Tuesday, 23 April 2013

4 Papers reviewed:

Jin Li; Gansen Zhao; Xiaofeng Chen; Dongqing Xie; Chunming Rong; Wenjun Li; Lianzhang Tang; Yong Tang, "Fine-Grained Data Access Control Systems with User Accountability in Cloud Computing," Cloud Computing Technology and Science (CloudCom), 2010 IEEE Second International Conference on, vol., no., pp.89,96, Nov. 30 2010-Dec. 3 2010
doi: 10.1109/CloudCom.2010.44

Key Points:
  • PROBLEM: How to provide data security and access control for outsourced sensitive data sharing via Cloud. Also how to prevent illegal key sharing among dishonest authorised users.
    • For each file, achieves to define and enforce access policies based on attributes in the system. Can only access file is user attributes satisfy the file access structure. A file is encrypted with a symmetric key. This key is then encapsulated using the CP-ABE scheme. Users can decrypt the key if they possess attributes according to the CP-ABE scheme and consequently decrypt the data itself.
    • Achieve user accountability in fine-grained data access control systems. Implemented by traitor tracing technique.
    • Deploy Cloud servers to carry out revocation operations
  • Complexity of file encryption only related to number of access policies associated with file and not number of users
  • Creation and deletion of files and users only affect the file/user in question and doesn’t involve system wide updates or rekeying.
  • The heavy operations of user revocation is delegated to Cloud. Even though burden is off user, it still not a clean solution as the Cloud may have to deal with millions of heavy revocation operations.

Gerome Miklau and Dan Suciu. 2003. Controlling access to published data using cryptography. InProceedings of the 29th international conference on Very large data bases - Volume 29 (VLDB '03), Johann Christoph Freytag, Peter C. Lockemann, Serge Abiteboul, Michael J. Carey, Patricia G. Selinger, and Andreas Heuer (Eds.), Vol. 29. VLDB Endowment 898-909.

Key Points:
  • PROBLEM: Trust, privacy and security issues involved when sharing data are immense, however imperative when users are encouraged or forced.
    • Provides protection of XML files
    • Data owner defines a high-level access policies which converts to queries and later provides a single “protection” for XML data.
    • A logical data model for these protections is introduced.
    • Shows how to perform encryptions using W3C Recommendation “XML Encryption Syntax”
  • Not really relevant to allowing data owner access control over his data in distributed systems.

Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, and Pierangela Samarati. 2007. A data outsourcing architecture combining cryptography and access control. In Proceedings of the 2007 ACM workshop on Computer security architecture (CSAW '07). ACM, New York, NY, USA, 63-69. DOI=10.1145/1314466.1314477 http://doi.acm.org/10.1145/1314466.1314477

Key Points:
  • PROBLEM: Enforcement of authorisation policies and the support of policy updates when outsourcing data on untrusted external servers.
    • Data encrypted as the data owner stores data on an external server.
    • Authorisations and encryption are merged thus allowing access control enforcement to be outsourced together with the data.
  • Relies solely on cryptography for the protection and confidentiality of data.
  • Data owner does not need to be involved in the enforcement, only to specify the policy.
  • The paper does not handle the illegal key sharing problem.

Michael S. Kirkpatrick and Sam Kerr. 2011. Enforcing physically restricted access control for remote data. In Proceedings of the first ACM conference on Data and application security and privacy (CODASPY '11). ACM, New York, NY, USA, 203-212. DOI=10.1145/1943513.1943540 http://doi.acm.org/10.1145/1943513.1943540

Key Points:
  • PROBLEM: Restricting access only to known, trusted devices.
    • Proposes the idea of physically restricted access control where a data access can only be accessed on unique devices characterised by physically unclonable functions (PUF).
    • Defines protocols for registering a device and making an access request.
    • Presents a prototype implementation of a client-server architecture which includes the creation of a PUF.
  • Provides best level of security when data sharing as data owner can nearly guarantee that his data is being viewed by the right data consumer.
  • Lower chance of data leakage.

eHealth Journal Paper: 

- Notified by publisher that minor revision required.
- Currently working on the revision

eHealth Demo:
- Successfully coded initial phase of protocol.
- Database and web services set up with minimal functionality

ACM CCS Conference Paper:
- Started writing Abstract of paper
- Currently working on Introduction

Tuesday, 9 April 2013

7 papers reviewed:
 Adaptive Data Protection in Distributed Systems A. Squicciarini, G. Petracca, E. Bertino. Third ACM Conference on Data and Application Security and Privacy (CODASPY), February 2013.

