Your search keyword '"Jonker P"' showing total 79 results

1. Forensic Watermarking in Digital Rights Management.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, van der Veen, Michiel, Lemma, Aweke, Celik, Mehmet, and Katzenbeisser, Stefan

Abstract

In this chapter, we give a brief introduction to digital watermarking and discuss its applications in DRM systems. Watermarks are particularly useful in DRM systems due to their ability to bridge the gap between analog and digital domains. In playback control applications, a watermark is embedded in the master copy of a content and encodes associated usage rules, which are enforced by compliant devices during playback. On the other hand, in forensic tracking applications, a unique watermark is embedded in each individual copy of the content; this watermark allows the authorities to identify the source of an illegal copy. After discussing the basic principles of spread spectrum watermarks, we outline the architecture of an online content distribution system that employs watermarks in order to enable forensic tracking. [ABSTRACT FROM AUTHOR]

Published

2007

2. DRM for Protecting Personal Content.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, and Hong Li

Abstract

Privacy is becoming a serious concern in the connected world. This chapter presents privacy issues, requirements and privacy protection concepts related to consumers' private content. First, privacy issues and requirements are described by means of several scenarios. Then, a DRM approach for protecting ownership and controlled sharing of private content is presented. A system is introduced for realizing such a privacy-enhancing approach for home media centers. Particular solutions for protecting and sharing personal content, ownership management, and content deletion in a privacy-preserving way are described. [ABSTRACT FROM AUTHOR]

Published

2007

3. Malicious Software in Ubiquitous Computing.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, and Swimmer, Morton

Abstract

Malware (malicious software) is rampant in our information technology infrastructures and is likely to be so for the foreseeable future. We will look at various types of malware and their characteristics and see what defenses currently exist to combat them. Various aspects of ubiquitous computing will likely prove game-changers for malware and we will look into how the problem will evolve as ubiquitous computing (UbiComp) is deployed. [ABSTRACT FROM AUTHOR]

Published

2007

4. RFID and Privacy.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, and Langheinrich, Marc

Abstract

Radio-frequency identification (RFID) technology has become one of the most hotly debated ubiquitous computing technologies, and public fears of its alleged capability for comprehensive surveillance have prompted a flurry of research trying to alleviate such concerns. The following chapter aims at introducing and briefly evaluating the range of proposed technical RFID privacy solutions. It also attempts to put the problem of RFID privacy into the larger perspective of both applications and policy, in order to properly assess the feasibility of the discussed solutions. [ABSTRACT FROM AUTHOR]

Published

2007

5. Private Person Authentication in an Ambient World.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, Tuyls, Pim, and Kevenaar, Tom

Abstract

Biometrics is a convenient way to identify and authenticate individuals in an ambient world. This can only be done if biometric reference information is stored in the biometric system. Storing biometric reference information without any precautions will lead to privacy and security problems. In this chapter, we present technological means to protect the biometric information stored in biometric systems (biometric template protection). After describing the most important methods that can be used for template protection, the most promising method based on techniques from the field of secure key extraction will be described in more detail and example implementations will be given for every stage of the template protection process. [ABSTRACT FROM AUTHOR]

Published

2007

6. Security and Privacy on the Semantic Web.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, and Olmedilla, Daniel

Abstract

The semantic Web aims to enable sophisticated and autonomic machine-to-machine interactions without human intervention, by providing machines not only with data but also with its meaning (semantics). In this setting, traditional security mechanisms are not suitable anymore. For example, identity-based access control assumes that parties are known in advance. Then, a machine first determines the identity of the requester in order to either grant or deny access, depending on its associated information (e.g., by looking up its set of permissions). In the semantic Web, any two strangers can interact with each other automatically and therefore this assumption does not hold. Hence, a semantically enriched process is required in order to regulate automatic access to sensitive information. Policy-based access control provides sophisticated means to support the protection of sensitive resources and information disclosure. This chapter provides an introduction to policy-based security and privacy protection by analyzing several existing policy languages. Furthermore, it shows how these languages can be used in a number of semantic Web scenarios. [ABSTRACT FROM AUTHOR]

Published

2007

7. Privacy Policies.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, Dekker, Marnix, Etalle, Sandro, and den Hartog, Jerry

