Publications

Refine Results

(Filters Applied) Clear All

Bootstrapping and Maintaining Trust in the Cloud(469.63 KB)

Date:
December 5, 2016
Published in:
Proceedings of the 32nd Annual Computer Security Applications Conference, ACSAC 2016
Type:
Conference Paper

Summary

Today's infrastructure as a service (IaaS) cloud environments rely upon full trust in the provider to secure applications and data. In this paper we introduce keylime, a scalable trusted cloud key management system. Keylime provides an end-to-end solution for both bootstrapping hardware rooted cryptographic identities for IaaS nodes and for system integrity monitoring of those nodes via periodic attestation.
READ LESS

Summary

Today's infrastructure as a service (IaaS) cloud environments rely upon full trust in the provider to secure applications and data. In this paper we introduce keylime, a scalable trusted cloud key management system. Keylime provides an end-to-end solution for both bootstrapping hardware rooted cryptographic identities for IaaS nodes and for...
READ MORE

Leveraging Data Provenance to Enhance Cyber Resilience(273.48 KB)

Date:
November 3, 2016
Published in:
Proceedings of 1st IEEE Cybersecurity Development Conference (SecDev'16), Boston, Mass.
Type:
Conference Paper

Summary

Creating bigger and better walls to keep adversaries out of our systems has been a failing strategy. The recent attacks against Target and Sony Pictures, to name a few, further emphasize this. Data provenance is a critical technology in building resilient systems that will allow systems to recover from attackers that manage to overcome the “hard-shell” defenses. In this paper, we provide background information on data provenance, details on provenance collection, analysis, and storage techniques and challenges.
READ LESS

Summary

Creating bigger and better walls to keep adversaries out of our systems has been a failing strategy. The recent attacks against Target and Sony Pictures, to name a few, further emphasize this. Data provenance is a critical technology in building resilient systems that will allow systems to recover from attackers...
READ MORE

POPE: Partial Order Preserving Encoding(589.23 KB)

Date:
October 16, 2016
Published in:
Proceedings of the ACM Conference on Computer and Communications Security (CCS)
Type:
Conference Paper
Topic:

Summary

Recently there has been much interest in performing search queries over encrypted data to enable functionality while protecting sensitive data. One particularly efficient mechanism for executing such queries is order-preserving encryption/encoding (OPE). In this paper, we propose an alternative approach to range queries over encrypted data that is optimized to support insert-heavy workloads as are common in “big data” applications while still maintaining search functionality and achieving stronger security.
READ LESS

Summary

Recently there has been much interest in performing search queries over encrypted data to enable functionality while protecting sensitive data. One particularly efficient mechanism for executing such queries is order-preserving encryption/encoding (OPE). In this paper, we propose an alternative approach to range queries over encrypted data that is optimized to...
READ MORE

Charting a Security Landscape in the Clouds: Data Protection and Collaboration in Cloud Storage(1.6 MB)

Date:
July 7, 2016
Published in:
MIT Lincoln Laboratory Technical Report 1210
Type:
Technical Report
Topic:

Summary

This report surveys different approaches to securely storing and sharing data in the cloud based on traditional notions of security: confidentiality, integrity, and availability, with the main focus on confidentiality. An appendix discusses the related notion of how users can securely authenticate to cloud providers.
READ LESS

Summary

This report surveys different approaches to securely storing and sharing data in the cloud based on traditional notions of security: confidentiality, integrity, and availability, with the main focus on confidentiality. An appendix discusses the related notion of how users can securely authenticate to cloud providers.
READ MORE

Cryptography for Big Data Security(538.97 KB)

Date:
May 3, 2016
Published in:
Chapter in Big Data: Storage, Sharing, and Security, Fei Hu (editor), Auerbach Publications
Type:
Book Chapter
Topic:

Summary

New and improved security tools are needed to protect systems collecting and handling big data to allow applications to reap the benefits of big data analysis without the risk of such catastrophic attacks. Modern cryptography offers many powerful technologies that can help protect big data applications throughout the data lifecycle, as it is being collected, stored in repositories, and processed by analysts. In this chapter, we give a brief survey of several of these technologies and explain how they can help big data security.
READ LESS

Summary

New and improved security tools are needed to protect systems collecting and handling big data to allow applications to reap the benefits of big data analysis without the risk of such catastrophic attacks. Modern cryptography offers many powerful technologies that can help protect big data applications throughout the data lifecycle,...
READ MORE

SoK: Privacy on Mobile Devices – It’s Complicated(1.07 MB)

Date:
March 2, 2016
Published in:
Proceedings of2016 Privacy Enhancing Technologies Symposium (PETS)
Type:
Conference Paper
Topic:

Summary

Modern mobile devices place a wide variety of sensors and services within the personal space of their users. As a result, these devices are capable of transparently monitoring many sensitive aspects of these users’ lives (e.g., location, health, or correspondences). Users typically trade access to this data for convenient applications and features, in many cases without a full appreciation of the nature and extent of the information that they are exposing to a variety of third parties.

