论文信息 - Self Attestation of Things

Self Attestation of Things

Various devices including our mobile phones are increasingly used as the intermediary (gateway) between IoT peripherals (like the smart lock at our homes) and the larger cloud infrastructure. In this paper we introduce the novel notion of Caveat instances on the cloud together with a novel application of MQTT (the communication protocol designed for peripherals) to stamp our will on how data about us can be used when it travels and resides outside our immediate boundary. Even when we cannot keep our personal data private, we can still prevent it from being misused, for example to commit identity theft, by ensuring that the attacker cannot produce an appropriate attestation for the data.

Bruce Christianson | Partha Das Chowdhury

[1] David Chaum,et al. Achieving Electronic Privacy , 1992 .

[2] Bruce Christianson,et al. More Security or Less Insecurity , 2010, Security Protocols Workshop.

[3] Ross J. Anderson. Why cryptosystems fail , 1993, CCS '93.

[4] Philip Levis,et al. Beetle: Flexible Communication for Bluetooth Low Energy , 2016, MobiSys.

[5] David Chaum,et al. Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[6] Hong Linh Truong,et al. MQTT-S — A publish/subscribe protocol for Wireless Sensor Networks , 2008, 2008 3rd International Conference on Communication Systems Software and Middleware and Workshops (COMSWARE '08).

[7] Mark Ryan,et al. Making Decryption Accountable , 2017, Security Protocols Workshop.

[8] Jan Camenisch,et al. An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[9] Lior Jacob Strahilevitz,et al. Toward a Positive Theory of Privacy Law , 2013 .

[10] Alessandro Acquisti,et al. Identity Management, Privacy, and Price Discrimination , 2008, IEEE Security & Privacy.

[11] H. Varian,et al. Conditioning Prices on Purchase History , 2005 .

[12] David Chaum,et al. Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[13] Jan Camenisch,et al. Design and implementation of the idemix anonymous credential system , 2002, CCS '02.