Lecture Notes in Computer Science 5939 - Springer Link

3 downloads 0 Views 267KB Size Report
John C. Mitchell. Stanford University, CA, USA .... nal reviewers (Junfeng Fan, Joan Melia-Segui, Alfredo Rial, and Joerg Schneider). In the same vein we thank ...
Lecture Notes in Computer Science Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen

Editorial Board David Hutchison Lancaster University, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M. Kleinberg Cornell University, Ithaca, NY, USA Alfred Kobsa University of California, Irvine, CA, USA Friedemann Mattern ETH Zurich, Switzerland John C. Mitchell Stanford University, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel Oscar Nierstrasz University of Bern, Switzerland C. Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen TU Dortmund University, Germany Madhu Sudan Microsoft Research, Cambridge, MA, USA Demetri Terzopoulos University of California, Los Angeles, CA, USA Doug Tygar University of California, Berkeley, CA, USA Gerhard Weikum Max-Planck Institute of Computer Science, Saarbruecken, Germany

5939

Joaquin Garcia-Alfaro Guillermo Navarro-Arribas Nora Cuppens-Boulahia Yves Roudier (Eds.)

Data Privacy Management and Autonomous Spontaneous Security 4th International Workshop, DPM 2009 and Second International Workshop, SETOP 2009 St. Malo, France, September 24-25, 2009 Revised Selected Papers

13

Volume Editors Joaquin Garcia-Alfaro Nora Cuppens-Boulahia TELECOM Bretagne, Campus de Rennes 2, rue de la Châtaigneraie, 35512 Cesson Sévigné, Cedex, France E-mail: {joaquin.garcia, nora.cuppens}@telecom-bretagne.eu Guillermo Navarro-Arribas IIIA-CSIC, Campus UAB, 08193 Bellaterra, Spain E-mail: [email protected] Yves Roudier Institut Eurécom 2229 Route des Crêtes - BP 193, 06904 Sophia Antipolis Cedex, France E-mail: [email protected]

Library of Congress Control Number: 2009941441 CR Subject Classification (1998): E.3, K.4.1, K.4.4, K.6.5, C.3, D.4.6, C.2 LNCS Sublibrary: SL 4 – Security and Cryptology ISSN ISBN-10 ISBN-13

0302-9743 3-642-11206-4 Springer Berlin Heidelberg New York 978-3-642-11206-5 Springer Berlin Heidelberg New York

This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting, reproduction on microfilms or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer. Violations are liable to prosecution under the German Copyright Law. springer.com © Springer-Verlag Berlin Heidelberg 2010 Printed in Germany Typesetting: Camera-ready by author, data conversion by Scientific Publishing Services, Chennai, India Printed on acid-free paper SPIN: 12826629 06/3180 543210

Foreword from the Program Chairs of DPM 2009

Organizations are increasingly concerned about the privacy of information that they manage (several people have filed lawsuits against organizations violating the privacy of customers’ data). Thus, the management of privacy-sensitive information is very critical and important for every organization. This poses several challenging problems, such as how to translate the high-level business goals into system-level privacy policies, administration of privacy-sensitive data, privacy data integration and engineering, privacy access control mechanisms, information-oriented security, and query execution on privacy-sensitive data for partial answers. The 4th International Workshop on Data Privacy Management (DPM) was the continuation of the International Workshop on Privacy Data Management, which held three previous issues (2005 in Tokyo, Japan; 2006 in Atlanta, USA; and 2007 in Istanbul, Turkey). After one year of inactivity the workshop started again in 2009 in Saint Malo, France, co-located with the ESORICS conference. And plans are to continue the workshop on a yearly base. The Program Committee accepted for presentation 8 papers out of 23 submissions from 13 different countries in four continents. Each submitted paper received at least three reviews. These proceedings contain the revised versions of these papers, covering topics such as privacy in service-oriented architectures, privacy-preserving mechanisms, cross-matching and indistinguishability techniques, privacy policies, and disclosure of information. The workshop also had two keynote speakers. Josep DomingoFerrer, from Universitat Rovira i Virgili, and Chairman of the UNESCO Chair in Data Privacy; and Tomas Sander, from the Systems Security Lab of Hewlett-Packard Labs in Princeton. Many people deserve our gratitude. We would like to thank the General Chairs of DPM 2009 (Josep Domingo-Ferrer and Vicenç Torra), and the General Chairs of ESORICS 2009 (Frederic Cuppens and Nora Cuppens-Boulahia). The Organizing Committee from ESORICS 2009 helped with the local organization. We thank all the Program Committee members for their help, availability, and commitment. In evaluating the papers submitted we received the help of the Program Committee and four external reviewers (Junfeng Fan, Joan Melia-Segui, Alfredo Rial, and Joerg Schneider). In the same vein we thank the sponsors of the workshop for helping with financial and logistical issues: The UNESCO Chair in Data Privacy, the Spanish-founded projects ARES-CONSOLIDER CSD2007-00004, and e-Aegis TSI2007-65406-C03-01, the Artificial Intelligence Research Institute (IIIA) from the Spanish National Research Council (CSIC), the Internet Interdisciplinary Institute (IN3) of the Open University of Catalonia (UOC), and the IEEE Spanish Section. We also thank the help of Mukesh Mohania, Jordi Castella-Roca, and Julien A. Thomas. Finally, we extend our thanks to Katell Himeur for her invaluable support during the organization of the event. September 2009

