1,115 research outputs found

    A Practical Framework for Storing and Searching Encrypted Data on Cloud Storage

    Full text link
    Security has become a significant concern with the increased popularity of cloud storage services. It comes with the vulnerability of being accessed by third parties. Security is one of the major hurdles in the cloud server for the user when the user data that reside in local storage is outsourced to the cloud. It has given rise to security concerns involved in data confidentiality even after the deletion of data from cloud storage. Though, it raises a serious problem when the encrypted data needs to be shared with more people than the data owner initially designated. However, searching on encrypted data is a fundamental issue in cloud storage. The method of searching over encrypted data represents a significant challenge in the cloud. Searchable encryption allows a cloud server to conduct a search over encrypted data on behalf of the data users without learning the underlying plaintexts. While many academic SE schemes show provable security, they usually expose some query information, making them less practical, weak in usability, and challenging to deploy. Also, sharing encrypted data with other authorized users must provide each document's secret key. However, this way has many limitations due to the difficulty of key management and distribution. We have designed the system using the existing cryptographic approaches, ensuring the search on encrypted data over the cloud. The primary focus of our proposed model is to ensure user privacy and security through a less computationally intensive, user-friendly system with a trusted third party entity. To demonstrate our proposed model, we have implemented a web application called CryptoSearch as an overlay system on top of a well-known cloud storage domain. It exhibits secure search on encrypted data with no compromise to the user-friendliness and the scheme's functional performance in real-world applications.Comment: 146 Pages, Master's Thesis, 6 Chapters, 96 Figures, 11 Table

    Préserver la vie privée des individus grâce aux Systèmes Personnels de Gestion des Données

    Get PDF
    Riding the wave of smart disclosure initiatives and new privacy-protection regulations, the Personal Cloud paradigm is emerging through a myriad of solutions offered to users to let them gather and manage their whole digital life. On the bright side, this opens the way to novel value-added services when crossing multiple sources of data of a given person or crossing the data of multiple people. Yet this paradigm shift towards user empowerment raises fundamental questions with regards to the appropriateness of the functionalities and the data management and protection techniques which are offered by existing solutions to laymen users. Our work addresses these questions on three levels. First, we review, compare and analyze personal cloud alternatives in terms of the functionalities they provide and the threat models they target. From this analysis, we derive a general set of functionality and security requirements that any Personal Data Management System (PDMS) should consider. We then identify the challenges of implementing such a PDMS and propose a preliminary design for an extensive and secure PDMS reference architecture satisfying the considered requirements. Second, we focus on personal computations for a specific hardware PDMS instance (i.e., secure token with mass storage of NAND Flash). In this context, we propose a scalable embedded full-text search engine to index large document collections and manage tag-based access control policies. Third, we address the problem of collective computations in a fully-distributed architecture of PDMSs. We discuss the system and security requirements and propose protocols to enable distributed query processing with strong security guarantees against an attacker mastering many colluding corrupted nodes.Surfant sur la vague des initiatives de divulgation restreinte de données et des nouvelles réglementations en matière de protection de la vie privée, le paradigme du Cloud Personnel émerge à travers une myriade de solutions proposées aux utilisateurs leur permettant de rassembler et de gérer l'ensemble de leur vie numérique. Du côté positif, cela ouvre la voie à de nouveaux services à valeur ajoutée lors du croisement de plusieurs sources de données d'un individu ou du croisement des données de plusieurs personnes. Cependant, ce changement de paradigme vers la responsabilisation de l'utilisateur soulève des questions fondamentales quant à l'adéquation des fonctionnalités et des techniques de gestion et de protection des données proposées par les solutions existantes aux utilisateurs lambda. Notre travail aborde ces questions à trois niveaux. Tout d'abord, nous passons en revue, comparons et analysons les alternatives de cloud personnel au niveau des fonctionnalités fournies et des modèles de menaces ciblés. De cette analyse, nous déduisons un ensemble général d'exigences en matière de fonctionnalité et de sécurité que tout système personnel de gestion des données (PDMS) devrait prendre en compte. Nous identifions ensuite les défis liés à la mise en œuvre d'un tel PDMS et proposons une conception préliminaire pour une architecture PDMS étendue et sécurisée de référence répondant aux exigences considérées. Ensuite, nous nous concentrons sur les calculs personnels pour une instance matérielle spécifique du PDMS (à savoir, un dispositif personnel sécurisé avec un stockage de masse de type NAND Flash). Dans ce contexte, nous proposons un moteur de recherche plein texte embarqué et évolutif pour indexer de grandes collections de documents et gérer des politiques de contrôle d'accès basées sur des étiquettes. Troisièmement, nous abordons le problème des calculs collectifs dans une architecture entièrement distribuée de PDMS. Nous discutons des exigences d'architectures système et de sécurité et proposons des protocoles pour permettre le traitement distribué des requêtes avec de fortes garanties de sécurité contre un attaquant maîtrisant de nombreux nœuds corrompus

