Dissemination

Publications

Verifiable Document Redacting

Abstract: In 2016, Naveh and Tromer introduced PhotoProof, a novel approach to image authentication based on cryptographic proofs. We here show how to simplify PhotoProof to get a protocol closely related to redactable signature schemes. From an authenticated breeder document, we only keep the necessary fields to prove what its owner wants to assert and black out all the others to remove sensitive data from the document. We efficiently instantiate our scheme and give implementation results that show its practicality.

Is there a “rowhammer” for MLC NAND Flash SSDs? An analysis of filesystem attack vectors

Rowhammer demonstrated that non-physical hardwareweakness- based attacks can be devastating. In a recent paper, Cai et al. [2] propose that similar attacks can be performed on MLC NAND flash-based SSDs, with potentially devastating effects as well. In this paper, we discuss the requirements for a successful, full-system, local privilege attack on SSDs and show a filesystem based attack vector, which we demonstrate. In particular, to motivate the assumptions of the filesystem-level attack, we show the attack primitive that an attacker can obtain by making

HardIDX: Practical and Secure Index with SGX

Abstract. Software-based approaches for search over encrypted data are still either challenged by lack of proper, low-leakage encryption or slow performance.
Existing hardware-based approaches do not scale well due to hardware limitations and software designs that are not specifically tailored to the hardware architecture, and are rarely well analyzed for their security (e.g., the impact of side channels). Additionally, existing hardware-based solutions often have a large code footprint in the trusted environment susceptible to software compromises.

Deliverables

D7.7. Business Models for TREDISEC

In order to generate revenue within the EU economic area, the consortium has identified business models that will sustain the outcome of the TREDISEC project in terms of business benefits and potential triggers for markets. This document describes the relevant customer segments, depending on their needs, focusing on the sectors with a higher risk of attack (and thus, more interested in improving their systems), and the best way to approach them. We have identified two main channels to reach potential customers: an online channel for reaching users with a technical profile and “turn” them into influencers inside their companies; and a field sales force for reaching larger companies that require customization.
The proposed business model advocates the project deliverables via a unified Framework, which is able to integrate (or “glue together”) all the Security Primitives developed by the project partners.
Following this business model proposal, a “freely” available Framework does not imply that there is no benefit from it. There are numerous ways in which TREDISEC can benefit from the Framework; For example, almost certainly, the Framework will need customization for different installations. So, there will be considerable need for consultancy, maintenance and customization work to be done.

D6.2. Evaluation criteria

In this deliverable we describe the methodologies that we plan to use in order to evaluate the outcomes of TREDISEC. We present our approach to assess whether the results of the project fulfil the requirements and necessities of the use cases, identified in deliverable D2.1 “Description of the context scenarios and use cases definition”, and to measure to what extent these requirements are met.
TREDISEC has two major technological outcomes: the TREDISEC Framework and the security primitives. In our approach, we perform the assessment of the maturity level of these results by deploying the TREDISEC Framework and security primitives in the use cases of the project and other internal testing environments.
Along the evaluation process we will validate compliance to the requirements identified in WP2 (cf. D2.2 “Requirements Analysis and Consolidation” ), and assess the degree of enhancement brought by the TREDISEC technological outcomes in each use case. On one side, we will evaluate the overall project success by concluding whether the objectives have been achieved. In this case, we refer to the evaluation criteria defined by all the use case owners and the framework owners. On the other side, we evaluate the TREDISEC technological outcomes, i.e. the framework and the security primitives, by deploying them in the use cases and using the corresponding indicators to perform measurements.
In order to homogenise the different evaluations, we have defined two different types of domain-specific indicators to evaluate TREDISEC technologies: use case process indicator, which focuses on the process described in each use case; and technology-related indicators, which focuses on functional and non-functional characteristics of the technologies developed. For each of the objectives a success criterion is defined together with the measurement methodologies.
Notice that for all use cases and the framework, the focus areas to be evaluated along the processes and requirements fulfilment are defined in detail by all use case and framework owners.

D4.4. A proposal for secure enforcement of policies in the Cloud

Cloud systems are a great platform for collaboration and shared resource usage. However, such cloud systems can only be successful if they securely enforce policies in the cloud, as they otherwise put users’ data at risk. During the course of this deliverable we will present three contributions targeted at providing a better enforcement of cloud policies.
We present the implementation of the TREDISEC security primitive Access Control for Multi-tenancy that was outlined as part of deliverable D4.1. Multi-tenancy makes cloud systems attractive for both customers and providers due to the lower costs. However, such systems also require special care in terms of access control as tenants have to be securely separated from each other.
We also present a novel technique aimed at enhancing the collaboration on cloud storage for group members, e.g. a set of employees. Such members want to use collaboratively-accessible cloud storage, but due to data protection regulation they also need secure deletion in order to protect customer privacy and data security.
Finally, we outline a new instantiation of interaction for multiple distrusting parties that want to make shared access control decisions on a shared cloud repository. Our system prevents a single party from monopolizing the access control decisions, but in contrast provides an efficient way for collaborative access control decisions for cloud storage using blockchain technologies.

D1.6. Innovation Management Report

The goal of this document is to outline the current progress of the TREDISEC project from the point of view of Innovation Management activities. Recall that the main purpose of innovation management is to ensure that the project research activities, technological developments, and achievements, are kept well connected to outside technology developments. An additional goal of innovation management here is to maintain low risk level for the project and to prevent the project results from losing relevance given the evolving trends in the market.

Blog

EPICA

EPICA (Efficient and Privacy-respectful Interoperable Cloud-based Authorization) is a software implementation that controls access to resources (either services or data) in multi-tenant cloud environments. EPICA supports an ABAC-based model that extends XACML policies to represent trust relationships between tenants (so called “tenant-aware XACML policies”) in order to govern cross-tenant access to shared cloud resources.

How TREDISEC will contribute to data security and storage efficiency in the cloud

Cloud computing has changed both business and everyday life, that’s a fact. Its technological capabilities offer numerous opportunities to cut costs, drive business innovation, and enable new consumer services. On the other hand, a successful attack to critical cloud services, which might slow-down or interrupt services as well as leave data in-flight or at-rest completely exposed to non-authorized parties, could derive into contractual obligations or regulatory compliance violation, resulting in reputation, financial loss, and ultimately, even loss of lives in the case of health or defence critical systems. And suffering such an attack is not an unlikely possibility at all. Not anymore.

M24: so what?

March 2017 means M24 in our project timeline terminology. We have submitted four new deliverables and the second year of the project is over. So what?

So... many things really!

    If you have been disconnected from latest project news, here's a few of them that you must become acquainted with:

TREDISEC Requirements

TREDISEC Framework Requirements: dimensions

TREDISEC aims at providing a set of security primitives that will ensure the confidentiality and integrity of the outsourced data and computations to the cloud. To help with the design of these primitives, towards the end of December 2015, we have identified the different TREDISEC requirements ranging from functional prerequisites to specific security and privacy needs. With this aim, the following methodology has been applied:

The 7 key innovation points of TREDISEC

Most existing cloud security solutions are not well-suited in the market because they either provide security at the expense of the economy of scale and cost effectiveness of the cloud (e.g. data is encrypted before being outsourced, which prevents any computation to be performed in the cloud), or they meet the latter objectives at the expense of security (e.g., data deduplication and compression optimally use the resources of the cloud provider but require the customer to blindly trust its cloud provider).