Secure Mediation of Join Queries by Processing Ciphertexts

Size: px
Start display at page:

Download "Secure Mediation of Join Queries by Processing Ciphertexts"

Transcription

1 Secure Mediation of Join Queries by Processing Ciphertexts Joachim Biskup, Christian Tsatedem and Lena Wiese Germany SECOBAP 07 Marmara Hotel, Istanbul April 20, /23

2 Overview Introduction and Problem Statement Encryption Scheme 1: Database-As-a-Service Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching Comparison Conclusion 2/23

3 Introduction: Mediation Basic mediation system A client directs a global query to a mediator Mediator gathers data by sending partial queries to datasources Mediator constructs a global result out of the partial results and sends it back to the client. Client global query global result Mediator partial query 1 partial result 1 partial query n partial result n Source 1.. Source n 3/23

4 Introduction: Secure Mediation Secure mediation with the Multimedia Mediator (MMM) system Altenschmidt/Biskup/Flegel/Karabulut, 2003 Confederations of clients, mediators and datasources (flexible: contract based, short-term,...) Aims: Anonymity of clients and confidentiality of data 4/23

5 Introduction: Secure Mediation MMM Protocol Preparatory phase: Client acquires credentials (public key & properties) and identity certificates (public key & identity) Request phase: 1. Client sends global query with appropriate credentials to mediator 2. Mediator forwards credentials with partial queries to datasources 3. Datasources execute access control based on client s properties 4. Datasources execute partial queries to get partial results Delivery phase: 1. Datasources encrypt partial results 2. Mediator computes encrypted global result and returns it to client 5/23

6 Introduction: Secure Mediation id k Certification Authority p k pub p: properties id: client s identity k : client s public key pub pub Client p k pub global query q encr. global result scheme SQL2- Algebra Mediator process encrypted R i p k pub partial query q 1 partial result R 1 scheme p k pub Source 1 partial query qn Source n partial result Rn scheme.. 6/23

7 Problem Statement: Delivery Phase How can the mediator compute a global result if it is not eligible to access the data in the partial results? Previous solution: mobile code (Biskup/Sprick/Wiese, 2005) Mediator constructs executable that computes the global result Client executes mobile code on decrypted partial results New solution: computation on encrypted data Delivery phase: 1. Datasources encrypt partial results with appropriate encryption scheme 2. Mediator computes encrypted global result from encrypted partial results 3. Client decrypts global result (according to encryption scheme) 7/23

8 Notation One client, one mediator, two datasources S 1 and S 2 Global query q: JOIN over two partial queries Partial queries q 1 over relation R 1 and q 2 over relation R 2 Single, common attribute ( join attribute ) A join Client q="select * from R1, R2 where R1.Ajoin=R2.Ajoin" Mediator q 1 ="select * from R1" Source 1 R1(...,Ajoin,...) q 2 ="select * from R2" Source 2 R2(...,Ajoin,...) 8/23

9 Overview Introduction and Problem Statement Encryption Scheme 1: Database-As-a-Service Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching Comparison Conclusion 9/23

10 Encryption Scheme 1: DAS Model Database As a Service (Hacıgümüş et al., 2002) Data owner outsources data to service provider in encrypted format Partitioning of attribute domains ( bucketization ) One distinct index value for each partition of a domain One query executed on index values at service provider site (server query: superset of exact result) Second query executed on data owner site (client query: exact result) 10/23

11 Encryption Scheme 1: DAS Model Delivery Phase based on Database As a Service Datasources encrypt partial results Datasources define partitions ( buckets ) and index values of join attribute Client constructs server query for mediator Mediator executes server query on encrypted partial results ( encrypted superset of global result) Client decrypts mediator s result and executes client query ( global result) client query Client partitions & index values k pub server query superset of global result DAS Mediator partial result R DAS 1 Source 1 R1(...,Ajoin,...) Source 2 partial result R 2 R2(...,Ajoin,...) DAS 11/23

12 Overview Introduction and Problem Statement Encryption Scheme 1: Database-As-a-Service Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching Comparison Conclusion 12/23

13 Encryption Scheme 2: Commutative Encryption Commutative encryption function f e (as in Agrawal et al., 2003) Polynomial-time computable function (with key e) such that: 1. [Commutativity] For all keys e 1 and e 2 : f e1 f e2 = f e2 f e1 2. [Bijectivity] Each f e is a bijection 3. [Invertibility] The inverse fe 1 is polynomial-time computable given e 4. [Secrecy] Distributions of x, f e (x), y, f e (y) and x, f e (x), y, z are indistinguishable Property 4 indispensable for security proofs Use hash values of original inputs to ensure randomness (random oracle model) 13/23

14 Encryption Scheme 2: Commutative Encryption Delivery Phase based on two-party protocol for join (Agrawal et al., 2003) 1. Tuples with same join attribute value are encrypted with client s key 2. Join attribute values are hashed: h(a) 3. S 1 has key e 1 and encrypts hashes: f e1 (h(a)) / S 2 has key e 2 : f e2 (h(a )) 4. Exchange and second encryption gives f e2 (f e1 (h(a))) and f e1 (f e2 (h(a ))) 5. Mediator checks if f e2 (f e1 (h(a))) = f e1 (f e2 (h(a ))) Client h(a) e1 e2 global result k pub? = h(a ) e2 e1 Mediator R 1 k pub R 2 k pub h(a ) e2 e1 h(a ) e2 h(a) e1 h(a) e1 e2 Source 1 R1(...,Ajoin,...) Source 2 R2(...,Ajoin,...) 14/23

15 Overview Introduction and Problem Statement Encryption Scheme 1: Database-As-a-Service Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching Comparison Conclusion 15/23

