Secure collaborations over message boards

International Journal of Security and Networks

Volumn 1, Issue 1-2, 2006, Pages 113-124

  Ramkumar, Mahalingam ^a   Memon, Nasir ^b  

^a MISSISSIPPI STATE UNIVERSITY   (United States)

^b POLYTECHNIC UNIVERSITY   (United States)

Author keywords

key predistribution; message board; secure collaboration; trust modules

Indexed keywords

EID: 40949119439     PISSN: 17478405     EISSN: 17478413     Source Type: Journal    
DOI: 10.1504/ijsn.2006.010828     Document Type: Article

References (47)

1. Anzai, J., Matsuzaki, N. and Matsumoto, T. (1999) ‘A method for masked sharing of group keys (3)’, IEICE Technical Report, ISEC99–38.
2. Bullock, A. (1998) ‘SPACE: spatial access control for collaborative virtual environments’, PhD Thesis, University of Notingham.
3. Butler, T. and Coleman, D. (2003) ‘Models of Collaboration’, Strategies for Electronic Collaboration and Knowledge Management, September, Available at: http://www.collaborate.com.
4. Canetti, R., Garay, J., Itkis, G., Micciancio, D., Naor, M. and Pinkas, B. (1999) ‘Multicast security: a taxonomy and some efficient constructions’, INFOCOMM.
5. Dyer, M., Fenner, T., Frieze, A. and Thomason, A. (1995) ‘On key storage in secure networks’, Journal of Cryptology, Vol. 8, pp.189–200.
6. Eugster, P.T., Felber, P.A., Guerraoui, R. and Kermarrec, A-M. (2000) ‘The many faces of publish/subscribe’, Technical Report, Available at: citeseer.ist.psu.edu/649723.html.
7. Farley, J. (1998) Java Distributed Computing, O’Reilly Press.
8. Fiat, A. and Noar, M. (1994) ‘Broadcast encryption’, Lecture Notes in Computer Science, Advances in Cryptology, Springer-Verlag, Vol. 773, pp.480–491.
9. Fiege, L., Zeidler, A., Buchmann, A., Kilian-Kehr, R. and Muhl, G. (2004) ‘Security aspects in publish/subscribe systems’, International Workshop on Distributed Event-Based Systems (DEBS ’04), Edinburgh, Scotland.
10. Gong, L. and Wheeler, D.J. (1990) ‘A matrix key distribution scheme’, Journal of Cryptology, Vol. 2, No. 2, pp.51–59.
11. Grawrock (2006) The Intel Safer Computing Initiative, Intel Press, January.
12. Halevy, D. and Shamir, A. (2002) ‘The LSD broadcast encryption scheme’, Advances in Cryptology: 22nd Annual International Cryptology Conference, Santa Barbara, CA, pp.18–22, August.
13. Hughes, D. and Shmatilov, V. (2004) ‘Information hiding, anonymity and privacy: a modular approach’, Journal of Computer Security.
14. Khurana, H. (2005) ‘Scalable security and accounting services for content-based publish/subscribe systems’, ACM Symposium on Applied Computing (SAC), March.
15. Lee, S., Fox, G., Ko, S., Wang, M. and Qiu, X. (2002) ‘Ubiquitous access for collaborative information system using SVG, Proceedings of SVGopen Conference, July, Zurich, Switzerland.
16. Leighton, T. and Micali, S. (1994) ‘Secret-key agreement without public-Key cryptography’, Advances in Cryptology, pp.456–479.
17. Matyas, S.M. and Meyer, C.H. (1978) ‘Generation, distribution and installation of cryptographic keys’, IBM Systems Journal, Vol. 2, pp.126–137.
18. Mitchell, C.J. and Piper, F.C. (1995) ‘Key storage in secure networks’, Discrete Applied Mathematics, Vol. 21, pp.215–228.
19. Moody, Y.W. and Bacon, J. (2002) ‘A model of OASIS role-based access control and its support for active security’, ACM Symposium on Access Control Model and Technology, Chantilly, VA.
20. Moskowitz, I.S., Newman, R.E., Crepeau, D.P. and Miller, A.R. (2003) ‘Covert channels and anonymizing networks’, Proceedings of the ACM Workshop on Privacy in the Electronic Society, Washington, DC.
