scholarly journals Provable Security for Outsourcing Database Operations

Cyber Crime ◽  
2013 ◽  
pp. 1603-1619
Author(s):  
Sergei Evdokimov ◽  
Matthias Fischmann ◽  
Oliver Günther
Keyword(s):  
Service Providers ◽  
Security And Privacy ◽  
Data Sets ◽  
Database Outsourcing ◽  
Confidential Data ◽  
Encryption Schemes ◽  
Database Operations ◽  
Definition Of ◽  
Database Service ◽  
Privacy Risks

Database outsourcing has become popular in recent years, although it introduces substantial security and privacy risks. In many applications, users may not want to reveal their data even to a generally trusted database service provider. Several researchers have proposed encryption schemes, such as privacy homomorphisms, that allow service providers to process confidential data sets without learning too much about them. In this paper, the authors discuss serious flaws of these solutions. The authors then present a new definition of security for homomorphic database encryption schemes that avoids these flaws and show that it is difficult to build a privacy homomorphism that complies with this definition. As a practical compromise, the authors present a relaxed variant of the security definition and discuss arising security implications. They present a new method to construct encryption schemes for exact selects and prove that the resulting schemes satisfy this notion.

scholarly journals Provable Security for Outsourcing Database Operations

2010 ◽  
Vol 4 (1) ◽  
pp. 1-17 ◽  
Author(s):  
Sergei Evdokimov ◽  
Matthias Fischmann ◽  
Oliver Günther
Keyword(s):  
Service Providers ◽  
Security And Privacy ◽  
Data Sets ◽  
Database Outsourcing ◽  
Confidential Data ◽  
Encryption Schemes ◽  
Database Operations ◽  
Definition Of ◽  
Database Service ◽  
Privacy Risks

Database outsourcing has become popular in recent years, although it introduces substantial security and privacy risks. In many applications, users may not want to reveal their data even to a generally trusted database service provider. Several researchers have proposed encryption schemes, such as privacy homomorphisms, that allow service providers to process confidential data sets without learning too much about them. In this paper, the authors discuss serious flaws of these solutions. The authors then present a new definition of security for homomorphic database encryption schemes that avoids these flaws and show that it is difficult to build a privacy homomorphism that complies with this definition. As a practical compromise, the authors present a relaxed variant of the security definition and discuss arising security implications. They present a new method to construct encryption schemes for exact selects and prove that the resulting schemes satisfy this notion.

scholarly journals Modelling imperfect knowledge via location semantics for realistic privacy risks estimation in trajectory data

2022 ◽  
Vol 12 (1) ◽  
Author(s):  
Stefano Bennati ◽  
Aleksandra Kovacevic
Keyword(s):  
Service Providers ◽  
Flow Analysis ◽  
Location Based Services ◽  
Location Based Service ◽  
Mobility Patterns ◽  
Trajectory Data ◽  
Imperfect Knowledge ◽  
Spatio Temporal ◽  
Definition Of ◽  
Privacy Risks

AbstractMobility patterns of vehicles and people provide powerful data sources for location-based services such as fleet optimization and traffic flow analysis. Location-based service providers must balance the value they extract from trajectory data with protecting the privacy of the individuals behind those trajectories. Reaching this goal requires measuring accurately the values of utility and privacy. Current measurement approaches assume adversaries with perfect knowledge, thus overestimate the privacy risk. To address this issue, we introduce a model of an adversary with imperfect knowledge about the target. The model is based on equivalence areas, spatio-temporal regions with a semantic meaning, e.g. the target’s home, whose size and accuracy determine the skill of the adversary. We then derive the standard privacy metrics of k-anonymity, l-diversity and t-closeness from the definition of equivalence areas. These metrics can be computed on any dataset, irrespective of whether and what kind of anonymization has been applied to it. This work is of high relevance to all service providers acting as processors of trajectory data who want to manage privacy risks and optimize the privacy vs. utility trade-off of their services.

scholarly journals Deniable Attribute-based Encryption in Audit-free Cloud Environment

2019 ◽  
Vol 9 (2) ◽  
pp. 4767-4771
Keyword(s):  
Cloud Computing ◽  
Distributed Computing ◽  
Special Needs ◽  
Service Providers ◽  
Distributed Storage ◽  
Cloud Environment ◽  
Government Control ◽  
Attribute Based Encryption ◽  
Confidential Data ◽  
Encryption Schemes

