Ändra sökning
Avgränsa sökresultatet
1 - 41 av 41
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Träffar per sida
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sortering
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
Markera
Maxantalet träffar du kan exportera från sökgränssnittet är 250. Vid större uttag använd dig av utsökningar.
  • 1.
    Angulo, Julio
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för informatik och projektledning. Karlstads universitet, Fakulteten för humaniora och samhällsvetenskap (from 2013), Centrum för HumanIT.
    Berthold, Stefan
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Elkhiyaoui, Kaoutar
    EURECOM.
    Fernandez Gago, M. Carmen
    University of Málaga.
    Fischer-Hübner, Simone
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    David, Nunez
    University of Málaga.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap. Karlstad University.
    Reuben, Jenni
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap. Karlstad University.
    Van Rompay, Cédric
    EURECOM.
    Santana de Oliveira, Anderson
    SAP Labs.
    Önen, Melek
    EURECOM.
    D:D-5.3 User-Centric Transparency Tools V22015Rapport (Refereegranskat)
  • 2.
    Angulo, Julio
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för informatik och projektledning.
    Fischer-Hübner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Ulrich, König
    HCI for Policy Display and Administration2011Ingår i: Privacy and Identity Management for Life / [ed] Jan Camenish, Simone Fischer-Hübner and Kai Rannenberg, Berlin: Springer Berlin/Heidelberg, 2011, 1, s. 261-277Kapitel i bok, del av antologi (Refereegranskat)
    Abstract [en]

    The PrimeLife Policy Language (PPL) has the objective of helping end users make the data handling practices of data controllers more transparent, allowing them to make well-informed decisions about the release of personal data in exchange for services. In this chapter, we present our work on user interfaces for the PPL policy engine, which aims at displaying the core elements of a data controller's privacy policy in an easily understandable way as well as displaying how far it corresponds with the user's privacy preferences. We also show how privacy preference management can be simplified for end users.

  • 3.
    Angulo, Julio
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för informatik och projektledning. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Fischer-Hübner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Wästlund, Erik
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för psykologi.
    Towards Usable Privacy Policy Display & Management2012Ingår i: Information Management & Computer Security, ISSN 0968-5227, Vol. 20, s. 4-17Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    This paper discusses the approach taken within the PrimeLife project for providing user-friendly privacy policy interfaces for the PrimeLife Policy Language (PPL).We present the requirements, design process and usability testing of the “Send Data?” prototype, a browser extension designed and developed to deal with the powerful features provided by PPL. Our interface introduces the novel features of “on the fly” privacy management, predefined levels of privacy settings, and simplified selectionof anonymous credentials. Results from usability tests showed that users understand and appreciate these features and perceive them as being privacy-friendly, and they are therefore suggested as a good approach towards usable privacy policy display and management. Additionally, we present our lessons learnt in the design process of privacy policy interfaces.

  • 4.
    Angulo, Julio
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för informatik och projektledning. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Fischer-Hübner, Simone
    Karlstads universitet, Institutionen för informationsteknologi.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Wästlund, Erik
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för psykologi.
    Usable Transparency with the Data Track: A Tool for Visualizing Data Disclosures2015Ingår i: CHI EA '15 Proceedings of the 33rd Annual ACM Conference Extended Abstracts on Human Factors in Computing Systems / [ed] Bo Begole, Jinwoo Kim, Kori Inkpen, Woontack Woo, Association for Computing Machinery (ACM), 2015, s. 1803-18098Konferensbidrag (Refereegranskat)
    Abstract [en]

    We present a prototype of the user interface of a transparency tool that displays an overview of a user's data disclosures to different online service providers and allows them to access data collected about them stored at the services' sides. We explore one particular type of visualization method consisting of tracing lines that connect a user's disclosed personal attributes to the service to which these attributes have been disclosed. We report on the ongoing iterative process of design of such visualization, the challenges encountered and the possibilities for future improvements.

  • 5.
    Angulo, Julio
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Fischer-Hübner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Wästlund, Erik
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för psykologi. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för tjänsteforskning.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Towards Usable Privacy Policy Display & Management: The PrimeLife Approach2011Ingår i: Proceedings of 5th International Symposium on Human Aspects of Information Security & Assurance / [ed] Steven Furnell, Plymouth: University of Plymouth , 2011, s. 108-118Konferensbidrag (Refereegranskat)
  • 6.
    Berthold, Stefan
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Fischer-Hübner, Simone
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Martucci, Leonardo
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Crime and Punishment in the Cloud: Accountability, Transparency, and Privacy2013Konferensbidrag (Refereegranskat)
    Abstract [en]

    The goal of this work is to reason on the complexity of the relationship between three non-functional requirements in cloud comput-ing; privacy, accountability, and transparency. We provide insights on the complexity of this relationship from the perspectives of end-users, cloud service providers, and third parties, such as auditors. We shed light onthe real and perceived conflicts between privacy, transparency, and accountability, using a formal definition of transparency and an analysis on how well a privacy-preserving transparency-enhancing tool may assist in achieving accountability. Furthermore, we highlight the importance of the privacy impact assessment process for the realisation of both transparency and accountability.

