27 Hits in 6.4 sec

ReplicaTEE: Enabling Seamless Replication of SGX Enclaves in the Cloud [article]

Claudio Soriente, Ghassan Karame, Wenting Li, Sergey Fedorov
2018 arXiv   pre-print
In this paper, we propose ReplicaTEE, a solution that enables seamless provisioning and decommissioning of TEE-based applications in the cloud.  ...  ReplicaTEE leverages an SGX-based provisioning layer that interfaces with a Byzantine Fault-Tolerant storage service to securely orchestrate enclave replication in the cloud, without the active intervention  ...  ReplicaTEE therefore emerges as the first secure and practical solution to support elasticity of TEE-based applications in the cloud.  ... 
arXiv:1809.05027v1 fatcat:jgknyo3kznbdvmxipdiy26evjq

Building In-the-Cloud Network Functions: Security and Privacy Challenges

Peipei Jiang, Qian Wang, Muqi Huang, Cong Wang, Qi Li, Chao Shen, Kui Ren
2021 Proceedings of the IEEE  
The article surveys the state-of-the-art literature on network function outsourcing, with a special focus on privacy and security issues.  ...  The client can then decrypt the packet and check the ACK and FIN flags. Based on the changes in the flag, the client tells the cloud middlebox to update or delete the state table entry.  ...  [35] proposed a practical matching protocol, SHVE+, based on symmetric hidden vector encryption (SHVE) [173] .  ... 
doi:10.1109/jproc.2021.3127277 fatcat:getxjhn3s5eyllg6nxnpzsgrmq

When Blockchain Meets SGX: An Overview, Challenges, and Open Issues

Zijian Bao, Qinghao Wang, Wenbo Shi, Lei Wang, Hong Lei, Bangdao Chen
2020 IEEE Access  
FastKitten [62] is a system based on TEE (e.g., SGX) to support executing complex smart contracts over the Bitcoin system.  ...  In ShadowEth, the TEE-distributed storage platform (TEE-DS), comprised of the worker nodes based on TEE (e.g., SGX), is responsible for executing and storing the private contracts.  ...  His main research directions were decentralized identification and authentication, payment security, and communication security.  ... 
doi:10.1109/access.2020.3024254 fatcat:g6vd43ddhfgaflwdkkmktltvri

Precision Health Data: Requirements, Challenges and Existing Techniques for Data Security and Privacy [article]

Chandra Thapa, Seyit Camtepe
2020 arXiv   pre-print
Finally, it illustrates the best available techniques for precision health data security and privacy with a conceptual system model that enables compliance, ethics clearance, consent management, medical  ...  Thus, the security, privacy of and trust on the information are of utmost importance. Moreover, government legislation and ethics committees demand the security and privacy of healthcare data.  ...  and 500 clients based setups, respectively [209] .  ... 
arXiv:2008.10733v1 fatcat:oj2neoftf5hcbpatnfn7ntyhzy

Understanding TEE Containers, Easy to Use? Hard to Trust [article]

Weijie Liu, Hongbo Chen, XiaoFeng Wang, Zhi Li, Danfeng Zhang, Wenhao Wang, Haixu Tang
2021 arXiv   pre-print
To better develop, deploy, and run secure applications on a TEE platform such as Intel's SGX, both academic and industrial teams have devoted much effort to developing reliable and convenient TEE containers  ...  In this paper, we studied the isolation strategies of 15 existing TEE containers to protect secure applications from potentially malicious operating systems (OS) or untrusted applications, using a semi-automatic  ...  With the inclination of TEE hardwares to the server and cloud, some TEE middlewares are migrating to cloud in recent years.  ... 
arXiv:2109.01923v1 fatcat:qgkbhnf6ffb7tmdygv2jsowjty