21. Murayama, Y., Gondo, H., Nakamoto, Y., Segawa, N. and Miyazaki, M. (2001) ‘A message board system on WWW with visualizing function for on-door communication’, 34thHawaii International Conference on System Sciences.
22. Needham, R. and Schroeder, M. (1978) ‘Using encryption for authentication in large networks of computers’, Communications of the ACM, Vol. 21, No. 12, December.
23. Noar, D., Noar, M. and Lotspiech, J. (2001) ‘Revocation and tracing routines for stateless receivers’, Lecture Notes in Computer Science, Advances in Cryptology, Springer-Verlag, Vol. 2139.
24. Opyrchal, L. and Prakash, A. (2001) ‘Secure distribution of events in content-based publish subscribe systems’, USENIX Security 01, August, Washington, DC.
25. Ramkumar, M., Memon, N. and Simha, R. (2003) ‘Pre-loaded key based multicast and broadcast authentication in mobile ad-hoc networks’, Globecom, San Fransisco, CA, December.
26. Ramkumar, M. (2005) ‘On broadcast encryption with random key pre-distribution schemes’, LNCS, ICISS 2005, Kolkata, India, December, Vol. 3803, pp.304–316.
27. Smith, S.W. and Weingart, S. (1998) ‘Building a high-performance programmable secure coprocessor’, IBM Technical Report RC21102, February.
28. Tolone, W., Ahn, G-J. and Pai, T. (2005) ‘Access control in collaborative systems’, ACM Computing Surveys, Vol. 37, No. 1, March.
29. Wang, C., Carzaniga, A., Evans, D. and Wolf, A.L. (2002) ‘Security issues and requirements for internet-scale publish-subscribe systems’, Hawaii International Conference on System Sciences, January.
30. http://www.w3.org/TR/SVG/.
31. For example, a ‘Google Message Board’ or a ‘Yahoo Message Board’.
32. Though catering for unregulated read-access is not a practical necessity, from a security stand-point, the assumption that ‘reading from the MB is open to all’ caters for posting of messages over insecure channels.
33. If A posts a message for B no one else apart from A and B should even know that A attempted to communicate with B.
34. See https://www.trustedcomputinggroup.org/.
35. Asymmetric RPS however does not employ any public key primitives.
36. As we shall see in a later section, a ‘higher authority’ instructs the LM-KDS to issue secrets corresponding to a ID A1 = h(A) to the node with ID A.
37. The limit is the number of bits used to represent the ID of any node - as each node requires a unique ID.
38. This approach, of using host master keys to encrypt all other keys dates back to Matyas and Meyer (1978).
39. We shall denote by K (M) the encryption of a value M using a key K, in conjunction with some block cipher.
40. In some application scenarios even session secrets may need to be protected from the end user. This issue is briefly discussed in Section 6.
41. We shall henceforth use A to represent Alice’s public ID, and her TM. The context will make the distinction clear. We shall also represent by ‘Alice’ the person or her PDA.
42. For instance, if Alice knows signatures for two nonce’s N1 and N2 she could easily fabricate the signature of Tu for N1N2. While there are simple techniques to overcome this problem, it is perhaps safer to ensure that both parties do not have freedom in choosing the nonce.
43. Alice will receive the secrets MA1 and MA^ independently - at different times.
44. Similarly S5 is not strictly a prerequisite for step S6.
45. In practice there may be multiple sets of secrets corresponding to multiple gateways.
46. After allA-RPS is exactly identical to the broadcast authentication scheme by Canetti et al. (1999) - only that in the SCMB it is primarily used for different purposes.
47. However, for broadcast messages the same strategies may not be appropriate. They may contain more fields to indicate the classification, key words etc., apart from the source of the broadcast.