This file was created by the TYPO3 extension bib --- Timezone: UTC Creation date: 2024-11-11 Creation time: 01-54-03 --- Number of references 29 article 2022-henze-tii-prada Complying with Data Handling Requirements in Cloud Storage Systems IEEE Transactions on Cloud Computing 2022 9 10 3 1661-1674 In past years, cloud storage systems saw an enormous rise in usage. However, despite their popularity and importance as underlying infrastructure for more complex cloud services, today’s cloud storage systems do not account for compliance with regulatory, organizational, or contractual data handling requirements by design. Since legislation increasingly responds to rising data protection and privacy concerns, complying with data handling requirements becomes a crucial property for cloud storage systems. We present Prada , a practical approach to account for compliance with data handling requirements in key-value based cloud storage systems. To achieve this goal, Prada introduces a transparent data handling layer, which empowers clients to request specific data handling requirements and enables operators of cloud storage systems to comply with them. We implement Prada on top of the distributed database Cassandra and show in our evaluation that complying with data handling requirements in cloud storage systems is practical in real-world cloud deployments as used for microblogging, data sharing in the Internet of Things, and distributed email storage. https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-henze-tii-prada.pdf Online en 2168-7161 10.1109/TCC.2020.3000336 1 MartinHenze RomanMatzutt JensHiller ErikMühmer Jan HenrikZiegeldorf Johannesvan der Giet KlausWehrle inproceedings 2018-ziegeldorf-shield SHIELD: A Framework for Efficient and Secure Machine Learning Classification in Constrained Environments 2018 12 1-15 iop,mynedata https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018-ziegeldorf-acsac-shield.pdf ACM
New York, NY, USA
Proceedings of the 34rd Annual Computer Security Applications Conference San Juan, Puerto Rico, USA The 34rd Annual Computer Security Applications Conference (ACSAC 2018) 2018-12-03 - 2018-12-07 English 10.1145/3274694.3274716 1 Jan HenrikZiegeldorf JanMetzke KlausWehrle
inproceedings 2018-matzutt-bitcoin-content-countermeasures Thwarting Unwanted Blockchain Content Insertion 2018 4 17 364-370 Since the introduction of Bitcoin in 2008, blockchain systems have seen an enormous increase in adoption. By providing a persistent, distributed, and append-only ledger, blockchains enable numerous applications such as distributed consensus, robustness against equivocation, and smart contracts. However, recent studies show that blockchain systems such as Bitcoin can be (mis)used to store arbitrary content. This has already been used to store arguably objectionable content on Bitcoin's blockchain. Already single instances of clearly objectionable or even illegal content can put the whole system at risk by making its node operators culpable. To overcome this imminent risk, we survey and discuss the design space of countermeasures against the insertion of such objectionable content. Our analysis shows a wide spectrum of potential countermeasures, which are often combinable for increased efficiency. First, we investigate special-purpose content detectors as an ad hoc mitigation. As they turn out to be easily evadable, we also investigate content-agnostic countermeasures. We find that mandatory minimum fees as well as mitigation of transaction manipulability via identifier commitments significantly raise the bar for inserting harmful content into a blockchain. Bitcoin,blockchain,security,objectionable content,countermeasure mynedata,iop https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018-matzutt-blockchain-contents-countermeasures.pdf https://ieeexplore.ieee.org/document/8360355 IEEE Proceedings of the First IEEE Workshop on Blockchain Technologies