Topic
Trusted third party
About: Trusted third party is a research topic. Over the lifetime, 2919 publications have been published within this topic receiving 60935 citations.
Papers published on a yearly basis
Papers
More filters
••
09 Nov 2009TL;DR: The goal of this paper is to produce a mechanism through which users can control how their content is shared with other users, without relying on a trusted third party to manage the social network graph and the users' data.
Abstract: In this paper we introduce a novel scheme for key management in social networks that is a first step towards the creation of a private social network. A social network graph (i.e., the graph of friendship relationships) is private and social networks are often used to share content, which may be private, amongst its users. In the status quo, the social networking server has access to both this graph and to all of the content, effectively requiring that it is a trusted third party. The goal of this paper is to produce a mechanism through which users can control how their content is shared with other users, without relying on a trusted third party to manage the social network graph and the users' data. The specific access control model considered here is that users will specify access policies based on distance in the social network; for example some content is visible to friends only, while other content is visible to friends of friends, etc. This access control is enforced via key management. That is for each user, there is a key that only friends should be able to derive, there is a key that both friends of the user and friends of friends can derive, etc. The proposed scheme enjoys the following properties: i) the scheme is asynchronous in that it does not require users to be online at the same time, ii) the scheme provides key indistinguishability (that is if a user is not allowed to derive a key according to the access policy, then that key is indistinguishable from a random value), iii) the scheme is efficient in terms of server storage and key derivation time, and iv) the scheme is collusion resistant.
21 citations
••
21 May 2007TL;DR: An asynchronous optimistic certified email protocol, with stateless recipients, that relies on key chains to considerably reduce the storage requirements of the trusted third party and outperforms the existing schemes that achieve strong fairness.
Abstract: This paper introduces an asynchronous optimistic certified email protocol, with stateless recipients, that relies on key chains to considerably reduce the storage requirements of the trusted third party. The proposed protocol thereby outperforms the existing schemes that achieve strong fairness. The paper also discusses the revocation of compromised keys as well as practical considerations regarding the implementation of the protocol.
21 citations
•
TL;DR: This paper proposes a data combination privacy preservation mechanism for SaaS, which combines data privacy preservation and data usability, and supports customizing privacy constraint.
Abstract: In Software-as-a-Service(SaaS)model,business applications and databases are both deployed at the platform of untrustworthy service providers.Data privacy leakage has become the biggest problem and challenge hindering application and adoption of SaaS model.Based on the privacy leakage degree of different plainx data combination in SaaS model,this paper proposes a data combination privacy preservation mechanism for SaaS.This mechanism supports customizing privacy constraint,which is used to describe the requirements of data combination privacy,and fragments the SaaS data attribute into the different data chunks.Based on the trusted third party,association between data shares from different data chunks could be hidden and reconstructed,fake data are also used to assure the balancing of the data shares in data chunks,which combines data privacy preservation and data usability.It is proven that the privacy preservation mechanism is effective and feasible through analysis and experiments.
20 citations
••
TL;DR: It is shown that all the previous AQS schemes, no matter whether original or improved, are still insecure in the sense that the messages and the corresponding signatures can be exchanged among different receivers, allowing the receivers to deny having accepted the signature of an appointed message.
Abstract: Due to the potential capability of providing unconditional security, arbitrated quantum signature (AQS) schemes, whose implementation depends on the participation of a trusted third party, received intense attention in the past decade. Recently, some typical AQS schemes were cryptanalyzed and improved. In this paper, we analyze the security property of some AQS schemes and show that all the previous AQS schemes, no matter whether original or improved, are still insecure in the sense that the messages and the corresponding signatures can be exchanged among different receivers, allowing the receivers to deny having accepted the signature of an appointed message. Some further improved methods on the AQS schemes are also discussed.
20 citations
•
09 Feb 2007TL;DR: In this article, a trusted third party records information of each sender's communications, such as date, time and recipients, and allows recipients to verify if their incoming messages match the data of their senders' outgoing communications.
Abstract: A method and system to authenticate electronic communications, such as email. A trusted third party records information of each of sender's communications, such as date, time and recipients. Recipients are allowed to verify if their incoming messages match the data of their senders' outgoing communications. Mismatches can be used to filter out fake messages assuming stolen identities.
20 citations