Journals

2017

Y. Verginadis, Antonis Michalas, P. Gouvas, G. Schiefer, G. Hubsch and I. Paraskakis. “PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services”. Journal of Grid Computing, a special issue on “Cloud Computing and Services Science”. Springer, 2017.

Abstract

Enterprises increasingly recognize the compelling economic and operational benefits from virtualizing and pooling IT resources in the cloud. Nevertheless, the significant and valuable transformation of organizations that adopt cloud computing is accompanied by a number of security threats that should be considered. In this paper, we outline significant security challenges presented when migrating to a cloud environment and propose PaaSword – a novel holistic framework that aspires to alleviate these challenges. Specifically, the proposed framework involves a context-aware security model, the necessary policies enforcement mechanism along with a physical distribution, encryption and query middleware.

Download

PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services (PDF)

Bibtex

@Article{Michalas:17:PaaSword,
title             ="PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services",
author     "Verginadis, Yiannis and Michalas, Antonis and Gouvas, Panagiotis and Schiefer, Gunther and          H{\"u}bsch, Gerald and Paraskakis, Iraklis",
journal     ="Journal of Grid Computing",
year          = {2017},
month     = "Jun",
day           ="01",
volume    ="15",
number   ="number",
pages     pages="219--234",
abstract  ="Enterprises increasingly recognize the compelling economic and operational benefits from virtualizing and pooling IT resources in the cloud. Nevertheless, the significant and valuable transformation of organizations that adopt cloud computing is accompanied by a number of security threats that should be considered. In this paper, we outline significant security challenges presented when migrating to a cloud environment and propose PaaSword -- a novel holistic framework that aspires to alleviate these challenges. Specifically, the proposed framework involves a context-aware security model, the necessary policies enforcement mechanism along with a physical distribution, encryption and query middleware.",
issn="1572-9184",
doi="10.1007/s10723-017-9394-2",
url="https://doi.org/10.1007/s10723-017-9394-2"
}

 

Kassaye Yitbarek Yigzaw, Antonis Michalas and Johan Gustav Bellika.
“Secure and scalable deduplication of horizontally partitioned health data for privacy-preserving distributed statistical computation”.
Journal of Medical Informatics and Decision Making (BMC), 2017.

Abstract

Background Techniques have been developed to compute statistics on distributed datasets without revealing private information except the statistical results. However, duplicate records in a distributed dataset may lead to incorrect statistical results. Therefore, to increase the accuracy of the statistical analysis of a distributed dataset, secure deduplication is an important preprocessing step. Methods We designed a secure protocol for the deduplication of horizontally partitioned datasets with deterministic record linkage algorithms. We provided a formal security analysis of the protocol in the presence of semi-honest adversaries. The protocol was implemented and deployed across three microbiology laboratories located in Norway, and we ran experiments on the datasets in which the number of records for each laboratory varied. Experiments were also performed on simulated microbiology datasets and data custodians connected through a local area network. Results The security analysis demonstrated that the protocol protects the privacy of individuals and data custodians under a semi-honest adversarial model. More precisely, the protocol remains secure with the collusion of up to N − 2 corrupt data custodians. The total runtime for the protocol scales linearly with the addition of data custodians and records. One million simulated records distributed across 20 data custodians were deduplicated within 45 s. The experimental results showed that the protocol is more efficient and scalable than previous protocols for the same problem. Conclusions The proposed deduplication protocol is efficient and scalable for practical uses while protecting the privacy of patients and data custodians.

