Towards Pseudonymous e-Commerce

The lack of privacy is one of the main reasons that limits trust in e-commerce. Current e-commerce practice enforces a customer to disclose her identity to the e-shop and the use of credit cards makes it straightforward for an e-shop to know the real identity of its customers. Although there are some payment systems based on untraceable tokens, they are not as widely used as credit cards. Furthermore, even without buying anything, a customer is already disclosing some information about who or where she may be by just connecting to the e-shop's web server and leaving behind an IP-address. In this paper, we present novel components that enable secure pseudonymous e-commerce. On the one hand, these components allow a customer to browse through an e-shop, select goods, and pay the goods with her credit card such that neither the e-shop operator nor the credit card issuer nor an eavesdropper is able to get any information about the customer's identity. On the other hand, it is guaranteed that none of the involved parties is able to act dishonestly during the credit card payment. Such a system could greatly enhance trust in e-commerce since it overcomes the customers' privacy concerns.     

Vertrauensvolle E-Mail-Kommunikation

Der ?elektronische Brief“ bzw. die elektronische Mail (E-Mail) ist seit über 30 Jahren im privaten wie beruflichen Umfeld im Einsatz. Behörden, Steuerbüros, Krankenhäuser, Finanzinstitute und viele weitere Gruppen versenden und empfangen E-Mails, um Informationen auszutauschen. Innerhalb kurzer Zeit findet eine E-Mail ihren Weg vom Sender in Deutschland zum Empfänger in beispielsweise den USA. Wie funktioniert das? Und was hat es mit E-Mail-Verschlüsselung auf sich? Dieser Artikel betrachtet die grundlegende technische Funktionsweise der E-Mail sowie Hintergründe und Funktionsweise der Verschlüsselung mit S/MIME und PGP.     

Design of acoustic beam aperture modifier using gradient-index phononic crystals

This article reports the design concept of a novel acoustic beam aperture modifier using butt-jointed gradient-index phononic crystals (GRIN PCs) consisting of steel cylinders embedded in a homogeneous epoxy background. By gradually tuning the period of a GRIN PC, the propagating direction of acoustic waves can be continuously bent to follow a sinusoidal trajectory in the structure. The aperture of an acoustic beam can therefore be shrunk or expanded through change of the gradient refractive index profiles of the butt-jointed GRIN PCs. Our computational results elucidate the effectiveness of the proposed acoustic beam aperture modifier. Such an acoustic device can be fabricated through a simple process and will be valuable in applications, such as biomedical imaging and surgery, nondestructive evaluation, communication, and acoustic absorbers.     

Dauerhaftigkeit und mechanische Stabilität von Terrassendielen bei erhöhter Temperatur – Ein Werkstoffvergleich: WPC,thermisch modifiziertes Holz und Massivholz

This article deals with the differences in the long-term durability and thermal stability under load of terrace deckings from various materials. The tested materials were deckings made of wood, thermally modified timber (TMT), and wood–polymer–composites (WPC). For the determination of the test temperatures for component testing according to EN 310, the surface temperatures of the decks during a normal hot summer day were measured. A cyclic test according to EN 321 was applied to all decking materials. Afterwards the component testing was repeated. All wooden samples reveal considerable cracks, some were twisted, and few were even broken. In particular regarding the optical appearance, wood decks show advantages against the TMT decks. Some WPC decks show very fine cracks on the face, which were additionally analyzed by means of X-ray computed tomography (CT). Except for the WPC deck with higher wood content, no WPC deck revealed significant changes after the cyclic test. The CT analysis was also suitable to find cracks inside the materials and illustrate them. Thus, the whole damage inside a sample could be characterized by calculating a kind of error pattern. No considerable cracks or failures could be observed on the WPC decks.     

Enzymatic Addition of Alcohols to Terpenes by Squalene Hopene Cyclase Variants

Squalene–hopene cyclases (SHCs) catalyze the polycyclization of squalene into a mixture of hopene and hopanol. Recently, amino-acid residues lining the catalytic cavity of the SHC from Alicyclobacillus acidocaldarius were replaced by small and large hydrophobic amino acids. The alteration of leucine 607 to phenylalanine resulted in increased enzymatic activity towards the formation of an intermolecular farnesyl–farnesyl ether product from farnesol. Furthermore, the addition of small-chain alcohols acting as nucleophiles led to the formation of non-natural ether-linked terpenoids and, thus, to significant alteration of the product pattern relative to that obtained with the wild type. It is proposed that the mutation of leucine at position 607 may facilitate premature quenching of the intermediate by small alcohol nucleophiles. This mutagenesis-based study opens the field for further intermolecular bond-forming reactions and the generation of non-natural products.     

Anonymous attestation with user-controlled linkability

This paper is motivated by the observation that existing security models for direct anonymous attestation (DAA) have problems to the extent that insecure protocols may be deemed secure when analysed under these models. This is particularly disturbing as DAA is one of the few complex cryptographic protocols resulting from recent theoretical advances actually deployed in real life. Moreover, standardization bodies are currently looking into designing the next generation of such protocols. Our first contribution is to identify issues in existing models for DAA and explain how these errors allow for proving security of insecure protocols. These issues are exhibited in all deployed and proposed DAA protocols (although they can often be easily fixed). Our second contribution is a new security model for a class of “pre-DAA scheme”, that is, DAA schemes where the computation on the user side takes place entirely on the trusted platform. Our model captures more accurately than any previous model the security properties demanded from DAA by the trusted computing group (TCG), the group that maintains the DAA standard. Extending the model from pre-DAA to full DAA is only a matter of refining the trust models on the parties involved. Finally, we present a generic construction of a DAA protocol from new building blocks tailored for anonymous attestation. Some of them are new variations on established ideas and may be of independent interest. We give instantiations for these building blocks that yield a DAA scheme more efficient than the one currently deployed, and as efficient as the one about to be standardized by the TCG which has no valid security proof.     

A socially aware caching mechanism for encounter networks

Managing community content in mobile communities is challenging, since informal groups may emerge spontaneously whenever opportunities exist. To deal with group dynamics, encounter based community support systems can be a solution. In encounter networks, peers exchange content whenever they physically meet, i.e., whenever peers are near to each other. To assure content availability within the community network, content needs to be replicated (cached) and continuously updated. A?well known drawback of this scheme is the fact that the resource usage can be quite high. In this paper we present new caching strategies based on sociological knowledge, aiming at improving the overall content quality. We derive mobility and connectivity aware cache policies and simulate their benefit for knowledge building with urban life simulations. Results show that context precision and recall can be greatly improved in comparison to traditional cache strategies applied in the majority of encounter networks.     

Privacy protection vs. utility in visual data

Multimedia Tools and Applications - Ubiquitous and networked sensors impose a huge challenge for privacy protection which has become an emerging problem of modern society. Protecting the privacy of...