Дисертації з теми "User anonymity"

Bitcoin has emerged as the leading cryptographic currency since its inception in 2009 and at the time of writing holds a market capitalization of $28.4 billion. This ever-increasing figure has attracted adopters seeking to advance their investments, often leaving purely technical aspects on the sidelines. As is the case with any innovative technology, misconceptions are plentiful and information is not always conclusive. The research effort presented in this paper consists of a quantitative study seeking to address the subject of user anonymity in the Bitcoin network by employing an online survey on one of the most prominent Bitcoin forums. This includes 50 eligible participants, whose motivation is derived through the application of temporal motivation theory. The survey seeks to form an understanding of user attitudes towards the aspect of anonymity by following a methodological approach for exploring common tendencies among the representatives and will serve as the underlying data set from which conclusions can be drawn. Furthermore, this paper will present a literary study of the actual state of anonymity in this peer-to-peer technology by reviewing current findings highlighted in the area, thus presenting a comprehensive view of anonymity in the Bitcoin network, which will contrast the user study.

Submitted by Clebson Anjos (clebson.leandro54@gmail.com) on 2016-02-18T18:09:26Z No. of bitstreams: 1 arquivototal.pdf: 1029536 bytes, checksum: c6402b495142035de9a42bf1bf610cc9 (MD5)
Made available in DSpace on 2016-02-18T18:09:26Z (GMT). No. of bitstreams: 1 arquivototal.pdf: 1029536 bytes, checksum: c6402b495142035de9a42bf1bf610cc9 (MD5) Previous issue date: 2015-05-29
Coordenação de Aperfeiçoamento de Pessoal de Nível Superior - CAPES
The interaction between society and technology in the context of mediated ambience, enhanced by processes and tools such as Big Data and Internet of Things are the basis of scientific advances that are gradually transforming our daily lives. With the Big Data phenomenon we are able to capture a massive quantity of data, creating endless possibilities of connections and control. The Internet of Things, in turn, is related to embedded devices networks that communicate with each other in an automated way to help make our lives more efficient and more vulnerable too. In the era of pervasive computing and datafication, any attempt to safeguard our data seems insufficient. So, this study presents a reflection on the existing oppositeness between the ideas of freedom as an essential attribute for online information sharing and the sovereignty imposed by the data control, besides we also examine the implications of this surveillance on the user autonomy. To understand the links between the mediations, the network and the members of this interconnected system, we adopted the Actor-Network Theory (LATOUR, 2012). This theory of social also inserts itself as the methodology, laying the foundations for guiding this study. Another important point is to understand the conceptual differences between surveillance, control and monitoring (LEMOS, 2009). The work, divided into two parts and their respective chapters, also includes the analysis of some attempts of resistance to this control imposed on members of the interconnected public sphere, and it points out the paradoxes concerning, particularly, to anonymity, one of the main forms of opposition to the monitoring state established in the net. Since we are in the middle of a still in progress process, accurate and airtight conclusions are not possible. However, if we are not able to set limits to the new digital society, then we run a risk of seeing vital rights, essential to the proper functioning of society, wrecked in the name of innovation and convenience.
A interação entre sociedade e tecnologia presente no contexto da midiatização, potencializada por processos e ferramentas como o Big Data e a Internet das Coisas são a base de avanços científicos que vêm, paulatinamente, transformando o nosso cotidiano. Com o fenômeno do Big Data capta-se uma torrente de dados, gerando infinitas possibilidades de conexões e controle. A Internet das Coisas, por sua vez, está relacionada às redes de dispositivos embarcados que se comunicam uns com os outros de forma automatizada para ajudar a tornar nossas vidas mais eficientes, porém mais vulneráveis. Na era da computação pervasiva e da dataficação, qualquer tentativa de salvaguardar nossos dados parece insuficiente. Assim, este estudo traz uma reflexão sobre o oposicionismo entre as ideias de liberdade como atributo essencial para o compartilhamento de informações online e a soberania conquistada através do controle dos dados, além de examinar as implicações da vigilância sobre a autonomia do usuário. Para compreender os vínculos entre as mediações, a rede e os integrantes desse sistema interconectado, adotamos a Teoria Ator-Rede (LATOUR, 2012). Essa teoria do social insere-se também como metodologia, lançando os princípios norteadores para elaboração da pesquisa. Outro ponto relevante é a compreensão das diferenças conceituais entre as ações de vigilância, controle e monitoramento (LEMOS, 2009). O trabalho, dividido em duas partes e seus respectivos capítulos, conta ainda com a análise de algumas tentativas de resistência ao controle imposto aos integrantes da esfera pública interconectada, e com apontamentos às antinomias referentes, em específico, ao anonimato, uma das principais formas de oposição ao monitoramento instaurado na rede. Por estarmos diante de um processo em franco desenvolvimento, conclusões exatas e certeiras não são possíveis. Todavia, se não formos, desde já, capazes de estabelecer limites para essa nova sociedade digital, então correremos o risco de vermos naufragar direitos vitais para o bom funcionamento da sociedade em prol da inovação e da conveniência.