Download

Secure and scalable deduplication of horizontally partitioned health data for privacy-preserving distributed statistical computation (PDF)

Bibtex

@Article{Michalas:17:Deduplication,
author     = "Yigzaw, Kassaye Yitbarek and Michalas, Antonis and Bellika, Johan Gustav",
title          = "Secure and scalable deduplication of horizontally partitioned health data for privacy-preserving    distributed statistical computation",
journal    = "BMC Medical Informatics and Decision Making",
volume    = "17",
number   = "1",
pages       = "1",
year          = "2017",
abstract  = "Techniques have been developed to compute statistics on distributed datasets without revealing private information except the statistical results. However, duplicate records in a distributed dataset may lead to incorrect statistical results. Therefore, to increase the accuracy of the statistical analysis of a distributed dataset, secure deduplication is an important preprocessing step.",
issn         = "1472-6947",
doi           = "10.1186/s12911-016-0389-x",
url            = "http://dx.doi.org/10.1186/s12911-016-0389-x"
}

Publisher's links

Secure and scalable deduplication of horizontally partitioned health data for privacy-preserving distributed statistical computation

2016

Nicolae Paladi, Christian Gehrmann and Antonis Michalas . “Providing End-User Security Guarantees in Public Infrastructure Clouds ”. IEEE Transactions on Cloud Computing, a special issue on “Cloud Security Engineering”, IEEE, 2016.

Abstract

The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants – insulated from the minutiae of hardware maintenance – rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organizations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments.

Downloads

Providing User Security Guarantees in Public Infrastructure Clouds (PDF)

Bibtex

@ARTICLE{Michalas:16:Trusted:Launch,
author      = {N. Paladi and C. Gehrmann and A. Michalas},
journal     = {IEEE Transactions on Cloud Computing},
title           = {Providing User Security Guarantees in Public Infrastructure Clouds},
year          = {2016},
volume    = {PP},
number   = {99},
pages       = {1-1},

keywords = {Cloud computing; Computational modeling; Encryption; Protocols; Virtual machining; Cloud Computing; Security; Storage Protection; Trusted Computing},
doi             = {10.1109/TCC.2016.2525991},
ISSN         = {2168-7161},

month    = {},
}

Publisher's link

Providing User Security Guarantees in Public Infrastructure Clouds

 

Kassaye Yitbarek Yigzaw, Antonis Michalas and Johan Gustav Bellika. “Secure and scalable statistical computation of questionnaire data in R”. IEEE Access Journal, a special issue of Big Data Analytics for Smart and Connected Health, IEEE, 2016.

Abstract

Collecting data via a questionnaire and analyzing them while preserving respondents' privacy may increase the number of respondents and the truthfulness of their responses. It may also reduce the systematic differences between respondents and non-respondents. In this paper, we propose a privacy-preserving method for collecting and analyzing survey responses using secure multi-party computation. The method is secure under the semi-honest adversarial model. The proposed method computes a wide variety of statistics. Total and stratified statistical counts are computed using the secure protocols developed in this paper. Then, additional statistics, such as a contingency table, a chi-square test, an odds ratio, and logistic regression, are computed within the R statistical environment using the statistical counts as building blocks. The method was evaluated on a questionnaire data set of 3158 respondents sampled for a medical study and simulated questionnaire data sets of up to 50 000 respondents. The computation time for the statistical analyses linearly scales as the number of respondents increases. The results show that the method is efficient and scalable for practical use. It can also be used for other applications in which categorical data are collected.

Download

Secure and Scalable Statistical Computation of Questionnaire Data in R (PDF)

BibTex

@ARTICLE{Michalas:16:Questionnaire,     
author      = {K. Yigzaw and A. Michalas and J. Bellika},
journal     = {IEEE Access},
title           = {Secure and Scalable Statistical Computation of Questionnaire Data in R},
year           = {2016},
volume     = {PP},
number    = {99},
pages        = {1-1},
keywords  = {Computational modeling; Data privacy; Logistics; Statistical analysis; Systematics; Bloom Filter; Privacy; Questionnaire; Secret Sharing; Secure Multi-Party Computation; Statistical Analysis},
doi            = {10.1109/ACCESS.2016.2599851},
ISSN        = {2169-3536},
month     = {},
}

Publisher's link

Secure and Scalable Statistical Computation of Questionnaire Data in R

 

2014

Tassos Dimitriou and Antonis Michalas . “Multi-Party Trust Computation in Decentralised Environments in the Presence of Malicious Adversaries”. Ad Hoc Networks Journal, a special issue on “Smart Solutions for Mobility Supported Distributed and Embedded Systems”, Elsevier, 2014.

