1,618 research outputs found
A Management Framework for Secure Multiparty Computation in Dynamic Environments
Secure multiparty computation (SMC) is a promising technology for
privacy-preserving collaborative computation. In the last years several
feasibility studies have shown its practical applicability in different fields.
However, it is recognized that administration and management overhead of SMC
solutions are still a problem. A vital next step is the incorporation of SMC in
the emerging fields of the Internet of Things and (smart) dynamic environments.
In these settings, the properties of these contexts make utilization of SMC
even more challenging since some of its vital premises regarding environmental
stability and preliminary configuration are not initially fulfilled. We bridge
this gap by providing FlexSMC, a management and orchestration framework for SMC
which supports the discovery of nodes, supports a trust establishment between
them and realizes robustness of SMC session by handling nodes failures and
communication interruptions. The practical evaluation of FlexSMC shows that it
enables the application of SMC in dynamic environments with reasonable
performance penalties and computation durations allowing soft real-time and
interactive use cases
Leveraging Secure Multiparty Computation in the Internet of Things
Centralized systems in the Internet of Things---be it local middleware or
cloud-based services---fail to fundamentally address privacy of the collected
data. We propose an architecture featuring secure multiparty computation at its
core in order to realize data processing systems which already incorporate
support for privacy protection in the architecture
Authentication and authorisation in entrusted unions
This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two pilot studies in two different domains, viz, Bio-security incident management and Ambient Assisted Living (eHealth). Interim results in terms of security requirements, privacy preserving authentication, and authorisation are reported
Combining behavioural types with security analysis
Today's software systems are highly distributed and interconnected, and they
increasingly rely on communication to achieve their goals; due to their
societal importance, security and trustworthiness are crucial aspects for the
correctness of these systems. Behavioural types, which extend data types by
describing also the structured behaviour of programs, are a widely studied
approach to the enforcement of correctness properties in communicating systems.
This paper offers a unified overview of proposals based on behavioural types
which are aimed at the analysis of security properties
Privacy-preserving scoring of tree ensembles : a novel framework for AI in healthcare
Machine Learning (ML) techniques now impact a wide variety of domains. Highly regulated industries such as healthcare and finance have stringent compliance and data governance policies around data sharing. Advances in secure multiparty computation (SMC) for privacy-preserving machine learning (PPML) can help transform these regulated industries by allowing ML computations over encrypted data with personally identifiable information (PII). Yet very little of SMC-based PPML has been put into practice so far. In this paper we present the very first framework for privacy-preserving classification of tree ensembles with application in healthcare. We first describe the underlying cryptographic protocols that enable a healthcare organization to send encrypted data securely to a ML scoring service and obtain encrypted class labels without the scoring service actually seeing that input in the clear. We then describe the deployment challenges we solved to integrate these protocols in a cloud based scalable risk-prediction platform with multiple ML models for healthcare AI. Included are system internals, and evaluations of our deployment for supporting physicians to drive better clinical outcomes in an accurate, scalable, and provably secure manner. To the best of our knowledge, this is the first such applied framework with SMC-based privacy-preserving machine learning for healthcare
PLACES'10: The 3rd Workshop on Programmng Language Approaches to concurrency and Communication-Centric Software
Paphos, Cyprus. March 201
Dynamic Multiparty Authentication of Data Analytics Services within Cloud Environments
Business analytics processes are often composed from orchestrated,
collaborating services, which are consumed by users from multiple cloud systems
(in different security realms), which need to be engaged dynamically at
runtime. If heterogeneous cloud systems located in different security realms do
not have direct authentication relationships, then it is a considerable
technical challenge to enable secure collaboration. In order to address this
security challenge, a new authentication framework is required to establish
trust amongst business analytics service instances and users by distributing a
common session secret to all participants of a session. We address this
challenge by designing and implementing a secure multiparty authentication
framework for dynamic interaction, for the scenario where members of different
security realms express a need to access orchestrated services. This novel
framework exploits the relationship of trust between session members in
different security realms, to enable a user to obtain security credentials that
access cloud resources in a remote realm. The mechanism assists cloud session
users to authenticate their session membership, thereby improving the
performance of authentication processes within multiparty sessions. We see
applicability of this framework beyond multiple cloud infrastructure, to that
of any scenario where multiple security realms has the potential to exist, such
as the emerging Internet of Things (IoT).Comment: Submitted to the 20th IEEE International Conference on High
Performance Computing and Communications 2018 (HPCC2018), 28-30 June 2018,
Exeter, U
A threshold secure data sharing scheme for federated clouds
Cloud computing allows users to view computing in a new direction, as it uses
the existing technologies to provide better IT services at low-cost. To offer
high QOS to customers according SLA, cloud services broker or cloud service
provider uses individual cloud providers that work collaboratively to form a
federation of clouds. It is required in applications like Real-time online
interactive applications, weather research and forecasting etc., in which the
data and applications are complex and distributed. In these applications secret
data should be shared, so secure data sharing mechanism is required in
Federated clouds to reduce the risk of data intrusion, the loss of service
availability and to ensure data integrity. So In this paper we have proposed
zero knowledge data sharing scheme where Trusted Cloud Authority (TCA) will
control federated clouds for data sharing where the secret to be exchanged for
computation is encrypted and retrieved by individual cloud at the end. Our
scheme is based on the difficulty of solving the Discrete Logarithm problem
(DLOG) in a finite abelian group of large prime order which is NP-Hard. So our
proposed scheme provides data integrity in transit, data availability when one
of host providers are not available during the computation.Comment: 8 pages, 3 Figures, International Journal of Research in Computer
Science 2012. arXiv admin note: text overlap with arXiv:1003.3920 by other
author
- …