417,281 research outputs found
Practical Private Range Search in Depth
We consider a data owner that outsources its dataset to an untrusted server. The owner wishes to enable the server to answer range queries on a single attribute, without compromising the privacy of the data and the queries. There are several schemes on âpracticalâ private range search (mainly in database venues) that attempt to strike a trade-off between efficiency and security. Nevertheless, these methods either lack provable security guarantees or permit unacceptable privacy leakages. In this article, we take an interdisciplinary approach, which combines the rigor of security formulations and proofs with efficient data management techniques. We construct a wide set of novel schemes with realistic security/performance trade-offs, adopting the notion of Searchable Symmetric Encryption (SSE), primarily proposed for keyword search. We reduce range search to multi-keyword search using range-covering techniques with tree-like indexes, and formalize the problem as Range Searchable Symmetric Encryption (RSSE). We demonstrate that, given any secure SSE scheme, the challenge boils down to (i) formulating leakages that arise from the index structure and (ii) minimizing false positives incurred by some schemes under heavy data skew. We also explain an important concept in the recent SSE bibliography, namely locality, and design generic and specialized ways to attribute locality to our RSSE schemes. Moreover, we are the first to devise secure schemes for answering range aggregate queries, such as range sums and range min/max. We analytically detail the superiority of our proposals over prior work and experimentally confirm their practicality
Guilt By Genetic Association: The Fourth Amendment and the Search of Private Genetic Databases by Law Enforcement
Over the course of 2018, a number of suspects in unsolved crimes have been identified through the use of GEDMatch, a public online genetic database. Law enforcementâs use of GEDMatch to identify suspects in cold cases likely does not constitute a search under the Fourth Amendment because the genetic information hosted on the website is publicly available. Transparency reports from direct-to-consumer (DTC) genetic testing providers like 23andMe and Ancestry suggest that federal and state officials may now be requesting access to private genetic databases as well. Whether law enforcementâs use of private DTC genetic databases to search for familial relatives of a suspectâs genetic profile constitutes a search within the meaning of the Fourth Amendment is far less clear. A strict application of the third-party doctrine suggests that individuals have no expectation of privacy in genetic information that they voluntarily disclose to third parties, including DTC providers. This Note, however, contends that the U.S. Supreme Courtâs recent decision in Carpenter v. United States overwhelmingly supports the proposition that genetic information disclosed to third-party DTC providers is subject to Fourth Amendment protection. Approximately fifteen million individuals in the United States have already submitted their genetic information to DTC providers. The genetic information held by these providers can reveal a host of highly intimate details about consumersâ medical conditions, behavioral traits, genetic health risks, ethnic background, and familial relationships. Allowing law enforcement warrantless access to investigate third-party DTC genetic databases circumvents their consumersâ reasonable expectations of privacy by exposing this sensitive genetic information to law enforcement without any meaningful oversight. Furthermore, individuals likely reasonably expect that they retain ownership over their uniquely personal genetic information despite their disclosure of that information to a thirdparty provider. This Note therefore asserts that the third-party doctrine does not permit law enforcement to conduct warrantless searches for suspects on private DTC genetics databases under the Fourth Amendment
An empirical study evaluating depth of inheritance on the maintainability of object-oriented software
This empirical research was undertaken as part of a multi-method programme of research to investigate unsupported claims made of object-oriented technology. A series of subject-based laboratory experiments, including an internal replication, tested the effect of inheritance depth on the maintainability of object-oriented software. Subjects were timed performing identical maintenance tasks on object-oriented software with a hierarchy of three levels of inheritance depth and equivalent object-based software with no inheritance. This was then replicated with more experienced subjects. In a second experiment of similar design, subjects were timed performing identical maintenance tasks on object-oriented software with a hierarchy of five levels of inheritance depth and the equivalent object-based software. The collected data showed that subjects maintaining object-oriented software with three levels of inheritance depth performed the maintenance tasks significantly quicker than those maintaining equivalent object-based software with no inheritance. In contrast, subjects maintaining the object-oriented software with five levels of inheritance depth took longer, on average, than the subjects maintaining the equivalent object-based software (although statistical significance was not obtained). Subjects' source code solutions and debriefing questionnaires provided some evidence suggesting subjects began to experience diffculties with the deeper inheritance hierarchy. It is not at all obvious that object-oriented software is going to be more maintainable in the long run. These findings are sufficiently important that attempts to verify the results should be made by independent researchers
Unifying an Introduction to Artificial Intelligence Course through Machine Learning Laboratory Experiences
This paper presents work on a collaborative project funded by the National Science Foundation that incorporates machine learning as a unifying theme to teach fundamental concepts typically covered in the introductory Artificial Intelligence courses. The project involves the development of an adaptable framework for the presentation of core AI topics. This is accomplished through the development, implementation, and testing of a suite of adaptable, hands-on laboratory projects that can be closely integrated into the AI course. Through the design and implementation of learning systems that enhance commonly-deployed applications, our model acknowledges that intelligent systems are best taught through their application to challenging problems. The goals of the project are to (1) enhance the student learning experience in the AI course, (2) increase student interest and motivation to learn AI by providing a framework for the presentation of the major AI topics that emphasizes the strong connection between AI and computer science and engineering, and (3) highlight the bridge that machine learning provides between AI technology and modern software engineering
Recommended from our members
Using Cloudworks to Support OER Activities
This report forms the third and final output of the Pearls in the Clouds project, funded by the Higher Education Academy. It focuses on evaluation of the use of a social networking site, Cloudworks, to support evidence-based practice.
The aim of this project (Pearls in the Clouds) has been to evaluate the ways in which web 2.0 tools like Cloudworks can support evidence-informed practices in relation to learning and teaching. We have reviewed evidence from empirically grounded studies surrounding the uses of web2.0 in higher education and highlighted the gap between using web2.0 to support learning and teaching, and using it to support learning about learning and teaching (in an evidence-informed way) (Conole and Alevizou, 2010). We have reported on findings from a case study focusing on the use of Cloudworks by a community of practice - educational technologists - reflecting upon, and, negotiating their role in enhancing teaching and learning in higher education (Galley et al., 2010). The object of this study is to explore and evaluate the use of the site by individuals and communities involved in the production of, and research on, the development, delivery and use of Open Educational Resources (OER)
Quantum attacks on Bitcoin, and how to protect against them
The key cryptographic protocols used to secure the internet and financial
transactions of today are all susceptible to attack by the development of a
sufficiently large quantum computer. One particular area at risk are
cryptocurrencies, a market currently worth over 150 billion USD. We investigate
the risk of Bitcoin, and other cryptocurrencies, to attacks by quantum
computers. We find that the proof-of-work used by Bitcoin is relatively
resistant to substantial speedup by quantum computers in the next 10 years,
mainly because specialized ASIC miners are extremely fast compared to the
estimated clock speed of near-term quantum computers. On the other hand, the
elliptic curve signature scheme used by Bitcoin is much more at risk, and could
be completely broken by a quantum computer as early as 2027, by the most
optimistic estimates. We analyze an alternative proof-of-work called Momentum,
based on finding collisions in a hash function, that is even more resistant to
speedup by a quantum computer. We also review the available post-quantum
signature schemes to see which one would best meet the security and efficiency
requirements of blockchain applications.Comment: 21 pages, 6 figures. For a rough update on the progress of Quantum
devices and prognostications on time from now to break Digital signatures,
see https://www.quantumcryptopocalypse.com/quantum-moores-law
Analysis of Dialogical Argumentation via Finite State Machines
Dialogical argumentation is an important cognitive activity by which agents
exchange arguments and counterarguments as part of some process such as
discussion, debate, persuasion and negotiation. Whilst numerous formal systems
have been proposed, there is a lack of frameworks for implementing and
evaluating these proposals. First-order executable logic has been proposed as a
general framework for specifying and analysing dialogical argumentation. In
this paper, we investigate how we can implement systems for dialogical
argumentation using propositional executable logic. Our approach is to present
and evaluate an algorithm that generates a finite state machine that reflects a
propositional executable logic specification for a dialogical argumentation
together with an initial state. We also consider how the finite state machines
can be analysed, with the minimax strategy being used as an illustration of the
kinds of empirical analysis that can be undertaken.Comment: 10 page
POPE: Partial Order Preserving Encoding
Recently there has been much interest in performing search queries over
encrypted data to enable functionality while protecting sensitive data. One
particularly efficient mechanism for executing such queries is order-preserving
encryption/encoding (OPE) which results in ciphertexts that preserve the
relative order of the underlying plaintexts thus allowing range and comparison
queries to be performed directly on ciphertexts. In this paper, we propose an
alternative approach to range queries over encrypted data that is optimized to
support insert-heavy workloads as are common in "big data" applications while
still maintaining search functionality and achieving stronger security.
Specifically, we propose a new primitive called partial order preserving
encoding (POPE) that achieves ideal OPE security with frequency hiding and also
leaves a sizable fraction of the data pairwise incomparable. Using only O(1)
persistent and non-persistent client storage for
, our POPE scheme provides extremely fast batch insertion
consisting of a single round, and efficient search with O(1) amortized cost for
up to search queries. This improved security and
performance makes our scheme better suited for today's insert-heavy databases.Comment: Appears in ACM CCS 2016 Proceeding
- âŠ