SPEKS: Forward Private SGX-Based Public Key Encryption with Keyword Search

Hyundo Yoon, Soojung Moon, Youngki Kim, Changhee Hahn, Wonjun Lee, Junbeom Hur
2020 Applied Sciences  
Lastly, we provide a formal security definition of SGX-based forward private PEKS, as well as a rigorous security proof of the proposed scheme.  ...  According to our performance analysis, the overall computation time is reduced by 80% on average.  ...  to the cloud storage.  ... 
doi:10.3390/app10217842 fatcat:imkveasaqjfwdjky52krk3v564

Data Privacy in Trigger-Action Systems [article]

Yunang Chen, Amrita Roy Chowdhury, Ruizhe Wang, Andrei Sabelfeld, Rahul Chatterjee, Earlence Fernandes
2021 arXiv   pre-print
Based on ten existing rules that exercise a wide variety of operations, we show that eTAP has a modest performance impact: on average rule execution latency increases by 70 ms (55%) and throughput reduces  ...  We use garbled circuits as a primitive, and leverage the unique structure of trigger-compute-action rules to make them practical. We formally state and prove the security guarantees of our protocols.  ...  This work was also partially supported by the Swedish Foundation for Strategic Research (SSF) and the Swedish Research Council (VR).  ... 
arXiv:2012.05749v3 fatcat:bx62zdw62rfaxhnsx6x4ig6kgi

D2.2 The COLLABS Level-3 Security Package for Secure Digital Supply Networks: 1st complete version

Panagiotis Rizomiliotis, Konstantinos Tserpes, Aikaterini Triakosia
2021 Zenodo  
(Statistical Analytics and Machine- / Deep-Learning on shared data), T2.5 (Distributed anomaly detection for Industrial IoT) and T2.6 (Workflow-driven security for supply chain and compliance in manufacturing  ...  This the second deliverable of Work Package 2 tasks T2.1 (Tools and methods for secure data sharing), T2.2 (Trustworthiness of data flows), T2.3 (Machine learning-based cognitive security framework), T2.4  ...  In the context of COLLABS, one of the TEEs that is considered is Trusty, a free and open-source TEE operating system, part of the Android Open-Source Project (AOSP).  ... 
doi:10.5281/zenodo.5667012 fatcat:xgzhqfeq6nbwte4h256pntlkau

Twine: An Embedded Trusted Runtime for WebAssembly [article]

Jämes Ménétrey, Marcelo Pasin, Pascal Felber, Valerio Schiavoni
2021 arXiv   pre-print
We describe and implement one such modification in the paper, showing up to 4.1× speedup. Twine is open-source, available at GitHub along with instructions to reproduce our experiments.  ...  While SGX hardware provides secure execution within the processor, Twine provides a secure, sandboxed software runtime nested within an SGX enclave, featuring a WebAssembly system interface (WASI) for  ...  ACKNOWLEDGMENTS This publication incorporates results from the VEDLIoT project, which received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No  ... 
arXiv:2103.15860v1 fatcat:4k2flfy6qbab7lw3ahxkdbl7ki

D2.1 The COLLABS Level-3 Security Package for Secure Digital Supply Networks: MVP

Miloš Radovanović, Nataša Vujnović Sedlar, Srđan Škrbić
2020 Zenodo  
), T2.4 (Statistical Analytics and Machine- / Deep-Learning on shared data), T2.5 (Distributed anomaly detection for Industrial IoT) and T2.6 (Workflow-driven security for supply chain and compliance in  ...  This deliverable is the first output of Work Package 2 tasks T2.1 (Tools and methods for secure data sharing), T2.2 (Trustworthiness of data flows), T2.3 (Machine learning-based cognitive security framework  ...  In the context of COLLABS, one of the TEEs that is considered is Trusty, a free and open-source TEE operating system, part of the Android Open-Source Project (AOSP).  ... 
doi:10.5281/zenodo.5666952 fatcat:hwa4x5pwnrdqva2tbp4kspnkhi

Revealing the Landscape of Privacy-Enhancing Technologies in the Context of Data Markets for the IoT: A Systematic Literature Review [article]

