44 resultados para Third party
Resumo:
A trusted third party introduced in watermarking protocols would decrease the security and affect the implementation of the protocols. In this paper, a new watermarking protocol with an un trusted third party (UTTP) was proposed. Based on the idea of all-o>nothing disclosure of secret (ANDOS), all of the buyer, the seller and the third party didn't know the exact watermark, which was embedded in a digital content for tracing piracy. The proposed protocol pro vided mechanisms to trace piracy and protect customer's right, fn addition, the problem that a seller colluded with UTTP to frame the buyer, namely, the conspiracy problem, could be avoided.
Resumo:
There is a growing body of knowledge that examines the tasks and processes for successful sport and recognizes that sport development activities undertaken within the framework of recruitment, retention, and transition should vary between sports and contexts. There has been little research that has examined newer models of sport development in emerging sports. This research examines elite sport development structure and delivery in the sport of triathlon in the USA and Australia. The research team conducted interviews with representatives responsible for the delivery and development of triathlon. The results show three overarching elements in elite sport development: (1) the sport development process, (2) the sport development setting, and (3) outsourcing delivery of sport development. Triathlon has different processes and settings for sport development between the USA and Australia. However, both countries share a core similarity in how they deliver elite sport through a third party organization. A discussion of the implications for the development of new models of elite sport development ensues.
Resumo:
It is paramount to provide seamless and ubiquitous access to rich contents available online to interested users via a wide range of devices with varied characteristics. Recently, a service-oriented content adaptation scheme has emerged to address this content-device mismatch problem. In this scheme, content adaptation functions are provided as services by third-party providers. Clients pay for the consumed services and thus demand service quality. As such, negotiating for the QoS offers, assuring negotiated QoS levels and accuracy of adapted content version are essential. Any non-compliance should be handled and reported in real time. These issues elevate the management of service level agreement (SLA) as an important problem. This chapter presents prior work, important challenges, and a framework for managing SLA for service-oriented content adaptation platform.
Resumo:
Recent investigations have determined that many Android applications in both official and non-official online markets expose details of the user's mobile phone without user consent. In this paper, for the first time in the research literature, we provide a full investigation of why such applications leak, how they leak and where the data is leaked to. In order to achieve this, we employ a combination of static and dynamic analysis based on examination of Java classes and application behaviour for a data set of 123 samples, all pre-determined as being free from malicious software. Despite the fact that anti-virus vendor software did not flag any of these samples as malware, approximately 10% of them are shown to leak data about the mobile phone to a third-party; applications from the official market appear to be just as susceptible to such leaks as applications from the non-official markets.
Resumo:
The rationale underlying the fixtures and accession presumptions is the need to protect the value of the chattel as well as the need to protect third-party interests. The destruction of the independent legal status of an attached chattel is generally deemed appropriate where the value of the co-mingled asset will be diminished if the chattel retains a separate legal title and this would generate unfairness because third parties have dealt with the co-mingled asset on the basis of its overall value. Rights to remove have evolved under both common law and equity to moderate the scope of these presumptions. Common law will uphold the right of a tenant to remove chattels that have been attached to leased premises during the currency of the lease. Equity on the other hand will uphold the right to remove affixed chattels in circumstances where the enforcement of such an entitlement is consistent with contractual intention and transactional fairness. This article examines the different rights of removal that have evolved under Australian law to date and the emergent statutory framework supporting these rights. It discusses the historical purpose and structural utility of these entitlements within a land framework that supports fixtures presumptions. Rights of removal, whether validated at law or in equity, confer positive entitlements upon the holder to access and remove affixed goods in circumstances where, because of the fixtures and accession presumptions, those goods no longer retain any separate legal status. The capacity of the holder to enforce this right against third parties is illustrative of their distinctive proprietary perspective.