Key Points:

  • MOTIVATION: Ensure customer's data protection policies are honored regardless of where the data is physically stored and how often it is accessed, modified and duplicated.
  • PROBLEM: Ensuring policies associated with data distributed across domain (regardless of where the data is physically stored and how often it is accessed, modified, and duplicated) are honored is an important challenge. Data in the Cloud is stored and replicated in multiple locations around the world and it is important that jurisdiction laws are obeyed but also privacy of data owner is maintained
  • CONTRIBUTION: The paper uses self-controlling objects to protect data and enforce policies set out by the data owner to be maintained.
    • Innovative policy-enforcement techniques for adaptive sharing of user's outsourced data.
    • Uses the idea of self-controlling objects (SCOs), that encapsulate sensitive resources such as images, video, text, etc and assure their protection through the provision of adaptive security policies. SCOs use Java JAR technology.
    • The security of objects stored in JARs is managed by CP-ABE schemes
  • The data is encapsulated in JAR files which makes it portable and usable in any hardware, operating system, etc that has installed the popular Java Runtime Environment.
  • When modifications take place on one computer, the SCO automatically updates other identical SCO's to contain modified data which makes for a very neat collaboration without trusting Cloud.
  • The trust level of outsiders is reduced further and combined with the simple idea, makes the solution attractive for future needs.

  • Issue: Once the data is decrypted, the user can still find where the decrypted file is contained and save a copy to be redistributed to other users. The decrypted data is not monitored for illegal operations, only the SCO.
  • The ACP needs to be better hidden.

Mohamed Shehab, Elisa Bertino, and Arif Ghafoor. 2005. Secure collaboration in mediator-free environments. In Proceedings of the 12th ACM conference on Computer and communications security (CCS '05). ACM, New York, NY, USA, 58-67. DOI=10.1145/1102120.1102130 http://doi.acm.org/10.1145/1102120.1102130

Key Contributions:

  • MOTIVATION: Collaboration and Interoperability in multi-domain environments provides benefits but suffers security issues
  • PROBLEM: The paper is attempting to solve the problem of secure interoperability in a multi-domain environment without a mediator having a global view
  • CONTRIBUTION: Decentralises access control with the removal of a mediator to control collaboration. Access control is based on user’s access history, aka user access path. Paper uses idea of paths for secure interoperation.
    • Presents a mediator-free collaboration environment and discuss security challenges in such environment. Access path security requirements are presented for secure collaboration.
    • A framework for secure collaboration in a mediator-free environment, based on access control decisions based on user’s access history.
    • A discussion of several security attacks that can occur in a mediator-free environments and ways to mitigate such attacks.

  • Paper has good introduction. It explains the benefits of interoperability in 2 paragraphs and then discusses the problems in 2 paragraphs. The contribution and the paper organisation then follow.
  • The mathematics of the paper is a little difficult and a bit too much. However, parts of the mathematics was understandable.
  • The problem in relation to my research is that it doesn’t handle the scenario of dishonest users who may share data with unauthorised users (e.g via email attachments).

Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters. 2006. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM conference on Computer and communications security (CCS '06). ACM, New York, NY, USA, 89-98. DOI=10.1145/1180405.1180418 http://doi.acm.org/10.1145/1180405.1180418
Key Contributions:

  • MOTIVATION: With the growing amount of sensitive data stored on the internet, there is concern where personal data will be compromised
  • PROBLEM: The paper is trying to solve the problem of users sharing encrypted data with other users or third parties by either decrypting data and sending to them or by sending them the private key.
  • CONTRIBUTION: A Key-Policy ABE scheme
    • A scheme where each private key is associated with an access structure that specifies which types of ciphertexts that can be decrypted according to the attributes of the ciphertexts.
    • User’s key’s access structure uses tree structure where leaves are attributes. Can only decrypt if attributes satisfy the access structure.
    • Prevent collusion of users with similar access structures
    • Provide a delegation mechanism that allows any user that has a key for an access structure to derive the key for another access structure only if the latter is more restrictive than the former.

