scispace - formally typeset
Search or ask a question
Topic

Trusted third party

About: Trusted third party is a research topic. Over the lifetime, 2919 publications have been published within this topic receiving 60935 citations.


Papers
More filters
Proceedings ArticleDOI
01 Oct 2007
TL;DR: A new framework for secure multi-party computation that uses ambiguous user's identity during data mining for BPO application and provides a suitable architecture that is tuned for this protocol to function.
Abstract: In this Paper, we propose a new framework for secure multi-party computation that uses ambiguous user's identity. A huge amount of a potentially sensitive data exists in large a organization that needs to be mined. This raises concerns for people involved in the increased usage of data mining tools in both the public and private sectors. The utility to be gained from widespread data mining seems to come into direct conflict with an individual's need and right to privacy. A privacy preserving data mining solution aims at achieving the somewhat paradoxical property of enabling a data-mining algorithm to use data without ever actually "seeing" it. Thus, the benefits of data mining can be enjoyed, without compromising the privacy of concerned individuals. The very nature of huge amount of data during the mining needs to have such a framework with security. We propose the framework in the form a protocol for secure multiparty computation during data mining for BPO application. We also provide a suitable architecture that is tuned for this protocol to function.

20 citations

Book ChapterDOI
10 Jul 2006
TL;DR: A Dolev-Yao-based definition of abuse freeness for optimistic contract-signing protocols is proposed which incorporates a rigorous notion of what it means for an outside party to be convinced by a dishonest party that it has the ability to determine the outcome of the protocol with an honest party.
Abstract: We propose a Dolev-Yao-based definition of abuse freeness for optimistic contract-signing protocols which, unlike other definitions, incorporates a rigorous notion of what it means for an outside party to be convinced by a dishonest party that it has the ability to determine the outcome of the protocol with an honest party, i.e., to determine whether it will obtain a valid contract itself or whether it will prevent the honest party from obtaining a valid contract. Our definition involves a new notion of test (inspired by static equivalence) which the outside party can perform. We show that an optimistic contract-signing protocol proposed by Asokan, Shoup, and Waidner is abusive and that a protocol by Garay, Jakobsson, and MacKenzie is abuse-free according to our definition. Our analysis is based on a synchronous concurrent model in which parties can receive several messages at the same time. This results in new vulnerabilities of the protocols depending on how a trusted third party reacts in case it receives abort and resolve requests at the same time

20 citations

Patent
20 Mar 2013
TL;DR: In this article, a user-centered mobile internet identity managing and identifying method is proposed, where the identity information of the user is shown in the form of a virtual card, which can also be issued by a trusted third party through request and management of a user identity agency.
Abstract: Disclosed is a user-centered mobile internet identity managing and identifying method. User identity agency which is in charge of managing user identity information is set on a mobile platform by the method. An identity information card of a user can be created by the user through the user identity agency. Identity information can also be issued by a trusted third party through request and management of the user identity agency. The identity information of the user is shown in the form of a virtual card. The identity information of the user is managed by the user, and the user only needs to submit essential identity information needed by a website to the website. The submission of the identity information of the user needs to acquire authorization of the user, and therefore the user-centered characteristic and characteristic of user controlled identity information are shown in identity management. Identity authentication is conducted through a public and private key when the user needs to register or login on the website, and no longer relies on the identity authentication method of username/password. If a repeater (RP) is provided with a legal digital certificate, the digital certificate of the RP can be checked through the user identity agency by the system, and therefore phishing is prevented.

20 citations

Book ChapterDOI
01 Jan 2009
TL;DR: Privacy-preserving data mining (PPDM) refers to the area of data mining that seeks to safeguard sensitive information from unsolicited or unsanctioned disclosure, while privacy preservation is primarily concerned with protecting against disclosure individual data records.
Abstract: Privacy-preserving data mining (PPDM) refers to the area of data mining that seeks to safeguard sensitive information from unsolicited or unsanctioned disclosure. Most traditional data mining techniques analyze and model the data set statistically, in aggregation, while privacy preservation is primarily concerned with protecting against disclosure individual data records. This domain separation points to the technical feasibility of PPDM. Historically, issues related to PPDM were first studied by the national statistical agencies interested in collecting private social and economical data, such as census and tax records, and making it available for analysis by public servants, companies, and researchers. Building accurate socioeconomical models is vital for business planning and public policy. Yet, there is no way of knowing in advance what models may be needed, nor is it feasible for the statistical agency to perform all data processing for everyone, playing the role of a trusted third party. Instead, the agency provides the data in a sanitized form that allows statistical processing and protects the privacy of individual records, solving a problem known as privacy-preserving data publishing. For a survey of work in statistical databases, see Adam and Wortmann (1989) and Willenborg and de Waal (2001). The term privacy-preserving data mining was introduced in the papers Agrawal and Srikant (2000) and Lindell and Pinkas (2000). These papers considered two fundamental problems of PPDM: privacy-preserving data collection and mining a data set partitioned across several private enterprises. Agrawal and Srikant devised a randomization algorithm that allows a large number of users to contribute their private records for efficient centralized data mining while limiting the disclosure of their values; Lindell and Pinkas invented a cryptographic protocol for decision tree construction over a data set horizontally partitioned between two parties. These methods were subsequently refined and extended by many researchers worldwide. Other areas that influence the development of PPDM include cryptography and secure multiparty computation (Goldreich, 2004; Stinson, 2006), database query auditing for disclosure detection and prevention (Dinur & Nissim, 2003; Kenthapadi, Mishra, & Nissim, 2005; Kleinberg, Papadimitriou, & Raghavan, 2000), database privacy and policy enforcement (Aggarwal et al., 2004; Agrawal, Kiernan, Srikant, & Xu 2002), database security (Castano, Fugini, Martella, & Samarati, 1995), and of course, specific application domains.

20 citations

Patent
26 May 2009
TL;DR: In this paper, a key distribution system based on the principle of three-element peer authentication (TePA) is proposed, which safely distributes the communication key to each pair entities to enable keys have PFS attribute, reduces the key management complexity of the system, and realizes online updating of the trusted third party i.e. key distribution centre.
Abstract: A key distributing method, a public key of key distribution centre online updating method, a key distribution centre, a communication entity and a key management system. The system includes: communication entities, a carrying device, a key distribution centre and a database, wherein the carrying device carries or transports the information during the key distributing course and the public key online updating course, the database stores whether each communication entity registered secret service; the database connects with the key distribution centre, the key distribution centre connects with the carrying device, and the carrying device connects with each communication entity. Using the cipher technology of public key, a key distribution system is provided based on principle of three-element peer authentication (TePA). The system safely distributes the communication key to each pair entities to enable keys have PFS attribute, reduces the key management complexity of the system, and realizes online updating of the public key of the trusted third party i.e. key distribution centre.

20 citations


Network Information
Related Topics (5)
Encryption
98.3K papers, 1.4M citations
90% related
Server
79.5K papers, 1.4M citations
85% related
Wireless ad hoc network
49K papers, 1.1M citations
84% related
Mobile computing
51.3K papers, 1M citations
83% related
Network packet
159.7K papers, 2.2M citations
83% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202321
202240
2021125
2020201
2019179
2018177