5,509 research outputs found
Raising the visibility of protected data: A pilot data catalog project
Sharing research data that is protected for legal, regulatory, or contractual reasons can be challenging and current mechanisms for doing so may act as barriers to researchers and discourage data sharing. Additionally, the infrastructure commonly used for open data repositories does not easily support responsible sharing of protected data. This chapter presents a case study of an academic university library’s work to configure the existing institutional data repository to function as a data catalog. By engaging in this project, university librarians strive to enhance visibility and access to protected datasets produced at the institution and cultivate a data sharing culture
Compelled Production of Encrypted Data
There is a myth that shadowy and powerful government agencies can crack the encryption software that criminals use to protect computers filled with child pornography and stolen credit card numbers. The reality is that cheap or free encryption programs can place protected data beyond law enforcement\u27s reach. If courts seriously mean to protect the victims of Internet crime--all too often children--then Congress must adopt a legal mechanism to remedy the technological deficiency.
To date, police and prosecutors have relied on subpoenas to either compel defendants to produce their password, or to decipher their protected data. This technique has been met with mixed success.
A better solution would be to couple a subpoena for the deciphered data with a warrant that specifies what and how to search. If the defendant refuses to produce the deciphered data, he can be held in contempt.
Where handing over protected data means the certainty of a lengthy prison sentence, some defendants will prefer contempt to compliance. Therefore, the court needs an additional legal mechanism to allow fact-finders to look into protected data. This Article proposes that when a defendant refuses to comply with a court order to produce deciphered data, the court should be able to issue a missing evidence instruction as a surrogate for actual inspection. If a warrant, a subpoena, and a contempt order cannot induce a defendant to decrypt his data, courts should issue an instruction that the fact-finder may presume that the missing data is incriminating
Building Confidential and Efficient Query Services in the Cloud with RASP Data Perturbation
With the wide deployment of public cloud computing infrastructures, using
clouds to host data query services has become an appealing solution for the
advantages on scalability and cost-saving. However, some data might be
sensitive that the data owner does not want to move to the cloud unless the
data confidentiality and query privacy are guaranteed. On the other hand, a
secured query service should still provide efficient query processing and
significantly reduce the in-house workload to fully realize the benefits of
cloud computing. We propose the RASP data perturbation method to provide secure
and efficient range query and kNN query services for protected data in the
cloud. The RASP data perturbation method combines order preserving encryption,
dimensionality expansion, random noise injection, and random projection, to
provide strong resilience to attacks on the perturbed data and queries. It also
preserves multidimensional ranges, which allows existing indexing techniques to
be applied to speedup range query processing. The kNN-R algorithm is designed
to work with the RASP range query algorithm to process the kNN queries. We have
carefully analyzed the attacks on data and queries under a precisely defined
threat model and realistic security assumptions. Extensive experiments have
been conducted to show the advantages of this approach on efficiency and
security.Comment: 18 pages, to appear in IEEE TKDE, accepted in December 201
- …