Abstract

In this paper, we describe a decentralized privacy-preserving protocol for securely casting trust ratings in distributed reputation systems. Our protocol allows n participants to cast their votes in a way that preserves the privacy of individual values against both internal and external attacks. The protocol is coupled with an extensive theoretical analysis in which we formally prove that our protocol is resistant to collusion against as many as n − 1 corrupted nodes in both the semi-honest and malicious adversarial models.

The behavior of our protocol is tested in a real P2P network by measuring its communication delay and processing overhead. The experimental results uncover the advantages of our protocol over previous works in the area; without sacrificing security, our decentralized protocol is shown to be almost one order of magnitude faster than the previous best protocol for providing anonymous feedback.

Download

Multi-party trust computation in decentralized environments in the presence of malicious adversaries (PDF)

Bibtex

@article{Michalas:14:StRM,     
author     = {Dimitriou, Tassos and Michalas, Antonis},
title          = {Multi-party Trust Computation in Decentralized Environments in the Presence of Malicious Adversaries},
journal     = {Ad Hoc Networks},
issue_date  = {April, 2014},
volume    = {15},
month     = apr,
year          = {2014},
ISSN         = {1570-8705},
pages      = {53--66},
numpages     = {14},
url            = {http://dx.doi.org/10.1016/j.adhoc.2013.04.013},
doi           = {10.1016/j.adhoc.2013.04.013},
acmid     = {2583229},
publisher = {Elsevier Science Publishers B. V.},
address = {Amsterdam, The Netherlands, The Netherlands},
keywords = {Anonymous feedback, Decentralized reputation systems, Security, Voter privacy},
}

Publisher's link

Multi-party trust computation in decentralized environments in the presence of malicious adversaries

 

2012

Abstract

In this paper, we focus on attacks and defense mechanisms in additive reputation systems. We start by surveying the most important protocols that aim to provide privacy between individual voters. Then, we categorize attacks against additive reputation systems considering both malicious querying nodes and malicious reporting nodes that collaborate in order to undermine the vote privacy of the remaining users. To the best of our knowledge this is the first work that provides a description of such malicious behavior under both semi-honest and malicious model. In light of this analysis we demonstrate the inefficiencies of existing protocols.

Download

Vulnerabilities of Decentralized Additive Reputation Systems Regarding the Privacy of Individual Votes (PDF)

BibTex

@article{Michalas:12:Vulnerabilities:Reputation,
year          = {2012},
ISSN         = {0929-6212},
journal    = {Wireless Personal Communications},
volume    = {66},
number   = {3},
title          = {Vulnerabilities of Decentralized Additive Reputation Systems Regarding the Privacy of Individual Votes},
publisher = {Springer US},
keywords = {Decentralized reputation systems; Security; Voter privacy},
author      = {Michalas, Antonis and Dimitriou, Tassos and Giannetsos, Thanassis and Komninos, Nikos and Prasad, NeeliR.},
pages       = {559-575},
language = {English}

Publisher's link

Vulnerabilities of Decentralized Additive Reputation Systems Regarding the Privacy of Individual Votes

2011

Antonis Michalas, Nikos Komninos and Neeli R. Prasad. “Mitigate DoS and DDoS attack in Ad Hoc Networks”. International Journal of Digital Crime and Forensics, IGI Global, 2011.

Abstract

This paper proposes a technique to defeat Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks in Ad Hoc Networks. The technique is divided into two main parts and with game theory and cryptographic puzzles. Introduced first is a new client puzzle to prevent DoS attacks in such networks. The second part presents a multiplayer game that takes place between the nodes of an ad hoc network and based on fundamental principles of game theory. By combining computational problems with puzzles, improvement occurs in the efficiency and latency of the communicating nodes and resistance in DoS and DDoS attacks. Experimental results show the effectiveness of the approach for devices with limited resources and for environments like ad hoc networks where nodes must exchange information quickly.

