Workflows with Segregation-of-Duty requirements or involving multiple parties with non-aligned interests (typically mutually distrustful) pose interesting challenges in often neglected security dimensions. Cryptographic approaches are presented to technically enforce strict auditability, traceability and multi-partyauthorized access control, and thus also enable exoneration from allegations. These ideas are illustrated by challenging examples - constructing various checks and balances for Telecommunications data retention, a vividly discussed and widely known issue. This article appears in the special edition „In Depth Security – Proceedings of the DeepSec Conferences Vol. 2“. Edited by Stefan Schumacher and René Pfeiffer
%0 Journal Article
%1 mjs:Maus:Crypto
%A Maus, Thomas
%D 2017
%K ds17 editor
%N 2
%P 858-870
%T Cryptographic Enforcement of Segregation of Duty
%U http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_057_Maus_Segregation.pdf
%V 14
%X Workflows with Segregation-of-Duty requirements or involving multiple parties with non-aligned interests (typically mutually distrustful) pose interesting challenges in often neglected security dimensions. Cryptographic approaches are presented to technically enforce strict auditability, traceability and multi-partyauthorized access control, and thus also enable exoneration from allegations. These ideas are illustrated by challenging examples - constructing various checks and balances for Telecommunications data retention, a vividly discussed and widely known issue. This article appears in the special edition „In Depth Security – Proceedings of the DeepSec Conferences Vol. 2“. Edited by Stefan Schumacher and René Pfeiffer
@article{mjs:Maus:Crypto,
abstract = {Workflows with Segregation-of-Duty requirements or involving multiple parties with non-aligned interests (typically mutually distrustful) pose interesting challenges in often neglected security dimensions. Cryptographic approaches are presented to technically enforce strict auditability, traceability and multi-partyauthorized access control, and thus also enable exoneration from allegations. These ideas are illustrated by challenging examples - constructing various checks and balances for Telecommunications data retention, a vividly discussed and widely known issue. This article appears in the special edition „In Depth Security – Proceedings of the DeepSec Conferences Vol. 2“. Edited by Stefan Schumacher and René Pfeiffer},
added-at = {2021-09-19T18:42:17.000+0200},
author = {Maus, Thomas},
biburl = {https://www.bibsonomy.org/bibtex/28a2aad9690f178bf0a178495d0e1d2bc/steschum},
interhash = {2594b4dff7e5fdf2e408b57a24b55dca},
intrahash = {8a2aad9690f178bf0a178495d0e1d2bc},
issn = {2192-4260},
journaltitle = {Magdeburger Journal zur Sicherheitsforschung},
keywords = {ds17 editor},
language = {DE},
number = 2,
pages = {858-870},
timestamp = {2021-10-22T17:15:30.000+0200},
title = {Cryptographic Enforcement of Segregation of Duty},
url = {http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_057_Maus_Segregation.pdf},
urldate = {2017-09-28},
volume = 14,
year = 2017
}