2018
Authors
Resende, JS; Martins, R; Antunes, L;
Publication
2018 16TH ANNUAL CONFERENCE ON PRIVACY, SECURITY AND TRUST (PST)
Abstract
Cloud storage allows users to remotely store their data, giving access anywhere and to anyone with an Internet connection. The accessibility, lack of local data maintenance and absence of local storage hardware are the main advantages of this type of storage. The adoption of this type of storage is being driven by its accessibility. However, one of the main barriers to its widespread adoption is the sovereignty issues originated by lack of trust in storing private and sensitive information in such a medium. Recent attacks to cloud-based storage show that current solutions do not provide adequate levels of security and subsequently fail to protect users' privacy. Usually, users rely solely on the security supplied by the storage providers, which in the presence of a security breach will ultimate lead to data leakage. In this paper, we propose and implement a broker (ARGUS) that acts as a proxy to the existing public cloud infrastructures by performing all the necessary authentication, cryptography and erasure coding. ARGUS uses erasure code as a way to provide efficient redundancy (opposite to standard replication) while adding an extra layer to data protection in which data is broken into fragments, expanded and encoded with redundant data pieces that are stored across a set of different storage providers (public or private). The key characteristics of ARGUS are confidentiality, integrity and availability of data stored in public cloud systems.
2018
Authors
Freitas, T; Rodrigues, J; Bogas, D; Coimbra, M; Martins, R;
Publication
2018 IEEE 6TH INTERNATIONAL CONFERENCE ON FUTURE INTERNET OF THINGS AND CLOUD (FICLOUD 2018)
Abstract
The increasing capabilities of smartphones is paving way to novel applications through the crowd-sourcing of these untapped resources, to form hyperlocal meshes commonly known as edge-clouds. While a relevant body-of-work is already available for the underlying networking, computing and storage facilities, security and privacy remain second class citizens. In this paper we present Panoptic, an edge-cloud system that enables the search for missing people, similar to the commonly known Amber alert system, in high density scenarios where wireless infrastructure might be limited (WiFi and LTE), e.g. concerts, while featuring privacy and security by design. Since the limited resources present in the mobile devices, namely battery capacity, Panoptic offers a computing offloading that tries to minimize data leakage while offering acceptable levels of performance. Our results show that it is achievable to run these algorithms in an edge-cloud configuration and that it is beneficial to use this architecture to lower data transfer through the wireless infrastructure while enforcing privacy. Results from our experimental evaluation show that the security layer does not impose a significant overhead, and only accounts for 2% of the total execution time for an edge cloud comprised by, but not limited to, 8 devices.
2018
Authors
Martins, C; Fernandes, T; Gomes, M; Vilela, J;
Publication
2018 IEEE 87TH VEHICULAR TECHNOLOGY CONFERENCE (VTC SPRING)
Abstract
This paper presents a testbed implementation and evaluation of coding for secrecy schemes in a real environment through software defined radio platforms. These coding schemes rely on interleaving and scrambling with randomly generated keys to shuffle information before transmission. These keys are then encoded jointly with data and then hidden (erased) before transmission, thus only being retrievable through parity information resulting from encoded data. An advantage of the legitimate receiver (e.g. a better signal-to-noise ratio) on the reception of those keys provides the means to achieve secrecy against an adversary eavesdropper. Through this testbed implementation, we show the practical feasibility of coding for secrecy schemes in real-world environments, unveiling the usefulness of interleaving and scrambling with a hidden key to reduce the required advantage over an eavesdropper. We further describe and present solutions to a set of issues that appear when doing practical implementations of security schemes in software defined radio platforms. © 2018 IEEE.
2018
Authors
Mendes, R; Vilela, J;
Publication
WISEC'18: PROCEEDINGS OF THE 11TH ACM CONFERENCE ON SECURITY & PRIVACY IN WIRELESS AND MOBILE NETWORKS
Abstract
Sharing location data is becoming more popular as mobile devices become ubiquitous. Location-based service providers use this type of data to provide geographically contextualized services to their users. However, sharing exact locations with possibly untrustworthy entities poses a thread to privacy. Geo-indistinguishability has been recently proposed as a formal notion based on the concept of differential privacy to design location privacy-preserving mechanisms in the context of sporadic release of location data. While adaptations for the case of continuous location updates have been proposed, the study on how the frequency of updates impacts the privacy and utility level is yet to be made. In this paper we address this issue, by analyzing the effect of frequency updates on the privacy and utility levels of four mechanisms: the standard planar Laplacian mechanism suitable for sparse locations, and three variants of an adaptive mechanism that is an adaptation of the standard mechanism for continuous location updates. Results show that the frequency of updates largely impacts the correlation between points. As the frequency of updates decreases, the correlation also decreases. The adaptive mechanism is able to adjust the privacy and utility levels accordingly to the correlation between past positions and current position. However, the estimator function that is used to predict the current location has a great influence in the obtained results.
2018
Authors
Rendon, GT; Harrison, WK; Gomes, MAC; Vilela, JP;
Publication
2018 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC)
Abstract
This paper proposes a method to provide secrecy for digital communications with arbitrarily large quadrature amplitude modulation (QAM) constellations for transmission over a Gaussian fading wiretap channel. This is accomplished by breaking the constellation down into nested quadrature phase-shift keying (QPSK) symbols and randomizing the assignment between message bits and modulated symbols using channel state information (CSI). If enough random bits can be generated from CSI it becomes possible to uniquely map an arbitrary message to any symbol in the large QAM constellation. The proposed method can thereby provide perfect secrecy while maintaining high reliability by exclusively assigning minimum-distance-mapped constellations through the randomization for use by the legitimate decoder. © 2018 IEEE.
2018
Authors
Harrison, WK; Sarmento, D; Vilela, JP; Gomes, MAC;
Publication
EURASIP JOURNAL ON WIRELESS COMMUNICATIONS AND NETWORKING
Abstract
In this paper, we provide secrecy metrics applicable to physical-layer coding techniques with finite blocklengths over Gaussian and fading wiretap channel models and analyze their secrecy performance over several cases of concatenated code designs. Our metrics go beyond some of the known practical secrecy measures, such as bit error rate and security gap, so as to make lower bound probabilistic guarantees on error rates over short blocklengths both preceding and following a secrecy decoder. Our techniques are especially useful in cases where application of traditional information-theoretic security measures is either impractical or simply not yet understood. The metrics can aid both practical system analysis, including cryptanalysis, and practical system design when concatenated codes are used for physical-layer security. Furthermore, these new measures fill a void in the current landscape of practical security measures for physical-layer security coding and may assist in the wide-scale adoption of physical-layer techniques for security in real-world systems. We also show how the new metrics provide techniques for reducing realistic channel models to simpler discrete memoryless wiretap channel equivalents over which existing secrecy code designs may achieve information-theoretic security.
The access to the final selection minute is only available to applicants.
Please check the confirmation e-mail of your application to obtain the access code.