257,432 research outputs found
An Effective Private Data storage and Retrieval System using Secret sharing scheme based on Secure Multi-party Computation
Privacy of the outsourced data is one of the major challenge.Insecurity of
the network environment and untrustworthiness of the service providers are
obstacles of making the database as a service.Collection and storage of
personally identifiable information is a major privacy concern.On-line public
databases and resources pose a significant risk to user privacy, since a
malicious database owner may monitor user queries and infer useful information
about the customer.The challenge in data privacy is to share data with
third-party and at the same time securing the valuable information from
unauthorized access and use by third party.A Private Information Retrieval(PIR)
scheme allows a user to query database while hiding the identity of the data
retrieved.The naive solution for confidentiality is to encrypt data before
outsourcing.Query execution,key management and statistical inference are major
challenges in this case.The proposed system suggests a mechanism for secure
storage and retrieval of private data using the secret sharing technique.The
idea is to develop a mechanism to store private information with a highly
available storage provider which could be accessed from anywhere using queries
while hiding the actual data values from the storage provider.The private
information retrieval system is implemented using Secure Multi-party
Computation(SMC) technique which is based on secret sharing. Multi-party
Computation enable parties to compute some joint function over their private
inputs.The query results are obtained by performing a secure computation on the
shares owned by the different servers.Comment: Data Science & Engineering (ICDSE), 2014 International Conference,
CUSA
Private hospital workflow optimization via secure k-means clustering
Optimizing the workflow of a complex organization such as a hospital is a difficult task. An accurate option is to use a real-time locating system to track locations of both patients and staff. However, privacy regulations forbid hospital management to assess location data of their staff members. In this exploratory work, we propose a secure solution to analyze the joined location data of patients and staff, by means of an innovative cryptographic technique called Secure Multi-Party Computation, in which an additional entity that the staff members can trust, such as a labour union, takes care of the staff data. The hospital, owning location data of patients, and the labour union perform a two-party protocol, in which they securely cluster the staff members by means of the frequency of their patient facing times. We describe the secure solution in detail, and evaluate the performance of our proof-of-concept. This work thus demonstrates the feasibility of secure multi-party clustering in this setting
MAGE: Nearly Zero-Cost Virtual Memory for Secure Computation
Secure Computation (SC) is a family of cryptographic primitives for computing
on encrypted data in single-party and multi-party settings. SC is being
increasingly adopted by industry for a variety of applications. A significant
obstacle to using SC for practical applications is the memory overhead of the
underlying cryptography. We develop MAGE, an execution engine for SC that
efficiently runs SC computations that do not fit in memory. We observe that,
due to their intended security guarantees, SC schemes are inherently oblivious
-- their memory access patterns are independent of the input data. Using this
property, MAGE calculates the memory access pattern ahead of time and uses it
to produce a memory management plan. This formulation of memory management,
which we call memory programming, is a generalization of paging that allows
MAGE to provide a highly efficient virtual memory abstraction for SC. MAGE
outperforms the OS virtual memory system by up to an order of magnitude, and in
many cases, runs SC computations that do not fit in memory at nearly the same
speed as if the underlying machines had unbounded physical memory to fit the
entire computation.Comment: 19 pages; Accepted to OSDI 202
MARTSIA: Enabling Data Confidentiality for Blockchain-based Process Execution
Multi-party business processes rely on the collaboration of various players
in a decentralized setting. Blockchain technology can facilitate the automation
of these processes, even in cases where trust among participants is limited.
Transactions are stored in a ledger, a replica of which is retained by every
node of the blockchain network. The operations saved thereby are thus publicly
accessible. While this enhances transparency, reliability, and persistence, it
hinders the utilization of public blockchains for process automation as it
violates typical confidentiality requirements in corporate settings. In this
paper, we propose MARTSIA: A Multi-Authority Approach to Transaction Systems
for Interoperating Applications. MARTSIA enables precise control over process
data at the level of message parts. Based on Multi-Authority Attribute-Based
Encryption (MA-ABE), MARTSIA realizes a number of desirable properties,
including confidentiality, transparency, and auditability. We implemented our
approach in proof-of-concept prototypes, with which we conduct a case study in
the area of supply chain management. Also, we show the integration of MARTSIA
with a state-of-the-art blockchain-based process execution engine to secure the
data flow
A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view
- …