ebook img

Data Privacy Management and Autonomous Spontaneus Security: 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011, Leuven, Belgium, September 15-16, 2011, Revised Selected Papers PDF

331 Pages·2012·6.438 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Data Privacy Management and Autonomous Spontaneus Security: 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011, Leuven, Belgium, September 15-16, 2011, Revised Selected Papers

Lecture Notes in Computer Science 7122 CommencedPublicationin1973 FoundingandFormerSeriesEditors: GerhardGoos,JurisHartmanis,andJanvanLeeuwen EditorialBoard DavidHutchison LancasterUniversity,UK TakeoKanade CarnegieMellonUniversity,Pittsburgh,PA,USA JosefKittler UniversityofSurrey,Guildford,UK JonM.Kleinberg CornellUniversity,Ithaca,NY,USA AlfredKobsa UniversityofCalifornia,Irvine,CA,USA FriedemannMattern ETHZurich,Switzerland JohnC.Mitchell StanfordUniversity,CA,USA MoniNaor WeizmannInstituteofScience,Rehovot,Israel OscarNierstrasz UniversityofBern,Switzerland C.PanduRangan IndianInstituteofTechnology,Madras,India BernhardSteffen TUDortmundUniversity,Germany MadhuSudan MicrosoftResearch,Cambridge,MA,USA DemetriTerzopoulos UniversityofCalifornia,LosAngeles,CA,USA DougTygar UniversityofCalifornia,Berkeley,CA,USA GerhardWeikum MaxPlanckInstituteforInformatics,Saarbruecken,Germany Joaquin Garcia-Alfaro Guillermo Navarro-Arribas Nora Cuppens-Boulahia Sabrina de Capitani di Vimercati (Eds.) Data Privacy Management and Autonomous Spontaneus Security 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011 Leuven, Belgium, September 15-16, 2011 Revised Selected Papers 1 3 VolumeEditors JoaquinGarcia-Alfaro TELECOM-Bretagne,CampusdeRennes 2,ruedelaChâtaigneraie,35512CessonSévignéCedex,France E-mail:[email protected] GuillermoNavarro-Arribas UniversitatAutonomadeBarcelona Edifici-Q,CampusUAB,08193Bellaterra,Spain E-mail:[email protected] NoraCuppens-Boulahia TELECOM-Bretagne,CampusdeRennes 2,ruedelaChâtaigneraie,35512CessonSévignéCedex,France E-mail:[email protected] SabrinadeCapitanidiVimercati UniversitàdegliStudidiMilano DipartimentodiTecnologiedell’Informazione ViaBramante65,26013Crema,Italy E-mail:[email protected] ISSN0302-9743 e-ISSN1611-3349 ISBN978-3-642-28878-4 e-ISBN978-3-642-28879-1 DOI10.1007/978-3-642-28879-1 SpringerHeidelbergDordrechtLondonNewYork LibraryofCongressControlNumber:2012933375 CRSubjectClassification(1998):K.6.5,E.3,K.4.1,K.4.4,C.2,C.3,D.4.6,H.3.5 LNCSSublibrary:SL4–SecurityandCryptology ©Springer-VerlagBerlinHeidelberg2012 Thisworkissubjecttocopyright.Allrightsarereserved,whetherthewholeorpartofthematerialis concerned,specificallytherightsoftranslation,reprinting,re-useofillustrations,recitation,broadcasting, reproductiononmicrofilmsorinanyotherway,andstorageindatabanks.Duplicationofthispublication orpartsthereofispermittedonlyundertheprovisionsoftheGermanCopyrightLawofSeptember9,1965, initscurrentversion,andpermissionforusemustalwaysbeobtainedfromSpringer.Violationsareliable toprosecutionundertheGermanCopyrightLaw. Theuseofgeneraldescriptivenames,registerednames,trademarks,etc.inthispublicationdoesnotimply, evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevantprotectivelaws andregulationsandthereforefreeforgeneraluse. Typesetting:Camera-readybyauthor,dataconversionbyScientificPublishingServices,Chennai,India Printedonacid-freepaper SpringerispartofSpringerScience+BusinessMedia(www.springer.com) Foreword from the DPM 2011 Program Chairs Thecurrentvolumeconstitutestheproceedingsforthe6thDataPrivacyManage- mentInternationalWorkshop(DPM2011),whichincludesrevisedversionsofthe paperspresentedattheworkshop.TheaimofDPMistopromoteandstimulatein- ternationalcollaborationandresearchexchangeonnoveldataprivacytopics.This