SoK: Cryptographically Protected Database Search

Protected database search systems cryptographically isolate the roles of reading from, writing to, and administering the database. This separation limits unnecessary administrator access and protects data in the case of system breaches. Since protected search was introduced in 2000, the area has grown rapidly; systems are offered by academia, start-ups, and established companies. However, there is no best protected search system or set of techniques. Design of such systems is a balancing act between security, functionality, performance, and usability. This challenge is made more difficult by ongoing database specialization, as some users will want the functionality of SQL, NoSQL, or NewSQL databases. This database evolution will continue, and the protected search community should be able to quickly provide functionality consistent with newly invented databases. At the same time, the community must accurately and clearly characterize the tradeoffs between different approaches. To address these challenges, we provide the following contributions: 1) An identification of the important primitive operations across database paradigms. We find there are a small number of base operations that can be used and combined to support a large number of database paradigms. 2) An evaluation of the current state of protected search systems in implementing these base operations. This evaluation describes the main approaches and tradeoffs for each base operation. Furthermore, it puts protected search in the context of unprotected search, identifying key gaps in functionality. 3) An analysis of attacks against protected search for different base queries. 4) A roadmap and tools for transforming a protected search system into a protected database, including an open-source performance evaluation platform and initial user opinions of protected search.Comment: 20 pages, to appear to IEEE Security and Privac

Spatial and temporal-based query disambiguation for improving web search

Queries submitted to search engines are ambiguous in nature due to users’ irrelevant input which poses real challenges to web search engines both towards understanding a query and giving results. A lot of irrelevant and ambiguous information creates disappointment among users. Thus, this research proposes an ambiguity evolvement process followed by an integrated use of spatial and temporal features to alleviate the search results imprecision. To enhance the effectiveness of web information retrieval the study develops an enhanced Adaptive Disambiguation Approach for web search queries to overcome the problems caused by ambiguous queries. A query classification method was used to filter search results to overcome the imprecision. An algorithm was utilized for finding the similarity of the search results based on spatial and temporal features. Users’ selection based on web results facilitated recording of implicit feedback which was then utilized for web search improvement. Performance evaluation was conducted on data sets GISQC_DS, AMBIENT and MORESQUE comprising of ambiguous queries to certify the effectiveness of the proposed approach in comparison to a well-known temporal evaluation and two-box search methods. The implemented prototype is focused on ambiguous queries to be classified by spatial or temporal features. Spatial queries focus on targeting the location information whereas temporal queries target time in years. In conclusion, the study used search results in the context of Spatial Information Retrieval (S-IR) along with temporal information. Experiments results show that the use of spatial and temporal features in combination can significantly improve the performance in terms of precision (92%), accuracy (93%), recall (95%), and f-measure (93%). Moreover, the use of implicit feedback has a significant impact on the search results which has been demonstrated through experimental evaluation.SHAHID KAMA

A systematic investigation of risk management and process mining ontologies

Διπλωματική εργασία--Πανεπιστήμιο Μακεδονίας, Θεσσαλονίκη, 2019.This study proposes and examines the ‘’Risk – Process’’ ontology with respect to and in comparison with the Process mining methodology. The ontology consists of Process elements (Process Mining, Business Process Management and Business Process Intelligence) and Risk elements (Governance, Risk Management & Compliance, Internal Audit and Enterprise Risk Management). A two-fold literature review is executed, focusing firstly on the six key elements of the ‘’Risk - Process’’ ontology, and secondly at the “Risk” components of the ontology. Moving on, as an original contribution, the popularity and the coherence of the aforementioned elements in internet searches from 2004 to 2018 is presented and forecasted with the use of the Google Trends tool. As a last step, a statistical analysis of the time series obtained through Google Trends is performed, in order to find relation, correlations, statistical significance and predictors with respect to Process minin

Air Force Institute of Technology Research Report 2020

This Research Report presents the FY20 research statistics and contributions of the Graduate School of Engineering and Management (EN) at AFIT. AFIT research interests and faculty expertise cover a broad spectrum of technical areas related to USAF needs, as reflected by the range of topics addressed in the faculty and student publications listed in this report. In most cases, the research work reported herein is directly sponsored by one or more USAF or DOD agencies. AFIT welcomes the opportunity to conduct research on additional topics of interest to the USAF, DOD, and other federal organizations when adequate manpower and financial resources are available and/or provided by a sponsor. In addition, AFIT provides research collaboration and technology transfer benefits to the public through Cooperative Research and Development Agreements (CRADAs). Interested individuals may discuss ideas for new research collaborations, potential CRADAs, or research proposals with individual faculty using the contact information in this document