Download

2011 - IJDCF - Mitigate Dos and DDoS attack in Ad Hoc Networks

BibTex

@article{Michalas:11:Mitigate:DDoS,
title          = {Mitigate DoS and DDoS attack in mobile ad hoc networks},
author     = {Michalas, Antonis and Komninos, Nikos and Prasad, Neeli R},
journal    = {International Journal of Digital Crime and Forensics (IJDCF)},
volume   = {3},
number  = {1},
pages      = {14--36},
year         = {2011},
publisher = {IGI Global}

Publisher's link

Mitigate DoS and DDoS Attack in Mobile Ad Hoc Networks

Conferences

2016

Antonis Michalas and Kassaye Yitbarek Yigzaw. “LocLess: Do You Really Care Your Cloud Files Are?”. Cloud Security and Data Privacy by Design (CloudSPD’16), Workshop co-located with the 9th IEEE/ACM International Conference on Utility and Cloud Computing, Luxembourg, December 12-15, 2016.

Abstract

Physical location of data in cloud storage is a problem that gains a lot of attention not only from the actual cloud providers but also from the end users' who lately raise many concerns regarding the privacy of their data. It is a common practice that cloud service providers create replicate users' data across multiple physical locations. However, moving data in different countries means that basically the access rights are transferred based on the local laws of the corresponding country. In other words, when a cloud service provider stores users' data in a different country then the transferred data is subject to the data protection laws of the country where the servers are located. In this paper, we propose LocLess, a protocol which is based on a symmetric searchable encryption scheme for protecting users' data from unauthorized access even if the data is transferred to different locations. The idea behind LocLess is that "Once data is placed on the cloud in an unencrypted form or encrypted with a key that is known to the cloud service provider, data privacy becomes an illusion". Hence, the proposed solution is solely based on encrypting data with a key that is only known to the data owner.

Download

LocLess: Do you Really Care Where Your Cloud Files Are? (PDF)

BibTex

@INPROCEEDINGS{Michalas:16:SSE:LocLess,
author     = {A. Michalas and K. Y. Yigzaw},
booktitle     = {2016 IEEE/ACM 9th International Conference on Utility and Cloud Computing (UCC)},
title     = {LocLess: Do You Really Care Your Cloud Files Are?},
year     = {2015},
pages     = {618-623},
month      = {Dec},

 

Antonis Michalas. “Sharing in the Rain: Secure and Efficient Data Sharing for the Cloud”. Proceedings of the 11th IEEE International Conference for Internet Technology and Secured Transactions (ICITST-2016), Barcelona, Spain, December 5-7, 2016.

Abstract

Cloud storage has rapidly become a cornerstone of many businesses and has moved from an early adopters stage to an early majority, where we typically see explosive deployments. As companies rush to join the cloud revolution, it has become vital to create the necessary tools that will effectively protect users' data from unauthorized access. Nevertheless, sharing data between multiple users' under the same domain in a secure and efficient way is not trivial. In this paper, we propose Sharing in the Rain - a protocol that allows cloud users' to securely share their data based on predefined policies. The proposed protocol is based on Attribute-Based Encryption (ABE) and allows users' to encrypt data based on certain policies and attributes. Moreover, we use a Key-Policy Attribute-Based technique through which access revocation is optimized. More precisely, we show how to securely and efficiently remove access to a file, for a certain user that is misbehaving or is no longer part of a user group, without having to decrypt and re-encrypt the original data with a new key or a new policy.

Download

Sharing in the Rain: Secure and Efficient Data Sharing for the Cloud (PDF)

BibTex

@INPROCEEDINGS{Michalas:16:SharingInRain,
author     = {A. Michalas},
booktitle     = {2016 International Conference for Internet Technology And Secured Transactions},
title      = {Sharing in the Rain: Secure and Efficient Data Sharing for the Cloud},
year     = {2016},
pages     = {589-595},

month
    = {Dec}, }

 

Antonis Michalas and Thanassis Giannetsos. “The Data of Things: Strategies, Patterns and Practice of Cloud-based Participatory Sensing”. International Conference on Innovations in Info-business and Technology (ICIIT),  Sri Lanka, March 4-5, 2016. (Position Paper)

