Authenticated query processing in the cloud

Xu, Cheng

19 February 2019

With recent advances in data-as-a-service (DaaS) and cloud computing, outsourcing data to the cloud has become a common practice. In a typical scenario, the data owner (DO) outsources the data and delegates the query processing service to a service provider (SP). However, as the SP is often an untrusted third party, the integrity of the query results cannot be guaranteed and is thus imperative to be authenticated. To tackle this issue, a typical approach is letting the SP provide a cryptographic proof, which can be used to verify the soundness and completeness of the query results by the clients. Despite extensive research on authenticated query processing for outsourced databases, existing techniques have only considered limited query types. They fail to address a variety of needs demanded by enterprise customers such as supporting aggregate queries over set-valued data, enforcing fine-grained access control, and using distributed computing paradigms. In this dissertation, we take the first step to comprehensively investigate the authenticated query processing in the cloud that fulfills the aforementioned requirements. Security analysis and performance evaluation show that the proposed solutions and techniques are robust and efficient under a wide range of system settings.

Nasazení kontextového DLP systému v rámci zavádění ISMS / Deployment of the Context DLP System within ISMS Implementation

Imrich, Martin

January 2015

This diploma thesis focuses on a DLP implementation within a specific organization. The thesis contains current situation analysis and provides decision for choice of the most suitable DLP based on the analysis findings. Eventually describes a real implementation of the chosen DLP system within the organization.

Using Spammers' Computing Resources for Volunteer Computing

Bui, Thai Le Quy

13 March 2014

Spammers are continually looking to circumvent counter-measures seeking to slow them down. An immense amount of time and money is currently devoted to hiding spam, but not enough is devoted to effectively preventing it. One approach for preventing spam is to force the spammer's machine to solve a computational problem of varying difficulty before granting access. The idea is that suspicious or problematic requests are given difficult problems to solve while legitimate requests are allowed through with minimal computation. Unfortunately, most systems that employ this model waste the computing resources being used, as they are directed towards solving cryptographic problems that provide no societal benefit. While systems such as reCAPTCHA and FoldIt have allowed users to contribute solutions to useful problems interactively, an analogous solution for non-interactive proof-of-work does not exist. Towards this end, this paper describes MetaCAPTCHA and reBOINC, an infrastructure for supporting useful proof-of-work that is integrated into a web spam throttling service. The infrastructure dynamically issues CAPTCHAs and proof-of-work puzzles while ensuring that malicious users solve challenging puzzles. Additionally, it provides a framework that enables the computational resources of spammers to be redirected towards meaningful research. To validate the efficacy of our approach, prototype implementations based on OpenCV and BOINC are described that demonstrate the ability to harvest spammer's resources for beneficial purposes.

Computers -- Energy conservation

Computer Sciences

Information Security

Audit cloudových služeb pro malé a střední podniky / Cloud Computing Audit for Small and Medium Enterprises

Kroft, Karel

January 2014

Cloud computing brings to the world of information systems many opportunities but also new risks. The main one is decreased customer ability to directly control the security of information and systems, because administration responsibility passes to providers. This thesis focuses on cloud services auditing from the small and medium enterprises perspective. In introduction, this work defines information system audit terminology, characterizes cloud services and analyzes international legislation. Standardization organizations, published standards and methodologies that are widely respected in IT field are introduced. For the trust mediation in the cloud are important independent third-party audits and organizations specializing in the examination and control of cloud providers. The assumptions list is assembled on this basis to support screening process and to check, whether enterprise, service providers and services are ready for creating efficient and safe cloud system. The assumptions are applied to selected cloud service providers.

Enhancing Security in Managing Personal Data by Web Systems

Wild, Stefan

12 June 2017

Web systems have become an integral part in daily life of billions of people. Social is a key characteristic today’s web projects need to feature in order to be successful in the social age. To benefit from an improved user experience, individual persons are continually invited to reveal more and more personal data to web systems. With a rising severity of attacks on web systems, it is evident that their security is inadequate for the amount of accumulated personal data. Numerous threat reports indicate that social media has become a top-ranking attack target, with climbing impacts, with ramifications beyond single individuals and with a booming black market to trade leaked personal data. To enhance information security in managing personal data by web systems for the mutual benefit of individual persons, companies and governments, this dissertation proposes a solution architecture and three research contributions. While the solution architecture establishes the foundation for a more secure management of personal data by web systems, the research contributions represent complementary components for protecting personal data against unwanted data disclosure, tampering and use without the actual data owner’s intent or knowledge. Not only do these components enable seamless integration and combination, but they also contribute to assure quality and maintainability. The dissertation concludes with discussing evaluation results and providing an outlook towards future work.

info:eu-repo/classification/ddc/004

ddc:004

Hodnocení zabezpečení obchodních informací / Rating of Security Business Informations

Veselý, Martin

January 2009

The thesis ”Rating of security business information” is focused on creating metrics in order to assess security of an information system of the company Tech4sec, spol.s.r.o. Risks of the information system and their impact on economy of the company are elaborated by application of the created metrics. To build the part of IS/IT strategy of the company that leads to elimitation of the risks found is dealt with in the thesis as well.