In the current digital era, the volume of data processed by information systems is massive and is expected to increase in the future. Cloud computing plays a crucial role in managing this heterogeneous data, and the use of Cloud services enables companies to focus on their core business. However, the growing number of cyber attacks on Cloud systems, the sensitivity of data, and the regulatory frameworks (e.g., EU GDPR), hinder the adoption of these services, particularly public Cloud services. A data-centric approach to protect data throughout its entire lifecycle is essential to not rely on security and robustness of IT infrastructures (e.g., servers, networks and applications). Encryption is recognised as an effective technique for providing data-centric security. However, classical encryption schemes, such as RSA and AES, have limitations in ensuring security when data needs to be processed or when access control must be enforced on resources. For these reasons, in this doctoral dissertation, we explore modern advanced cryptosystems that, in addition to classical security properties, offer additional ones. We believe that these new cryptographic algorithms are valuable tools that can help ensure data-centric security throughout the entire data lifecycle. The goal of this dissertation is not to propose new encryption schemes but to adapt existing ones for use in public Cloud services. Specifically, we study the application of i) Functional Encryption to two different file sharing scenarios — a classical Enterprise File Storage & Sharing service and a healthcare Data Sharing service — and ii) Homomorphic Encryption and Secure Multi-Party Computation to a Blockchain-as-a-Service scenario to handle an Energy Management System. For each of these three scenarios, we design the required security system architecture, provide the related security analysis, and develop a Proof of Concept. This allows us to highlight the challenges, evaluate the performances, and discuss the pros and cons.
Application of modern cryptographic techniques for privacy-preserving cloud-based services
RASO, EMANUELE
2024
Abstract
In the current digital era, the volume of data processed by information systems is massive and is expected to increase in the future. Cloud computing plays a crucial role in managing this heterogeneous data, and the use of Cloud services enables companies to focus on their core business. However, the growing number of cyber attacks on Cloud systems, the sensitivity of data, and the regulatory frameworks (e.g., EU GDPR), hinder the adoption of these services, particularly public Cloud services. A data-centric approach to protect data throughout its entire lifecycle is essential to not rely on security and robustness of IT infrastructures (e.g., servers, networks and applications). Encryption is recognised as an effective technique for providing data-centric security. However, classical encryption schemes, such as RSA and AES, have limitations in ensuring security when data needs to be processed or when access control must be enforced on resources. For these reasons, in this doctoral dissertation, we explore modern advanced cryptosystems that, in addition to classical security properties, offer additional ones. We believe that these new cryptographic algorithms are valuable tools that can help ensure data-centric security throughout the entire data lifecycle. The goal of this dissertation is not to propose new encryption schemes but to adapt existing ones for use in public Cloud services. Specifically, we study the application of i) Functional Encryption to two different file sharing scenarios — a classical Enterprise File Storage & Sharing service and a healthcare Data Sharing service — and ii) Homomorphic Encryption and Secure Multi-Party Computation to a Blockchain-as-a-Service scenario to handle an Energy Management System. For each of these three scenarios, we design the required security system architecture, provide the related security analysis, and develop a Proof of Concept. This allows us to highlight the challenges, evaluate the performances, and discuss the pros and cons.| File | Dimensione | Formato | |
|---|---|---|---|
|
Raso_PhD_Dissertation_final.pdf
accesso solo da BNCF e BNCR
Licenza:
Tutti i diritti riservati
Dimensione
9.47 MB
Formato
Adobe PDF
|
9.47 MB | Adobe PDF |
I documenti in UNITESI sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/20.500.14242/303740
URN:NBN:IT:UNIROMA2-303740