Abstract

The broad capabilities of current mobile devices have paved the way for Mobile Crowd Sensing (MCS) applications. The success of this emerging paradigm strongly depends on the quality of received data which, in turn, is contingent to mass user participation; the broader the participation, the more useful these systems become. However, there is an ongoing trend that tries to integrate MCS applications with emerging computing paradigms such as cloud computing. The intuition is that such a transition can significantly improve the overall efficiency while at the same time it offers stronger security and privacy-preserving mechanisms for the end-user. In this position paper, we dwell on the underpinnings of incorporating cloud computing techniques to facilitate the vast amount of data collected in MCS applications. That is, we present a list of core system, security and privacy requirements that must be met if such a transition is to be successful. To this end, we first address several competing challenges not previously considered in the literature such as the scarce energy resources of battery-powered mobile devices as well as their limited computational resources that they often prevent the use of computationally heavy cryptographic operations and thus offering limited security services to the end-user. Finally, we present a use case scenario as a comprehensive example. Based on our findings, we posit open issues and challenges, and discuss possible ways to address them, so that security and privacy do not hinder the migration of MCS systems to the cloud.

Download

The Data of Things: Strategies, Patterns and Practice of Cloud-based Participatory Sensing (PDF)

BibTex

@inproceedings{Michalas:16:DataThings,
title     = {The Data of Things: Strategies, Patterns and Practice of Cloud-based Participatory Sensing},
author     = {Michalas, Antonis and Giannetsos, Thanassis},
booktitle     = {Proceedings of the 1st International Conference on Innovations in InfoBusineess and Technology},
location     = {Colombo, Sri Lanka},
year     = {2016}

Publisher's link

The Data of Things: Strategies, Patterns and Practice of Cloud-based Participatory Sensing

2015

Antonis Michalas and Rafael Dowsley. “Towards Trusted eHealth Services in the Cloud”. Cloud Security and Data Privacy by Design (CloudSPD’15), Workshop co-located with the 8th IEEE/ACM International Conference on Utility and Cloud Computing, Limassol, Cyprus, 
December 7-10, 2015.

Abstract

As adoption of eHealth solutions advances, new computing paradigms - such as cloud computing - bring the potential to improve efficiency in managing medical health records and help reduce costs. However, these opportunities introduce new security risks which can not be ignored. In this paper, we present a forward-looking design for a privacy-preserving eHealth cloud system. The proposed solution, is based on a Symmetric Searchable Encryption scheme that allows patients of an electronic healthcare system to securely store encrypted versions of their medical data and search directly on them without having to decrypt them first. As a result, the proposed protocol offers better protection than the current available solutions and paves the way for the next generation of eHealth systems.

Download

Towards Trusted eHealth Services in the Cloud (PDF)

BibTex

@INPROCEEDINGS{Michalas:15:SSE:Health,
author     = {A. Michalas and R. Dowsley},
booktitle     = {2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC)},
title     = {Towards Trusted eHealth Services in the Cloud},
year     = {2015},
pages     = {618-623},
keywords    = {cloud computing; cryptographic protocols; data protection; electronic health records; health care; trusted computing; cloud computing; cost reduction; data search; efficiency improvement; electronic healthcare system; encrypted medical data storage; forward-looking design; medical health record management; privacy-preserving e-health cloud system; security risks; symmetric searchable encryption scheme; trusted e-health services; Cloud computing; Encryption; Medical services; Protocols; Reliability; Cloud Computing; EHR Protection; Searchable Encryption; Security; Storage Protection; eHealth},
doi     = {10.1109/UCC.2015.108},
month
      = {Dec},
}

Publisher's link

Towards Trusted eHealth Services in the Cloud

 

Y. Verginadis, Antonis Michalas , P. Gouvas, G. Schiefer, G. Hubsch and I. Paraskakis.
“PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services”.
In the 5th International Conference on Cloud Computing and Services Science (CLOSER’15),
20-22 May, 2015, Lisbon, Portugal. (Position Paper)

Abstract

The valuable transformation of organizations that adopt cloud computing is indisputably accompanied by a number of security threats that should be considered. In this paper, we outline significant security challenges presented when migrating to a cloud environment and propose PaaSword – a novel holistic, data privacy and security by design, framework that aspires to alleviate them. The envisaged framework intends to maximize and fortify the trust of individual, professional and corporate users to cloud services. Specifically, PaaSword involves a context-aware security model, the necessary policies enforcement and governance mechanisms along with a physical distribution, encryption and query middleware, aimed at facilitating the implementation of secure and transparent cloud-based applications.

