Self-Enforcing Private Inference Control Yanjiang Yang (I2R, Singapore) Yingjiu Li (SMU, Singapore) Jian Weng (Jinan Univ. China) Jianying Zhou (I2R, Singapore)

Slides:



Advertisements
Similar presentations
Private Inference Control David Woodruff MIT Joint work with Jessica Staddon (PARC)
Advertisements

Private Inference Control
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
Operating System Security
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 8 04/04/2011 Security and Privacy in Cloud Computing.
1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
Optionally Identifiable Private Handshakes Yanjiang Yang.
Presenter: Nguyen Ba Anh HCMC University of Technology Information System Security Course.
A New Approach for Anonymous Password Authentication Yanjiang Yang, Jianying Zhou, Feng Bao Institute for Infocomm Research, Singapore Jian Weng Jinan.
Database Management System
Achieving Better Privacy Protection in WSNs Using Trusted Computing Yanjiang YANG, Robert DENG, Jianying ZHOU, Ying QIU.
5.1 © 2006 by Prentice Hall Ethical and Social Issues in the Digital Firm.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Password Management for Multiple Accounts Some Security.
Anatomy: Simple and Effective Privacy Preservation Israel Chernyak DB Seminar (winter 2009)
1 Introduction to Communications Professor R. C. T. Lee Dept. of Information Management Dept. of Computer Science Department of Communications Department.
Building Secure Software Chapter 9 Race Conditions.
Privacy Issues and Techniques for Monitoring Applications Vibhor Rastogi RFID Security Group.
Georgy Melamed Eran Stiller
RFID Cardinality Estimation with Blocker Tags
Keys Chapter 8 Database Design for Mere Mortals. Why Keys Are Important They ensure that each record in a table can be properly identified. They help.
ORACLE DATABASE SECURITY
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Relational databases.  Retrieving data from a database requires pulling data from multiple tables  Tables relate to each other in distinct ways, modelled.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Chapter 10: Authentication Guide to Computer Network Security.
Cryptography and Network Security
Security Security is a measure of the system’s ability to protect data and information from unauthorized access while still providing access to people.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2011 Lecture 16 10/11/2011 Security and Privacy in Cloud Computing.
Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Storage & Revoking.
CIS 450 – Network Security Chapter 8 – Password Security.
Switch off your Mobiles Phones or Change Profile to Silent Mode.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.
The Data Protection Act 1998 The Eight Principles.
Polyinstantiation Problem
1 Welcome: To the second learning sequence “ Data Base (DB) and Data Base Management System (DBMS) “ Recap : In the previous learning sequence, we discussed.
Cryptography, Authentication and Digital Signatures
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #4 Multilevel Secure Database.
Protecting Sensitive Labels in Social Network Data Anonymization.
Identity-Based Secure Distributed Data Storage Schemes.
Disclosure risk when responding to queries with deterministic guarantees Krish Muralidhar University of Kentucky Rathindra Sarathy Oklahoma State University.
1 A Citizen Privacy Protection Model for E-Government Mashup Services The Proceedings of the 9th Annual International Digital Government Research Conference.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Multilevel Secure Data Management.
Academic Year 2014 Spring Academic Year 2014 Spring.
Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion.
Time-Space Trust in Networks Shunan Ma, Jingsha He and Yuqiang Zhang 1 College of Computer Science and Technology 2 School of Software Engineering.
Jun Luo Panos Papadimitratos Jean-Pierre Hubaux By: Mai Ali Sayed.
Presented By Amarjit Datta
Database Management Systems, 2 nd Edition, R. Ramakrishnan and J. Gehrke1 Security Lecture 17.
Trustworthy Semantic Web Dr. Bhavani Thuraisingham The University of Texas at Dallas Inference Problem March 4, 2011.
Privacy-Enhanced Web Service Composition. Abstract Data as a Service (DaaS) builds on service-oriented technologies to enable fast access to data resources.
Prepared By: Razif Razali 1 TMK 264: COMPUTER SECURITY CHAPTER SIX : ADMINISTERING SECURITY.
9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.
Overview of Database Security Introduction Security Problems Security Controls Designing Database Security.
Database Security Database System Implementation CSE 507 Some slides adapted from Navathe et. Al.
Professor Jonathan Raper City University London & Placr Ltd. Rejecting the privacy transaction.
Database and Cloud Security
Database System Implementation CSE 507
Database Security and Authorization
Building Trustworthy Semantic Webs
Student: Ying Hong Course: Database Security Instructor: Dr. Yang
Building Trustworthy Semantic Webs
Trustworthy Semantic Web
Security in Computing, Fifth Edition
Presentation transcript:

Self-Enforcing Private Inference Control Yanjiang Yang (I2R, Singapore) Yingjiu Li (SMU, Singapore) Jian Weng (Jinan Univ. China) Jianying Zhou (I2R, Singapore) Feng Bao (I2R, Singapore)

RFID Security Seminar Content Introduction Self-Enforcing Private Inference Control – Concept Proposed Scheme Conclusion

