Data Deletion and Forgetting | Science of Security Virtual Organization

Data Deletion and Forgetting

A recent court decision has focused attention on the problem of “forgetting,” that is, eliminating links and references used on the Internet to focus on a specific topic or reference. “Forgetting,” essentially a problem in data deletion, has many implications for security and for data structures. Interestingly, the reviewers found relatively few scholarly articles addressing the problem, either from a technical or a governance viewpoint. Articles published in the first six months of 2014 are cited here.

D'Orazio, C.; Ariffin, A.; Choo, K.-K.R., "iOS Anti-forensics: How Can We Securely Conceal, Delete and Insert Data?," System Sciences (HICSS), 2014 47th Hawaii International Conference on , vol., no., pp.4838,4847, 6-9 Jan. 2014. (ID#:14-1553) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6759196&isnumber=6758592 With increasing popularity of smart mobile devices such as iOS devices, security and privacy concerns have emerged as a salient area of inquiry. A relatively under-studied area is anti-mobile forensics to prevent or inhibit forensic investigations. In this paper, we propose a "Concealment" technique to enhance the security of non-protected (Class D) data that is at rest on iOS devices, as well as a "Deletion" technique to reinforce data deletion from iOS devices. We also demonstrate how our "Insertion" technique can be used to insert data into iOS devices surreptitiously that would be hard to pick up in a forensic investigation. Keywords: data privacy; digital forensics; iOS (operating system);mobile computing; mobile handsets; antimobile forensics; concealment technique; data deletion; deletion technique; forensic investigations; iOS antiforensics; iOS devices; insertion technique; nonprotected data security; privacy concerns; security concerns ;smart mobile devices; Cryptography; File systems; Forensics; Mobile handsets; Random access memory; Videos; iOS anti-forensics; iOS forensics; mobile anti-forensics; mobile forensics

Khanduja, V.; Chakraverty, S.; Verma, O.P.; Tandon, R.; Goel, S., "A Robust Multiple Watermarking Technique For Information Recovery," Advance Computing Conference (IACC), 2014 IEEE International , vol., no., pp.250,255, 21-22 Feb. 2014. (ID#:14-1554) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6779329&isnumber=6779283 Digital databases serve as the vehicles for compiling, disseminating and utilizing all forms of information that are pivotal for societal development. A major challenge that needs to be tackled is to recover crucial information that may be lost due to malicious attacks on database integrity. In the domain of digital watermarking, past research has focused on robust watermarking for establishing database ownership and fragile watermarking for tamper detection. In this paper, we propose a new technique for multiple watermarking of relational databases that provides a unified solution to two major security concerns; ownership identification and information recovery. In order to resolve ownership conflicts a secure watermark is embedded using a secret key known only to the database owner. Another watermark encapsulates granular information on user-specified crucial attributes in a manner such that the perturbed or lost data can be regenerated conveniently later. Theoretical analysis shows that the probability of successful regeneration of tampered/lost data improves dramatically as we increase the number of candidate attributes for embedding the watermark. We experimentally verify that the proposed technique is robust enough to extract the watermark accurately even after 100% tuple addition or alteration and after 98% tuple deletion. Keywords: feature extraction; granular computing; image watermarking ;relational databases; security of data; visual databases; database integrity; database ownership; digital databases; digital watermarking; fragile watermarking; granular information; Information recovery; malicious attacks; relational databases; robust multiple watermarking technique; societal development; tamper detection; tuple deletion; watermark extraction; Clustering algorithms; Conferences; Relational databases; Robustness; Watermarking; Data Recovery; Digital Watermarking; Right Protection; Robustness; Tamper Detection

Raluca Ada Popa, Emily Stark, Jonas Helfer, Steven Valdez, Nickolai Zeldovich, M. Frans Kaashoek, Hari Balakrishnan, “Building Web Applications On Top Of Encrypted Data Using Mylar,” NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation, April 2014, (Pages 157-172). (ID#:14-1555) Available at: https://www.usenix.org/system/files/conference/nsdi14/nsdi14-paper-popa.pdf?CFID=474579018&CFTOKEN=48044888 This paper discusses the potential security threats in storing private information on web application servers, as they may be accessed by those who gain entry to the server. The authors present the concept of Mylar, a web application-building platform that encrypts sensitive data stored on servers. Mylar is designed to fully protect private data against attackers, even in the event of complete malicious access to servers. With encrypted data stored on servers, Mylar decrypts the data solely in user browsers. The server will keyword search encrypted files, even if the files contain different key encryptions.

Michael Beiter, Marco Casassa Mont, Liqun Chen, Siani Pearson, “End-to-end Policy Based Encryption Techniques For Multi-Party Data Management,” Computer Standards & Interfaces, Volume 36 Issue 4, June, 2014, (Pages 689-703). (ID#:14-1556) Available at: http://dl.acm.org/citation.cfm?id=2588915.2589305&coll=DL&dl=GUIDE&CFID=474579018&CFTOKEN=48044888 This publication centers on privacy and accountability concerns in cloud computing applications. The authors in this paper propose a solution that utilizes machine readable policies to define usage as data communicates between numerous parties. Independent third parties help adhere service providers to limited data access as defined by aforementioned policies, as well as to confirm policy compliance before dispensing requested decryption keys.

Bin Luo, Jingbo Xia, “A Novel Intrusion Detection System Based On Feature Generation With Visualization Strategy,” Expert Systems with Applications: An International Journal, Volume 41 Issue 9, July, 2014, (Pages 4139-4147). (ID#:14-1557) Available at: http://dl.acm.org/citation.cfm?id=2588899.2588995&coll=DL&dl=GUIDE&CFID=474579018&CFTOKEN=48044888 The authors of this publication present FASVFG, a four-angle-star based visualized feature generation approach. The goal of FASVFG is to assess the difference in sample distances, in a 5-class classification case. Numerical features are developed and applied to KDDcup99 network visit data, based on the four angle star image. Keywords: Feature generation, Intrusion detection system, Visualization

Note:
Articles listed on these pages have been found on open internet pages and are cited with links to those pages. Copyright owners may request the removal of the links to their work or request amendments to the descriptions of their work posted here. Generally, these descriptions are written using the authors’ abstracts, but are amended to fit the space available.  

Contact: SoS.SurveyProject at gmail.com to remove or amend.