We address the problem of authenticating data in outsourced, often un- trusted, services, when a user stores more or less confidential information in a remote service such as an online calendar, remote storage, outsourced DBMS, and others. How can outsourced data be proven authentic? Data authentication captures the security needs of many computing applications that save and use sensitive information in hostile remote distributed environments and its importance increases, given the current trend in modern system design towards outsourced services with minimal trust assumptions. Solutions should not only be provably secure, but efficient and easily implementable. This dissertation presents an extensive study of data authentication and introduces a general method, based on a security middleware, external to the service, that performs authentication operations in parallel with standard service functions to minimize the time overhead. We examine the problem for different services, and design efficient new techniques with authenticating general classes of operations, such as relational primitives, multidimensional queries and relational join and remote storage management. Another important issue that we cover in this dissertation is the security usability of outsourced services. In particular we analyze the information security visualization techniques and we address the problem of file permissions visualization. TrACE, a prototype tool based on a treemap is presented with an extensive user study to show the usability improvement of this tool.

Outsourced storage services : authentication and security visualization

2009

Abstract

We address the problem of authenticating data in outsourced, often un- trusted, services, when a user stores more or less confidential information in a remote service such as an online calendar, remote storage, outsourced DBMS, and others. How can outsourced data be proven authentic? Data authentication captures the security needs of many computing applications that save and use sensitive information in hostile remote distributed environments and its importance increases, given the current trend in modern system design towards outsourced services with minimal trust assumptions. Solutions should not only be provably secure, but efficient and easily implementable. This dissertation presents an extensive study of data authentication and introduces a general method, based on a security middleware, external to the service, that performs authentication operations in parallel with standard service functions to minimize the time overhead. We examine the problem for different services, and design efficient new techniques with authenticating general classes of operations, such as relational primitives, multidimensional queries and relational join and remote storage management. Another important issue that we cover in this dissertation is the security usability of outsourced services. In particular we analyze the information security visualization techniques and we address the problem of file permissions visualization. TrACE, a prototype tool based on a treemap is presented with an extensive user study to show the usability improvement of this tool.
2-apr-2009
Inglese
Di Battista, Giuseppe
Università degli Studi Roma Tre
File in questo prodotto:
File Dimensione Formato  
OutsourcedStorageServicesAuthenticationandSecurityVisualization.pdf

accesso solo da BNCF e BNCR

Tipologia: Altro materiale allegato
Dimensione 3.09 MB
Formato Adobe PDF
3.09 MB Adobe PDF

I documenti in UNITESI sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.14242/140383
Il codice NBN di questa tesi è URN:NBN:IT:UNIROMA3-140383