  • Paper’s introduction discussed briefly the motivation and problem and discussed in detail the contribution.
  • Paper is relevant and relatively easy to read but at times confusing.
  • The mathematics of the paper is not understandable and very heavy. May need to do a number of follow-up readings to understand concepts.
  • Still assumes the authorised users are trustworthy and will not accidentally leak the whole data to third parties.

Philippe Golle, Frank McSherry, and Ilya Mironov. 2006. Data collection with self-enforcing privacy. In Proceedings of the 13th ACM conference on Computer and communications security(CCS '06). ACM, New York, NY, USA, 69-78. DOI=10.1145/1180405.1180416 http://doi.acm.org/10.1145/1180405.1180416

Key Points:

  • MOTIVATION: How to protect individuals from distrustful pollster and how to protect pollsters from fraudulent accusations.
  • PROBLEM: A pollster who wishes to collect private information from individuals of a population may not be able to do so us individuals, understandably, are unwilling to send sensitive information to untrustworthy pollsters.
  • CONTRIBUTION: Bounty hunters
    • A bounty hunter service listens for leaks of private information and assembles a case against the pollster.
    • The bounty hunter participates in data collection, pretending to be respondents and submit “baits”, whose decrypted contents cannot be obtained without access to a secret held by the pollster
    • Any report of actual data in the message must have come from the pollster and hence incriminates pollster of leakage of information.

  • Paper is a good first step to controlling whether the data owner’s data is leaked from the consumer and if it is, it does not go unnoticed.

Alexandra Boldyreva, Vipul Goyal, and Virendra Kumar. 2008. Identity-based encryption with efficient revocation. In Proceedings of the 15th ACM conference on Computer and communications security (CCS '08). ACM, New York, NY, USA, 417-426. DOI=10.1145/1455770.1455823 http://doi.acm.org/10.1145/1455770.1455823

Key Points:

  • MOTIVATION: In the setting of IBE, there has been little work on studying revocation mechanisms.
  • PROBLEM: In an ID-based/PKI-based system, users have to regularly keep in contact with PKG, prove their identity and get new keys whether their keys have been exposed or not. The PKG has to be online at all times for this.
    • Paper discusses a new way to mitigate the limitations of IBE with regard to revocation and improves efficiency of previous solutions.
    • Revocable IBE and its security models are defined and discussed.

  • May provide a good revocation scheme, however, is very limited in providing good access control and monitoring.

Amit Sahai and Hakan Seyalioglu. 2010. Worry-free encryption: functional encryption with public keys. In Proceedings of the 17th ACM conference on Computer and communications security(CCS '10). ACM, New York, NY, USA, 463-472. DOI=10.1145/1866307.1866359 http://doi.acm.org/10.1145/1866307.1866359

Key Points:

  • MOTIVATION: The ability to send files to other users without worrying about whether they have the right to access the data.
  • PROBLEM: When a co-worker requests access to data, it is unclear whether the co-worker has the rights to access data. Although, these kinds of unauthorised accesses still occurs.
    • Discusses the need for a scheme to be secure against eavesdroppers, the need for the policy of a ciphertext to remain hidden, the user’s public key should reveal no information about his credentials, and even if the certification authority is corrupted, it should not be able to compromise the security of any honest user.
    • Suggests the notion of Worry-Free Encryption, since a sender does not need to worry about whether a recipient is authorised to obtain a message before sending it.
    • A public/private keypair is generated for each bit of the user’s credentials. The public keys will then be sent to the Certificate Authority to mask user credentials in public key.
    • The encrypter then generates a function to be sent and encrypt each part of the function under each of the user’s public keys. The user can retrieve each function piece corresponding to his credentials to reveal the function and hence reveal data.

  • Could be useful to protect data from being viewed by unauthorised users.
  • Storing a number of public/private key pairs could introduce key management complexity and is costly on user machines.
  • Once the data is decrypted, an authorised user Alice, may still send the data to an unauthorised user, Bob. Paper assumes Alice is trusted but is curious whether Bob is allowed to view data.