    ACE: A Consent-Embedded privacy-preserving search on genomic database

    Full text link
    In this paper, we introduce ACE, a consent-embedded searchable encryption scheme. ACE enables dynamic consent management by supporting the physical deletion of associated data at the time of consent revocation. This ensures instant real deletion of data, aligning with privacy regulations and preserving individuals' rights. We evaluate ACE in the context of genomic databases, demonstrating its ability to perform the addition and deletion of genomic records and related information based on ID, which especially complies with the requirements of deleting information of a particular data owner. To formally prove that ACE is secure under non-adaptive attacks, we present two new definitions of forward and backward privacy. We also define a new hard problem, which we call D-ACE, that facilitates the proof of our theorem (we formally prove its hardness by a security reduction from DDH to D-ACE). We finally present implementation results to evaluate the performance of ACE

    SELL v1.0: Searchable Encrypted Logging Library

    Get PDF
    We present a practical solution to design a secure logging system that provides confidentiality, integrity, completeness, and non-repudiation. To the best of our knowledge, our solution is the first practical implementation of a logging system that brings all the above security aspects together. Our proposed library makes use of a Dynamic Searchable Symmetric Encryption (DSSE) scheme to provide keyword search operations through encrypted logs without decryption. This helps us to keep each log confidential, preventing unauthorized users from decrypting the encrypted logs. Moreover, we deploy a set of new features such as log sequence generation and digital signatures on top of the DSSE scheme, which makes our library a complete proof of concept solution for a secure logging system, providing all the necessary security assurances. We also analyze the library\u27s performance on a real setting, bootstrapping with 10,000 lines of logs. Based on our observation, the entire search operation for a keyword takes about 10 milliseconds. Although SELL v1.0 is developed purely in Python without any low level optimization, the benchmarks show promising timing results for all the operations