Abstract

Privacy is a prime concern in today's information society. To protect the privacy of individuals, enterprises must follow certain privacy practices while collecting or processing personal data. In this chapter we look at the setting where an enterprise collects private data on its website, processes it inside the enterprise and shares it with partner enterprises. In particular, we analyse three different privacy systems that can be used in the different stages of this lifecycle. One of them is the audit logic, recently introduced, which can be used to keep data private while travelling across enterprise boundaries. We conclude with an analysis of the features and shortcomings of these systems. [ABSTRACT FROM AUTHOR]

Published

2007

8. The Persuasiveness of Ambient Intelligence.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, Aarts, Emile, Markopoulos, Panos, and de Ruyter, Boris

Abstract

Ambient intelligence (AmI) is a novel concept for embedded computing that builds on the large-scale integration of electronic devices into peoples' surroundings and the ubiquitous availability of digital information to the users of such environments. The concept however is not only concerned with the integration of computing in the background but, as a direct result of the disappearing computer and the corresponding interaction technologies, it calls for novel means of control that support the natural and intelligent use of such smart environments, emphasizing predominantly social aspects. As the familiar box-like devices are replaced by hidden functions embedded in the surroundings, the classical meaning and implication of security and trust needs to be revisited in the context of ambient intelligence. In this chapter, we briefly revisit the foundations of the AmI vision by addressing the role of AmIware, which refers to the basic and enabling AmI technologies, and by presenting some basic definitions of ambient intelligence. Next we discuss the meaning and role of persuasion on the basis of models and theories for motivation originating from cognitive science. Notions such as compliance and ambient journaling are used to develop an understanding of the concept of ambient persuasion. We also address the ethics of ambient intelligence from the point of view of a number of critical factors such as trust and faith, crossing boundaries, and changing realities. The chapter concludes with a summary of findings and some final remarks. [ABSTRACT FROM AUTHOR]

Published

2007

9. Enhancing Privacy for Digital Rights Management.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, Conrado, Claudine, and Schrijen, Geert-Jan

Abstract

This chapter addresses privacy issues in DRM systems. These systems provide a means of protecting digital content, but may violate the privacy of users in that the content they purchase and their actions in the system can be linked to specific users. The chapter proposes a privacy-preserving DRM system in which users interact with the system in a pseudonymous way, while preserving all the security requirements of usual DRM systems. To achieve this goal, a set of protocols and methods is proposed for managing user identities and interactions with the basic system during the acquisition and consumption of digital content. Privacy-enhancing extensions are also proposed. Unlinkable purchase of content, which prevents content providers from linking all content purchased by a given user, is discussed. Moreover, a method that allows a user to transfer content rights to another user without the two users being linked by the content provider is provided. [ABSTRACT FROM AUTHOR]

Published

2007

10. Person-Based and Domain-Based Digital Rights Management.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, and Koster, Paul

Abstract

This chapter discusses two important concepts in digital rights management (DRM). The first concept is authorized domains, which bind content to a domain allowing, content to be accessible on a set of devices. The second concept is person-based DRM, which binds content to a person and makes it available after authentication. Special focus is given to the combination of these concepts, which we call the personal entertainment domain (PED). We discuss the advantages and present the architecture of this concept. [ABSTRACT FROM AUTHOR]

Published

2007

11. Digital Rights Management Interoperability.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, and Kamperman, Frank

Abstract

Digital rights management (DRM) interoperability is becoming a necessity due to the wide variety of content protection systems. DRM interoperability problems occur on three system layers: protected content, licenses, and trust and key management. Solutions for DRM interoperability can be based on format and platform interoperability. Furthermore, three interoperability case studies are discussed: DVB, Coral, and MPEG-IPMP(X), highlighting three typical DRM interoperability solutions. [ABSTRACT FROM AUTHOR]

Published

2007

12. Copy Protection Systems.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, and Talstra, Joop

Abstract

The bulk of today's commercial audio and video content is distributed on (optical) media. As this business model is vulnerable to copying, the content is protected with some copy protection system (CPS) or other. In this chapter we look at the historic origins of Copy Protection and the basic technological ingredients of a CPS: media binding, broadcast encryption, and key hierarchies. Attention will also be devoted to auxiliary technologies such as watermarking and secure authenticated channels. We conclude with a review of new CPS components in upcoming protection systems. [ABSTRACT FROM AUTHOR]

