Progger: an efficient, tamper-evident kernel-space logger for cloud data provenance tracking

Cloud data provenance, or "what has happened to my data in the cloud", is a critical data security component which addresses pressing data accountability and data governance issues in cloud computing systems. In this paper, we present Progger (Provenance Logger), a kernel-space logger which potentially empowers all cloud stakeholders to trace their data. Logging from the kernel space empowers security analysts to collect provenance from the lowest possible atomic data actions, and enables several higher-level tools to be built for effective end-to-end tracking of data provenance. Within the last few years, there has been an increasing number of proposed kernel space provenance tools but they faced several critical data security and integrity problems. Some of these prior tools' limitations include (1) the inability to provide log tamper-evidence and prevention of fake/manual entries, (2) accurate and granular timestamp synchronisation across several machines, (3) log space requirements and growth, and (4) the efficient logging of root usage of the system. Progger has resolved all these critical issues, and as such, provides high assurance of data security and data activity audit. With this in mind, the paper will discuss these elements of high-assurance cloud data provenance, describe the design of Progger and its efficiency, and present compelling results which paves the way for Progger being a foundation tool used for data activity tracking across all cloud systems

Privacy-preserving encoding for cloud computing

Information in the cloud is under constant attack from cyber criminals as profitability increases; user privacy is also at risk with data being mined for monetary value – the new gold. A single leak could have devastating consequences for a person or organisation, yet users have limited control over their privacy. It is becoming clear that the current model for public cloud computing is flawed, where cloud vendors and their employees can no longer be trusted to protect user data. Privacy-preserving computation in the cloud keeps data private at all times but still remains functional, thus returning control of data back to users. The cloud could then perform operations using data that it cannot comprehend. The end-user would then be able to retrieve the results from the cloud and unlock the real answers. Homomorphic encryption is a solution for privacy-preserving processing, allowing computation over cipher text. At the time of writing, a fully homomorphic system allows arbitrary operations but requires minutes to compute an operation, whereas partially homomorphic encryption can only support a single operation, meaning it cannot be a generic solution to privacy-preserving computing. Another solution is multi-party computation, which uses a distributed approach built upon homomorphic encryption but currently suffers other limitations like reusability and lacks the ability to be truly dynamic. The primary objective of this research is to design a solution for the cloud that offers privacy-preserving data computation but provides performance and flexibility. A novel approach for multi-party computation is developed, where the combination of encoding and distribution helps provide the balance between security, performance and utility. Privacy is maintained by each distributed entity only receiving a small portion of the actual data through encoding, where attempting to brute-force the data results in a vast number of possibilities, similar to encryption. Functions are defined with universal or custom logic and are computed quickly, as the performance overhead is no longer computational but network latency. A cloud voting application was used for analysis between existing solutions and the novel approach taken by this research, which is able to add thousands of votes per minute, giving practical privacy-preserving processing in the cloud

Secure FPGA as a Service - Towards Secure Data Processing by Physicalizing the Cloud

Securely processing data in the cloud is still a difficult problem, even with homomorphic encryption and other privacy preserving schemes. Hardware solutions provide additional layers of security and greater performance over their software alternatives. However by definition the cloud should be flexible and adaptive, often viewed as abstracting services from products. By creating services reliant on custom hardware, the core essence of the cloud is lost. FPGAs bridge this gap between software and hardware with programmable logic, allowing the cloud to remain abstract. FPGA as a Service (FaaS) has been proposed for a greener cloud, but not for secure data processing. This paper explores the possibility of Secure FaaS in the cloud for privacy preserving data processing, describes the technologies required, identifies use cases, and highlights potential challenges

Privacy preserving computation by fragmenting individual bits and distributing gates

Solutions that allow the computation of arbitrary operations over data securely in the cloud are currently impractical. The holy grail of cryptography, fully homomorphic encryption, still requires minutes to compute a single operation. In order to provide a practical solution, this paper proposes taking a different approach to the problem of securely processing data. FRagmenting Individual Bits (FRIBs), a scheme which preserves user privacy by distributing bit fragments across many locations, is presented. Privacy is maintained by each server only receiving a small portion of the actual data, and solving for the rest results in a vast number of possibilities. Functions are defined with NAND logic gates, and are computed quickly as the performance overhead is shifted from computation to network latency. This paper details our proof of concept addition algorithm which took 346ms to add two 32-bit values-paving the way towards further improvements to get computations completed under 100ms

Anonymous Data Sharing Between Organisations with Elliptic Curve Cryptography

Promoting data sharing between organisations is challenging, without the added concerns over having actions traced. Even with encrypted search capabilities, the entities digital location and downloaded information can be traced, leaking information to the hosting organisation. This is a problem for law enforcement and government agencies, where any information leakage is not acceptable, especially for investigations. Anonymous routing is a technique to stop a host learning which agency is accessing information. Many related works for anonymous routing have been proposed, but are designed for Internet traffic, and are over complicated for internal usage. A streaming design for circuit creation is proposed using elliptic curve cryptography. Allowing for a simple anonymous routing solution, which provides fast performance with source and destination anonymity to other organisations

