How to secure your outsourced computations without harming utility
An integral component of modern computing relates to outsourcing, the ability of frontend users to have their own data stored, processed or shared via online services offered by backend hosts. In such settings, information is managed over computing platforms that are untrusted or prone to attacks, thus providing integrity protections is vital: In the face of malicious data loss or corruption, ensuring that user data remains intact and that outsourced computations return correct results, are essential operations for fully trustworthy online services.
In this talk, I will show how to harden outsourced computations in best-of-two-worlds ways that allow for efficient and reliable integrity checks without diminishing the gains of outsourcing. First, in the model where a database is outsourced to a remote server, I will describe a new authentication framework for verifying the results of database queries without affecting usability. This framework exploits the benefits of secure composition of query-verification schemes, achieving better trade-offs between expressiveness and efficiency than those currently known. Also, in the model where data is processed through a hostile network, I will describe a new data-management approach for verifying the quality of received data. This approach is based on a novel class of secure coding schemes, featuring resilience to adversarial corruptions, yet fast data processing. I will conclude by discussing open problems related to the presented techniques as well as new research directions in cyber security, which could also benefit by solutions that are not only provable secure and practically efficient, but also meet the actual requirements imposed by the system they are meant to protect.
Dr. Nikos Triandopoulos is an Associate Professor of Computer Science at Stevens Institute of Technology. His interests broadly span security, privacy and cryptography, including network, distributed systems and enterprise security, with a focus on trustworthy computing and secure data management. Prior to joining Stevens, he was a Principal Research Scientist at RSA Labs in EMC’s Security Division, where he carried out research to transfer to practice innovative technologies related to strong authentication, identity management and security analytics. He has also held postdoc and research faculty positions at Dartmouth, Aarhus University, Brown and BU. He has a sizeable record of journal or peer-review conference publications and he has been awarded several US Patents and NSF research grants. He obtained his Ph.D. in Computer Science from Brown and his diploma in Computer Engineering & Informatics from University of Patras, Greece.