and Applications (BTA), co-located with the IEEE International Conference on Cloud Engineering 2018 (IC2E 2018) Orlando, Florida, USA First IEEE Workshop on Blockchain Technologies and Applications (BTA) 2018-04-17 English 978-1-5386-5008-0 10.1109/IC2E.2018.00070 1 RomanMatzutt MartinHenze Jan HenrikZiegeldorf JensHiller KlausWehrle article 2016-fgcs-ziegeldorf-bitcoin Secure and anonymous decentralized Bitcoin mixing Future Generation Computer Systems 2018 3 80 448-466 Pseudonymity, anonymity, and untraceability rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018-ziegeldorf-fgcs-bitcoin.pdf Online Elsevier en 0167-739X 10.1016/j.future.2016.05.018 1 Jan HenrikZiegeldorf RomanMatzutt MartinHenze FredGrossmann KlausWehrle inproceedings 2018-matzutt-bitcoin-content A Quantitative Analysis of the Impact of Arbitrary Blockchain Content on Bitcoin 2018 2 26 Blockchains primarily enable credible accounting of digital events, e.g., money transfers in cryptocurrencies. However, beyond this original purpose, blockchains also irrevocably record arbitrary data, ranging from short messages to pictures. This does not come without risk for users as each participant has to locally replicate the complete blockchain, particularly including potentially harmful content. We provide the first systematic analysis of the benefits and threats of arbitrary blockchain content. Our analysis shows that certain content, e.g., illegal pornography, can render the mere possession of a blockchain illegal. Based on these insights, we conduct a thorough quantitative and qualitative analysis of unintended content on Bitcoin's blockchain. Although most data originates from benign extensions to Bitcoin's protocol, our analysis reveals more than 1600 files on the blockchain, over 99% of which are texts or images. Among these files there is clearly objectionable content such as links to child pornography, which is distributed to all Bitcoin participants. With our analysis, we thus highlight the importance for future blockchain designs to address the possibility of unintended data insertion and protect blockchain users accordingly. mynedata https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018_matzutt_bitcoin-contents_preproceedings-version.pdf 2018-01-07 Online Springer Proceedings of the 22nd International Conference on Financial Cryptography and Data Security (FC), Nieuwpoort, Curaçao Nieuwpoort, Curaçao Financial Cryptography and Data Security 2018 en 10.1007/978-3-662-58387-6_23 1 RomanMatzutt JensHiller MartinHenze Jan HenrikZiegeldorf DirkMüllmann OliverHohlfeld KlausWehrle incollection 2017-cps-henze-network Network Security and Privacy for Cyber-Physical Systems 2017 11 13 25-56 sensorcloud,ipacs Song, Houbing and Fink, Glenn A. and Jeschke, Sabina Wiley-IEEE Press First 2 Security and Privacy in Cyber-Physical Systems: Foundations, Principles and Applications en 978-1-119-22604-8 10.1002/9781119226079.ch2 1 MartinHenze JensHiller RenéHummen RomanMatzutt KlausWehrle Jan HenrikZiegeldorf inproceedings 2017-henze-mobiquitous-comparison Privacy-preserving Comparison of Cloud Exposure Induced by Mobile Apps 2017 11 7 543-544 trinics https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-henze-mobiquitous-comparison.pdf Online ACM Proceedings of the 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (MobiQuitous) - Poster Session, Melbourne, VIC, Australia en 978-1-4503-5368-7 10.1145/3144457.3144511 1 MartinHenze RitsumaInaba Ina BereniceFink Jan HenrikZiegeldorf inproceedings 2017-henze-mobiquitous-cloudanalyzer CloudAnalyzer: Uncovering the Cloud Usage of Mobile Apps 2017 11 7 262-271 Developers of smartphone apps increasingly rely on cloud services for ready-made functionalities, e.g., to track app usage, to store data, or to integrate social networks. At the same time, mobile apps have access to various private information, ranging from users' contact lists to their precise locations. As a