Skip to main content
main-content

Über dieses Buch

This book constitutes the refereed proceedings of the 10th VLDB Workshop on Secure Data Management held in Trento, Italy, on August 30, 2013. The 15 revised full papers and one keynote paper presented were carefully reviewed and selected from various submissions. The papers are organized in technical papers and 10 vision papers which address key challenges in secure data management and indicate interesting research questions.

Inhaltsverzeichnis

Frontmatter

Key Note

Frontmatter

To Cloud Or Not To? Musings on Clouds, Security and Big Data

Abstract
In this talk we explored the economics of cloud computing. We identified cost trade-offs and postulated the key principles of cloud outsourcing that define when cloud deployment is appropriate and why. The results may surprise and are especially interesting in understanding cyber- security aspects that impact the appeal of clouds.
We outlined and investigated some of the main research challenges on optimizing for these trade-offs. If you came to this talk you were also very likely to find out exactly how many US dollars you need to spend to break your favorite cipher, or send one of your bits over the network.
Radu Sion

Vision Papers

Frontmatter

Data Security – Challenges and Research Opportunities

Abstract
The proliferation of web-based applications and information systems, and recent trends such as cloud computing and outsourced data management, have increased the exposure of data and made security more difficult. In this paper we briefly discuss open issues, such as data protection from insider threat and how to reconcile security and privacy, and outline research directions.
Elisa Bertino

Research Challenges to Secure the Future Internet

Abstract
This article puts forth a number of research challenges that need to be overcome to secure the future digital world and protect the people living in it.
Jan Camenisch

Security and Privacy of Data in a Cloud

Abstract
The goals of this brief note are to describe some of the research progress that has been made to date and elaborate on the fundamental challenges facing the research community in security and privacy of data stored in a cloud.
Sushil Jajodia

The Future of Information Security Research: Cryptology and Beyond

Abstract
This paper reflects on the state of the art in cryptology and information security. It considers the main achievements and shortcomings of research and identifies the major challenges for the future. It explores which research approaches have a high potential to evolve from academic ideas to practical solutions. The paper concludes by discussing how the deployment of more secure and reliable IT systems requires a complete re-engineering including new architectures; it also sketches the broader societal context of such a redesign.
Bart Preneel

Where Security Research Should Go in the Next Decade

Abstract
In 2004 the series of annual Secure Data Management workshops as part of VLDB began, so SDM can now celebrate its 10th edition. It is less clear, when research in the area of security began; even for ICT security this is unclear. One could claim, that security research started thousands of years ago, when the original Trojan Horse was designed. While one can probably find even earlier references to research on security issues, referring to the Trojan Horse can also take its justification from the fact, that the original Trojan Horse lead to a decisive end of a security issue after about 10 years. In any case it illustrates, that already several millennia of thinking (or not-thinking) were spent on the issue. Therefore this text starts with a description of relevant goals (1) as well as technical and other trends (2). Then (3) relevant instruments for ICT security are derived from the goals and trends. These instruments are not necessarily new but important for research due to their relevance in general or due to their high number of relevant open questions.
Kai Rannenberg

“Technology Should Be Smarter Than This!”: A Vision for Overcoming the Great Authentication Fatigue

Abstract
Security researchers identified 15 years ago that passwords create too much of a burden on users. But despite much research activity on alternative authentication mechanisms, there has been very little change for users in practice, and the implications for individual and organisations productivity are now severe. I argue that - rather than looking for alternative ‘front-end’ solutions, we must re-think the nature of authentication: we must drastically reduce the number of explicit authentication events users have to participate in, and use advanced technologies to implicitly authenticate users, without disrupting their productive activity.
M. Angela Sasse

Data Security and Privacy in 2025?

Abstract
Security research aims at reducing the risk and consequences of attacks on information technology. Based on the projection of current trends, this vision paper makes an attempt at identifying potential security research challenges for the next 10 years. Examples of identified challenges are the trend to have pervasive computing in tiny devices, to collect and analyze data from these devices and other sources, and to increase the connection between IT and physical systems.
Matthias Schunter

Towards a Risk-Based Approach to Achieving Data Confidentiality in Cloud Computing

Abstract
With the advent of cloud computing, data and computation outsourcing is fast emerging as a dominant trend for both individual users for personal data management as well as for enterprises wishing to exploit the cloud to limit investment and costs in IT. A fundamental challenge that arises when entities outsource data is the “loss of control over data”. The paper focuses on the privacy and confidentiality implications of loss of control. Techniques/mechanisms to ensure data confidentiality have been studied in the literature in the context of database as a service (DAS). The paper identifies new opportunities and challenges that arise in the context of the cloud. In particular, the paper advocates a risk-based approach to data security in the context of cloud computing.
Sharad Mehrotra

Internet of Things

Security, Privacy and Trust Considerations
Abstract
Secure and reliable Internet of Things (IoT) presents the main challenges to face for sustainable and efficient IoT ecosystems based on privacy-aware systems. In this paper we present a concise description of such challenges.
Antonio Skarmeta, M. Victoria Moreno

Security, Privacy and Trust: From Innovation Blocker to Innovation Enabler

Abstract
This paper reflects on security, privacy and trust from the point of you of the innovation in information and communication technologies. It also considers social, economic and legal aspects that need to be taken into account in the development cycles of new technologies. Finally, the major research challenges, which need to be overcome to ensure the future of the digital world, protect people privacy and enable even more rapid innovation, have been discussed.
Willem Jonker, Milan Petković

Workshop Papers

Frontmatter

Secure Similar Document Detection with Simhash

Abstract
Similar document detection is a well-studied problem with important application domains, such as plagiarism detection, document archiving, and patent/copyright protection. Recently, the research focus has shifted towards the privacy-preserving version of the problem, in which two parties want to identify similar documents within their respective datasets. These methods apply to scenarios such as patent protection or intelligence collaboration, where the contents of the documents at both parties should be kept secret. Nevertheless, existing protocols on secure similar document detection suffer from high computational and/or communication costs, which renders them impractical for large datasets. In this work, we introduce a solution based on simhash document fingerprints, which essentially reduce the problem to a secure XOR computation between two bit vectors. Our experimental results demonstrate that the proposed method improves the computational and communication costs by at least one order of magnitude compared to the current state-of-the-art protocol. Moreover, it achieves a high level of precision and recall.
Sahin Buyrukbilen, Spiridon Bakiras

Big Security for Big Data: Addressing Security Challenges for the Big Data Infrastructure

Abstract
Big Data technologies are changing the traditional technology domains and their successful use will require new security models and new security design approaches to address emerging security challenges. This paper intends to provide initial analysis of the security issues and challenges in Big Data and map new challenges and problems to the traditional security domains and technologies. The paper starts with the Big Data definition and discusses the features that impact the most the Big Data security, such as Veracity, Volume, Variety, and dynamicity. The paper analyses the paradigm change and new challenges to Big Data security. The paper refers to the generic Scientific Data Infrastructure (SDI) model and discusses security services related to the proposed Federated Access and Delivery Infrastructure (FADI) that serves as an integration layer for potentially multi-provider multi-domain federated project oriented services infrastructure. The paper provides suggestions for practical implementation of such important security infrastructure components as federated access control and identity management, fine-grained data-centric access control policies, and the Dynamic Infrastructure Trust Bootstrap Protocol (DITBP) that allows deploying trusted remote virtualised data processing environment. The paper refers to the past and ongoing project experience by authors and discusses how this experience can be consolidated to address new Big Data security challenges identified in this paper.
Yuri Demchenko, Canh Ngo, Cees de Laat, Peter Membrey, Daniil Gordijenko

Query Log Attack on Encrypted Databases

Abstract
Encrypting data at rest has been one of the most common ways to protect the database data against honest but curious adversaries. In the literature there are more than a dozen mechanisms proposed on how to encrypt data to achieve different levels of confidentiality. However, a database system is more than just data. An inseparable aspect of a database system is its interaction with the users through queries. Yet, a query-enhanced adversary model that captures the security of user interactions with the encrypted database is missing. In this paper, we will first revisit a few well-known adversary models on the data encryption schemes. Also, to model the query-enhanced adversaries we additionally need new tools, which will be formally defined. Eventually, this paper introduces query-enhanced adversary models which additionally have access to the query logs or interact with the database in different ways. We will prove by reduction that breaking a cryptosystem by a query-enhanced adversary is at least as difficult as breaking the cryptosystem by a common adversary.
Tahmineh Sanamrad, Donald Kossmann

A Multi-Party Protocol for Privacy-Preserving Range Queries

Abstract
Privacy-preserving query processing (PPQP) techniques are increasingly important in collaborative scenarios, where users need to execute queries on large amount of data shared among different parties who do not want to disclose private data to the others. In many cases, secure multi-party computation (SMC) protocols can be applied, but the resulting solutions are known to suffer from high computation and communication costs. In this paper, we describe a scalable protocol for performing queries in distributed data while respecting the data owners’ privacy. Our solution is applicable both to equality and range queries, and relies on a bucketization technique in order to reduce time complexity. We show the effectiveness of our approach through theoretical and practical analysis.
Maryam Sepehri, Stelvio Cimato, Ernesto Damiani

Privacy Implications of Privacy Settings and Tagging in Facebook

Abstract
Social networks are becoming increasingly popular nowadays. Users share personal information about themselves and other users in order to build and maintain their social network. However, the large amount of personal information available on social networks poses risks of data misuse. Although social networks offer users the possibility to specify privacy settings to regulate access to their information, these settings are often complicated and unintuitive, especially when dealing with new modalities of social communication like tagging. In this paper we investigate the privacy consequences of information sharing in social networks. In particular, we formally analyze the impact of the privacy settings and the use of tagging in Facebook on the visibility of information. To increase users’ awareness of the risks of information sharing and empower users to control their information, we present a tool for determining the visibility of users’ information based on their privacy settings and tagging.
Stan Damen, Nicola Zannone

Backmatter

Weitere Informationen

Premium Partner

    Bildnachweise