Cryptography for Big Data Security

As big data collection and analysis becomes prevalent in today’s computing environments there is a growing need for techniques to ensure security of the collected data. To make matters worse, due to its large volume and velocity, big data is commonly stored on distributed or shared computing resources not fully controlled by the data owner. Thus, tools are needed to ensure both the confidentiality of the stored data and the integrity of the analytics results even in untrusted environments. In this chapter, we present several cryptographic approaches for securing big data and discuss the appropriate use scenarios for each. We begin with the problem of securing big data storage. We first address the problem of secure block storage for big data allowing data owners to store and retrieve their data from an untrusted server. We present techniques that allow a data owner to both control access to their data and ensure that none of their data is modified or lost while in storage. However, in most big data applications, it is not sufficient to simply store and retrieve one’s data and a search functionality is necessary to allow one to select only the relevant data. Thus, we present several techniques for searchable encryption allowing database- style queries over encrypted data. We review the performance, functionality, and security provided by each of these schemes and describe appropriate use-cases. However, the volume of big data often makes it infeasible for an analyst to retrieve all relevant data. Instead, it is desirable to be able to perform analytics directly on the stored data without compromising the confidentiality of the data or the integrity of the computation results. We describe several recent cryptographic breakthroughs that make such processing possible for varying classes of analytics. We review the performance and security characteristics of each of these schemes and summarize how they can be used to protect big data analytics especially when deployed in a cloud setting. We hope that the exposition in this chapter will raise awareness of the latest types of tools and protections available for securing big data. We believe better understanding and closer collaboration between the data science and cryptography communities will be critical to enabling the future of big data processing

Air Force Institute of Technology Research Report 2016

This Research Report presents the FY16 research statistics and contributions of the Graduate School of Engineering and Management (EN) at AFIT. AFIT research interests and faculty expertise cover a broad spectrum of technical areas related to USAF needs, as reflected by the range of topics addressed in the faculty and student publications listed in this report. In most cases, the research work reported herein is directly sponsored by one or more USAF or DOD agencies. AFIT welcomes the opportunity to conduct research on additional topics of interest to the USAF, DOD, and other federal organizations when adequate manpower and financial resources are available and/or provided by a sponsor. In addition, AFIT provides research collaboration and technology transfer benefits to the public through Cooperative Research and Development Agreements (CRADAs)

Using Ontologies and Intelligent Systems for Traffic Accident Assistance in Vehicular Environments

A pesar de que las medidas de seguridad en los sistemas de transporte cada vez son mayores, el aumento progresivo del número de vehículos que circulan por las ciudades y carreteras en todo el mundo aumenta, sin duda, la probabilidad de que ocurra un accidente. En este tipo de situaciones, el tiempo de respuesta de los servicios de emergencia es crucial, ya que está demostrado que cuanto menor sea el tiempo transcurrido entre el accidente y la atención hospitalaria de los heridos, mayores son sus probabilidades de supervivencia. Las redes vehiculares permiten la comunicación entre los vehículos, así como la comunicación entre los vehículos y la infraestructura [4], lo que da lugar a una plétora de nuevas aplicaciones y servicios en el entorno vehicular. Centrándonos en las aplicaciones relacionadas con la seguridad vial, mediante este tipo de comunicaciones, los vehículos podrían informar en caso de accidente al resto de vehículos (evitando así colisiones en cadena) y a los servicios de emergencia (dando información precisa y rápida, lo que sin duda facilitaría las tareas de rescate). Uno de los aspectos importantes a determinar sería saber qué información se debe enviar, quién será capaz de recibirla, y cómo actuar una vez recibida. Actualmente los vehículos disponen de una serie de sensores que les permiten obtener información sobre ellos mismos (velocidad, posición, estado de los sistemas de seguridad, número de ocupantes del vehículo, etc.), y sobre su entorno (información meteorológica, estado de la calzada, luminosidad, etc.). En caso de accidente, toda esa información puede ser estructurada y enviada a los servicios de emergencia para que éstos adecúen el rescate a las características específicas y la gravedad del accidente, actuando en consecuencia. Por otro lado, para que la información enviada por los vehículos accidentados pueda llegar correctamente a los servicios de emergencias, es necesario disponer de una infraestructura capaz de dar cobertura a todos los vehículos que circulan por una determinada área. Puesto que la instalación y el mantenimiento de dicha infraestructura conllevan un elevado coste, sería conveniente proponer, implementar y evaluar técnicas consistentes en dar cobertura a todos los vehículos, reduciendo el coste total de la infraestructura. Finalmente, una vez que la información ha sido recibida por las autoridades, es necesario elaborar un plan de actuación eficaz, que permita el rápido rescate de los heridos. Hay que tener en cuenta que, cuando ocurre un accidente de tráfico, el tiempo de personación de los servicios de emergencia en el lugar del accidente puede suponer la diferencia entre que los heridos sobrevivan o fallezcan. Además, es importante conocer si la calle o carretera por la que circulaban los vehículos accidentados ha dejado de ser transitable para el resto de vehículos, y en ese caso, activar los mecanismos necesarios que permitan evitar los atascos asociados. En esta Tesis, se pretende gestionar adecuadamente estas situaciones adversas, distribuyendo el tráfico de manera inteligente para reducir el tiempo de llegada de los servicios de emergencia al lugar del accidente, evitando además posibles atascos.Barrachina Villalba, J. (2014). Using Ontologies and Intelligent Systems for Traffic Accident Assistance in Vehicular Environments [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/39004TESI