Resumo:
In Eurocrypt 2003, Gentry introduced the notion of certificate-based encryption. The merit of certificate-based encryption lies in the following features: (1) providing more efficient public-key infrastructure (PKI) that requires less infrastructure, (2) solving the certificate revocation problem, and (3) eliminating third-party queries in the traditional PKI. In addition, it also solves the inherent key escrow problem in the identity-based cryptography. In this paper, we first introduce a new attack called the “Key Replacement Attack” in the certificate-based system and refine the security model of certificate-based signature. We show that the certificate-based signature scheme presented by Kang, Park and Hahn in CT-RSA 2004 is insecure against key replacement attacks. We then propose a new certificate-based signature scheme, which is shown to be existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model. Compared with the certificate-based signature scheme in CT-RSA 2004, our scheme enjoys shorter signature length and less operation cost, and hence, our scheme outperforms the existing schemes in the literature.
Resumo:
Optimistic fair exchange (OFE) protocols are useful tools for two participants to fairly exchange items with the aid of a third party who is only involved if needed. A widely accepted requirement is that the third party's involvement in the exchange must be transparent, to protect privacy and avoid bad publicity. At the same time, a dishonest third party would compromise the fairness of the exchange and the third party thus must be responsible for its behaviors. This is achieved in OFE protocols with another property called accountability. It is unfortunate that the accountability has never been formally studied in OFE since its introduction ten years ago. In this paper, we fill these gaps by giving the first complete definition of accountability in OFE where one of the exchanged items is a digital signature and a generic (also the first) design of OFE where transparency and accountability coexist.
Resumo:
In Asiacrypt 2003, the concept of universal designated verifier signature (UDVS) was introduced by Steinfeld, Bull, Wang and Pieprzyk. In the new paradigm, any signature holder (not necessarily the signer) can designate the publicly verifiable signature to any desired designated verifier (using the verifier’s public key), such that only the designated verifier can believe that the signature holder does have a valid publicly verifiable signature, and hence, believes that the signer has signed the message. Any other third party cannot believe this fact because this verifier can use his secret key to create a valid UDVS which is designated to himself. In ACNS 2005, Zhang, Furukawa and Imai proposed the first UDVS scheme without random oracles. In this paper, we give a security analysis to the scheme of Zhang et al. and propose a novel UDVS scheme without random oracles based on Waters’ signature scheme, and prove that our scheme is secure under the Gap Bilinear Diffie Hellman assumption
Resumo:
Certificate-based encryption (CBE) and certificateless encryption (CLE) are proposed to lessen the certificate management problem in a traditional public-key encryption setting. Although they are two different notions, CBE and CLE are closely related and possess several common features. The encryption in CBE and CLE does not require authenticity verification of the recipient's public key. The decryption in both notions requires two secrets that are generated by the third party and the public key owner, respectively. Recently a generic conversion from CLE to CBE was given, but unfortunately its security proof is flawed. This paper provides an elaborate security model of CBE, based on which a provably secure generic construction of CBE from CLE is proposed. A concrete instantiation is also presented to demonstrate the application of our generic construction.
Resumo:
Many researchers consider disputes as part of the project lifecycle. Although preventative actions exist, it is not utterly possible to avoid them. Once the disputes arise, an appropriate resolution technique should be adopted. Common perception is referring to a resolution method either internally or via a third party; which may also be binding by law. The resolution process requires attention to the disputed claims. Hence, deep investigation of the claims and choosing the appropriate method is crucial for the successful project delivery and reputation of the industry.
Preparation of disputed claims and resolution process also faces many debates. Conducting To effective dispute resolution requires attention to proper preparation and presentation of the incurred events. All the required information should be acquired to estimate and present the claim, for a smooth settlement. As an integrated digital model of the project, BIM, stores all the information of the projects in detail. Retrieval of the required information for the disputed issues can easily be obtained from the model. It is also possible to embed the construction schedule, change orders and variations, specifications and financial data such as cash flow along with the multidisciplinary drawings. As this model stores all the information at every particular time and phase, disputes can be concluded quick and accurate.
In this research, using a case study and literature review, disputes and resolution processes are deeply studied. A BIM model is created to investigate benefits on overcoming the challenges; during claiming, and resolution of the disputes. It is seen that the claims are prepared faster and more accurate in a visualized environment provided by BIM. Furthermore, substantiating and presenting the disputes for the resolution purpose was incomparable to the traditional methods. The conclusions recommend that; even the project did not adopt a BIM model earlier; it can be created for a smooth process, during claiming and resolution of disputes.
