Search Results

1 - 10 of 17 items :

  • "Integration" x
  • Information Technology x
  • Computer Sciences, other x
Clear All
ErasuCrypto: A Light-weight Secure Data Deletion Scheme for Solid State Drives

Abstract

Securely deleting invalid data from secondary storage is critical to protect users’ data privacy against unauthorized accesses. However, secure deletion is very costly for solid state drives (SSDs), which unlike hard disks do not support in-place update. When applied to SSDs, both erasure-based and cryptography-based secure deletion methods inevitably incur large amount of valid data migrations and/or block erasures, which not only introduce extra latency and energy consumption, but also harm SSD lifetime.

This paper proposes ErasuCrypto, a light-weight secure deletion framework with low block erasure and data migration overhead. ErasuCrypto integrates both erasurebased and encryption-based data deletion methods and flexibly selects the more cost-effective one to securely delete invalid data. We formulate a deletion cost minimization problem and give a greedy heuristic as the starting point. We further show that the problem can be reduced to a maximum-edge biclique finding problem, which can be effectively solved with existing heuristics. Experiments on real-world benchmarks show that ErasuCrypto can reduce the secure deletion cost of erasurebased scheme by 71% and the cost of cryptographybased scheme by 37%, while guaranteeing 100% security by deleting all the invalid data.

Open access
The Onion Name System
Tor-powered Decentralized DNS for Tor Onion Services

Abstract

Tor onion services, also known as hidden services, are anonymous servers of unknown location and ownership that can be accessed through any Torenabled client. They have gained popularity over the years, but since their introduction in 2002 still suffer from major usability challenges primarily due to their cryptographically-generated non-memorable addresses.

In response to this difficulty, in this work we introduce the Onion Name System (OnioNS), a privacy-enhanced decentralized name resolution service. OnioNS allows Tor users to reference an onion service by a meaningful globally-unique verifiable domain name chosen by the onion service administrator.We construct OnioNS as an optional backwards-compatible plugin for Tor, simplify our design and threat model by embedding OnioNS within the Tor network, and provide mechanisms for authenticated denial-of-existence with minimal networking costs. We introduce a lottery-like system to reduce the threat of land rushes and domain squatting. Finally, we provide a security analysis, integrate our software with the Tor Browser, and conduct performance tests of our prototype.

Open access
SafePub: A Truthful Data Anonymization Algorithm With Strong Privacy Guarantees

Abstract

Methods for privacy-preserving data publishing and analysis trade off privacy risks for individuals against the quality of output data. In this article, we present a data publishing algorithm that satisfies the differential privacy model. The transformations performed are truthful, which means that the algorithm does not perturb input data or generate synthetic output data. Instead, records are randomly drawn from the input dataset and the uniqueness of their features is reduced. This also offers an intuitive notion of privacy protection. Moreover, the approach is generic, as it can be parameterized with different objective functions to optimize its output towards different applications. We show this by integrating six well-known data quality models. We present an extensive analytical and experimental evaluation and a comparison with prior work. The results show that our algorithm is the first practical implementation of the described approach and that it can be used with reasonable privacy parameters resulting in high degrees of protection. Moreover, when parameterizing the generic method with an objective function quantifying the suitability of data for building statistical classifiers, we measured prediction accuracies that compare very well with results obtained using state-of-the-art differentially private classification algorithms.

Open access
#DontTweetThis: Scoring Private Information in Social Networks

Abstract

With the growing popularity of online social networks, a large amount of private or sensitive information has been posted online. In particular, studies show that users sometimes reveal too much information or unintentionally release regretful messages, especially when they are careless, emotional, or unaware of privacy risks. As such, there exist great needs to be able to identify potentially-sensitive online contents, so that users could be alerted with such findings. In this paper, we propose a context-aware, text-based quantitative model for private information assessment, namely PrivScore, which is expected to serve as the foundation of a privacy leakage alerting mechanism. We first solicit diverse opinions on the sensitiveness of private information from crowdsourcing workers, and examine the responses to discover a perceptual model behind the consensuses and disagreements. We then develop a computational scheme using deep neural networks to compute a context-free PrivScore (i.e., the “consensus” privacy score among average users). Finally, we integrate tweet histories, topic preferences and social contexts to generate a personalized context-aware PrivScore. This privacy scoring mechanism could be employed to identify potentially-private messages and alert users to think again before posting them to OSNs.

Open access
Tales from the Dark Side: Privacy Dark Strategies and Privacy Dark Patterns

, 2013. [15] N. B. Ellison, C. Steinfield, and C. Lampe, “The benefits of facebook "friends:" social capital and college students’ use of online social network sites,” Journal of Computer- Mediated Communication, vol. 12, no. 4, pp. 1143-1168, 2007. [16] R. H. Fazio, “Multiple processes by which attitudes guide behavior: The MODE model as an integrative framework,” Advances in Experimental Social Psychology, vol. 23, pp. 75-109, 1990. [17] L. Festinger, A theory of cognitive dissonance. Stanford university press, 1962

Open access
Privacy-Preserving Similar Patient Queries for Combined Biomedical Data

(7043):834–838, 2005. [7] Mohamed Hamed, Christian Spaniol, Alexander Zapp, and Volkhard Helms. Integrative network-based approach identifies key genetic elements in breast invasive carcinoma. BMC Genomics , 16(5), 2015. [8] Nora K. Speicher and Nico Pfeifer. Towards multiple kernel principal component analysis for integrative analysis of tumor samples. ArXiv e-prints , January 2017. [9] Nora K. Speicher and Nico Pfeifer. Integrating different data types by regularized unsupervised multiple kernel learning with application to cancer subtype discovery

Open access
Privacy-Preserving Search of Similar Patients in Genomic Data

, Procedings , pages 28–48, 2011. [iDA16] iDASH - integrating Data for Analysis, Anonimization, and SHaring, 2016. Webpage at https://idash.ucsd.edu/genomics , 2016 competition at http://www.humangenomeprivacy.org/2016/ . [Int18] International Genome Sample Resource. IGSR and the 1000 genomes project. http://www.internationalgenome.org/ , Accessed Mar-2018. [JKS08] Somesh Jha, Louis Kruger, and Vitaly Shmatikov. Towards practical privacy for genomic computation. In 2008 IEEE Symposium on Security and Privacy (S&P 2008), 18-21 May 2008, Oakland

Open access
Listening to Whispers of Ripple: Linking Wallets and Deanonymizing Transactions in the Ripple Network

References [1] Becoming a Ripple Gateway. Ripple online documentation. https://ripple.com/build/gateway-guide/#becoming-aripple-gateway. [2] Becoming a Stellar Gateway. Stellar online documentation. https://www.stellar.org/developers/learn/integration-guides/gateway.html. [3] Bitcoin Wiki: Mixing Services. https://en.bitcoin.it/wiki/Category:Mixing_Services. [4] Executive Summary for Financial Institutions. Ripple online documentation. https://ripple.com/integrate

Open access
Linking Health Records for Federated Query Processing

References [1] N. Adam, T. White, B. Shafiq, J. Vaidya, and X. He. Privacy preserving integration of health care data. In AMIA Annual Symposium Proceedings, pages 1-5, 2007. [2] N. Adly. Efficient record linkage using a double embedding scheme. In International Conference on Data Mining, pages [3] R. Agrawal, A. Evfimievski, and R. Srikant. Information sharing across private databases. In ACM SIGMOD International Conference on Management of Data, pages 86-97, 2003. [4] H. Brenner. Application of

Open access