16 Encryption Scheme 3: Homomorphic Encryption Additively homomorphic encryption function E (as in Freedman et al., 2004) Semantically secure public key encryption function such that: 1. Given two ciphertexts E(a) and E(b), there is a way to efficiently compute E(a + b). 2. Given a constant γ and a ciphertext E(a), there is a way to efficiently compute E(γ a). For a polynomial P (x) = n k=0 c k x k, given only encryptions E(c k ) of the coefficients and cleartext input value a (such that b = P (a)), one can efficiently compute E(b) = E(P (a)) = E( n k=0 c k a k ) For a constant value γ and payload data p ( means concatenation) one can efficiently compute E(γ P (a) + (a p)) = E(γ n k=0 c k a k + (a p)) Note: Evaluation on root value a yields E(a p), else random value 16/23

17 Encryption Scheme 3: Homomorphic Encryption Delivery Phase based on Private Matching protocol for intersection (Freedman et al., 2004) 1. Client s k pub is public key of homomorphic encryption scheme 2. Each datasource has polynomial with join attribute values as roots (P 1 and P 2 ) 3. Mediator exchanges encrypted coefficients 4. Each datasource evaluates encrypted polynomial on cleartext join attribute values plus tuples as payload data 5. Client decrypts data and finds either random values or matching tuples Client R 1 homom. R 2 homom. Mediator R 1 homom. R 2 homom. P2 k pub P1 k pub Source 1 R1(...,Ajoin,...) Source 2 R2(...,Ajoin,...) 17/23

18 Overview Introduction and Problem Statement Encryption Scheme 1: Database-As-a-Service Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching Comparison Conclusion 18/23

19 Comparison Assumptions Cryptographic strength of encryption schemes as stated by security proofs in original articles Cryptographic models are respected (random oracle model, large domains,...) Datasources include only those data records in partial results for which access permissions could be established (based on client s credentials) 19/23

20 Comparison Client s extra knowledge Database-As-a-Service: client retrieves superset of global result (extra data records) and partitions and index tables Commutative Encryption: no extra knowledge (client just retrieves exact global result) Homomorphic Encryption/Private Matching: client knows number of different join attribute values with each datasource 20/23

21 Comparison Mediator s extra knowledge All three Delivery Phase protocols: confidentiality ensured (data records are encrypted such that only the client can decrypt them) Database-As-a-Service: mediator learns sizes of partial results and size of server query result (upper bound of size of global result); partition sizes and domain sizes maybe crucial (trade-off confidentiality/efficiency) Commutative Encryption: mediator learns number of join attribute values with each datasource and size of intersection (lower bound of size of global result) Homomorphic Encryption/Private Matching: mediator learns number of join attribute values with each datasource 21/23

22 Overview Introduction and Problem Statement Encryption Scheme 1: Database-As-a-Service Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching Comparison Conclusion 22/23

23 Conclusion Secure mediation with ciphertext processing Confidentiality of transmitted data Anonymity of client Reduced need for trust in the mediator (in comparison to mobile code) Reduced workload for client (in comparison to mobile code) 23/23

24 Appendix Encryption Scheme 1: Database-As-a-Service Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching i/x

25 Encryption Scheme 1: DAS Model Delivery Phase based on Database As a Service (Hacıgümüş et al., 2002) 1. Each database S i partitions active domain of join attribute dom active (R i.a join ) and assigns each partition an index value in an index table IT able Ri.A join. R 1 :... R 1.A join index table for R 1 : IT able R1.A join [100, 150) 1 [150, 200] 2 R 2 :... R 2.A join index table for R 2 : IT able R2.A join [100, 200) 11 [200, 300] S i encrypts R i row-wise (with client s keys) and adds column for index R1 S.t S R1 S.A S join R2 S.t S R2 S.A S join R1 S : R2 S : ii/x

26 3. S i sends encrypted partial result and encrypted index table to the mediator: R S i, encrypt(it able Ri.A join ), where encrypt is encryption with client s keys 4. Mediator forwards index tables to client 5. Client decrypts index tables and constructs: a. Server query q S (selects tuples from overlapping partitions in partial results) R C := q S (R S 1, R S 2 ) = σ Cond S (R S 1 R S 2 ) where Cond S = (R S 1.A S join = 1 R S 2.A S join = 11 R S 1.A S join = 2 R S 2.A S join = 11 R S 1.A S join = 2 R S 2.A S join = 12) IT able R1.A join : [100, 150) 1 [150, 200] 2 IT able R2.A join : [100, 200) 11 [200, 300] 12 b. Client query q C (postprocesses mediator s result to find correct join tuples) q C (decrypt(r C )) = σ (R1.A join =R 2.A join )(decrypt(r C )) 6. Client sends server query q S to mediator iii/x

27 7. Mediator executes q S on encrypted partial results; returns R C to client R C : R1 S.t S R1 S.A S join R2 S.t S R2 S.A S join Client decrypts R C and executes client query q C global result R:... R 1.A join... R 2.A join iv/x

28 Appendix Encryption Scheme 1: Database-As-a-Service Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching v/x

29 Encryption Scheme 2: Commutative Encryption Delivery Phase based on two-party protocol for join (Agrawal et al., 2003) 1. Datasource S i generates key e i for commutative encryption function f S i encrypts hash values of join attribute values (ideal hash function h) R 1 : R 1.A 1 R 1.A join α 10 β 10 γ 15 encrypted hash values: f e1 (h(10)), f e1 (h(15)) R 2 : R 2.A 1 R 2.A join δ 12 ɛ 15 ζ S i builds tuple sets for same join attribute value: T up 1 (10) = { α, 10, β, 10 } T up 1 (15) = { γ, 15 } T up i (a) := {t R i t[a join ] = a} encrypted hash values: f e2 (h(12)), f e2 (h(15)) T up 2 (12) = { δ, 12 } T up 2 (15) = { ɛ, 15, ζ, 15 } S i encrypts them with client s keys to ciphertexts encrypt(t up i (a)) vi/x

