A cryptographic file system for UNIX
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Practical Techniques for Searches on Encrypted Data
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Balancing confidentiality and efficiency in untrusted relational DBMSs
Proceedings of the 10th ACM conference on Computer and communications security
Awarded Best Student Paper! - Pond: The OceanStore Prototype
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Hi-index | 0.00 |
Web based data services are very popular with the average computer user. Examples of such services include Gmail.com, Yahoo Photos, Yahoo Briefcase and Amazon S3 Service. The user outsources personal data to such services. Such services have many advantages which include: a) Mobile access: The data can be accessed from any computer connected to the internet; b) Availability: the data is available 24/7; c) Good service: Typically such services employ experts who provide a quality service. However, such a model does raise some fundamental questions concerning data privacy and security. The data is stored in plaintext at the service provider and is vulnerable to data theft from disgruntled employees and internet thieves. This paper describes our research in designing middleware architectures that secure personal data using cryptographic techniques before it is outsourced to the service provider. Care is taken such that service provider can continue to provide data services on secured data. We describe the challenges in designing and implementing such middleware architectures, a summary of our past work and the future directions that we intend to take.