Les services de stockage et de partage de données basés sur le Cloud sont largement adoptés depuis des décennies. Le modèle sous-jacent permet aux utilisateurs de minimiser le coût de services en étant en mesure d'accéder et de partager des données facilement. Dans ce contexte, la sécurité est essentielle pour protéger les utilisateurs et leurs ressources. Concernant les utilisateurs, ils doivent prouver leur éligibilité pour pouvoir accéder aux ressources. Cependant, l’envoi direct des informations personnelles permet aux fournisseurs de services de détecter qui partage des données avec qui et de corréler leurs activités. Quant aux données, en raison de la complexité du déploiement d'un système de gestion de clés, elles ne sont pas chiffrées par les utilisateurs mais par les fournisseurs de services. Cela leur permet de les lire en clair. Dans la thèse, nous créons tout d’abord un protocole d’authentification et d'échange de clés basé sur un mot de passe qui permet de sécuriser des échanges entre des utilisateurs et des fournisseurs de services. Deuxièmement, nous construisons une PKI décentralisée qui permet de créer des protocoles d'authentification en préservant la vie privée des utilisateurs. Troisièmement, nous concevons deux schémas de chiffrement à base d’attributs. Ces schémas fournissent des systèmes de gestion de clés efficaces pour protéger des données en conservant la capacité de les partager avec d'autres. Enfin, nous construisons une plateforme de partage de données en tirant parti de la technologie blockchain. La plateforme garantit une haute disponibilité, la confidentialité des données, un contrôle d’accès sécurisé, et la vie privée des utilisateurs
Cloud-based data storage and sharing services have been proven successful since the last decades. The underlying model helps users not to expensively spend on hardware to store data while still being able to access and share data anywhere and whenever they desire. In this context, security is vital to protecting users and their resources. Regarding users, they need to be securely authenticated to prove their eligibility to access resources. As for user privacy, showing credentials enables the service provider to detect sharing-related people or build a profile for each. Regarding outsourced data, due to complexity in deploying an effective key management in such services, data is often not encrypted by users but service providers. This enables them to read users’ data. In this thesis, we make a set of contributions which address these issues. First, we design a password-based authenticated key exchange protocol to establish a secure channel between users and service providers over insecure environment. Second, we construct a privacy-enhancing decentralized public key infrastructure which allows building secure authentication protocols while preserving user privacy. Third, we design two revocable ciphertext-policy attribute-based encryption schemes. These provide effective key management systems to help a data owner to encrypt data before outsourcing it while still retaining the capacity to securely share it with others. Fourth, we build a decentralized data sharing platform by leveraging the blockchain technology and the IPFS network. The platform aims at providing high data availability, data confidentiality, secure access control, and user privacy

In my thesis project, I aim to explore the ways in which we can perform parts of our identity by hiding the body through the use of performative disguises. These characters transgress the boundaries between societal norms and abject interactions. In these costumes, I hope to find whether or not the multiple facets of our identities can be distilled into one character--whether the self can be shifted into another character for a constructive narrative.

This thesis deals with security, privacy, and anonymity on the internet. In this thesis are described tracking mechanisms and approaches that are being used to collect and send away users' personal information. Information that leaks using this tracking approaches can be used to identify user, to monitor and analyze his behavior on specific web pages and several leaked pieces of information can be misused (for example the leaked credit card number or password). In this thesis is described and tested the functionality and reliability of several current web add-ons providing the protection on the internet. New security increasing web add-on has been designed and developed to demonstrate a technique, that redefines and wraps the original JavaScript implementation of several functions and objects, the wrapping is executed before the visited web page starts processing the source code. Running the wrapping code at this time will ensure, that no other code in loaded web page will ever have access to the original implementation. This add-on is also well-tested. The final thesis' stage provides a great amount of possibilities to improve implemented add-on.

Data caching is a well-acknowledged method for reducing access times to commonly requested data. Data caching yields considerable results when employed in communication systems that exhibit bidirectional communication, such as web browsing. This technique has been used in anonymous networks to increase the overall anonymity provided by the system. With the increasing number of anonymous networks in place today, the need arises for a metric in order to differentiate the degree of anonymity provided by these systems. This thesis presents a method to compute the degree of anonymity provided by such systems. The model focuses on an anonymous system employing data caching and builds on existing related work in order to allow senders to send multiple messages and receivers to receive multiple messages. A systemwide metric is proposed for measuring the anonymity provided by such systems and is then tested under special conditions. The thesis concludes with an analysis of a pool mix system employing data caching.
Thesis (M.S.)--Wichita State University, College of Engineering, Dept. of Electrical Engineering and Computer Science