30 3. S i sends set of messages M i := { f ei (h(a)), encrypt(t up i (a)) } to mediator M 1 := { f e1 (h(10)), encrypt(t up 1 (10)), f e1 (h(15)), encrypt(t up 1 (15)) } M 2 := { f e2 (h(12)), encrypt(t up 2 (12)), f e2 (h(15)), encrypt(t up 2 (15)) } 4. Mediator exchanges message sets (sends M 1 to S 2 and M 2 to S 1 ) 5. For each f e2 (h(a)), encrypt(t up 2 (a)) from S 2 : S 1 computes f e1 (f e2 (h(a))), encrypt(t up 2 (a)) and sends it to the mediator 6. For each f e1 (h(a)), encrypt(t up 1 (a)) from S 2 : S 2 computes f e2 (f e1 (h(a))), encrypt(t up 1 (a)) and sends it to the mediator 7. Mediator looks for messages with identical first component f e1 (f e2 (h(a))) = f e2 (f e1 (h(a))) (bijectivity and commutativity properties of f) and sends result messages encrypt(t up 1 (a)), encrypt(t up 2 (a)) to the client 8. Client decrypts result messages with his private keys and constructs result tuples R 1.A 1 R 1.A join R 2.A 1 R 2.A join T up 1 (15) = { γ, 15 } T up 2 (15) = { ɛ, 15, ζ, 15 } R: γ 15 ɛ 15 γ 15 ζ 15 vii/x

31 Appendix Encryption Scheme 1: Database-As-a-Service Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching viii/x

32 Encryption Scheme 3: Homomorphic Encryption Delivery Phase based on Private Matching protocol for intersection (Freedman et al., 2004) 1. Assumption: Client has one public key for homomorphic encryption scheme E 2. S 1 forms a polynomial whose roots are the join attribute values a 1,..., a n : P 1 (x) := (a 1 x) (a 2 x)... (a n x) = n k=0 c k x k S 1 encrypts coefficients using client s key and sends all E(c k ) to mediator 3. S 2 forms a polynomial whose roots are the join attribute values a 1,..., a m: P 2 (x) := (a 1 x) (a 2 x)... (a m x) = m l=0 d l x l S 2 encrypts coefficients using client s key and sends all E(d l ) to mediator 4. Mediator exchanges coefficients (E(d l ) to S 1 and E(c k ) to S 2 ) ix/x

33 5. S 1 evaluates polynomial P 2 on its cleartext join attribute values a 1,..., a n : e k := E(r k P 2 (a k ) + (a k T up 1 (a k ))) (r k is a fresh random number and T up 1 (a k ) is set of tuples with join attribute value a k ) S 1 returns all e k values to mediator 6. S 2 evaluates polynomial P 1 on its cleartext join attribute values a 1,..., a m: S 2 returns all e l values to mediator e l := E(r l P 1 (a l) + (a l T up 2 (a l))) 7. Mediator forwards all e k and e l values to client 8. Client decrypts them to either a random value, a value (a k T up 1 (a k )) or a value (a l T up 2 (a l)) For values (a k T up 1 (a k )) and (a l T up 2 (a l)) where a k = a l, the tuples are joined in the global result x/x

Search on Encrypted Data

Search on Encrypted Data Search on Encrypted Data Hakan Hacıgümüş 1, Bijit Hore 2, Bala Iyer 3, and Sharad Mehrotra 4 1 IBM Almaden Research Center hakanh@acm.org 2 Donald Bren School of Computer Science University of California,

More information

Verifiable Delegation of Computation over Large Datasets

Verifiable Delegation of Computation over Large Datasets Verifiable Delegation of Computation over Large Datasets Siavosh Benabbas University of Toronto Rosario Gennaro IBM Research Yevgeniy Vahlis AT&T Cloud Computing Data D Code F Y F(D) Cloud could be malicious

More information

Secure Computation Martin Beck

Secure Computation Martin Beck Institute of Systems Architecture, Chair of Privacy and Data Security Secure Computation Martin Beck Dresden, 05.02.2015 Index Homomorphic Encryption The Cloud problem (overview & example) System properties

More information

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch CSC474/574 - Information Systems Security: Homework1 Solutions Sketch February 20, 2005 1. Consider slide 12 in the handout for topic 2.2. Prove that the decryption process of a one-round Feistel cipher

More information

New Efficient Searchable Encryption Schemes from Bilinear Pairings

New Efficient Searchable Encryption Schemes from Bilinear Pairings International Journal of Network Security, Vol.10, No.1, PP.25 31, Jan. 2010 25 New Efficient Searchable Encryption Schemes from Bilinear Pairings Chunxiang Gu and Yuefei Zhu (Corresponding author: Chunxiang

More information

Analysis of Privacy-Preserving Element Reduction of Multiset

Analysis of Privacy-Preserving Element Reduction of Multiset Analysis of Privacy-Preserving Element Reduction of Multiset Jae Hong Seo 1, HyoJin Yoon 2, Seongan Lim 3, Jung Hee Cheon 4 and Dowon Hong 5 1,4 Department of Mathematical Sciences and ISaC-RIM, Seoul

More information

Paillier Threshold Encryption Toolbox

Paillier Threshold Encryption Toolbox Paillier Threshold Encryption Toolbox October 23, 2010 1 Introduction Following a desire for secure (encrypted) multiparty computation, the University of Texas at Dallas Data Security and Privacy Lab created

More information

Private Inference Control For Aggregate Database Queries

Private Inference Control For Aggregate Database Queries Private Inference Control For Aggregate Database Queries Geetha Jagannathan geetha@cs.rutgers.edu Rebecca N. Wright Rebecca.Wright@rutgers.edu Department of Computer Science Rutgers, State University of

