Presented by: Sanketh Beerabbi University of Central Florida.

Slides:



Advertisements
Similar presentations
Internet Protocol Security (IP Sec)
Advertisements

Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider Social Networking with Frientegrity Ariel J. Feldman Usenix Security.
Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
SPORC: Group Collaboration using Untrusted Cloud Resources Ariel J. Feldman, William P. Zeller, Michael J. Freedman, Edward W. Felten Published in OSDI’2010.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.
Public Key Management and X.509 Certificates
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Core Web Service Security Patterns
SPORC Group Collaboration using Untrusted Cloud Resources 1SPORC: Group Collaboration using Untrusted Cloud Resources — OSDI 10/5/10 Ariel J. Feldman,
A PASS Scheme in Clouding Computing - Protecting Data Privacy by Authentication and Secret Sharing Jyh-haw Yeh Dept. of Computer Science Boise State University.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
SPORC: Group Collaboration using Untrusted Cloud Resources OSDI 2010 Presented by Yu Chen.
Csci5233 Computer Security1 GS: Chapter 6 Using Java Cryptography for Authentication.
ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)
Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider Prateek Basavaraj April 9 th 2014.
Project Presentation Students: Yan Michalevsky Asaf Cidon Supervisors: Alexander Shraer Assoc. Prof. Idit Keidar.
Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Electronic Records Management: A Checklist for Success Jesse Wilkins April 15, 2009.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
ACM 511 Introduction to Computer Networks. Computer Networks.
Strong Security for Distributed File Systems Group A3 Ka Hou Wong Jahanzeb Faizan Jonathan Sippel.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
S. A. Shonola & M. S. Joy Security Framework for Mobile Learning Environments.
Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.
Database Laboratory Regular Seminar TaeHoon Kim Article.
 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.
Key management issues in PGP
Web Applications Security Cryptography 1
Security Outline Encryption Algorithms Authentication Protocols
Cryptography and Network Security
Secure Sockets Layer (SSL)
COMP3220 Web Infrastructure COMP6218 Web Architecture
NET 311 Information Security
Message Digest Cryptographic checksum One-way function Relevance
Security through Encryption
Student: Ying Hong Course: Database Security Instructor: Dr. Yang
Install AD Certificate Services
Chapter -8 Digital Signatures
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Kriti shreshtha.
Presentation transcript:

Presented by: Sanketh Beerabbi University of Central Florida

 Introduction  Problem  Prior Solutions  Concept  Overview  Implementation  Results  Analysis  Conclusion

 Online social networks enable people to remain connected and share information.  Types:  Personal networks - Facebook, Google+  Status update networks - Twitter  Location networks - Foursquare  Content-sharing networks - Youtube, Flickr  Shared-interest networks - LinkedIn

 Social networks store information remotely, rather than on a user’s personal computer.  Millions of users are compelled to trust service providers with their personal data.  Centralized nature of these services leads to a greater number of privacy issues.

 Increasing incidences of data leaks and identity thefts by malicious attackers.  Complex and non uniform privacy controls.  Providers introduce new features and repeatedly change default privacy settings.  Providers release information to governments without proper warrants.

 Data Corruption:  Tampering with users data  Equivocation:  Malicious service presents di ff erent clients with divergent views of the system.  Used to disguise censorship by allowing user to see content but hiding from followers.

 Client vulnerable to:  Attacks on servers  Privacy policies  Data corruption  Censorship

 Encryption:  Data integrity still not ensured on remote servers.  Decentralization: Store data locally (sacrifice availability, reliability & convenience) Store data with 3 rd party providers (may not be trust worthy too)

 Provider’s servers only see encrypted data and clients collaborate to detect equivocation.  Access control  Cryptographic Keys

Clients collaborate to verify that provider: Enforces access control on writes Doesn’t corrupt individual updates Doesn’t equivocate.

 Broadly applicable – support popular features.  Data integrity – use cryptography  Security - Detect malicious actions  E ffi cient – Scalable enough

 All clients see strongly consistent updates to common data (likes wall posts or tweets)  Implemented using network file systems, key value stores and group collaboration systems.  Works when number of users are small and all updates occur in a linear manner.

 Only most recent updates are verified. Previous history of operations ignored  Single message exchanged instead of two, ensuring crashed client doesn’t stall system.  Objects(user content) are shared across many servers and indexed using directory service or hashing.

 To prevent equivocation, Frientegrity clients digitally sign messages with users’ private keys.  To prevent provider from equivocating previous objects, clients share individual views of histories.  For e ffi ciency, Frientegrity only enforces fork* consistency on a per-object basis.

 User’s profile is comprised of multiple objects such as photos and comments.  Frientegrity uses ACL to allow only certain friends to access objects.  ACLs store users’ pseudonyms and every operation is labeled with the pseudonym of its creator.

Server 1 Server 2 Bob’s profile Server n Bob Read Alice’s wall Verify & decrypt Alice’s wall Alice’s photo album Alice’s ACL Comment thread Alice’s profile Optionally entangled Checked for equivocation 3.Proof of ACL enforcement 4.Decryption keys 3.Proof of ACL enforcement 4.Decryption keys 1.Latest updates 2.Proof of no equivocation 1.Latest updates 2.Proof of no equivocation

 Simulate basic Facebook features  Server having set of user profiles and clients that access them. Implemented using Java.  Each profile has user objects, ACL and history.  Uses 2048-bit RSA signatures.  Reduced cryptographic use for higher throughput

Object read & write latency Frientegrity Hash Chain Method

 Frientegrity is a practical solution which is quite reliable, efficient and scalable.  In addition to adequately protecting user privacy and data integrity, also tackles equivocation which many solutions do not.  Provides some form of decentralization while still allowing convenience and redundancy.

 Encryption and message exchange may lead to large overhead and greater system requirements.  For scalability, since only most recent updates are scrutinized, equivocation may still be possible.  Malicious providers can still know users social relationships based upon public key hashes.

 Does not provide complete decentralization as envisaged while other solutions offer it.  Still uses untrusted third party infrastructure.  Implementation tones down some of the cryptographic measures.

 Frientegrity provides the much needed framework for privacy and integrity in social networking applications.  Achieves main goal of detecting provider equivocation.  Can be further improved upon to achieve complete decentralization of user data.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.