  • 7.
    Dahlberg, Rasmus
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Standardized Syslog Processing: Revisiting Secure Reliable Data Transfer and Message Compression2016Rapport (Övrigt vetenskapligt)
    Abstract [en]

    Today's computer logs are like smoking guns and treasure maps in case of suspicious system activities: they document intrusions, and log crucial information such as failed system updates and crashed services. An adversary thus has a clear motive to observe, alter, and delete log entries, considering that she could (i) start by using the log's content to identify new security vulnerabilities, and (ii) exploit them without ever being detected. With this in mind we consider syslog standards and open source projects that safeguard events during the storage and transit phases, and examine how data compression effects security. We conclude that there are syslog standards in place that satisfy security on a hop-by-hop basis, that there are no such standards for secure storage, and that message compression is not recommended during transit.

  • 8.
    Dahlberg, Rasmus
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Verifiable Light-Weight Monitoring for Certificate Transparency Logs2018Ingår i: Secure IT Systems. NordSec 2018: Lecture Notes in Computer Science, vol. 11252 / [ed] N. Gruschka, Springer, 2018, s. 171-183Konferensbidrag (Refereegranskat)
    Abstract [en]

    Trust in publicly verifiable Certificate Transparency (CT) logs is reduced through cryptography, gossip, auditing, and monitoring. The role of a monitor is to observe each and every log entry, looking for suspicious certificates that interest the entity running the monitor. While anyone can run a monitor, it requires continuous operation and copies of the logs to be inspected. This has lead to the emergence of monitoring as-a-service: a trusted third-party runs the monitor and provides registered subjects with selective certificate notifications. We present a CT/bis extension for verifiable light-weight monitoring that enables subjects to verify the correctness of such certificate notifications, making it easier to distribute and reduce the trust which is otherwise placed in these monitors. Our extension supports verifiable monitoring of wild-card domains and piggybacks on CT’s existing gossip-audit security model. 

  • 9.
    Dahlberg, Rasmus
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Peeters, Roel
    Katholieke Universiteit Leuven, Belgium.
    Efficient Sparse Merkle Trees: Caching Strategies and Secure (Non-)Membership Proofs2016Ingår i: Secure IT Systems: 21st Nordic Conference, NordSec 2016, Oulu, Finland, November 2-4, 2016. Proceedings / [ed] Billy Bob Brumley, Juha Röning, Springer, 2016, s. 199-215Konferensbidrag (Refereegranskat)
    Abstract [en]

    A sparse Merkle tree is an authenticated data structure based on a perfect Merkle tree of intractable size. It contains a distinct leaf for every possible output from a cryptographic hash function, and can be simulated efficiently because the tree is sparse (i.e., most leaves are empty). We are the first to provide complete, succinct, and recursive definitions of a sparse Merkle tree and related operations. We show that our definitions enable efficient space-time trade-offs for different caching strategies, and that verifiable audit paths can be generated to prove (non-)membership in practically constant time (<4 ms) when using SHA-512/256. This is despite a limited amount of space for the cache—smaller than the size of the underlying data structure being authenticated—and full (concrete) security in the multi-instance setting.

  • 10.
    Dahlberg, Rasmus
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Vestin, Jonathan
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Høiland-Jørgensen, Toke
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Kassler, Andreas
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT. Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Aggregation-Based Gossip for Certificate TransparencyÖvrigt (Övrigt vetenskapligt)
    Abstract [en]

    Certificate Transparency (CT) is a project that mandates public logging of TLS certificates issued by certificate authorities. While a CT log is designed to be trustless, it relies on the assumption that every client sees and cryptographically verifies the same log. The solution to this problem is a gossip mechanism that ensures that clients share the same view of the logs. Despite CT being added to Google Chrome, no gossip mechanism is pending wide deployment. We suggest an aggregation-based gossip mechanism that passively observes cryptographic material that CT logs emit in plaintext, aggregating at packet processors and periodically verifying log consistency off-path. Based on 20 days of RIPE Atlas measurements that represents clients from 3500 autonomous systems and 40% of the IPv4 space, our proposal can be deployed incrementally for a realistic threat model with significant protection against undetected log misbehavior. We also discuss how to instantiate aggregation-based gossip on a variety of packet processors, and show that our P4 and XDP proof-of-concepts implementations run at line-speed.