More information

Privacy-Preserving Set Operations

Privacy-Preserving Set Operations Privacy-Preserving Set Operations Lea Kissner and Dawn Song Carnegie Mellon University Abstract In many important applications, a collection of mutually distrustful parties must perform private computation

More information

CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

More information

Tackling The Challenges of Big Data. Tackling The Challenges of Big Data Big Data Systems. Security is a Negative Goal. Nickolai Zeldovich

Tackling The Challenges of Big Data. Tackling The Challenges of Big Data Big Data Systems. Security is a Negative Goal. Nickolai Zeldovich Introduction is a Negative Goal No way for adversary to violate security policy Difficult to achieve: many avenues of attack 1 Example: Confidential Database Application server Database server Approach:

More information

Experimental Analysis of Privacy-Preserving Statistics Computation

Experimental Analysis of Privacy-Preserving Statistics Computation Experimental Analysis of Privacy-Preserving Statistics Computation Hiranmayee Subramaniam 1, Rebecca N. Wright 2, and Zhiqiang Yang 2 1 Stevens Institute of Technology graduate, hiran@polypaths.com. 2

More information

Security Analysis of DRBG Using HMAC in NIST SP 800-90

Security Analysis of DRBG Using HMAC in NIST SP 800-90 Security Analysis of DRBG Using MAC in NIST SP 800-90 Shoichi irose Graduate School of Engineering, University of Fukui hrs shch@u-fukui.ac.jp Abstract. MAC DRBG is a deterministic random bit generator

More information

Lecture 10: CPA Encryption, MACs, Hash Functions. 2 Recap of last lecture - PRGs for one time pads

Lecture 10: CPA Encryption, MACs, Hash Functions. 2 Recap of last lecture - PRGs for one time pads CS 7880 Graduate Cryptography October 15, 2015 Lecture 10: CPA Encryption, MACs, Hash Functions Lecturer: Daniel Wichs Scribe: Matthew Dippel 1 Topic Covered Chosen plaintext attack model of security MACs

More information

Efficient Similarity Search over Encrypted Data

Efficient Similarity Search over Encrypted Data UT DALLAS Erik Jonsson School of Engineering & Computer Science Efficient Similarity Search over Encrypted Data Mehmet Kuzu, Saiful Islam, Murat Kantarcioglu Introduction Client Untrusted Server Similarity

More information

Identity-based encryption and Generic group model (work in progress) Peeter Laud Arvutiteaduse teooriaseminar Tallinn, 05.01.2012

Identity-based encryption and Generic group model (work in progress) Peeter Laud Arvutiteaduse teooriaseminar Tallinn, 05.01.2012 Identity-based encryption and Generic group model (work in progress) Peeter Laud Arvutiteaduse teooriaseminar Tallinn, 05.01.2012 Identity-based encryption Public-key encryption, where public key = name

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information

Authentication and Encryption: How to order them? Motivation

Authentication and Encryption: How to order them? Motivation Authentication and Encryption: How to order them? Debdeep Muhopadhyay IIT Kharagpur Motivation Wide spread use of internet requires establishment of a secure channel. Typical implementations operate in

More information

Programmable Order-Preserving Secure Index for Encrypted Database Query

Programmable Order-Preserving Secure Index for Encrypted Database Query 2012 IEEE Fifth International Conference on Cloud Computing Programmable Order-Preserving Secure Index for Encrypted Database Query Dongxi Liu Shenlu Wang CSIRO ICT Centre, Marsfield, NSW 2122, Australia

More information

1 Digital Signatures. 1.1 The RSA Function: The eth Power Map on Z n. Crypto: Primitives and Protocols Lecture 6.

1 Digital Signatures. 1.1 The RSA Function: The eth Power Map on Z n. Crypto: Primitives and Protocols Lecture 6. 1 Digital Signatures A digital signature is a fundamental cryptographic primitive, technologically equivalent to a handwritten signature. In many applications, digital signatures are used as building blocks

More information

Cryptography for the Cloud

Cryptography for the Cloud Cryptography for the Cloud ENS - CNRS - INRIA Cyber-Sécurité - SPECIF CNAM, Paris, France - November 7th, 2014 The Cloud Introduction 2 Access from Anywhere Introduction 3 Available for Everything One

More information

Fuzzy Identity-Based Encryption

Fuzzy Identity-Based Encryption Fuzzy Identity-Based Encryption Janek Jochheim June 20th 2013 Overview Overview Motivation (Fuzzy) Identity-Based Encryption Formal definition Security Idea Ingredients Construction Security Extensions

More information

Security Analysis for Order Preserving Encryption Schemes

Security Analysis for Order Preserving Encryption Schemes Security Analysis for Order Preserving Encryption Schemes Liangliang Xiao University of Texas at Dallas Email: xll052000@utdallas.edu Osbert Bastani Harvard University Email: obastani@fas.harvard.edu I-Ling

More information

A Secure Model for Medical Data Sharing

A Secure Model for Medical Data Sharing International Journal of Database Theory and Application 45 A Secure Model for Medical Data Sharing Wong Kok Seng 1,1,Myung Ho Kim 1, Rosli Besar 2, Fazly Salleh 2 1 Department of Computer, Soongsil University,

More information

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui School of Engineering and Computer Science Te Kura Mātai Pūkaha, Pūrorohiko PO Box 600 Wellington New Zealand Tel: +64 4 463

More information

MACs Message authentication and integrity. Table of contents

MACs Message authentication and integrity. Table of contents MACs Message authentication and integrity Foundations of Cryptography Computer Science Department Wellesley College Table of contents Introduction MACs Constructing Secure MACs Secure communication and

