A holistic anonymity framework for web services

1st International Conference on Pervasive Technologies Related to Assistive Environments, PETRA 2008

Volumn , Issue , 2008, Pages

  Papastergiou, Spyridon ^a   Valvis, Giorgos ^a   Polemi, Despina ^a  

^a UNIVERSITY OF PIRAEUS   (Greece)

Author keywords

Connection anonymity; Hidden web serives; Service Oriented Architecture (SOA); Web services (WS)

Indexed keywords

DISTRIBUTED COMPUTER SYSTEMS; INFORMATION SERVICES; INTEROPERABILITY; MARKUP LANGUAGES; SOFTWARE ARCHITECTURE; WEB SERVICES; WORLD WIDE WEB;

BUSINESS SERVICES; CONNECTION ANONYMITY; HIDDEN WEB SERIVES; UNOBSERVABLE; WEB SERVICES (WS);

SERVICE ORIENTED ARCHITECTURE (SOA);

EID: 57549114898     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1389586.1389632     Document Type: Conference Paper

References (37)

1. High, R., Kinder, S., Graham., S.: IBM's SOA Foundation - An architectural Introduction and Overview. (2005).
2. G. M. Naedele, "Standards for XML and Web Services Security", IEEE Computer, pp. 96-98, 2003.
3. ETSI TS 101 903 v. 1.2.2, "XML Advanced Electronic Signatures (XAdES)", Technical Specification, 2004, http://uri.etsi.org/01903/v1.2.2/ ts-101903v010202p.pdf
4. A. Pfitzmann, M. Hansen. (2005). Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management - A Consolidated Proposal for Terminology. Version v0.23 Aug. 25, 2005.
5. E. Gabber, P. Gibbons, D. Kristol, Y. Matias, and A. Mayer, "Consistent, yet anonymous, Web access with LPWA," Communication ACM, vol. 42, no. 2, pp. 42-47, Feb. 1999.
6. H. Tillwick, M. Olivier. Towards a framework for connection anonymity. Annual research conference of the South African institute of computer scientists and information technologists on IT research in developing countries. ACM International Conference Proceeding Series, vol. 150, pp. 113-122, 2005.
7. Øverlier, L., and Syverson, P.. Valet services: Improving hidden servers with a personal touch. In Proceedings of The 6th Workshop on Privacy Enhancing Technologies, Springer-Verlag, LNCS 4285, Cambridge, UK, June 28-30 (2006).
8. R. Dingledine, N. Mathewson, and P. Syverson, "Tor: The Second-Generation Onion Router," Proc. 13th Usenix Security Symp., Usenix Assoc, 2004, pp. 303-319; http://tor.eff.orgtor-design.pdf
9. J. F. Raymond, Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems. In H. Federrath, editor, Proceedings of Designing Privacy Enhancing Technologies: Workshop on Design Issues in Anonymity and Unobservability, pages 10-29. Springer-Verlag, LNCS 2009, July 2000.
10. D. Chaum, Untraceable electronic mail, return addresses, and digital pseudonyms", in Communications of the ACM v 24 no 2 (Feb 1981).
11. U. Moeller et al., Mixmaster protocol version 2, Technical report, Network Working Group, 2004, Internet-Draft.
12. G. Danezis, R. Dingledine, and N. Mathewson, Mixminion: Design of a type III anonymous remailer protocol, in IEEE Symposium on Security and Privacy, IEEE, Berkeley, CA, 2003.
13. M. K. Reiter and A. D. Rubin. Crowds: Anonymity for web transactions. ACM Transactions on Information System Security, April 1998.
14. The Six/Four System. http://sourceforge.net/projects/sixfour/.
15. Anonymizer, Inc. http://www.anonymizer.com/.
16. M. G. Reed, P. F. Syverson, and D. M. Goldschlag. Proxies for anonymous routing. In 12th Annual Computer Security Applications Conference, 1996. http://www.omonrouter.net/Publications.html.
17. R. Dingledine and N. Mathewson. Tor rendezvous specification. Technical report, The Free Haven Project, February 2006. http://tor.eff.org/cvs/doc/rend- spec.txt.
18. M. K. Wright, M. Adler, B. N. Levine, C. Shields. The predecessor attack: An analysis of a threat to anonymous communications systems. ACM Trans. Inf. Syst. Secur. 7 (2004) 489-522.
19. S. J. Murdoch, G. Danezis. Low-cost traffic analysis of Tor. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy, IEEE CS (2005)
20. L. Øverlier, P. Syverson. Locating hidden servers. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy, IEEE CS.
21. B. Hartman et al., Mastering Web Services Security, Wiley Publishing, 2003.
22. WS-Trust Specification 1.3, OASIS Standard, 2007, http://docs.oasis-open. org/ws-sx/ws-trust/200512/ws-trust-1.3-os.doc.
23. WS-Security Core Specification 1.1, OASIS Standard 1.1, http://www.oasisopen.org/committees/download.php/16790/wss-v1. 1-specos-SOAPMessageSecurity.pdf
24. W. Mao. Blind Certification of Public Keys, HP Labs Technical Reports, HPL-96-71, May 16, 1996.
25. E. Christenssen et al. (2001). "Web Services Description Language (WSDL) 1.1", W3C Note, www.w3.org/TR/wsdl.
26. Schlimmer J., ed., (2004). "Web Services Policy Framework (WS-Policy)". September 2004. Available http://www-128.ibm.com/ developerworks/webservices/library/specificati on/ws-polfram/
27. T. Bellwood (editor). (2002). "UDDI version 2.04 API Specification", UDDI Committee Specification, OASIS Standard, www.oasis-open.org/committees/uddispec/doc/tcspecs.htm#uddiv2.
28. Web Services Addressing 1.0 - Core, W3C Recommendation 9 May 2006, http://www.w3.org/TR/wsaddr-core/
29. S. Papastergiou, A. Karantjias, D. Polemi, "A Federated Privacy-Enhancing Identity Management System (FPE-IMS)", in The 18th Annual IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, 2007.
30. Papastergiou S, Kaliontzoglou A., Polemi D.. "Targeted SOA-based Identity Management Solutions". Computer Standards and Interfaces, Elsevier (to be accepted).
31. C. Adams, S. Lloyd, Understanding Public-Key Infrastructure - Concepts, Standards and Deployment Considerations, 1st Edition, Macmillan Technical Publishing, 1999.
32. W. Ford et al, "XML Key Management Specification XKMS", W3C note, March 2001, www.w3.org/TR/xkms.
33. Polemi, D., Papastergiou, S.. "A Secure e-Ordering Web Service", Project E-Society: Building Bricks, Springer Boston, Volume 226/2006, ISBN 978-0-387-39226-4, pp. 352-365.
34. Papastergiou, S., Polemi, D.. "A Secure and Trustful e-Ordering Architecture (TOES) for Small and Medium size Enterprises (SMEs)". International Journal of Information Security and Privacy, IdeaGroup Inc., 2007.
35. A. Serjantov, R. Dingledine, and P. Syverson. From a trickle to a flood: Active attacks on several mix types. In F. Petitcolas, editor, Information Hiding (IH 2002). Springer-Verlag, LNCS (forthcoming), 2002.
36. M. Papazoglou, W. Heuvel, "Service Oriented Architectures: Approaches, Technologies and Research Issues", The VLDB Journal, Vol. 16, Issue 3, pp. 389-415, 2007
37. R. M. Needham. Denial of service. In CCS'93:Proceedings of the 1st ACM conference on Computer and communications security, pages 151-153, New York, NY, USA, 1993. ACM Press.