    Analysis of material efficiency aspects of personal computers product group

    Get PDF
    This report has been developed within the project ‘Technical support for environmental footprinting, material efficiency in product policy and the European Platform on Life Cycle Assessment’ (LCA) (2013-2017) funded by the Directorate-General for Environment. The report summarises the findings of the analysis of material-efficiency aspects of the personal-computer (PC) product group, namely durability, reusability, reparability and recyclability. It also aims to identify material-efficiency aspects which can be relevant for the current revision of the Ecodesign Regulation (EU) No 617/2013. Special focus was given to the content of EU critical raw materials (CRMs) ( ) in computers and computer components, and how to increase the efficient use of these materials, including material savings thanks to reuse and repair and recovery of the products at end of life. The analysis has been based mainly on the REAPro method ( ) developed by the Joint Research Centre for the material-efficiency assessment of products. This work has been carried out in the period June 2016-September 2017, in parallel with the development of The preparatory study on the review of Regulation 617/2013 (Lot 3) — computers and computer servers led by Viegand Maagøe and Vlaamse Instelling voor Technologisch Onderzoek NV (VITO) (2017) ( ). During this period, close communication was maintained with the authors of the preparatory study. This allowed ensuring consistency between input data and assumptions of the two studies. Moreover, outcomes of the present research were used as scientific basis for the preparatory study for the analysis of material-efficiency aspects for computers. The research has been differentiated as far as possible for different types of computers (i.e. tablet, notebooks and desktop computers). The report starts with the analysis of the technical and scientific background relevant for material-efficiency aspects of computers, such as market sales, expected lifetime, bill of materials, and a focus on the content of CRMs (especially cobalt in batteries, rare earths including neodymium in hard disk drives and palladium in printed circuit boards). Successively the report analyses the current practices for repair, reuse and recycling of computers. Based on results available from the literature, material efficiency of the product group has the potential to be improved, in particular the lifetime extension. The residence time ( ) of IT equipment put on the market in 2000 versus 2010 generally declined by approximately 10 % (Huisman et al., 2012), while consumers expressed their preference for durable goods, lasting considerably longer than they are typically used (Wieser and Tröger, 2016). Design barriers (such as difficulties for the disassembly of certain components or for their processing for data sanitisation) can hinder the repair and the reuse of products. Malfunction and accident rates are not negligible (IDC, 2016, 2010; SquareTrade, 2009) and difficulties in repair may bring damaged products to be discarded even if still functioning. Once a computer reaches the end of its useful life, it is addressed to ‘waste of electrical and electronic equipment’ (WEEE) recycling plants. Recycling of computers is usually based on a combination of manual dismantling of certain components (mainly components containing hazardous substances or valuable materials, e.g. batteries, printed circuit boards, display panels, data-storage components), followed by mechanical processing including shredding. The recycling of traditional desktop computers is perceived as non-problematic by recyclers, with the exception of some miniaturised new models (i.e. mini desktop computers), which still are not found in recycling plants and which could present some difficulties for the extraction of printed circuit boards and batteries (if present). The design of notebooks and tablets can originate some difficulties for the dismantling of batteries, especially for computers with compact design. Recycling of plastics from computers of all types is generally challenging due to the large use of different plastics with additives, such as flame retardants. According to all the interviewed recyclers, recycling of WEEE plastics with flame retardant is very poor or null with current technologies. Building on this analysis, the report then focuses on possible actions to improve material efficiency in computers, namely measures to improve (a) waste prevention, (b) repair and reuse and (c) design for recycling. The possible actions identified are listed hereinafter. (a) Waste prevention a.1 Implementation of dedicated functionality ( ) for the optimisation of the lifetime of batteries in notebooks: the lifetime of batteries could be extended by systematically implementing a preinstalled functionality on notebooks, which makes it possible to