More information

Privacy, Security and Cloud

Privacy, Security and Cloud Privacy, Security and Cloud Giuseppe Di Luna July 2, 2012 Giuseppe Di Luna 2012 1 July 2, 2012 Giuseppe Di Luna 2012 2 July 2, 2012 Giuseppe Di Luna 2012 3 Security Concerns: Data leakage Data handling

More information

Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks

Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks J. M. BAHI, C. GUYEUX, and A. MAKHOUL Computer Science Laboratory LIFC University of Franche-Comté Journée thématique

More information

Chapter 3. Network Domain Security

Chapter 3. Network Domain Security Communication System Security, Chapter 3, Draft, L.D. Chen and G. Gong, 2008 1 Chapter 3. Network Domain Security A network can be considered as the physical resource for a communication system. This chapter

More information

Verifiable Outsourced Computations Outsourcing Computations to Untrusted Servers

Verifiable Outsourced Computations Outsourcing Computations to Untrusted Servers Outsourcing Computations to Untrusted Servers Security of Symmetric Ciphers in Network Protocols ICMS, May 26, 2015, Edinburgh Problem Motivation Problem Motivation Problem Motivation Problem Motivation

More information

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn. CSC 490 Special Topics Computer and Network Security Key Management Dr. Xiao Qin Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.edu Slide 09-1 Overview Key exchange Session vs. interchange

More information

CLOUD COMPUTING SECURITY IN UNRELIABLE CLOUDS USING RELIABLE RE-ENCRYPTION

CLOUD COMPUTING SECURITY IN UNRELIABLE CLOUDS USING RELIABLE RE-ENCRYPTION CLOUD COMPUTING SECURITY IN UNRELIABLE CLOUDS USING RELIABLE RE-ENCRYPTION Chandrala DN 1, Kulkarni Varsha 2 1 Chandrala DN, M.tech IV sem,department of CS&E, SVCE, Bangalore 2 Kulkarni Varsha, Asst. Prof.

More information

Associate Prof. Dr. Victor Onomza Waziri

Associate Prof. Dr. Victor Onomza Waziri BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,

More information

Privacy Preserving String Pattern Matching on Outsourced Data

Privacy Preserving String Pattern Matching on Outsourced Data Privacy Preserving String Pattern Matching on Outsourced Data Thesis submitted in partial fulfillment of the requirements for the degree of MS By Research in CSE by Bargav Jayaraman 201207509 bargav.jayaraman@research.iiit.ac.in

More information

Dynamic Searchable Encryption in Very Large Databases: Data Structures and Implementation

Dynamic Searchable Encryption in Very Large Databases: Data Structures and Implementation Dynamic Searchable Encryption in Very Large Databases: Data Structures and Implementation David Cash, Joseph Jaeger, Stanislaw Jarecki, Charanjit Jutla, Hugo Krawczyk, Marcel Roşu and Michael Steiner Rutgers

More information

Security Aspects of. Database Outsourcing. Vahid Khodabakhshi Hadi Halvachi. Dec, 2012

Security Aspects of. Database Outsourcing. Vahid Khodabakhshi Hadi Halvachi. Dec, 2012 Security Aspects of Database Outsourcing Dec, 2012 Vahid Khodabakhshi Hadi Halvachi Security Aspects of Database Outsourcing Security Aspects of Database Outsourcing 2 Outline Introduction to Database

More information

Secure and privacy-preserving DRM scheme using homomorphic encryption in cloud computing

Secure and privacy-preserving DRM scheme using homomorphic encryption in cloud computing December 2013, 20(6): 88 95 www.sciencedirect.com/science/journal/10058885 The Journal of China Universities of Posts and Telecommunications http://jcupt.xsw.bupt.cn Secure and privacy-preserving DRM scheme

More information

Knowledge-Based Systems

Knowledge-Based Systems Knowledge-ased Systems 35 (22) 332 348 ontents lists available at SciVerse ScienceDirect Knowledge-ased Systems journal homepage: www.elsevier.com/locate/knosys Executing SQL queries over encrypted character

More information

Cryptography and Network Security: Summary

Cryptography and Network Security: Summary Cryptography and Network Security: Summary Timo Karvi 12.2013 Timo Karvi () Cryptography and Network Security: Summary 12.2013 1 / 17 Summary of the Requirements for the exam The advices are valid for

More information

Cryptography: Authentication, Blind Signatures, and Digital Cash

Cryptography: Authentication, Blind Signatures, and Digital Cash Cryptography: Authentication, Blind Signatures, and Digital Cash Rebecca Bellovin 1 Introduction One of the most exciting ideas in cryptography in the past few decades, with the widest array of applications,

More information

Identity-based Encryption with Post-Challenge Auxiliary Inputs for Secure Cloud Applications and Sensor Networks

Identity-based Encryption with Post-Challenge Auxiliary Inputs for Secure Cloud Applications and Sensor Networks Identity-based Encryption with Post-Challenge Auxiliary Inputs for Secure Cloud Applications and Sensor Networks Tsz Hon Yuen - Huawei, Singapore Ye Zhang - Pennsylvania State University, USA Siu Ming

More information

Information Security

Information Security Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked

More information

1 Message Authentication

1 Message Authentication Theoretical Foundations of Cryptography Lecture Georgia Tech, Spring 200 Message Authentication Message Authentication Instructor: Chris Peikert Scribe: Daniel Dadush We start with some simple questions

More information

Introduction. Digital Signature

Introduction. Digital Signature Introduction Electronic transactions and activities taken place over Internet need to be protected against all kinds of interference, accidental or malicious. The general task of the information technology

More information

Criteria for web application security check. Version 2015.1

Criteria for web application security check. Version 2015.1 Criteria for web application security check Version 2015.1 i Content Introduction... iii ISC- P- 001 ISC- P- 001.1 ISC- P- 001.2 ISC- P- 001.3 ISC- P- 001.4 ISC- P- 001.5 ISC- P- 001.6 ISC- P- 001.7 ISC-

