived risk and reducing consumer disclosure.
Keywords: behavioural sciences; data privacy; mobile computing; risk management; security of data; bounded rational actors; consumer behaviors; consumer trust; disclosure decisions; information disclosure behavior; location data privacy; longitudinal behavior; longitudinal information privacy study; mobile applications; mobile devices; privacy calculus; prospect theory; Calculus; Educational institutions; Games; Mobile communication; Mobile handsets; Privacy; Social network services; information disclosure; location based-services; mobile application; privacy; privacy calculus; prospect theory; rationality (ID#: 15-5625)


Schonfeld, M.; Werner, M., "Distributed Privacy-Preserving Mean Estimation," Privacy and Security in Mobile Systems (PRISMS), 2014 International Conference on, pp. 1, 8, 11-14 May 2014. doi: 10.1109/PRISMS.2014.6970597
Abstract: Due to the rise of mobile computing and smartphones, a lot of information about groups has become accessible. This information shall often be kept secret. Hence distributed algorithms for privacy-preserving distribution estimation are needed. Most research currently focuses on privacy in a database, where a single entity has collected the secret information and privacy is ensured between query results and the database. In fully distributed systems such as sensor networks it is often infeasible to move the data towards a central entity for processing. Instead, distributed algorithms are needed. With this paper we propose a fully distributed, privacy-friendly, consensus-based approach. In our approach all nodes cooperate to generate a sufficiently random obfuscation of their secret values until the estimated and obfuscated values of the individual nodes can be safely published. Then the calculations can be done on this replacement containing only non-secret values but recovering some aspects (mean, standard deviation) of the original distribution.
Keywords: data privacy; database management systems; estimation theory; mobile computing; query processing; smart phones; database; distributed algorithms; distributed privacy-preserving mean estimation; information privacy; mobile computing; query results; secret information; smartphones; Distributed databases; Estimation; Peer-to-peer computing; Privacy; Public key; Standards (ID#: 15-5626)


Andersen, A.; Yigzaw, K.Y.; Karlsen, R., "Privacy Preserving Health Data Processing," e-Health Networking, Applications and Services (Healthcom), 2014 IEEE 16th International Conference on, pp. 225, 230, 15-18 Oct. 2014. doi: 10.1109/HealthCom.2014.7001845
Abstract: The usage of electronic health data from different sources for statistical analysis requires a toolset where the legal, security and privacy concerns have been taken into consideration. The health data are typically located at different general practices and hospitals. The data analysis consists of local processing at these locations, and the locations become nodes in a computing graph. To support the legal, security and privacy concerns, the proposed toolset for statistical analysis of health data uses a combination of secure multi-party computation (SMC) algorithms, symmetric and public key encryption, and public key infrastructure (PKI) with certificates and a certificate authority (CA). The proposed toolset should cover a wide range of data analysis with different data distributions. To achieve this, large set of possible SMC algorithms and computing graphs have to be supported.
Keywords: authorisation; data analysis; data privacy; electronic health records; graph theory; public key cryptography; statistical analysis; CA;PKI;SMC algorithms; certificate authority; computing graph; data analysis; data privacy; electronic health data processing; public key encryption; public key infrastructure; secure multiparty computation; statistical analysis; Data privacy; Encryption; Privacy; Public key; Receivers; Snow (ID#: 15-5627)


