Change search
Link to record
Permanent link

Direct link
BETA
Publications (10 of 37) Show all publications
Fischer-Hübner, S., Martucci, L., Fritsch, L., Pulls, T., Herold, S., Iwaya, L. H., . . . Albin, Z. (2018). A MOOC on Privacy by Design and the GDPR. In: Lynette Drevin, Marianthi Theocharidou (Ed.), Information Security Education: Towards a Cybersecure Society. Paper presented at 11th IFIP World Conference on Information Security Education (WISE 11), Held at the 24th IFIP World Computer Congress, WCC 2018, Poznan, Poland, September 18–20, 2018, Proceedings (pp. 95-107). Cham, Switzerland: Springer
Open this publication in new window or tab >>A MOOC on Privacy by Design and the GDPR
Show others...
2018 (English)In: Information Security Education: Towards a Cybersecure Society / [ed] Lynette Drevin, Marianthi Theocharidou, Cham, Switzerland: Springer, 2018, p. 95-107Conference paper, Published paper (Refereed)
Abstract [en]

In this paper we describe how we designed a massive open online course (mooc) on Privacy by Design with a focus on how to achieve compliance with the eu gdpr principles and requirements in it engineering and management. This mooc aims at educating both professionals and undergraduate students, i.e., target groups with distinct educational needs and requirements, within a single course structure. We discuss why developing and publishing such a course is a timely decision and fulfills the current needs of the professional and undergraduate education. The mooc is organized in five modules, each of them with its own learning outcomes and activities. The modules focus on different aspects of the gdpr that data protection officers have to be knowledgeable about, ranging from the legal basics, to data protection impact assessment methods, and privacy-enhancing technologies. The modules were delivered using hypertext, digital content and three video production styles: slides with voice-over, talking heads and interviews. The main contribution of this work is the roadmap on how to design a highly relevant mooc on privacy by design and the gdpr aimed at an heterogeneous audience.

Place, publisher, year, edition, pages
Cham, Switzerland: Springer, 2018
Series
IFIP Advances in Information Technology (AICT) ; 531
Keywords
privacy, teaching, mooc, course design
National Category
Engineering and Technology Humanities and the Arts
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-69413 (URN)10.1007/978-3-319-99734-6_8 (DOI)978-3-319-99734-6 (ISBN)
Conference
11th IFIP World Conference on Information Security Education (WISE 11), Held at the 24th IFIP World Computer Congress, WCC 2018, Poznan, Poland, September 18–20, 2018, Proceedings
Projects
WISR
Funder
Knowledge Foundation, NU16
Available from: 2018-09-27 Created: 2018-09-27 Last updated: 2019-07-11Bibliographically approved
Pulls, T. & Dahlberg, R. (2018). Cryptology ePrint Archive: Report 2018/737.
Open this publication in new window or tab >>Cryptology ePrint Archive: Report 2018/737
2018 (English)Report (Other academic)
Abstract [en]

We present Steady: an end-to-end secure logging system engineered to be simple in terms of design, implementation, and assumptions for real-world use. Steady gets its name from being based on a steady (heart)beat of events from a forward-secure device sent over an untrusted network through untrusted relays to a trusted collector. Properties include optional encryption and compression (with loss of confidentiality but significant gain in goodput), detection of tampering, relays that can function in unidirectional networks (e.g., as part of a data diode), cost-effective use of cloud services for relays, and publicly verifiable proofs of event authenticity. The design is formalized and security proven in the standard model. Our prototype implementation (about 2,200 loc) shows reliable goodput of over 1M events/s (about 160 MiB/s) for a realistic dataset with commodity hardware for a device on a GigE network using 16 MiB of memory connected to a relay running at Amazon EC2.

Publisher
p. 17
Keywords
cryptographic protocols
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-71420 (URN)
Projects
HITS, 4707
Funder
Knowledge Foundation
Note

Original Publication (with major differences): NordSec 2018 DOI: 10.1007/978-3-030-03638-6_6

Available from: 2019-03-04 Created: 2019-03-04 Last updated: 2019-06-14Bibliographically approved
Pulls, T. & Dahlberg, R. (2018). Steady: A Simple End-to-End Secure Logging System. In: N. Gruschka (Ed.), N. Gruschka (Ed.), Secure IT Systems. NordSec 2018: Lecture Notes in Computer Science, vol 11252. Paper presented at Secure IT Systems. NordSec 2018, 28 November 2018 through 30 November 2018 (pp. 88-103). Springer
Open this publication in new window or tab >>Steady: A Simple End-to-End Secure Logging System
2018 (English)In: Secure IT Systems. NordSec 2018: Lecture Notes in Computer Science, vol 11252 / [ed] N. Gruschka, Springer, 2018, p. 88-103Conference paper, Published paper (Refereed)
Abstract [en]