Due to higher need of memory and other special needs, cloud computing has become very popular. Many cloud encryption schemes are introduced to increase the protection of the files stored in the cloud. These encryption schemes are said to be safe and cannot be hacked. But in some case, due to some circumstances, certain authorities may force service providers to reveal the confidential data stored in the cloud. Thus making the cloud computing to lose its trust from the users in this paper, we are introducing our structure of another encryption conspire, which empowers distributed storage suppliers to make persuading counterfeit regarding the information put away in the cloud. Along these lines making the coercers, befuddled to see the acquired insider facts as obvious or not.so this sort of encryption makes the distributed computing progressively reliable. The greater part of the plans still accept that the specialist organizations are sheltered from hacking and can be trusted. Yet, practically speaking, a few elements may capture the correspondence among clients and specialist co-ops, convincing the specialist co-ops to discharge the information by controlling government control or other means.so for this situation, the encryptions are believed to be fizzled and the information which are regarded to be classified or mystery are discharged to these elements.

scholarly journals Deniable Attribute-based Encryption in Audit-free Cloud Environment

2020 ◽  
Vol 9 (3) ◽  
pp. 520-523
Keyword(s):  
Cloud Computing ◽  
Distributed Computing ◽  
Special Needs ◽  
Service Providers ◽  
Distributed Storage ◽  
Cloud Environment ◽  
Government Control ◽  
Attribute Based Encryption ◽  
Confidential Data ◽  
Encryption Schemes

Due to higher need of memory and other special needs, cloud computing has become very popular. Many cloud encryption schemes are introduced to increase the protection of the files stored in the cloud. These encryption schemes are said to be safe and cannot be hacked. But in some case, due to some circumstances, certain authorities may force service providers to reveal the confidential data stored in the cloud. Thus making the cloud computing to lose its trust from the users in this paper, we are introducing our structure of another encryption conspire, which empowers distributed storage suppliers to make persuading counterfeit regarding the information put away in the cloud. Along these lines making the coercers, befuddled to see the acquired insider facts as obvious or not.so this sort of encryption makes the distributed computing progressively reliable. The greater part of the plans still accept that the specialist organizations are sheltered from hacking and can be trusted. Yet, practically speaking, a few elements may capture the correspondence among clients and specialist co-ops, convincing the specialist co-ops to discharge the information by controlling government control or other means.so for this situation, the encryptions are believed to be fizzled and the information which are regarded to be classified or mystery are discharged to these elements.

scholarly journals Reducing Metadata Leakage from Encrypted Files and Communication with PURBs

2019 ◽  
Vol 2019 (4) ◽  
pp. 6-33 ◽  
Author(s):  
Kirill Nikitin ◽  
Ludovic Barman ◽  
Wouter Lueks ◽  
Matthew Underwood ◽  
Jean-Pierre Hubaux ◽  
...  
Keyword(s):  
Information Leakage ◽  
Maximum Length ◽  
Security And Privacy ◽  
Full Membership ◽  
Encrypted Data ◽  
Data Formats ◽  
Public Keys ◽  
Encryption Schemes ◽  
Privacy Risks ◽  
E Mail

Abstract Most encrypted data formats leak metadata via their plaintext headers, such as format version, encryption schemes used, number of recipients who can decrypt the data, and even the recipients’ identities. This leakage can pose security and privacy risks to users, e.g., by revealing the full membership of a group of collaborators from a single encrypted e-mail, or by enabling an eavesdropper to fingerprint the precise encryption software version and configuration the sender used. We propose that future encrypted data formats improve security and privacy hygiene by producing Padded Uniform Random Blobs or PURBs: ciphertexts indistinguishable from random bit strings to anyone without a decryption key. A PURB’s content leaks nothing at all, even the application that created it, and is padded such that even its length leaks as little as possible. Encoding and decoding ciphertexts with no cleartext markers presents efficiency challenges, however. We present cryptographically agile encodings enabling legitimate recipients to decrypt a PURB efficiently, even when encrypted for any number of recipients’ public keys and/or passwords, and when these public keys are from different cryptographic suites. PURBs employ Padmé, a novel padding scheme that limits information leakage via ciphertexts of maximum length M to a practical optimum of O(log log M) bits, comparable to padding to a power of two, but with lower overhead of at most 12% and decreasing with larger payloads.