sixtheditionoftheworkshopwasco-locatedwiththeESORICS2011symposium in Leuven (Belgium). Previous DPM workshops were: 2010 in Athens (Greece), 2009 in Saint Malo (France), 2007 Istanbul (Turkey), 2006 Atlanta (USA), and 2005Tokyo(Japan). The program of this year’s workshop consisted of nine full papers and one shortpaper.The topics ofthese papers included locationprivacy,privacy-based metering and billing, record linkage, policy-based privacy, application of data privacyinrecommendationsystems,andprivacyconsiderationsinuserprofiling, in RFID, in network monitoring, in transaction protocols,in usage control, and customer data. WewouldliketoacknowledgeandthankallthesupportreceivedfromthePro- gramCommitteemembers,externalreviewers,andtheOrganizingCommitteeof ESORICS 2011. The General Chair of DPM 2011, Joaquin Garcia-Alfaro, and theGeneralChairofESORICS2011,BartPreneel,arethanked.Wewouldliketo thank Saartje Verheyen for all her support and help. In the same vein we thank the sponsors of the workshop for helping with economic, logistic, and technicalissues:Technicolor,Institut TELECOM,the InternetInterdisciplinary Institute(IN3)oftheOpenUniversityofCatalonia(UOC),theArtificialIntelli- genceResearchInstitute(IIIA-CSIC),theUNESCOChairinDataPrivacy,the Spanish-fundedprojectsN-KHRONOUSTIN2010-15764,ARES-CONSOLIDER CSD2007-00004and eAegis TSI2007-65406-C03-01/TSI2007-65406-C03-02,and theDEMONSprojectFP7-ICT-2009-5fromtheEuropeanCommission.Last,but definitelynotleast,wewouldliketothankalltheauthorswhosubmittedpapers, alltheattendees,andthekeynotespeakerswhotookpartintheworkshop:Clau- diaDiaz,GeorgeDanezis,andGildasAvoine. November 2011 Nora Cuppens-Boulahia Guillermo Navarro-Arribas Foreword from the SETOP 2011 Program Chairs This volume contains the papers presented at the fourth issue of the SETOP workshop, held in Leuven (Belgium), during September 15–16. The SETOP workshop is a companion event of the ESORICS symposium which presents research results on all aspects related to the security of autonomous and spon- taneous networks. These two notions imply that specific communities of nodes, capableofinterconnecting,aredynamicallycreated,building onself-configuring mechanisms. In the end, they are expected to become autonomic systems that provide services without external intervention. The program of this year’s workshop consisted of nine full papers and two shortpapers.Thesepaperswereselectedafterrigorousreviewandintensivedis- cussionbytheProgramCommitteemembersandexternalreviewers.Thetopics ofthesepapersincludedaccesscontrol,policyderivation,requirementsengineer- ing, verification of service-oriented architectures, query and data privacy, pol- icy delegation and service orchestration. The workshop was also honored with three distinguished keynote speakers — Claudia Diaz from Katholieke Univer- siteit Leuven, George Danezis from Microsoft Research Cambridge, and Gildas AvoinefromUniversit´eCatholiquedeLouvain.Thankyou,Claudia,Georgeand Gildas, for having accepted our invitation. Manyotherpeoplealsodeserveourgratitude.WewouldliketothanktheGen- eralChairofSETOP2011,FredericCuppens;andtheGeneralChairofESORICS 2011,BartPreneel.TheOrganizingCommitteefromESORICS2011helpedwith thelocalorganization.WewouldliketothankSaartjeVerheyenforallhersupport and help; and the sponsors of the workshop for helping with economic, logisticandtechnicalissues:Technicolor,InstitutTELECOM,theInternetInter- disciplinaryInstitute (IN3)ofthe OpenUniversityofCatalonia(UOC),andthe Spanish-fundedprojectsN-KHRONOUSTIN2010-15764,ARES-CONSOLIDER CSD2007-00004,ande-AegisTSI2007-65406-C03-01/TSI2007-65406-C03-02,and the DEMONS project FP7-ICT-2009-5 