Melek Önen

ClouDedup: Secure Deduplication with Encrypted Data for Cloud Storage

With the continuous and exponential increase of the number of users and the size of their data, data deduplication becomes more and more a necessity for cloud storage providers. By storing a unique copy of duplicate data, cloud providers greatly reduce their storage and data transfer costs. The advantages of deduplication unfortunately come with a high cost in terms of new security and privacy challenges. We propose ClouDedup, a secure and efficient storage service which assures block-level deduplication and data confidentiality at the same time. Although based on convergent encryption, ClouDedup remains secure thanks to the definition of a component that implements an additional encryption operation and an access control mechanism. Furthermore, as the requirement for deduplication at block-level raises an issue with respect to key management, we suggest to include a new component in order to implement the key management for each block together with the actual deduplication operation. We show that the overhead introduced by these new components is minimal and does not impact the overall storage and computational costs.

Privacy-Preserving Content-Based Publish/Subscribe Networks

Privacy and confidentiality are crucial issues in content-based publish/subscribe (CBPS) networks. We tackle the problem of end-user privacy in CBPS. This problem raises a challenging requirement for handling encrypted data for the purpose of routing based on protected content and encrypted subscription information. We suggest a solution based on a commutative multiple encryption scheme in order to allow brokers to operate in-network matching and content based routing without having access to the content of the packets. This is the first solution that avoids key sharing among end-users and targets an enhanced CBPS model where brokers can also be subscribers at the same time.

Privacy and confidentiality in context-based and epidemic forwarding

Autonomic and opportunistic communications require specific routing algorithms, like replication-based algorithms or context-based forwarding. In addition to confidentiality, privacy is a major concern for protocols which disseminate the context of their destination. In this paper, we focus on the confidentiality and privacy issue inherent to context-based protocols, in the framework of an original epidemic forwarding scheme, which uses context as a heuristic to limit the replication of messages. We define the achievable privacy level with respect to the trusted communities assumption, and the security implications. Indeed, privacy in such an environment raises challenging problems, which lead us to a solution based on refinements of two pairing-based encryption, namely searchable encryption and identity-based encryption. This new solution enables forwarding while preserving user privacy by allowing secure partial matches in the header and by enforcing payload confidentiality.

Privacy in Content-Based Opportunistic Networks

In this paper, we present security primitives required to achieve privacy in content-based opportunistic networks. We define three privacy models adapted to content-based networking and detail what are the requirements that the security primitives have to achieve in order to fit in each of these models. We also propose an original approach based on multiple layer commutative encryption that features full privacy content-based networking.

Secure data aggregation with multiple encryption

Data aggregation has been put forward as an essential technique to achieve power efficiency in sensor networks. Data aggregation consists of processing data collected by source nodes at each intermediate node enroute to the sink in order to reduce redundancy and minimize bandwidth usage. The deployment of sensor networks in hostile environments call for security measures such as data encryption and authentication to prevent data tampering by intruders or disclosure by compromised nodes. Aggregation of encrypted and/or integrity-protected data by intermediate nodes that are not necessarily trusted due to potential node compromise is a challenging problem. We propose a secure data aggregation scheme that ensures that sensors participating to the aggregation mechanism do not have access to the content of the data while adding their sensed values thanks to the use of an efficient homomorphic encryption scheme. We provide a layered secure aggregation mechanism and the related key attribution algorithm that limits the impact of security threats such as node compromises. We also evaluate the robustness of the scheme against node failures and show that such failures are efficiently recovered by a small subset of nodes that are at most m hops away from the failure.

A security protocol for self-organizing data storage

This paper describes a cryptographic protocol for securing self-organized data storage through periodic verifications. The proposed verification protocol, which goes beyond simple integrity checks and proves data conservation, is deterministic, efficient, and scalable. The security of this scheme relies both on the ECDLP intractability assumption and on the difficulty of finding the order of some specific elliptic curve over Zn. The protocol also makes it possible to personalize replicas and to delegate verification without revealing any secret information.

A-PPL: An accountability policy language

Cloud Computing raises various security and privacy challenges due to the customers’ inherent lack of control over their outsourced data. One approach to encourage customers to take advantage of the cloud is the design of new accountability solutions which improve the degree of transparency with respect to data processing. In this paper, we focus on accountability policies and propose A-PPL, an accountability policy language that represents machine-readable accountability policies. A-PPL extends the PPL language by allowing customers to define additional rules on data retention, data location, logging and notification. The use of A-PPL is illustrated with a use case where medical sensors collect personal data which are then stored and processed in the cloud. We define accountability obligations related to this use case and translate them into A-PPL policies as a proof of concept of our proposal.

Analysis of Privacy in Online Social Networks from the Graph Theory Perspective

The extremely widespread adoption of Online Social Networks (OSNs) raises many questions on privacy and access control. Regardless of the particular centralized or de-centralized nature of the OSN, the achievable security and privacy degree strongly depends on the graph-theoretical properties of the social graph representing the real friendship relations between the users. In this paper, we analyze the relationship between the social network graph topology and the achievable privacy. We observe three metrics, namely degree distribution, clustering coefficient and mixing time, and show that they give fundamental insights on the privacy degree of the OSN. We propose how to exploit these insight for the design of future privacy-friendly OSN.

Optimistic fair exchange for secure forwarding

Several cooperation enforcement schemes based on rewarding mechanisms such as electronic cash or online credits have lately been proposed to prevent selfish behavior in ad-hoc networks. However, these schemes suffer from the lack of fairness guarantees or the reliance on costly mechanisms such as tamper- proof hardware or the requirement for trusted third parties (TTPs) that are not suitable for ad-hoc networks. In this paper, we present a new cooperation-enforcement scheme that is perfectly suitable for ad-hoc delay-tolerant networks. The protocol is based on a simple technique called hot- potato forwarding whereby in order to receive a packet, potential recipients must first deliver an advance reward to the sender prior to the transmission of the packet. Thanks to this technique cooperation among nodes becomes mandatory and poisoning attacks and cheating actions are inherently prevented. The second contribution in our scheme is an optimistic fair exchange protocol that solves the fairness problem that is inherent to peer rewarding schemes. The protocol achieves total fairness with the help of a TTP and is optimistic in that the TTP is only involved in case of conflict between peer nodes. Correct execution of the protocol does not require any access to the TTP, so fairness is achieved without any impact on well-behaving nodes. The fairness of the protocol is validated through the exhaustive analysis of all possible protocol traces.

Privacy preserving picture sharing: enforcing usage control in distributed on-line social networks

The problem of usage control, which refers to the control of the data after its publication, is becoming a very challenging problem due to the exponential growth of the number of users involved in content sharing. While the best solution and unfortunately the most expensive one to cope with this particular issue would be to provide a trusted hardware environment for each user, in this paper we address this problem in a confined environment, namely online social networks (OSN), and for the particular picture sharing application. In current OSNs, the owner of an uploaded picture is the only one who can control the access to this particular content and, unfortunately, other users whose faces appear in the same picture cannot set any rule. We propose a preliminary usage control mechanism targeting decentralized peer-to-peer online social networks where control is enforced thanks to the collaboration of a sufficient number of legitimate peers. In this solution, all faces in pictures are automatically obfuscated during their upload to the system and the enforcement of the obfuscation operation is guaranteed thanks to the underlying privacy preserving multi-hop routing protocol. The disclosure of each face depends on the rules the owner of the face sets when she is informed and malicious users can never publish this content in clear even if they have access to it.