Ensuring confidentiality of sensitive data is of paramount importance,since data leakage may not only endanger data owners’privacy,but also ruin reputation of businesses as well as violate various regulations like HI...Ensuring confidentiality of sensitive data is of paramount importance,since data leakage may not only endanger data owners’privacy,but also ruin reputation of businesses as well as violate various regulations like HIPPA and Sarbanes-Oxley Act.To provide confidentiality guarantee,the data should be protected when they are preserved in the personal computing devices(i.e.,confidentiality during their lifetime);and also,they should be rendered irrecoverable after they are removed from the devices(i.e.,confidentiality after their lifetime).Encryption and secure deletion are used to ensure data confidentiality during and after their lifetime,respectively.This work aims to perform a thorough literature review on the techniques being used to protect confidentiality of the data in personal computing devices,including both encryption and secure deletion.Especially for encryption,we mainly focus on the novel plausibly deniable encryption(PDE),which can ensure data confidentiality against both a coercive(i.e.,the attacker can coerce the data owner for the decryption key)and a non-coercive attacker.展开更多
With the popularity of smartphones and the rapid development of mobile internet, smartphone becomes an important tool that store sensitive data of owner. Encryption naturally becomes a necessary means of protection. I...With the popularity of smartphones and the rapid development of mobile internet, smartphone becomes an important tool that store sensitive data of owner. Encryption naturally becomes a necessary means of protection. In certain situations, this is inadequate, as user may be coerced to hand over decryption keys or passwords of sensitive APP(Ali Pay) on mobile device. Therefore, only encryption cannot protect sensitive APP and privacy data stored on user's smartphone. To address these obstacles, we design a protection system called Mobi Gemini. It enables automatic uninstalling service that can immediately uninstall multiple APP at same time, and also enabling plausibly deniable encryption(PDE) on mobile devices by hiding encrypted volume within random data in free space of cache partition. We improve the key store way of previous PDE schemes on mobile device. The evaluation results show that the scheme introduces a few overhead compared with original android system enabling full disk encryption.展开更多
基金partially supported by the National Key Research&Development Program of China(Grant No.2017YFC0822704)National Natural Science Foundation of China(No.61602476,No.61772518 and No.61602475).
文摘Ensuring confidentiality of sensitive data is of paramount importance,since data leakage may not only endanger data owners’privacy,but also ruin reputation of businesses as well as violate various regulations like HIPPA and Sarbanes-Oxley Act.To provide confidentiality guarantee,the data should be protected when they are preserved in the personal computing devices(i.e.,confidentiality during their lifetime);and also,they should be rendered irrecoverable after they are removed from the devices(i.e.,confidentiality after their lifetime).Encryption and secure deletion are used to ensure data confidentiality during and after their lifetime,respectively.This work aims to perform a thorough literature review on the techniques being used to protect confidentiality of the data in personal computing devices,including both encryption and secure deletion.Especially for encryption,we mainly focus on the novel plausibly deniable encryption(PDE),which can ensure data confidentiality against both a coercive(i.e.,the attacker can coerce the data owner for the decryption key)and a non-coercive attacker.
基金supported in part by Natural Science Foundation of China under (Grant No. U1536112) National Key Technology Research and Development Program of China (Grant No. 2012BAH94F02)+1 种基金National High-tech R&D Program of China (863 Program) under Grant No. 2013AA102301 Project of New Generation Broad band Wireless Network under Grant No. 2014ZX03006003
文摘With the popularity of smartphones and the rapid development of mobile internet, smartphone becomes an important tool that store sensitive data of owner. Encryption naturally becomes a necessary means of protection. In certain situations, this is inadequate, as user may be coerced to hand over decryption keys or passwords of sensitive APP(Ali Pay) on mobile device. Therefore, only encryption cannot protect sensitive APP and privacy data stored on user's smartphone. To address these obstacles, we design a protection system called Mobi Gemini. It enables automatic uninstalling service that can immediately uninstall multiple APP at same time, and also enabling plausibly deniable encryption(PDE) on mobile devices by hiding encrypted volume within random data in free space of cache partition. We improve the key store way of previous PDE schemes on mobile device. The evaluation results show that the scheme introduces a few overhead compared with original android system enabling full disk encryption.
