Related papers: ESPOON: Enforcing Encrypted Security Policies in O…
Secure Multi-Party Computation (SMPC) allows a set of parties to securely compute a functionality in a distributed fashion without the need for any trusted external party. Usually, it is assumed that the parties know each other and have…
Methods of quantum mechanics promise information-theoretic security for various protocols in cryptography. However, impossibility of some cryptographic applications such as standard bit commitment, oblivious transfer, multiparty secure…
The ability to hide information from unauthorized individuals has been a prevalent issue over the years. Countless algorithms such as DES, AES and SHA have been developed. These algorithms depend on varying key length and key management…
Existing program verifiers can prove advanced properties about security protocol implementations, but are difficult to scale to large codebases because of the manual effort required. We develop a novel methodology called *Diodon* that…
Users increasingly create, manage and share digital resources, including sensitive data, via cloud platforms and APIs. Platforms encode the rules governing access to these resources, referred to as \textit{security policies}, using…
Existing methods for verifying access control policies require the policy to be complete and fully determined before verification can proceed, but in practice policies are developed iteratively, composed from independently maintained…
Safety guarantees are a prerequisite to the deployment of reinforcement learning (RL) agents in safety-critical tasks. Often, deployment environments exhibit non-stationary dynamics or are subject to changing performance goals, requiring…
Enforcing data protection and privacy rules within large data processing applications is becoming increasingly important, especially in the light of GDPR and similar regulatory frameworks. Most modern data processing happens on top of a…
Encrypted control systems allow to evaluate feedback laws on external servers without revealing private information about state and input data, the control law, or the plant. While there are a number of encrypted control schemes available…
In cloud computing, data processing is delegated to a remote party for efficiency and flexibility reasons. A practical user requirement usually is that the confidentiality and integrity of data processing needs to be protected. In the…
Blockchain is a novel technology that is rising a lot of interest in the industrial and re- search sectors because its properties of decentralisation, immutability and data integrity. Initially, the underlying consensus mechanism has been…
Security, privacy, and fairness have become critical in the era of data science and machine learning. More and more we see that achieving universally secure, private, and fair systems is practically impossible. We have seen for example how…
This paper explores the privacy of cloud outsourced Model Predictive Control (MPC) for a linear system with input constraints. In our cloud-based architecture, a client sends her private states to the cloud who performs the MPC computation…
Large systems are commonly internetworked. A security policy describes the communication relationship between the networked entities. The security policy defines rules, for example that A can connect to B, which results in a directed graph.…
Modern privacy regulations provide a strict mandate for data processing entities to implement appropriate technical measures to demonstrate compliance. In practice, determining what measures are indeed "appropriate" is not trivial,…
This work addresses private communication with distributed systems in mind. We consider how to best use secret key resources and communication to transmit signals across a system so that an eavesdropper is least capable to act on the…
Due to increased security awareness of enterprises for mobile applications operating with sensitive or personal data as well as extended regulations form legislative (the principle of proportionality) various approaches, how to implement…
We propose a simple global computing framework, whose main concern is code migration. Systems are structured in sites, and each site is divided into two parts: a computing body, and a membrane, which regulates the interactions between the…
Many studies have been done to improve the performance of centrally controlled business processes and enhance the integration between different parties of these collaborations. However, the most serious issues of collaborative business…
In recent decades, criminals have increasingly used the web to research, assist and perpetrate criminal behaviour. One of the most important ways in which law enforcement can battle this growing trend is through accessing pertinent…