The development of electronic commerce and other applications on the Internet is held up by conce... more The development of electronic commerce and other applications on the Internet is held up by concerns about security. Cryptography—the science of codes and ciphers—will be a significant part of the solution, but one of the hardest problems is enabling users to find out which cryptographic key belongs to whom.< br>< br> The main things that can go wrong with cryptography are similar to those that can go wrong with a signature stamp. A stamp can be stolen or counterfeit; or it may not belong to the person one thought it did. The first two ...
Proceedings of the 8th Workshop on Middleware for Next Generation Internet Computing - MW4NextGen '13, 2013
ABSTRACT Policy-based access control aims to decouple access control rules from the application t... more ABSTRACT Policy-based access control aims to decouple access control rules from the application they constrain by expressing these rules in declarative access control policies. Performance of policy-based access control is of growing importance, but concurrent and distributed policy evaluation has received little research attention and current policy evaluation engines are still single-machine and fully sequential to the best of our knowledge. We believe that concurrent policy evaluation is necessary to meet the performance and scalability requirements of next-generation internet applications and aid the maturation of policy-based access control. Therefore, this paper presents an initial exploration of concurrent policy evaluation. We illustrate the performance of current policy evaluation engines, model the performance of policy evaluation in terms of the characteristics of a policy, list opportunities for concurrency, describe the need for concurrency control and specifically show how concurrency can be used to improve throughput based on our prototype.
It is usually the case that before a transaction can take place, some mutual trust must be establ... more It is usually the case that before a transaction can take place, some mutual trust must be established between the participants. On-line, doing so requires the exchange of some certified information about the participants. The easy solution is to disclose one&amp;amp;amp;amp;#39;s identity and reveal all of one&amp;amp;amp;amp;#39;s certificates to establish such a trust relationship. However, it is clear that such
We discuss here some of the issues that must be consideredto build evidence in an appropriate way... more We discuss here some of the issues that must be consideredto build evidence in an appropriate way in a public-key infrastructure (PKI). Despite the fact that one of the most recurrent motivation bypapers advocating the necessity of a PKI, is to support electronic commerce, all the new proposals of PKIs do not define any procedure tospecify which evidence must be collected and in which form, when userscarry out a commercial transaction.
Data replication is a widely used technique for achieving fault tolerance and improved performanc... more Data replication is a widely used technique for achieving fault tolerance and improved performance. With the advent of content delivery networks, it is becoming more and more frequent that data content is placed on hosts that are not directly controlled by the content owner, and because of this, security mechanisms to protect data integrity are necessary. In this paper we present a system architecture that allows arbitrary queries to be supported on data content replicated on untrusted servers. To prevent these servers from returning erroneous answers to client queries, we make use of a small number of trusted hosts that randomly check these answers and take corrective action whenever necessary. Additionally, our system employs an audit mechanism that guarantees that any untrusted server acting maliciously will eventually be detected and excluded from the system. 1
Proceedings of the 17th ACM conference on Computer and communications security - CCS '10, 2010
Abstract The publish/subscribe model offers a loosely-coupled communication paradigm where applic... more Abstract The publish/subscribe model offers a loosely-coupled communication paradigm where applications interact indirectly and asynchronously. Publisher applications generate events that are forwarded to subscriber applications by a network of brokers. Subscribers register by specifying filters that brokers match against events as part of the routing process. Brokers might be deployed on untrusted servers where malicious entities can get access to events and filters. Supporting confidentiality of events and filters in this setting is still an ...
Proceedings of the 8th Workshop on Middleware for Next Generation Internet Computing - MW4NextGen '13, 2013
ABSTRACT Policy-based access control aims to decouple access control rules from the application t... more ABSTRACT Policy-based access control aims to decouple access control rules from the application they constrain by expressing these rules in declarative access control policies. Performance of policy-based access control is of growing importance, but concurrent and distributed policy evaluation has received little research attention and current policy evaluation engines are still single-machine and fully sequential to the best of our knowledge. We believe that concurrent policy evaluation is necessary to meet the performance and scalability requirements of next-generation internet applications and aid the maturation of policy-based access control. Therefore, this paper presents an initial exploration of concurrent policy evaluation. We illustrate the performance of current policy evaluation engines, model the performance of policy evaluation in terms of the characteristics of a policy, list opportunities for concurrency, describe the need for concurrency control and specifically show how concurrency can be used to improve throughput based on our prototype.