More information

Computing on Encrypted Data

Computing on Encrypted Data Computing on Encrypted Data Secure Internet of Things Seminar David Wu January, 2015 Smart Homes New Applications in the Internet of Things aggregation + analytics usage statistics and reports report energy

More information

CryptoVerif Tutorial

CryptoVerif Tutorial CryptoVerif Tutorial Bruno Blanchet INRIA Paris-Rocquencourt bruno.blanchet@inria.fr November 2014 Bruno Blanchet (INRIA) CryptoVerif Tutorial November 2014 1 / 14 Exercise 1: preliminary definition SUF-CMA

More information

Victor Shoup Avi Rubin. fshoup,rubing@bellcore.com. Abstract

Victor Shoup Avi Rubin. fshoup,rubing@bellcore.com. Abstract Session Key Distribution Using Smart Cards Victor Shoup Avi Rubin Bellcore, 445 South St., Morristown, NJ 07960 fshoup,rubing@bellcore.com Abstract In this paper, we investigate a method by which smart

More information

HYBRID ENCRYPTION FOR CLOUD DATABASE SECURITY

HYBRID ENCRYPTION FOR CLOUD DATABASE SECURITY HYBRID ENCRYPTION FOR CLOUD DATABASE SECURITY Amanjot Kaur 1, Manisha Bhardwaj 2 1 MTech Student, Computer Science Department, LPU, Jalandhar, Punjab, India, er.aman_jot@yahoo.co.in 2 Assistant Professor,

More information

Chapter 23. Database Security. Security Issues. Database Security

Chapter 23. Database Security. Security Issues. Database Security Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database

More information

Improved Online/Offline Signature Schemes

Improved Online/Offline Signature Schemes Improved Online/Offline Signature Schemes Adi Shamir and Yael Tauman Applied Math. Dept. The Weizmann Institute of Science Rehovot 76100, Israel {shamir,tauman}@wisdom.weizmann.ac.il Abstract. The notion

More information

Message Authentication Code

Message Authentication Code Message Authentication Code Ali El Kaafarani Mathematical Institute Oxford University 1 of 44 Outline 1 CBC-MAC 2 Authenticated Encryption 3 Padding Oracle Attacks 4 Information Theoretic MACs 2 of 44

More information

CS377: Database Systems Data Security and Privacy. Li Xiong Department of Mathematics and Computer Science Emory University

CS377: Database Systems Data Security and Privacy. Li Xiong Department of Mathematics and Computer Science Emory University CS377: Database Systems Data Security and Privacy Li Xiong Department of Mathematics and Computer Science Emory University 1 Principles of Data Security CIA Confidentiality Triad Prevent the disclosure

More information

Privacy and Security in Cloud Computing

Privacy and Security in Cloud Computing Réunion CAPPRIS 21 mars 2013 Monir Azraoui, Kaoutar Elkhiyaoui, Refik Molva, Melek Ӧnen Slide 1 Cloud computing Idea: Outsourcing Ø Huge distributed data centers Ø Offer storage and computation Benefit:

More information

1 Construction of CCA-secure encryption

1 Construction of CCA-secure encryption CSCI 5440: Cryptography Lecture 5 The Chinese University of Hong Kong 10 October 2012 1 Construction of -secure encryption We now show how the MAC can be applied to obtain a -secure encryption scheme.

More information

EXAM questions for the course TTM4135 - Information Security May 2013. Part 1

EXAM questions for the course TTM4135 - Information Security May 2013. Part 1 EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question

More information

Research And Development For GeoSpatial Data Security. CSRE, IIT Bombay

Research And Development For GeoSpatial Data Security. CSRE, IIT Bombay Research And Development For GeoSpatial Data Security P. Venkatachalam and B. Krishna Mohan CSRE, IIT Bombay July 2011 Introduction Advancements in sensor technology, satellite remote sensing and field

More information

PARTICIPATORY sensing and data surveillance are gradually

PARTICIPATORY sensing and data surveillance are gradually 1 A Comprehensive Comparison of Multiparty Secure Additions with Differential Privacy Slawomir Goryczka and Li Xiong Abstract This paper considers the problem of secure data aggregation (mainly summation)

More information

Advanced Authentication

Advanced Authentication White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is

More information

Lecture 9 - Message Authentication Codes

Lecture 9 - Message Authentication Codes Lecture 9 - Message Authentication Codes Boaz Barak March 1, 2010 Reading: Boneh-Shoup chapter 6, Sections 9.1 9.3. Data integrity Until now we ve only been interested in protecting secrecy of data. However,

More information

SEARCHABLE SYMMETRIC ENCRYPTION METHOD FOR ENCRYPTED DATA IN CLOUD

SEARCHABLE SYMMETRIC ENCRYPTION METHOD FOR ENCRYPTED DATA IN CLOUD JJT-029-2015 SEARCHABLE SYMMETRIC ENCRYPTION METHOD FOR ENCRYPTED DATA IN CLOUD P.Vidyasagar, R.Karthikeyan, Dr.C.Nalini M.Tech Student, Dept of CSE,Bharath University, Email.Id: vsagarp@rediffmail.com

More information

Identity-Based Encryption from the Weil Pairing

Identity-Based Encryption from the Weil Pairing Appears in SIAM J. of Computing, Vol. 32, No. 3, pp. 586-615, 2003. An extended abstract of this paper appears in the Proceedings of Crypto 2001, volume 2139 of Lecture Notes in Computer Science, pages

More information

Secure Query Processing with Data Interoperability in a Cloud Database Environment

Secure Query Processing with Data Interoperability in a Cloud Database Environment ecure Query Processing with Data Interoperability in a Cloud Database Environment Wai Kit Wong * Ben Kao David Wai Lok Cheung Rongbin Li iu Ming Yiu wongwk@hsmc.edu.hk, {kao, dcheung, rbli, smyiu}@cs.hku.hk

