955 research outputs found
Query-Answer Causality in Databases: Abductive Diagnosis and View-Updates
Causality has been recently introduced in databases, to model, characterize
and possibly compute causes for query results (answers). Connections between
query causality and consistency-based diagnosis and database repairs (wrt.
integrity constrain violations) have been established in the literature. In
this work we establish connections between query causality and abductive
diagnosis and the view-update problem. The unveiled relationships allow us to
obtain new complexity results for query causality -the main focus of our work-
and also for the two other areas.Comment: To appear in Proc. UAI Causal Inference Workshop, 2015. One example
was fixe
Analysis and Implementation of the Messaging Layer Security Protocol
The use of messaging services on smartphones has increased considerably in recent years, due to the growth in the availability of mobile devices and the evolution of communication technologies via Internet, factors that have effectively replaced the use of text messages.
This increase also concerned the use in the business environment, a context where the exchange of confidential information is more frequent and therefore the need to protect communication between two or more people. This is important not only on a security point of view, but also for personal privacy. The major global players have responded by implementing security measures within their services, such as end-to-end encryption and increasingly strict rules regarding the processing of personal data.
In this thesis we will illustrate Messaging Layer Security, shortened as MLS, a new protocol under development that guarantees security and efficiency in group conversations. When in a conversation between two clients, security can be ensured through end-to-end encryption and key exchange. The problem arises when multiple actors participate in the conversation asynchronously: in this case the computational effort is considerable, even more so considering the use of mobile devices with reduced battery capacity that does not guarantee the continuous presence of the online device.
The thesis will deal with both the architectural part, that is more general and traces the outline of the subject, and the protocol part, more technical and detailed. Finally, an implementation of MLS written in Rust and called Melissa will be illustrated, which provides all the basic functionalities indicated in the draft 05 version of the protocol
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning
The secret keys of critical network authorities - such as time, name,
certificate, and software update services - represent high-value targets for
hackers, criminals, and spy agencies wishing to use these keys secretly to
compromise other hosts. To protect authorities and their clients proactively
from undetected exploits and misuse, we introduce CoSi, a scalable witness
cosigning protocol ensuring that every authoritative statement is validated and
publicly logged by a diverse group of witnesses before any client will accept
it. A statement S collectively signed by W witnesses assures clients that S has
been seen, and not immediately found erroneous, by those W observers. Even if S
is compromised in a fashion not readily detectable by the witnesses, CoSi still
guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to
risk that the compromise will soon be detected by one of the W witnesses.
Because clients can verify collective signatures efficiently without
communication, CoSi protects clients' privacy, and offers the first
transparency mechanism effective against persistent man-in-the-middle attackers
who control a victim's Internet access, the authority's secret key, and several
witnesses' secret keys. CoSi builds on existing cryptographic multisignature
methods, scaling them to support thousands of witnesses via signature
aggregation over efficient communication trees. A working prototype
demonstrates CoSi in the context of timestamping and logging authorities,
enabling groups of over 8,000 distributed witnesses to cosign authoritative
statements in under two seconds.Comment: 20 pages, 7 figure
From Causes for Database Queries to Repairs and Model-Based Diagnosis and Back
In this work we establish and investigate connections between causes for
query answers in databases, database repairs wrt. denial constraints, and
consistency-based diagnosis. The first two are relatively new research areas in
databases, and the third one is an established subject in knowledge
representation. We show how to obtain database repairs from causes, and the
other way around. Causality problems are formulated as diagnosis problems, and
the diagnoses provide causes and their responsibilities. The vast body of
research on database repairs can be applied to the newer problems of computing
actual causes for query answers and their responsibilities. These connections,
which are interesting per se, allow us, after a transition -inspired by
consistency-based diagnosis- to computational problems on hitting sets and
vertex covers in hypergraphs, to obtain several new algorithmic and complexity
results for database causality.Comment: To appear in Theory of Computing Systems. By invitation to special
issue with extended papers from ICDT 2015 (paper arXiv:1412.4311
Separating Information Protection from Resource Management.
Securing information in a computer system is becoming an intractable problem. Exacerbating the situation is the current paradigm of trusting an operating system for both security and resource management. One solution to this problem is to separate the role of protecting information from managing resources.
This thesis studies the design and implementation of a system architecture called Software-Privacy Preserving Platform (SP3). SP3 creates a new layer that is more privileged than the operating system and responsible for providing information secrecy to user applications. SP3 provides page-granular memory secrecy protection by augmenting memory paging and interrupt mechanisms of a computer system in such a way that physical memory pages for user applications are rendered encrypted to the operating system. The resulting SP3 system therefore provides secrecy protection for the information contained in the memory of user applications. SP3 is implemented by modifying a hypervisor, which efficiently emulates the augmented semantics of paging and interrupt mechanism introduced by SP3. The modified hypervisor employs a couple of optimization techniques to reduce the number of costly page-wide block cipher operations. In the page-frame replication technique, the hypervisor internally keeps both encrypted and decrypted images of a page and relies on shadow page table redirection to map the correct page. In the lazy synchronization technique, the needed synchronization between the replicated images of the page is deferred as long as possible so that the synchronization happens not when an image is modified, but when the other image is actually accessed. This thesis further explores the challenges and solutions in the new programming environment introduced by SP3. This thesis also presents an SP3-based digital rights-management solution that can protect both the copy-protected multimedia contents and a trusted multimedia player program without limiting the end-users' freedom.
In conclusion, this thesis demonstrates the feasibility of separating information protection from resource management in systems software. This separation greatly reduces the size and complexity of the trusted part for information protection, resulting in a more resilient system that can tolerate a compromise in the operating system.Ph.D.Computer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/75886/1/jisooy_1.pd
Decentralized information flow control for databases
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2012.This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Cataloged from student-submitted PDF version of thesis.Includes bibliographical references (p. 177-194).Privacy and integrity concerns have been mounting in recent years as sensitive data such as medical records, social network records, and corporate and government secrets are increasingly being stored in online systems. The rate of high-profile breaches has illustrated that current techniques are inadequate for protecting sensitive information. Many of these breaches involve databases that handle information for a multitude of individuals, but databases don't provide practical tools to protect those individuals from each other, so that task is relegated to the application. This dissertation describes a system that improves security in a principled way by extending the database system and the application platform to support information flow control. Information flow control has been gaining traction as a practical way to protect information in the contexts of programming languages and operating systems. Recent research advocates the decentralized model for information flow control (DIFC), since it provides the necessary expressiveness to protect data for many individuals with varied security concerns.However, despite the fact that most applications implicated in breaches rely on relational databases, there have been no prior comprehensive attempts to extend DIFC to a database system. This dissertation introduces IFDB, which is a database management system that supports DIFC with minimal overhead. IFDB pioneers the Query by Label model, which provides applications with a simple way to delineate constraints on the confidentiality and integrity of the data they obtain from the database. This dissertation also defines new abstractions for managing information flows in a database and proposes new ways to address covert channels. Finally, the IFDB implementation and case studies with real applications demonstrate that database support for DIFC improves security, is easy for developers to use, and has good performance.by David Andrew Schultz.Ph.D
- …