Thesis advisor: Susan Michalczyk
In nineteenth-century England, women were struggling to find an outlet for the intelligence, emotions, and creativity that the patriarchal society around them continuously stifled. For women such as Jane Austen and Charlotte Brontë, writing served as an opportunity to defy restrictive social structures and offered a needed public voice. By expressing their own thoughts and frustrations, Austen and Brontë helped to overcome the anonymity imposed upon women of their time, as they illuminated the female experience. The following paper takes a look at the ways in which Austen and Brontë imparted autobiographical elements to their female characters, as both authors underwent important catharses and inspired the women around them. To this day, their literature provides critical insight into the troubled existence of the nineteenth-century woman, while revealing their own struggles with their constricted identities
Thesis (BA) — Boston College, 2004
Submitted to: Boston College. College of Arts and Sciences
Discipline: English
Discipline: College Honors Program

Social media use is a pivotal driver for political engagement. The present study extended previous research by exploring the simple and serial mediating roles of narcissism, perceived anonymity, descriptive norms, and subjective norms in this relationship. Structural equation modeling (SEM) with bootstrapping estimation was conducted for hypothesis testing using data from 579 Hong Kong university students. Modeling results revealed that perceived anonymity, descriptive norms, and subjective norms are significant mediators of the relationship between social media use and political participation. Moreover, descriptive norms, together with perceived anonymity, were found to mediate the relationship. Likewise, narcissism combined with descriptive norms proved to be significant mediators of the relationship. Additionally, a distal mediation effect of descriptive norms and subjective norms proved to be significant. Based on these results, a subsequent parallel mediation analysis was conducted, revealing that perceived anonymity is the most influential indicator among perceived anonymity, subjective norms, and descriptive norms of the relationship of social media use and political participation. The study concluded by comparing male and female respondents in terms of political participation. The result showed that male respondents were generally more active than female respondents in both online and offline political activities, which agrees with prior research findings. Collectively, the current study provides a new perspective from which we can further understand the effects of social media use on political engagement.

Denna studie har som mål att ge en inblick i varför och hur Internetanvändare nyttjar Tor Browser och The Dark Web. Nätverket och webbläsaren förknippas ofta med illegal verksamhet, men även med yttrandefrihet och anonymitet. Vi vill undersöka hur användandet av dessa ser ut och skapa en förståelse kring varför individer väljer att vända sig dit. Detta görs med hjälp av kvalitativa intervjuer med sammanlagt nio personer som använder sig av nätverket och webbläsaren. Intervjuerna har genomförts på forumen Flashback Forum, Quora och Reddit genom sajternas privata chattfunktioner. Materialet har sedan analyserats med hjälp av det teoretiska perspektivet Uses and Gratification för att synliggöra vilka sociala och psykologiska behov som tillgodoses genom användandet. Studiens resultat visade att merparten av de intervjuade vände sig till Tor Browser och The Dark Web eftersom att de, i förstahand, var intresserade av illegal verksamhet och använde nätverket samt webbläsaren för att få tillgång till materialet, men även för att göra det svårare för myndigheter att spåra deras aktivitet online. Användandet grundade sig, i andrahand, i ett intresse för yttrandefrihet och anonymitet och det var även dessa ämnen som gjorde att användarna fortsatte att återvända till Tor Browser och The Dark Web.

Denna rapport beskriver arbetsgången för att utreda och ta fram ett lösningsförslag för hur en meddelandemotor skulle kunna implementeras i TeamTags delvis redan befintliga system. Små delar av implementeringen som infördes under projektet presenteras också.
This report describes the workflow to investigate and develop a solution proposal for how a messaging engine could be implemented in TeamTags partly already implemented system. Small parts of the implementation that was introduced during the project is also presented.

Thesis (Ph. D.)--Georgia State University, 2009.
Title from file title page. Detmar W. Straub, committee chair; Mikko Siponen, A. Faye Borthick, Arun Rai, Michel Kalika, committee members. Description based on contents viewed July 14, 2009. Includes bibliographical references.