  • 11. Fernández Gago, M. Carmen
    et al.
    Tountopoulos, Vassilis
    Fischer-Hübner, Simone
    Karlstads universitet, Institutionen för informationsteknologi.
    Nuñez, David
    Angulo, Julio
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för informatik och projektledning. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Koulouris, Theo
    Tools for Cloud Accountability: A4Cloud Tutorial2015Ingår i: Privacy and Identity Management for the Future Internet in the Age of Globalisation: 9th IFIP WG 9.2, 9.5, 9.6/11.7, 11.4, 11.6/SIG 9.2.2 International Summer School, Patras, Greece, September 7-12, 2014, Revised Selected Papers / [ed] Jan Camenisch, Simone Fischer-Hübner, Marit Hansen, Cham: Springer, 2015, s. 219-236Kapitel i bok, del av antologi (Refereegranskat)
    Abstract [en]

    Cloud computing is becoming a key IT infrastructure technology being adopted progressively by companies and users. Still, there are issues and uncertainties surrounding its adoption, such as security and how users data is dealt with that require attention from developers, researchers, providers and users. The A4Cloud project tries to help solving the problem of accountability in the cloud by providing tools that support the process of achieving accountability. This paper presents the contents of the first A4Cloud tutorial. These contents include basic concepts and tools developed within the project. In particular, we will review how metrics can aid the accountability process and some of the tools that the A4Cloud project will produce such as the Data Track Tool (DTT) and the Cloud Offering Advisory Tool (COAT).

  • 12.
    Fischer-Hübner, Simone
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Angulo, Julio
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Karegar, Farzaneh
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Transparency, Privacy and Trust: Technology for Tracking and Controlling my Data Disclosures – Does this work?2016Ingår i: Proceedings of the 10th IFIPTM Conference 2016: Trust Management X / [ed] Sheikh Mahbub Habib, Julita Vassileva, Sjouke Mauw, Max Mühlhäuser, Heidelberg: Springer Berlin/Heidelberg, 2016Konferensbidrag (Refereegranskat)
  • 13. Fischer-Hübner, Simone
    et al.
    Angulo, Julio
    Pulls, Tobias
    How can Cloud Users be Supported in Deciding on, Tracking and Controlling How their Data are Used?2014Ingår i: Privacy and Identity Management for Emerging Services and Technologies: 8th IFIP WG 9.2, 9.5, 9.6/11.7, 11.4, 11.6 International Summer School, Nijmegen, The Netherlands, June 17-21, 2013, Revised Selected Papers, Springer , 2014, s. 77-92Konferensbidrag (Refereegranskat)
    Abstract [en]

    Transparency is a basic privacy principle and factor of social trust. However, the processing of personal data along a cloud chain is often rather intransparent to the data subjects concerned. Transparency Enhancing Tools (TETs) can help users in deciding on, tracking and controlling their data in the cloud. However, TETs for enhancing privacy also have to be designed to be both privacy-preserving and usable. In this paper, we provide requirements for usable TETs for the cloud. The requirements presented in this paper were derived in two ways; at a stakeholder workshop and through a legal analysis. Here we discuss design principles for usable privacy policies and give examples of TETs which enable end users to track their personal data. We are developing them using both privacy and usability as design criteria.

  • 14.
    Fischer-Hübner, Simone
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Martucci, Leonardo
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Fritsch, Lothar
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Herold, Sebastian
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Iwaya, Leonardo H
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Alfredsson, Stefan
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Albin, Zuccato
    ATEA Sverige AB, Stockholm, Sweden.
    A MOOC on Privacy by Design and the GDPR2018Ingår i: Information Security Education: Towards a Cybersecure Society / [ed] Lynette Drevin, Marianthi Theocharidou, Cham, Switzerland: Springer, 2018, s. 95-107Konferensbidrag (Refereegranskat)
    Abstract [en]

    In this paper we describe how we designed a massive open online course (mooc) on Privacy by Design with a focus on how to achieve compliance with the eu gdpr principles and requirements in it engineering and management. This mooc aims at educating both professionals and undergraduate students, i.e., target groups with distinct educational needs and requirements, within a single course structure. We discuss why developing and publishing such a course is a timely decision and fulfills the current needs of the professional and undergraduate education. The mooc is organized in five modules, each of them with its own learning outcomes and activities. The modules focus on different aspects of the gdpr that data protection officers have to be knowledgeable about, ranging from the legal basics, to data protection impact assessment methods, and privacy-enhancing technologies. The modules were delivered using hypertext, digital content and three video production styles: slides with voice-over, talking heads and interviews. The main contribution of this work is the roadmap on how to design a highly relevant mooc on privacy by design and the gdpr aimed at an heterogeneous audience.

  • 15.
    Greschbach, Benjamin
    et al.
    KTH Royal Institute of Tech. .
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Roberts, Laura M.
    Princeton University.
    Winter, Philipp
    Princeton University.
    Feamster, Nick
    Princeton University.
    The Effect of DNS on Tor´s Anonymity2017Ingår i: NDSS Symposium 2017, Internet society , 2017Konferensbidrag (Refereegranskat)
    Abstract [en]

