CSIS Seminar

How to secure your outsourced data and computations without harming utility

Speaker:   Dr. Nikos Triandopoulos
When:   Tuesday, April 05, 2016, 11:00am - 12:00pm
Where:   Engineering Building, Room 2901


Today massive amounts of information are generated, managed or exchanged over untrusted Internet-based platforms that are prone to attacks. As such information is often of great importance to organizations or individuals, it is vital to provide integrity protections in this setting. In particular, in the face of malicious data loss or corruption, ensuring that outsourced data (in transit or at rest) remains intact and that outsourced computations return correct results, are essential operations for fully trustworthy network, storage and cloud services.

In this talk, I will show how to harden outsourced data or computations in ways that allow for reliable integrity checks without diminishing the gains of outsourcing. I will present two new integrity-protection techniques that provide provable security and practical efficiency. As I will show, they both advance the state of the art by reaching new desired performance goals through a "best-of-both-worlds" approach that achieves better trade-offs between generality and efficiency than those currently known. First, for a database-as-a-service model where an entity outsources its database to a server, I will describe a new framework for efficient verifiable computation that allows a client to verify the results of a query without affecting usability. This solution exploits the benefits of secure and "proof-based" composition of (new or existing) query-verification schemes. Second, for a cloud-based or networked storage model where files are managed by a storage provider or exchanged via file-transfer protocols, I will describe a new method for reliable data management that allows a user to verify the availability or correct receipt of a file without adding noticeable delays. This solution is based on Falcon codes, a new general-purpose secure coding scheme that features resilience to adversarial corruptions and fast data processing. I will conclude by discussing open problems related to the presented techniques as well as new research directions in cyber security which could also benefit by solutions that have to offer the best of both worlds: security and efficiency.

Speaker Bio

Dr. Nikos Triandopoulos is an Adjunct Assistant Professor in Computer Science at Boston University. His research interests broadly span security, privacy and cryptography, including cloud, network and enterprise security, with a focus on trustworthy computing, secure data management and applied cryptography. From 2010 and until recently, he was a Principal Research Scientist at RSA Labs in EMC's Security Division, where he carried out research to discover and transfer to practice new innovative technologies related to strong authentication, identity management and security analytics. Prior to RSA Labs, he held postdoc and research faculty positions at Dartmouth College, Aarhus University, Boston University and Brown University. He has been awarded several US Patents and NSF research grants. He obtained his PhD in Computer Science from Brown University and his diploma in Computer Engineering & Informatics from University of Patras.