Usable secure mailing lists with untrusted servers

Bobba, Rakesh B.; Muggli, Joe; Pant, Meenal; Basney, Jim; Khurana, Himanshu

doi:10.1145/1527017.1527032

Cited by 8 publications

(2 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The Palantir system provides the collaborative workspace for discussions and data sharing among incident investigators, as seen in Figure 4. Collaboration mechanisms in the workspace include a data repository for log files, network traces, and other forensic data, a wiki for providing an overview of the incident for new members, documenting incident details, and keeping a timestamped incident notebook, secure instant messaging for real-time discussions, secure email lists [7,19,20] for ongoing discussions, anonymization tools [33] for sanitizing data before it is shared, analysis tools [10], and visualization tools [36].…”

Section: Design and Implementationmentioning

confidence: 99%

Palantir

Khurana

Basney

Bakht

et al. 2009

Proceedings of the 8th Symposium on Identity and Trust on the Internet

Self Cite

View full text Add to dashboard Cite

Organizations owning cyber-infrastructure assets face large scale distributed attacks on a regular basis. In the face of increasing complexity and frequency of such attacks, we argue that it is insufficient to rely on organizational incident response teams or even trusted coordinating response teams. Instead, there is need to develop a framework that enables responders to establish trust and achieve an effective collaborative response and investigation process across multiple organizations and legal entities to track the adversary, eliminate the threat and pursue prosecution of the perpetrators. In this work we develop such a framework for effective collaboration. Our approach is motivated by our experiences in dealing with a large-scale distributed attack that took place in 2004 known as Incident 216. Based on our approach we present the Palantir system that comprises conceptual and technological capabilities to adequately respond to such attacks. To the best of our knowledge this is the first work proposing a system model and implementation for a collaborative multi-site incident response and investigation effort.

show abstract

Section: Design and Implementationmentioning

confidence: 99%

Palantir

Khurana

Basney

Bakht

et al. 2009

Proceedings of the 8th Symposium on Identity and Trust on the Internet

Self Cite

View full text Add to dashboard Cite

show abstract

“…Later, two bidirectional schemes without pairings in the random oracle were proposed in . Bidirectional PRE scheme is a very useful primitive in practice, especially in collaborative tasks using email lists , but the main problem is that it usually needs to run a multiparty protocol among three users beforehand to generate a re‐encryption key(i.e., two users with their own secret keys and a proxy with nothing as inputs: after the execution of the protocol, the proxy obtains the corresponding re‐encryption key, the two users obtains nothing). Canetti et al , left an open problem to construct a chosen ciphertext attacks (CCA) secure unidirectional PRE scheme (without parings).…”

Section: Introductionmentioning

confidence: 99%

Secure and efficient data‐sharing in clouds

Zhang

2014

Concurrency and Computation

View full text Add to dashboard Cite

SummaryWith the rapid development of cloud computing, cloud storage has become a cost‐effective solution for many users with the demand of data storage. However, there are still two main concerns for users with sensitive/private data: (1) Is it secure to store private data in public cloud storages? (2) Is there an efficient way to share private data with other specified users? In the past years, several papers in the literature have used proxy re‐encryption (PRE) to address these two concerns, where the efficiency of the underlying PRE scheme is usually a bottleneck of the overall performance of cloud storages. In this paper, we dedicate to design a secure and practical PRE scheme for cloud‐based data‐sharing. First, we discuss a ‘pitfall’ in the security proof of several existing PREs. Then, we give a general framework for proving the chosen ciphertext attacks (CCA) security of single‐hop unidirectional PRE schemes. Finally, we propose a practical PRE scheme that is proven secure against CCA under the computational Diffie–Hellman problem in the random oracle model. We evaluate the performance of our PRE scheme both in theoretical comparisons with related schemes and in implementations at several security levels. The results indicate that our scheme can be practical in cloud‐based data‐sharing. Copyright © 2014 John Wiley & Sons, Ltd.

show abstract