    Previous attacks that link the sender and receiver oftraffic in the Tor network (“correlation attacks”) have generallyrelied on analyzing traffic from TCP connections. The TCPconnections of a typical client application, however, are oftenaccompanied by DNS requests and responses. This additionaltraffic presents more opportunities for correlation attacks. Thispaper quantifies how DNS traffic can make Tor users more vulnerableto correlation attacks. We investigate how incorporatingDNS traffic can make existing correlation attacks more powerfuland how DNS lookups can leak information to third partiesabout anonymous communication. We (i) develop a method toidentify the DNS resolvers of Tor exit relays; (ii) develop a newset of correlation attacks (DefecTor attacks) that incorporate DNStraffic to improve precision; (iii) analyze the Internet-scale effectsof these new attacks on Tor users; and (iv) develop improvedmethods to evaluate correlation attacks. First, we find that thereexist adversaries that can mount DefecTor attacks: for example,Google’s DNS resolver observes almost 40% of all DNS requestsexiting the Tor network. We also find that DNS requests oftentraverse ASes that the corresponding TCP connections do nottransit, enabling additional ASes to gain information about Torusers’ traffic. We then show that an adversary that can mount aDefecTor attack can often determine the website that a Tor useris visiting with perfect precision, particularly for less popularwebsites where the set of DNS names associated with that websitemay be unique to the site. We also use the Tor Path Simulator(TorPS) in combination with traceroute data from vantage pointsco-located with Tor exit relays to estimate the power of AS-leveladversaries that might mount DefecTor attacks in practice.

  • 16.
    Hedbom, Hans
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Unlinking Database Entries: Implementation Issues in Privacy Preserving Secure Logging2010Konferensbidrag (Refereegranskat)
    Abstract [en]

    This paper discusses implementation issues related to using relational databases as storage when implementing privacy preserving secure logs. In these types of logs it is important to keep the unlinkability properties of log entries intact when the entries are stored. We briefly describe the concept of privacy preserving secure logging and give the rational for it. The problems of using relational database systems as storage is discussed and we suggest three solutions to the problem. Two of the solutions are analyzed and compared and we show that at least one of the solutions is feasible in a real live setting and that the added overhead of the solution is very small.

  • 17.
    Hedbom, Hans
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Hansen, Marit
    Unabhangiges Landeszentrum Datenschutz Schleswig, D-24103 Kiel, Germany..
    Transparency Tools2011Ingår i: Privacy and identity management for life / [ed] Jan Camenisch, Simone Fischer-Hübner, Kai Rannenberg, Berlin, Heidelberg: Springer Berlin/Heidelberg, 2011, 1, s. 135-143Kapitel i bok, del av antologi (Refereegranskat)
    Abstract [en]

    The increasing spread of personal information on the Internet calls for new tools and paradigm to complement the concealment and protection paradigms. One such suggested paradigm is transparency and the associated transparency enhancing tools, making it possible for Data Subjects to track an examine how there data have been used, where it originates and what personal data about them that Data Controllers have stored. One such tool needed in order to track events related to personal data is a log system. Such a log system must be constructed in such a way that it does not introduce new privacy problems. This chapter describes such a log system that we call a privacy preserving secure log. It outlines the requirements for the system and describes and specifies a privacy preserving log system that has been developed and implemented within the Prime Life project.

  • 18.
    Hedbom, Hans
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Hjartquist, Peter
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Lavén, Andreas
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Adding Secure Transparency Logging to the PRIME Core2010Ingår i: PRIVACY AND IDENTITY MANAGEMENT FOR LIFE, 2010, s. 299-314Konferensbidrag (Refereegranskat)
    Abstract [en]

    This paper presents a secure privacy preserving log. These types of logs are useful (if not necessary) when constructing transparency services for privacy enhancement. The solution builds on and extends previous work within the area and tries to address the shortcomings of previous solutions regarding privacy issues.

  • 19.
    Karegar, Farzaneh
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Fischer-Hübner, Simone
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Visualizing Exports of Personal Data by Exercising the Right of Data Portability in the Data Track - Are People Ready for This?2017Ingår i: Privacy and Identity Management. Facing up to Next Steps. Privacy and Identity 2016. IFIP Advances in Information and Communication Technology., Springer, 2017, Vol. 498, s. 164-181Konferensbidrag (Refereegranskat)
    Abstract [en]

    A transparency enhancing tool called Data Track has been developed at Karlstad University. The latest stand-alone version of the tool allows users to visualize their data exports. For analyzing the users’ perceptions of the Data Track in regard to transparency features and the concepts of data export and data portability, we have conducted a qualitative user study. We observed that although users had rather little interest in the visualization of derived data activities revealed in the Google location file, they were interested in other kinds of derived data like usage patterns for different service providers. Also, as earlier user studies revealed, we again confirmed that it is confusing for users to differentiate between locally and remotely stored and controlled data. Finally, in spite of being concerned about the security of the data exported to their machines, for exercising data portability rights pursuant to the General Data Protection Regulation, most participants would prefer to first export and edit the data before uploading it to another service provider and would appreciate using a tool such as the Data Track for helping them in this context.

