Lamya Abdullah scite author profile

In cloud computing, data processing is delegated to a remote party for efficiency and flexibility reasons. A practical user requirement usually is that the confidentiality and integrity of data processing needs to be protected. In the common scenarios of cloud computing today, this can only be achieved by assuming that the remote party does not in any form act maliciously. In this paper, we propose an approach that avoids having to trust a single entity. Our approach is based on two concepts: (1) the technical abstraction of sealed computation, i.e., a technical mechanism to confine the processing of data within a tamper-proof hardware container, and (2) the additional role of an auditing party that itself cannot add functionality to the system but is able to check whether the system (including the mechanism for sealed computation) works as expected. We discuss the abstract technical and procedural requirements of these concepts and explain how they can be applied in practice.

show abstract

Achieving Consistency of Software Updates against Strong Attackers

Abdullah

Hahn

Freiling

2019

View full text Add to dashboard Cite

Update systems that regularly distribute updates for installed software systems to end users are an essential part of modern security. Problems arise when the update system is misused and malicious updates are sent to a small set of end users only. Such situations can occur if the software supplier has been successfully attacked or is coerced by government agencies to distribute hand-crafted updates to a set of "suspects" containing promiscuous functionality like back-doors. In this paper, we define a set of general security requirements for update systems that encompass protection against malicious updates. We then introduce the design of an update system that satisfies all requirements and present an implementation as an extension to the advanced package tool (APT) for the Debian operating system. We evaluate the strengths and weaknesses of the system and discuss its large-scale applicability with respect to security and performance overhead.

show abstract

Sealed computation: a mechanism to support privacy-aware trustworthy cloud service

Abdullah

Quintero

2019

ICS

View full text Add to dashboard Cite

Purpose The purpose of this study is to propose an approach to avoid having to trust a single entity in cloud-based applications. In cloud computing, data processing is delegated to a remote party for efficiency and flexibility reasons. A practical user requirement usually is data privacy; hence, the confidentiality and integrity of data processing needs to be protected. In the common scenarios of cloud computing today, this can only be achieved by assuming that the remote party does not in any form act maliciously. Design/methodology/approach An approach that avoids having to trust a single entity is proposed. This approach is based on two concepts: the technical abstraction of sealed computation, i.e. a technical mechanism to confine a privacy-aware processing of data within a tamper-proof hardware container, and the role of an auditing party that itself cannot add functionality to the system but is able to check whether the system (including the mechanism for sealed computation) works as expected. Findings Discussion and analysis of the abstract, technical and procedural requirements of these concepts and how they can be applied in practice are explained. Originality/value A preliminary version of this paper was published in the proceedings of the second International Workshop on SECurity and Privacy Requirements Engineering (SECPRE, 2018).

show abstract

Grundprinzip der Sealed Cloud

Jäger

Rieken

Ernst

et al. 2020

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Lamya Abdullah

Secure cluster-based SIP service over Ad hoc networks

Sealed Computation: Abstract Requirements for Mechanisms to Support Trustworthy Cloud Computing

Achieving Consistency of Software Updates against Strong Attackers

Sealed computation: a mechanism to support privacy-aware trustworthy cloud service

Grundprinzip der Sealed Cloud

Contact Info

Product

Resources

About