Scalable Encrypted Verifiable Search

Slides:

Advertisements

Similar presentations

MFA for Business Banking – Security Questions with 2nd Request Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing.

Advertisements

MFA for Business Banking – Security Questions with Reset Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing.

Exploring PHP and MySQL Using an Online Travel Agency as a Case Study Charles R. Moen, M.S. Morris M. Liaw, Ph.D. October 9, 2004 ACET 2004.

Forms Authority Database Store Username and Passwords: ASP.NET framework allows you to control access to pages, classes, or methods based on username and.

ECS and LDAP Karen Krivaa Product Marketing Manager.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Industrial Security Facility Database Chad Stoker FSO, L-3 Communications Greenville, TX.

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Overview What are the provisioning methods used in the Australian registry system? How are these provisioning systems secured?

CSCI 6962: Server-side Design and Programming

Membership in ASP.Net...if only Presented by: Patrick Hynds President, CriticalSites Microsoft Regional Director.

Mobile Based Security System Group 11 Awantha S.A.T. Darshana S.A.T. Kumara M.D.B.J.B. Sandakalum H.K.L.S.

Creating a User ID (1) User makes any HTTP request

Roy Bahian, Sean Maxon, Brian Seo, Michael Rojas, Daniel Sherry, Nor Rabi’ah Mohd Nawawi Client: Dr. Ali Mostashari.

Sayed Ahmed Computer Engineering, BUET, Bangladesh MSc., Computer Science, Canada

Authentication Key HMAC(MK, “auth”) Server Encryption Key HMAC(MK, “server_enc”) User Password Master Key (MK) Client Encryption Key HMAC(MK, “client_enc”)

Unit 1: Protection and Security for Grid Computing Part 2

Feedback #2 (under assignments) Lecture Code:

1 Emergency Alerts as RSS Feeds with Interdomain Authorization Filippo Gioachin 1, Ravinder Shankesi 1, Michael J. May 1,2, Carl A. Gunter 1, Wook Shin.

Roy Bahian, Sean Maxon, Brian Seo, Michael Rojas, Daniel Sherry, Nor Rabi’ah Mohd Nawawi Client: Dr. Ali Mostashari.

Secure Systems Research Group - FAU SW Development methodology using patterns and model checking 8/13/2009 Maha B Abbey PhD Candidate.

Case Study.  Client needed to build data collection agents for various mobile platform  This needs to be integrated with the existing J2ee server 

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

ASSIGNMENT 2 Salim Malakouti. Ticketing Website  User submits tickets  Admins answer tickets or take appropriate actions.

Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.

KERBEROS SYSTEM Kumar Madugula.

Global Transaction Bank Deutsche Bank Investor Reporting Demo.

Scheduler CSE 403 Project SDS Presentation. What is our project? We are building a web application to manage user’s time online User comes to our webpage.

Scalable Verifiable Encrypted Search Encrypted Search with Third Party Support and Protection From Dishonest Data Stores.

Roy Bahian, Sean Maxon, Brian Seo, Michael Rojas, Daniel Sherry, Nor Rabi’ah Mohd Nawawi Client: Dr. Ali Mostashari.

1 COMPARISON OF OLD AND NEW APPLICATION (EXISTING USER SIGN UP) Commercial Taxes Department Government Of Jharkhand.

Process of Professional Tax Registration

Logging On – to Rotary databases Two Distinct Resources – Club Website & Database Referred to often as ClubRunner – Rotary International.

Cookies Tutorial Cavisson Systems Inc..

Web Application Vulnerabilities, Detection Mechanisms, and Defenses

Federation made simple

GrubTruck (iOS Food Truck App)

EDC Process Proposal Brian Brandaw Manager of IT Common Platforms

Cryptography and Network Security

A Wireless LAN Security Protocol

Authentication.

CSCE 715: Network Systems Security

Authentication Applications

All about social networking

Kerberos Kerberos is a network authentication protocol and it is designed to provide strong authentication for client server applications. It uses secret.

Kerberos: An Authentication Service for Open Network Systems

CSE 403 Project SDS Presentation

BY: SHIVI AGRAWAL ( ) CSE-(6)C

Multifactor Authentication & First Time Login

KMIP Entity Object and Client Registration

Kerberos Kerberos is an authentication protocol for trusted hosts on untrusted networks.

Architecture Competency Group

X-Road as a Platform to Exchange MyData

CLASP Project AAI Workshop, Nov 2000 Denise Heagerty, CERN

SharePoint Online Authentication Patterns

AOL Mail Get help to login, sign in & troubleshoot AOL by-get services.com Toll-Free: 1(855)

PROJECT PROGRESS PRESENTATION

Encrypted Database Final Presentation

Technical Integration Guide

Back end Development CS Programming Languages for Web Applications

Process flow Kindly note: This presentation is automated – please do not click any of your mouse buttons or keyboard keys.

Hotmail Customer Support Helpline Number

Information Retrieval and Web Design

MyLion Registration Website | Mobile device

Flutter High-Fi Prototype

Back end Development CS Programming Languages for Web Applications

The new EDAMIS and its security

Module 1.3 Introduction to the HFR Administration Module

MicroToken Exchange Data Security Solutions

Presentation transcript:

Scalable Encrypted Verifiable Search Progress Update Daniel Intskirveli & Johannes Christ

Progress Command line interactive search tool Server rewrite: Java → Scala Search protocol implementation Login/sign-up flow polish Database schema optimization (3NF, indexes) Lots of bug fixes in databases generation code: Serialization from big integer to byte array and back Authenticated set edge cases Authenticated set bucketing

Search protocol Client Server Authentication request Use auth. token for communication Stage 1: query authenticated word set Verify word set Stage 2: query tag set Verify tags (exit for single-word searches) Stage 3: query cross tag set Verify cross tags List results with matches. Request for end of session Verify credentials, send auth. Token Create search session (UUID) Store search token as well as public/shared keys retrieved from database Query word set and send result Retrieve tags for search token, store them Send tags for verification Query cross tag set. For found tags, find document name. Send cross tags and document names. Destroy session for user’s search session cookie.

Search demo Database generated with small excerpts from: 1984, George Orwell Alice’s Adventures in Wonderland, Lewis Carroll Inaugural address, John F. Kennedy The Corps, and The Corps, and The Corps, Douglass MacArthur Slaughterhouse-Five, Kurt Vonnegut A Tale of Two Cities, Charles Dickens 20,000 Leagues Under The Sea, Jules Verne I Have a Dream, Martin Luther King

Server Signup/Login Flow (Demo) API Authentication User provides email Send credentials to /auth endpoint, receive authentication token as response User receives sign-up link via email User enters details Server finds Gravatar Token can be used for subsequent API calls Login User enters credentials Reset Password Credentials are sent to server (password is bcrypt32 hashed + salted) Enter email Receive link via email Enter new password User reaches home page

//TODO Client application Package server for deployment (RPM) Search UI Third-party data requests Package server for deployment (RPM) Non-MR database generation for small datasets Ability to opt-out of auth. set generation (less secure but faster + mutable database) Move to serialization with cross-platform support

Thanks! Questions?