Lecture Notes in Computer Science 6514 - Springer Link

Download PDF
2 downloads 0 Views 256KB Size Report
Comment
to prosecution under the German Copyright Law. The use of general ... 2007 Istanbul (Turkey), 2006 Atlanta (USA), and 2005 Tokyo (Japan). We would like to ...
Lecture Notes in Computer Science Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen

Editorial Board David Hutchison Lancaster University, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M. Kleinberg Cornell University, Ithaca, NY, USA Alfred Kobsa University of California, Irvine, CA, USA Friedemann Mattern ETH Zurich, Switzerland John C. Mitchell Stanford University, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel Oscar Nierstrasz University of Bern, Switzerland C. Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen TU Dortmund University, Germany Madhu Sudan Microsoft Research, Cambridge, MA, USA Demetri Terzopoulos University of California, Los Angeles, CA, USA Doug Tygar University of California, Berkeley, CA, USA Gerhard Weikum Max Planck Institute for Informatics, Saarbruecken, Germany

6514

Joaquin Garcia-Alfaro Guillermo Navarro-Arribas Ana Cavalli Jean Leneutre (Eds.)

Data Privacy Management and Autonomous Spontaneous Security 5th International Workshop, DPM 2010 and 3rd International Workshop, SETOP 2010 Athens, Greece, September 23, 2010 Revised Selected Papers

13

Volume Editors Joaquin Garcia-Alfaro IT/TELECOM Bretagne, Campus de Rennes 2 Rue de la Châtaigneraie, 35512 Cesson Sévigné, Cedex, France E-mail: [email protected] Guillermo Navarro-Arribas IIIA-CSIC, Campus UAB 08193 Bellaterra, Spain E-mail: [email protected] Ana Cavalli IT/TELECOM SudParis 9 Rue Charles Fourier, 91011 Evry Cedex, France E-mail: [email protected] Jean Leneutre IT/TELECOM ParisTech 46 Rue Barrault, 75634 Paris Cedex 13, France E-mail: [email protected]

ISSN 0302-9743 e-ISSN 1611-3349 ISBN 978-3-642-19347-7 e-ISBN 978-3-642-19348-4 DOI 10.1007/978-3-642-19348-4 Springer Heidelberg Dordrecht London New York Library of Congress Control Number: 2011921004 CR Subject Classification (1998): K.6.5, E.3, K.4.1, K.4.4, C.2, C.3, D.4.6, H.3.5 LNCS Sublibrary: SL 4 – Security and Cryptology © Springer-Verlag Berlin Heidelberg 2011 This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting, reproduction on microfilms or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer. Violations are liable to prosecution under the German Copyright Law. The use of general descriptive names, registered names, trademarks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. Typesetting: Camera-ready by author, data conversion by Scientific Publishing Services, Chennai, India Printed on acid-free paper Springer is part of Springer Science+Business Media (www.springer.com)

Foreword from the Program Chairs of DPM 2010

This volume contains the proceedings of the 5th Data Privacy Management International Workshop (DPM 2010). It includes a revised version of the papers selected for presentation at the workshop. The aim of DPM is to promote and stimulate international collaboration and research exchange on novel data privacy topics. Organizations are increasingly concerned about the privacy of information that they manage (several people have filed lawsuits against organizations violating the privacy of customers’ data). Thus, the management of privacy-sensitive information is very critical and important for every organization. This poses several challenging problems, such as how to translate the high-level business goals into system-level privacy policies, administration of privacy-sensitive data, privacy data integration and engineering, privacy access control mechanisms, information-oriented security, and query execution on privacy-sensitive data for partial answers. This 5th edition of the Data Privacy Management International Workshop presented nine regular papers and three keynotes talks. It was co-located with the ESORICS 2010 conference in Athens, Greece, and took place on September 23, 2010. Previous issues of the DPM workshop were: 2009 Saint Malo (France), 2007 Istanbul (Turkey), 2006 Atlanta (USA), and 2005 Tokyo (Japan). We would like to express our sincere appreciation for all the support we received from the General Chairs of DPM 2010, Fr´ed´eric Cuppens and Nora Cuppens-Boulahia. Thanks very much for your contribution to the success of the event. Our special thanks also go to our distinguished keynote speakers, Gene Tsudik (University of California, Irvine), Vicen¸c Torra (Artificial Intelligence Research Institute, Spanish National Research Council), and Sabrina De Capitani di Vimercati (University of Milan), for accepting our invitation and for their presence during the event and talks. We also express our gratitude to the ESORICS 2010 organization team. Thank you Sokratis Katsikas, Dimitris Gritzalis, Pierangela Samarati, Nikolaos Kyrloglou, and Marianthi Theoharidou, for all your help with the local arrangements of DPM. Many thanks go to the DPM 2010 Program Committee members and the external reviewers, for their help, availability and commitment. Last but by no means least we thank all the authors who submitted papers and all the workshop attendees. Finally, we want to acknowledge the support received from the sponsors of the workshop: the UNESCO Chair in Data Privacy; projects ARES-CONSOLIDER