Download

PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services (PDF)

BibTex

@conference{Michalas:15:PaaSword,
author
      = {Yiannis Verginadis and Antonis Michalas and Panagiotis Gouvas and Gunther Schiefer and Gerald Hübsch and Iraklis Paraskakis},
title     = {PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services},
booktitle     = {Proceedings of the 5th International Conference on Cloud Computing and Services Science},
year     = {2015},
pages     = {206-213},
doi     = {10.5220/0005489302060213},
isbn
      = {978-989-758-104-5},
}

Publisher's link

PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services

2014

Antonis Michalas, Nicolae Paladi and Christian Gehrmann. “Security Aspects of e-Health Systems Migration to the Cloud”. Proceedings of the 16th IEEE International Conference on E-health Networking, Application & Services (Healthcom), October 15 - 18, 2014, Natal, Brazil.

Abstract

As adoption of e-health solutions advances, new computing paradigms - such as cloud computing - bring the potential to improve efficiency in managing medical health records and help reduce costs. However, these opportunities introduce new security risks which can not be ignored. Based on our experience with deploying part of the Swedish electronic health records management system in an infrastructure cloud, we make an overview of major requirements that must be considered when migrating e-health systems to the cloud. Furthermore, we describe in-depth a new attack vector inherent to cloud deployments and present a novel data confidentiality and integrity protection mechanism for infrastructure clouds. This contribution aims to encourage exchange of best practices and lessons learned in migrating public e-health systems to the cloud.

Download

Security Aspects of e-Health Systems Migration to the Cloud (PDF)

BibTex

@inproceedings{Michalas:14:Healthcom,
title     = {Security aspects of e-Health systems migration to the cloud},
author     = {Michalas, Antonis and Paladi, Nicolae and Gehrmann, Christian},
booktitle     = {e-Health Networking, Applications and Services (Healthcom), 2014 IEEE 16th International Conference on},
pages     = {212--218},
year     = {2014},
organization     = {IEEE}
}

Publisher's link

Security aspects of e-Health systems migration to the cloud

 

Nicolae Paladi, Antonis Michalas and Christian Gehrmann. “Domain Based Storage Protection with Secure Access Control for the Cloud".
The 2014 International Workshop on Security in Cloud Computing, held in conjunction with the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS), June 3, 2014, Kyoto, Japan.

Abstract

Cloud computing has evolved from a promising concept to one of the fastest growing segments of the IT industry. However, many businesses and individuals continue to view cloud computing as a technology that risks exposing their data to unauthorized users. We introduce a data confidentiality and integrity protection mechanism for Infrastructure-as-a-Service (IaaS) clouds, which relies on trusted computing principles to provide transparent storage isolation between IaaS clients. We also address the absence of reliable data sharing mechanisms, by providing an XML-based language framework which enables clients of IaaS clouds to securely share data and clearly define access rights granted to peers. The proposed improvements have been prototyped as a code extension for a popular cloud platform.

Download

Domain Based Storage Protection with Secure Access Control for the Cloud (PDF)

BibTex

@inproceedings{Michalas:14:DBSP,
author     = {Paladi, Nicolae and Michalas, Antonis and Gehrmann, Christian},
title     = {Domain Based Storage Protection with Secure Access Control for the Cloud},
booktitle     = {Proceedings of the 2014 International Workshop on Security in Cloud Computing},
series     = {ASIACCS '14},
year     = {2014},
isbn     = {978-1-4503-2805-0},
location     = {Kyoto, Japan},
pages     = {},
numpages     = {8},
publisher     = {ACM},
address     = {New York, NY, USA},
keywords
      = {Cloud Computing; Security; IaaS; Storage Protection},
}

Publisher's link

Domain based storage protection with secure access control for the cloud

 

Antonis Michalas and Nikos Komninos. “The Lord of the Sense: A Privacy Preserving Reputation System for Participatory Sensing Applications”. Proceedings of the 19th IEEE International Conference on Communications (ISCC’2014), Madeira, Portugal, 2014.

