Context and Problem Statement:
What problems are the authors trying to solve?
Anonymous communications are required everywhere these days and information security is one of the biggest concerns. Latency networks and communication is a common happening however this latency does not only lead to the late communication however it also contributes to leakage of information and details about the sender and receiver. In this paper, the authors have conducted experiments in order to find out the risk associated with leakage of anonymity due to latency.
Are they important problems? Why or why not?
This is a very important problem has data security and information security are one of the most important factors of online communication and therefore it becomes important that effective measures are available to restrict anything that will contribute to the leakage of anonymity.
New Idea:
What new architecture, algorithm, mechanism, methodology, or perspective are the authors proposing?
The authors would be conducting five different experiments to find out the rest related to latency and they will be proposing techniques in order to control the risks, the new methodology introduced his that the proposed security actions are not related to the traditional firewall methods however they are related to the use of latency to control the attacks that are caused due to latency. S
What to Evaluate?
The evaluations in the experiments done by the authors are related to the vulnerability associated with the latest and the kind of attacks that can be launched during the latency period and the success related to these attacks. E
What, according to the authors, need to be evaluated to confirm the worthiness of their new idea?
The authors have conducted the experiments during which they have collected the data related to the latency and the attacks that they have launched during that phase, the worthiness of the idea is determined through the findings of cumulative frequency which provides the success rate of these attacks.
How to Evaluate?
The evaluation is done by collecting the data and finding the cumulative frequency to understand what the level of significance of these attacks is and what is the success rate related to the same?
Was the Evaluation Correct and Adequate?
The evaluation done by the authors is absolutely correct as it is based on the life data which was received through the experiments that were conducted, and the significance of the evaluation is also on the basis of the analysis done over the data which was collected through the live experiments.
How was their data collection done?
The data was collected over the live experiments which were conducted through five different techniques in order to check the impact of latency on the leakage of anonymity.
Do you agree with their analysis of the data?
The analysis has been done by finding out the cumulative frequency in checking the significance of the application of the data, and therefore the data analysis is reliable and provides current inference.
Do you agree with their conclusions about the data?
The conclusions of the data clearly define the strength of the attacks in case of latency and the level of anonymity which is compromised due to latency in case of a particular attack. Hence, the conclusion is precise and provide the right information.
Do you have new interpretation of their data?
Considering the fact that the data has been interpreted, using the details that we have received from the live data extracted from those experiments, there is no new or further information
Can you suggest new ways to evaluate their idea?
The evaluation of these ideas have been quite consistent and there is no new way through which the ideas can be evaluated.
Assumptions, Drawbacks, Extensions:
Can you think of other aspects of their idea that need to be evaluated?
The same attacks as launched by the authors during the experiments can also be done after using other possible security measures to test the effectiveness of the currently available security measures as well.
Can you think of extensions or modifications to their idea to improve it?
The security measures those are currently available in the market to secure anonymous communication must also be assessed using the experiments that the authors are conducted.
How would you evaluate your improvement?
Evaluation of improvement would be done to the same channel and the reduced significance after the use of security measures would advise whether those are helpful or they can be countered easily.
Can you apply their idea or method of evaluation to your own project?
Yes, similar experiments can be conducted to find the impact of latency on other types of communication channels as well.
Do the authors make any assumptions that are not valid/realistic?
Considering the fact that the authors have used live experiments of the data, all the assumptions made are absolutely realistic.
Unified Declarative Platform for Secure Networked Information Systems
Context and Problem Statement:
What problems are the authors trying to solve?
The authors present over here a logic-based trust management system which uses a secure network dialogue in order to implement single-handed changes over distributed systems and network dialogue.
Are they important problems? Why or why not?
There are lots of times when multiple applications are interconnected to the network and require network Security analysis and agnostics through one channel, which is not usually possible and due to this it may become very difficult to conduct the network Security analysis on a regular basis.
New Idea:
What new architecture, algorithm, mechanism, methodology, or perspective are the authors proposing?
The authors provide a new methodology using which a central access control can be created through the use of recursive query processing technique. This is extremely helpful to conduct a detailed performance at the off a multisystem platform.