optimise the state of charge (SoC) of the battery when the device is used in grid operation (stationary). By preventing the battery remaining at full load when the notebook is in grid operation, the lifetime of batteries can be potentially extended by up to 50 %. Users could be informed about the existence and characteristics of such a functionality and the potential benefits related to its use. a.2 Decoupling external power supplies (EPS) from personal computers: the provision of information on the EPS specifications and the presence/absence of the EPS in the packaging of notebooks and tablets could facilitate the reuse by the consumer of already-available EPS with suitable characteristics. Such a measure could promote the use of common EPS across different devices, as well as the reuse of already-owned EPS. This would result in a reduction in material consumption for the production of unnecessary power supplies (and related packaging and transport) and overall a reduction of treatment of electronic waste. The International Electrotechnical Commission (IEC) technical specification (TS) 62700, the Standard Institute of Electrical and Electronics Engineers (IEEE) 1823 and Recommendation ITU-T L.1002 can be used to develop standards for the correct definition of connectors and power specifications. a.3 Provision of information about the durability of batteries: the analysis identified the existence of endurance tests suitable for the assessment of the durability of batteries in computers according to existing standards (e.g. EN 61960). The availability of information about these endurance tests could help users to get an indication on the residual capacity of the battery after a predefined number of charge/discharge cycles. Moreover, such information would allow for comparison between different products and potentially push the market towards longer-lasting batteries. a.4 Provision of information about the ‘liquid ingress protection (IP) class’ for personal computers: this can be assessed for a notebook or tablet by performing specific tests, developed according to existing standards (e.g. IEC 60529). Users can be informed about the level of protection of the computer against the ingress of liquids (e.g. dripping water or spraying water or water jets) and in this way prevent one of the most common causes of computer failure. The yearly rate of estimated material saving if dedicated functionality for the optimisation of the lifetime of batteries (a.1) were used ranges from around 2 360 to 5 400 tonnes (t) of different materials per year. About 450 t of cobalt, 100 t of lithium, 210 t of nickel and 730 t of copper could be saved every year. The estimated potential savings of materials when EPS are decoupled from notebooks and tablets (a.2) are in the range 2 300-4 600 t/year (80 % related to the notebook category, and 20 % to tablets). These values can be obtained when 10-20 % of notebooks and tablets are sold without an EPS, as users can reuse already-owned and compatible EPS. Under these conditions, for example, about 190-370 t of copper can be saved every year. This estimate may increase when the same EPS can be used for both notebooks and tablets (at the moment the assessment is based on the assumption that the two product types were kept separated). Further work is needed to assess the potential improvements thanks to the provision of information about the durability of batteries (a.3), and about the ‘liquid-IP class’ (a.4). The former option (a.3) has the potential to boost competition among battery manufacturers, resulting in more durable products. The latter option (a.4) has the potential to reduce computer damage due to liquid spillage, ranked among the most recurrent failure modes. (b) Repair/reuse b.1 and b.2 Provision of information to facilitate computer disassembly: the disassembly of relevant components (such as the display panel, keyboard, data storage, batteries, memory and internal power-supply units) plays a key role to enhance repair and reuse of personal computers. Some actions have therefore been discussed (b.1) to provide professional repair operators with documentation about the sequence of disassembly, extraction, replacement and reassembly operations needed for each relevant component of personal computers, and (b.2) to provide end-users with specific information about the disassembly and replacement of batteries in notebooks and tablets. b.3 Secure data deletion for personal computers: this is the process of deliberately, permanently and irreversibly erasing all traces of existing data from storage media, overwriting the data completely in such a way that access to the original data, or parts of them, becomes infeasible for a given level of effort. Secure data deletion is essential for the security of personal data and to allow the reuse of computers by a different user. Secure data deletion for personal computers can be ensured by means of built-in