Published

2007

13. Accountable Anonymous Communication.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, Diaz, Claudia, and Preneel, Bart

Abstract

In this chapter we motivate the need for anonymity at the communication layer and describe the potential risks of having traceable communications. We then introduce the legal requirements on data retention and motivate the need for revocability of anonymity upon the request of law enforcement. We describe the main building blocks for anonymous communication and for anonymity revocation. We explain how these building blocks can be combined in order to build a revocable anonymous communication infrastructure that fulfills both privacy and law enforcement requirements. [ABSTRACT FROM AUTHOR]

Published

2007

14. Client-Server Trade-Offs in Secure Computation.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, Schoenmakers, Berry, and Tuyls, Pim

Abstract

In the framework of secure computation based on threshold homomorphic cryptosystems, we consider scenarios in which a lightweight client device provides encrypted input to a secure computation to be performed on the server side. The computational power at the server side is assumed to be much higher than on the client side. We show how to trade-off work for the client against work for the server such that the total amount of work increases moderately. These client-server trade-offs are considered in detail for two applications: private biometrics and electronic voting. [ABSTRACT FROM AUTHOR]

Published

2007

15. An Introduction to Digital Rights Management Systems.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, and Jonker, Willem

Abstract

This chapter gives a concise introduction to digital rights management (DRM) systems by first presenting the basic ingredients of the architecture of DRM systems for (audio and/or video) content delivery, followed by an introduction to two open-standard DRM systems, one developed in the mobile world (Open Mobile Alliance DRM) and another one in the world of consumer electronics (Marlin). [ABSTRACT FROM AUTHOR]

Published

2007

16. Federated Identity Management.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, Camenisch, Jan, and Pfitzmann, Birgit

Abstract

The more real business and interaction with public authorities is performed in digital form, the more important the handling of identities over open networks becomes. The rise in identity theft as a result of the misuse of global but unprotected identifiers like credit card numbers is one strong indicator of this. Setting up individual passwords between a person and every organization he or she interacts with also offers very limited security in practice. Federated identity management addresses this critical issue. Classic proposals like Kerberos and PKIs never gained wide acceptance because of two problems: actual deployment to end users and privacy. We describe modern approaches that solve these problems. The first approach is browser-based protocols, where the user only needs a standard browser without special settings. We discuss the specific protocol types and security challenges of this protocol class, as well as what level of privacy can and cannot be achieved within this class. The second approach, private credentials, solves the problems that none of the prior solutions could solve, but requires the user to install some local software. Private credentials allow the user to reveal only the minimum information necessary to conduct transactions. In particular, it enables unlinkable transactions even for certified attributes. We sketch the cryptographic solutions and describe how optional properties such as revocability can be achieved, in particular in the idemix system. [ABSTRACT FROM AUTHOR]

Published

2007

17. Different Search Strategies on Encrypted Data Compared.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, and Brinkman, Richard

Abstract

When private information is stored in databases that are under the control of others, the only possible way to protect it is to encrypt it before storing it. In order to efficiently retrieve the data, a search mechanism that still works over the encrypted data is needed. In this chapter an overview of several search strategies is given. Some add meta-data to the database and do the searching only in the metadata, others search in the data itself or use secret sharing to solve the problem. Each strategy has its own advantages and disadvantages. [ABSTRACT FROM AUTHOR]

Published

2007

18. Strong Authentication with Physical Unclonable Functions.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, Tuyls, Pim, and Škorić, Boris

Abstract

Physical unclonable functions (PUFs) can be used as a cost-effective means to store cryptographic key material in an unclonable way. They can be employed for strong authentication of objects, e.g., tokens, and of persons possessing such tokens, but also for other purposes. We give a short overview of security applications where PUFs are useful, and discuss physical realisations, noisy measurements and information content of PUFs. Then we describe an integrated authentication token containing an optical PUF, a challenging mechanism and a detector. Finally, we discuss authentication protocols for controlled and uncontrolled PUFs. [ABSTRACT FROM AUTHOR]

Published

2007

19. Statistical Database Security.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, Brankovic, Ljiljana, and Giggins, Helen