result, app deployment models and data flows have become too complex and entangled for users to understand. We present CloudAnalyzer, a transparency technology that reveals the cloud usage of smartphone apps and hence provides users with the means to reclaim informational self-determination. We apply CloudAnalyzer to study the cloud exposure of 29 volunteers over the course of 19 days. In addition, we analyze the cloud usage of the 5000 most accessed mobile websites as well as 500 popular apps from five different countries. Our results reveal an excessive exposure to cloud services: 90 % of apps use cloud services and 36 % of apps used by volunteers solely communicate with cloud services. Given the information provided by CloudAnalyzer, users can critically review the cloud usage of their apps. Privacy; Smartphones; Cloud Computing; Traffic Analysis trinics https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-henze-mobiquitous-cloudanalyzer.pdf Online ACM Proceedings of the 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (MobiQuitous '17), November 7-10, 2017, Melbourne, VIC, Australia Melbourne, VIC, Australia November 7-10, 2017 en 978-1-4503-5368-7 10.1145/3144457.3144471 1 MartinHenze JanPennekamp DavidHellmanns ErikMühmer Jan HenrikZiegeldorf ArthurDrichel KlausWehrle article 2017-ziegeldorf-bmcmedgenomics-bloom BLOOM: BLoom filter based Oblivious Outsourced Matchings BMC Medical Genomics 2017 7 26 10 Suppl 2 29-42 Whole genome sequencing has become fast, accurate, and cheap, paving the way towards the large-scale collection and processing of human genome data. Unfortunately, this dawning genome era does not only promise tremendous advances in biomedical research but also causes unprecedented privacy risks for the many. Handling storage and processing of large genome datasets through cloud services greatly aggravates these concerns. Current research efforts thus investigate the use of strong cryptographic methods and protocols to implement privacy-preserving genomic computations. We propose FHE-Bloom and PHE-Bloom, two efficient approaches for genetic disease testing using homomorphically encrypted Bloom filters. Both approaches allow the data owner to securely outsource storage and computation to an untrusted cloud. FHE-Bloom is fully secure in the semi-honest model while PHE-Bloom slightly relaxes security guarantees in a trade-off for highly improved performance. We implement and evaluate both approaches on a large dataset of up to 50 patient genomes each with up to 1000000 variations (single nucleotide polymorphisms). For both implementations, overheads scale linearly in the number of patients and variations, while PHE-Bloom is faster by at least three orders of magnitude. For example, testing disease susceptibility of 50 patients with 100000 variations requires only a total of 308.31 s (σ=8.73 s) with our first approach and a mere 0.07 s (σ=0.00 s) with the second. We additionally discuss security guarantees of both approaches and their limitations as well as possible extensions towards more complex query types, e.g., fuzzy or range queries. Both approaches handle practical problem sizes efficiently and are easily parallelized to scale with the elastic resources available in the cloud. The fully homomorphic scheme, FHE-Bloom, realizes a comprehensive outsourcing to the cloud, while the partially homomorphic scheme, PHE-Bloom, trades a slight relaxation of security guarantees against performance improvements by at least three orders of magnitude. Proceedings of the 5th iDASH Privacy and Security Workshop 2016 Secure outsourcing; Homomorphic encryption; Bloom filters sscilops; mynedata; rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-ziegeldorf-bmcmedgenomics-bloom.pdf Online BioMed Central Chicago, IL, USA November 11, 2016 en 1755-8794 10.1186/s12920-017-0277-y 1 Jan HenrikZiegeldorf JanPennekamp DavidHellmanns FelixSchwinger IkeKunze MartinHenze JensHiller