functionality. A number of existing national standards (HMG IS Standard No 5 (the United Kingdom), DIN 66399 (Germany), NIST 800-88r1 (the United States (US)) can be used as a basis to start standardisation activities on secure data deletion. The estimated potential savings of materials due to the provision of information and tools to facilitate computer disassembly were quantified in the range of 150-620 t/year for mobile computers (notebooks and tablets) within the first 2 years of use, and in the range of 610 2 460 t/year for mobile computers older than 2 years. Secure data deletion of personal computers, instead, is considered a necessary prerequisite to enhance reuse. The need to take action on this is related to policies on privacy and protection of personal data, as the General Data Protection Regulation (EU) 2016/679 and in particular its Article 25 on ‘data protection by design and by default’. Future work is needed to strengthen the analysis, however it was estimated that secure data deletion has the potential to double volume of desktop, notebook and tablet computers reused after the first useful lifetime. (c) Recyclability c.1 Provision of information to facilitate computer dismantling: computers could be designed so that crucial components for material aspects (e.g. content of hazardous substances and/or valuable materials) can be easily identified and extracted in order to be processed by means of specific recycling treatments. Design for dismantling can focus on components listed in Annex VII of the WEEE directive ( ). The ‘ease of dismantling’ can be supported by the provision of relevant information (such as a diagram of the product showing the location of the components, the content of hazardous substances, instructions on the sequence of operations needed to remove these components, including type and number of fastening techniques to be unlocked, and tool(s) required). c.2 Marking of plastic components: although all plastics are theoretically recyclable, in practice the recyclability of plastics in computers is generally low, mainly due to the large amount of different plastic components with flame retardants (FRs) and other additives. Marking of plastic components according to existing standards (e.g. ISO 11469 and ISO 1043 series) can facilitate identification and sorting of plastic components during the manual dismantling steps of the recycling. c.3 FR content: according to all the recyclers interviewed, FRs are a major barrier to plastics recycling. Current mechanical-sorting processes of shredded plastics are characterised by low efficiency, while innovative sorting systems are still at the pilot stage and have been shown to be effective only in certain cases. Therefore, the provision of information on the content of FRs in plastic components is a first step to contribute to the improvement of plastics recycling. Plastics marking (as discussed above) can contribute to the separation of plastics with FRs during the manual dismantling, allowing for their recycling at higher rates (in line with the prescription of IEC/TR 62635, 2015). However, detailed information about FRs content could be given in a more systematised way, for example through the development of specific indexes. These indexes could support recyclers in checking the use of FRs in computers and in developing future processes and technologies suitable for plastics recycling. Moreover, these indexes could support policymakers in monitoring the use of FRs in the products and, in the medium-long term, to promote products that use smaller quantities of FRs. An example of a FR content index is provided in this report. c.4 Battery marks: the identification of the chemistry type of batteries in computers is necessary in order to have efficient identification and sorting, and thus to improve the material efficiency during the recycling. It is proposed to start standardisation activities to establish standard marking symbols for batteries. The examples of the ‘battery-recycle mark’, developed by the Battery Association of Japan (BAJ), and the current standardisation activities for the IEC 62902 (standard marking symbols for batteries with a volume higher than 900 cm3) may be used as references to develop ad hoc standards. The benefits of actions for the design for recycling can be relevant. In particular, the proposed actions should contribute to increase the amounts of materials that will be recycled (6 350-8 900 t/year), in particular plastics (5 950-7 960 t/year of additional plastics), but also metals such as cobalt (55-110 t), copper (240-610 t), rare earths as neodymium and dysprosium (2 7 t) and various precious metals (gold (0.1-0.4 t), palladium (0.1-0.4 t) and silver (2 7 t)). Compared to the amount of materials recycled in the EU (2012 data), these values would represent a recycling increase of 1-2 % for cobalt, 2-5 % for palladium, and 13-50 % for rare earths.JRC.D.3-Land Resource