À partir de la notion de projet parental, nous souhaitons déconstruire, en droit, l'assignation des femmes aux questions reproductives. En effet, le corpus juridique relatif à la reproduction participe à la perpétuation des stéréotypes de genre et en particulier, ceux liés à la division sexuée du travail. Le projet parental est une notion qui a émergé avec les techniques reproductives. Pour autant, l'analyse du cadre relatif aux techniques de PMA montre de quelle manière celui-ci renforce les stéréotypes de genre. Les conditions d'accès aux méthodes de PMA sont empreintes de naturalisme et une comparaison entre le droit français et le droit suisse montre le caractère construit de ces références constantes à la nature. L'établissement du lien de la filiation renforce le cadre naturaliste : d'un côté, la filiation est établie pour les projets parentaux réalisés dans le cadre légal selon les règles du droit commun et renforce la différenciation des fondements à la filiation selon le sexe du parent ; de l'autre, les projets parentaux qui s'écartent du cadre naturaliste sont relégués aux marges du droit de la filiation, même s'ils doivent aujourd'hui être reconnus sous la pression du législateur en matière de PMA et de la CEDH concernant la GPA. En dépit de l'état actuel du droit, la notion de projet parental pourrait promouvoir au sein du droit de la reproduction l'égalité entre les sexes et la liberté reproductive. En prenant appui sur le principe d'égalité entre les sexes et la liberté reproductive nous proposons de faire évoluer le droit de la reproduction, afin qu'il y ait davantage d'autonomie et d'égalité, tant en matière de filiation que d'accès aux actes médicaux non thérapeutiques en matière de reproduction que sont l'IVG, la contraception, la stérilisation et la PMA. Nous préconisons en particulier de modifier le droit commun de la filiation en y intégrant les techniques de PMA et en faisant de la volonté le fondement principal de l'établissement de la filiation. La promotion de l'autonomie reproductive lors de la mise en œuvre des droits reproductifs se traduit par un renforcement des droits des usagers du système de santé en matière de reproduction. À travers l'exemple du droit de la reproduction, nous montrons in fine de quelle manière le droit peut contribuer à favoriser au sein de la société l'autonomie des individus et l'égalité entre les sexes
Starting from the concept of "parental project", we aim to deconstruct the traditional roles of women in reproductive matters from a legal standpoint. Gender stereotypes, especially those related to gendered division of labour, are indeed sustained by the current reproductive legal framework. The parental project is a concept introduced by law regulating the new reproductive technologies and yet, the analysis of legal aspects of medically assisted reproduction (MAR) stresses how gender stereotypes are in fact strengthened. The legal criteria to access MAR methods are defined based on Nature and comparing French and Swiss legal frameworks shows there are no fixed rules and thus, that references to Nature are not unbiased. Moreover, when it comes to rules of filiation, the naturalistic framework is further reinforced: on the one hand, when the parental project is carried out within the legal framework, filiation is established based on general law, corroborating the gendered legal basis of filiation; on the other hand, parental projects outside of the naturalistic framework are marginalized, and if nowadays filiation should also be recognized for children born in such conditions, it is only because of legal and jurisprudential developments. In spite of this, we think that the concept of "parental project" should promote, within the legal framework of reproduction, both gender equality and reproductive autonomy. Based on the principle of sex-equality and reproductive autonomy, our proposals aim to change dispositions regarding filiation and reproductive medical acts so that they could improve gender equality and reproductive autonomy. In particular, MAR should be addressed by the general law of filiation in order to make of will the main basis of parentage. Likewise, promoting autonomy in reproductive medical acts cannot proceed without rights of the health care users. Finally this research in reproductive law could be seen as a striking example of how law could foster gender equality and individual autonomy in society

碩士
國立臺中科技大學
資訊工程系碩士班
100
With the rapid development of computer network technologies, users can easily access remote servers’ resources over public but insecure channels anytime anywhere. When accessing remote services over distributed networks, user authentication plays an important role to prevent resources or services from being accessed by unauthorized users. For personal privacy, it is essential to protect the user’s identity because user anonymity has received much attention in recent year. Therefore, many user authentication schemes using smart cards have been proposed to solve the issue of user anonymity while achieving mutual authentication and key agreement. However, most of them are vulnerable to some security threats because they do not thoroughly consider the security concerns. In this thesis, there are two main subjects. First, we discuss characteristics and requirements of smart-card-based user authentication schemes preserving user anonymity and propose an improvement of Wang et al.’s scheme. In addition, more and more applications are implemented in multi-server environment because computer network technologies have grown spectacularly. Thereupon, we propose a robust and novel dynamic-ID-based authentication scheme ensuring user anonymity for multi-server environment using smart cards. The proposed schemes not only comply with all security requirements but also suit applications in the resource-limited devices while preserving user anonymity.

碩士
國立臺灣科技大學
資訊管理系
99
With the development of Internet and World Wide Web, more and more people access digital information, use services and finish business transaction via Internet. However, there are more and more security information issues, such as Internet fraud, transaction data leakage and private information exposure. Therefore, user authentication mechanism indeed is the keystone for developing electronic transaction. In 1981, Lamport first proposed a remote user authentication mechanism with a password table and claimed that the proposed mechanism is still secure even though an attacker intercepts the communications between a user and a remote system. In 2009, Wang et al. proposed a dynamic ID-based remote user authentication scheme without any verification table which provides user anonymity and resists stolen-verifier and DOS attacks. However, Khan et al. pointed out that Wang et al.’s scheme cannot achieve user anonymity. Further, Khan et al. proposed an improved scheme to overcome the mentioned weakness. However, we find that Khan et al’s scheme is insecure, because the remote server needs to maintain a verifier table for authenticating users. It results in stolen verifier and denial of service attacks. In this paper, we first propose a remote authentication mechanism that can improve Wang et al’s and Khan et al’s mechanism. The proposed mechanism achieves user anonymity, mutual authentication, and session key establishment and provides resistance to a replay attack, a denial of service attack, and a stolen verifier attack. Due to variety of electronic services, a user can only register with single account management center, and then the user can access different services. In this paper, we also propose a remote authentication mechanism for single sign-on. In the proposed mechanism, a user needs to register with a key distribution center. After verification for the user, the key distribution center will issue a smart card to the user, in which the smart card contains some information, such as authentication token. After that, the user can use the smart card to login to the remote server for accessing services or resources. The proposed mechanism can achieve user anonymity, mutual authentication, and session key establishment. It also supplies user single sign-on and resistance to a replay attack, a denial of service attack, and a stolen verifier attack.

