Mihaela Ion

Toward content-centric privacy in ICN: attribute-based encryption and routing

We design a content-centric privacy scheme for Information-Centric Networking (ICN). We enhance ICNs ability to support data confidentiality by introducing attribute-based encryption into ICN and making it specific to the data attributes. Our approach is unusual in that it preserves ICNs goal to decouple publishers and subscribers for greater data accessibility, scalable multiparty communication and efficient data distribution. Inspired by application-layer publish-subscribe, we enable fine-grained access control with more expressive policies. Moreover, we propose an attribute-based routing scheme that offers interest confidentiality. A prototype system is implemented based on CCNx, a popular open source version of ICN, to showcase privacy preservation in Smart Neighborhood and Smart City applications.

Supporting Publication and Subscription Confidentiality in Pub/Sub Networks

The publish/subscribe model offers a loosely-coupled communication paradigm where applications interact indirectly and asynchronously. Publisher applications generate events that are sent to interested applications through a network of brokers. Subscriber applications express their interest by specifying filters that brokers can use for routing the events. Supporting confidentiality of messages being exchanged is still challenging. First of all, it is desirable that any scheme used for protecting the confidentiality of both the events and filters should not require the publishers and subscribers to share secret keys. In fact, such a restriction is against the loose-coupling of the model. Moreover, such a scheme should not restrict the expressiveness of filters and should allow the broker to perform event filtering to route the events to the interested parties. Existing solutions do not fully address those issues. In this paper, we provide a novel scheme that supports (i) confidentiality for events and filters; (ii) filters can express very complex constraints on events even if brokers are not able to access any information on both events and filters; (iii) and finally it does not require publishers and subscribers to share keys.

Performance evaluation of Attribute-Based Encryption: Toward data privacy in the IoT

With the ever increasing number of connected devices and the over abundance of data generated by these devices, data privacy has become a critical concern in the Internet of Things (IoT). One promising privacy-preservation approach is Attribute-Based Encryption (ABE), a public key encryption scheme that enables fine-grained access control, scalable key management and flexible data distribution. This paper presents an in-depth performance evaluation of ABE that focuses on execution time, data and network overhead, energy consumption, and CPU and memory usage. We evaluate two major types of ABE, Key-Policy Attribute-Based Encryption (KP-ABE) and Ciphertext-Policy Attribute-Based Encryption (CP-ABE), on different classes of mobile devices including a laptop and a smartphone. To the best of our knowledge, this is the first comprehensive study of ABE dedicated solely to its performance. Our results provide insights into important practical issues of ABE, including what computing resources ABE requires in heterogeneous environments, at what cost ABE offers benefits, and under what situations ABE is best suited for use in the IoT.

Supporting complex queries and access policies for multi-user encrypted databases

Cloud computing is an emerging paradigm offering companies (virtually) unlimited data storage and computation at attractive costs. It is a cost-effective model because it does not require deployment and maintenance of any dedicated IT infrastructure. Despite its benefits, it introduces new challenges for protecting the confidentiality of the data. Sensitive data like medical records, business or governmental data cannot be stored unencrypted on the cloud. Companies need new mechanisms to control access to the outsourced data and allow users to query the encrypted data without revealing sensitive information to the cloud provider. State-of-the-art schemes do not allow complex encrypted queries over encrypted data in a multi-user setting. Instead, those are limited to keyword searches or conjunctions of keywords. This paper extends work on multi-user encrypted search schemes by supporting SQL-like encrypted queries on encrypted databases. Furthermore, we introduce access control on the data stored in the cloud, where any administrative actions (such as updating access rights or adding/deleting users) do not require re-distributing keys or re-encryption of data. Finally, we implemented our scheme and presented its performance, thus showing feasibility of our approach.

Design and implementation of a confidentiality and access control solution for publish/subscribe systems

The publish/subscribe model offers a loosely-coupled communication paradigm where applications interact indirectly and asynchronously. Publishers generate events that are sent to interested applications through a network of brokers. Subscribers express their interest by specifying filters that brokers can use for routing the events. Supporting confidentiality of messages being exchanged is still challenging. First of all, it is desirable that any scheme used for protecting the confidentiality of both the events and filters should not require publishers and subscribers to share secret keys. In fact, such a restriction is against the loose-coupling of the model. Moreover, such a scheme should not restrict the expressiveness of filters and should allow the broker to perform event filtering to route the events to the interested parties. Existing solutions do not fully address these issues. In this paper, we provide a novel scheme that supports (i) confidentiality for events and filters; (ii) allows publishers to express further constraints about who can access their events; (iii) filters that can express very complex constraints on events even if brokers are not able to access any information in clear on both events and filters; (iv) and, finally, it does not require publishers and subscribers to share keys. Furthermore, we show how we applied our scheme to a real-world e-health scenario, developed together with a hospital. We also describe the implementation of our solution in Java and the integration with an existing publish/subscribe system.

Enforcing Multi-user Access Policies to Encrypted Cloud Databases

Cloud computing has the advantage that it offers companies (virtually) unlimited data storage at attractive costs. However, it also introduces new challenges for protecting the confidentiality of the data, and the access to the data. Sensitive data like medical records, business or governmental data cannot be stored unencrypted on the cloud. Moreover, they can be of interest to many users and different policies could apply to each. Companies need new mechanisms to query the encrypted data without revealing anything to the cloud server, and to enforce access policies to the data. Current security schemes do not allow complex encrypted queries over encrypted data in a multi-user setting. Instead, they are limited to keyword searches. Moreover, current solutions assume that all users have the same access rights to the data. This demo shows the implementation of a scheme that allows making SQL-like queries on encrypted databases in a multi-user setting, while at the same time allowing the database owner to assign different access rights to users.

ESPOON: Enforcing Encrypted Security Policies in Outsourced Environments

The enforcement of security policies in outsourced environments is still an open challenge for policy-based systems. On the one hand, taking the appropriate security decision requires access to the policies. However, if such access is allowed in an untrusted environment then confidential information might be leaked by the policies. Current solutions are based on cryptographic operations that embed security policies with the security mechanism. Therefore, the enforcement of such policies is performed by allowing the authorised parties to access the appropriate keys. We believe that such solutions are far too rigid because they strictly intertwine authorisation policies with the enforcing mechanism. In this paper, we want to address the issue of enforcing security policies in an untrusted environment while protecting the policy confidentiality. Our solution ESPOON is aiming at providing a clear separation between security policies and the enforcement mechanism. However, the enforcement mechanism should learn as less as possible about both the policies and the requester attributes.

Securing data provenance in the cloud

Cloud storage offers the flexibility of accessing data from anywhere at any time while providing economical benefits and scalability. However, cloud stores lack the ability to manage data provenance. Data provenance describes how a particular piece of data has been produced. It is vital for a post-incident investigation, widely used in healthcare, scientific collaboration, forensic analysis and legal proceedings. Data provenance needs to be secured since it may reveal private information about the sensitive data while the cloud service provider does not guarantee confidentiality of the data stored in dispersed geographical locations. This paper proposes a scheme to secure data provenance in the cloud while offering the encrypted search.