  • 20.
    Momen, Nurul
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Fritsch, Lothar
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    How much Privilege does an App Need? Investigating Resource Usage of Android Apps2017Ingår i: Proceedings of the Fifteenth International Conference on Privacy, Security and Trust – PST 2017 (IEEE proceedings pendings), IEEE, 2017Konferensbidrag (Refereegranskat)
    Abstract [en]

    Arguably, one of the default solutions to many of today’s everyday errands is to install an app. In order to deliver a variety of convenient and user-centric services, apps need to access different types of information stored in mobile devices, much of which is personal information. In principle, access to such privacy sensitive data should be kept to a minimum. In this study, we focus on privilege utilization patterns by apps installed on Android devices. Though explicit consent is required prior to first time access to the resource, the unavailability of usage information makes it unclear when trying to reassess the users initial decision. On the other hand, if granted privilege with little or no usage, it would suggest the likely violation of the principle of least privilege. Our findings illustrate a plausible requirement for visualising resource usage to aid the user in their decision- making and finer access control mechanisms. 

  • 21.
    Pais, Rui
    et al.
    University of Stavanger.
    Wiktor Wlodarczyk, Tomasz
    University of Stavanger.
    Rübsamen, Thomas
    Hochschule Furtwangen University.
    Reich, Christoph
    Hochschule Furtwangen University.
    Azraoui, Monir
    EURECOM.
    Royer, Jean-Claude
    ARMINES-EMN.
    Reuben, Jenni
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Bernsmed, Karin
    SINTEF.
    Felici, Massimo
    HP.
    Pais, Rui (Redaktör)
    University of Stavanger.
    D:C-8.2 Framework of Evidence2015Rapport (Refereegranskat)
  • 22.
    Peeters, Roel
    et al.
    Katholieke Universiteit Leuven, Leuven, Belgium.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Insynd: Improved Privacy-Preserving Transparency Logging2016Ingår i: Computer Security - ESORICS 2016: 21st European Symposium on Research in Computer Security, Heraklion, Greece, September 26-30, 2016, Proceedings, Part II / [ed] Ioannis Askoxylakis, Sotiris Ioannidis, Sokratis Katsikas,Catherine Meadows, Cham: Springer, 2016, Vol. 9879, s. 121-139Konferensbidrag (Refereegranskat)
    Abstract [en]

    Service providers collect and process more user data then ever, while users of these services remain oblivious to the actual processing and utility of the processed data to the service providers. This leads users to put less trust in service providers and be more reluctant to share data. Transparency logging is about service providers continuously logging descriptions of the data processing on their users' data, where each description is intended for a particular user.

    We propose Insynd, a new cryptographic scheme for privacy-preserving transparency logging. Insynd improves on prior work by (1) increasing the utility of all data sent through the scheme thanks to our publicly verifiable proofs: one can disclose selected events without having to disclose any long term secrets; and (2) enabling a stronger adversarial model: Inysnd can deal with an untrusted server (such as commodity cloud services) through the use of an authenticated data structure named Balloon. Finally, our publicly available prototype implementation shows greatly improved performance with respect to related work and competitive performance for more data-intensive settings like secure logging.

  • 23.
    Peeters, Roel
    et al.
    KU Leuven.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Wouters, Karel
    KU Leuven.
    Enhancing Transparency with Distributed Privacy-Preserving Logging2013Ingår i: ISSE 2013 Securing Electronic Business Processes: Highlights of the Information Security Solutions Europe / [ed] Reimer, H., Pohlman, N. & Schneider, W., Springer, 2013, s. 61-71Konferensbidrag (Refereegranskat)
  • 24.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    (More) Side Channels in Cloud Storage: Linking Data to Users2012Ingår i: Privacy and Identity Management for Life: 7th IFIP WG 9.2, 9.6/11.7, 11.4, 11.6/PrimeLife International Summer School, Trento, Italy, September 5-9, 2011, Revised Selected Papers, Berlin, Heidelberg: Springer Berlin/Heidelberg, 2012, s. 102-115Konferensbidrag (Refereegranskat)
    Abstract [en]

    Public cloud storage services are gaining in popularity and several commercial actors are offering their services for users, however, not always with the security and privacy of their users as the primary design goal. This paper investigates side channels in public cloud storage services that allow the service provider, and in some cases users of the same service, to learn who has stored a given file and to profile users’ usage of the service. These side channels are present in several public cloud storage services that are marketed as secure and privacy-friendly. Our conclusions are that cross-user deduplication should be disabled by default and that public cloud storage services need to be designed to provide unlinkability of users and data, even if the data is encrypted by users before storing it in the cloud.

  • 25.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Preserving Privacy in Transparency Logging2015Doktorsavhandling, monografi (Övrigt vetenskapligt)
    Abstract [en]

    The subject of this dissertation is the construction of privacy-enhancing technologies (PETs) for transparency logging, a technology at the intersection of privacy, transparency, and accountability. Transparency logging facilitates the transportation of data from service providers to users of services and is therefore a key enabler for ex-post transparency-enhancing tools (TETs). Ex-post transparency provides information to users about how their personal data have been processed by service providers, and is a prerequisite for accountability: you cannot hold a controller accountable for what is unknown.

    We present three generations of PETs for transparency logging to which we contributed. We start with early work that defined the setting as a foundation and build upon it to increase both the privacy protections and the utility of the data sent through transparency logging. Our contributions include the first provably secure privacy-preserving transparency logging scheme and a forward-secure append-only persistent authenticated data structure tailored to the transparency logging setting. Applications of our work range from notifications and deriving data disclosures for the Data Track tool (an ex-post TET) to secure evidence storage.

  • 26.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Privacy-Friendly Cloud Storage for the Data Track: An Educational Transparency Tool2012Ingår i: Secure IT Systems: 17th Nordic Conference, NordSec 2012, Karlskrona, Sweden, October/November 2012, Proceedings / [ed] Audun Jøsang, Bengt Carlsson, Berlin/Heidelberg: Springer Berlin/Heidelberg, 2012, s. 231-246Konferensbidrag (Refereegranskat)
    Abstract [en]

    The Data Track is a transparency-enhancing tool that aims to educate users by providing them with an overview of all their data disclosures. In this paper, we describe a cryptographic scheme for storing all data disclosures tracked by the Data Track centrally in the cloud in a privacy-friendly way. Our scheme allows users to store their data anonymously, while keeping the cloud provider accountable with regard to the integrity of the data. Furthermore, we introduce a separation of concerns for the different components of the Data Track, well suited for tracking data disclosures from semi-trusted devices that may become compromised. We provide an informal evaluation of our scheme and briefly describe a proof of concept implementation.

  • 27.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Privacy-Preserving Transparency-Enhancing Tools2012Licentiatavhandling, sammanläggning (Övrigt vetenskapligt)
    Abstract [en]

    Transparency is a key principle in democratic societies. For example, the public sector is in part kept honest and fair with the help of transparency through different freedom of information (FOI) legislations. In the last decades, while FOI legislations have been adopted by more and more countries worldwide, we have entered the information age enabled by the rapid development of information technology. This has led to the need for technological solutions that enhance transparency, for example to ensure that FOI legislation can be adhered to in the digital world. These solutions are called transparency-enhancing tools (TETs), and consist of both technological and legal tools. TETs, and transparency in general, can be in conflict with the privacy principle of data minimisation.

    The goal of transparency is to make information available, while the goal of data minimisation is to minimise the amount of available information. This thesis presents two privacy-preserving TETs: one cryptographic system forenabling transparency logging, and one cryptographic scheme for storing the data for the so called Data Track tool at a cloud provider. The goal of the transparency logging TET is to make data processing by data controllers transparent to the user whose data is being processed. Our work ensures that the process in which the data processing is logged does not leak sensitive information about the user, and thatthe user can anonymously read the information logged on their behalf. The goal of the Data Track is to make it transparent to users which data controllers they have disclosed data to under which conditions. Furthermore, the Data Track intends to empower users to exercise their rights, online and potentially anonymously, with regard to their disclosed data at the recipient data controllers. Our work ensures that the data kept by the Data Track can be stored at acloud storage provider, enabling easy synchronisation across multiple devices, while preserving the privacy of users by making their storage anonymous toward the provider and by enabling users to hold the provider accountable for the data it stores.

  • 28.
    Pulls, Tobias
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Dahlberg, Rasmus
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Cryptology ePrint Archive: Report 2018/7372018Rapport (Övrigt vetenskapligt)
    Abstract [en]

    We present Steady: an end-to-end secure logging system engineered to be simple in terms of design, implementation, and assumptions for real-world use. Steady gets its name from being based on a steady (heart)beat of events from a forward-secure device sent over an untrusted network through untrusted relays to a trusted collector. Properties include optional encryption and compression (with loss of confidentiality but significant gain in goodput), detection of tampering, relays that can function in unidirectional networks (e.g., as part of a data diode), cost-effective use of cloud services for relays, and publicly verifiable proofs of event authenticity. The design is formalized and security proven in the standard model. Our prototype implementation (about 2,200 loc) shows reliable goodput of over 1M events/s (about 160 MiB/s) for a realistic dataset with commodity hardware for a device on a GigE network using 16 MiB of memory connected to a relay running at Amazon EC2.

  • 29.
    Pulls, Tobias
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Dahlberg, Rasmus
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Steady: A Simple End-to-End Secure Logging System2018Ingår i: Secure IT Systems. NordSec 2018: Lecture Notes in Computer Science, vol 11252 / [ed] N. Gruschka, Springer, 2018, s. 88-103Konferensbidrag (Refereegranskat)
    Abstract [en]

    We present Steady: an end-to-end secure logging system engineered to be simple in terms of design, implementation, and assumptions for real-world use. Steady gets its name from being based on a steady (heart)beat of events from a forward-secure device sent over an untrusted network through untrusted relays to a trusted collector. Properties include optional encryption and compression (with loss of confidentiality but significant gain in goodput), detection of tampering, relays that can function in unidirectional networks (e.g., as part of a data diode), cost-effective use of cloud services for relays, and publicly verifiable proofs of event authenticity. The design is formalized and security proven in the standard model. Our prototype implementation (2,200 loc) shows reliable goodput of over 1M events/s (160 MiB/s) for a realistic dataset with commodity hardware for a device on a GigE network using 16 MiB of memory connected to a relay running at Amazon EC2. 