碩士
國立臺中科技大學
資訊工程系碩士班
101
When a user wants to access a remote server over a public channel, the authentication mechanism is required. However, the messages in the communication of a user to a server may be suffered to interception or tampering. There are many authentication mechanisms can prevent these types of attacks nowadays. In many business situations, the user may hope that no other people can know he/her commercial activities or personal whereabouts. For the situation of message exchange without anonymity and the exchanged message containing a fixed particular information about user ID, a malicious user can easily use the fixed particular information to track the business activities of the user by eavesdropping to the message exchanges. This type of fixed particular information can be: Name, ID number, Credit card number, etc, or information derived from the mentioned data. When a legitimate but malicious user learned that another user''s fixed particular information, the malicious user can use this information to do an illegal action, such as frauds or other criminal acts, without the agreement of legitimate user. We call this type of attacks ID-theft attacks. Therefore, in message exchanges, you must avoid to include this type of information. It can prevent the leakage of your commercial activities or personal whereabouts. When user sending a fixed particular message on the public channel, may be easily dictionary attacked to get the user secret information. Thus, we must keep the sending message dynamic as well as possible that cannot learn such a fixed information from sending message. Recently, people pay more and more attention on the user anonymity. Since, there is no mechanism to learn whether does a scheme achieving the user anonymity or not. In our study, we would define a mechanism to give a user anonymity level. We classified user anonymity into three types: (1) The Type 1 User Anonymity: None else including server, can learn user ID. (2) The Type 2 User Anonymity: None else not including server, can learn user ID. (3) The Type 3 User Anonymity: None else not including server and other legal users, can learn user ID. The ID-theft prevention must achieve the property that none else can use a user''s exchanged informations to substitute the user to do illegal action, without agreement of the user.

碩士
國立暨南國際大學
資訊管理學系
94
The use of anonymous channel tickets was proposed for authentication in wireless environments to provide user anonymity and to probably reduce the overhead of re-authentications. In 2004, Zhu and Ma proposed an authentication scheme with user anonymity based on the use of a one-way hash function and smart cards. Recently, Yang et al. also proposed a secure and efficient authentication protocol for anonymous channels in wireless systems without employing asymmetric cryptosystems. In this thesis, we will show that Zhu-Ma’s scheme fails to preserve user anonymity. We also find that Yang et al.’s scheme is vulnerable to guessing attacks performed by malicious visited networks. Via the proposed guessing attack, the secret keys of users may be revealed to visited networks. We will further propose a new practical authentication scheme preserving the same merits of their scheme. The proposed scheme has additional merits including: no verification table in the home network, free of time synchronization between mobile stations and visited networks, and without obsolete anonymous tickets left in visited networks. The proposed scheme is developed based on a secure one-way hash function and simple operations. The soundness of the authentication protocol is proved by using VO logic.

碩士
吳鳳技術學院
光機電暨材料研究所
96
Radio Frequency Identification (RFID) is an important technology for automated identification of objects and people. Until now, there are many papers proposed to enhance the security of the RFID system. However, some have deficiency of computation overhead and some are even insecure. In several applications such as E-passport, etc., the privacy is an important requirement beside security. Furthermore, nearly all of the tags are with low computation capability and insufficient of memory such that most of the authentication protocols are not suit for RFID systems. Therefore, how to develop simple authentication protocols for RFID system to ensure security and privacy is an important issue. In this thesis, based on a simple one-way hash function, we propose a remote authentication protocol for RFID system. The proposed protocol is secure and with the merit of anonymity that protects user’s privacy. The proposed system is simple and with very low computation overhead which is suit for RFID system. Finally, the system is realized with hardware and software implementation.