Abstract

Statistical database security focuses on the protection of confidential individual values stored in so-called statistical databases and used for statistical purposes. Examples include patient records used by medical researchers, and detailed phone call records, statistically analyzed by phone companies in order to improve their services. This problem became apparent in the 1970s and has escalated in recent years due to massive data collection and growing social awareness of individual privacy. The techniques used for preventing statistical database compromise fall into two categories: noise addition, where all data and/or statistics are available but are only approximate rather than exact, and restriction, where the system only provides those statistics and/or data that are considered safe. In either case, a technique is evaluated by measuring both the information loss and the achieved level of privacy. The goal of statistical data protection is to maximize the privacy while minimizing the information loss. In order to evaluate a particular technique it is important to establish a theoretical lower bound on the information loss necessary to achieve a given level of privacy. In this chapter, we present an overview of the problem and the most important results in the area. [ABSTRACT FROM AUTHOR]

Published

2007

20. Privacy-Preserving Data Mining.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, Brankovic, Ljiljana, Islam, Md. Zahidul, and Giggins, Helen

Abstract

Despite enormous benefits and the extremely fast proliferation of data mining in recent years, data owners and researchers alike have acknowledged that data mining also revives old and introduces new threats to individual privacy. Many believe that data mining is, and will continue to be, one of the most significant privacy challenges in years to come. We live in an information age where vast amounts of personal data are regularly collected in the process of bank transactions, credit-card payments, making phone calls, using reward cards, visiting doctors and renting videos and cars, to mention but a few examples. All these data are typically used for data mining and statistical analysis and are often sold to other companies and organizations. A breach of privacy occurs when individuals are not aware that the data have been collected in the first place, have been passed onto other companies and organizations, or have been used for purposes other than the one for which they were originally collected. Even when individuals approve of use of their personal records for data mining and statistical analysis, for example in medical research, it is still assumed that only aggregate values will be made available to researchers and that no individual values will be disclosed. Various techniques can be employed in order to ensure the confidentiality of individual records and other sensitive information. They include adding noise to the original data, so that disclosing perturbed data does not necessarily reveal the confidential individual values. Some techniques were developed specifically for mining vertically and/or horizontally partitioned data. In this scenario each partition belongs to a different party (e.g., a hospital), and no party is willing to share their data but they all have interest in mining the total data set comprising all of the partitions. There are other techniques that focus on protecting confidentiality of logic rules and patterns discovered from data. In this chapter we introduce the main issues in privacy-preserving data mining, provide a classification of existing techniques and survey the most important results in this area. [ABSTRACT FROM AUTHOR]

Published

2007

21. Trusted Platforms.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, and Kursawe, Klaus

Abstract

This chapter describes some of the basic mechanism of building trusted platforms, i.e., platforms that behave in a way they are expected to. The main focus is the low-level implementation of such mechanism using secure hardware, including the trusted computing standard, security mechanisms inside the central processor unit (CPU) and external secure coprocessors. After describing the advantages and limits of these approaches, the chapter describes some basic services set up on such hardware, such as secure boot, remote attestation, and secure I/O interfaces. Finally, we briefly discuss secure operating systems, and point out some future trends in secure hardware and trusted platform. [ABSTRACT FROM AUTHOR]

Published

2007

22. Trust Management.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, Ardagna, Claudio A., Damiani, Ernesto, De Capitani di Vimercati, Sabrina, and Foresti, Sara

Abstract

The amount of data available electronically to a multitude of users has been increasing dramatically over the last few years. The size and dynamics of the user community set requirements that cannot be easily solved by traditional access control solutions. A promising approach for supporting access control in open environments is trust management. This chapter provides an overview of the most significant approaches for managing and negotiating trust between parties. We start by introducing the basic concepts on which trust management systems are built, describing their relationships with access control. We then illustrate credential-based access control languages together with a description of different trust negotiation strategies. We conclude the chapter with a brief overview of reputation-based systems. [ABSTRACT FROM AUTHOR]

Published

2007

23. Database Security.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, Bertino, Elisa, Byun, Ji-Won, and Kamra, Ashish

