Advertisement

Secured Communication for Business Process Outsourcing Using Optimized Arithmetic Cryptography Protocol Based on Virtual Parties

  • Rohit Pathak
  • Satyadhar Joshi
Part of the Communications in Computer and Information Science book series (CCIS, volume 40)

Abstract

Within a span of over a decade, India has become one of the most favored destinations across the world for Business Process Outsourcing (BPO) operations. India has rapidly achieved the status of being the most preferred destination for BPO for companies located in the US and Europe. Security and privacy are the two major issues needed to be addressed by the Indian software industry to have an increased and long-term outsourcing contract from the US. Another important issue is about sharing employee’s information to ensure that data and vital information of an outsourcing company is secured and protected. To ensure that the confidentiality of a client’s information is maintained, BPOs need to implement some data security measures. In this paper, we propose a new protocol for specifically for BPO Secure Multi-Party Computation (SMC). As there are many computations and surveys which involve confidential data from many parties or organizations and the concerned data is property of the organization, preservation and security of this data is of prime importance for such type of computations. Although the computation requires data from all the parties, but none of the associated parties would want to reveal their data to the other parties. We have proposed a new efficient and scalable protocol to perform computation on encrypted information. The information is encrypted in a manner that it does not affect the result of the computation. It uses modifier tokens which are distributed among virtual parties, and finally used in the computation. The computation function uses the acquired data and modifier tokens to compute right result from the encrypted data. Thus without revealing the data, right result can be computed and privacy of the parties is maintained. We have given a probabilistic security analysis of hacking the protocol and shown how zero hacking security can be achieved. Also we have analyzed the specific case of Indian BPO.

Keywords

Business Process Outsourcing (BPO) Secure Information Algorithm 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    A Report on Information Security and Data Privacy in the Indian BPO Industry. MphasiS, Wipro Spectramind, HSBC Electronic Data Processing India Pvt. Ltd., HCL Infosystems Ltd., Hifn, IBM, Infinity eSearch, International Association of Outsourcing Professionals (IAOP), National Association of Software and Service Companies (NASSCOM), Call Centre Association of India (CCAI) (2007), http://www.icmrindia.org/casestudies/catalogue/Business%20Reports/BREP035.htm
  2. 2.
    Security and privacy key issues in US-India BPO relations. The Financial Express (2004), http://www.financialexpress.com/news/security-and-privacy-key-issues-in-usindia-bpo-relations/120451/
  3. 3.
    Security: HR outsourcing deal-maker or deal-killer?. Human Resources Outsourcing Association, http://www.hrmreport.com/article/Issue-1/HR-BPO/Security-HR-outsourcing-deal-maker-or-deal-killer/
  4. 4.
    Security concerns hit BPO firms in India (May 2005), http://www.rediff.com/money/2005/may/25bpo.htm
  5. 5.
    Yao, A.C.: Protocols for secure computations. In: Proc. of 23rd Annual Symposium Foundations of Computer Science, pp. 160–164Google Scholar
  6. 6.
    Atallah, M., Bykova, M., Li, J., Frikken, K., Topkara, M.: Private collaborative forecasting and benchmarking. In: Proc. of the 2004 ACM workshop on Privacy in the Electronic Society (2004)Google Scholar
  7. 7.
    Atallah, M., Bykova, M., Li, J., Frikken, K., Topkara, M.: Private collaborative forecasting and benchmarking. In: Proc. of the 2004 ACM workshop on Privacy in the electronic society, pp. 103–114 (2004)Google Scholar
  8. 8.
    Du, W., Zhan, Z.: A practical approach to solve secure multi-party computation problems. In: Proc. of the New Security Paradigms Workshop (2002)Google Scholar
  9. 9.
    Pathak, R., Joshi, S.: Secure Multi-party Computation Using Virtual Parties for Computation on Encrypted Data. In: Proc. of The First International Workshop on Mobile & Wireless Networks (MoWiN 2009) in Conjunction with The Third International Conference on Information Security and Assurance (ISA 2009). LNCS. Springer, Heidelberg (2009)Google Scholar
  10. 10.
    Du, W., Atallah, M.J.: Privacy-preserving cooperative scientific computations. In: Proc. 14th IEEE Computer Security Foundations Workshop, June 2001, pp. 273–282 (2001)Google Scholar
  11. 11.
    Canetti, R., Feige, U., Goldreich, O., Naor, M.: Adaptively secure multi-party computation. In: Proc. The 28th annual ACM symposium on Theory of computingGoogle Scholar
  12. 12.
    Atallah, M.J.: Secure and Private Sequence Comparisons. In: Proc. The 2003 ACM workshop on Privacy in the electronic society (2003)Google Scholar
  13. 13.
    Atallah, M.J., Elmongui, H.G., Deshpande, V., Schwarz, L.B.: Secure supply-chain protocols. In: Proc. IEEE International Conference, E-Commerce (2003)Google Scholar
  14. 14.
    Maurer, U.: The role of cryptography in database security. In: Proc. The 2004 ACM SIGMOD international conference on Management of data (2004)Google Scholar
  15. 15.
    Agrawal, R., Srikant, R.: Privacy-Preserving Data Mining. In: Proc. The ACM SIGMOD Conference on Management of Data (2000)Google Scholar
  16. 16.
    Mishra, D.K., Chandwani, M.: Extended protocol for secure multi-party computation using ambiguous identity. WSEAS Transactions on Computer Research 2(2), 227–233 (2007)Google Scholar
  17. 17.
    Mishra, D.K., Chandwani, M.: Arithmetic cryptography protocol for secure multi-party computation. In: Proceeding of IEEE SoutheastCon 2007: The International Conference on Engineering – Linking future with past, Richmond, Virginia, USA, March 2007, pp. 22–24 (2007)Google Scholar
  18. 18.
    Mishra, D.K., Chandwani, M.: Anonymity enabled secure multi-party computation for Indian BPO. In: Proceeding of the IEEE Tencon 2007: International conference on Intelligent Information Communication Technologies for Better Human Life, Taipei, Taiwan, October-November 2007, pp. 52–56 (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Rohit Pathak
    • 1
  • Satyadhar Joshi
    • 2
  1. 1.Acropolis Institute of Technology & ResearchIndia
  2. 2.Shri Vaishnav Institute of Technology & ScienceIndoreIndia

Personalised recommendations