Abstract
The deployment of Share Data Spaces in open, possibly hostile, environments arises the need of protecting the confidentiality of the data space content. Existing approaches focus on access control mechanisms that protect the data space from untrusted agents. The basic assumption is that the hosts (and their administrators) where the data space is deployed have to be trusted. Encryption schemes can be used to protect the data space content from malicious hosts. However, these schemes do not allow searching on encrypted data. In this paper we present a novel encryption scheme that allows tuple matching on completely encrypted tuples. Since the data space does not need to decrypt tuples to perform the search, tuple confidentiality can be guaranteed even when the data space is deployed on malicious hosts (or an adversary gains access to the host). Our scheme does not require authorised agents to share keys for inserting and retrieving tuples. Each authorised agent can encrypt, decrypt, and search encrypted tuples without having to know other agents’ keys. This is beneficial inasmuch as it simplifies the task of key management. An implementation of an encrypted data space based on this scheme is described and some preliminary performance results are given.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bellare, M., Rogaway, P.: Optimal asymmetric encryption. In: EUROCRYPT, pp. 92–111 (1994)
Bettini, L., De Nicola, R.: A Java Middleware for Guaranteeing Privacy of Distributed Tuple Spaces. In: Guelfi, N., Astesiano, E., Reggio, G. (eds.) FIDJI 2002. LNCS, vol. 2604, pp. 175–184. Springer, Heidelberg (2003)
Blaze, M., Bleumer, G., Strauss, M.: Divertible protocols and atomic proxy cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998)
Elgamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31(4), 469–472 (1985)
Focardi, R., Lucchi, R., Zavattaro, G.: Secure shared data-space Coordination Languages: a Process Algebraic survey. Science of Computer Programming 63(1), 3–15 (2006)
Fujisaki, E., Okamoto, T., Pointcheval, D., Stern, J.: Rsa-oaep is secure under the rsa assumption. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 260–274. Springer, Heidelberg (2001)
Gelernter, D.: Generative Communication in Linda. ACM Trans. Prog. Lang. Syst. 7(1), 80–112 (1985)
Gelernter, D., Carriero, N.: Coordination Languages and their Significance. Commun. ACM 35(2), 96–107 (1992)
Goldreich, O.: Foundations of Cryptography. Basic Applications, vol. II. Cambridge University Press, Cambridge (2004)
Gorrieri, R., Lucchi, R., Zavattaro, G.: Supporting Secure Coordination in SecSpaces. In: Fundamenta Informaticae, IOS Press, Amsterdam (2005)
Handorean, R., Roman, G.C.: Secure Sharing of Tuple Space in Ad Hoc Settings. In: Focardi, R., Zavattaro, G. (eds.) Electronic Notes in Theoretical Computer Science, Elsevier, Amsterdam (2003)
Ivan, A.A., Dodis, Y.: Proxy cryptography revisited. In: NDSS, The Internet Society (2003)
Picco, G.P., Murphy, A.L., Roman, G.-C.: Lime: Linda Meets Mobility. In: Garlan, D., Kramer, J. (eds.) Proc. 21st Int’l Conf. on Software Engineering (ICSE 1999), Los Angeles (USA), pp. 368–377. ACM Press, New York (1999)
Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)
Russello, G.: Separation and Adaptation of Concerns in a Shared Data Space. Ph.D. Thesis, Department of Computer Science, Eindhoven University of Technology (June 2006)
Song, D.X., Wagner, D., Tian, X.: Timing Analysis of Keystrokes and Timing Attacks on SSH. In: Proc. of 10th USENIX Security Symposium (2001)
Udizir, N., Wood, A., Jacob, J.: “Coordination with Multicapabilities. In: Jacquet, J.-M., Picco, G.P. (eds.) COORDINATION 2005. LNCS, vol. 3454, pp. 79–93. Springer, Heidelberg (2005)
Vitek, J., Bryce, C., Oriol, M.: Coordinating Processes with Secure Spaces. In: Proc. of Conf. on Coordination Models and Languages, Science of Computer Programming, vol. 46, pp. 163–193 (2003)
Wood, A.: Coordination with attributes. In: Ciancarini, P., Wolf, A.L. (eds.) COORDINATION 1999. LNCS, vol. 1594, p. 21. Springer, Heidelberg (1999)
Yumerefendi, A.R., Chase, J.S.: Strong accountability for network storage. ACM Trans. on Storage 3(3) (October 2007)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Russello, G., Dong, C., Dulay, N., Chaudron, M., van Steen, M. (2008). Encrypted Shared Data Spaces. In: Lea, D., Zavattaro, G. (eds) Coordination Models and Languages. COORDINATION 2008. Lecture Notes in Computer Science, vol 5052. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-68265-3_17
Download citation
DOI: https://doi.org/10.1007/978-3-540-68265-3_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-68264-6
Online ISBN: 978-3-540-68265-3
eBook Packages: Computer ScienceComputer Science (R0)