Abstract

As organizations increase their reliance on information systems for daily business, they become more vulnerable to security breaches. Though a number of techniques, such as encryption and electronic signatures, are currently available to protect data when transmitted across sites, a truly comprehensive approach for data protection must also include mechanisms for enforcing access control policies based on data contents, subject qualifications and characteristics, and other relevant contextual information, such as time. It is well understood today that the semantics of data must also be taken into account in order to specify effective access control policies. Also, techniques for data integrity and availability specifically tailored to database systems must be adopted. In this respect, over the years the database security community has developed a number of different techniques and approaches to assure data confidentiality, integrity, and availability. However, despite such advances, the database security area faces several new challenges. Factors such as the evolution of security concerns, the ‘disintermediation' of access to data, new computing paradigms and applications, such as grid-based computing and on-demand business, have introduced both new security requirements and new contexts in which to apply and possibly extend current approaches. In this chapter, we first survey the most relevant concepts underlying the notion of database security and summarize the most well-known techniques. We then discuss current challenges for database security and some preliminary approaches that address some of these challenges. [ABSTRACT FROM AUTHOR]

Published

2007

24. XML Security.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, Ardagna, Claudio A., Damiani, Ernesto, De Capitani di Vimercati, Sabrina, and Samarati, Pierangela

Abstract

The extensible markup language (XML) is a markup language promoted by the World Wide Web consortium (W3C). XML overcomes the limitations of hypertext markup language (HTML) and represents an important opportunity to solve the problem of protecting information distributed on the Web, with the definition of access restrictions directly on the structure and content of the document. This chapter summarizes the key XML security technologies and provides an overview of how they fit together and with XML. It should serve as a roadmap for future research and basis for further exploration of relevant scientific literature and standard specifications. [ABSTRACT FROM AUTHOR]

Published

2007

25. Role-Based Access Control.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, and Osborn, Sylvia L.

Abstract

Role-based access control (RBAC) models have been introduced by several groups of researchers. We first introduce the basic components of the American National Standards Institute (ANSI) RBAC model and the role graph model; then we contrast some of the details of these two models. Some design guidelines for successful role hierarchy design are given. Finally, we discuss some issues in designing a role-based system when mandatory access control constraints must be satisfied. [ABSTRACT FROM AUTHOR]

Published

2007

26. Authorization and Access Control.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, De Capitani di Vimercati, Sabrina, Foresti, Sara, and Samarati, Pierangela

Abstract

Access control is the process of controlling every request to a system and determining, based on specified rules (authorizations), whether the request should be granted or denied. The definition of an access control system is typically based on three concepts: access control policies, access control models, and access control mechanisms. In this chapter, we focus on the traditional access control models and policies. In particular, we review two of the most important policies: the discretionary and mandatory access control policies. We therefore start the chapter with an overview of the basic concepts on which access control systems are based. We then illustrate different traditional discretionary and mandatory access control policies and models that have been proposed in the literature, also investigating their low-level implementation in terms of security mechanisms. [ABSTRACT FROM AUTHOR]

Published

2007

27. Ethical Aspects of Information Security and Privacy.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, and Brey, Philip

Abstract

This chapter reviews ethical aspects of computer and information security and privacy. After an introduction to ethical approaches to information technology, the focus is first on ethical aspects of computer security. These include the moral importance of computer security, the relation between computer security and national security, the morality of hacking and computer crime, the nature of cyberterrorism and information warfare, and the moral responsibilities of information security professionals. Privacy is discussed next. After a discussion of the moral importance of privacy and the impact of information technology on privacy, privacy issues in various information-processing practices are reviewed. A concluding section ties the two topics together. [ABSTRACT FROM AUTHOR]

Published

2007

28. Privacy in the Law.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, Jonker, Willem, and Terstegge, Jeroen

Abstract

This chapter addresses privacy and legislation. It explains common categories of legal protection in most jurisdictions and surveys the internationally accepted privacy principles which form the basis of the law in most countries. Next, the most important interpretation rules by the courts are given and their applications to technology are discussed. Finally, the chapter gives an outlook on the future of privacy law. [ABSTRACT FROM AUTHOR]

Published

2007

29. Privacy and Security Issues in a Digital World.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M. -A., Valduriez, P., Weikum, G., Whang, K. -Y., Widom, J., Petković, Milan, and Jonker, Willem

Abstract

This chapter reviews the most important security and privacy issues of the modern digital world, emphasizing the issues brought by the concept of ambient intelligence. Furthermore, the chapter explains the organization of the book, describing which issues and related technologies are addressed by which chapters of the book. [ABSTRACT FROM AUTHOR]

