Philip Woodall, Pearl Brereton

Access controls are not sufficient to prevent the release of secret information from an information system unless they address the problem of inference. An inference strategy is a method by which a user can infer secret information using the information which they are allowed to access through the access control mechanism. The aim of this paper is to collate and categorise the set of inference strategies in the existing literature. The Systematic Literature Review (SLR) methodology is used to identify and categorise known inference strategies. The SLR search found 63 sources, and 127 inference strategies were extracted from these sources, which have been categorised into 11 different categories. Recording the inference strategy processes has abstracted the detail which ties inference strategies to an information system. Using this abstraction, it should be feasible to determine the level of inference protection offered by information systems.

Inference, Inference Problem, Inference Categorisation, Inferring Information, Aggregation, Data Security, Information System Security, Information Security, Access Control, Systematic Literature Review, Systematic Review, SLR.

Vijayalakshmi Atluri, Qi Guo, Heechang Shin, and Jaideep Vaidya

Access control is crucial to the safe keeping of critical data. However, enforcing it often incurs overhead and degrades performance. The problem is further exacerbated for spatiotemporal data. In this paper, we consider a specific class of spatiotemporal data, viz. geospatial data, where data objects have both geospatial and temporal attributes. Uncontrolled dissemination of geospatial data may have grave implications on national security and personal privacy. Geospatial data can be considered sensitive based on several attributes such as the location (characterized by longitude and latitude), resolution, and the time of capture, among others. As such, authorizations associated with this data also possess spatial and temporal attributes. Moreover, these authorizations are typically specified based on user (or subject) credentials which themselves are based on spatial and temporal attributes. Processing a user access request requires: (i) searching for the desired object(s) from the spatiotemporal object database, and (ii) checking if there exist authorizations in the authorization base that permit the user to access the requested data objects. Since both the data objects and authorizations are spatiotemporal in nature, for efficient processing of access requests, it is essential that they both be organized using some index structures. As a result, processing an access request requires searching two indexes - the object index and the authorization index.

The main contribution of this paper is to improve the response time of access requests, by proposing a unified index structure called *-tree, a Spatio Temporal Authorization-driven R-tree, that is capable of indexing both spatiotemporal objects and authorizations in a single index structure. While the *-tree is not tied to a specific authorization model, for ease of exposition, we simply adopt an existing authorization model, called GSAM, and develop the index structure for it. *-tree is an extension of R-tree that indexes objects based on their resolutions as well as on their spatial and temporal attributes, and overlays spatiotemporal authorizations on the nodes of the tree. As a result of the unified index, access requests can be processed in one pass, thereby improving the response time of accesses. The layered authorizations are organized using a B+-tree. We show how the *-tree can be constructed and maintained, provide algorithms to process access requests, and present performance evaluation results that demonstrate a significant improvement in performance. Since objects are organized based on their resolutions, *-tree enjoys significant gain in performance even when there are no authorizations present. As such, it serves as an efficient index even for simply organizing multi-resolution objects.

Unified Index; Geospatial Image; Geospatial Access Control; Spatiotemporal Authorizations.

Vinay Kumar, Sunil Kumar Muttoo

An algorithm based on graph-theoretic approach is introduced in this paper. A bipartite graph is created from message and cover object. Message M is broken into units of x (= 2, 4, or 8) bits long. For each x, a matching with m number of such x bits from cover file is determined using the bipartite graph. Wherever a matching for a node in left side is found with a node in right side then this part of the message is treated as either naturally or cross embedded in that port of the cover. Nodes in left side correspond to bits in message and those in right side correspond to group of bits in cover. The matching relationship is then embedded in the extra bytes of cover, fully utilizing the available redundancy or alternatively the sequence of indices is compressed and sent through separate channel. The algorithm achieves almost 100% matching for message elements in cover elements. The embedding algorithm has been put through mathematical and statistical test to ensure that it not only retains visual similarity in stego with cover file but also leaves other statistics of cover undistorted after embedding. Therefore it achieves sustainability. In this paper, we have taken BMP file to implement the algorithm.

Extra bytes, graph theoretic approach, steganography, information hiding, sustainable embedding, natural embedding, partial embedding, cross embedding, explicit embedding.

Defa Hu, Qiaoliang Li

Fingerprinting is an emerging technology to protect multimedia data from piracy, where each distributed copy is labeled with unique identification information. To protect the rights of both the merchant and the customer, the fingerprinting is designed to be asymmetric, where the merchant can trace the traitor by means of the embedded fingerprint and the customer is immune of being framed due to the asymmetric property. This paper proposes an asymmetric fingerprinting scheme that is efficient from the bandwidth usage point of view, where a 1-out-of-2 oblivious transfer protocol is used to achieve the asymmetric property. In our scheme, symmetric encryption instead of public-key encryption is performed on the multimedia data, which can reduce the complexity and communication cost. In addition, multicast that is an efficient transport technology for one-to-many communication is exploited, which can reduce the bandwidth usage significantly.

asymmetric fingerprinting; digital copyright protection; secure multimedia distribution; oblivious transfer; multicast; traitor tracing.