We present Steady: an end-to-end secure logging system engineered to be simple in terms of design, implementation, and assumptions for real-world use. Steady gets its name from being based on a steady (heart)beat of events from a forward-secure device sent over an untrusted network through untrusted relays to a trusted collector. Properties include optional encryption and compression (with loss of confidentiality but significant gain in goodput), detection of tampering, relays that can function in unidirectional networks (e.g., as part of a data diode), cost-effective use of cloud services for relays, and publicly verifiable proofs of event authenticity. The design is formalized and security proven in the standard model. Our prototype implementation (2,200 loc) shows reliable goodput of over 1M events/s (160 MiB/s) for a realistic dataset with commodity hardware for a device on a GigE network using 16 MiB of memory connected to a relay running at Amazon EC2. 

Place, publisher, year, edition, pages
Springer, 2018
Keywords
Applied cryptography, Protocols, Secure logging, Cost effectiveness, Cryptography, Network protocols, Commodity hardware, Prototype implementations, Publicly verifiable, Secure loggings, The standard model, Untrusted network, Untrusted relays, Network security
National Category
Computer and Information Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-70592 (URN)10.1007/978-3-030-03638-6_6 (DOI)2-s2.0-85057425500 (Scopus ID)9783030036379 (ISBN)
Conference
Secure IT Systems. NordSec 2018, 28 November 2018 through 30 November 2018
Available from: 2018-12-20 Created: 2018-12-20 Last updated: 2019-06-14Bibliographically approved
Dahlberg, R. & Pulls, T. (2018). Verifiable Light-Weight Monitoring for Certificate Transparency Logs. In: Secure IT Systems. NordSec 2018: Lecture Notes in Computer Science, vol. 11252. Paper presented at Secure IT Systems. NordSec 2018, 28 November 2018 through 30 November 2018 (pp. 171-183). Springer
Open this publication in new window or tab >>Verifiable Light-Weight Monitoring for Certificate Transparency Logs
2018 (English)In: Secure IT Systems. NordSec 2018: Lecture Notes in Computer Science, vol. 11252, Springer, 2018, p. 171-183Conference paper, Published paper (Refereed)
Abstract [en]

Trust in publicly verifiable Certificate Transparency (CT) logs is reduced through cryptography, gossip, auditing, and monitoring. The role of a monitor is to observe each and every log entry, looking for suspicious certificates that interest the entity running the monitor. While anyone can run a monitor, it requires continuous operation and copies of the logs to be inspected. This has lead to the emergence of monitoring as-a-service: a trusted third-party runs the monitor and provides registered subjects with selective certificate notifications. We present a CT/bis extension for verifiable light-weight monitoring that enables subjects to verify the correctness of such certificate notifications, making it easier to distribute and reduce the trust which is otherwise placed in these monitors. Our extension supports verifiable monitoring of wild-card domains and piggybacks on CT’s existing gossip-audit security model. 

Place, publisher, year, edition, pages
Springer, 2018
Keywords
Certificate Transparency, Monitoring, Security protocols, Network security, Transparency, Continuous operation, Light weight, Publicly verifiable, Security model, Trusted third parties, Wild cards, Patient monitoring
National Category
Computer and Information Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-70591 (URN)10.1007/978-3-030-03638-6_11 (DOI)2-s2.0-85057389362 (Scopus ID)9783030036379 (ISBN)
Conference
Secure IT Systems. NordSec 2018, 28 November 2018 through 30 November 2018
Available from: 2018-12-20 Created: 2018-12-20 Last updated: 2019-06-14Bibliographically approved
Momen, N., Pulls, T., Fritsch, L. & Lindskog, S. (2017). How much Privilege does an App Need? Investigating Resource Usage of Android Apps. In: Proceedings of the Fifteenth International Conference on Privacy, Security and Trust – PST 2017 (IEEE proceedings pendings): . Paper presented at The Fifteenth International Conference on Privacy, Security and Trust – PST 2017. August 28-30, 2017 Calgary, Alberta, Canada. IEEE
Open this publication in new window or tab >>How much Privilege does an App Need? Investigating Resource Usage of Android Apps
2017 (English)In: Proceedings of the Fifteenth International Conference on Privacy, Security and Trust – PST 2017 (IEEE proceedings pendings), IEEE, 2017Conference paper, Published paper (Refereed)
Abstract [en]

Arguably, one of the default solutions to many of today’s everyday errands is to install an app. In order to deliver a variety of convenient and user-centric services, apps need to access different types of information stored in mobile devices, much of which is personal information. In principle, access to such privacy sensitive data should be kept to a minimum. In this study, we focus on privilege utilization patterns by apps installed on Android devices. Though explicit consent is required prior to first time access to the resource, the unavailability of usage information makes it unclear when trying to reassess the users initial decision. On the other hand, if granted privilege with little or no usage, it would suggest the likely violation of the principle of least privilege. Our findings illustrate a plausible requirement for visualising resource usage to aid the user in their decision- making and finer access control mechanisms. 

Place, publisher, year, edition, pages
IEEE, 2017
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-65605 (URN)10.1109/PST.2017.00039 (DOI)000447643500028 ()978-1-5386-2487-6 (ISBN)978-1-5386-2488-3 (ISBN)
Conference
The Fifteenth International Conference on Privacy, Security and Trust – PST 2017. August 28-30, 2017 Calgary, Alberta, Canada
Available from: 2018-01-15 Created: 2018-01-15 Last updated: 2019-07-11Bibliographically approved
Greschbach, B., Pulls, T., Roberts, L. M., Winter, P. & Feamster, N. (2017). The Effect of DNS on Tor´s Anonymity. In: NDSS Symposium 2017: . Paper presented at Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA, 26 Feb-1 Mar, 2017. Internet society
Open this publication in new window or tab >>The Effect of DNS on Tor´s Anonymity
Show others...
2017 (English)In: NDSS Symposium 2017, Internet society , 2017Conference paper, Published paper (Refereed)
Abstract [en]

Previous attacks that link the sender and receiver oftraffic in the Tor network (“correlation attacks”) have generallyrelied on analyzing traffic from TCP connections. The TCPconnections of a typical client application, however, are oftenaccompanied by DNS requests and responses. This additionaltraffic presents more opportunities for correlation attacks. Thispaper quantifies how DNS traffic can make Tor users more vulnerableto correlation attacks. We investigate how incorporatingDNS traffic can make existing correlation attacks more powerfuland how DNS lookups can leak information to third partiesabout anonymous communication. We (i) develop a method toidentify the DNS resolvers of Tor exit relays; (ii) develop a newset of correlation attacks (DefecTor attacks) that incorporate DNStraffic to improve precision; (iii) analyze the Internet-scale effectsof these new attacks on Tor users; and (iv) develop improvedmethods to evaluate correlation attacks. First, we find that thereexist adversaries that can mount DefecTor attacks: for example,Google’s DNS resolver observes almost 40% of all DNS requestsexiting the Tor network. We also find that DNS requests oftentraverse ASes that the corresponding TCP connections do nottransit, enabling additional ASes to gain information about Torusers’ traffic. We then show that an adversary that can mount aDefecTor attack can often determine the website that a Tor useris visiting with perfect precision, particularly for less popularwebsites where the set of DNS names associated with that websitemay be unique to the site. We also use the Tor Path Simulator(TorPS) in combination with traceroute data from vantage pointsco-located with Tor exit relays to estimate the power of AS-leveladversaries that might mount DefecTor attacks in practice.

Place, publisher, year, edition, pages
Internet society, 2017
Keywords
Tor, Website Fingerprinting, Correlation Attacks, Anonymity, DNS
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-64786 (URN)10.14722/ndss.2017.23311 (DOI)1-891562-46-0 (ISBN)
Conference
Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA, 26 Feb-1 Mar, 2017
Projects
Hoppet till Tor (5065)
Available from: 2017-10-26 Created: 2017-10-26 Last updated: 2018-10-11Bibliographically approved
Ruebsamen, T., Pulls, T. & Reich, C. (2016). Security and Privacy Preservation of Evidence in Cloud Accountability Audits. In: CLOUD COMPUTING AND SERVICES SCIENCE, CLOSER 2015: . Paper presented at 5th International Conference on Cloud Computing and Services Science (CLOSER), MAY 20-22, 2015, Lisbon, PORTUGAL (pp. 95-114).
Open this publication in new window or tab >>Security and Privacy Preservation of Evidence in Cloud Accountability Audits
2016 (English)In: CLOUD COMPUTING AND SERVICES SCIENCE, CLOSER 2015, 2016, p. 95-114Conference paper, Published paper (Refereed)
Abstract [en]

Cloud accountability audits are promising to strengthen trust in cloud computing by providing reassurance about the processing data in the cloud according to data handling and privacy policies. To effectively automate cloud accountability audits, various distributed evidence sources need to be considered during evaluation. The types of information range from authentication and data access logging to location information, information on security controls and incident detection. Securing that information quickly becomes a challenge in the system design, when the evidence that is needed for the audit is deemed sensitive or confidential information. This means that securing the evidence at-rest as well as in-transit is of utmost importance. In this paper, we present a system that is based on distributed software agents which enables secure evidence collection with the purpose of automated evaluation during cloud accountability audits. We thereby present the integration of Insynd as a suitable cryptographic mechanism for securing evidence. We present our reasoning for choosing Insynd by showing a comparison of Insynd properties with requirements imposed by accountability evidence collection as well as an analysis how security threats are being mitigated by Insynd. We put special emphasis on security and privacy protection in our system analysis.