Secure voting in the cloud using homomorphic encryption and mobile agents

While governments are transitioning to the cloud to leverage efficiency, transparency and accessibility advantages, public opinion - the backbone of democracy - is being left behind. Statistics show that traditional paper voting is failing to reach the technological-savvy generation, with voter turnout decreasing every election for many first-world countries. Remote electronic voting is a possible solution facilitator to this problem, but it still faces several security, privacy and accountability concerns. This paper introduces a practical application of partially homomorphic encryption to help address these challenges. We describe a cloud-based mobile electronic voting scheme, evaluating its security against a list of requirements, and benchmarking performance on the cloud and mobile devices. In order to protect voter privacy, we propose moving away from a public bulletin board so that no individual cipher votes are saved, while still allowing vote verification. As the majority of the security threats faced by electronic voting are from the underlying system, we also introduce the novel concept of using a dedicated hardware server for homomorphic tallying and decryption

Visualizing the New Zealand Cyber Security Challenge for Attack Behaviors

Datasets are important for security analytics and mitigation processes in cyber security research and investigations. "Cyber security challenge (CSC)" events provide the means to collect datasets. The New Zealand National cyber security challenge event is designed to promote cyber security education, awareness and equally as important, collect datasets for research purposes. In this paper, we present the: (1) Importance of cyber security challenge events, (2) Highlight the importance of collecting datasets, and (3) present a user-centric security visualization model of attack behaviors. User-centric features with the theoretical concept of Data Provenance as a Security Visualization Service (DPaaSVS) reused to display attacks commencing at the reconnaissance stage through to compromising a defending team machine and exploiting the systems. DPaaSVS creates the ability for users to interact and observe correlations between cyber-attacks. Finally we provide future work on Security Visualization with Augmented Reality capabilities to enhance and improve user interactions with the security visualization platform

Using surveillance data to determine treatment rates and outcomes for patients with chronic hepatitis C virus infection

The aim of this work was to develop and validate an algorithm to monitor rates of, and response to, treatment of patients infected with hepatitis C virus (HCV) across England using routine laboratory HCV RNA testing data. HCV testing activity between January 2002 and December 2011 was extracted from the local laboratory information systems of a sentinel network of 23 laboratories across England. An algorithm based on frequency of HCV RNA testing within a defined time period was designed to identify treated patients. Validation of the algorithm was undertaken for one center by comparison with treatment data recorded in a clinical database managed by the Trent HCV Study Group. In total, 267,887 HCV RNA test results from 100,640 individuals were extracted. Of these, 78.9% (79,360) tested positive for viral RNA, indicating an active infection, 20.8% (16,538) of whom had a repeat pattern of HCV RNA testing suggestive of treatment monitoring. Annual numbers of individuals treated increased rapidly from 468 in 2002 to 3,295 in 2009, but decreased to 3,110 in 2010. Approximately two thirds (63.3%; 10,468) of those treated had results consistent with a sustained virological response, including 55.3% and 67.1% of those with a genotype 1 and non-1 virus, respectively. Validation against the Trent clinical database demonstrated that the algorithm was 95% sensitive and 93% specific in detecting treatment and 100% sensitive and 93% specific for detecting treatment outcome. Conclusions: Laboratory testing activity, collected through a sentinel surveillance program, has enabled the first country-wide analysis of treatment and response among HCV-infected individuals. Our approach provides a sensitive, robust, and sustainable method for monitoring service provision across Englan

CMB-S4: Forecasting Constraints on Primordial Gravitational Waves

CMB-S4---the next-generation ground-based cosmic microwave background (CMB) experiment---is set to significantly advance the sensitivity of CMB measurements and enhance our understanding of the origin and evolution of the Universe, from the highest energies at the dawn of time through the growth of structure to the present day. Among the science cases pursued with CMB-S4, the quest for detecting primordial gravitational waves is a central driver of the experimental design. This work details the development of a forecasting framework that includes a power-spectrum-based semi-analytic projection tool, targeted explicitly towards optimizing constraints on the tensor-to-scalar ratio, $r$, in the presence of Galactic foregrounds and gravitational lensing of the CMB. This framework is unique in its direct use of information from the achieved performance of current Stage 2--3 CMB experiments to robustly forecast the science reach of upcoming CMB-polarization endeavors. The methodology allows for rapid iteration over experimental configurations and offers a flexible way to optimize the design of future experiments given a desired scientific goal. To form a closed-loop process, we couple this semi-analytic tool with map-based validation studies, which allow for the injection of additional complexity and verification of our forecasts with several independent analysis methods. We document multiple rounds of forecasts for CMB-S4 using this process and the resulting establishment of the current reference design of the primordial gravitational-wave component of the Stage-4 experiment, optimized to achieve our science goals of detecting primordial gravitational waves for $r > 0.003$ at greater than $5\sigma$, or, in the absence of a detection, of reaching an upper limit of $r < 0.001$ at $95\%$ CL.Comment: 24 pages, 8 figures, 9 tables, submitted to ApJ. arXiv admin note: text overlap with arXiv:1907.0447

Evaluating the Effects of SARS-CoV-2 Spike Mutation D614G on Transmissibility and Pathogenicity.

Global dispersal and increasing frequency of the SARS-CoV-2 spike protein variant D614G are suggestive of a selective advantage but may also be due to a random founder effect. We investigate the hypothesis for positive selection of spike D614G in the United Kingdom using more than 25,000 whole genome SARS-CoV-2 sequences. Despite the availability of a large dataset, well represented by both spike 614 variants, not all approaches showed a conclusive signal of positive selection. Population genetic analysis indicates that 614G increases in frequency relative to 614D in a manner consistent with a selective advantage. We do not find any indication that patients infected with the spike 614G variant have higher COVID-19 mortality or clinical severity, but 614G is associated with higher viral load and younger age of patients. Significant differences in growth and size of 614G phylogenetic clusters indicate a need for continued study of this variant