Presentation is loading. Please wait.

Presentation is loading. Please wait.

Professor Tzong-Chen Wu

Published byMilton Watson Modified over 6 years ago

Similar presentations

Presentation on theme: "Professor Tzong-Chen Wu"— Presentation transcript:

1 Professor Tzong-Chen Wu
Security and Privacy for Mobile Applications and Cloud Services in Distributed Mobile Cloud Environments Leading Investigator: Professor Tzong-Chen Wu Researchers: Nai-Wei Lo Chuan-Kai Yang Shi-Cho Cha Raylin Tso Kuo-Hui Yeh

2 Agenda Research picture Four focused areas Deliverables
Privacy-Preserving Video Retrieval Privacy-Preserving Data Analysis Transparent Authentication Privacy Policy Notification Framework Deliverables

3 Research Picture Cloud Sensor Data Center Gateway
IoT Environment Internet Gateway Transparent Authentication Sensor Sensor Encrypted Data Access Mobile Device Encrypted Data/Video Access Privacy Policy Notification Mobile Device

4 Four Focused Areas Privacy-Preserving Video Retrieval
Privacy-Preserving Data Analysis Transparent Authentication Privacy Policy Notification Framework

5 Privacy-Preserving Video Retrieval State of the Art
As videos are huge and stored on the cloud in an encrypted form, how do we retrieve them? Li et al.’s work: the encryption is through permutation of pixels Suffer from known-plaintext attack Unless the permutation can be changed dynamically Lu et al.’s work: Separate the content and index Use traditional encryption for content Build secure search indices

6 Privacy-Preserving Video Retrieval Research Goals (1/2)
Naïve way: Download Decode  Compare Time consuming Better way (our goal): Compare in the encryption domain on the cloud and return only the matched videos

7 Privacy-Preserving Video Retrieval Research Goals (2/2)

8 Privacy-Preserving Data Analysis State of the Art
To keep the secrecy of the data stored in cloud servers, data should be encrypted Need some privacy-preserving statistical analysis protocols allow users to perform statistical analysis on the encrypted data without compromising the data privacy Most of the existing schemes based on homomorphic encryption or PKC are inefficient and not applicable to the IoT devices as well as sensor networks

9 Privacy-Preserving Data Analysis Research Goals (1/2)
Introduce a new practical technique to support data retrieval from cloud environment for statistical data analysis and prevent data disclosure from resource-limited client devices at the same time Utilize the concept and techniques of secure multi-party computation to defend against security threats from insider attacks

10 Privacy-Preserving Data Analysis Research Goals (2/2)

11 Transparent Authentication State of the Art
Few studies focus on the transparent authentication with biometric features in Body Area Networks The evolution of wearable IoT device has led the design of authentication into a new era Personal bio-data, such as heartbeat, brain-weaves and body-temperature can be analyzed to support the transparent authentication

12 Transparent Authentication Research Goals
An authentication scheme using adaptive biometric features, such as heart rate, body temperature, and personal preference pattern, for IoT-based cloud environments Use transparent token concept to construct continuous authenticated sessions for IoT-like client devices

13 Privacy Policy Notification Framework State of the Art
While current smartphones usually equip with different kinds of sensors, using mobile applications may pose new risks to user privacy Although several governmental agencies start to request mobile application developers to provide privacy policies with their applications, current marketplace providers usually do not force mobile applications developers to provide privacy policies about their applications Even application developers provide privacy policies in application marketplaces, current marketplaces usually do not address the issues of privacy policies updates There is no standard way to enable users to know privacy policies of the application is updated

14 Privacy Policy Notification Framework Research Goals (1/2)
To design and implement a Privacy Policy Notification Framework for Android applications to achieve the following requirements: To provide a standard way for Android application developers to express their privacy policies and to embed the privacy policies in Android applications To enable third-party to inspect whether privacy policies of an application comply with practices of the application To provide a standard means for application users to obtain privacy policies of Android applications and know whether privacy policies of the applications are verified by third parties To enable application users know application privacy policies updates of applications If application marketplace providers find that the privacy policy of an application is mismatched with the practices of the application, the marketplace providers can notify application users to stop using the application

15 Privacy Policy Notification Framework Research Goals (2/2)

16 Deliverables Privacy-Preserving Video Retrieval
A privacy-preserving video retrieval system Privacy-Preserving Data Analysis A lightweight encryption algorithm for resource-limited devices A scheme supports statistic analysis on stored data without compromising the data privacy Transparent Authentication A transparent authentication scheme using adaptive biometric features Privacy Policy Notification Framework A privacy policy notification framework and its prototype for Android applications Multiple conference papers (published or accepted) and journal papers (submitted)

Download ppt "Professor Tzong-Chen Wu"

Similar presentations

Inter WISP WLAN roaming

Inter WISP WLAN roaming
Key Management And Key Distribution The essential problems addressed by all cryptosystems is how to safely exchange keys and how to easily manage the.

Key Management And Key Distribution The essential problems addressed by all cryptosystems is how to safely exchange keys and how to easily manage the.
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar(96608205043) C.Karthik(96608205022) H.Sheik mohideen(96608205046) S.Lakshmi rajan(96608205023)

Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar( ) C.Karthik( ) H.Sheik mohideen( ) S.Lakshmi rajan( )
Contextualized Information-Centric Home Networking (draft-ravindran-cibus-01.txt) IRTF/ICN-RG (IETF-89) Ravi Ravindran, Asit Chakraborti, G.Q.Wang.

Contextualized Information-Centric Home Networking (draft-ravindran-cibus-01.txt) IRTF/ICN-RG (IETF-89) Ravi Ravindran, Asit Chakraborti, G.Q.Wang.
Presenter: Nguyen Ba Anh HCMC University of Technology Information System Security Course.

Presenter: Nguyen Ba Anh HCMC University of Technology Information System Security Course.
Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.

Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
Privacy and Integrity Preserving in Distributed Systems Presented for Ph.D. Qualifying Examination Fei Chen Michigan State University August 25 th, 2009.

Privacy and Integrity Preserving in Distributed Systems Presented for Ph.D. Qualifying Examination Fei Chen Michigan State University August 25 th, 2009.
FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.

FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.
OWASP Mobile Top 10 Why They Matter and What We Can Do

OWASP Mobile Top 10 Why They Matter and What We Can Do
Chapter 10: Authentication Guide to Computer Network Security.

Chapter 10: Authentication Guide to Computer Network Security.
Cong Wang1, Qian Wang1, Kui Ren1 and Wenjing Lou2

Cong Wang1, Qian Wang1, Kui Ren1 and Wenjing Lou2
Mobile and Wireless Communication Security By Jason Gratto.

Mobile and Wireless Communication Security By Jason Gratto.
HPCC 2015, August 24 - 26, New York, USA Wei Chang c Joint work with Qin Liu a, Guojun Wang b, and Jie Wu c a. Hunan University, P. R. China b. Central.

HPCC 2015, August , New York, USA Wei Chang c Joint work with Qin Liu a, Guojun Wang b, and Jie Wu c a. Hunan University, P. R. China b. Central.
OV 12 - 1 Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

Similar presentations

Ads by Google