from the European Commission. We fi- nally thank all authors of submitted papers, as well as the ProgramCommittee membersandexternalreviewersfortheirhelp,availability,andcommitment. November 2011 Joaquin Garcia-Alfaro Sabrina De Capitani di Vimercati 6th International Workshop on Data Privacy Management – DPM 2011 Program Committee Chairs Nora Cuppens-Boulahia TELECOM Bretagne, France Guillermo Navarro-Arribas Autonomous University of Barcelona, Spain Workshop General Chair Joaquin Garcia-Alfaro TELECOM Bretagne, France Program Committee Diala Abihaidar Dar Al Hekma College, Saudi Arabia Anas Abou El Kalam Toulouse Institute of Computer Science Research, France Carlos Aguilar Melchor XLIM Research Institute, France Mohd Anwar University of Pittsburgh, USA Joan Borrell Autonomous University of Barcelona, Spain Milan Bradonjic Los Alamos National Laboratory,USA Jordi Castella-Roca Rovira i Virgili University, Spain Iliano Cervesato Carnegie Mellon University, Qatar Valentina Ciriani Universita` degli Studi di Milano, Italy Frederic Cuppens TELECOM Bretagne, France Mourad Debbabi Concordia university, Canada Josep Domingo Ferrer Rovira i Virgili University, Spain David Evans University of Cambridge, UK Philip W.L. Fong University of Calgary, Canada Sebastien Gambs Universit´e de Rennes 1, France Javier Herranz Universitat Politecnica de Catalunya, Spain Wei Jiang MissouriUniversity of Science and Technology, USA Georgios Lioudakis National Technical University of Athens, Greece Javier Lopez University of Malaga, Spain Bradley Malin Vanderbilt University, USA Jordi Nin Universitat Politecnica de Catalunya, Spain Kai Rannenberg Goethe-Universit¨at, Germany Yves Roudier EURECOM Sophia-Antipolis, France Tomas Sander Hewlett-Packard Labs, USA Yucel Saygin Sabanci University, Turkey X DPM 2011 Vicen¸c Torra IIIA-CSIC, Spain Yasuyuki Tsukada NTT Communication Science Lab, Japan Aida Valls Rovira i Virgili University, Spain Lena Wiese National Institute of Informatics, Japan Nicola Zannone Eindhoven University of Technology, The Netherlands Organizing Committee Ero Balsa Katholieke Universiteit Leuven, Belgium Nora Cuppens-Boulahia TELECOM Bretagne, France Joaquin Garcia-Alfaro TELECOM Bretagne, France Guillermo Navarro-Arribas Autonomous University of Barcelona, Spain Cristina Perez-Sola Autonomous University of Barcelona, Spain External Referees Andr´e Deuker Goethe-Universit¨at, Germany Kunihiko Fujita NTT Communication Science Lab, Japan Sascha Koschinat Goethe-Universita¨t, Germany Maria Koukovini National Technical University, Greece Lotfi Ben Othmane Eindhoven University of Technology, The Netherlands Eugenia Papagiannakopoulou National Technical University, Greece Cristina Romero-Tris Rovira i Virgili University, Spain Ahmad Sabouri Goethe-Universita¨t, Germany Bharath Kumar Samanthula MissouriUniversity of Science and Technology, USA Daniel Trivellato Eindhoven University of Technology, The Netherlands Arnau Vives-Guasch Rovira i Virgili University, Spain 4th SETOP International Workshop on Autonomous and Spontaneous Security – SETOP 2011 Program Committee Chairs Joaquin Garcia-Alfaro TELECOM Bretagne, France Sabrina De Capitani di Vimercati Universita` degli Studi di Milano, Italy Workshop General Chair Frederic Cuppens TELECOM Bretagne, France Program Committee Gildas Avoine Catholic University of Louvain, Belgium Michel Barbeau Carleton University, Canada Carlo Blundo University of Salerno, Italy Joan Borrell Autonomous University of Barcelona, Spain Mike Burmester Florida State University, USA Jordi Castella-Roca Rovira i Virgili University, Spain Ana Cavalli TELECOM SudParis, France Iliano Cervesato Carnegie Mellon University, Qatar