12,229 research outputs found
A secure data outsourcing scheme based on Asmuth – Bloom secret sharing
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Data outsourcing is an emerging paradigm for data management in which a database is provided as a service by third-party service providers. One of the major benefits of offering database as a service is to provide organisations, which are unable to purchase expensive hardware and software to host their databases, with efficient data storage accessible online at a cheap rate. Despite that, several issues of data confidentiality, integrity, availability and efficient indexing of users’ queries at the server side have to be addressed in the data outsourcing paradigm. Service providers have to guarantee that their clients’ data are secured against internal (insider) and external attacks. This paper briefly analyses the existing indexing schemes in data outsourcing and highlights their advantages and disadvantages. Then, this paper proposes a secure data outsourcing scheme based on Asmuth–Bloom secret sharing which tries to address the issues in data outsourcing such as data confidentiality, availability and order preservation for efficient indexing
Enabling Secure Database as a Service using Fully Homomorphic Encryption: Challenges and Opportunities
The database community, at least for the last decade, has been grappling with
querying encrypted data, which would enable secure database as a service
solutions. A recent breakthrough in the cryptographic community (in 2009)
related to fully homomorphic encryption (FHE) showed that arbitrary computation
on encrypted data is possible. Successful adoption of FHE for query processing
is, however, still a distant dream, and numerous challenges have to be
addressed. One challenge is how to perform algebraic query processing of
encrypted data, where we produce encrypted intermediate results and operations
on encrypted data can be composed. In this paper, we describe our solution for
algebraic query processing of encrypted data, and also outline several other
challenges that need to be addressed, while also describing the lessons that
can be learnt from a decade of work by the database community in querying
encrypted data
Trusted Launch of Virtual Machine Instances in Public IaaS Environments
Cloud computing and Infrastructure-as-a-Service (IaaS) are emerging
and promising technologies, however their adoption is hampered by data security
concerns. At the same time, Trusted Computing (TC) is experiencing an increasing
interest as a security mechanism for IaaS. In this paper we present a protocol
to ensure the launch of a virtual machine (VM) instance on a trusted remote
compute host. Relying on Trusted Platform Module operations such as binding
and sealing to provide integrity guarantees for clients that require a trusted VM
launch, we have designed a trusted launch protocol for VM instances in public IaaS
environments. We also present a proof-of-concept implementation of the protocol
based on OpenStack, an open-source IaaS platform. The results provide a basis
for the use of TC mechanisms within IaaS platforms and pave the way for a wider
applicability of TC to IaaS security
Computing on Masked Data to improve the Security of Big Data
Organizations that make use of large quantities of information require the
ability to store and process data from central locations so that the product
can be shared or distributed across a heterogeneous group of users. However,
recent events underscore the need for improving the security of data stored in
such untrusted servers or databases. Advances in cryptographic techniques and
database technologies provide the necessary security functionality but rely on
a computational model in which the cloud is used solely for storage and
retrieval. Much of big data computation and analytics make use of signal
processing fundamentals for computation. As the trend of moving data storage
and computation to the cloud increases, homeland security missions should
understand the impact of security on key signal processing kernels such as
correlation or thresholding. In this article, we propose a tool called
Computing on Masked Data (CMD), which combines advances in database
technologies and cryptographic tools to provide a low overhead mechanism to
offload certain mathematical operations securely to the cloud. This article
describes the design and development of the CMD tool.Comment: 6 pages, Accepted to IEEE HST Conferenc
- …