[{"publication_identifier":{"isbn":["978-1-5090-2054-6"]},"publication_status":"published","citation":{"ama":"Lass M, Leibenger D, Sorge C. Confidentiality and Authenticity for Distributed Version Control Systems - A Mercurial Extension. In: <i>Proc. 41st Conference on Local Computer Networks (LCN)</i>. IEEE; 2016. doi:<a href=\"https://doi.org/10.1109/lcn.2016.11\">10.1109/lcn.2016.11</a>","ieee":"M. Lass, D. Leibenger, and C. Sorge, “Confidentiality and Authenticity for Distributed Version Control Systems - A Mercurial Extension,” in <i>Proc. 41st Conference on Local Computer Networks (LCN)</i>, 2016.","chicago":"Lass, Michael, Dominik Leibenger, and Christoph Sorge. “Confidentiality and Authenticity for Distributed Version Control Systems - A Mercurial Extension.” In <i>Proc. 41st Conference on Local Computer Networks (LCN)</i>. IEEE, 2016. <a href=\"https://doi.org/10.1109/lcn.2016.11\">https://doi.org/10.1109/lcn.2016.11</a>.","bibtex":"@inproceedings{Lass_Leibenger_Sorge_2016, title={Confidentiality and Authenticity for Distributed Version Control Systems - A Mercurial Extension}, DOI={<a href=\"https://doi.org/10.1109/lcn.2016.11\">10.1109/lcn.2016.11</a>}, booktitle={Proc. 41st Conference on Local Computer Networks (LCN)}, publisher={IEEE}, author={Lass, Michael and Leibenger, Dominik and Sorge, Christoph}, year={2016} }","mla":"Lass, Michael, et al. “Confidentiality and Authenticity for Distributed Version Control Systems - A Mercurial Extension.” <i>Proc. 41st Conference on Local Computer Networks (LCN)</i>, IEEE, 2016, doi:<a href=\"https://doi.org/10.1109/lcn.2016.11\">10.1109/lcn.2016.11</a>.","short":"M. Lass, D. Leibenger, C. Sorge, in: Proc. 41st Conference on Local Computer Networks (LCN), IEEE, 2016.","apa":"Lass, M., Leibenger, D., &#38; Sorge, C. (2016). Confidentiality and Authenticity for Distributed Version Control Systems - A Mercurial Extension. In <i>Proc. 41st Conference on Local Computer Networks (LCN)</i>. IEEE. <a href=\"https://doi.org/10.1109/lcn.2016.11\">https://doi.org/10.1109/lcn.2016.11</a>"},"year":"2016","date_created":"2017-07-25T14:36:16Z","author":[{"full_name":"Lass, Michael","id":"24135","last_name":"Lass","orcid":"0000-0002-5708-7632","first_name":"Michael"},{"first_name":"Dominik","full_name":"Leibenger, Dominik","last_name":"Leibenger"},{"last_name":"Sorge","full_name":"Sorge, Christoph","first_name":"Christoph"}],"date_updated":"2022-01-06T06:53:56Z","publisher":"IEEE","doi":"10.1109/lcn.2016.11","title":"Confidentiality and Authenticity for Distributed Version Control Systems - A Mercurial Extension","publication":"Proc. 41st Conference on Local Computer Networks (LCN)","type":"conference","status":"public","abstract":[{"lang":"eng","text":"Version Control Systems (VCS) are a valuable tool for software development\r\nand document management. Both client/server and distributed (Peer-to-Peer)\r\nmodels exist, with the latter (e.g., Git and Mercurial) becoming\r\nincreasingly popular. Their distributed nature introduces complications,\r\nespecially concerning security: it is hard to control the dissemination of\r\ncontents stored in distributed VCS as they rely on replication of complete\r\nrepositories to any involved user.\r\n\r\nWe overcome this issue by designing and implementing a concept for\r\ncryptography-enforced access control which is transparent to the user. Use\r\nof field-tested schemes (end-to-end encryption, digital signatures) allows\r\nfor strong security, while adoption of convergent encryption and\r\ncontent-defined chunking retains storage efficiency. The concept is\r\nseamlessly integrated into Mercurial---respecting its distributed storage\r\nconcept---to ensure practical usability and compatibility to existing\r\ndeployments."