Security Analysis of Offline E-cash Systems with Malicious Insider
نویسندگان
چکیده
When we build electronic cash systems, the main focus of the design is usually on preventing customers’ malicious actions. However, since authorities such as banks and certificate authorities may have important secret data of customers, the insiders in the potentially untrusted authorities can become threats to electronic cash systems. Miyazaki and Sakurai [2] first systematically analyzed security of offline anonymous electronic cash systems by considering the insider threats from untrusted authorities. They investigated the security of the existing electronic cash systems and categorized the systems into four types. In this paper, we reconsider the security of offline anonymous electronic cash systems including more recent systems based on the classification of Miyazaki and Sakurai and investigate the possible effective countermeasures against malicious insiders.
منابع مشابه
Frontiers in Insider Threats and Data Leakage Prevention
Organizations continue to be plagued by information leaks caused by insiders with legitimate access to critical or proprietary information. Such unauthorized leaks may result in significant damage to competitiveness, reputation and finances, and organizations should consider proactive approaches to preventing, detecting, and responding to this threat. In this special issue, we have selected eig...
متن کاملInsider threats: Detecting and controlling malicious insiders
Malicious insiders are posing unique security challenges to organizations due to their knowledge, capabilities, and authorized access to information systems. Data theft and IT sabotage are two of the most recurring themes among crimes committed by malicious insiders. This paper aims to investigate the scale and scope of malicious insider risks and explore the impact of such threats on business ...
متن کاملPassword-Based Group Key Exchange Secure Against Insider Guessing Attacks
Very recently, Byun and Lee suggested two provably secure group Diffie-Hellman key exchange protocols using n participant’s distinct passwords. Unfortunately, the schemes were found to be flawed by Tang and Chen. They presented two password guessing attacks such as off-line and undetectable on-line dictionary attacks by malicious insider attacker. In this paper, we present concrete countermeasu...
متن کاملMitigating malicious insider cyber threat
This paper examines malicious insider threat and explains the key differences from other types of insider threat and from external threat actors. A phase based “kill-chain” malicious insider threat model is developed and proposed to help inform selection of mitigation countermeasures which are complementary or incremental to a typically implemented traditional ISO 17799/27002 information securi...
متن کاملProvably Secure Untraceable Electronic Cash against Insider Attacks
Although a great deal of research has been done on electronic cash schemes with blind multisignatures to prevent an insider attack, there is no discussion of a formal security model in the literature. Firstly we discussed the security model of e-cash schemes based on the blind multisignature scheme against a (restricted) attack model and proposed a concrete scheme proven to be secure in the mod...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- JoWUA
دوره 3 شماره
صفحات -
تاریخ انتشار 2012