The development of electronic commerce and other applications on the Internet is held up by conce... more The development of electronic commerce and other applications on the Internet is held up by concerns about security. Cryptography—the science of codes and ciphers—will be a significant part of the solution, but one of the hardest problems is enabling users to find out which cryptographic key belongs to whom.< br>< br> The main things that can go wrong with cryptography are similar to those that can go wrong with a signature stamp. A stamp can be stolen or counterfeit; or it may not belong to the person one thought it did. The first two ...
Proceedings of the 8th Workshop on Middleware for Next Generation Internet Computing - MW4NextGen '13, 2013
ABSTRACT Policy-based access control aims to decouple access control rules from the application t... more ABSTRACT Policy-based access control aims to decouple access control rules from the application they constrain by expressing these rules in declarative access control policies. Performance of policy-based access control is of growing importance, but concurrent and distributed policy evaluation has received little research attention and current policy evaluation engines are still single-machine and fully sequential to the best of our knowledge. We believe that concurrent policy evaluation is necessary to meet the performance and scalability requirements of next-generation internet applications and aid the maturation of policy-based access control. Therefore, this paper presents an initial exploration of concurrent policy evaluation. We illustrate the performance of current policy evaluation engines, model the performance of policy evaluation in terms of the characteristics of a policy, list opportunities for concurrency, describe the need for concurrency control and specifically show how concurrency can be used to improve throughput based on our prototype.
It is usually the case that before a transaction can take place, some mutual trust must be establ... more It is usually the case that before a transaction can take place, some mutual trust must be established between the participants. On-line, doing so requires the exchange of some certified information about the participants. The easy solution is to disclose one&amp;amp;amp;amp;#39;s identity and reveal all of one&amp;amp;amp;amp;#39;s certificates to establish such a trust relationship. However, it is clear that such
We discuss here some of the issues that must be consideredto build evidence in an appropriate way... more We discuss here some of the issues that must be consideredto build evidence in an appropriate way in a public-key infrastructure (PKI). Despite the fact that one of the most recurrent motivation bypapers advocating the necessity of a PKI, is to support electronic commerce, all the new proposals of PKIs do not define any procedure tospecify which evidence must be collected and in which form, when userscarry out a commercial transaction.
Data replication is a widely used technique for achieving fault tolerance and improved performanc... more Data replication is a widely used technique for achieving fault tolerance and improved performance. With the advent of content delivery networks, it is becoming more and more frequent that data content is placed on hosts that are not directly controlled by the content owner, and because of this, security mechanisms to protect data integrity are necessary. In this paper we present a system architecture that allows arbitrary queries to be supported on data content replicated on untrusted servers. To prevent these servers from returning erroneous answers to client queries, we make use of a small number of trusted hosts that randomly check these answers and take corrective action whenever necessary. Additionally, our system employs an audit mechanism that guarantees that any untrusted server acting maliciously will eventually be detected and excluded from the system. 1
Proceedings of the 17th ACM conference on Computer and communications security - CCS '10, 2010
Abstract The publish/subscribe model offers a loosely-coupled communication paradigm where applic... more Abstract The publish/subscribe model offers a loosely-coupled communication paradigm where applications interact indirectly and asynchronously. Publisher applications generate events that are forwarded to subscriber applications by a network of brokers. Subscribers register by specifying filters that brokers match against events as part of the routing process. Brokers might be deployed on untrusted servers where malicious entities can get access to events and filters. Supporting confidentiality of events and filters in this setting is still an ...
Proceedings of the 8th Workshop on Middleware for Next Generation Internet Computing - MW4NextGen '13, 2013
ABSTRACT Policy-based access control aims to decouple access control rules from the application t... more ABSTRACT Policy-based access control aims to decouple access control rules from the application they constrain by expressing these rules in declarative access control policies. Performance of policy-based access control is of growing importance, but concurrent and distributed policy evaluation has received little research attention and current policy evaluation engines are still single-machine and fully sequential to the best of our knowledge. We believe that concurrent policy evaluation is necessary to meet the performance and scalability requirements of next-generation internet applications and aid the maturation of policy-based access control. Therefore, this paper presents an initial exploration of concurrent policy evaluation. We illustrate the performance of current policy evaluation engines, model the performance of policy evaluation in terms of the characteristics of a policy, list opportunities for concurrency, describe the need for concurrency control and specifically show how concurrency can be used to improve throughput based on our prototype.
Uploads
Papers by Bruno Crispo