Abstract
The growing demand for everyday data insights drives the pursuit of more sophisticated infrastructures and artificial intelligence algorithms. When combined with the growing number of interconnected devices, this originates concerns about scalability and privacy. The main problem is that devices can detect the environment and generate large volumes of possibly identifiable data. Public cloud-based technologies have been proposed as a solution, due to their high availability and low entry costs. However, there are growing concerns regarding data privacy, especially with the introduction of the new General Data Protection Regulation, due to the inherent lack of control caused by using off-premise computational resources on which public cloud belongs. Users have no control over the data uploaded to such services as the cloud, which increases the uncontrolled distribution of information to third parties. This work aims to provide a modular approach that uses cloud-of-clouds to store persistent data and reduce upfront costs while allowing information to remain private and under users' control. In addition to storage, this work also extends focus on usability modules that enable data sharing. Any user can securely share and analyze/compute the uploaded data using private computing without revealing private data. This private computation can be training machine learning (ML) models. To achieve this, we use a combination of state-of-the-art technologies, such as MultiParty Computation (MPC) and K-anonymization to produce a complete system with intrinsic privacy properties.

Abstract
With the rising popularity of the cloud, companies lose control of both the hardware and the operating system responsible for hosting their software and data. This means that companies are at risk of losing confidential data when these are utilized in components controlled by a third-party cloud vendor. Secure enclaves can help solve this problem by creating a secure environment where code can be executed securely, guaranteeing that no unwanted parties read or modify the data inside this secure environment. While the use of secure enclaves has been focused on small footprints software, such as the implementation of trusted computing base for distributed protocols, we analyze the strengths and shortcoming of current tools in an effort to further expand the applicability of their use. Given the importance of web servers and their inherent greater exposure to attacks, we explore the hardening of Apache web server through the use of secure enclaves. This was accomplished by making the necessary modifications to further protect its private key from both the operating system and hypervisor. We also provide a performance assessment to quantify the overhead associated with the use of secure enclaves, namely, Intel SGX.

Abstract
Along with the use of cloud-based services, infrastructure, and storage, the use of application logs in business critical applications is a standard practice. Application logs must be stored in an accessible manner in order to be used whenever needed. The debugging of these applications is a common situation where such access is required. Frequently, part of the information contained in logs records is sensitive. In this paper, we evaluate the possibility of storing critical logs in a remote storage while maintaining its confidentiality and server-side search capabilities. To the best of our knowledge, the designed search algorithm is the first to support full Boolean searches combined with field searching and nested queries. We demonstrate its feasibility and timely operation with a prototype implementation that never requires access, by the storage provider, to plain text information. Our solution was able to perform search and decryption operations at a rate of, approximately, 0.05 ms per line. A comparison with the related work allows us to demonstrate its feasibility and conclude that our solution is also the fastest one in indexing operations, the most frequent operations performed.

Abstract
Vulnerability scanning tools can help secure the computer networks of organisations. Triggered by the release of the Tsunami vulnerability scanner by Google, the authors analysed and compared the commonly used, free-to-use vulnerability scanners. The performance, accuracy and precision of these scanners are quite disparate and vary accordingly to the target systems. The computational, memory and network resources required be these scanners also differ. We present a recent and detailed comparison of such tools that are available for use by organisations with lower resources such as small and medium-sized enterprises. © 2021, IFIP International Federation for Information Processing.

Abstract
The Malware Information Sharing Platform (MISP) enables the sharing of cyberthreat information within a community, company or organisation. However, this platform presents limitations if its information is deemed as classified or shared only for a given period of time. This implies that this information should to be handled only in encrypted form. One solution is to use MISP with searchable encryption techniques to impose greater control over the sharing of information. In this paper, we propose a controlled information sharing functionality that features a synchronisation procedure that enables classified data exchange between MISP instances, based on policies and ensuring the required confidentiality and integrity of the shared data. Sequence charts are presented validating the configuration, the data synchronisation, and the data searching between multiple entities.

Abstract