TY - GEN
T1 - Customized program protection for a user customized data protection framework
AU - Takahashi, Kenichi
AU - Matsuzaki, Takanori
AU - Mine, Tsunenori
AU - Sakurai, Kouichi
PY - 2011/8/25
Y1 - 2011/8/25
N2 - Some of Internet services require users to provide their sensitive information such as their name, address, credit card number, and an ID-password pair. In these services, the manner in which the provided information is used is solely determined by the service providers. As a result, even when the manner in which information is used by a service provider appears vulnerable, users have no choice but to allow such usage. Therefore, we have proposed a user customized data protection framework that enables users to select the manner in which their sensitive information is protected. In our framework, a user selects a policy that defines the manner in which his/her information is to be protected and its manner defined by the policy is incorporated into a program. By allowing a service provider to the information provided by a user through the program, the user can protect his/her sensitive information in a manner selected by him/her. This framework works well when existing a manner (protection policy) which is tolerant to the alteration of the program, otherwise, a program alteration might be a concern. Therefore, in this paper, we attempts to protect a customized program by using program obfuscation and sanitizable signature techniques.
AB - Some of Internet services require users to provide their sensitive information such as their name, address, credit card number, and an ID-password pair. In these services, the manner in which the provided information is used is solely determined by the service providers. As a result, even when the manner in which information is used by a service provider appears vulnerable, users have no choice but to allow such usage. Therefore, we have proposed a user customized data protection framework that enables users to select the manner in which their sensitive information is protected. In our framework, a user selects a policy that defines the manner in which his/her information is to be protected and its manner defined by the policy is incorporated into a program. By allowing a service provider to the information provided by a user through the program, the user can protect his/her sensitive information in a manner selected by him/her. This framework works well when existing a manner (protection policy) which is tolerant to the alteration of the program, otherwise, a program alteration might be a concern. Therefore, in this paper, we attempts to protect a customized program by using program obfuscation and sanitizable signature techniques.
UR - http://www.scopus.com/inward/record.url?scp=80051867535&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=80051867535&partnerID=8YFLogxK
U2 - 10.1109/CSAE.2011.5953301
DO - 10.1109/CSAE.2011.5953301
M3 - Conference contribution
AN - SCOPUS:80051867535
SN - 9781424487257
T3 - Proceedings - 2011 IEEE International Conference on Computer Science and Automation Engineering, CSAE 2011
SP - 643
EP - 649
BT - Proceedings - 2011 IEEE International Conference on Computer Science and Automation Engineering, CSAE 2011
T2 - 2011 IEEE International Conference on Computer Science and Automation Engineering, CSAE 2011
Y2 - 10 June 2011 through 12 June 2011
ER -