Abstract

Electronic devices we use on a daily basis collect sensitive information without preserving user's privacy. In this paper, we propose the lord of the sense (LotS), a privacy preserving reputation system for participatory sensing applications. Our system maintains the privacy and anonymity of information with the use of cryptographic techniques and combines voting approaches to support users' reputation. Furthermore, LotS maintains accountability by tracing back a misbehaving user while maintaining k-anonymity. A detailed security analysis is presented with the current advantages and disadvantages of our system.

Download

The Lord of the Sense: A Privacy Preserving Reputation System for Participatory Sensing Applications (PDF)

BibTex

@inproceedings{Michalas:14:Lord,
title      = {The lord of the sense: A privacy preserving reputation system for participatory sensing applications},
author     = {Michalas, Antonis and Komninos, Nikos},
booktitle      = {Computers and Communication (ISCC), 2014 IEEE Symposium},
pages     = {1--6},
year     = {2014}
organization     = {IEEE}

Publisher's link

The lord of the sense: A privacy preserving reputation system for participatory sensing applications

 

Nicolae Paladi and  Antonis Michalas. “One of Our Hosts in Another Country: Challenges of Data Geolocation in Cloud Storage”.
Proceedings of the 6th IEEE Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE),  May 11 - 14, 2014, Aalborg, Denmark. (Invited)

Abstract

Physical location of data in cloud storage is an increasingly urgent problem. In a short time, it has evolved from the concern of a few regulated businesses to an important consideration for many cloud storage users. One of the characteristics of cloud storage is fluid transfer of data both within and among the data centres of a cloud provider. However, this has weakened the guarantees with respect to control over data replicas, protection of data in transit and physical location of data. This paper addresses the lack of reliable solutions for data placement control in cloud storage systems. We analyse the currently available solutions and identify their shortcomings. Furthermore, we describe a high-level architecture for a trusted, geolocation-based mechanism for data placement control in distributed cloud storage systems, which are the basis of an on-going work to define the detailed protocol and a prototype of such a solution. This mechanism aims to provide granular control over the capabilities of tenants to access data placed on geographically dispersed storage units comprising the cloud storage.

Download

“One of Our Hosts in Another Country”: Challenges of Data Geolocation in Cloud Storage (PDF)

BibTeX

@INPROCEEDINGS{Michalas:14:One:of:Our:Hosts,
author     = "Paladi, N. and Michalas, A.",
booktitle
      = "Wireless Communications, Vehicular Technology, Information Theory and Aerospace Electronic Systems (VITAE), 2014 4th International Conference on",
title     = {{"One of our hosts in another country'': Challenges of data geolocation in cloud storage}},
year     = "2014",
month     = "May",
pages     = "1-6",

Publisher's link

“One of our hosts in another country”: Challenges of data geolocation in cloud storage


2012

Antonis Michalas and Menelaos Bakopoulos. “SecGOD - Google Docs: Now I Feel Safer!”. Proceedings of the 7th IEEE International Conference for Internet Technology and Secured Transactions (ICITST-2012), London, UK, 2012.

Abstract

This paper presents SecGOD. A tool that protects the privacy of documents created with online office suites. SecGOD is implemented as a Greasemonkey java-script making it deployable on all popular greesemonkey compatible browsers and utilizes symmetric key encryption. All operations run on the client side, with SecGOD operating invisibly as concerned by the cloud, with no changes needed to the code that is provided to the cloud server provider. Finally, the effectiveness of SecGOD is demonstrated by conducting extensive experiments measuring the processing time for the three versions of AES (128, 192, 256 bits).

