1-4hit |
Yuliang ZHENG Thomas HARDJONO Josef PIEPRZYK
This paper presents a new concept in cryptography called the sibling intractable function family (SIFF) which has the property that given a set of initial strings colliding with one another, it is computationally infeasible to find another string that would collide with the initial strings. The various concepts behind SIFF are presented together with a construction of SIFF from any one-way function. Applications of SIFF to many practical problems are also discussed. These include the hierarchical access control problem which is a long-standing open problem induced by a paper of Akl and Taylor about ten years ago, the shared mail box problem, access control in distributed systems and the multiple message authentication problem.
Thomas HARDJONO Tadashi ARAKI Tetsuya CHIKARAISHI
The performance of an enciphered B+-tree can be improved by the selective encryption of the components of the nodes in the tree. This paper suggests an approach to the selective encryption of nodes in a B+-tree and a method to substitute the plaintext search keys in order to increase the security of the tree. The method is based on structures in combinatorial block designs, and it allows for faster traversal of the tree, hence improving the overall speed of query responses. It also represents a trade-off between security and performance in that the substitution method affords less security compared to encryption. However, assuming the use of a secure cryptosystem with parameters which are kept secret, the encrypted state of the data pointers and data blocks still prevents an intruder from accessing the stored data. The method based on block designs has the advantage of requiring only a small amount of information being kept secret. This presents a considerable savings in terms of space used to hold security-related information.
Tadashi ARAKI Tetsuya CHIKARAISHI Thomas HARDJONO Tadashi OHTA Nobuyoshi TERASHIMA
The security problems of object-oriented database system are investigated and security level assignment constraints and an access control mechanism based on the multilevel access control security policy are proposed. The proposed mechanism uses the Trusted Computing Base. A unique feature of the mechanism is that security levels are assigned not only to data items (objects), but also to methods and methods are not shown to the users whose security level is lower than that of the methods. And we distinguish between the security level of a variable in a class and that in an instance and distinguish between the level of an object when it is taken by itself and it is taken as a variable or an element of another complex object. All of this realizes the policy of multilevel access control.
Thomas HARDJONO Jennifer SEBERRY
During the last decade the decrease in the size of computing machinery, coupled with the increase in their computing power has lend to the development of the concept of mobile computing. Effects of this new vision is currently evident in the flourishing numbers of mobile telephones and portable computing units. In this paper we briefly investigate some issues concerning the security of mobile computing systems, within the framework of the categories of mobility, disconnection, data access modes and scale of operation (Imielinski & Badrinath, 1993). In contrast to previous works which concentrate on security in wireless communications, we focus on the security of interactions which are built upon the underlying wireless communications medium. Some conclusions are presented on the future directoins for security research in mobile computing sysytems.