Medium

Computerized systems are present in various aspects of modern society. These systems are used to access and share confidential information. Such sharing is achieved through cryptographic protocols which often employ randomization to introduce unpredictability in their behavior to achieve critical security objectives and make it difficult for the malicious adversaries to infer the underlying execution of the participants.

The Public Key Infrastructure (PKI), along with the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, are responsible for securing Internet transactions such as banking, email, and e-commerce; they provide users with the ability to verify with whom they are communicating online, and enable encryption of those communications. While the use of the PKI is mostly automated, there is a surprising amount of human intervention in management tasks that are crucial to its proper operation.

Online social networks (OSNs) face various forms of fraud and attacks, such as spam, denial of service, Sybil attacks, and viral marketing. In order to build trustworthy and secure OSNs, it has become critical to develop techniques to analyze and detect OSN fraud and attacks. Existing OSN security approaches usually target a specific type of OSN fraud or attack and often fall short of detecting more complex attacks such as collusive attacks that involve many fraudulent OSN accounts, or dynamic attacks that encompass multiple attack phases over time.

When users store their data in the cloud, they take many privacy risks: Will the cloud storage provider allow others to see that data? If the user sets sharing rules for the data, will the cloud storage system follow those rules? Recent news stories of user data exfiltration from cloud storage systems show that users have reason for concern. Encrypting files before storing them in the cloud would provide strong protection, but this approach makes it very difficult for users to share data with others and to change their sharing policies.

This project aims at developing efficient methods for protecting the privacy of computations on outsourced data in distributed settings. The project addresses the design of an outsourced storage framework where the access pattern observed by the storage server gives no information about the actual data accessed by the client and cannot be correlated with external events. For example, the server cannot determine whether a certain item was previously accessed by the client or whether a certain algorithm is being executed.