Download

Google Docs: Now I Feel Safer! (PDF)

BibTeX

@INPROCEEDINGS{Michalas:12:SecGod,
author     = {A. Michalas and M. Bakopoulos},
booktitle     = {2012 International Conference for Internet Technology And Secured Transactions},
title     = {SecGOD Google Docs: Now I Feel Safer!},
year     = {2012},
pages     = {589-595},
keywords    = {Java; cloud computing; cryptography; data privacy; document handling; AES; SecGOD Google Docs; advance encryption standard; cloud computing; cloud server provider; document privacy protection; greasemonkey java-script; greesemonkey compatible browsers; online office suites; symmetric key encryption; Cloud computing; Encryption; Google; Protocols; Servers; Cloud Computing; Cloud Services; Privacy; Security; Software as a Service},     
month     = {Dec}, }

Publisher's link

SecGOD Google Docs: Now i feel safer!

 

Antonis Michalas, Menelaos Bakopoulos, Nikos Komninos and Neeli R. Prasad. “Secure & Trusted Communication in Emergency Situations”. Proceedings of the 35th IEEE Sarnoff Symposium, Newark, New Jersey, USA, 2012.

Abstract

In this paper we propose SETS, a protocol with main aim to provide secure and private communication during emergency situations. SETS achieves security of the exchanged information, attack resilience and user's privacy. In addition, SETS can be easily adapted for mobile devices, since field experimental results show the effectiveness of the protocol on actual smart-phone platforms.

Download

Secure and Trusted Communication in Emergency Situations (PDF)

BibTeX

@INPROCEEDINGS{Michalas:12:Emergency,
author     = {A. Michalas and M. Bakopoulos and N. Komninos and N. R. Prasad},
booktitle     = {Sarnoff Symposium (SARNOFF), 2012 35th IEEE},
title     = {Secure amp; trusted communication in emergency situations},
year     = {2012},
pages     = {1-5},
keywords    = {mobile radio; protocols; smart phones; telecommunication security; attack resilience; emergency situations; exchanged information; mobile devices; protocol; secure & trusted communication; user privacy; Encryption; Mobile handsets; Privacy; Protocols; Public key; Crisis Management; Emergency Handling; Privacy; Security; Trust},
doi     = {10.1109/SARNOF.2012.6222751},
month
      = {May},
}

Publisher's link

Secure & trusted communication in emergency situations

 

Tassos Dimitriou and  Antonis Michalas. “Multi-Party Trust Computation in Decentralised Environments”. Proceedings of the 5th IFIP International Conference on New Technologies, Mobility & Security (NTMS’12), Istanbul, Turkey, 2012.

Abstract

In this paper, we describe a decentralized privacy- preserving protocol for securely casting trust ratings in distributed reputation systems. Our protocol allows n participants to cast their votes in a way that preserves the privacy of individual values against both internal and external attacks. The protocol is coupled with an extensive theoretical analysis in which we formally prove that our protocol is resistant to collusion against as many as n-1 corrupted nodes in the semi-honest model. The behavior of our protocol is tested in a real P2P network by measuring its communication delay and processing overhead. The experimental results uncover the advantages of our protocol over previous works in the area; without sacrificing security, our decentralized protocol is shown to be almost one order of magnitude faster than the previous best protocol for providing anonymous feedback.

Download

Multi-Party Trust Computation in Decentralized Environments (PDF)

BibTeX

@INPROCEEDINGS{Michalas:12:StR,
author     = {T. Dimitriou and A. Michalas},
booktitle     = {2012 5th International Conference on New Technologies, Mobility and Security (NTMS)},
title     = {Multi-Party Trust Computation in Decentralized Environments},
year     = {2012},
pages     = {1-5},
keywords   = {computer network security; cryptographic protocols; data privacy; peer-to-peer computing; trusted computing; P2P network; communication delay; decentralized privacy-preserving protocol; distributed reputation systems; multiparty trust computation; processing overhead; semihonest model; trust ratings; Delay; Encryption; Peer to peer computing; Privacy; Protocols},
doi     = {10.1109/NTMS.2012.6208686},
ISSN     = {2157-4952},
month
      = {May},
}

Publisher's link

Multi-Party Trust Computation in Decentralized Environments