Fathabadi, Z.F.; Nogoorani, S.D.; Hemmatyar, A.M., "CR-SMTC: Privacy Preserving Collusion-Resistant Multi-Party Trust Computation," Information Security and Cryptology (ISCISC), 2014 11th International ISC Conference on, pp. 167, 172, 3-4 Sept. 2014. doi: 10.1109/ISCISC.2014.6994042
Abstract: The ever-increasing use of trust and reputation models has posed new challenges in distributed environments. One of these challenges is the computation of trust while preserving privacy of feedback providers. This is because of the fact that some people may report a dishonest value due to social pressure or fear of the consequences. In this paper, we propose a privacy-preserving collusion-resistant multi-party trust computation scheme which uses data perturbation and homomorphic encryption to preserve the privacy of feedbacks. Our scheme is consisted of two protocols for private summation (S-protocol) and inner product (P-protocol). Our protocols are resistant to collusion of up to m+1 and m+2 agents, respectively, where m is a configurable parameter. In addition, their computational complexities are O(nm) and O(n(m+h)), respectively, where n is the number of agents and h is the homomorphic encryption algorithm complexity. We compare our protocols with related works and show its superiority in terms of collusion-resilience probability as well as complexity.
Keywords: computational complexity; cryptographic protocols; data privacy; trusted computing; CR-SMTC;O(n(m+h)) computational complexity; O(nm) computational complexity; P-protocol; S-protocol; collusion resistant protocols; collusion-resilience probability; configurable parameter; data perturbation; dishonest value; distributed environments; feedback provider privacy preservation; homomorphic encryption; homomorphic encryption algorithm complexity; inner product protocols; privacy-preserving collusion-resistant multiparty trust computation scheme; private summation protocols; reputation model; social pressure; trust computation; trust model; Complexity theory; Computational modeling; Encryption; Privacy; Protocols; Resistance; collusion attack (key words);computational trust; data perturbation; homomorphic encryption; privacy preservation (ID#: 15-5628)


Borges, F.; Martucci, L.A.; Beato, F.; Mühlhäuser, M., "Secure and Privacy-Friendly Public Key Generation and Certification," Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on, pp. 114, 121, 24-26 Sept. 2014. doi: 10.1109/TrustCom.2014.19
Abstract: Digital societies increasingly rely on secure communication between parties. Certificate enrollment protocols are used by certificate authorities to issue public key certificates to clients. Key agreement protocols, such as Diffie-Hellman, are used to compute secret keys, using public keys as input, for establishing secure communication channels. Whenever the keys are generated by clients, the bootstrap process requires either (a) an out-of-band verification for certification of keys when those are generated by the clients themselves, or (b) a trusted server to generate both the public and secret parameters. This paper presents a novel constrained key agreement protocol, built upon a constrained Diffie-Hellman, which is used to generate a secure public-private key pair, and to set up a certification environment without disclosing the private keys. In this way, the servers can guarantee that the generated key parameters are safe, and the clients do not disclose any secret information to the servers.
Keywords: cryptographic protocols; data privacy; private key cryptography; public key cryptography; telecommunication security; bootstrap process; certificate authorities; certificate enrollment protocols; certification environment; constrained Diffie-Hellman; digital societies; key agreement protocols; out-of-band verification; privacy-friendly public key generation; public key certificates; secret information; secret keys; secure communication channels; secure public-private key pair; Complexity theory; DH-HEMTs; Protocols; Public key; Servers; Zinc; Certification; Privacy; Protocol; Public Key Generation; Security (ID#: 15-5629)


Lei Pan; Bangay, S., "Generating Repudiable, Memorizable, and Privacy Preserving Security Questions Using the Propp Theory of Narrative," Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), 2014 International Conference on, pp. 66, 72, 13-15 Oct. 2014. doi: 10.1109/CyberC.2014.20
Abstract: Security questions are often based on personal information that is limited in variety, available in the public record and very difficult to change if compromised. A personalized folktale shared only by the communicating parties provides memorizable basis for individualized security questions that can be readily replaced in the event of a security breach. We utilize the Propp theory of narrative to provide a basis of abstraction for story generation systems. We develop a proof-of-concept system based on placeholder replacement to demonstrate the generation of repudiate and memorizable questions and answers suitable for online security questions. A 3-component protocol is presented that demonstrates the use of this process to derive a shared secret key through privacy amplification. This combination of story generation and communication security provides the basis for improvements in current security question practice.
Keywords: data privacy;protocols;3-component protocol; Propp theory of narrative; communication security; online security questions; personal information; personalized folktale; placeholder replacement; privacy amplification; privacy preserving security questions; public record; security breach; story generation systems; Authentication; Context; Prediction algorithms; Privacy; Protocols; Servers; Propp theory of narrative; authentication; automated text generation; privacy; security; security question; story synthesis (ID#: 15-5630)


