Open AccessProceedings Article
Vanish: increasing data privacy with self-destructing data
Roxana Geambasu,Tadayoshi Kohno,Amit Levy,Henry M. Levy +3 more
- pp 299-316
Reads0
Chats0
TLDR
Vanish is presented, a system that meets this challenge through a novel integration of cryptographic techniques with global-scale, P2P, distributed hash tables (DHTs) and meets the privacy-preserving goals described above.Abstract:
Today's technical and legal landscape presents formidable challenges to personal data privacy First, our increasing reliance on Web services causes personal data to be cached, copied, and archived by third parties, often without our knowledge or control Second, the disclosure of private data has become commonplace due to carelessness, theft, or legal actions
Our research seeks to protect the privacy of past, archived data -- such as copies of emails maintained by an email provider -- against accidental, malicious, and legal attacks Specifically, we wish to ensure that all copies of certain data become unreadable after a userspecified time, without any specific action on the part of a user, and even if an attacker obtains both a cached copy of that data and the user's cryptographic keys and passwords
This paper presents Vanish, a system that meets this challenge through a novel integration of cryptographic techniques with global-scale, P2P, distributed hash tables (DHTs) We implemented a proof-of-concept Vanish prototype to use both the million-plus-node Vuze Bit-Torrent DHT and the restricted-membership OpenDHT We evaluate experimentally and analytically the functionality, security, and performance properties of Vanish, demonstrating that it is practical to use and meets the privacy-preserving goals described above We also describe two applications that we prototyped on Vanish: a Firefox plugin for Gmail and other Web sites and a Vanishing File applicationread more
Citations
More filters
Book ChapterDOI
The knowledge complexity of interactive proof-systems
TL;DR: Permission to copy without fee all or part of this material is granted provided that the copies arc not made or distributed for direct commercial advantage.
Journal ArticleDOI
Secure Deduplication with Efficient and Reliable Convergent Key Management
TL;DR: This paper proposes Dekey, a new construction in which users do not need to manage any keys on their own but instead securely distribute the convergent key shares across multiple servers and demonstrates that Dekey incurs limited overhead in realistic environments.
Posted Content
Measuring large-scale social networks with high resolution. WORKING PAPER.
Arkadiusz Stopczynski,Vedran Sekara,Piotr Sapiezynski,Andrea Cuttone,Jakob Eg Larsen,Sune Lehmann +5 more
Abstract: This paper describes the deployment of a large-scale study designed to measure human interactions across a variety of communication channels, with high temporal resolution and spanning multiple years—the Copenhagen Networks Study. Specifically, we collect data on face-to-face interactions, telecommunication, social networks, location, and background information (personality, demographics, health, politics) for a densely connected population of 1 000 individuals, using state-of-the-art smartphones as social sensors. Here we provide an overview of the related work and describe the motivation and research agenda driving the study. Additionally, the paper details the data-types measured, and the technical infrastructure in terms of both backend and phone software, as well as an outline of the deployment procedures. We document the participant privacy procedures and their underlying principles. The paper is concluded with early results from data analysis, illustrating the importance of multi-channel high-resolution approach to data collection.
Journal ArticleDOI
Secure Overlay Cloud Storage with Access Control and Assured Deletion
TL;DR: This work design and implement FADE, a secure overlay cloud storage system that achieves fine-grained, policy-based access control and file assured deletion, and associates outsourced files with file access policies, and assuredly deletes files to make them unrecoverable to anyone upon revocations of fileAccess policies.
Proceedings ArticleDOI
Technical Issues of Forensic Investigations in Cloud Computing Environments
Dominik Birk,Christoph Wegener +1 more
TL;DR: This paper focuses on the technical aspects of digital forensics in distributed cloud environments by assessing whether it is possible for the customer of cloud computing services to perform a traditional digital investigation from a technical point of view.
References
More filters
Journal ArticleDOI
How to share a secret
TL;DR: This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces and security breaches expose all but one of the remaining pieces.
Proceedings ArticleDOI
Chord: A scalable peer-to-peer lookup service for internet applications
TL;DR: Results from theoretical analysis, simulations, and experiments show that Chord is scalable, with communication cost and the state maintained by each node scaling logarithmically with the number of Chord nodes.
Journal ArticleDOI
k -anonymity: a model for protecting privacy
TL;DR: The solution provided in this paper includes a formal protection model named k-anonymity and a set of accompanying policies for deployment and examines re-identification attacks that can be realized on releases that adhere to k- anonymity unless accompanying policies are respected.
Book ChapterDOI
Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems
Antony Rowstron,Peter Druschel +1 more
TL;DR: Pastry as mentioned in this paper is a scalable, distributed object location and routing substrate for wide-area peer-to-peer ap- plications, which performs application-level routing and object location in a po- tentially very large overlay network of nodes connected via the Internet.
Journal ArticleDOI
Space/time trade-offs in hash coding with allowable errors
TL;DR: Analysis of the paradigm problem demonstrates that allowing a small number of test messages to be falsely identified as members of the given set will permit a much smaller hash area to be used without increasing reject time.