Data Security and Privacy Requirements in Edge Computing

2021 ◽  
pp. 171-187
Author(s):  
Chinnasamy P. ◽  
Rojaramani D. ◽  
Praveena V. ◽  
Annlin Jeba S. V. ◽  
Bensujin B.
Keyword(s):  
Information Security ◽  
Data Security ◽  
State Of The Art ◽  
Edge Computing ◽  
Security And Privacy ◽  
Privacy And Security ◽  
Research Directions ◽  
Privacy Requirements ◽  
Definition Of ◽  
Privacy Risks

Several researchers analyzed the information security problems in edge computing, though not all studied the criteria for security and confidentiality in detail. This chapter intends to extensively evaluate the edge computing protection and confidentiality standards and the different technical approaches utilized by the technologies often used mitigate the risks. This study describes the latest research and emphasizes the following: (1) the definition of edge computing protection and confidentiality criteria, (2) state-of-the-art strategies used to mitigate protection and privacy risks, (3) developments in technical approaches, (4) measures used to measure the efficiency of interventions, (5) the categorization of threats on the edge device and the related technical pattern used to mitigate the attackers, and (6) research directions for potential professionals in the field of edge devices privacy and security.

scholarly journals A Multi-Tiered Framework for Insider Threat Prevention

Electronics ◽  
2021 ◽  
Vol 10 (9) ◽  
pp. 1005
Author(s):  
Rakan A. Alsowail ◽  
Taher Al-Shehari
Keyword(s):  
Real World ◽  
Relevant Literature ◽  
Security And Privacy ◽  
Insider Threat ◽  
Unified Framework ◽  
Insider Threats ◽  
Public And Private ◽  
Private Organizations ◽  
Confidential Data ◽  
Real Value

As technologies are rapidly evolving and becoming a crucial part of our lives, security and privacy issues have been increasing significantly. Public and private organizations have highly confidential data, such as bank accounts, military and business secrets, etc. Currently, the competition between organizations is significantly higher than before, which triggers sensitive organizations to spend an excessive volume of their budget to keep their assets secured from potential threats. Insider threats are more dangerous than external ones, as insiders have a legitimate access to their organization’s assets. Thus, previous approaches focused on some individual factors to address insider threat problems (e.g., technical profiling), but a broader integrative perspective is needed. In this paper, we propose a unified framework that incorporates various factors of the insider threat context (technical, psychological, behavioral and cognitive). The framework is based on a multi-tiered approach that encompasses pre, in and post-countermeasures to address insider threats in an all-encompassing perspective. It considers multiple factors that surround the lifespan of insiders’ employment, from the pre-joining of insiders to an organization until after they leave. The framework is utilized on real-world insider threat cases. It is also compared with previous work to highlight how our framework extends and complements the existing frameworks. The real value of our framework is that it brings together the various aspects of insider threat problems based on real-world cases and relevant literature. This can therefore act as a platform for general understanding of insider threat problems, and pave the way to model a holistic insider threat prevention system.

scholarly journals Privacy vs. Reward in Indoor Location-Based Services

2016 ◽  
Vol 2016 (4) ◽  
pp. 102-122 ◽  
Author(s):  
Kassem Fawaz ◽  
Kyu-Han Kim ◽  
Kang G. Shin
Keyword(s):  
Location Privacy ◽  
Indoor Localization ◽  
Service Providers ◽  
Location Based Services ◽  
Location Information ◽  
Privacy Concerns ◽  
Indoor Location ◽  
Location Data ◽  
Personalized Services ◽  
Privacy Risks

AbstractWith the advance of indoor localization technology, indoor location-based services (ILBS) are gaining popularity. They, however, accompany privacy concerns. ILBS providers track the users’ mobility to learn more about their behavior, and then provide them with improved and personalized services. Our survey of 200 individuals highlighted their concerns about this tracking for potential leakage of their personal/private traits, but also showed their willingness to accept reduced tracking for improved service. In this paper, we propose PR-LBS (Privacy vs. Reward for Location-Based Service), a system that addresses these seemingly conflicting requirements by balancing the users’ privacy concerns and the benefits of sharing location information in indoor location tracking environments. PR-LBS relies on a novel location-privacy criterion to quantify the privacy risks pertaining to sharing indoor location information. It also employs a repeated play model to ensure that the received service is proportionate to the privacy risk. We implement and evaluate PR-LBS extensively with various real-world user mobility traces. Results show that PR-LBS has low overhead, protects the users’ privacy, and makes a good tradeoff between the quality of service for the users and the utility of shared location data for service providers.

Sign in / Sign up

Export Citation Format

Share Document