READ LESS

Summary

Modern mobile devices place a wide variety of sensors and services within the personal space of their users. As a result, these devices are capable of transparently monitoring many sensitive aspects of these users’ lives (e.g., location, health, or correspondences). Users typically trade access to this data for convenient applications...
READ MORE

Spyglass: Demand-Provisioned Linux Containers for Private Network Access(1.26 MB)

Date:
November 8, 2015
Published in:
Proceedings of the 29th Large Installation System Administration conference (LISA15), Washington D.C.
Type:
Conference Paper

Summary

System administrators have super-user access to the low level infrastructure of the systems and networks they maintain. Given the typical administrator’s breadth of access to this infrastructure, administrators or the client devices they use are a prime target for compromise by a motivated adversary. In this paper, we describe Spyglass, a tool for managing, securing, and auditing administrator access to private or sensitive infrastructure networks by creating on-demand bastion hosts inside of Linux containers.
READ LESS

Summary

System administrators have super-user access to the low level infrastructure of the systems and networks they maintain. Given the typical administrator’s breadth of access to this infrastructure, administrators or the client devices they use are a prime target for compromise by a motivated adversary. In this paper, we describe Spyglass,...
READ MORE

Unifying Leakage Classes: Simulatable Leakage and Pseudoentropy(324.96 KB)

Date:
September 4, 2015
Published in:
Information Theoretic Security, Lecture Notes in Computer Science, vol. 9063, pp. 69-86
Type:
Journal Article
Topic:

Summary

Leakage resilient cryptography designs systems to withstand partial adversary knowledge of secret state. Ideally, leakage-resilient systems withstand current and future attacks, restoring confidence in the security of implemented cryptographic systems. Understanding the relation between classes of leakage functions is an important aspect. In this work, we consider the memory leakage model, where the leakage class contains functions over the system’s entire secret state. Standard limitations include functions with bounded output length, functions that retain (pseudo) entropy in the secret, and functions that leave the secret computationally unpredictable.
READ LESS

Summary

Leakage resilient cryptography designs systems to withstand partial adversary knowledge of secret state. Ideally, leakage-resilient systems withstand current and future attacks, restoring confidence in the security of implemented cryptographic systems. Understanding the relation between classes of leakage functions is an important aspect. In this work, we consider the memory leakage...
READ MORE

Iris Biometric Security Challenges and Possible Solutions: For your eyes only - Using the iris as a key(2.7 MB)

Date:
August 13, 2015
Published in:
Signal Processing Magazine, IEEE , vol. 32, no. 5, pp. 42-53
Type:
Journal Article
Topic:

Summary

In this article, we illustrate a metric that can be used to optimize biometrics for authentication. Using iris biometrics as an example, we explore possible directions for improving processing and representation according to this metric. Finally, we discuss why strong biometric authentication remains a challenging problem and propose some possible future directions for addressing these challenges.
READ LESS

Summary

In this article, we illustrate a metric that can be used to optimize biometrics for authentication. Using iris biometrics as an example, we explore possible directions for improving processing and representation according to this metric. Finally, we discuss why strong biometric authentication remains a challenging problem and propose some possible...
READ MORE

Trustworthy whole-system provenance for the linux kernel(682.54 KB)

Date:
August 12, 2015
Published in:
24th USENIX Security Symposium (USENIX Security 15), Washington, D.C.
Type:
Conference Paper

Summary

A provenance-aware system automatically gathers and reports metadata that describes the history of each object being processed on the system. Provenance itself is a ripe attack vector, and its authenticity and integrity must be guaranteed before it can be put to use. We present Linux Provenance Modules (LPM), the first general framework for the development of provenance-aware systems.
READ LESS

Summary

A provenance-aware system automatically gathers and reports metadata that describes the history of each object being processed on the system. Provenance itself is a ripe attack vector, and its authenticity and integrity must be guaranteed before it can be put to use. We present Linux Provenance Modules (LPM), the first...
READ MORE