碩士
國立中興大學
資訊科學研究所
88
In recent years, the increasing development of the network technology increases the popularity of wireless and mobile communications. The communicative media of the wireless and mobile communication is unlike that of the wired networks. It is open to everyone. The information through wireless and mobile communications may easily be eavesdropped, modified, and forged. Therefore many security requirements and concerns need to be conferred and re-designed for such new network environments. In this thesis we concern about two topics. One is on the security of Mobile IP registration protocol. When a mobile node gets a new IP address, it must register to the home agent to update the mobility binding. The process is called registration. In this part we will study the security of the registration process. The other is about user anonymity and privacy. We will study how to use anonymity to protect user identity and private data. In mobile communications, a mobile node must get a care-of address form the foreign agent and register the care-of address to the home agent through the foreign agent. In the first part of the thesis, we will first demonstrate that the registration protocols are not secure. Because the original registration protocol of Mobile IP will suffer from a possible replay attack and the registration protocol of Sufatrio and Lam will suffer from TCP splicing attack. Then, we suggest a new scheme using some skill of the anonymity combine with the framework of Sufatrio and Lam’s protocol. In our scheme we can avoid registration protocol from attacks and provide higher security and performances of registration protocol. Anonymity can protect a user’s identify against eavesdropping during mobile communications. It can further protect the user’s privacy. In the second part of the thesis, we study the security issues of systems providing anonymity, such as GSM, CDPD, and the improved GSM(called Traveling alias ) and propose an anonymity scheme. Besides providing the anonymity, our system has the following characteristics: It can protect illegal intruders form outside or inside of the Visitor Location Register(VLR). The computing complexity of the user’s machine is low. And it has better performance compared with GSM or Traveling alias.

碩士
國立彰化師範大學
數學系所
98
Since Internet and wireless networks have gained popularity around the world, there are many situations that mobile users need to remote access resources distributed in several servers. In the past, many schemes have been proposed to solve the issue of user authentication for multi-server environment and low-power mobile devices. However, most of these schemes have suffered from many attacks because these schemes did not provide formal security analysis. Mutual authentication and key agreement (MAKA) between mobile users and roaming agents is a primary security issue for many commercial mobile networks. For personal privacy, to develop a MAKA with anonymity for roaming services in global mobility networks to protect user’s identity has received much attention. Recently many schemes with user anonymity have been proposed to address this issue. However, most of those schemes were demonstrated to suffer from several security weaknesses and did not achieve user’s anonymity. In this thesis, we firstly show the security weaknesses of two dynamic ID-based user authentication and key agreement schemes for multi-server environment. Afterwards, we construct a security model for multi-server environment and then propose a generalized ID-based MAKA scheme based on bilinear maps for mobile multi-server environment. Our scheme can be used for both general users with a long validity period and anonymous users with a short validity period. Under the presented security model, we show that our scheme is secure against all known attacks. Performance analysis is given to demonstrate that the proposed scheme is well suitable for low-power mobile devices. In this thesis, we also propose a novel MAKA with anonymity for roaming services in the global mobility network. Under the hash function and the public-key cryptosystem assumptions, we adopt the BAN logic to prove that the proposed scheme can withstand all known attacks. We also demonstrate that the proposed scheme provides the secrecy of the session key, user anonymity of user’s identity, as well as mutual authentication.

博士
國立臺灣科技大學
企業管理系
103
This study extended a traditional communication theory, spiral of silence, to explore the effects of user anonymity and member familiarity on opinion expression behavior in a virtual environment. A laboratory experiment method was used to manipulate user anonymity, member familiarity, and opinion congruity to measure the willingness to express opinions concerning controversial topics. A total of 147 participants were recruited in the experiment. The results revealed that anonymous users in virtual communities and users in groups comprising familiar members are more willing to express inconsistent opinions than nonanonymous users and users in groups containing unfamiliar members, respectively. In addition, anonymous and nonanonymous users as well as users in groups comprising familiar members and those in groups containing unfamiliar members are equally willing to express consistent opinions. This is the first study to verify the effect of user anonymity and member familiarity on the willingness to express opinions in online social communities. The findings have crucial implications regarding how governments and businesses can stimulate creativity and feedback through virtual communities.