Resumo:
Attribute-Based Encryption (ABE) is a promising cryptographic primitive which significantly enhances the versatility of access control mechanisms. Due to the high expressiveness of ABE policies, the computational complexities of ABE key-issuing and decryption are getting prohibitively high. Despite that the existing Outsourced ABE solutions are able to offload some intensive computing tasks to a third party, the verifiability of results returned from the third party has yet to be addressed. Aiming at tackling the challenge above, we propose a new Secure Outsourced ABE system, which supports both secure outsourced key-issuing and decryption. Our new method offloads all access policy and attribute related operations in the key-issuing process or decryption to a Key Generation Service Provider (KGSP) and a Decryption Service Provider (DSP), respectively, leaving only a constant number of simple operations for the attribute authority and eligible users to perform locally. In addition, for the first time, we propose an outsourced ABE construction which provides checkability of the outsourced computation results in an efficient way. Extensive security and performance analysis show that the proposed schemes are proven secure and practical. © 2013 IEEE.
Resumo:
This paper presents a framework on how Small and Medium Enterprises (SMEs) can proactively incorporate content relating to their ecological responsibility (or green) activities in their websites. SME studies offer limited guidance on, and conceptualisation of, how organisations can incorporate different types of content into their website designs. This paper addresses this problem by presenting the results of an exploratory, qualitative content analysis of Australian SME websites where emergent themes are interpreted using framing and legitimacy theories. It describes three dimensions (location, presentation, and specificity) which comprise the framework, under which the themes are grouped. The paper outlines how scholars can use the framework to develop models and carry out evaluations regarding how SMEs embed green content, and potentially other specific content types, in their websites. It also summarises how the framework can assist SMEs (or website developers serving them) make informed decisions regarding framing their websites as green, or de-emphasising this content, by paying attention to its location (e.g. homepage, navigation bars) and presentation (e.g. how paragraphs, images, etc are used) within webpages. The legitimacy or credibility of the green content can be enhanced using different types of specificity (e.g. statistics, detail of processes and actions, and third-party substantiation).
Resumo:
Content adaptation is used to adapt multimedia content to a version required by users. In the service-oriented scheme, adaptation functions are provided as services by third-party service providers. Clients pay for the consumed services and thus demand service quality. Providers advertise their services; each with varied quality-of-services (QoS). Some of these QoS however, may not be deliverable accordingly during the actual service execution due to heavy load. Thus, the provider should able to determine a current deliverable QoS before the service level agreement (SLA) is settled with the requesters. In this paper, we propose a strategy for service providers to evaluate incoming requests and capable of offering the new QoS to the requests potentially being initially rejected. The proposed strategy takes into account the current server load and requests' priority. We analysed the performance of the proposed strategy in terms of SLA settlement under various conditions. The results indicate that the proposed strategy performs well. © 2014 IEEE.
Resumo:
Cloud computing is becoming popular as the next infrastructure of computing platform. However, with data and business applications outsourced to a third party, how to protect cloud data centers from numerous attacks has become a critical concern. In this paper, we propose a clusterized framework of cloud firewall, which characters performance and cost evaluation. To provide quantitative performance analysis of the cloud firewall, a novel M/Geo/1 analytical model is established. The model allows cloud defenders to extract key system measures such as request response time, and determine how many resources are needed to guarantee quality of service (QoS). Moreover, we give an insight into financial cost of the proposed cloud firewall. Finally, our analytical results are verified by simulation experiments.
Resumo:
Recent studies have determined that many Android applications in both official and non-official online markets expose details of the users' smartphones without user consent. In this paper, we explain why such applications leak, how they leak and where the data is leaked to. In order to achieve this, we combine static and dynamic analysis to examine Java classes and application behaviour for a set of popular, clean applications from the Finance and Games categories. We observed that all the applications in our data set which leaked information (10%) had third-party advertising libraries embedded in their respective Java packages.
