Security and Privacy by Declarative Design

Maffei, Matteo and Pecina, Kim and Reinert, Manuel
(2013) Security and Privacy by Declarative Design.
In: Proceedings of the IEEE 26th Computer Security Foundations Symposium (CSF '16).
Conference: CSF IEEE Computer Security Foundations Symposium (was CSFW)

[img] Text
CSF.2013.13 - Published Version
Download (44kB)

Abstract

The privacy of users has rapidly become one of the most pervasive and stringent requirements in distributed computing. Designing and implementing privacy-preserving distributed systems, however, is challenging since these systems also have to fulfill seemingly conflicting security properties and system requirements: e.g., authorization and accountability require some form of user authentication and session management necessarily involves some form of user tracking.In this work, we present a solution based on declarative design.The core component of our framework is a logic-based declarative API for data processing that exports methods to conveniently specify the system architecture and the intended security properties, and conceals the cryptographic realization.Invisible to the programmer, the implementation of this API relies on a powerful combination of digital signatures, non-interactive zero-knowledge proofs of knowledge, pseudonyms, and reputation lists. We formally proved that the cryptographic implementation enforces the security properties expressed in the declarative specification.The systems produced by our framework enjoy interoperability and open-endedness: they can easily be extended to offer new services and cryptographic data can be shared and processed by different services, without requiring any extra bootstrapping phase or interaction among parties.We implemented the API in Java and conducted an experimental evaluation to demonstrate the practicality of our approach.

Item Type: Conference or Workshop Item (A Paper) (Paper)
Additional Information: pub_id: 157 Bibtex: MaPeRe:2013:SecurityAndPrivacyb URL date: None
Divisions: Unspecified
Conference: CSF IEEE Computer Security Foundations Symposium (was CSFW)
Depositing User: Sebastian Weisgerber
Date Deposited: 26 Jul 2017 10:32
Last Modified: 18 Jul 2019 12:09
Primary Research Area: NRA2: Reliable Security Guarantees
URI: https://publications.cispa.saarland/id/eprint/880

Actions

Actions (login required)

View Item View Item
CISPA is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.