ClearBox allows a storage service provider to transparently attest to its customers the deduplication patterns of the (encrypted) data that it is storing. By doing so, ClearBox enables cloud users to verify the effective storage space that their data is occupying in the cloud, and consequently to check whether they qualify for benefits such as price reductions, etc
Several applications rely on biometrics to authenticate users. Since performing a biometric matching requires advanced technical knowledge, companies may prefer to delegate this computation to a specialized cloud server. Our Verifiable Biometric Matching enhances the confidence in a delegated biometric matching by adding a proof that the result of the computation is correct.
Privacy and legal reasons prevent companies operating biometric systems from taking advantage of cloud computing, unless data are encrypted. An attracting property would be to be able to perform computations such as extracting features on these encrypted data . Our primitive enables to apply some signal processing algorithm over encrypted data.
PerfectDedup is a new scheme that enables the cloud to securely deduplicate redundant data when it is encrypted. PerfectDedup relies on the use of different encryption techniques based on the popularity of the data: Popular data are protected under convergent encryption and can therefore be deduplicated; unpopular data segments which are likely to remain unique are protected under semantically-secure symmetric encryption.
MUSE is a searchable encryption scheme that enables cloud users to upload their encrypted data and authorize other users to perform lookup queries over these data. The main privacy guarantee that MUSE offers is that it does not disclose the content of the data and the queries to the cloud.
Container Isolation component preserves confidentiality of sensitive data in a containerized virtual environment. By exploiting Docker’s layered filesystem users can securely manipulate images throughout their life cycle. The component can secure both data on disk, by encrypting/decrypting on the fly, and data migration by enhancing the image distribution process.
ML-PoR is a proof of retrievability scheme that enables a cloud user to verify the correct storage of her outsourced data while allowing the cloud to perform secure deduplication whenever there is redundancy.
Only four months left to finish TREDISEC!
It has been a long way, but the time has come. We are in the final countdown and we have obtained awesome results along this tough but exciting period. So let's start showing off!
In order to do that, we have chosen the conference ISSE: The future of Digital Security & Trust. The TREDISEC workshop took place in the morning of the second day of the conference and was titled "How to reconcile cloud efficiency with security & privacy". This is our mantra and we wanted to get across the message that TREDISEC provides the necessary means to achieve it.
Proof of Ownership (PoW) is a cryptographic protocol that regulates the interactions between a prover and a verifier. The protocol is usually executed in the context of a storage outsourcing scenario, where the prover is the client and the verifier is the (storage) service provider.