VI

Foreword DPM 2010

INGENIO 2010 CSD2007-00004 and eAEGIS TSI2007-65406-C03-02/TSI200765406-C03-01 from the Spanish MICINN; the Artificial Intelligence Research Institute (IIIA-CSIC); the Internet Interdisciplinary Institute (IN3) from the Universitat Oberta de Catalunya; Telecom Bretagne (Institut Telecom); and the Spanish section of the IEEE.

September 2010

Joaquin Garcia-Alfaro Guillermo Navarro-Arribas

Foreword from the Program Chairs of SETOP 2010

The International Workshop on Autonomous and Spontaneous Security (SETOP), co-located with the ESORICS symposium, presents research results on all aspects related to spontaneous and autonomous security. This year, the third issue of SETOP was held in Athens on September 23, 2010. With the need for evolution, if not revolution, of current network architectures and the Internet, autonomous and spontaneous management will be a key feature of future networks and information systems. In this context, security is an essential property. It must be considered at the early stage of conception of these systems and designed to be also autonomous and spontaneous. Future networks and systems must be able to automatically configure themselves with respect to their security policies. The security policy specification must be dynamic and adapt itself to the changing environment. Those networks and systems should interoperate securely when their respective security policies are heterogeneous and possibly conflicting. They must be able to autonomously evaluate the impact of an intrusion in order to spontaneously select the appropriate and relevant response when a given intrusion is detected. Autonomous and spontaneous security is a major requirement of future networks and systems. Of course, it is crucial to address this issue in different wireless and mobile technologies available today such as RFID, Wifi, Wimax, 3G, etc. Other technologies such as ad hoc and sensor networks, which introduce new type of services, also share similar requirements for an autonomous and spontaneous management of security. The accepted papers addressed several specific aspects of the previously cited topics, as for instance the autonomic administration of security policies, secure P2P storage, RFID authentication, anonymity in reputation systems, etc. The high quality of the SETOP 2010 communications facilitated a stimulating exchange of ideas between the participants of the workshop. These proceedings contain the revised versions of the accepted papers. SETOP 2010 was honored to have three distinguished keynote speakers: Gene Tsudik, from the University of California, Irvine (UCI); Vicen¸c Torra, from the Artificial Intelligence Research Institute of the Spanish National Research Council (IIIA-CSIC); and Sabrina De Capitani di Vimercati, from the University of Milan. Thank you, Gene Tsudik, Vicen¸c Torra, and Sabrina De Capitani di Vimercati, for having accepted our invitation. We would like to thank the General Chair of SETOP 2010, Fr´ed´eric Cuppens, and the General Chair of ESORICS, Sokratis Katsikas. The Organizing

VIII

Foreword SETOP 2010

Committee from ESORICS 2010 (N. Kyrloglou and M. Theoharidou) together with the SETOP 2010 Organizing Chairs (N. Oualha and W. Mallouli) helped with the local organization. We also thank all the SETOP 2010 Program Committee members for their help, availability and commitment. We also extend our thanks to Nora Cuppens-Boulahia.

September 2010

Ana Cavalli Jean Leneutre

5th International Workshop on Data Privacy Management — DPM 2010

Program Committee Chairs Joaquin Garcia-Alfaro Guillermo Navarro-Arribas

TELECOM Bretagne, France IIIA-CSIC, Spain

Workshop General Chairs Fr´ed´eric Cuppens Nora Cuppens-Boulahia

TELECOM Bretagne, France TELECOM Bretagne, France

Program Committee Alessandro Acquisti Mohd Anwar Michel Barbeau Elisa Bertino Marina Blanton Nikita Borisov Joan Borrell Milan Bradonjic Jordi Cabot Iliano Cervesato Valentina Ciriani Fr´ed´eric Cuppens Nora Cuppens-Boulahia Ernesto Damiani Josep Domingo-Ferrer David Evans Simon Foley Philip W.L. Fong Joaquin Garcia-Alfaro Stefanos Gritzalis Jordi Herrera Wei Jiang Evangelos Kranakis Javier Lopez Fabio Massacci Guillermo Navarro-Arribas Andreas Pashalidis

Carnegie Mellon University, USA University of Calgary, Canada Carleton University, Canada Purdue University, USA University of Notre Dame, USA University of Illinois, USA Autonomous University of Barcelona, Spain Los Alamos National Laboratory, USA AtlanMod, INRIA, France Carnegie Mellon University, Qatar University of Milan, Italy TELECOM Bretagne, France TELECOM Bretagne, France University of Milan, Italy Rovira i Virgili University, Spain University of Cambridge, UK University College Cork, Ireland University of Calgary, Canada TELECOM Bretagne, France University of the Aegean, Greece Autonomous University of Barcelona, Spain Missouri University, USA Carleton University, Canada University of Malaga, Spain Universit`a di Trento, Italy IIIA-CSIC, Spain K.U. Leuven, Belgium

X

Organization DPM 2010

Tomas Sander Thierry Sans Vicen¸c Torra Nicola Zannone

Hewlett-Packard Labs, USA Carnegie Mellon University, Qatar IIIA-CSIC, Spain Eindhoven University of Technology, The Netherlands

Organizing Committee Fr´ed´eric Cuppens Nora Cuppens-Boulahia Joaquin Garcia-Alfaro Guillermo Navarro-Arribas

TELECOM Bretagne, France TELECOM Bretagne, France TELECOM Bretagne, France IIIA-CSIC, Spain

External Referees Spyros Kokolakis Payman Mohassel Bo Qin Evangelos Rekleitis Daniel Trivellato Lei Zhang

University of the Aegean, Greece University of Calgary, Canada Rovira i Virgili University, Spain University of the Aegean, Greece Eindhoven University of Technology, The Netherlands Rovira i Virgili University, Spain

3rd International Workshop on Autonomous and Spontaneous Security — SETOP 2010

Program Committee Chairs Ana Cavalli Jean Leneutre

TELECOM SudParis, France TELECOM ParisTech, France

General Chair Fr´ed´eric Cuppens

TELECOM Bretagne, France

Organizing Committee Chairs Wissam Mallouli Nouha Oualha

Montimage, France TELECOM ParisTech, France

Program Committee Michel Barbeau Christophe Bidan Ana Cavalli Hakima Chaouchi Claude Chaudet Yves Correc Fr´ed´eric Cuppens Herv´e Debar Jose M. Fernandez Noria Foukia Alban gabillon Joaquin Garcia-Alfaro Roland Groz Evangelos Kranakis Marc Lacoste Jean Leneutre Javiez Lopez Maryline Maknavicius Wissam Mallouli Amel Mammar Catherine Meadows Refik Molva Nouha Oualha