Ma, J.; Weining Yang; Min Luo; Ninghui Li, "A Study of Probabilistic Password Models," Security and Privacy (SP), 2014 IEEE Symposium on, pp. 689, 704, 18-21 May 2014. doi: 10.1109/SP.2014.50
Abstract: A probabilistic password model assigns a probability value to each string. Such models are useful for research into understanding what makes users choose more (or less) secure passwords, and for constructing password strength meters and password cracking utilities. Guess number graphs generated from password models are a widely used method in password research. In this paper, we show that probability-threshold graphs have important advantages over guess-number graphs. They are much faster to compute, and at the same time provide information beyond what is feasible in guess-number graphs. We also observe that research in password modeling can benefit from the extensive literature in statistical language modeling. We conduct a systematic evaluation of a large number of probabilistic password models, including Markov models using different normalization and smoothing methods, and found that, among other things, Markov models, when done correctly, perform significantly better than the Probabilistic Context-Free Grammar model proposed in Weir et al., which has been used as the state-of-the-art password model in recent research.
Keywords: Markov processes; graph theory; probability; security of data; Markov models; guess number graphs; password cracking utilities; password strength meters; probabilistic password models; probability-threshold graphs; secure passwords; statistical language modeling; Computational modeling; Dictionaries; Educational institutions; Markov processes; Probabilistic logic; Testing; Training (ID#: 15-5631)


Sardana, N.; Cohen, R., "Validating Trust Models Against Realworld Data Sets," Privacy, Security and Trust (PST), 2014 Twelfth Annual International Conference on, pp. 355, 362, 23-24 July 2014. doi: 10.1109/PST.2014.6890960
Abstract: In order to validate a particular approach to trust modeling, researchers have typically designed simulations in which various multliagent conditions are modeled and tested. Graphs have tracked different measures to demonstrate success of the proposed trust model, including satisfaction of buying agents, profit of selling agents (in e-marketplaces) or the extent to which the simulation matched some ground truth for the user. In this paper we report on an effort to locate and employ existing datasets with information about real users, in order to validate a trust model. We describe how Reddit and Epinions datasets can be put to good use, towards this end. In addition to describing what we did for the validation of our own trust model, we reflect on how other trust modeling researchers may perform a similar process, of benefit for their own empirical studies.
Keywords: graph theory; multi-agent systems; trusted computing; Epinions datasets; Reddit datasets; buying agents; e-marketplaces; graphs; multiagent conditions; selling agents; trust models; Blades; Computational modeling; Data models; Decision making; Educational institutions; Measurement; Testing (ID#: 15-5632)


Mashayekhy, L.; Nejad, M.M.; Grosu, D., "A Framework for Data Protection in Cloud Federations," Parallel Processing (ICPP), 2014 43rd International Conference on, pp. 283, 290, 9-12 Sept. 2014. doi: 10.1109/ICPP.2014.37
Abstract: One of the benefits of cloud computing is that a cloud provider can dynamically scale-up its resource capabilities by forming a cloud federation with other cloud providers. Forming cloud federations requires taking the data privacy and security concerns into account, which is critical in satisfying the Service Level Agreements (SLAs). The nature of privacy and security challenges in clouds requires that cloud providers design data protection mechanisms that work together with their resource management systems. In this paper, we consider the privacy requirements when outsourcing data and computation within a federation of clouds, and propose a framework for minimizing the cost of outsourcing while considering two key data protection restrictions, the trust and disclosure restrictions. We model these restrictions as conflict graphs, and formulate the problem as an integer program. In the absence of computationally tractable optimal algorithms for solving this problem, we design a fast heuristic algorithm. We analyze the performance of our proposed algorithm through extensive experiments.
Keywords: cloud computing; data privacy; graph theory; integer programming; SLA; cloud computing; cloud federation; conflict graph; data privacy; data protection; data security; disclosure restriction; integer programming; resource management system; service level agreement; trust restriction; Algorithm design and analysis; Cloud computing; Data privacy; Measurement; Outsourcing; Partitioning algorithms; Security; cloud computing; data protection; federation formation; virtual machine placement (ID#: 15-5633)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.