}],"department":[{"_id":"27"},{"_id":"518"}],"user_id":"24135","_id":"19","language":[{"iso":"eng"}],"keyword":["access control","distributed version control systems","mercurial","peer-to-peer","convergent encryption","confidentiality","authenticity"]},{"date_created":"2020-12-14T11:58:33Z","author":[{"first_name":"Philipp","full_name":"Holzinger, Philipp","last_name":"Holzinger"},{"first_name":"Stefan","last_name":"Triller","full_name":"Triller, Stefan"},{"first_name":"Alexandre","last_name":"Bartel","full_name":"Bartel, Alexandre"},{"first_name":"Eric","orcid":"0000-0003-3470-3647","last_name":"Bodden","full_name":"Bodden, Eric","id":"59256"}],"date_updated":"2022-01-06T06:54:34Z","doi":"http://doi.acm.org/10.1145/2976749.2978361","title":"An In-Depth Study of More Than Ten Years of Java Exploitation","publication_identifier":{"isbn":["978-1-4503-4139-4"]},"citation":{"mla":"Holzinger, Philipp, et al. “An In-Depth Study of More Than Ten Years of Java Exploitation.” <i>Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security</i>, 2016, pp. 779–90, doi:<a href=\"http://doi.acm.org/10.1145/2976749.2978361\">http://doi.acm.org/10.1145/2976749.2978361</a>.","bibtex":"@inproceedings{Holzinger_Triller_Bartel_Bodden_2016, series={CCS ’16}, title={An In-Depth Study of More Than Ten Years of Java Exploitation}, DOI={<a href=\"http://doi.acm.org/10.1145/2976749.2978361\">http://doi.acm.org/10.1145/2976749.2978361</a>}, booktitle={Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security}, author={Holzinger, Philipp and Triller, Stefan and Bartel, Alexandre and Bodden, Eric}, year={2016}, pages={779–790}, collection={CCS ’16} }","short":"P. Holzinger, S. Triller, A. Bartel, E. Bodden, in: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016, pp. 779–790.","apa":"Holzinger, P., Triller, S., Bartel, A., &#38; Bodden, E. (2016). An In-Depth Study of More Than Ten Years of Java Exploitation. <i>Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security</i>, 779–790. <a href=\"http://doi.acm.org/10.1145/2976749.2978361\">http://doi.acm.org/10.1145/2976749.2978361</a>","ieee":"P. Holzinger, S. Triller, A. Bartel, and E. Bodden, “An In-Depth Study of More Than Ten Years of Java Exploitation,” in <i>Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security</i>, 2016, pp. 779–790, doi: <a href=\"http://doi.acm.org/10.1145/2976749.2978361\">http://doi.acm.org/10.1145/2976749.2978361</a>.","chicago":"Holzinger, Philipp, Stefan Triller, Alexandre Bartel, and Eric Bodden. “An In-Depth Study of More Than Ten Years of Java Exploitation.” In <i>Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security</i>, 779–90. CCS ’16, 2016. <a href=\"http://doi.acm.org/10.1145/2976749.2978361\">http://doi.acm.org/10.1145/2976749.2978361</a>.","ama":"Holzinger P, Triller S, Bartel A, Bodden E. An In-Depth Study of More Than Ten Years of Java Exploitation. In: <i>Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security</i>. CCS ’16. ; 2016:779-790. doi:<a href=\"http://doi.acm.org/10.1145/2976749.2978361\">http://doi.acm.org/10.1145/2976749.2978361</a>"},"page":"779-790","year":"2016","series_title":"CCS '16","user_id":"5786","department":[{"_id":"76"}],"_id":"20719","language":[{"iso":"eng"}],"keyword":["ATTRACT","access control","exploits","java security","security analysis","ITSECWEBSITE"],"type":"conference","publication":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","status":"public"}]