Enforcing authorizations while protecting access confidentiality

Cloud computing is the reference paradigm to provide data storage and management in a convenient and scalable manner. However, moving data to the cloud raises several issues, including the confidentiality of data and of accesses that are no more under the direct control of the data owner. The shuffle index has been proposed as a solution for addressing these issues when data are stored at an external third party. In this paper, we extend the shuffle index with support for access control, that is, for enforcing authorizations on data. Our approach is based on the use of selective encryption and on the organization of data and authorizations in two shuffle indexes. Owners regulate access to their data through authorizations that allow different users to access different portions of the data, while, at the same time, the confidentiality of accesses is guaranteed. The proposed approach also supports update operations over the outsourced data collection (i.e., insertion, removal, and update) as well as of the access control policy (i.e., grant and revoke). Also, our approach protects the nature of each access operation, making revoke operations and resource removal operations indistinguishable by the storing server and/or observing users

Data Security and Privacy in the Cloud

Relying on the cloud for storing data and performing computations has become a popular solution in today\u2019s society, which demands large data collections and/or analysis over them to be readily available, for example, to make knowledge-based decisions. While bringing undeniable benefits to both data owners and end users accessing the outsourced data, moving to the cloud raises a number of issues, ranging from choosing the most suitable cloud provider for outsourcing to effectively protecting data and computation results. In this paper, we discuss the main issues related to data protection arising when data and/or computations over them are moved to the cloud. We also illustrate possible solutions and approaches for addressing such issues

BALANCING PRIVACY, PRECISION AND PERFORMANCE IN DISTRIBUTED SYSTEMS

Privacy, Precision, and Performance (3Ps) are three fundamental design objectives in distributed systems. However, these properties tend to compete with one another and are not considered absolute properties or functions. They must be defined and justified in terms of a system, its resources, stakeholder concerns, and the security threat model. To date, distributed systems research has only considered the trade-offs of balancing privacy, precision, and performance in a pairwise fashion. However, this dissertation formally explores the space of trade-offs among all 3Ps by examining three representative classes of distributed systems, namely Wireless Sensor Networks (WSNs), cloud systems, and Data Stream Management Systems (DSMSs). These representative systems support large part of the modern and mission-critical distributed systems. WSNs are real-time systems characterized by unreliable network interconnections and highly constrained computational and power resources. The dissertation proposes a privacy-preserving in-network aggregation protocol for WSNs demonstrating that the 3Ps could be navigated by adopting the appropriate algorithms and cryptographic techniques that are not prohibitively expensive. Next, the dissertation highlights the privacy and precision issues that arise in cloud databases due to the eventual consistency models of the cloud. To address these issues, consistency enforcement techniques across cloud servers are proposed and the trade-offs between 3Ps are discussed to help guide cloud database users on how to balance these properties. Lastly, the 3Ps properties are examined in DSMSs which are characterized by high volumes of unbounded input data streams and strict real-time processing constraints. Within this system, the 3Ps are balanced through a proposed simple and efficient technique that applies access control policies over shared operator networks to achieve privacy and precision without sacrificing the systems performance. Despite that in this dissertation, it was shown that, with the right set of protocols and algorithms, the desirable 3P properties can co-exist in a balanced way in well-established distributed systems, this dissertation is promoting the use of the new 3Ps-by-design concept. This concept is meant to encourage distributed systems designers to proactively consider the interplay among the 3Ps from the initial stages of the systems design lifecycle rather than identifying them as add-on properties to systems

Data protection in Cloud scenarios

We present a brief overview of the main challenges related to data protection that need to be addressed when data are stored, processed, or managed in the cloud. We also discuss emerging approaches and directions to address such challenges

Empowering Owners with Control in Digital Data Markets

We propose an approach for allowing data owners to trade their data in digital data market scenarios, while keeping control over them. Our solution is based on a combination of selective encryption and smart contracts deployed on a blockchain, and ensures that only authorized users who paid an agreed amount can access a data item. We propose a safe interaction protocol for regulating the interplay between a data owner and subjects wishing to purchase (a subset of) her data, and an audit process for counteracting possible misbehaviors by any of the interacting parties. Our solution aims to make a step towards the realization of data market platforms where owners can benefit from trading their data while maintaining control

Cloud Security: Issues and Concerns

The cloud has emerged as a successful computing paradigm, allowing users and organizations to rely on external providers to store and process their data and make it available to others. An increasingly important priority, if there is to be wide adoption and acceptance of cloud computing, is for data owners and users to have security guarantees. Guaranteeing security means ensuring confidentiality and integrity of data, access to it, and computations with it, and ensuring availability of data and services to legitimate users in compliance with agreements with the providers. In this chapter, we present an overview of the main security issues and concerns arising in the cloud scenario, in particular with respect to the storage, management, and processing of data

Mobile Application Security Platforms Survey

Nowadays Smartphone and other mobile devices have become incredibly important in every aspect of our life. Because they have practically offered same capabilities as desktop workstations as well as come to be powerful in terms of CPU (Central processing Unit), Storage and installing numerous applications. Therefore, Security is considered as an important factor in wireless communication technologies, particularly in a wireless ad-hoc network and mobile operating systems. Moreover, based on increasing the range of mobile application within variety of platforms, security is regarded as on the most valuable and considerable debate in terms of issues, trustees, reliabilities and accuracy. This paper aims to introduce a consolidated report of thriving security on mobile application platforms and providing knowledge of vital threats to the users and enterprises. Furthermore, in this paper, various techniques as well as methods for security measurements, analysis and prioritization within the peak of mobile platforms will be presented. Additionally, increases understanding and awareness of security on mobile application platforms to avoid detection, forensics and countermeasures used by the operating systems. Finally, this study also discusses security extensions for popular mobile platforms and analysis for a survey within a recent research in the area of mobile platform security