Carleton University, Canada Sup´elec, France TELECOM SudParis, France TELECOM SudParis, France TELECOM ParisTech, France DGA/CELAR, France TELECOM Bretagne, France France T´el´ecom R&D, France Ecole Polytechnique de Montr´eal, Canada University of Otago, New Zealand University of Polynesie Fran¸caise, France TELECOM Bretagne, France LIG, France Carleton University, Canada Orange Labs, France TELECOM ParisTech, France University of Malaga, Spain TELECOM SudParis, France Montimage, France TELECOM SudParis, France Naval Research Laboratory, USA EURECOM, France TELECOM ParisTech, France

XII

Organization SETOP 2010

Radha Poovendran Yves Roudier Juan Carlos Ruiz Thierry Sans Bachar Wehbi

University of Washington, USA Eurecom, France UPV, Spain Carnegie Mellon University, Qatar Montimage, France

Steering Committee Ana Cavalli Nora Cuppens-Boulahia Fr´ed´eric Cuppens Jean Leneutre Yves Roudier

TELECOM SudParis, France TELECOM Bretagne, France TELECOM Bretagne, France TELECOM ParisTech, France Eurecom, France

Table of Contents

Keynote Talks Towards Knowledge Intensive Data Privacy . . . . . . . . . . . . . . . . . . . . . . . . . Vicen¸c Torra

1

Privacy in Data Publishing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Sabrina De Capitani di Vimercati, Sara Foresti, and Giovanni Livraga

8

Data Privacy Management A User-Oriented Anonymization Mechanism for Public Data . . . . . . . . . . Shinsaku Kiyomoto and Toshiaki Tanaka

22

FAANST: Fast Anonymizing Algorithm for Numerical Streaming DaTa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Hessam Zakerzadeh and Sylvia L. Osborn

36

Secret-Sharing Hardware Improves the Privacy of Network Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Johannes Wolkerstorfer

51

Non-uniform Stepping Approach to RFID Distance Bounding Problem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ¨ Ali Ozhan G¨ urel, Atakan Arslan, and Mete Akg¨ un

64

E-Ticketing Scheme for Mobile Devices with Exculpability . . . . . . . . . . . . Arnau Vives-Guasch, Magdalena Payeras-Capella, Maci` a Mut-Puigserver, and Jordi Castell` a-Roca

79

Privacy Enforcement and Analysis for Functional Active Objects . . . . . . . Florian Kamm¨ uller

93

L–PEP: A Logic to Reason about Privacy–Enhancing Cryptography Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Almudena Alcaide, Ali E. Abdallah, Ana I. Gonz´ alez–Tablas, and Jos´e M. de Fuentes

108

Surveillance, Privacy and the Law of Requisite Variety . . . . . . . . . . . . . . . . Vasilios Katos, Frank Stowell, and Peter Bednar

123

A Notation for Policies Using Feature Structures . . . . . . . . . . . . . . . . . . . . . Kunihiko Fujita and Yasuyuki Tsukada

140

XIV

Table of Contents

Autonomous and Spontaneous Security Securing P2P Storage with a Self-organizing Payment Scheme . . . . . . . . . Nouha Oualha and Yves Roudier STARS: A Simple and Efficient Scheme for Providing Transparent Traceability and Anonymity to Reputation Systems . . . . . . . . . . . . . . . . . . Zonghua Zhang, Jingwei Liu, and Youki Kadobayashi DualTrust: A Distributed Trust Model for Swarm-Based Autonomic Computing Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Wendy Maiden, Ioanna Dionysiou, Deborah Frincke, Glenn Fink, and David E. Bakken MIRAGE: A Management Tool for the Analysis and Deployment of Network Security Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Joaquin Garcia-Alfaro, Fr´ed´eric Cuppens, Nora Cuppens-Boulahia, and Stere Preda

155

170

188

203

A DSL for Specifying Autonomic Security Management Strategies . . . . . . Ruan He, Marc Lacoste, Jacques Pulou, and Jean Leneutre

216

Secure and Scalable RFID Authentication Protocol . . . . . . . . . . . . . . . . . . . Albert Fern` andez-Mir, Jordi Castell` a-Roca, and Alexandre Viejo

231

Some Ideas on Virtualized System Security, and Monitors . . . . . . . . . . . . . Hedi Benzina and Jean Goubault-Larrecq

244

Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

259