Tetsutaro Uehara

Privacy Preserving Confidential Forensic Investigation for Shared or Remote Servers

It is getting popular that customers make use of third party data service providers to store their data and emails. It is common to have a large server shared by many different users. This creates a big problem for forensic investigation. It may not be easy to clone a copy of data from the storage device(s) due to the huge volume of data. Even if it is possible to make a clone, there are many irrelevant information/data stored in the same device for which the investigators have no right to access. The other alternative is to let the service provider search the relevant information and retrieve the data for the investigator provided a warrant can be provided. However, sometimes, due to the confidentiality of the crime, the investigator may not want the service provider to know what information they are looking for or the service provider herself may be one of the suspects. The problem becomes even more obvious in terms of cloud computing technology. In this paper, we address this problem and using homomorphic encryption and commutative encryption, we provide two forensically sound schemes to solve the problem so that the investigators can obtain the necessary evidence while the privacy of other users can be protected and at the same time, the service provider cannot know what information the investigators are interested in.

Fog Computing: Issues and Challenges in Security and Forensics

Although Fog Computing is defined as the extension of the Cloud Computing paradigm, its distinctive characteristics in the location sensitivity, wireless connectivity, and geographical accessibility create new security and forensics issues and challenges which have not been well studied in Cloud security and Cloud forensics. In this paper, through an extensive review of the motivation and advantages of the Fog Computing and its unique features as well as the comparison on various scenarios between the Fog Computing and Cloud Computing, the new issues and challenges in Fog security and Fog forensics are presented and discussed. The result of this study will encourage and promote more extensive research in this fascinating field, Fog security and Fog forensics.

Privacy Preserving Multiple Keyword Search for Confidential Investigation of Remote Forensics

Remote forensics can help investigators perform investigation without need to ship hard drives or travel to a remote location. With increased use of cloud computing technologies, it is becoming more and more difficult to perform post-event forensic investigation. The difficulty consists in that thousands upon thousands of disparate data from different data owners may be stored on a single storage device (e.g., a remote server). To clone a copy of data from the storage device is a costly and time consuming task and may not be easy due to the huge volume of data. Even if it is possible to make a clone, investigating all the data one by one will inevitably result in exposing irrelevant data to the investigators while data owners may be unwilling to expose it because it may involve their privacy information. The other alternative is to let the server administrator search the relevant information and retrieve the data for the investigators provided a warrant can be provided. However, sometimes, the investigators need to keep the investigation subject confidential due to the confidentiality of the crime or the server administrator may be one of the suspects. In this paper, we address how to solve this problem by multiple keyword search over encrypted data, so that the investigators can obtain the necessary evidence while keeping the investigation subject confidential and at the same time, the irrelevant data can be protected from exposing to the investigators.

A Comparative Study of Forensic Science and Computer Forensics

As the internet has reached every corner of the world as well as every aspect of our life, illegal activities go with it as well. In dealing with this phenomenon, a new professional and academic field, computer forensics, has emerged since the beginning of this century, The growth and advance of the new field has been steady, mainly because it has been following the path of forensic science due to the similarities between the two fields, as well as professionals’ experience and understanding of the field. As forensic science has been challenged and asked to have a major overhaul by a congressionally mandated report recently, where should computer forensics go? Based on a comparative study in various facets of both forensic science and computer forensics, some suggestions and considerations have been drawn in this paper, which imply that computer forensics may need to reposition itself to better promote the field over the long run.

A Privacy-Secure Content Trading System for Small Content Providers Using Semi-Blind Digital Watermarking

A privacy-secure content trading system based on semi-blind fingerprinting which provides privacy-secure content trading as secure as blind fingerprinting at feasible processing cost with sufficient robustness is evaluated in this paper. This system assures both a content provider and a purchaser of a fair trading which is effective in a market where purchasers deal with a number of small or not so reliable content providers. We have implemented the system in which a useful tool should be provided for the market by amending inherent defects of conventional methods. In the basic models of conventional fingerprinting, the users security is guaranteed only under the premise that a content provider was perfectly trustworthy. Such premise makes a system unpractical. In order to cope with the problem, various fingerprinting schemes have been proposed in which cryptography technique utilized in order to protect users privacy. However, these are found to be unpractical due to the heavy computation cost and insufficient robustness of watermarking against manipulations. The semi-blind fingerprinting fulfills the need for both feasibility and robustness by altering encryption into the one with image decomposition that could blind an image to be unrecognizable. Image decomposition and a customized embedding algorithm are implemented to a web-based system, whose perceptual condition of decomposed images and robustness of watermark has been evaluated.

Security Analysis on Privacy-Secure Image Trading Framework Using Blind Watermarking

We propose and evaluate a privacy-secure image trading framework using blind fingerprinting technique which embeds a user ID using watermark technique. The framework provides a privacy-secure trading even though there is no confidential relation between a content provider and a user. In a conventional fingerprinting scheme, a content provider offers a user ID embedded image to a user in order to trace a pirated piece and an illegal user when an image is pirated.In spite the fact that privacy protection becomes an important issue along with augmentation of digital content trading,it has not been well considered in a conventional fingerprinting scheme. Some blind fingerprinting techniques satisfy privacy protection by concealing user information using cryptography. Semi-blind fingerprinting is another type of blind technique that is proposed with a concept of blinding information within feasible processing cost. Feasibility is satisfied by avoiding use of cryptography which causes heavy overhead in computation. In our proposed image trading framework, we use semi-blind technique which is well optimized for our framework. In order to establish a robust framework, we carry out security analysis by specifying various kinds of incidents and solutions.

A Web-Based Privacy-Secure Content Trading System for Small Content Providers Using Semi-Blind Digital Watermarking

A privacy-secure content trading system based on semi-blind fingerprinting is presented. Semi-blind fingerprinting provides privacy-secure content trading as secure as blind fingerprinting at feasible processing cost with sufficient robustness. This system assures a fair trading for both a content provider and a purchaser which is effective for a market where a number of small or not so reliable content providers deal with purchasers. We have been aiming at providing a useful tool for the market by overcoming the following defects. In the basic models of conventional fingerprinting, the users security could be guaranteed only under the premise that a content provider was perfectly trustworthy. Such premise makes a system unpractical. To overcome this defect, various scheme of blind fingerprinting have been proposed in which cryptography technique is used in order to protect users privacy. However, these are not practical due to heavy computation cost and insufficient robustness of watermark against manipulations. The semi-blind fingerprinting fulfills the need for both feasibility and robustness by altering encryption with image decomposition that blinds up an image to be unrecognizable. Image decomposition and a customized embedding algorithm are implemented to a web-based system, whose perceptual condition of decomposed images and robustness of watermark is evaluated.

Computer Ethics Video Clips for University Students in Japan from 2003 until 2013

The explosive growth of computer networking enormously increases security costs in universities. It is necessary to encourage the cooperation of students, faculty, and staff through education and training of information ethics, together with improving management and technologies, and as a consequence, to reduce university costs. We have been producing collections of video clips for information ethics education for university students to be used as teaching materials. New technology, service, custom, and so on accompany new security issues and ethics issues. So we have continued to produce video clips for these issues for ten years. We have produced the fourth edition of collections of video clips this year. This paper shows what kind of our clips and how our video clips changed in ten years.

Resource Allocation Optimization for GSD Projects

As globalization has become main phenomena in software development in the US since the year 2000, many software projects have been shipped out to other countries. Although the off-sourcing saves companies a significant amount of cost, Global Software Development (GSD) projects have created a significant challenge to the companies in terms of difference in geographical locations, time zones, and cultures. While 24-hour development model sounds to reduce the time and then the cost of software development, the expected outcome cannot be ensured if the tasks are not allocated to the proper resources in remote teams with considerations of the dependencies and constraints. In this paper, we propose an approach that can be used to reduce the overall time of GSD project development by allocating the tasks to the best possible resources based on an integrated analysis of the constraints and their impact on the overall product development.

Development of a Multiple User Quiz System on a Shared Display

Collaborative Learning attracts attention as a new teaching method for its effectiveness of acquiring various skills. Recognizing the limit of current design of personal computer (PC) for collaborative learning in face-to-face environment, the authors have proposed a computer system called Socialized Computer (SC) that allows multiple users access to the computer with multiple mice and keyboards, and share information on a single large display. The authors take quiz as learning material, and are developing multiple user quiz system named MultiMouseQuiz (MMQ) for collaborative learning along the concept of SC. This paper reports a prototype system of MMQ and preliminary experiment carried out at Kyoto University Museum using the prototype. Design issues of MMQ is addressed based on the findings obtained in the experiment.