[Busec] Security-seminar Monday 4PM at MIT with Ari Feldman, Princeton

Sharon Goldberg goldbe at cs.bu.edu
Fri Feb 24 16:11:54 EST 2012

Hi All,

Interesting talk at MIT on Monday 4PM.


---------- Forwarded message ----------
From: Raluca Ada Popa <ralucap at mit.edu>
Date: Thu, Feb 23, 2012 at 4:48 PM
Subject: [Security-seminar] Monday, Ari Feldman, Princeton
To: systems-security at lists.csail.mit.edu
Cc: Ariel Feldman <ajfeldma at cs.princeton.edu>

Hi all,

On Monday, Ari Feldman from Princeton, will talk about "Privacy and
Integrity in the Untrusted Cloud". The seminar will be at *4*pm.


Where: Stata, G575
When: Monday *4*pm; February 27, 2012
Speaker: Ariel J. Feldman, Princeton
Title: Privacy and Integrity in the Untrusted Cloud

Abstract: For a myriad of user-facing applications from word
processing and calendaring to social networking, cloud deployment is
becoming increasingly popular. Cloud services are attractive because
they offer availability, reliability, global accessibility, and
convenience that desktop applications cannot match. Unfortunately,
these benefits come at the cost of having to trust the service
provider with the confidentiality and integrity of one’s data. Private
data stored with cloud providers could be leaked to malicious
outsiders and insiders or turned over to government agencies,
potentially without warrants. Furthermore, a malicious or compromised
cloud provider could corrupt users’ data or even equivocate, showing
different users divergent views of the system’s state.

In this talk, I will present two systems that make it possible to
benefit from a centralized cloud provider without having to trust it
with the privacy and integrity of users’ data. In both systems, the
provider’s servers see only encrypted data and cannot deviate from
correct execution without detection. The first system, SPORC, allows
concurrent, low-latency editing of shared state, permits disconnected
operation, and supports dynamic access control even in the presence of
concurrency. The second, Frientegrity, provides strong defenses
against server equivocation as well as dynamic access control that
scale to the demands of a large social networking service. Both of
these systems explore what is possible when the confidentiality and
integrity of users’ data depends on the security of their own
cryptographic keys, and not on a service provider’s good intentions.

Bio: Ariel J. Feldman is a Ph.D. candidate in computer science at
Princeton University whose research focuses on systems security and
applied cryptography. His recent work has been aimed at developing
practical cloud-based systems that protect the confidentiality and
integrity of users’ data by design rather than through promises and
legal contracts. Previously, he has worked on improving the security
of electronic voting systems and disk encryption.

Systems-security mailing list
Systems-security at lists.csail.mit.edu

Sharon Goldberg
Computer Science, Boston University

More information about the Busec mailing list