Change search
Refine search result
1 - 10 of 10
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Jin, Hongyu
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Khodaei, Mohammad
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Security and Privacy in Vehicular Social Networks2016In: Vehicular Social Networks, Taylor & Francis Group, 2016Chapter in book (Other academic)
  • 2.
    Jin, Hongyu
    et al.
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Poster: Bloom Filter based certificate validation for VANET2017In: Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2017, Association for Computing Machinery (ACM), 2017, p. 273-274Conference paper (Refereed)
    Abstract [en]

    Security and privacy are important properties that have to be considered for the adoption of Vehicular Ad-hoc Networks (VANETs). Short-lived credentials, termed pseudonyms, are used to ensure message integrity and authentication while preserving vehicle (thus, their passengers') privacy. However, this introduces extra communication and computation overhead: pseudonyms have to be attached to the messages and signatures on pseudonyms and messages need to be verified before they can be accepted. In this poster, we are concerned with computation overhead for pseudonym validation. We preload vehicular On-Board Units (OBUs) with a Bloom Filter (BF) to facilitate pseudonym validation while traditional approach (i.e., signature verification on pseudonyms) can still be preserved as a fallback approach. We evaluate our scheme on automotive testbed with a preliminary implementation. Our scheme provides low processing delay for pseudonym validation at a cost of communication overhead for pre-downloading the BF.

  • 3.
    Jin, Hongyu
    et al.
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Proactive certificate validation for VANETs2017In: IEEE Vehicular Networking Conference, VNC, IEEE Computer Society, 2017, article id 7835974Conference paper (Refereed)
    Abstract [en]

    Security and privacy in Vehicular Ad-hoc Networks (VANETs) mandates use of short-lived credentials (pseudonyms) and cryptographic key pairs. This implies significant computational overhead for vehicles, needing to validate often numerous such pseudonyms within a short period. To alleviate such a bottleneck that could even place vehicle safety at risk, we propose a proactive pseudonym validation approach based on Bloom Filters (BFs). We show that our scheme could liberate computational resources for other (safety- and time-critical) operations with reasonable communication overhead without compromising security and privacy.

  • 4.
    Jin, Hongyu
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Resilient collaborative privacy for Location-Based services2015In: 20th Nordic Conference on Secure IT Systems, NordSec 2015, Springer, 2015, p. 47-63Conference paper (Refereed)
    Abstract [en]

    Location-based Services (LBSs) provide valuable services, with convenient features for users. However, the information disclosed through each request harms user privacy. This is a concern particularly with honest-but-curious LBS servers, which could, by collecting requests, track users and infer additional sensitive user data. This is the motivation of both centralized and decentralized location privacy protection schemes for LBSs: anonymizing and obfuscating LBS queries to not disclose exact information, while still getting useful responses. Decentralized schemes overcome the disadvantages of centralized schemes, eliminating anonymizers and enhancing users’ control over sensitive information. However, an insecure decentralized system could pose even more serious security threats than privacy leakage. We address exactly this problem, by proposing security enhancements for mobile data sharing systems. We protect user privacy while preserving accountability of user activities, leveraging pseudonymous authentication with mainstream cryptography. Our design leverages architectures proposed for large scale mobile systems, while it incurs minimal changes to LBS servers as it can be deployed in parallel to the LBS servers. This further motivates the adoption of our design, in order to cater to the needs of privacy-sensitive users. We provide an analysis of security and privacy concerns and countermeasures, as well as a performance evaluation of basic protocol operations showing the practicality of our design.

  • 5.
    Jin, Hongyu
    et al.
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Resilient privacy protection for location-based services through decentralization2017In: Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2017, Association for Computing Machinery (ACM), 2017, p. 253-258Conference paper (Refereed)
    Abstract [en]

    Location-based Services (LBSs) provide valuable features but can also reveal sensitive user information. Decentralized privacy protection removes the need for a so-called anonymizer, but relying on peers is a double-edged sword: adversaries could mislead with fictitious responses or even collude to compromise their peers' privacy. We address here exactly this problem: we strengthen the decentralized LBS privacy approach, securing peer-to-peer (P2P) interactions. Our scheme can provide precise timely P2P responses by passing proactively cached Point of Interest (POI) information. It reduces the exposure both to the honest-but-curious LBS servers and peer nodes. Our scheme allows P2P responses to be validated with very low fraction of queries affected even if a significant fraction of nodes are compromised. The exposure can be kept very low even if the LBS server or a large set of colluding curious nodes collude with curious identity management entities.

  • 6.
    Jin, Hongyu
    et al.
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Resilient privacy protection for location-based services through decentralization2017In: Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2017, Association for Computing Machinery (ACM), 2017, p. 253-258Conference paper (Refereed)
    Abstract [en]

    Location-based Services (LBSs) provide valuable features but can also reveal sensitive user information. Decentralized privacy protection removes the need for a so-called anonymizer, but relying on peers is a double-edged sword: adversaries could mislead with fictitious responses or even collude to compromise their peers' privacy. We address here exactly this problem: we strengthen the decentralized LBS privacy approach, securing peer-to-peer (P2P) interactions. Our scheme can provide precise timely P2P responses by passing proactively cached Point of Interest (POI) information. It reduces the exposure both to the honest-but-curious LBS servers and peer nodes. Our scheme allows P2P responses to be validated with very low fraction of queries affected even if a significant fraction of nodes are compromised. The exposure can be kept very low even if the LBS server or a large set of colluding curious nodes collude with curious identity management entities.