  • 30.
    Pulls, Tobias
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Peeters, Roel
    Katholieke Univ Leuven, ESAT COSIC, Leuven, Belgium, Katholieke Univ Leuven, iMinds, Leuven, Belgium .
    Balloon: A Forward-Secure Append-Only Persistent Authenticated Data Structure2015Ingår i: Computer Security -- ESORICS 2015: 20th European Symposium on Research in Computer Security, Vienna, Austria, September 21-25, 2015, Proceedings, Part II, Cham: Springer, 2015, Vol. 9327, s. 622-641Konferensbidrag (Refereegranskat)
  • 31.
    Pulls, Tobias
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Peeters, Roel
    KU Leuven.
    Insynd: Privacy-Preserving Transparency Logging Using Balloons2015Rapport (Övrigt vetenskapligt)
  • 32.
    Pulls, Tobias
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Peeters, Roel
    KU Leuven.
    Wouters, Karel
    KU Leuven.
    Distributed privacy-preserving transparency logging2013Ingår i: WPES '13 Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society, Association for Computing Machinery (ACM), 2013, s. 83-94Konferensbidrag (Refereegranskat)
  • 33.
    Pulls, Tobias
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Slamanig, Daniel
    Graz Univ Technol, Inst Appl Informat Proc & Commun IAIK, Austria.
    On the Feasibility of (Practical) Commercial Anonymous Cloud Storage2015Ingår i: Transactions on Data Privacy, ISSN 1888-5063, E-ISSN 2013-1631, Vol. 8, nr 2, s. 89-111Artikel i tidskrift (Refereegranskat)
  • 34.
    Pulls, Tobias
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Wouters, Karel
    KU Leuven, Department of Electrical Engineering - ESAT .
    Vliegen, Jo
    KU Leuven, Department of Electrical Engineering - ESAT and KHLim, FI².
    Grahn, Christian
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Distributed Privacy-Preserving Log Trails2012Rapport (Övrigt vetenskapligt)
    Abstract [en]

    In the online world, increasing amounts of personal data of users are processed by service providers and other third party data processors. The privacy principle of transparency means that users should be informed about what data about them are processed by whom and how. This report describes a log service that enables users to reconstruct a log trail of these actions, by retrieving log entries from log servers. The information that links log entries into a trail is logged — together with the encrypted action data — to dedicated log servers by the data processors. In the proposed service, log entries of one trail can be spread over different log servers, possibly generated by different data processors. The fact that certain information is logged about a user can already leak information, and adding linking information only elevates this privacy risk. Encrypting the logged information does not suffice to protect against this. In our system, linking information across log databases is cryptographically protected and is only meaningful to the user to whom the log entries relate. In the report, we also consider the fact that log servers and data processors can become compromised. The scheme is therefore auditable, meaning that a third party can validate that log servers cannot make any changes to log entries without being detected, even when they collude with other log servers or data processors.

  • 35.
    Ruebsamen, Thomas
    et al.
    Furtwangen Univ, Cloud Res Lab, Furtwangen, Germany..
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Reich, Christoph
    Furtwangen Univ, Cloud Res Lab, Furtwangen, Germany..
    Security and Privacy Preservation of Evidence in Cloud Accountability Audits2016Ingår i: CLOUD COMPUTING AND SERVICES SCIENCE, CLOSER 2015, 2016, s. 95-114Konferensbidrag (Refereegranskat)
    Abstract [en]

    Cloud accountability audits are promising to strengthen trust in cloud computing by providing reassurance about the processing data in the cloud according to data handling and privacy policies. To effectively automate cloud accountability audits, various distributed evidence sources need to be considered during evaluation. The types of information range from authentication and data access logging to location information, information on security controls and incident detection. Securing that information quickly becomes a challenge in the system design, when the evidence that is needed for the audit is deemed sensitive or confidential information. This means that securing the evidence at-rest as well as in-transit is of utmost importance. In this paper, we present a system that is based on distributed software agents which enables secure evidence collection with the purpose of automated evaluation during cloud accountability audits. We thereby present the integration of Insynd as a suitable cryptographic mechanism for securing evidence. We present our reasoning for choosing Insynd by showing a comparison of Insynd properties with requirements imposed by accountability evidence collection as well as an analysis how security threats are being mitigated by Insynd. We put special emphasis on security and privacy protection in our system analysis.

