Have a Question?
Ask the Graduate
College at our new
Doctoral Dissertation Announcement
Candidate: Lotfi Ben Othmane
Doctor of Philosophy
Department: Computer Science
Title: Active Bundles for Protecting Confidentiality of Sensitive Data throughout Their Lifecycle
Dr. Leszek Lilien, Chair
Dr. Ala Al-Fuqaha
Dr. Ajay Gupta
Dr. Zijang Yang
Dr. Bharat Bhargava
Date: Tuesday, October 12, 2010 2:30 p.m. to 4:30 p.m.
College of Engineering and Applied Sciences, Room B211
Protecting confidentialityof shared sensitive data requires satisfying conflicting needs of disseminating data and preventing unauthorized data disclosures. We propose a solution named the active bundles scheme for protecting sensitive data from their disclosures to unauthorized parties during their dissemination. The scheme protects data throughout their entire lifecycle, from data creation through their dissemination to their evaporation or apoptosis (a partial or complete self-destruction, respectively).
An active bundle packages together sensitive data, metadata, and a virtual machine (VM) specific to the bundle. Metadata contain information related to the use of data, including data access control and dissemination policies. VM controls all activities of its active bundle, and enforcing the policies specified by metadata. Implementing VMs in effective and efficient ways is the key issue for the scheme.
There are seven main contributions of this Thesis. First, we propose the active bundles scheme. Second, we identify and investigate four different VM implementations: (i) using trusted third parties (TTPs), (ii) utilizing mobile agents and their frameworks, (iii) using autonomous applications based on secure computing, and (iv) using autonomous applications based on obfuscated control flow graphs. Third, we show that there are no available solutions for protecting confidentiality of code and data carried by mobile agents providing output to visited hosts. Fourth, we build a TTP-based prototype of the active bundle scheme, which demonstrates practicality of the scheme. Fifth, we prove that there is no universal privacy-homomorphic decryption function, and there exists no universal secure autonomous sequential VM for an encrypted decryption function. Sixth, we pioneer use of secure computing for program obfuscation. Seventh, we present a sample application of active bundles for identity management in cloud computing.
We believe that these contributions justify our thesis: Data can protect themselves from unauthorized accesses by malicious hosts. This is possible due to two salient features of the active bundle scheme: making data inseparable from associated metadata and VMs, and making data active, that is able to protect themselves from unauthorized disclosures.