CSE Colloquium: Nikos Triandopoulos

Title

How to secure your outsourced data and computations without harming utility

Abstract

Massive amounts of information are generated, managed or exchanged today over untrusted Internet-based platforms that are prone to attacks. Such information is often of great importance to organizations or individuals, hence providing integrity protections in this setting is vital. In particular, in the face of malicious data loss or corruption, ensuring that outsourced data (in transit or at rest) remains intact and that outsourced computations return correct results, are essential operations for fully trustworthy network, storage and cloud services.

In this talk, I will demonstrate how to harden outsourced data or computations in ways that allow for reliable integrity checks without diminishing the gains of outsourcing. I will present two new integrity-protection techniques that provide provable security and practical efficiency. As I will show, they advance the state of the art to successfully meet new desired performance goals that conflict, in existing works, with high generality or security levels. This is achieved through a “best-of-both-worlds” systematic approach that aims for new trade-offs that are closer to optimal than those currently known. Specifically, I will focus on two real-world applications that require integrity guarantees. First, for a database-as-a-service model (e.g., via Azure SQL) where an entity outsources its database to a server, I will describe a new framework for efficient verifiable computation that allows a client to verify the results of a query (e.g., of SQL type) without adding significant delays that affect usability. This solution exploits the benefits of secure and “proof-based” composition of (new or existing) query-verification schemes. Second, for a cloud-based or networked storage model where files are managed by a storage provider (e.g., Dropbox) or exchanged via a file-transfer protocol (e.g., a TFTP application), I will describe a new method for reliable data management that allows a user to verify the availability or correct receipt of a file without any noticeable delay. This solution is based on Falcon codes, a new general-purpose secure coding scheme that features resilience to adversarial corruptions and fast data processing. I will finally conclude by discussing open problems related to the presented techniques as well as new research directions that relate to all aspects of information security and could also benefit by solutions that have to offer the best of both worlds: security and efficiency.

Bio:

Dr. Nikos Triandopoulos is an Adjunct Assistant Professor in Computer Science at Boston University.  His research interests broadly span security, privacy and cryptography, including cloud, network and enterprise security, with a focus on trustworthy computing, secure data management and applied cryptography. From 2010 to 2016, he was a Principal Research Scientist at RSA Labs in EMC’s Security Division, where he carried out research to discover and transfer to practice new innovative technologies related to strong authentication, identity management and security analytics. Prior to RSA Labs, he held postdoc and research faculty positions at Dartmouth College, Aarhus University, Boston University and Brown University. He has co-authored more than 30 journal or peer-review conference papers, and he has been awarded several US Patents and NSF research grants. He obtained his PhD in Computer Science from Brown University, and his diploma in Computer Engineering & Informatics from University of Patras.