Search For:

Displaying 1-16 out of 16 total
Multi-Dimensional Range Query over Encrypted Data
Found in: Security and Privacy, IEEE Symposium on
By Elaine Shi, John Bethencourt, T-H. Hubert Chan, Dawn Song, Adrian Perrig
Issue Date:May 2007
pp. 350-364
We design an encryption scheme called Multi-dimensional Range Query over Encrypted Data (MRQED), to address the privacy concerns related to the sharing of network audit logs and various other applications. Our scheme allows a network gateway to encrypt sum...
 
Cloud Data Protection for the Masses
Found in: Computer
By Dawn Song,Elaine Shi,Ian Fischer,Umesh Shankar
Issue Date:January 2012
pp. 39-45
Offering strong data protection to cloud users while enabling rich applications is a challenging task. Researchers explore a new cloud platform architecture called Data Protection as a Service, which dramatically reduces the per-application development eff...
 
BIND: A Fine-Grained Attestation Service for Secure Distributed Systems
Found in: Security and Privacy, IEEE Symposium on
By Elaine Shi, Adrian Perrig, Leendert Van Doorn
Issue Date:May 2005
pp. 154-168
In this paper, we propose BIND (Binding Instructions aNd Data), a fine-grained attestation service for securing distributed systems. Code attestation has recently received considerable attention in trusted computing. However, current code attestation techn...
 
Detection of Denial-of-Message Attacks on Sensor Network Broadcasts
Found in: Security and Privacy, IEEE Symposium on
By Jonathan M. McCune, Elaine Shi, Adrian Perrig, Michael K. Reiter
Issue Date:May 2005
pp. 64-78
So far, sensor network broadcast protocols assume a trustworthy environment. However, in safety and mission-critical sensor networks this assumption may not be valid and some sensor nodes might be adversarial. In these environments, malicious sensor nodes ...
 
Authenticated data structures, generically
Found in: Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL '14)
By Andrew Miller, Elaine Shi, Jonathan Katz, Michael Hicks
Issue Date:January 2014
pp. 411-423
An authenticated data structure (ADS) is a data structure whose operations can be carried out by an untrusted prover, the results of which a verifier can efficiently check as authentic. This is done by having the prover produce a compact proof that the ver...
     
PHANTOM: practical oblivious computation in a secure processor
Found in: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (CCS '13)
By Dawn Song, Eric Love, John Kubiatowicz, Martin Maas, Mohit Tiwari, Elaine Shi, Emil Stefanov, Krste Asanovic
Issue Date:November 2013
pp. 311-324
We introduce PHANTOM [1] a new secure processor that obfuscates its memory access trace. To an adversary who can observe the processor's output pins, all memory access traces are computationally indistinguishable (a property known as obliviousness). We ach...
     
Multi-cloud oblivious storage
Found in: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (CCS '13)
By Elaine Shi, Emil Stefanov
Issue Date:November 2013
pp. 247-258
We present a 2-cloud oblivious storage (ORAM) system that achieves 2.6X bandwidth cost between the client and the cloud. Splitting an ORAM across 2 or more non-colluding clouds allows us to reduce the client-cloud bandwidth cost by at least one order of ma...
     
Practical dynamic proofs of retrievability
Found in: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (CCS '13)
By Elaine Shi, Emil Stefanov, Charalampos Papamanthou
Issue Date:November 2013
pp. 325-336
Proofs of Retrievability (PoR), proposed by Juels and Kaliski in 2007, enable a client to store n file blocks with a cloud server so that later the server can prove possession of all the data in a very efficient manner (i.e., with constant computation and ...
     
Path ORAM: an extremely simple oblivious RAM protocol
Found in: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (CCS '13)
By Elaine Shi, Srinivas Devadas, Christopher Fletcher, Emil Stefanov, Ling Ren, Marten van Dijk, Xiangyao Yu
Issue Date:November 2013
pp. 299-310
We present Path ORAM, an extremely simple Oblivious RAM protocol with a small amount of client storage. Partly due to its simplicity, Path ORAM is the most practical ORAM scheme for small client storage known to date. We formally prove that Path ORAM requi...
     
Summary/overview for artificial intelligence and security (AISec'13)
Found in: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (CCS '13)
By Blaine Nelson, Christos Dimitrakakis, Elaine Shi
Issue Date:November 2013
pp. 1483-1484
The Workshop on Artificial Intelligence and Security (AISec) focuses on the theory and application of Artificial Intelligence (AI) and machine learning in adversarial settings such as security and privacy applications and conversely, the security and priva...
     
Opaak: using mobile phones to limit anonymous identities online
Found in: Proceedings of the 10th international conference on Mobile systems, applications, and services (MobiSys '12)
By Dawn Song, Elaine Shi, Gabriel Maganis, Hao Chen
Issue Date:June 2012
pp. 295-308
Trust and anonymity are both desirable properties on the Internet. However, online services and users often have to make the trade off between trust and anonymity due to the lack of usable frameworks for achieving them both. We propose Opaak, a practical a...
     
Private and Continual Release of Statistics
Found in: ACM Transactions on Information and System Security (TISSEC)
By Dawn Song, Elaine Shi, T.-H. Hubert Chan
Issue Date:November 2011
pp. 1-24
We ask the question: how can Web sites and data aggregators continually release updated statistics, and meanwhile preserve each individual user’s privacy? Suppose we are given a stream of 0’s and 1’s. We propose a differentially private c...
     
Efficient and secure threshold-based event validation for VANETs
Found in: Proceedings of the fourth ACM conference on Wireless network security (WiSec '11)
By Adrian Perrig, Ahren Studer, Elaine Shi, Hsu-Chun Hsiao, Rituik Dubey
Issue Date:June 2011
pp. 163-174
Determining whether the number of vehicles reporting an event is above a threshold is an important mechanism for VANETs, because many applications rely on a threshold number of notifications to reach agreement among vehicles, to determine the validity of a...
     
Authentication in the clouds: a framework and its application to mobile users
Found in: Proceedings of the 2010 ACM workshop on Cloud computing security workshop (CCSW '10)
By Elaine Shi, Jesus Molina, Markus Jakobsson, Richard Chow, Ryusuke Masuoka, Yuan Niu, Zhexuan Song
Issue Date:October 2010
pp. 1-6
Cloud computing is a natural fit for mobile security. Typical handsets have input constraints and practical computational and power limitations, which must be respected by mobile security technologies in order to be effective. We describe how cloud computi...
     
Controlling data in the cloud: outsourcing computation without outsourcing control
Found in: Proceedings of the 2009 ACM workshop on Cloud computing security (CCSW '09)
By Elaine Shi, Jessica Staddon, Jesus Molina, Markus Jakobsson, Philippe Golle, Richard Chow, Ryusuke Masuoka
Issue Date:November 2009
pp. 85-90
Cloud computing is clearly one of today's most enticing technology areas due, at least in part, to its cost-efficiency and flexibility. However, despite the surge in activity and interest, there are significant, persistent concerns about cloud computing th...
     
Portcullis: protecting connection setup from denial-of-capability attacks
Found in: Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications (SIGCOMM '07)
By Adrian Perrig, Bruce Maggs, Bryan Parno, Dan Wendlandt, Elaine Shi, Yih-Chun Hu
Issue Date:August 2007
pp. 652-652
Systems using capabilities to provide preferential service to selected flows have been proposed as a defense against large-scale network denial-of-service attacks. While these systems offer strong protection for established network flows, the Denial-of-Cap...
     
 1