452 research outputs found
SoK: Cryptographically Protected Database Search
Protected database search systems cryptographically isolate the roles of
reading from, writing to, and administering the database. This separation
limits unnecessary administrator access and protects data in the case of system
breaches. Since protected search was introduced in 2000, the area has grown
rapidly; systems are offered by academia, start-ups, and established companies.
However, there is no best protected search system or set of techniques.
Design of such systems is a balancing act between security, functionality,
performance, and usability. This challenge is made more difficult by ongoing
database specialization, as some users will want the functionality of SQL,
NoSQL, or NewSQL databases. This database evolution will continue, and the
protected search community should be able to quickly provide functionality
consistent with newly invented databases.
At the same time, the community must accurately and clearly characterize the
tradeoffs between different approaches. To address these challenges, we provide
the following contributions:
1) An identification of the important primitive operations across database
paradigms. We find there are a small number of base operations that can be used
and combined to support a large number of database paradigms.
2) An evaluation of the current state of protected search systems in
implementing these base operations. This evaluation describes the main
approaches and tradeoffs for each base operation. Furthermore, it puts
protected search in the context of unprotected search, identifying key gaps in
functionality.
3) An analysis of attacks against protected search for different base
queries.
4) A roadmap and tools for transforming a protected search system into a
protected database, including an open-source performance evaluation platform
and initial user opinions of protected search.Comment: 20 pages, to appear to IEEE Security and Privac
Crypt-DAC: Cryptographically Enforced Dynamic Access Control in the Cloud
Enabling cryptographically enforced access controls
for data hosted in untrusted cloud is attractive for many users
and organizations. However, designing efficient cryptographically
enforced dynamic access control system in the cloud is still
challenging. In this paper, we propose Crypt-DAC, a system that
provides practical cryptographic enforcement of dynamic access
control. Crypt-DAC revokes access permissions by delegating the
cloud to update encrypted data. In Crypt-DAC, a file is encrypted
by a symmetric key list which records a file key and a sequence
of revocation keys. In each revocation, a dedicated administrator
uploads a new revocation key to the cloud and requests it to
encrypt the file with a new layer of encryption and update the
encrypted key list accordingly. Crypt-DAC proposes three key
techniques to constrain the size of key list and encryption layers.
As a result, Crypt-DAC enforces dynamic access control that
provides efficiency, as it does not require expensive decryption/re-
encryption and uploading/re-uploading of large data at the
administrator side, and security, as it immediately revokes ac-
cess permissions. We use formalization framework and system
implementation to demonstrate the security and efficiency of our
construction
Big Data Security (Volume 3)
After a short description of the key concepts of big data the book explores on the secrecy and security threats posed especially by cloud based data storage. It delivers conceptual frameworks and models along with case studies of recent technology
ANCHOR: logically-centralized security for Software-Defined Networks
While the centralization of SDN brought advantages such as a faster pace of
innovation, it also disrupted some of the natural defenses of traditional
architectures against different threats. The literature on SDN has mostly been
concerned with the functional side, despite some specific works concerning
non-functional properties like 'security' or 'dependability'. Though addressing
the latter in an ad-hoc, piecemeal way, may work, it will most likely lead to
efficiency and effectiveness problems. We claim that the enforcement of
non-functional properties as a pillar of SDN robustness calls for a systemic
approach. As a general concept, we propose ANCHOR, a subsystem architecture
that promotes the logical centralization of non-functional properties. To show
the effectiveness of the concept, we focus on 'security' in this paper: we
identify the current security gaps in SDNs and we populate the architecture
middleware with the appropriate security mechanisms, in a global and consistent
manner. Essential security mechanisms provided by anchor include reliable
entropy and resilient pseudo-random generators, and protocols for secure
registration and association of SDN devices. We claim and justify in the paper
that centralizing such mechanisms is key for their effectiveness, by allowing
us to: define and enforce global policies for those properties; reduce the
complexity of controllers and forwarding devices; ensure higher levels of
robustness for critical services; foster interoperability of the non-functional
property enforcement mechanisms; and promote the security and resilience of the
architecture itself. We discuss design and implementation aspects, and we prove
and evaluate our algorithms and mechanisms, including the formalisation of the
main protocols and the verification of their core security properties using the
Tamarin prover.Comment: 42 pages, 4 figures, 3 tables, 5 algorithms, 139 reference
Cybersecurity Stovepiping
I. Introduction
II. The Concept of Stovepiping
III. Stovepiping in Cybersecurity ... A. Policy Making, Complexity, and Change ... B. Complex Passwords: A Case Study ... 1. Fundamentals of Password Complexity ... 2. “Guessability”—the False Assumption ... a. Password Guessing via Authentication (Login) Interfaces ... b. Password Guessing via Unprotected/Unsanitized Service ... c. Offline Password Attacks ... 3. “Defense in Depth”—Measuring Marginal Benefit
IV. Implications of the Stovepiping Disjuncture ... A. Addressing the Same Question … B. Overcoming Policy Entrenchment ... C. Risk-Analytic Framework for Cybersecurity
V. Conclusio
- …