Publications

Refine Results

(Filters Applied) Clear All

Leveraging Data Provenance to Enhance Cyber Resilience(273.48 KB)

Date:
November 3, 2016
Published in:
Proceedings of 1st IEEE Cybersecurity Development Conference (SecDev'16), Boston, Mass.
Type:
Conference Paper

Summary

Creating bigger and better walls to keep adversaries out of our systems has been a failing strategy. The recent attacks against Target and Sony Pictures, to name a few, further emphasize this. Data provenance is a critical technology in building resilient systems that will allow systems to recover from attackers that manage to overcome the “hard-shell” defenses. In this paper, we provide background information on data provenance, details on provenance collection, analysis, and storage techniques and challenges.

Charting a Security Landscape in the Clouds: Data Protection and Collaboration in Cloud Storage(1.6 MB)

Date:
July 7, 2016
Published in:
MIT Lincoln Laboratory Technical Report 1210
Type:
Technical Report
Topic:

Summary

This report surveys different approaches to securely storing and sharing data in the cloud based on traditional notions of security: confidentiality, integrity, and availability, with the main focus on confidentiality. An appendix discusses the related notion of how users can securely authenticate to cloud providers.

SoK: Privacy on Mobile Devices – It’s Complicated(1.07 MB)

Date:
March 2, 2016
Published in:
Proceedings of2016 Privacy Enhancing Technologies Symposium (PETS)
Type:
Conference Paper
Topic:

Summary

Modern mobile devices place a wide variety of sensors and services within the personal space of their users. As a result, these devices are capable of transparently monitoring many sensitive aspects of these users’ lives (e.g., location, health, or correspondences). Users typically trade access to this data for convenient applications and features, in many cases without a full appreciation of the nature and extent of the information that they are exposing to a variety of third parties.

Iris Biometric Security Challenges and Possible Solutions: For your eyes only - Using the iris as a key(2.7 MB)

Date:
August 13, 2015
Published in:
Signal Processing Magazine, IEEE , vol. 32, no. 5, pp. 42-53
Type:
Journal Article
Topic:

Summary

In this article, we illustrate a metric that can be used to optimize biometrics for authentication. Using iris biometrics as an example, we explore possible directions for improving processing and representation according to this metric. Finally, we discuss why strong biometric authentication remains a challenging problem and propose some possible future directions for addressing these challenges.

Cryptographically Secure Computation(1.36 MB)

Date:
April 1, 2015
Published in:
IEEE Computer, vol. 48, no. 4, pp. 78-81
Type:
Journal Article
Topic:

Summary

Big data analytics creates a tension between data sharing and data confidentiality that is best allayed through concerted action. While everyone benefits from a more comprehensive understanding of cyber threats, information sharing raises privacy and security concerns. Researchers are making secure multiparty computation—a cryptographic technique that enables information sharing and analysis while keeping sensitive inputs secret—faster and easier to use for application software developers.

Automated assessment of secure search systems(607.01 KB)

Date:
January 1, 2015
Published in:
ACM SIGOPS Operating Systems Review, vol. 49, no. 1, pp. 22-30
Type:
Journal Article

Summary

This work presents the results of a three-year project that assessed nine different privacy-preserving data search systems. We detail the design of a software assessment framework that focuses on low system footprint, repeatability, and reusability.

Computing on Masked Data: a High Performance Method for Improving Big Data Veracity(666.71 KB)

Date:
June 22, 2014
Published in:
Proceedings of the High Performance Extreme Computing Conference (HPEC)
Type:
Conference Paper
Topic:

Summary

The growing gap between data and users calls for innovative tools that address the challenges faced by big data volume, velocity and variety. Along with these standard three V’s of big data, an emerging fourth “V” is veracity, which addresses the confidentiality, integrity, and availability of the data. Traditional cryptographic techniques that ensure the veracity of data can have overheads that are too large to apply to big data. This work introduces a new technique called Computing on Masked Data (CMD), which improves data veracity by allowing computations to be performed directly on masked data and ensuring that only authorized recipients can unmask the data.

Robust Keys from Physical Unclonable Functions(633.75 KB)

Date:
May 4, 2014
Published in:
Proceedings of IEEE Symposium on Hardware-Oriented Security and Trust (HOST)
Type:
Conference Paper

Summary

Weak physical unclonable functions (PUFs) can instantiate read-proof hardware tokens where benign variation, such as changing temperature, yields a consistent key, but invasive attempts to learn the key destroy it. If some attack insufficiently changes the derived key, an expert must redesign the hardware. Our approach draws on machine learning. We propose a variant of linear discriminant analysis (LDA), called PUF LDA, which reduces noise levels in PUF instances while enhancing changes from known attacks.

Showing Results

1-8 of 8