Anna-Maria Osula PhD thesis: “Remote search and seizure of extraterritorial data”
Defense date: 17.04.2017 – 12:00, Näituse 20, room K-03
Professor Jaan Ginter
Dr Christoffer Wong (University of Lund)
Due to increasing digitalization, criminal procedure has to take into account the characteristics of the Internet, related technologies and digitally stored or electronically transmitted data. The objective of the dissertation is to examine, building on the example of the Council of Europe Convention on Cybercrime (CoCC), the regulation of remote search and seizure in circumstances where the targeted evidence is extraterritorially located or where it is not possible to identify the exact location of the data (‘loss of location’). Remote search and seizure entails searches that are either carried out by extending the initial search and seizure to devices accessible from the originally searched device or by remotely conducting search and seizure from other devices such as the law enforcement’s own. In addition to discussing the traditional mutual legal assistance procedures and alternative measures for accessing extraterritorial data, the dissertation scrutinizes whether remote search and seizure of extraterritorial data entails an extraterritorial application of jurisdiction to enforce and whether it can thereby be viewed as a breach of territorial sovereignty of the other state.
Andres Ojamaa PhD thesis: “Software Technology for Cyber Security Simulations”
Defense date: 15.12.2016
Enn Tõugu, D. Sc., Institute of Cybernetics Tallinn University of Technology, Tallinn, Estonia
Jaan Penjam, PhD, Institute of Cybernetics, Tallinn University of Technology, Tallinn, Estonia
Margus Veanes, PhD, Research in Software Engineering (RiSE) Group Microsoft Research, Redmond, USA
Christian Czosseck, PhD, Head Laboratory at CERT Bw, Germany
The goal of the work is to develop smart cyber security simulation tools. This includes methods, technology and freely available software tools for cyber security simulation that will be applicable to wide set of problems and will be economical and time-efficient, while still providing the required precision.
Prastudy Mungkas Fauzi PhD thesis: “Efficient non-interactive zero-knowledge protocols in the CRS model”
Defense date: 17.02.2017 – 14:15 (J. Liivi 2-405, Tartu, Estonia)
Thesis supervisor: Lead Research Fellow Helger Lipmaa (Institute of Computer Science, UT)
Associate Professor Ivan Visconti (University of Salerno, Italy);
Dr Carla Ràfols Salvador (University of Pompeu Fabra, Barcelona, Spain)
In this work we provide three scenarios where NIZK arguments are relevant: verifiable computation, authorization, and electronic voting. In each scenario, we propose NIZK arguments in the CRS model that are more efficient than existing ones, and are comparable in efficiency to the best known NIZK arguments in the RO model.
Riivo Talviste PhD thesis: “Applying Secure Multi-party Computation in Practice”
Defense date: 14.03.2016 – 16:15 (J. Liivi 2-405, Tartu, Estonia)
Thesis supervisor: Senior Research Fellow Sven Laur, Project manager Dan Bogdanov
Professor Stefan Katzenbeisser, Technische Universität Darmstadt (Germany)
Associate Professor Kurt Rohloff, New Jersey Institute of Technology (Newark, USA)
In this work, we present solutions for technical difficulties in deploying secure multi-party computation in real-world applications. We will first give a brief overview of the current state of the art, bring out several shortcomings and address them.
The main contribution of this work is an end-to-end process description of deploying secure multi-party computation for the first large-scale registry-based statistical study on linked databases. Involving large stakeholders like government institutions introduces also some non-technical requirements like signing contracts and negotiating with the Data Protection Agency.
Linna Kamm PhD thesis: “Privacy-preserving statistical analysis using secure multi-party computation”
Defense date: 09.03.2015 – 16:15 to 17:45 (J. Liivi 2-404, Tartu, Estonia)
Thesis supervisor: Senior Research Fellow Sven Laur
PhD Rebecca N. Wright Rutgers University (USA)
PhD George Danezis University College London
This work focuses on how to perform statistical analyses in a way that preserves the privacy of the individual. To achieve this goal, we use secure multi-party computation. This cryptographic technique allows data to be analysed without seeing the individual values. Even though using secure multi-party computation is a time-consuming process, we show that it is feasible even for large-scale databases.
Naved Ahmed PhD thesis: “Deriving Security Requirements from Business Process Models”
Defense date: 16.12.2014 – 16:15 to 17:45 (J. Liivi 2-404, Tartu, Estonia)
Assoc. Prof. PhD. Raimundas Matulevicius, University of Tartu
Prof. PhD. Marlon Dumas, University of Tartu
Prof. PhD. Andreas L. Opdahl, University of Bergen, Norway
Assoc. Prof. PhD. Rafael Accorsi, University of Freiburg, Germany
To consider this need, the approach taken in this thesis is to analyse the business process models from a security perspective to derive security objectives and requirements. The thesis has proposed three complementary contributions: Firstly, security risk-oriented patterns that integrate the security risk analysis into business process models. These patterns supports security risk concepts in business process models that business analyst can understand easily. Secondly, the taxonomy for assessing security in business processes. This taxonomy is used to classify the security risk-oriented patterns and helps analysts to apply these patterns in business process models. Finally, these contributions form a foundation for a method, security requirements elicitation from business processes (SREBP) that performs a systematic elicitation of security requirements for their business processes.