RomanMatzutt KlausWehrle inproceedings 2017-zimmermann-secon Resource and Execution Control for Mobile Offloadee Devices 2017 6 12 maki IEEE 14th IEEE International Conference on Sensing, Communication, and Networking (SECON 2017), San Diego, USA San Diego, USA 14th IEEE International Conference on Sensing, Communication, and Networking (SECON 2017) 12.06.2017 - 14.06.2017 en 978-1-5090-6599-8 10.1109/SAHCN.2017.7964939 1 TorstenZimmermann HannoWirtz Jan HenrikZiegeldorf ChristianSteinhaus KlausWehrle inproceedings 2017-henze-ic2e-prada Practical Data Compliance for Cloud Storage 2017 4 4 252-258 ssiclops, ipacs https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-henze-ic2e-prada.pdf Online IEEE Proceedings of the 2017 IEEE International Conference on Cloud Engineering (IC2E 2017), Vancouver, BC, Canada en 978-1-5090-5817-4 10.1109/IC2E.2017.32 1 MartinHenze RomanMatzutt JensHiller ErikMühmer Jan HenrikZiegeldorf Johannesvan der Giet KlausWehrle inproceedings 2017-ziegeldorf-codaspy-priward Privacy-Preserving HMM Forward Computation 2017 3 22 83-94 mynedata https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-ziegeldorf-codaspy-priward.pdf Online ACM Proceedings of the 7th ACM Conference on Data and Application Security and Privacy (CODASPY 2017), Scottsdale, AZ, USA en 978-1-4503-4523-1 10.1145/3029806.3029816 1 Jan HenrikZiegeldorf JanMetzke JanRüth MartinHenze KlausWehrle inproceedings 2017-ziegeldorf-wons-tracemixer TraceMixer: Privacy-Preserving Crowd-Sensing sans Trusted Third Party 2017 2 21 17-24 mynedata https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-ziegeldorf-wons-tracemixer.pdf Online IEEE Proceedings of the 2017 13th Annual Conference on Wireless On-demand Network Systems and Services (WONS), Jackson Hole, WY, USA en 978-3-901882-88-3 10.1109/WONS.2017.7888771 1 Jan HenrikZiegeldorf MartinHenze JensBavendiek KlausWehrle inproceedings 2017-matzutt-mynedata myneData: Towards a Trusted and User-controlled Ecosystem for Sharing Personal Data 2017 1073-1084 Personal user data is collected and processed at large scale by a handful of big providers of Internet services. This is detrimental to users, who often do not understand the privacy implications of this data collection, as well as to small parties interested in gaining insights from this data pool, e.g., research groups or small and middle-sized enterprises. To remedy this situation, we propose a transparent and user-controlled data market in which users can directly and consensually share their personal data with interested parties for monetary compensation. We define a simple model for such an ecosystem and identify pressing challenges arising within this model with respect to the user and data processor demands, legal obligations, and technological limits. We propose myneData as a conceptual architecture for a trusted online platform to overcome these challenges. Our work provides an initial investigation of the resulting myneData ecosystem as a foundation to subsequently realize our envisioned data market via the myneData platform. Presentation slides are in German Personal User Data, Personal Information Management, Data Protection Laws, Privacy Enhancing Technologies, Platform Design, Profiling mynedata_show https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-matzutt-informatik-mynedata.pdf https://www.comsys.rwth-aachen.de/fileadmin/misc/mynedata/talks/2017-matzutt-informatik-mynedata-presentation.pdf Presentation slides Eibl, Maximilian and Gaedke, Martin Gesellschaft für Informatik, Bonn INFORMATIK 2017 Chemnitz INFORMATIK 2017 2017-09-28 English 978-3-88579-669-5 1617-5468 10.18420/in2017_109 1 RomanMatzutt DirkMüllmann Eva-MariaZeissig ChristianeHorst KaiKasugai SeanLidynia SimonWieninger Jan HenrikZiegeldorf GerhardGudergan IndraSpiecker gen. Döhmann KlausWehrle MartinaZiefle phdthesis 2017-ziegeldorf-phdthesis Designing Digital Services with Cryptographic Guarantees for