    Data security in cloud storage services

    Get PDF
    Cloud Computing is considered to be the next-generation architecture for ICT where it moves the application software and databases to the centralized large data centers. It aims to offer elastic IT services where clients can benefit from significant cost savings of the pay-per-use model and can easily scale up or down, and do not have to make large investments in new hardware. However, the management of the data and services in this cloud model is under the control of the provider. Consequently, the cloud clients have less control over their outsourced data and they have to trust cloud service provider to protect their data and infrastructure from both external and internal attacks. This is especially true with cloud storage services. Nowadays, users rely on cloud storage as it offers cheap and unlimited data storage that is available for use by multiple devices (e.g. smart phones, tablets, notebooks, etc.). Besides famous cloud storage providers, such as Amazon, Google, and Microsoft, more and more third-party cloud storage service providers are emerging. These services are dedicated to offering more accessible and user friendly storage services to cloud customers. Examples of these services include Dropbox, Box.net, Sparkleshare, UbuntuOne or JungleDisk. These cloud storage services deliver a very simple interface on top of the cloud storage provided by storage service providers. File and folder synchronization between different machines, sharing files and folders with other users, file versioning as well as automated backups are the key functionalities of these emerging cloud storage services. Cloud storage services have changed the way users manage and interact with data outsourced to public providers. With these services, multiple subscribers can collaboratively work and share data without concerns about their data consistency, availability and reliability. Although these cloud storage services offer attractive features, many customers have not adopted these services. Since data stored in these services is under the control of service providers resulting in confidentiality and security concerns and risks. Therefore, using cloud storage services for storing valuable data depends mainly on whether the service provider can offer sufficient security and assurance to meet client requirements. From the way most cloud storage services are constructed, we can notice that these storage services do not provide users with sufficient levels of security leading to an inherent risk on users\u27 data from external and internal attacks. These attacks take the form of: data exposure (lack of data confidentiality); data tampering (lack of data integrity); and denial of data (lack of data availability) by third parties on the cloud or by the cloud provider himself. Therefore, the cloud storage services should ensure the data confidentiality in the following state: data in motion (while transmitting over networks), data at rest (when stored at provider\u27s disks). To address the above concerns, confidentiality and access controllability of outsourced data with strong cryptographic guarantee should be maintained. To ensure data confidentiality in public cloud storage services, data should be encrypted data before it is outsourced to these services. Although, users can rely on client side cloud storage services or software encryption tools for encrypting user\u27s data; however, many of these services fail to achieve data confidentiality. Box, for example, does not encrypt user files via SSL and within Box servers. Client side cloud storage services can intentionally/unintentionally disclose user decryption keys to its provider. In addition, some cloud storage services support convergent encryption for encrypting users\u27 data exposing it to “confirmation of a file attack. On the other hand, software encryption tools use full-disk encryption (FDE) which is not feasible for cloud-based file sharing services, because it encrypts the data as virtual hard disks. Although encryption can ensure data confidentiality; however, it fails to achieve fine-grained access control over outsourced data. Since, public cloud storage services are managed by un-trusted cloud service provider, secure and efficient fine-grained access control cannot be realized through these services as these policies are managed by storage services that have full control over the sharing process. Therefore, there is not any guarantee that they will provide good means for efficient and secure sharing and they can also deduce confidential information about the outsourced data and users\u27 personal information. In this work, we would like to improve the currently employed security measures for securing data in cloud store services. To achieve better data confidentiality for data stored in the cloud without relying on cloud service providers (CSPs) or putting any burden on users, in this thesis, we designed a secure cloud storage system framework that simultaneously achieves data confidentiality, fine-grained access control on encrypted data and scalable user revocation. This framework is built on a third part trusted (TTP) service that can be employed either locally on users\u27 machine or premises, or remotely on top of cloud storage services. This service shall encrypts users data before uploading it to the cloud and decrypts it after downloading from the cloud; therefore, it remove the burden of storing, managing and maintaining encryption/decryption keys from data owner\u27s. In addition, this service only retains user\u27s secret key(s) not data. Moreover, to ensure high security for these keys, it stores them on hardware device. Furthermore, this service combines multi-authority ciphertext policy attribute-based encryption (CP-ABE) and attribute-based Signature (ABS) for achieving many-read-many-write fine-grained data access control on storage services. Moreover, it efficiently revokes users\u27 privileges without relying on the data owner for re-encrypting massive amounts of data and re-distributing the new keys to the authorized users. It removes the heavy computation of re-encryption from users and delegates this task to the cloud service provider (CSP) proxy servers. These proxy servers achieve flexible and efficient re-encryption without revealing underlying data to the cloud. In our designed architecture, we addressed the problem of ensuring data confidentiality against cloud and against accesses beyond authorized rights. To resolve these issues, we designed a trusted third party (TTP) service that is in charge of storing data in an encrypted format in the cloud. To improve the efficiency of the designed architecture, the service allows the users to choose the level of severity of the data and according to this level different encryption algorithms are employed. To achieve many-read-many-write fine grained access control, we merge two algorithms (multi-authority ciphertext policy attribute-based encryption (MA- CP-ABE) and attribute-based Signature (ABS)). Moreover, we support two levels of revocation: user and attribute revocation so that we can comply with the collaborative environment. Last but not least, we validate the effectiveness of our design by carrying out a detailed security analysis. This analysis shall prove the correctness of our design in terms of data confidentiality each stage of user interaction with the cloud

    Searching on Encrypted Data

    Get PDF
    • …
    corecore