Joaquin Garcia-Alfaro Guillermo Navarro-Arribas

Foreword from the Program Chairs of SETOP 2009

SETOP is a companion event of the ESORICS symposium which presents research results on all aspects related to spontaneous and autonomous security. This year, the second issue of SETOP was held in St. Malo, a beautiful walled port city in Brittany in north-western France during September 24-25, 2009. With the need for evolution, if not revolution, of current network architectures and the Internet, autonomous and spontaneous management will be a key feature of future networks and information systems. In this context, security is an essential property. It must be considered at the early stage of conception of these systems and designed to also be autonomous and spontaneous. Future networks and systems must be able to automatically configure themselves with respect to their security policies. The security policy specification must be dynamic and adapt itself to the changing environment. Those networks and systems should interoperate securely when their respective security policies are heterogeneous and possibly conflicting. They must be able to autonomously evaluate the impact of an intrusion in order to spontaneously select the appropriate and relevant response when a given intrusion is detected. Autonomous and spontaneous security is a major requirement of future networks and systems. Of course, it is crucial to address this issue in different wireless and mobile technologies available today such as RFID, Wifi, Wimax, 3G, etc. Other technologies such as ad hoc and sensor networks, which introduce new types of services, also share similar requirements for an autonomous and spontaneous management of security. The high quality of SETOP 2009 papers facilitated a stimulating exchange of ideas among the members of the international research community interested in this crucial topic of spontaneous and autonomous security. SETOP 2009 was honored to have three distinguished keynote speakers – Peng Ning from North Carolina State University, Josep Domingo-Ferrer from Universitat Rovira i Virgili Catalonia and Roberto di Pietro from Università Roma 3. Thank you, Peng, Josep and Roberto for having accepted our invitation. We are also very grateful to our sponsors: DCSSI, INRIA, Rennes Métropole, Région Bretagne, Fondation Métivier, Saint-Malo, Alcatel-Lucent Bell Labs France, EADS, Orange, TELECOM Institute, CG35. Their generosity has helped keep the costs of SETOP 2009 moderate. September 2009

Nora Cuppens-Boulahia Yves Roudier

4th International Workshop on Data Privacy Management – DPM 2009

Program Committee Chairs Joaquin Garcia-Alfaro Guillermo Navarro-Arribas

UOC/TELECOM Bretagne IIIA-CSIC

Workshop General Chairs Josep Domingo-Ferrer Vicenç Torra

Universitat Rovira i Virgili IIIA-CSIC

Program Committee Alessandro Acquisti Michel Barbeau Marina Blanton Joan Borrell Iliano Cervesato Valentina Ciriani Frédéric Cuppens Nora Cuppens-Boulahia Ernesto Damiani Claudia Diaz Josep Domingo-Ferrer David Evans Joaquin Garcia-Alfaro Stefanos Gritzalis Jordi Herrera Apu Kapadia Evangelos Kranakis Loukas Lazos Kun Liu Fabio Massacci Gero Muhl Guillermo Navarro-Arribas Radha Poovendran Utz Roedig Thierry Sans Vicenç Torra Nicola Zannone

Carnegie Mellon University Carleton University University of Notre Dame Autonomous University of Barcelona Carnegie Mellon University University of Milan TELECOM Bretagne TELECOM Bretagne University of Milan K.U.Leuven-Heverlee Rovira i Virgili University University of Cambridge UOC/TELECOM Bretagne University of the Aegean Autonomous University of Barcelona MIT Lincoln Laboratory Carleton University University of Arizona IBM Almaden Research Center Universita di Trento Berlin University of Technology IIIA-CSIC University of Washington Lancaster University Carnegie Mellon University IIIA-CSIC Eindhoven University of Technology

X

Organization

Organizing Committee Joaquin Garcia-Alfaro Guillermo Navarro-Arribas Josep Domingo-Ferrer Vicenç Torra

UOC/TELECOM Bretagne IIIA-CSIC Universitat Rovira i Virgili IIIA-CSIC

Additional Referees Junfeng Fan Joan Melia-Segui Alfredo Rial Joerg Schneider

K.U.Leuven, ESAT/COSIC Open University of Catalonia K.U.Leuven, ESAT/COSIC Berlin University of Technology

Second International Workshop on Autonomous and Spontaneous Security – SETOP 2009

Program Committee Chairs Nora Cuppens-Boulahia Yves Roudier

TELECOM Bretagne, Rennes EURECOM, Sophia-Antipolis

General Chair Evangelos Kranakis

Carleton University, Ottawa

Organization Chair Frédéric Cuppens

TELECOM Bretagne, Rennes

Program Committee Michel Barbeau Christophe Bidan Ana Cavalli Hakima Chaouchi Claude Chaudet Yves Correc Frédéric Cuppens Hervé Debar Jose M. Fernandez Noria Foukia Alban gabillon Joaquin Garcia-Alfaro Evangelos Kranakis Loukas Lazos Jean Leneutre Javiez lopez Maryline Maknavicius Catherine Meadows Refik Molva Radha Poovendran Juan Carlos Ruiz Thierry Sans

Carleton University, Ottawa Supélec, Rennes TELECOM SudParis, Evry TELECOM SudParis, Evry TELECOM ParisTech, Paris DGA/CELAR, Bruz TELECOM Bretagne, Rennes France Télécom R&D, Caen École Polytechnique de Montréal University of Otago, New Zealand Université polynesie Française Carleton University, Ottawa Carleton University, Ottawa University of Arizona, Tucson TELECOM ParisTech, Paris University of Malaga TELECOM SudParis, Evry Naval Research Laboratory EURECOM, Sophia-Antipolis University of Washington, Seattle UPV, Valencia Carnegie Mellon, Doha

XII

Organization

Organizing Committee Nora Cuppens-Boulahia Frédéric Cuppens Gilbert Martineau Julien Thomas

TELECOM Bretagne, Rennes TELECOM Bretagne, Rennes TELECOM Bretagne, Rennes (Sponsor Chair) TELECOM Bretagne, Rennes

Table of Contents

Keynote Talks The UNESCO Chair in Data Privacy Research in Vehicular Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Josep Domingo-Ferrer Privacy Management for Global Organizations . . . . . . . . . . . . . . . . . . . . . . . Siani Pearson, Tomas Sander, and Rajneesh Sharma

1 9

Data Privacy Management Obligation Language and Framework to Enable Privacy-Aware SOA . . . . Muhammad Ali, Laurent Bussard, and Ulrich Pinsdorf Distributed Privacy-Preserving Methods for Statistical Disclosure Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Javier Herranz, Jordi Nin, and Vicen¸c Torra

18

33

Towards a Privacy-Preserving National Identity Card . . . . . . . . . . . . . . . . . Yves Deswarte and S´ebastien Gambs

48

Using SAT-Solvers to Compute Inference-Proof Database Instances . . . . . Cornelia Tadros and Lena Wiese

65

A Quantitative Analysis of Indistinguishability for a Continuous Domain Biometric Cryptosystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ileana Buhan, Jeroen Breebaart, Jorge Guajardo, Koen de Groot, Emile Kelkboom, and Ton Akkermans A Spatial Cloaking Framework Based on Range Search for Nearest Neighbor Search . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Hyoungshick Kim Visualizing Privacy Implications of Access Control Policies in Social Network Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mohd Anwar, Philip W.L. Fong, Xue-Dong Yang, and Howard Hamilton Contextual Privacy Management in Extended Role Based Access Control Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Nabil Ajam, Nora Cuppens-Boulahia, and Fr´ederic Cuppens

78

93

106

121

XIV

Table of Contents

Autonomous and Spontaneous Security Dynamic Security Rules for Geo Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Alban Gabillon and Patrick Capolsini Medical Image Integrity Control Combining Digital Signature and Lossless Watermarking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Wei Pan, Gouenou Coatrieux, Nora Cuppens-Boulahia, Frederic Cuppens, and Christian Roux ASRBAC: A Security Administration Model for Mobile Autonomic Networks (MAutoNets) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mohamad Aljnidi and Jean Leneutre

136

153

163

Untraceable Tags Based on Mild Assumptions . . . . . . . . . . . . . . . . . . . . . . . Carlo Blundo, Angelo De Caro, and Giuseppe Persiano

178

Security Threat Mitigation Trends in Low-Cost RFID Systems . . . . . . . . Joaquin Garcia-Alfaro, Michel Barbeau, and Evangelos Kranakis

193

An Effective TCP/IP Fingerprinting Technique Based on Strange Attractors Classification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Jo˜ ao Paulo S. Medeiros, Agostinho M. Brito Jr., and Paulo S. Motta Pires DDoS Defense Mechanisms: A New Taxonomy . . . . . . . . . . . . . . . . . . . . . . . Astha Keshariya and Noria Foukia RDyMASS: Reliable and Dynamic Enforcement of Security Policies for Mobile Agent Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Houssem Aloulou, Monia Loulou, Slim Kallel, and Ahmed Hadj Kacem

208

222

237

Achieving Life-Cycle Compliance of Service-Oriented Architectures: Open Issues and Challenges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Theodoor Scholte and Engin Kirda

253

Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

269