Data Security and Privacy 2017 RWTH Aachen University Jan HenrikZiegeldorf inproceedings 2016-henze-wpes-cppl CPPL: Compact Privacy Policy Language 2016 10 24 99-110 ssiclops https://www.comsys.rwth-aachen.de/fileadmin/papers/2016/2016-henze-wpes-cppl.pdf Online ACM Proceedings of the 15th Workshop on Privacy in the Electronic Society (WPES), co-located with the 23rd ACM Conference on Computer and Communications Security (CCS), Vienna, Austria en 978-1-4503-4569-9 10.1145/2994620.2994627 1 MartinHenze JensHiller SaschaSchmerling Jan HenrikZiegeldorf KlausWehrle inproceedings 2016-matzutt-ccs-bitcoin POSTER: I Don't Want That Content! On the Risks of Exploiting Bitcoin's Blockchain as a Content Store 2016 10 24 1769-1771 mynedata /fileadmin/papers/2016/2016-matzutt-ccs-blockchaincontent.pdf Online ACM Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS), Vienna, Austria en 978-1-4503-4139-4 10.1145/2976749.2989059 1 RomanMatzutt OliverHohlfeld MartinHenze RobinRawiel Jan HenrikZiegeldorf KlausWehrle inproceedings 2015-ziegeldorf-cans-boma Bandwidth-optimized Secure Two-Party Computation of Minima 2015 12 8 9476 197-213 /fileadmin/papers/2015/2015-ziegeldorf-cans-boma.pdf Online Springer Lecture Notes in Computer Science 14th International Conference on Cryptology and Network Security (CANS 2015), Marrakesh, Morocco en 978-3-319-26822-4 10.1007/978-3-319-26823-1_14 1 Jan HenrikZiegeldorf JensHiller MartinHenze HannoWirtz KlausWehrle inproceedings 2015-ziegeldorf-dpm-comparison Comparison-based Privacy: Nudging Privacy in Social Media (Position Paper) 2015 9 22 9481 226-234 fileadmin/papers/2015/2015-ziegeldorf-dpm-cbp.pdf Online Springer Lecture Notes in Computer Science The 10th DPM International Workshop on Data Privacy Management, Vienna, Austria en 978-3-319-29882-5 10.1007/978-3-319-29883-2_15 1 Jan HenrikZiegeldorf MartinHenze RenéHummen KlausWehrle inproceedings 2015-ahfe-kowalewski-facebook Like us on Facebook! - Analyzing user preferences regarding privacy settings in Germany Procedia Manufacturing 2015 7 3 815--822 Elsevier The 6th International Conference on Applied Humand Factors and Ergonomics (AHFE 2015), Las Vegas, NV, USA en 2351-9789 10.1016/j.promfg.2015.07.336 1 SylviaKowalewski MartinaZiefle Jan HenrikZiegeldorf KlausWehrle inproceedings 2015-ziegeldorf-iwpe-comparison Choose Wisely: A Comparison of Secure Two-Party Computation Frameworks 2015 5 21 198-205 https://www.comsys.rwth-aachen.de/fileadmin/papers/2015/2015-ziegeldorf-iwpe-choose.pdf Online IEEE 2015 International Workshop on Privacy Engineering (IWPE'15), part of 2015 IEEE Security and Privacy Workshops (SPW 2015), San Jose, CA, USA en 10.1109/SPW.2015.9 1 Jan HenrikZiegeldorf JanMetzke MartinHenze KlausWehrle inproceedings 2014-ziegeldorf-codaspy-coinparty CoinParty: Secure Multi-Party Mixing of Bitcoins 2015 3 2 rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2015/2015-ziegeldorf-codaspy-coinparty.pdf Online ACM The Fifth ACM Conference on Data and Application Security and Privacy (CODASPY 2015), San Antonio, TX, USA San Antonio, TX, USA The Fifth ACM Conference on Data and Application Security and Privacy (CODASPY 2015) en 978-1-4503-3191-3 10.1145/2699026.2699100 1 Jan HenrikZiegeldorf FredGrossmann MartinHenze NicolasInden KlausWehrle poster 2014-wisec-ziegeldorf-ipin POSTER: Privacy-preserving Indoor Localization 2014 7 23 rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2014/2014-ziegeldorf-poster-wisec.pdf 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '14) (Poster) en 10.13140/2.1.2847.4886 1 Jan HenrikZiegeldorf NicolaiViol MartinHenze KlausWehrle inproceedings 2013-icnp-hummen-tailoring Tailoring End-to-End IP Security Protocols to the Internet of Things 2013 10 7 1-10 iotsec https://www.comsys.rwth-aachen.de/fileadmin/papers/2013/2013-hummen-tailoring.pdf Online IEEE In Proceedings of the 21st IEEE International Conference on Network Protocols (ICNP 2013), Göttingen, Germany