(How is the new idea different from all other ideas to solve the same problem?)
NDlog and data allow are two different logic-based access control systems which are already available however both of these are used for different purposes. The authors attempt to unify these two, in order to make a single platform available which can help to provide universal access. T
What to Evaluate?
On the basis of the idea to unify the two platforms the authors propose SeNDlog security systems and as a part of which they evaluate a path vector grouting protocol, cord DHT and PIER Distributed Query Processor.
What, according to the authors, need to be evaluated to confirm the worthiness of their new idea?
The authors have integrated the binder access control language and NDlog: Declarative Networking Language, now it is important to test the unified language audio one platform to confirm whether it delivers the same output as expected.
How to Evaluate?
The evaluation is done through live testing of the unified language.
How did the authors go about conducting the evaluation?
In order to conduct the evaluation the first step which is taken is to do a path vector routing protocol and the second step is to conduct declarative Chord implementation. As the third step PIER Distributed Query Processor is done to find out whether the unified language is applicable in different scenarios.
Was the Evaluation Correct and Adequate?
The evaluations were done by creating the exact protocols for the applications as required for the specific methodologies n therefore the inferences drawn are adequate and accurate.
How was their data collection done?
Experimental setups are created to test the platforms and in order to collect the required.
Do you agree with their analysis of the data?
The analysis of the data and the evaluations are highly effective and accurate, considering the fact that the experiments and analysis of the data and unified language suggests positive correlation.
Do you agree with their conclusions about the data?
The conclusion is accurate and presents the inferences drawn after the experimental testing of the unified declarative platform created and proposed in this paper.
Can you suggest new ways to evaluate their idea?
The authors have only concentrated on authentication in this paper however along with the explorations related to the platform that they have developed, this idea can also be evaluated on the lines of security and encryption.
Assumptions, Drawbacks, Extensions:
Can you think of other aspects of their idea that need to be evaluated?
The primary idea behind this paper was to enable the creation of unified declarative platform which can help to analyse an audit Information Systems on a large scale however there should have been an added section dealing with the security norms and related encryption features.
Can you think of extensions or modifications to their idea to improve it?
The idea has already given a strong platform to create a unified authentication and auditing program, however it should be equipped with a similarly efficient security platform as well so that along with authentication encryption can also be taking care of.
How would you evaluate your improvement?
This would complete the entire security package, and it would help to target the overall distributed system efficiently and effectively.
Can you apply their idea or method of evaluation to your own project?
Definitely, the idea can be applied and evaluated with the help of LAN and the PlanetLab testbed, which would provide the results related to the success of the idea that is implemented.
The assumptions that are made within the process of proposing the idea are thoroughly tested with the help of LAN and the PlanetLab testbed.
A New Approach to Private Data Analysis
Context and Problem Statement:
What problems are the authors trying to solve?
Information leakage analysis is an important aspect of the various cryptographic techniques that are available and are used however the same can also lead to a compromise of privacy of individuals. The authors are discussed the problem of statistical disclosure control in this chapter, and have addressed the means by which an analysis can be conducted without compromising on privacy.
Are they important problems? Why or why not?
It is always important to keep a regular track of information security and leakage, and therefore the use of statistics in order to perform a disclosure control is common. While this information leakage is assessed there is a possibility of the privacy of individuals getting breached and hence it becomes important to find methods that can control this risk.
New Idea:
What new architecture, algorithm, mechanism, methodology, or perspective are the authors proposing?
The authors have created a theorem, which is like a randomized algorithm that helps to except the database as input to produce an output. This helps to create a range within which the information assessment is done using element by element analysis, thus ensuring complete privacy.
(How is the new idea different from all other ideas to solve the same problem?)
This is a highly advanced methodology to conduct an analysis, which is helpful in carrying out the analysis without actually hampering the privacy of the individual for whom the analysis has to be conducted.
What to Evaluate?
Through the application of various theorems it has been evaluated that how database can be thoroughly scanned with the help of a collision resistant mechanism, thus revealing the output without any actual damage to the information privacy.
What, according to the authors, need to be evaluated to confirm the worthiness of their new idea?