In multi-hop wireless network (MWN), the mobile nodes relay others’ packets for enabling new applications and enhancing the network deployment and performance. However, the selfish nodes drop the packets because packet relay consumes their resources without benefits, and the malicious nodes drop the packets to launch Denial-of-Service attacks. Packet drop attacks adversely degrade the network fairness and performance in terms of throughput, delay, and packet delivery ratio. Moreover, due to the nature of wireless transmission and multi-hop packet relay, the attackers can analyze the network traffic in undetectable way to learn the users’ locations in number of hops and their communication activities causing a serious threat to the users’ privacy. In this thesis, we propose efficient security protocols for thwarting packet drop attacks and preserving users’ privacy in multi-hop wireless networks. First, we design a fair and efficient cooperation incentive protocol to stimulate the selfish nodes to relay others’ packets. The source and the destination nodes pay credits (or micropayment) to the intermediate nodes for relaying their packets. In addition to cooperation stimulation, the incentive protocol enforces fairness by rewarding credits to compensate the nodes for the consumed resources in relaying others’ packets. The protocol also discourages launching Resource-Exhaustion attacks by sending bogus packets to exhaust the intermediate nodes’ resources because the nodes pay for relaying their packets. For fair charging policy, both the source and the destination nodes are charged when the two nodes benefit from the communication. Since micropayment protocols have been originally proposed for web-based applications, we propose a practical payment model specifically designed for MWNs to consider the significant differences between web-based applications and cooperation stimulation. Although the non-repudiation property of the public-key cryptography is essential for securing the incentive protocol, the public-key cryptography requires too complicated computations and has a long signature tag. For efficient implementation, we use the public-key cryptography only for the first packet in a series and use the efficient hashing operations for the next packets, so that the overhead of the packet series converges to that of the hashing operations. Since a trusted party is not involved in the communication sessions, the nodes usually submit undeniable digital receipts (proofs of packet relay) to a centralized trusted party for updating their credit accounts. Instead of submitting large-size payment receipts, the nodes submit brief reports containing the alleged charges and rewards and store undeniable security evidences. The payment of the fair reports can be cleared with almost no processing overhead. For the cheating reports, the evidences are requested to identify and evict the cheating nodes. Since the cheating actions are exceptional, the proposed protocol can significantly reduce the required bandwidth and energy for submitting the payment data and clear the payment with almost no processing overhead while achieving the same security strength as the receipt-based protocols. Second, the payment reports are processed to extract financial information to reward the cooperative nodes, and contextual information such as the broken links to build up a trust system to measure the nodes’ packet-relay success ratios in terms of trust values. A node’s trust value is degraded whenever it does not relay a packet and improved whenever it does. A node is identified as malicious and excluded from the network once its trust value reaches to a threshold. Using trust system is necessary to keep track of the nodes’ long-term behaviors because the network packets may be dropped normally, e.g., due to mobility, or temporarily, e.g., due to network congestion, but the high frequency of packet drop is an obvious misbehavior. Then, we propose a trust-based and energy-aware routing protocol to route traffics through the highly trusted nodes having sufficient residual energy in order to establish stable routes and thus minimize the probability of route breakage. A node’s trust value is a real and live measurement to the node’s failure probability and mobility level, i.e., the low-mobility nodes having large hardware resources can perform packet relay more efficiently. In this way, the proposed protocol stimulates the nodes not only to cooperate but also to improve their packet-relay success ratio and tell the truth about their residual energy to improve their trust values and thus raise their chances to participate in future routes. Finally, we propose a privacy-preserving routing and incentive protocol for hybrid ad hoc wireless network. Micropayment is used to stimulate the nodes’ cooperation without submitting payment receipts. We only use the lightweight hashing and symmetric-key-cryptography operations to preserve the users’ privacy. The nodes’ pseudonyms are efficiently computed using hashing operations. Only trusted parties can link these pseudonyms to the real identities for charging and rewarding operations. Moreover, our protocol protects the location privacy of the anonymous source and destination nodes. Extensive analysis and simulations demonstrate that our protocols can secure the payment and trust calculation, preserve the users’ privacy with acceptable overhead, and precisely identify the malicious and the cheating nodes. Moreover, the simulation and measurement results demonstrate that our routing protocols can significantly improve route stability and thus the packet delivery ratio due to stimulating the selfish nodes’ cooperation, evicting the malicious nodes, and making informed decisions regarding route selection. In addition, the processing and submitting overheads of the payment-reports are incomparable with those of the receipts in the receipt-based incentive protocols. Our protocol also requires incomparable overhead to the signature-based protocols because the lightweight hashing operations dominate the nodes’ operations.

碩士
大同大學
事業經營學系(所)
98
Compared to ways of face-to-face communication in the past, the internet exists with the nature of anonymity in addition to being convenient, easy-to-use, and free of time and place. Online anonymity improves online communication, protects personnel privacy in order to benefit the freedom of speech on specific issues, but it brings about some negative effects, such as getting rid of responsibility and network crimes. Hence, it is a must to understand the causes and consequences of online anonymity concern. Past research on online anonymity mostly has focused on using experimental method or situational manipulation to examine the effects of anonymity. To the knowledge of the authors, there have been no studies that have advanced an integrated framework to discuss the causes and consequences of online anonymity concern. This study is to make a breakthrough in the lack of the extant research on online anonymity in terms of an integrated research in order to explain the antecedents and the consequences of anonymity adoption behavior of online users. Since users with online experiences are targeted to be the research subjects, using online questionnaires is an appropriate sampling method. After two-month’s collection, a total of 360 questionnaires were returned, and the valid questionnaires were 345 after 15 invalid copies deducted. AMOS 6.0 and Structural Equation Modeling were used to measure path effects and hypothesis testing in order to analyze the causes and consequences of online anonymity concern. The findings reveal that, for online users, the three motivations of Computer-mediated Communication Apprehension, Privacy Protection and Attention to Social Comparison Information have significantly positive effects on anonymity concern. Among them, privacy protection concerns online users most. Next, on the positive effect of anonymity concern, the communication satisfaction outweighs the self-disclosure, while the negative effect of deindividuation excels that of the self-awareness.