  • 36. Rübsamen, Thomas
    et al.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Reich, Christoph
    Secure Evidence Collection and Storage for Cloud Accountability Audits2015Ingår i: Proceedings of the 5th International Conference on Cloud Computing and Services Science / [ed] Markus Helfert, Donald Ferguson & Víctor Méndez Muñoz, SciTePress , 2015Konferensbidrag (Refereegranskat)
  • 37.
    Veseli, Fatbardh
    et al.
    Capgemini Germany, Frankfurt am Main, Germany.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Olvera, J. S.
    Goethe University Frankfurt, Frankfurt am Main, Germany.
    Rannenberg, Kai
    Goethe University Frankfurt, Frankfurt am Main, Germany.
    Engineering privacy by design: Lessons from the design and implementation of an identity wallet platform2019Ingår i: Proceedings of the ACM Symposium on Applied Computing, Association for Computing Machinery , 2019, s. 1475-1483Konferensbidrag (Refereegranskat)
    Abstract [en]

    Applying PbD principles to the design of a system is challenging. We provided our experience and lessons learnt from applying the LINDDUN as a privacy assessment framework in the design of the architecture for a cloud-based identity wallet platform. In this effort, we identified a need to improve LINDDUN in a number of cases, for which we proposed and documented concrete enhancements. We transform LINDDUN from a linear to an iterative process that requires adaptation, introduce the concept of “Constraints” and add a new step in the mitigation of threats. Further, we consider the mitigation strategies of LINDDUN too narrow, and propose other, more practicable ones. Finally, we not only identify further PETs for mitigating privacy threats, but also acknowledge the fact that some threats cannot be effectively mitigated with PETs alone. Thus, we introduce additional mitigation mechanisms besides PETs, introducing especially development guidelines and organizational measures. We demonstrate our enhancements with concrete examples, which could serve also other engineering projects following the PbD paradigm.

  • 38.
    Vliegen, Jo
    et al.
    ESAT, SCD/COSIC, Katholieke Universiteit Leuven, 3001 Leuven, Belgium.
    Wouters, Karel
    ESAT, SCD/COSIC, Katholieke Universiteit Leuven, 3001 Leuven, Belgium.
    Grahn, Christian
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Hardware strengthening a Distributed Logging Scheme2012Ingår i: In Proceedings ofthe 15th Euromicro Conference on Digital System Design, Cesme, Izmir,Turkey, September 5–8, IEEE, 2012, 2012Konferensbidrag (Refereegranskat)
  • 39.
    Wiktor Wlodarczyk, Tomasz
    et al.
    University of Stavanger.
    Pais, Rui
    University of Stavanger.
    Azraoui, Monir
    EURECOM.
    Önen, Melek
    EURECOM.
    Reuben, Jenni
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap. Karlstad University.
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Sellami, Mohamed
    ARMINES EMN.
    Royer, Jean-Claude
    ARMINES EMN.
    Felici, Massimo
    HP Labs.
    Bernsmed, Karin
    SINTEF.
    Rübsamen, Thomas (Redaktör)
    Hochschule Furtwangen University.
    D:C-8.3 Automation Service for the Framework of Evidence2015Rapport (Refereegranskat)
  • 40.
    Winter, Philipp
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Pulls, Tobias
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Fuss, Juergen
    Upper Austria University of Applied Sciences.
    ScrambleSuit: A Polymorphic Network Protocol to Circumvent Censorship2013Konferensbidrag (Refereegranskat)
    Abstract [en]

    Deep packet inspection technology became a cornerstone of Internet censorship by facilitating cheap and effective filtering of what censors consider undesired information. Moreover, filtering is not limited to simple pattern matching but makes use of sophisticated techniques such as active probing and protocol classification to block access to popular circumvention tools such as Tor. In this paper, we propose ScrambleSuit; a thin protocol layer above TCP whose purpose is to obfuscate the transported application data. By using morphing techniques and a secret exchanged out-of-band, we show that ScrambleSuit can defend against active probing and other fingerprinting techniques such as protocol classification and regular expressions. We finally demonstrate that our prototype exhibits little overhead and enables effective and lightweight obfuscation for application layer protocols.

  • 41.
    Winter, Philipp
    et al.
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Pulls, Tobias
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Fuss, Juergen
    Upper Austria University of Applied Sciences.
    ScrambleSuit: A Polymorphic Network Protocol to Circumvent Censorship2013Rapport (Övrigt vetenskapligt)
    Abstract [en]

    Deep packet inspection technology became a cornerstone of Internet censorship by facilitating cheap and effective filtering of what censors consider undesired information. Moreover, filtering is not limited to simple pattern matching but makes use of sophisticated techniques such as active probing and protocol classification to block access to popular circumvention tools such as Tor.

    In this paper, we propose ScrambleSuit; a thin protocol layer above TCP whose purpose is to obfuscate the transported application data. By using morphing techniques and a secret exchanged out-of-band, we show that ScrambleSuit can defend against active probing and other fingerprinting techniques such as protocol classification and regular expressions.

    We finally demonstrate that our prototype exhibits little overhead and enables effective and lightweight obfuscation for application layer protocols.

1 - 41 av 41
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf