2,430 research outputs found
SoK: Cryptographically Protected Database Search
Protected database search systems cryptographically isolate the roles of
reading from, writing to, and administering the database. This separation
limits unnecessary administrator access and protects data in the case of system
breaches. Since protected search was introduced in 2000, the area has grown
rapidly; systems are offered by academia, start-ups, and established companies.
However, there is no best protected search system or set of techniques.
Design of such systems is a balancing act between security, functionality,
performance, and usability. This challenge is made more difficult by ongoing
database specialization, as some users will want the functionality of SQL,
NoSQL, or NewSQL databases. This database evolution will continue, and the
protected search community should be able to quickly provide functionality
consistent with newly invented databases.
At the same time, the community must accurately and clearly characterize the
tradeoffs between different approaches. To address these challenges, we provide
the following contributions:
1) An identification of the important primitive operations across database
paradigms. We find there are a small number of base operations that can be used
and combined to support a large number of database paradigms.
2) An evaluation of the current state of protected search systems in
implementing these base operations. This evaluation describes the main
approaches and tradeoffs for each base operation. Furthermore, it puts
protected search in the context of unprotected search, identifying key gaps in
functionality.
3) An analysis of attacks against protected search for different base
queries.
4) A roadmap and tools for transforming a protected search system into a
protected database, including an open-source performance evaluation platform
and initial user opinions of protected search.Comment: 20 pages, to appear to IEEE Security and Privac
GraphSE: An Encrypted Graph Database for Privacy-Preserving Social Search
In this paper, we propose GraphSE, an encrypted graph database for online
social network services to address massive data breaches. GraphSE preserves
the functionality of social search, a key enabler for quality social network
services, where social search queries are conducted on a large-scale social
graph and meanwhile perform set and computational operations on user-generated
contents. To enable efficient privacy-preserving social search, GraphSE
provides an encrypted structural data model to facilitate parallel and
encrypted graph data access. It is also designed to decompose complex social
search queries into atomic operations and realise them via interchangeable
protocols in a fast and scalable manner. We build GraphSE with various
queries supported in the Facebook graph search engine and implement a
full-fledged prototype. Extensive evaluations on Azure Cloud demonstrate that
GraphSE is practical for querying a social graph with a million of users.Comment: This is the full version of our AsiaCCS paper "GraphSE: An
Encrypted Graph Database for Privacy-Preserving Social Search". It includes
the security proof of the proposed scheme. If you want to cite our work,
please cite the conference version of i
Provenance-based Auditing of Private Data Use
Across the world, organizations are required to comply with regulatory frameworks dictating how to manage personal information. Despite these, several cases of data leaks and exposition of private data to unauthorized recipients have been publicly and widely advertised. For authorities and system administrators to check compliance to regulations, auditing of private data processing becomes crucial in IT systems. Finding the origin of some data, determining how some data is being used, checking that the processing of some data is compatible with the purpose for which the data was captured are typical functionality that an auditing capability should support, but difficult to implement in a reusable manner. Such questions are so-called provenance questions, where provenance is defined as the process that led to some data being produced. The aim of this paper is to articulate how data provenance can be used as the underpinning approach of an auditing capability in IT systems. We present a case study based on requirements of the Data Protection Act and an application that audits the processing of private data, which we apply to an example manipulating private data in a university
Self-Enforcing Access Control for Encrypted RDF
The amount of raw data exchanged via web protocols is
steadily increasing. Although the Linked Data infrastructure could
potentially be used to selectively share RDF data with different individuals
or organisations, the primary focus remains on the unrestricted
sharing of public data. In order to extend the Linked Data paradigm to
cater for closed data, there is a need to augment the existing infrastructure
with robust security mechanisms. At the most basic level both access
control and encryption mechanisms are required. In this paper, we propose
a flexible and dynamic mechanism for securely storing and efficiently
querying RDF datasets. By employing an encryption strategy based on
Functional Encryption (FE) in which controlled data access does not
require a trusted mediator, but is instead enforced by the cryptographic
approach itself, we allow for fine-grained access control over encrypted
RDF data while at the same time reducing the administrative overhead
associated with access control management
Equivalence-based Security for Querying Encrypted Databases: Theory and Application to Privacy Policy Audits
Motivated by the problem of simultaneously preserving confidentiality and
usability of data outsourced to third-party clouds, we present two different
database encryption schemes that largely hide data but reveal enough
information to support a wide-range of relational queries. We provide a
security definition for database encryption that captures confidentiality based
on a notion of equivalence of databases from the adversary's perspective. As a
specific application, we adapt an existing algorithm for finding violations of
privacy policies to run on logs encrypted under our schemes and observe low to
moderate overheads.Comment: CCS 2015 paper technical report, in progres
Privacy Preserving Cyber Threat Intelligence Sharing Framework for Encrypted Analytics
This research focuses on the creation of an encrypted Cyber Threat Intelligence (CTI) sharing framework that supports encrypted data analytics with privacy preservation. It aims to support analytical computation in a centralized node without allowing that node to see any of the plain-text data.To enable privacy preservation of the data and its users, we structured the data into a graph structure that allows traversal over the encrypted data. We used Ciphertext-Policy Attribute-Based Encryption (CPABE), Deterministic Encryption (DE), and Order Revealing Encryption(ORE) to ensure end-to-end encrypted sharing of Cyber threat data. In this work we also cover CYBersecurity information EXchange with Privacy (CYBEX-P) and CYBEX-P with Encrypted Analytics, the precursor projects onwhich the framework is based. Our research aims to solve one of the biggest problems that CTI sharing has: securing the privacy of the data once it leaves the user’s premises. We focus on eliminating attack surfaces present in centralized systems, that is, the attack surface attackers had over the Backend and the surface the Backend has against the system. We also focused on maintaining as many capabilities of a CTI sharing platform, that is, CTI sharing and centralized analytics
- …