Privacy-Preserving Crowdsourcing-Based Recommender Systems for E-Commerce & Health Services

En l’actualitat, els sistemes de recomanació han esdevingut un mecanisme fonamental per proporcionar als usuaris informació útil i filtrada, amb l’objectiu d’optimitzar la presa de decisions, com per exemple, en el camp del comerç electrònic. La quantitat de dades existent a Internet és tan extensa que els usuaris necessiten sistemes automàtics per ajudar-los a distingir entre informació valuosa i soroll. No obstant, sistemes de recomanació com el Filtratge Col·laboratiu tenen diverses limitacions, com ara la manca de resposta i la privadesa. Una part important d'aquesta tesi es dedica al desenvolupament de metodologies per fer front a aquestes limitacions. A més de les aportacions anteriors, en aquesta tesi també ens centrem en el procés d'urbanització que s'està produint a tot el món i en la necessitat de crear ciutats més sostenibles i habitables. En aquest context, ens proposem solucions de salut intel·ligent (s-health) i metodologies eficients de caracterització de canals sense fils, per tal de proporcionar assistència sanitària sostenible en el context de les ciutats intel·ligents.En la actualidad, los sistemas de recomendación se han convertido en una herramienta indispensable para proporcionar a los usuarios información útil y filtrada, con el objetivo de optimizar la toma de decisiones en una gran variedad de contextos. La cantidad de datos existente en Internet es tan extensa que los usuarios necesitan sistemas automáticos para ayudarles a distinguir entre información valiosa y ruido. Sin embargo, sistemas de recomendación como el Filtrado Colaborativo tienen varias limitaciones, tales como la falta de respuesta y la privacidad. Una parte importante de esta tesis se dedica al desarrollo de metodologías para hacer frente a esas limitaciones. Además de las aportaciones anteriores, en esta tesis también nos centramos en el proceso de urbanización que está teniendo lugar en todo el mundo y en la necesidad de crear ciudades más sostenibles y habitables. En este contexto, proponemos soluciones de salud inteligente (s-health) y metodologías eficientes de caracterización de canales inalámbricos, con el fin de proporcionar asistencia sanitaria sostenible en el contexto de las ciudades inteligentes.Our society lives an age where the eagerness for information has resulted in problems such as infobesity, especially after the arrival of Web 2.0. In this context, automatic systems such as recommenders are increasing their relevance, since they help to distinguish noise from useful information. However, recommender systems such as Collaborative Filtering have several limitations such as non-response and privacy. An important part of this thesis is devoted to the development of methodologies to cope with these limitations. In addition to the previously stated research topics, in this dissertation we also focus in the worldwide process of urbanisation that is taking place and the need for more sustainable and liveable cities. In this context, we focus on smart health solutions and efficient wireless channel characterisation methodologies, in order to provide sustainable healthcare in the context of smart cities