Published

2007

30. Designing Spatial and Temporal Data Warehouses.

Author

Carey, M.J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J.C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Zimányi, Esteban, Malinowski, Elzbieta, and Zimanyi, Esteban

Published

2008

31. Conclusions and Future Work.

Author

Carey, M.J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J.C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Zimányi, Esteban, Malinowski, Elzbieta, and Zimanyi, Esteban

Published

2008

32. Designing Conventional Data Warehouses.

Author

Carey, M.J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J.C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Zimányi, Esteban, Malinowski, Elzbieta, and Zimanyi, Esteban

Published

2008

33. Spatial Data Warehouses.

Author

Carey, M.J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J.C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Zimányi, Esteban, Malinowski, Elzbieta, and Zimanyi, Esteban

Published

2008

34. Temporal Data Warehouses.

Author

Carey, M.J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J.C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Zimányi, Esteban, Malinowski, Elzbieta, and Zimanyi, Esteban

Published

2008

35. Conventional Data Warehouses.

Author

Carey, M.J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J.C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Zimányi, Esteban, Malinowski, Elzbieta, and Zimanyi, Esteban

Published

2008

36. Introduction.

Author

Carey, M.J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J.C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Zimányi, Esteban, Malinowski, Elzbieta, and Zimanyi, Esteban

Published

2008

37. Introduction to Databases and Data Warehouses.

Author

Carey, M.J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J.C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Zimányi, Esteban, Malinowski, Elzbieta, and Zimanyi, Esteban

Published

2008

38. Open Problems.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Batini, Carlo, and Scannapieca, Monica

Abstract

In this last chapter we outlined the future development of the data quality research area. In addition to what was presented in this book, in the next ten years there will probably be a widespread increase in contributions in the area, with new paradigms and approaches. Indeed, information is a "plastic" concept and resource, that can hardly be encapsulated into fixed models and techniques. We use textual information to write poetry, facial information to express emotions, musical information to compose or listen to operas. What does it mean that a note in a symphony is executed wrong? It is not easy to formalize this concept, and, probably, it is not useful, since a huge number of phenomena, luckily for us, have to be perceived, and will continue to be perceived, on the basis of our feelings and emotions. [ABSTRACT FROM AUTHOR]

Published

2006

39. Tools for Data Quality.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Batini, Carlo, and Scannapieca, Monica

Published

2006

40. Methodologies for Data Quality Measurement and Improvement.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Batini, Carlo, and Scannapieca, Monica

Published

2006

41. Data Quality Issues in Data Integration Systems.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Batini, Carlo, and Scannapieca, Monica

Published

2006

42. Object Identification.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Batini, Carlo, and Scannapieca, Monica

Published

2006

43. Activities and Techniques for Data Quality: Generalities.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Batini, Carlo, and Scannapieca, Monica

Abstract

In this chapter we have introduced several data quality activities, discovering that the improvement of data quality in an organization can be performed with a variety of actions and strategies. All of the activities introduced apply to data, and produce data of improved quality according to a given process. Other improvement activities can rely on processes that manipulate data, modifying the process or introducing suitable controls in the process; we will discuss them in Chapter 7. We have also started the discussion on activities while thoroughly analyzing (i) quality composition, and (ii) error localization and correction. Finally, we have discussed cost-benefit classifications in data quality, that can be used as check lists in the process of cost and benefit allocation. For quality composition and error localization and correction we introduced a spectrum of techniques for several possible cases, while for cost/benefit classifications we compared the different approaches. In such a way, we provided a framework for analysis that allows the reader to choose the specific approach to adopt based on the context of use. [ABSTRACT FROM AUTHOR]

Published

2006

44. Models for Data Quality.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Batini, Carlo, and Scannapieca, Monica

Published

2006

45. Data Quality Dimensions.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Batini, Carlo, and Scannapieca, Monica

Published

2006

46. Introduction to Data Quality.

Author

Carey, M. J., Ceri, S., Bernstein, P., Dayal, U., Faloutsos, C., Freytag, J. C., Gardarin, G., Jonker, W., Krishnamurthy, V., Neimat, M.-A., Valduriez, P., Weikum, G., Whang, K.-Y., Widom, J., Batini, Carlo, and Scannapieca, Monica

