Data Privacy Management, Cryptocurrencies and Blockchain Technology

@inproceedings{GarciaAlfaro2017DataPM,
  title={Data Privacy Management, Cryptocurrencies and Blockchain Technology},
  author={J. Garcia-Alfaro and G. Navarro-Arribas and H. Hartenstein and J. Herrera-Joancomart{\'i}},
  booktitle={Lecture Notes in Computer Science},
  year={2017}
}
Attack trees are an important modeling formalism to identify and quantify attacks on security and privacy. They are very useful as a tool to understand step by step the ways through a system graph that lead to the violation of security policies. In this paper, we present how attacks can be refined based on the violation of a policy. To that end we provide a formal definition of attack trees in Isabelle’s Higher Order Logic: a proof calculus that defines how to refine sequences of attack steps… Expand
Security Analysis Methods on Ethereum Smart Contract Vulnerabilities: A Survey
TLDR
This survey aims to identify the key vulnerabilities in smart contracts on Ethereum in the perspectives of their internal mechanisms and software security vulnerabilities by correlating 16 Ethereum vulnerabilities and 19 software security issues. Expand
Identity Management on Blockchain - Privacy and Security Aspects
TLDR
This work investigates identity management solutions on blockchain to give the reader an overview of the current status and provide a better understanding of the pros and cons of using such solutions, with a focus on privacy and security aspects. Expand
Exploring the Attack Surface of Blockchain: A Systematic Overview
TLDR
This paper systematically explore the attack surface of the Blockchain technology, with an emphasis on public Blockchains, and outlines several attacks, including selfish mining, the 51% attack, Domain Name System attacks, distributed denial-of-service (DDoS) attacks, consensus delay, orphaned blocks, block ingestion, wallet thefts, smart contract attacks, and privacy attacks. Expand
Smart Contracts: A Killer Application for Deductive Source Code Verification
TLDR
This paper argues for the use of deductive software verification as a way to increase confidence in the correctness of smart contracts, focussing on the most widely used smart contract platform and language, Ethereum and Solidity. Expand
SGUARD: Towards Fixing Vulnerable Smart Contracts Automatically
TLDR
This work develops an approach which automatically transforms smart contracts so that they are provably free of 4 common kinds of vulnerabilities, and applies runtime verification in an efficient and provably correct manner. Expand
Code cloning in smart contracts: a case study on verified contracts from the Ethereum blockchain platform
TLDR
This paper quantifies the amount of clones in Ethereum, understands key characteristics of clone clusters, and determines whether smart contracts contain pieces of code that are identical to those published by OpenZeppelin (RQ3), and concludes that the aforementioned findings yield implications to the security, development, and usage of smart contracts. Expand
Knowledge Discovery in Cryptocurrency Transactions: A Survey
TLDR
This article analyzes and summarizes the existing research on knowledge discovery in the cryptocurrency transactions using data mining techniques and classifies theexisting research into three aspects, i.e., transaction tracings and blockchain address linking, the analyses of collective user behaviors, and the study of individual user behaviors. Expand
TickEth, a ticketing system built on ethereum
TLDR
TickEth exploits Ethereum smart contracts to tackle the inability of checking the authenticity of tickets sold online, the wild price range of resold tickets in the secondary market, and the unwieldy refund procedures. Expand
VAIM: Verifiable Anonymous Identity Management for Human-Centric Security and Privacy in the Internet of Things
TLDR
This work establishes a novel IDM system that includes blind ordered multi-signature protocol, which allows users to processes efficiently and trusts the verification of anonymous transactions, and improves the traditional claim identity model in blockchain by implementing zero-knowledge proof (ZKP) algorithms. Expand
Robust Proof of Stake: A New Consensus Protocol for Sustainable Blockchain Systems
TLDR
This paper proposes a new Robust Proof of Stake (RPoS) consensus protocol, which uses the amount of coins to select miners and limits the maximum value of the coin age to effectively avoid coin age accumulation attack and Nothing-at-Stake (N@S) attack. Expand
...
1
2
3
4
...

References

SHOWING 1-10 OF 32 REFERENCES
On Pseudonymization of Audit Data for Intrusion Detection
  • J. Biskup, U. Flegel
  • Computer Science
  • Workshop on Design Issues in Anonymity and Unobservability
  • 2000
TLDR
This work technically bind reidentification to a threshold, representing the legal purpose of accountability in the presence of policy violations, and contrast the notion of threshold-based identity recovery with previous approaches and point out open problems. Expand
Optimized and controlled provisioning of encrypted outsourced data
TLDR
An algorithm and tool set is presented that determines an optimal balance between security and functionality as well as helps to identify and resolve possible conflicts and is tested on a database benchmark and business-driven security policies. Expand
CryptDB: protecting confidentiality with encrypted query processing
TLDR
The evaluation shows that CryptDB has low overhead, reducing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries from TPC-C, compared to unmodified MySQL. Expand
Security analysis for order preserving encryption schemes
  • Liangliang Xiao, I. Yen
  • Computer Science
  • 2012 46th Annual Conference on Information Sciences and Systems (CISS)
  • 2012
TLDR
The ideal OPE object achieves one-wayness security, i.e., the probability for the adversary to fully recover the plaintext encrypted by the ideal O PE object against an h known plaintext attack is a negligible function of the secure parameter log m. Expand
Order-Preserving Encryption Secure Beyond One-Wayness
Semantic-security of individual plaintext bits given the corresponding ciphertext is a fundamental notion in modern cryptography. We initiate the study of this basic problem for Order-PreservingExpand
A secure architecture for the pseudonymization of medical data
TLDR
A new architecture for the pseudonymization of medical data is provided that combines primary and secondary use in one system and thus provides a solution to vulnerabilities of existing approaches. Expand
A Survey of Privacy Policy Languages
Most consumers are sensitive to privacy issues when conducting business online. Protecting information by enforcing security and privacy practices internally is a way for organizations to increaseExpand
ON DATA BANKS AND PRIVACY HOMOMORPHISMS
Encryption is a well—known technique for preserving the privacy of sensitive information. One of the basic, apparently inherent, limitations of this technique is that an information system workingExpand
Inference Attacks on Property-Preserving Encrypted Databases
TLDR
This paper presents a series of attacks that recover the plaintext from DTE- and OPE-encrypted database columns using only the encrypted column and publicly-available auxiliary information, and considers well-known attacks, including frequency analysis and sorting, as well as new attacks based on combinatorial optimization. Expand
A Note for the Ideal Order-Preserving Encryption Object and Generalized Order-Preserving Encryption
TLDR
This paper investigates the security of the OPE in more depth, and gives example to show that the “ideal” OPE object may not always be the most secure OPE, and presents two GOPEs in polynomial-sized and superpolynomial-sized domains that satisfy stronger notions of security than that of the ideal O PE object. Expand
...
1
2
3
4
...