Frederic Cuppens TELECOM Bretagne, France Nora Cuppens-Boulahia TELECOM Bretagne, France Vanesa Daza Universitat Pompeu Fabra, Spain Sabrina De Capitani di Vimercati Universita` degli Studi di Milano, Italy Josep Domingo-Ferrer Rovira i Virgili University, Spain Sara Foresti Universita` degli Studi di Milano, Italy Joaquin Garcia-Alfaro TELECOM Bretagne, France Stefanos Gritzalis University of the Aegean, Greence Jordi Herrera Autonomous University of Barcelona, Spain Wei Jiang MissouriUniversity of Science and Technology, USA Krishna Kant Intel and NSF, USA Sokratis Katsikas University of Piraeus, Greece Evangelos Kranakis Carleton University, Canada PascalLafourcade University Joseph Fourier, France Giovanni Livraga Universita` degli Studi di Milano, Italy XII SETOP 2011 Javier Lopez University of Malaga, Spain Ludovic Me Supelec, Rennes, France Joan Melia-Segui Open University of Catalonia, Spain Ali Miri Ryerson University, Canada Refik Molva EURECOM, Sophia-Antipolis, France Guillermo Navarro-Arribas Autonomous University of Barcelona, Spain Andreas Pashalidis K.U. Leuven, Belgium Yves Roudier EURECOM, Sophia-Antipolis, France Thierry Sans Carnegie Mellon University, Qatar Francesc Sebe Universitat de Lleida, Spain Miquel Soriano Polytechnic University of Catalonia, Spain Bill Tsoumas Athens University of Economics and Business, Greece Organizing Committee Ero Balsa Katholieke Universiteit Leuven, Belgium Frederic Cuppens-Boulahia TELECOM Bretagne, France Sabrina De Capitani di Vimercati Universita` degli Studi di Milano, Italy Joaquin Garcia-Alfaro TELECOM Bretagne, France Cristina Perez-Sola Autonomous University of Barcelona, Spain External Referees Spyros Kokolakis University of the Aegean, Greece Behzad Malek University of Ottawa, Canada Bharath Kumar Samanthula MissouriUniversity of Science and Technology, USA Mazen El Maarabani TELECOM SudParis, France Arnau Erola Rovira i Virgili University, Spain Georgios Kambourakis University of the Aegean, Greece Sophie Quinton Joseph Fourier University, France Montserrat Batet Rovira i Virgili University, Spain Christos Xenakis University of Athens, Greece Panagiotis Rizomiliotis University of the Aegean, Greece Table of Contents Keynote Address Privacy Challenges in RFID ....................................... 1 Gildas Avoine Data Privacy Management Fake Injection Strategies for Private Phonetic Matching............... 9 Alexandros Karakasidis, Vassilios S. Verykios, and Peter Christen A Design Phase for Data Sharing Agreements ....................... 25 Ilaria Matteucci, Marinella Petrocchi, Marco Luca Sbodio, and Luca Wiegand A Privacy-Protecting Architecture for Collaborative Filtering via Forgery and Suppression of Ratings ................................ 42 Javier Parra-Arnau, David Rebollo-Monedero, and Jordi Forn´e On the Complexity of Aggregating Information for Authentication and Profiling ........................................................ 58 Christian A. Duncan and Vir V. Phoha Secure and Privacy-Aware Searching in Peer-to-PeerNetworks......... 72 Jaydip Sen Onthe Security ofMutual AuthenticationProtocolsforRFID Systems: The Case of Wei et al.’s Protocol .................................. 90 Masoumeh Safkhani, Nasour Bagheri, Somitra Kumar Sanadhya, Majid Naderi, and Hamid Behnam Inference-Proof View Update Transactions with Minimal Refusals...... 104 Joachim Biskup and Cornelia Tadros Representation-Independent Data Usage Control..................... 122 Alexander Pretschner, Enrico Lovat, and Matthias Bu¨chler Using PersonalPortfolios to Manage Customer Data ................. 141 Aimilia Tasidou and Pavlos S. Efraimidis

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.