The authors have created two different theorems in order to conduct an analysis so that they can check whether differential privacy can be achieved over the database while performing a check to determine if there is any leakage of information.
How to Evaluate?
Various theorems have been created to evaluate the cuisines that request for data, and the level of privacy revealed through these queries are evaluated to confirm the level of vulnerability.
Dinur-Nissim results were used by the authors and were further extended in order to derive the clearance related to the queries that extract database as input.
Was the Evaluation Correct and Adequate?
Linear programming is used to create the theorems and test them properly, thus ensuring that the evaluation is Correct and Adequate.
How was their data collection done?
No active database force collected in order to evaluate the results however that your nerves were tested on the basis of the database queries which were created.
Do you agree with their analysis of the data?
The analysis of the data clearly signifies the fact that data contributors do not trust the data collector to maintain privacy and hence it is a requirement to randomize the responses in a way which is non– interactive and may be subject to negative conciseness.
Do you agree with their conclusions about the data?
The conclusion clearly stated that in order to ensure is adequate security is important that the data collector/protector is swapped by distributed privacy mechanism.
Do you have new interpretation of their data?
The data is integrated adequately and there is no new interpretation which can be made over this data.
Can you suggest new ways to evaluate their idea?
The evaluation of idea is perfectly fine however a fact should always be considered that data collector and privacy mechanisms are not always trustworthy and there might be scenarios where illegitimate queries can be introduced in order to penetrate the distributed privacy mechanism and gather information.
Assumptions, Drawbacks, Extensions:
Can you think of other aspects of their idea that need to be evaluated?
The idea should also involve some kind of discussion related to database where a randomized response is not present.
Can you think of extensions or modifications to their idea to improve it?
There are no further modifications are extensions that can be suggested at the moment to improve this idea.
Can you apply their idea or method of evaluation to your own project?
It is possible to use and extend the results revealed by the experiment conducted by Dinur and Nissim, to determine various other applications related to statistical analysis of database queries and the privacy norms related to them.
Throughout the paper the authors have assumed that the data collector and the privacy mechanism trustworthy however this may not always be the case and therefore the results that have been discussed in this case study are strictly related to the above assumption, any case falling outside this assumption would not agree with the inferences drawn over here.
What problems are the authors trying to solve?
The authors are trying to develop self-destructive data that vanishes information automatically after it is no longer useful.
Are they important problems? Why or why not?
Yes, the problem is important and needs to find out a solution since private emails if forwarded to other unauthorized user may cause potential privacy risk.
The authors have proposed various techniques which includes Distributed Hash Tables (DHTs), Vanishing Data Object (VDO). DHT is a distributed, peer-to-peer (P2P) storage network consisting of multiple participating nodes [35, 56, 64]. VDO encapsulates the user data and prevents its contents from persisting indefinitely and becoming a source of retroactive information leakage. Vanish is designed to leverage one or more DHTs. It provides a mechanism to refresh VDO shares in DHT.
New ideas are different from the old ones as they provide a better risk management solution by protecting it from the unauthorized user by defining the period after which it automatically vanishes.
What to Evaluate?
The security to vanish the data needs to be evaluated so as to reduce the threat which may cause leakage of the data.
What, according to the authors, need to be evaluated to confirm the worthiness of their new idea?
According to the authors the security system of the data needs to be evaluated so as to reduce the data losses which thereby reduces the performance cost and increases the storage.
How to Evaluate?
Evaluation can be both analytical and experimental security and the performance property of vanish.
How did the authors go about conducting the evaluation?
The author has developed the new technique such as DHT and VDOs which helps to increase the security of the private data.
Was the Evaluation Correct and Adequate?
Indeed the evaluation was correct as it causes a better risk management.
How was their data collection done?
Data collection is mainly done through studies of Vuze and main line DHTs. The data in [63] shows that U.S is largest single contributor of nodes in Vuze and it is distributed over 190 countries.
Do you agree with their analysis of the data?
Yes, strongly agree with the analysis of the data.
Do you agree with their conclusions about the data?
Yes, I agree with the conclusion about the data as data privacy has become increasingly important in our networking and online society.
Do you have new interpretation of their data?
No the data interpretations as conducted by the authors are appropriate and accurate.