More information

ZQL. a cryptographic compiler for processing private data. George Danezis. Joint work with Cédric Fournet, Markulf Kohlweiss, Zhengqin Luo

ZQL. a cryptographic compiler for processing private data. George Danezis. Joint work with Cédric Fournet, Markulf Kohlweiss, Zhengqin Luo ZQL Work in progress a cryptographic compiler for processing private data George Danezis Joint work with Cédric Fournet, Markulf Kohlweiss, Zhengqin Luo Microsoft Research and Joint INRIA-MSR Centre Data

More information

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead

More information

Compter Networks Chapter 9: Network Security

Compter Networks Chapter 9: Network Security Goals of this chapter Compter Networks Chapter 9: Network Security Give a brief glimpse of security in communication networks Basic goals and mechanisms Holger Karl Slide set: Günter Schäfer, TU Ilmenau

More information

SWFP: Secure Web Feed Protocol

SWFP: Secure Web Feed Protocol SWFP: Secure Web Feed Protocol Frédérick Giasson fred [at] fgiasson.com Abstract SWFP ensures the secure broadcasting of web feeds content over a local network or the Internet. The protocol is built to

More information

New Constructions and Practical Applications for Private Stream Searching (Extended Abstract)

New Constructions and Practical Applications for Private Stream Searching (Extended Abstract) New Constructions and Practical Applications for Private Stream Searching (Extended Abstract)???? John Bethencourt CMU Dawn Song CMU Brent Waters SRI 1 Searching for Information Too much on-line info to

More information

Breaking An Identity-Based Encryption Scheme based on DHIES

Breaking An Identity-Based Encryption Scheme based on DHIES Breaking An Identity-Based Encryption Scheme based on DHIES Martin R. Albrecht 1 Kenneth G. Paterson 2 1 SALSA Project - INRIA, UPMC, Univ Paris 06 2 Information Security Group, Royal Holloway, University

More information

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email CS 393 Network Security Nasir Memon Polytechnic University Module 11 Secure Email Course Logistics HW 5 due Thursday Graded exams returned and discussed. Read Chapter 5 of text 4/2/02 Module 11 - Secure

More information

Encryption for Cloud Services Security: Problem or Panacea? @Zulfikar_Ramzan / CTO / www.elastica.net

Encryption for Cloud Services Security: Problem or Panacea? @Zulfikar_Ramzan / CTO / www.elastica.net Encryption for Cloud Services Security: Problem or Panacea? @Zulfikar_Ramzan / CTO / www.elastica.net Tectonic Shift in the Market SaaS On-Premise Many pieces to Buy, Assemble & Operate No visibility /

More information

Chapter 23. Database Security. Security Issues. Database Security

Chapter 23. Database Security. Security Issues. Database Security Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database

More information

Security Digital Certificate Manager

Security Digital Certificate Manager System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure

More information

Microsoft SQL Server Security and Auditing Clay Risenhoover ISACA North Texas April 14, 2016 http://tinyurl.com/isacaclay

Microsoft SQL Server Security and Auditing Clay Risenhoover ISACA North Texas April 14, 2016 http://tinyurl.com/isacaclay Microsoft SQL Server Security and Auditing Clay Risenhoover ISACA North Texas April 14, 2016 http://tinyurl.com/isacaclay 2016, Risenhoover Consulting, Inc. All Rights Reserved 1 Goals Understand new and

More information

Security Digital Certificate Manager

Security Digital Certificate Manager IBM i Security Digital Certificate Manager 7.1 IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in Notices,

More information

An Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud

An Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud An Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud Sanjay Madria Professor and Site Director for NSF I/UCRC Center on Net-Centric Software and Systems Missouri University

More information

Keywords: cloud computing, multiple keywords, service provider, search request, ranked search

Keywords: cloud computing, multiple keywords, service provider, search request, ranked search Volume 5, Issue 1, January 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com A Survey on

More information

14 Databases. Source: Foundations of Computer Science Cengage Learning. Objectives After studying this chapter, the student should be able to:

14 Databases. Source: Foundations of Computer Science Cengage Learning. Objectives After studying this chapter, the student should be able to: 14 Databases 14.1 Source: Foundations of Computer Science Cengage Learning Objectives After studying this chapter, the student should be able to: Define a database and a database management system (DBMS)

More information

Netop Remote Control Security Server

Netop Remote Control Security Server A d m i n i s t r a t i o n Netop Remote Control Security Server Product Whitepaper ABSTRACT Security is an important factor when choosing a remote support solution for any enterprise. Gone are the days

More information

Advanced Cryptography

Advanced Cryptography Family Name:... First Name:... Section:... Advanced Cryptography Final Exam July 18 th, 2006 Start at 9:15, End at 12:00 This document consists of 12 pages. Instructions Electronic devices are not allowed.

More information

Public Key Encryption that Allows PIR Queries

Public Key Encryption that Allows PIR Queries Public Key Encryption that Allows PIR Queries Dan Boneh Eyal Kushilevitz Rafail Ostrovsky William E Skeith III Appeared at CRYPTO 2007: 50-67 Abstract Consider the following problem: Alice wishes to maintain

More information

2.3. Finding polynomial functions. An Introduction:

2.3. Finding polynomial functions. An Introduction: 2.3. Finding polynomial functions. An Introduction: As is usually the case when learning a new concept in mathematics, the new concept is the reverse of the previous one. Remember how you first learned

More information

Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG

Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG 1 Security Analytics Crypto and Privacy Technologies Infrastructure Security 60+ members Framework and Taxonomy Chair - Sree Rajan, Fujitsu

More information

Fundamentals of Database Systems, 4 th Edition By Ramez Elmasri and Shamkant Navathe. Table of Contents. A. Short Table of Contents

