Sharing Information with Web Services – A Mental Model Approach in the Context of Optional Information

Title

Sharing Information with Web Services - A Mental Model Approach in the Context of Optional Information

Authors

Oksana Kulyk (Technische Universität Darmstadt), Benjamin Maximilian Reinheimer (Technische Universität Darmstadt), and Melanie Volkamer (Technische Universität Darmstadt and Karlstad University).

Abstract 

Web forms are a common way for web service providers to collect data from their users.

Read more

Homomorphic Proxy Re-Authenticators and Applications to Verifiable Multi-User Data Aggregation

Title

Homomorphic Proxy Re-Authenticators and Applications to Verifiable Multi-User Data Aggregation

Authors

David Derler, Sebastian Ramacher, Daniel Slamanig (IAIK, Graz University of Technology)

Abstract

We introduce the notion of homomorphic proxy re-authenticators, a tool that adds security and verifiability guarantees to multi-user data aggregation scenarios.

Read more

Towards a Unified Secure Cloud Service Development and Deployment Life-Cycle

Authors

Aleksandar Hudic (AIT Austrian Institute of Technology GmbH), Matthias Flittner (Karlsruhe Institute of Technology), Thomas Lorünser (AIT Austrian Institute of Technology GmbH), Philipp M. Radl (AIT Austrian Institute of Technology GmbH), Roland Bless (Karlsruhe Institute of Technology)

Abstract

Designing and developing cloud services is a challenging task that includes requirements engineering, secure service deployment, maintenance, assurance that proper actions have been taken to support security and, in addition, considering legal aspects.

Read more

Opportunities and Challenges of CREDENTIAL – Towards a Metadata-Privacy Respecting Identity Provider

Authors

Farzaneh Karegar (Karlstad University), Christoph Striecks (AIT Austrian Institute of Technology), Stephan Krenn (AIT Austrian Institute of Technology), Felix Hörandner (Graz University of Technology), Thomas Lorünser (AIT Austrian Institute of Technology), and Simone Fischer-Hübner (Karlstad University)

Abstract

This paper summarizes the results of a workshop at the IFIP Summer School 2016 introducing the EU Horizon 2020 project CREDENTIAL, i.e.,

Read more

Evaluation of Privacy-ABC Technologies – A Study on the Computational Efficiency

Authors

Fatbardh Veseli (Goethe University Frankfurt), Jetzabel Serna (Goethe University Frankfurt)

Abstract

Privacy-enhancing attribute-based credential (Privacy-ABC) technologies use different cryptographic methods to enhance the privacy of the users. This results in important practical differences between these technologies, especially with regard to efficiency, which have not been studied in depth, but is necessary for assessing their suitability for different user devices and for highly dynamic scenarios.

Read more

Signer-Anonymous Designated-Verifier Redactable Signatures for Cloud-Based Data Sharing

Authors

David Derler (Graz University of Technology), Stephan Krenn (AIT Austrian Institute of Technology), Daniel Slamanig (Graz University of Technology)

Abstract

Redactable signature schemes allow to black out predefined parts of a signed message without affecting the validity of the signature, and are therefore an important building block in privacy-enhancing cryptography. 

Read more

Practical Signing-Right Revocation

Authors

Michael Till Beck (Ludwig-Maximilians-Universität München), Stephan Krenn (AIT Austrian Institute of Technology), Franz-Stefan Preiss (IBM Reserach Zurich), Kai Samelin (IBM Research Zurich and Technische Universität Darmstadt)

Abstract

One of the key features that must be supported by every modern PKI is an efficient way to determine (at verification) whether the signing key had been revoked.

Read more

CREDENTIAL: A Framework for Privacy-Preserving Cloud-Based Data Sharing

Authors

Felix Hörandner (Graz University of Technology), Stephan Krenn (AIT Austrian Institute of Technology GmbH), Andrea Migliavacca (Lombardia Informatica S.p.A.), Florian Thiemer (Fraunhofer FOKUS), and Bernd Zwattendorfer (Stiftung Secure Information and Communication Technologies)

Abstract

Data sharing – and in particular sharing of identity information – plays a vital role in many online systems.

Read more

The Austrian eID ecosystem in the public cloud: How to obtain privacy while preserving practicality

Authors

Bernd Zwattendorfer (IAIK, Graz University of Technology) and Daniel Slamanig (IAIK, Graz University of Technology)

Abstract

The Austrian eID system constitutes a main pillar within the Austrian e-Government strategy. The eID system ensures unique identification and secure authentication for citizens protecting access to applications where sensitive and personal data are involved.

Read more