Göttingen, Germany 21st IEEE International Conference on Network Protocols (ICNP 2013) 7-10 Oct. 2013 en 978-1-4799-1270-4 10.1109/ICNP.2013.6733571 1 RenéHummen HannoWirtz Jan HenrikZiegeldorf JensHiller KlausWehrle article 2013-scn-ziegeldorf-iot-privacy Privacy in the Internet of Things: Threats and Challenges Security and Communication Networks - Special Issue on 'Security in a Completely Interconnected World' 2013 6 10 http://www.comsys.rwth-aachen.de/fileadmin/papers/2013/2013-ziegeldorf-scn-privacy-in-the-iot.pdf Online Wiley en 10.1002/sec.795 1 Jan HenrikZiegeldorf OscarGarcia-Morchon KlausWehrle inproceedings 2013-hummen-towards Towards Viable Certificate-based Authentication for the Web of Things 2013 4 19 iotsec fileadmin/papers/2013/2013-hummen-towards.pdf ACM Proceedings of the 2nd ACM Workshop on Hot Topics on Wireless Network Security and Privacy (HotWiSec '13) Budapest, Hungary 2nd ACM Workshop on Hot Topics on Wireless Network Security and Privacy en 978-1-4503-2003-0 10.1145/2463183.2463193 1 RenéHummen Jan HenrikZiegeldorf HosseinShafagh ShahidRaza KlausWehrle inproceedings 2013-wisec-garcia-securing Securing the IP-based Internet of Things with HIP and DTLS 2013 4 119--124 ACM Proceedings of the 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '13) (short paper) 978-1-4503-1998-0 10.1145/2462096.2462117 1 OscarGarcia-Morchon Sye LoongKeoh Sandeep S.Kumar PedroMoreno-Sanchez FranciscoVidal-Meca Jan HenrikZiegeldorf inproceedings 2013-pitsac-vidalmeca-hip HIP security architecture for the IP-based Internet of Things 2013 3 25 1331 - 1336 The IP-based Internet of Things refers to the pervasive interactions of smart objects and people enabling new applications by means of IP protocols. An application scenario is a Smart City in which the city infrastructure, cars, and people exchange information to enable new services. IP protocols, such as IPv6, TCP and HTTP will be further complemented by IPv6 over Low powerWireless Personal Area Networks and Constrained Application Protocol currently in development in IETF. Security and privacy are a must for the IP-based IoTs in order to ensure its acceptance. However, mobility, limited bandwidth, and resource-constrained devices pose new challenges and require for a sound and efficient security architecture. In particular, dynamic association of mobile smart objects and the management of keys in large-scale networks remain an open challenge. In this context, we propose a flexible security architecture based on the Host Identity Protocol and Multimedia Internet KEYing protocols allowing for secure network association and key management. HIP - based on asymmetric-key cryptography - ensures unambiguous thing identification, mobility support, as well as a lightweight and secure method for network association. In our solution, HIP is extended with MIKEY capabilities to provide enhanced key management using polynomials, which allow to generate pairwise keys with any node based on its identity. This combination of protocols and crypto-algorithms ensures both strong security and very good performance as shown by our implementation and presents clear advantages compared with other alternatives. Internet of Things; Security; Network Access; Key Management Online IEEE Proceedings of the 27th International Conference on Advanced Information Networking and Applications Workshops (WAINA), 2013 Barcelona, Spain 25.-28.03.2013 en 10.1109/WAINA.2013.158 1 FranciscoVidal Meca Jan HenrikZiegeldorf OscarGarcia-Morchon Sandeep S.Kumar Sye LoongKeoh PedroMoreno-Sanchez inproceedings 2012-hummen-seams SEAMS: A Signaling Layer for End-host-Assisted Middlebox Services 2012 6 25 525--532 fileadmin/papers/2012/2012-hummen-seams.pdf Proceedings of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-12) IEEE Liverpool, United Kingdom en 978-1-4673-2172-3 10.1109/TrustCom.2012.250 1 RenéHummen Jan HenrikZiegeldorf TobiasHeer HannoWirtz KlausWehrle