Abstract

In this chapter we have perceived that data quality is a multidisciplinary area. This is not surprising, since data, in a variety of formats and with a variety of media, are used in every real-life or business activity, and deeply influence the quality of processes that use data. Many private and public organizations have perceived the impact of data quality on their assets and missions, and have consequently launched initiatives of large impact. At the same time, while in monolithic information systems data are processed within controlled activities, with the advent of networks and the Internet, data are created and exchanged with much more "turbulent" processes, and need more sophisticated management. The issues discussed in this chapter introduce to the structure of the rest of the book: dimensions, models, techniques, methodologies, tools, and frameworks will be the main topics addressed. While data quality is a relatively new research area, other areas, such as statistical data analysis, have addressed in the past some aspects of the problems related to data quality; with statistical data analysis, also knowledge representation, data mining, management information systems, and data integration share some of the problems and issues characteristic of data quality, and, at the same time, provide paradigms and techniques that can be effectively used in data quality measurement and improvement activities. [ABSTRACT FROM AUTHOR]

Published

2006

47. Formalizing the XML Schema Matching Problem as a Constraint Optimization Problem.

Author

Andersen, Kim Viborg, Debenham, John, Wagner, Roland, Smiljanić, Marko, Keulen, Maurice, and Jonker, Willem

Abstract

The first step in finding an efficient way to solve any difficult problem is making a complete, possibly formal, problem specification. This paper introduces a formal specification for the problem of semantic XML schema matching. Semantic schema matching has been extensively researched, and many matching systems have been developed. However, formal specifications of problems being solved by these systems do not exist, or are partial. In this paper, we analyze the problem of semantic schema matching, identify its main components and deliver a formal specification based on the constraint optimization problem formalism. Throughout the paper, we consider the schema matching problem as encountered in the context of a large scale XML schema matching application. [ABSTRACT FROM AUTHOR]

Published

2005

48. Requirements for Secure Logging of Decentralized Cross-Organizational Workflow Executions.

Author

Meersman, Robert, Tari, Zahir, Herrero, Pilar, Wombacher, Andreas, Wieringa, Roel, Jonker, Wim, Knežević, Predrag, and Pokraev, Stanislav

Abstract

The control of actions performed by parties involved in a decentralized cross-organizational workflow is done by several independent workflow engines. Due to the lack of a centralized coordination control, an auditing is required which supports a reliable and secure detection of malicious actions performed by these parties. In this paper we identify several issues which have to be resolved for such a secure logging system. Further, security requirements for a decentralized data store are investigated and evaluated with regard to decentralized data stores. [ABSTRACT FROM AUTHOR]

Published

2005

49. Dynamic Disclosure Monitor (D2Mon): An Improved Query Processing Solution.

Author

Jonker, Willem, Petković, Milan, Toland, Tyrone S., Farkas, Csilla, and Eastman, Caroline M.

Abstract

The Dynamic Disclosure Monitor (D2Mon) is a security mechanism that executes during query processing time to prevent sensitive data from being inferred. A limitation of D2Mon is that it unnecessarily examines the entire history database in computing inferences. In this paper, we present a process that can be used to reduce the number of tuples that must be examined in computing inferences during query processing time. In particular, we show how a priori knowledge of a database dependency can be used to reduce the search space of a relation when applying database dependencies. Using the database dependencies, we develop a process that forms an index table into the database that identifies those tuples that can be used in satisfying database dependencies. We show how this process can be used to extend D2Mon to reduce the number of tuples that must be examined in the history database when computing inferences. We further show that inferences that are computed by D2Mon using our extension are sound and complete. [ABSTRACT FROM AUTHOR]

Published

2005

50. Improvement of Hsu-Wu-He's Proxy Multi-signature Schemes.

Author

Jonker, Willem, Petković, Milan, and Yuan, Yumin

Abstract

In 2005, for reducing Yi et al.'s proxy multi-signature schemes in terms of computational complexity and communication cost, Hsu, Wu and He proposed new proxy multi-signature schemes. Unfortunately, with this paper, we will show that their schemes are insecure, because any malicious attacker can alone forge valid proxy multi-signatures for any message to impersonate an original signer (or a proxy signer) by choosing proper public key as long as he has obtained some users' public keys. We further improve their schemes to eliminate the security flaw of Hsu-Wu-He's schemes. Moreover, the im-provements still maintain the advantages of their schemes while reducing the computational complexity. [ABSTRACT FROM AUTHOR]

Published

2005