RFID Security Seminar Project Summary - why should it be done? Introduction Inference problem has been a long standing issue in database security –Sensitive information beyond one's privileges can be inferred from the unsensitive data to which one is granted access. –Access control cannot solve the inference problem –The set of queries whose responses lead to inference is said to form an inference channel

RFID Security Seminar Introduction – Con. Inference Control –to prevent the formation of inference channels –Auditing is a special kind of inference control technique that audits queries in order to ensure that a user's current query, together with his past queries, cannot form any inference channel

RFID Security Seminar Project Summary - why should it be done? Introduction – Con. Inference Control –What forms an inference channel depends closely on the data to be protected and the protection objective –Our concern in this work is the inference channels that result in identifying the subjects contained in the database –An example is a database of medical records for individuals explicit identifying information Non-identifying attributes such as age, ZIP code, DoB are not personally identifiable

RFID Security Seminar Project Summary - why should it be done? Introduction – Con. Inference Control –An example is a database of medical records for individuals explicit identifying information individual attributes such as age, ZIP code, DoB are not personally identifiable each of them alone usually does not contain sufficient information to uniquely identify any individuals, thereby should not be classified as sensitive. However, a combination of some/all of these non-sensitive attributes may be uniquely identifiable, thus forming an inference channel.

RFID Security Seminar Project Summary - why should it be done? Introduction – Con. Inference Control –Inference control in this context works by blocking users who access the database from obtaining responses of the queries that cover all the attributes necessary to complete an inference channel.

RFID Security Seminar Project Summary - why should it be done? Introduction – Con. Query Privacy –Users who access database also have privacy concern Exposure of what data a user is accessing to the database server may lead to the compromise of user privacy –It is desirable that inference control is enforced by the server in a way that query privacy is also preserved –The two objectives are conflicting to some extent

RFID Security Seminar Project Summary - why should it be done? Introduction – Con. Private Inference Control –Woodruff and Staddon (Private Inference Control. In: Proc. ACM CCS 04) are the first to propose private inference control to attain both objectives –Unfortunately, practical deployment of private inference control may encounter an enormous obstacle database server knows nothing about user queries, so users can easily exploit by issuing useless queries

RFID Security Seminar Project Summary - why should it be done? Introduction – Con. Private Inference Control –Unfortunately, practical deployment of private inference control may encounter an enormous obstacle database server knows nothing about user queries, so users can easily exploit by issuing useless queries It is a well known fact that inference control (even without privacy protection) is extremely computation intensive This kind of DoS attacks are expected to be particularly effective in private inference control.

RFID Security Seminar Project Summary - why should it be done? Self-Enforcing Private Inference Control – Concept Self-Enforcing Private Inference Control –The intuition is to force users not to make queries that form inference channels; otherwise, penalty will incur on the querying users –users are obliged to enforce costly inference control by themselves before making queries - Self-Enforcing

RFID Security Seminar Self-Enforcing Private Inference Control – Concept Self-Enforcing Private Inference Control –In our proposed scheme, penalty is instantiated to be a deprivation of the access privileges of the violating users. If a user makes an inference-enabling query, then the user's access right is forfeited and he is rejected to make queries any further

RFID Security Seminar Proposed Scheme We incorporate access control into inference control, and base access control on one-time access keys – a user is able to get the access key for next query only if his current query is inference-free –We extend Woodruff and Staddon's scheme

RFID Security Seminar Proposed Scheme – Con. The inference control rule is that for any record, the user cannot get all its attributes – suppose the database has n records, each record has m attributes

RFID Security Seminar Proposed Scheme – Con. User l th Query Q l = – The server selects a random K l+1, and generates l -1 shares, s 1, s 2, …, s l-1, forming a (l -m+1)-out- of-(l -1) sharing of K l+1 using a secret sharing scheme –The server computes e 1 = Hom_Enc((i 1 -i l )s 1 ), e 2 = Hom_Enc((i 2 - i l )s 2 ), …, e l-1 =Hom_Enc ((i l-1 –i l )s l-1 ) using the user's previous queries. –The user decrypts e 1, e 2, …, e l-1, if the user's query sequence thus far does not complete inference channel, the user can recover at least l – m + 1 shares, thus reconstructing K l+1.

RFID Security Seminar Proposed Scheme – Con. The remaining steps are largely Woodruff and Staddon's scheme, with K l+1 being the random number in theirs. We Discussed Various Issues to Improve the Above Basic Scheme –Penalty Lifting –Allow for Repeat Queries –Stricter Query Privacy

RFID Security Seminar Conclusion DoS Attacks Are Particularly Effective in Private Inference Control Systems We Were Motivated to Propose Self- Enforcing Private Inference Control The Intuition is to Force Users to be Cautious in Making Queries, as Penalty Will be Inflicted Upon Users Who Make Inference-Enabling Queries. We Presented A Concrete Scheme

RFID Security Seminar Project Summary - why should it be done? Q & A THANK YOU!