The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The importance of frequent backups is uncontroversial. Their creation is simpler than ever today thanks to widespread availability of cheap cloud storage. Common backup solutions, however, tend to be either insecure, inflexible or inefficient in typical backup scenarios.,,,,In this paper, we present triviback, a lightweight and almost trivial, yet powerful solution for outsourcing backups to untrusted...
Location-based queries have brought challenging privacy issues for mobile users. Having access to data, anytime from anywhere, raises many security concerns. One of these concerns is user's location privacy, where a user must reveal her location to get the desired result. The question is how to benefit from such queries without endangering user's location privacy. This paper presents a new method...
ElectroCardioGram ECG biometrics has recently been identified as a promising technique to identify subjects. Meanwhile, as ECG related data can reveal other factors like medical disease, the protection of the ECG biometric template is mandatory. The challenge is to guaranty the privacy of the ECG data, while keeping adequate performance results in terms of false acceptance rate and false rejection...
We report on our research on proving the security of multi-party cryptographic protocols using the EASYCRYPT proof assistant. We work in the computational model using the sequence of games approach, and define honest-butcurious (semi-honest) security using a variation of the real/ideal paradigm in which, for each protocol party, an adversary chooses protocol inputs in an attempt to distinguish the...
Nowadays the most used applications are the web based applications, for instance long range informal communication, shopping, e-learning, banking and social networking are all an examples of web based applications. It is commonly known that these Web applications are publicly available for all users around the world. This leads us to new challenges in securing these applications and exposing them...
Computer security has been a subject of serious study for at least 40 years, and a steady stream of innovations has improved our ability to protect networks and applications. But attackers have adapted and changed methods over the years as well. Where do we stand today in the battle between attackers and defenders? Are attackers gaining ground, as it often seems when reading press accounts of the...
With the prevalence of cloud computing, privacy-preserving database outsourcing has been spotlighted. To preserve both data privacy and query privacy from adversaries, databases need to be encrypted before being outsourced to the cloud. However, there exists the only kNN classification scheme over the encrypted databases in the cloud. Because the existing scheme suffers from high computation overhead,...
The impressive amount of recent technological advancements in the area of information systems have brought along, besides the multitude of positive aspects, some negative aspects too. The most obvious one is represented by the fact that the technological innovations are prone to various categories of threats. Making sure that information stays safe, unaltered and secret is an integral part of providing...
B2B (business-to-business) systems often use service-oriented architecture (SOA) with decomposed business services. These services can interact and share data among each other. Service might use a cloud – hosted database, such as a non - relational encrypted key – value store. However, the cloud platform hosting the database can be untrusted. Data owner needs to be sure that each service can access...
Querying the path information of individual products in a supply chain is key to many applications. RFID (Radio-Frequency IDentification) is a main technology to enable product path information query today. With RFID technology, supply chain participants can efficiently track products in transit and record their production information in databases. In this paper, we investigate the following question:...
Network signatures are used in network intrusion detection systems that try to detect an Internet worm by monitoring network packets. There are many ways to make polymorphic worms. One technique depends on encrypting the body, which erases both signatures and statistical characteristics of the worm byte string. Currently, intrusion detection system reads all the incoming packets and tries to find...
This paper analyses problems of database information security. The database described in this paper has critical information about an operating device, as it is a part of the device's lifecycle support system. Provision of information security is based on the current state laws of the Russian Federation. Here the authors provided the models for secure authorization, encryptions of data and a program...
Nowadays we have a project of a high-performance parallel encrypted database on a cluster platform that will work with large volumes of data. For the smooth operation of the system, a reliable and high-speed data replication mechanism is required which should satisfy certain criteria of PostgreSQL DBMS and the mentioned project. In this article we consider the very essence of data replication, replication...
Smart-card-based user authentication is a significant security mechanism that allows remote users to be granted access to services and resources in distributed computing environments like clouds. In this paper, we revisit two password authentication schemes with smart cards proposed by Mishra et al. and Wu et al. in 2015, respectively. We demonstrate that: (1) Despite being armed with a formal security...
Cloud database systems such as Amazon RDS or Google Cloud SQLenable the outsourcing of a large database to a server who then responds to SQL queries. A natural problem here is to efficiently verify the correctness of responses returned by the (untrusted) server. In this paper we present vSQL, a novel cryptographic protocol for publicly verifiable SQL queries on dynamic databases. At a high level,...
Ransomware has become the most threatening malware which takes out money from their victims by threatening them that they have been caught accessing illegal websites or in other illegitimate activities. Ransomware has not spared even a single operating system. Windows, IOS, Android and even Linux have been attacked by ransomware and none of them was able to protect its users from its threat. Since...
Challenges in cloud forensics have been increasing due to increase in cloud computing. Many types of attacks are used to bring down different types of cloud service models by malicious users. In this paper, we provide a scheme which main-tains the integrity and confidentiality of logs as well as provides easy verification mechanism for the logs. Various encryption techniques and hash functions are...
Database management systems have been indispensable to enterprises for decades. As the amount of data dramatically increased, database aggregation has encountered a dilemma between privacy and performance. In traditional database aggregation, all attributes have been encrypted to protect the privacy of data. However, in big data, this privacy measure is no longer feasible because cryptography will...
This demonstration introduces the database community to state-of-the-art cryptographic methods that ensure efficient oblivious access to cloud data. In particular, we explore oblivious storage systems which hide both the content of data and data access patterns from an untrusted cloud provider. The demo considers the popular and realistic setting where multiple users from a trusted group asynchronously...
Proper identification is important for providing secure facilities and services to user. Cloud computing is involved in our day to day life as it offers several services, storage spaces, applications etc. As the usage increases, vulnerability and security threats arose need to be studied and rectified. As a part of this, proper authentication need to be done before allowing file uploading to cloud...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.