Mohamed Nabeel and Elisa Bertino. 2011. Poster: towards attribute based group key management. In Proceedings of the 18th ACM conference on Computer and communications security (CCS '11). ACM, New York, NY, USA, 821-824. DOI=10.1145/2093476.2093502 http://doi.acm.org/10.1145/2093476.2093502

Key Points:

  • MOTIVATION: Current group key management schemes are not well designed to manage group keys based on the attributes of group members
  • PROBLEM: How to efficiently handle group dynamics (e.g, joining and leaving of members) and also how to defend against collusion attacks
    • An expressive Attribute-Based Group Key Management Scheme (AB-GKM) which allows one to express any threshold or monotonic conditions over a set of identity attributes.
    • Improve the performance of broadcast GKM schemes corresponding to his credentials to reveal the function and hence reveal data.

  • Although the data owner has fine-grained access control over who can view his data and is effective, the data owner does not know how his data is being used by his members (e.g, illegal transfers, etc)

Development of e-health demo:
- Finished stage 1 of coding: Initialisation
- Working on stage 2 of coding: Consumer Authorisation
- Still need to test stage 1 coding to see if it is working

Wednesday, 3 April 2013

Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Osama Khan, Lea Kissner, Zachary Peterson, and Dawn Song. 2011. Remote data checking using provable data possession.ACM Trans. Inf. Syst. Secur. 14, 1, Article 12 (June 2011), 34 pages. DOI=10.1145/1952982.1952994 http://doi.acm.org/10.1145/1952982.1952994

Key contributions:
  • Using Provable Data Possession (PDP) protocol, it challenges the storage server (SSP) to check whether the data still exists.
  • Allows an auditor to check for proof of data possession in order to validate whether the server possesses the data that was originally stored by the client using Remote Data Checking (RDC)
  • Tags are generated by the DO for each block of the file and stored along with the file in the SSP
  • DO issues a challenge to SSP for random data blocks and verifies the proof to validate whether data exists in server
  • Lightweight and Robust. Lightweight since spot checking is used to check whether a random portion of the data still exists and robust since it protects against arbitrary data corruptions
  • Fixes small data corruptions
  • Like the use of providing a high-level overview of the protocol just before explaining the technical details.
  • Doesn't protect against data stealing
  • Doesn't handle dynamic operations
  • Doesn't handle the case of illegal transfer of files. It just checks for data existence

Bo Chen and Reza Curtmola. 2012. Robust dynamic remote data checking for public clouds. InProceedings of the 2012 ACM conference on Computer and communications security (CCS '12). ACM, New York, NY, USA, 1043-1045. DOI=10.1145/2382196.2382319 http://doi.acm.org/10.1145/2382196.2382319

Key contributions:
  • Continues on the work of RDC but instead handles dynamic operations (insertions, updates, deletes) on data.
  • Uses Reed Solomon codes based on Cauchy matrices which provide communication-efficient code updates
  • Handles robustness for dynamic operations
  • Paper too technical

Lingfang Zeng; Zhan Shi; Shengjie Xu; Dan Feng, "SafeVanish: An Improved Data Self-Destruction for Protecting Data Privacy," Cloud Computing Technology and Science (CloudCom), 2010 IEEE Second International Conference on , vol., no., pp.521,528, Nov. 30 2010-Dec. 3 2010
doi: 10.1109/CloudCom.2010.21

Key Contributions:
  • Data self-destroys after a period of time by destroying the encryption key rendering the data useless
  • Handles sniffing and hopping attacks which may read and store decryption keys before it is destroyed.
  • The ciphertext still remains even if decryption key destroyed making it vulnerable to traditional attacks (cryptanalysis/brute force) to reveal plaintext

Fengshun Yue; Guojun Wang; Qin Liu, "A Secure Self-Destructing Scheme for Electronic Data," Embedded and Ubiquitous Computing (EUC), 2010 IEEE/IFIP 8th International Conference on , vol., no., pp.651,658, 11-13 Dec. 2010
doi: 10.1109/EUC.2010.104

Key contributions:
  • Electronic data automatically destroyed after a certain period of time without any user intervention
  • Does not rely on third parties
  • Resists against traditional attacks (cryptanalysis/brute force) and also attacks to the Distributed Hash Table (DHT) network which destroys the decryption key and a part of the ciphertext.
  • Encapsulates data into Vanishing Data Objects (VDOs) and later Decapsulates VDOs into data providing they are withing time constraints.