Gonzalo Munilla Garrido and Johannes Sedlmeir and Ömer Uludağ and Ilias Soto Alaoui and Andre Luckow and Florian Matthes
2022 arXiv   pre-print
Despite considerable research focused on different aspects of privacy-enhancing data markets for the IoT, none of the solutions proposed so far seems to find a practical adoption.  ...  Furthermore, there is no consensus on the appropriate use of blockchain technology for IoT data markets and a low degree of leveraging existing libraries or reusing generic data market architectures.  ...  Acknowledgements We would like to thank the Bayerisches Forschungsinstitut für Digitale Transformation for supporting our research on differential privacy, and the Bavarian Ministry of Economic Affairs  ... 
arXiv:2107.11905v2 fatcat:fy4fa4gvubcqzfv2wollbigbae

Delegated Proof of Secret Sharing: A Privacy-Preserving Consensus Protocol Based on Secure Multiparty Computation for IoT Environment

Tieming Geng, Laurent Njilla, Chin-Tser Huang
2022 Network  
Meanwhile, some blockchain applications, such as cryptocurrencies, are based on low-efficiency and high-cost consensus protocols, which may not be practical and feasible for other blockchain applications  ...  Specifically, DPoSS first uses polynomial interpolation to select a dealer group from many nodes to maintain the consensus of the blockchain system, in which the dealers in the dealer group take turns  ...  For example, the storage of the cloud computing environment can be built based on blockchain with our design so that the stored data are split and individually encrypted.  ... 
doi:10.3390/network2010005 fatcat:x7v6sncmzrfmle7foomxmzqeq4

D1.2 System Architecture Definition

Srdjan Skrbic
2021 Zenodo  
and best practices.  ...  The specification of the architecture is based on a detailed analysis of reference architectures, state-of the- art literature review, end-user requirement analysis, as well as general non-functional requirements  ...  These high-level objectives are detailed with KPIs that can be found in section 1.1.2 of the proposal and will be formalized for real success measurement in WP6.  ... 
doi:10.5281/zenodo.5347678 fatcat:4jr4tibrurasfnbl23huny3xkq

OblivSketch: Oblivious Network Measurement as a Cloud Service

Shangqi Lai, Xingliang Yuan, Joseph K. Liu, Xun Yi, Qi Li, Dongxi Liu, Surya Nepal
2021 Proceedings 2021 Network and Distributed System Security Symposium   unpublished
To demonstrate the practicality, we implement OblivSketch as a full-fledge service integrated with the off-the-shelf SDN framework.  ...  The evaluations demonstrate that OblivSketch consumes a constant and small memory space (6MB) to track a massive amount of flows (from 30k to 1.45m), and it takes no more than 15ms to respond six widely  ...  ACKNOWLEDGMENT The authors would like to thank the anonymous reviewers for their valuable comments and constructive suggestions.  ... 
doi:10.14722/ndss.2021.24330 fatcat:z5edl6n2vrbi7pvuwit74xwode

AGAPECert: An Auditable, Generalized, Automated, Privacy-Enabling Certification Framework with Oblivious Smart Contracts [article]

Servio Palacios, Aaron Ault, James V. Krogmeier, Bharat Bhargava, Christopher G. Brinton
2022 pre-print
AGAPECert utilizes a novel mix of trusted execution environments, blockchain technologies, and a real-time graph-based API standard to provide automated, oblivious, and auditable certification.  ...  Our technique allows a privacy-conscious data owner to run pre-approved Oblivious Smart Contract code in their own environment on their own private data to produce Private Automated Certifications.  ...  CAFE CAFE is a cloud-based solution that utilizes hypervisorlevel mechanisms to protect the deployment and execution of applications [55] .  ... 
doi:10.1109/tdsc.2022.3192852 arXiv:2207.12482v1 fatcat:4xm6o5xr7naevp5j3vodrjmgla
« Previous Showing results 1 — 15 out of 27 results