Fundamentals of Database Systems, 4 th Edition By Ramez Elmasri and Shamkant Navathe. Table of Contents. A. Short Table of Contents Fundamentals of Database Systems, 4 th Edition By Ramez Elmasri and Shamkant Navathe Table of Contents A. Short Table of Contents (This Includes part and chapter titles only) PART 1: INTRODUCTION AND CONCEPTUAL

More information

David M. Kroenke and David J. Auer Database Processing 11 th Edition Fundamentals, Design, and Implementation. Chapter Objectives

David M. Kroenke and David J. Auer Database Processing 11 th Edition Fundamentals, Design, and Implementation. Chapter Objectives David M. Kroenke and David J. Auer Database Processing 11 th Edition Fundamentals, Design, and Implementation Chapter One: Introduction 1-1 Chapter Objectives To understand the nature and characteristics

More information

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike

More information

Approaches for privacy-friendly Smart Metering: Architecture using homomorphic encryption and homomorphic MACs

Approaches for privacy-friendly Smart Metering: Architecture using homomorphic encryption and homomorphic MACs Approaches for privacy-friendly Smart Metering: Architecture using homomorphic encryption and homomorphic MACs Seminar Trustworthy and Energy-Efficient Smart Grids Overview on Approach Introduced in: [B.

More information

Simulation-Based Security with Inexhaustible Interactive Turing Machines

Simulation-Based Security with Inexhaustible Interactive Turing Machines Simulation-Based Security with Inexhaustible Interactive Turing Machines Ralf Küsters Institut für Informatik Christian-Albrechts-Universität zu Kiel 24098 Kiel, Germany kuesters@ti.informatik.uni-kiel.de

More information

NEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA

NEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA THE PUBLISHING HOUSE PROCEEDINGS OF THE ROMANIAN ACADEMY, Series A, OF THE ROMANIAN ACADEMY Volume 14, Number 1/2013, pp. 72 77 NEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA Laurenţiu BURDUŞEL Politehnica

More information

Technical Report Nr. 735

Technical Report Nr. 735 Technical Report Nr. 735 Systems Group, Department of Computer Science, ETH Zurich Query Processing on Encrypted Data in the Cloud by Stefan Hildenbrand, Donald Kossmann, Tahmineh Sanamrad, Carsten Binnig,

More information

A Study on Secure Electronic Medical DB System in Hospital Environment

A Study on Secure Electronic Medical DB System in Hospital Environment A Study on Secure Electronic Medical DB System in Hospital Environment Yvette E. Gelogo 1 and Sungwon Park 2 * 1 Catholic University of Daegu, Daegu, Korea 2 Department of Nursing, Hannam University, 133

More information

Chosen-Ciphertext Security from Identity-Based Encryption

Chosen-Ciphertext Security from Identity-Based Encryption Chosen-Ciphertext Security from Identity-Based Encryption Dan Boneh Ran Canetti Shai Halevi Jonathan Katz Abstract We propose simple and efficient CCA-secure public-key encryption schemes (i.e., schemes

More information

MESSAGE AUTHENTICATION IN AN IDENTITY-BASED ENCRYPTION SCHEME: 1-KEY-ENCRYPT-THEN-MAC

MESSAGE AUTHENTICATION IN AN IDENTITY-BASED ENCRYPTION SCHEME: 1-KEY-ENCRYPT-THEN-MAC MESSAGE AUTHENTICATION IN AN IDENTITY-BASED ENCRYPTION SCHEME: 1-KEY-ENCRYPT-THEN-MAC by Brittanney Jaclyn Amento A Thesis Submitted to the Faculty of The Charles E. Schmidt College of Science in Partial

More information

Efficient Unlinkable Secret Handshakes for Anonymous Communications

Efficient Unlinkable Secret Handshakes for Anonymous Communications 보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 Efficient Unlinkable Secret Handshakes for Anonymous Communications Eun-Kyung Ryu 1), Kee-Young Yoo 2), Keum-Sook Ha 3) Abstract The technique

More information

Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption

Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption Ronald Cramer Victor Shoup December 12, 2001 Abstract We present several new and fairly practical public-key

More information

An Ontology-based e-learning System for Network Security

An Ontology-based e-learning System for Network Security An Ontology-based e-learning System for Network Security Yoshihito Takahashi, Tomomi Abiko, Eriko Negishi Sendai National College of Technology a0432@ccedu.sendai-ct.ac.jp Goichi Itabashi Graduate School

More information

Storage Systems Autumn 2009

Storage Systems Autumn 2009 Storage Systems Autumn 2009 Chapter 5: Securely Auditing André Brinkmann Sources Different Publications Slides from Randal Burns, Johns Hopkins University, USA Awkward for large data What s wrong with

More information

Time-Based Proxy Re-encryption Scheme for Secure Data Sharing in a Cloud Environment

Time-Based Proxy Re-encryption Scheme for Secure Data Sharing in a Cloud Environment Time-Based Proxy Re-encryption Scheme for Secure Data Sharing in a Cloud Environment Qin Liu a,b, Guojun Wang a,, Jie Wu b a School of Information Science and Engineering Central South Uversity Changsha,

More information

A Searchable Encryption Scheme for Outsourcing Cloud Storage

A Searchable Encryption Scheme for Outsourcing Cloud Storage A Searchable Encryption Scheme for Outsourcing Cloud Storage Jyun-Yao Huang Department of Computer Science and Engineering National Chung Hsing University Taichung 402, Taiwan allen501pc@gmail.com I-En

More information

4 Domain Relational Calculus

4 Domain Relational Calculus 4 Domain Relational Calculus We now present two relational calculi that we will compare to RA. First, what is the difference between an algebra and a calculus? The usual story is that the algebra RA is

More information