碩士
國立中山大學
行銷傳播管理研究所
103
Titter is the most prevalent social media in Japan and Japanese is the second most used language on Twitter. In order to look into the intense Twitter usage and high self-disclosure on Twitter in Japan, this study explores the Twitter environment to comprehend its anonymity function and abundant information. This study furthers such investigation by expanding Relational Mobility theory and examining their correlations with self-disclosure to delve into Japanese Twitter users’ self-disclosure level. Furthermore, this study explores the international awareness of users, which was neglected in previous social networking researches, to understand the role of users’ international awareness on Twitter users’ behavior. After exploring the correlations between the level of self-disclosure and three factors(Relational Mobility, anonymity and the intention of sharing information), this study examines the commitment between users and the usage on Twitter. A pilot was conducted before the official research in order to select the questionnaire items. Using a general population sample (N=335), the study reveals relational mobility and the intention of sharing information influencing the degree which individuals self-disclose on Twitter. This result also found self-disclosure influence the level of commitment and commitment can influence usage.

碩士
國立成功大學
外國語文學系
104
With the advances in Internet technology, there is a dramatic increase of reliance on online healthcare consultation, especially for stigmatized diseases or health conditions. While the search for health information on disease prevention or treatment and social support are two commonly documented functions of most health forums, those of HIV/AIDS are not well explored. To fill this gap, the present study examined discourse patterns by users of an HIV/AIDS forum based in Taiwan, with a comparison of those by users of other health forum, including syphilis, teen pregnancy, tuberculosis (TB), and cancer. With this comparative approach, we aim to see the psychosocial characteristics of users of the HIV/AIDS forum and their perception of the forum’s functions. By examining 82 users’ postings on the HIV/AIDS forum and a total of 216 postings on the other four medical consultation forums, our analysis manifests the following five discourse patterns. (1) Compared to the other four forums, users of the HIV/AIDS forum displayed the highest need for diagnosing or confirming their HIV infection status (i.e. 89%, as compared to 48% for diagnosing a syphilis infection status, 34% for TB infection, 30% for pregnancy status, and 2% for cancer status). (2) Such a strong need for an online diagnosis perceived by the HIV/AIDS forum users might appear to be “redundant” or “ungrounded”, as 20% of their posting actually revealed that their “HIV negative status” (i.e. they are HIV free) were already confirmed by previous tests. (3) About 54% of the suspected HIV transmission routes described in the users’ postings are sex-related behaviors, and 42% are routes which are generally not considered as possible ones. (4) Compared to the other four forums, users of the HIV/AIDS forum also displayed a highest preference for formulating their usernames which do not carry a sense of human name (59%, e.g. “1234567” or “小酒館/Small Inn”) or a sense of gender (61%, e.g. “匿名者/Anonymous Person” or “TMAC”), but convey a sense of emotional turmoil (34%, e.g. “煎熬/Suffering” or “日也想夜也想/Worry Day And Night”). (5) While the majority of the 82 usernames of the HIV/AIDS forum are “genderless” (61%), the rest of them are more constructed with a masculine sense (33%, e.g. “阿虎/A-hu” or “Sam”) than a feminine sense (6%, e.g. “Fay” or “Daisy”). Also the psychosocial features of users of the HIV/AIDS forum revealed in our study showed that they were: (1) mainly (male) individuals worrying about HIV transmission via sexual behavior, and (2) individuals with a high HIV/AIDS literacy, strong need for perceived anonymity, strong feeling of being HIV positive, and (3) individuals with a unanimous goal of looking for virtual diagnosis. These findings may shed a light for medical professionals in public health regarding HIV/AIDS prevention for high-risk groups of different social backgrounds. With the above discourse findings in compared the HIV/AIDS forum with four medical consultation forums based in Taiwan, we argued that multiple levels of stigma rooted in Taiwanese society toward “abnormal” sexual behaviors (e.g. homo, excessive, pre-marital sex), infectious disease (e.g. AIDS, syphilis, or TB), or relatively high mortality disease (e.g. AIDS or cancer) have driven individuals with “high HIV/AIDS literacy,” “a strong need for perceived anonymity” and “a strong feeling of being HIV positive” (even to the point of being “an AIDS worried-well or AIDS phobia”) to look for “virtual diagnosis” on the HIV/AIDS forum. In other words, unlike the functions of providing health information or social support of other health forums observed in previous studies, that of the HIV/AIDS forum perceived by users in our study is the “umbrella” that frees them from disclosing any social identity, shields them from tremendous stigma, and reassures them with a virtual diagnosis. This study contributes to the field of Internet health discourse in the following way. It demonstrates how the strong stigma associated with HIV/AIDS may drive its potential sufferers to construct language use as a way to protect their social identity, to reveal their anxiety, and also to serve their needs for medical help.