Series
Communications in Computer and Information Science, ISSN 1865-0929 ; 581
National Category
Computer and Information Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-41203 (URN)10.1007/978-3-319-29582-4_6 (DOI)000371383500006 ()978-3-319-29582-4; 978-3-319-29581-7 (ISBN)
Conference
5th International Conference on Cloud Computing and Services Science (CLOSER), MAY 20-22, 2015, Lisbon, PORTUGAL
Available from: 2016-04-01 Created: 2016-04-01 Last updated: 2018-01-10Bibliographically approved
Dahlberg, R. & Pulls, T. (2016). Standardized Syslog Processing: Revisiting Secure Reliable Data Transfer and Message Compression. Karlstad: Karlstads universitet
Open this publication in new window or tab >>Standardized Syslog Processing: Revisiting Secure Reliable Data Transfer and Message Compression
2016 (English)Report (Other academic)
Abstract [en]

Today's computer logs are like smoking guns and treasure maps in case of suspicious system activities: they document intrusions, and log crucial information such as failed system updates and crashed services. An adversary thus has a clear motive to observe, alter, and delete log entries, considering that she could (i) start by using the log's content to identify new security vulnerabilities, and (ii) exploit them without ever being detected. With this in mind we consider syslog standards and open source projects that safeguard events during the storage and transit phases, and examine how data compression effects security. We conclude that there are syslog standards in place that satisfy security on a hop-by-hop basis, that there are no such standards for secure storage, and that message compression is not recommended during transit.

Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2016
Series
Arbetsrapport
Keywords
Syslog, rsyslog, syslog-ng, standardized logging, secure data compression
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-45392 (URN)978-91-7063-719-3 (ISBN)
Projects
HITS
Available from: 2016-09-19 Created: 2016-08-19 Last updated: 2018-01-10
Fischer-Hübner, S., Angulo, J., Karegar, F. & Pulls, T. (2016). Transparency, Privacy and Trust: Technology for Tracking and Controlling my Data Disclosures – Does this work?. In: Sheikh Mahbub Habib, Julita Vassileva, Sjouke Mauw, Max Mühlhäuser (Ed.), Proceedings of the 10th IFIPTM Conference 2016: Trust Management X. Paper presented at IFIPTM 2016 July 18-22 Darmstadt, Germany. Heidelberg: Springer Berlin/Heidelberg
Open this publication in new window or tab >>Transparency, Privacy and Trust: Technology for Tracking and Controlling my Data Disclosures – Does this work?
2016 (English)In: Proceedings of the 10th IFIPTM Conference 2016: Trust Management X / [ed] Sheikh Mahbub Habib, Julita Vassileva, Sjouke Mauw, Max Mühlhäuser, Heidelberg: Springer Berlin/Heidelberg, 2016Conference paper, Published paper (Refereed)
Place, publisher, year, edition, pages
Heidelberg: Springer Berlin/Heidelberg, 2016
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-43251 (URN)978-3-319-41354-9 (ISBN)
Conference
IFIPTM 2016 July 18-22 Darmstadt, Germany
Available from: 2016-06-16 Created: 2016-06-16 Last updated: 2018-07-02Bibliographically approved
Pulls, T. & Peeters, R. (2015). Balloon: A Forward-Secure Append-Only Persistent Authenticated Data Structure. In: Computer Security -- ESORICS 2015: 20th European Symposium on Research in Computer Security, Vienna, Austria, September 21-25, 2015, Proceedings, Part II. Paper presented at ESORICS 2015 - 20th European Symposium on Research in Computer Security, Vienna, Austria, September 21-25, 2015 (pp. 622-641). Springer, 9327
Open this publication in new window or tab >>Balloon: A Forward-Secure Append-Only Persistent Authenticated Data Structure
2015 (English)In: Computer Security -- ESORICS 2015: 20th European Symposium on Research in Computer Security, Vienna, Austria, September 21-25, 2015, Proceedings, Part II, Springer, 2015, Vol. 9327, p. 622-641Conference paper, Published paper (Refereed)
Place, publisher, year, edition, pages
Springer, 2015
Series
Lecture Notes in Computer Science, ISSN 0302-9743 ; 9327
Keywords
Authenticated Data Structure
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-38972 (URN)10.1007/978-3-319-24177-7_31 (DOI)000374478300031 ()978-3-319-24176-0 (ISBN)
Conference
ESORICS 2015 - 20th European Symposium on Research in Computer Security, Vienna, Austria, September 21-25, 2015
Available from: 2016-01-07 Created: 2016-01-07 Last updated: 2018-01-10Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0001-6459-8409

Search in DiVA

Show all publications