  • 7.
    Jin, Hongyu
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Scaling VANET Security Through Cooperative Message Verification2015In: 2015 IEEE VEHICULAR NETWORKING CONFERENCE (VNC), IEEE , 2015, p. 275-278Conference paper (Refereed)
    Abstract [en]

    VANET security introduces significant processing overhead for resource-constrained On-Board Units (OBUs). Here, we propose a novel scheme that allows secure Vehicular Communication (VC) systems to scale well beyond network densities for which existing optimization approaches could be workable, without compromising security (and privacy).

  • 8.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Jin, Hongyu
    KTH, School of Electrical Engineering and Computer Science (EECS), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering and Computer Science (EECS), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    SECMACE: Scalable and Robust Identity and Credential Management Infrastructure in Vehicular Communication Systems2018In: IEEE transactions on intelligent transportation systems (Print), ISSN 1524-9050, E-ISSN 1558-0016, Vol. 19, no 5, p. 1430-1444Article in journal (Refereed)
    Abstract [en]

    Several years of academic and industrial research efforts have converged to a common understanding on fundamental security building blocks for the upcoming vehicular communication (VC) systems. There is a growing consensus toward deploying a special-purpose identity and credential management infrastructure, i.e., a vehicular public-key infrastructure (VPKI), enabling pseudonymous authentication, with standardization efforts toward that direction. In spite of the progress made by standardization bodies (IEEE 1609.2 and ETSI) and harmonization efforts [Car2Car Communication Consortium (C2C-CC)], significant questions remain unanswered toward deploying a VPKI. Deep understanding of the VPKI, a central building block of secure and privacy-preserving VC systems, is still lacking. This paper contributes to the closing of this gap. We present SECMACE, a VPKI system, which is compatible with the IEEE 1609.2 and ETSI standards specifications. We provide a detailed description of our state-of-the-art VPKI that improves upon existing proposals in terms of security and privacy protection, and efficiency. SECMACE facilitates multi-domain operations in the VC systems and enhances user privacy, notably preventing linking pseudonyms based on timing information and offering increased protection even against honest-but-curious VPKI entities. We propose multiple policies for the vehicle-VPKI interactions and two large-scale mobility trace data sets, based on which we evaluate the full-blown implementation of SECMACE. With very little attention on the VPKI performance thus far, our results reveal that modest computing resources can support a large area of vehicles with very few delays and the most promising policy in terms of privacy protection can be supported with moderate overhead.

  • 9.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Jin, Hongyu
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    SECMACE: Scalable and Robust Identity and Credential Management Infrastructure in Vehicular Communication SystemsManuscript (preprint) (Other academic)
    Abstract [en]

    Several years of academic and industrial research efforts have converged to a common understanding on fundamental security building blocks for the upcoming Vehicular Communication (VC) systems. There is a growing consensus towards deploying a special-purpose identity and credential management infrastructure, i.e., a Vehicular Public-Key Infrastructure (VPKI), enabling pseudonymous authentication, with standardization efforts towards that direction. In spite of the progress made by standardization bodies (IEEE 1609.2 and ETSI) and harmonization efforts (Car2Car Communication Consortium (C2C-CC)), significant questions remain unanswered towards deploying a VPKI. The precise understanding of the VPKI, a central building block of secure and privacy-preserving VC systems, is still lacking. This paper contributes to the closing of this gap. We present SECMACE, a VPKI system, which is compatible with the IEEE 1609.2 and ETSI standards specifications. We provide a detailed description of our state-of-the-art VPKI that improves upon existing proposals in terms of security and privacy protection, and efficiency. SECMACE facilitates multi-domain operations in the VC systems and enhances user privacy, notably preventing linking pseudonyms based on timing information and offering increased protection even against honest-but-curious VPKI entities. We propose multiple policies for the vehicle-VPKI interactions based on which and two large mobility traces, we evaluate the full-blown implementation of SECMACE. With very little attention on the VPKI performance thus far, our results reveal that modest computing resources can support a large area of vehicles with very low delays and the most promising policy in terms of privacy protection can be supported with moderate overhead.

  • 10.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Jin, Hongyu
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Towards deploying a scalable & robust vehicular identity and credential management infrastructure2014In: Vehicular Networking Conference (VNC), 2014 IEEE, IEEE conference proceedings, 2014, Vol. -, no -, p. 33-40Conference paper (Refereed)
    Abstract [en]

    - Several years of academic and industrial research efforts have converged to a common understanding on fundamental security building blocks for the upcoming Vehicular Communication (VC) systems. There is a growing consensus towards deploying a Vehicular Public-Key Infrastructure (VPKI) enables pseudonymous authentication, with standardization efforts in that direction. However, there are still significant technical issues that remain unresolved. Existing proposals for instantiating the VPKI either need additional detailed specifications or enhanced security and privacy features. Equally important, there is limited experimental work that establishes the VPKI efficiency and scalability. In this paper, we are concerned with exactly these issues. We leverage the common VPKI approach and contribute an enhanced system with precisely defined, novel features that improve its resilience and the user privacy protection. In particular, we depart from the common assumption that the VPKI entities are fully trusted and we improve user privacy in the face of an honest-but-curious security infrastructure. Moreover, we fully implement our VPKI, in a standard-compliant manner, and we perform an extensive evaluation. Along with stronger protection and richer functionality, our system achieves very significant performance improvement over prior systems - contributing the most advanced VPKI towards deployment.

1 - 10 of 10
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf