CICI: RSARC: Trustworthy Computing over Protected Datasets

CICI:RSARC:受保护数据集的可信计算

基本信息

  • 批准号:
    1739000
  • 负责人:
  • 金额:
    $ 99.5万
  • 依托单位:
  • 依托单位国家:
    美国
  • 项目类别:
    Standard Grant
  • 财政年份:
    2017
  • 资助国家:
    美国
  • 起止时间:
    2017-09-01 至 2020-08-31
  • 项目状态:
    已结题

项目摘要

Scientists are often stymied in their research due to the inaccessibility of relevant data. Additionally, many data owners silo data away from powerful, economical cloud computing resources due to privacy and confidentiality concerns. This project enables data scientists to compute statistics over protected datasets while simultaneously empowering the owners of the underlying datasets to maintain control over how their data is used in computations and viewed by other people. The work also brings a cryptographically secure computing engine to one of the largest collections of small to medium sized research data in the world, running on a federated datacenter operated by multiple non-trusting vendors. In doing so, this project enhances the flow of information sharing to promote transparency and accountability for data sharing and processing decisions while simultaneously reducing tenants' need to trust the cloud's behavior thanks to cryptographic protections that promote confidentiality and integrity. The project enables scientific research computing on workflows involving collaborative experiments or replication and extension of existing results when the underlying data are encumbered by privacy concerns.To accomplish this goal and enhance the economic potential of the cloud, the researchers and engineers on this project integrate and enhance three technologies they have previously developed. First, the Dataverse data management infrastructure houses, curates, and indexes social, physical, and life science data. Second, the Massachusetts Open Cloud (MOC) is a computing environment designed from the ground up to promote user control and flexibility over trust decisions. Third, Conclave compiles legacy code into a cryptographically secure multi-party computation program that can be executed on top of existing data processing frameworks like Hadoop and Spark. This project develops and open-sources the necessary cyberinfrastructure to integrate these technologies and provide a combined "secure computing element" into which data and analytics may be inserted and their resulting answers fed back. This secure computing element incorporates several designs: (i) policy-agnostic programming to ensure that legacy code may be accepted, (ii) the MOC's isolation mechanism to ensure that data owners may choose exactly which environment to entrust with their data, (iii) Conclave to hide the source data from everyone other the intended recipient (even the cloud itself), a policy engine to ensure that the data owner consents to the requested analytic, (iv) Dataverse's data classification engine to manage access control over source and derived data, and (v) a new auditing and billing mechanism to promote transparency, punish those who exceed their privileges, and provide a sustainable economic model for growth.
由于无法获得相关数据,科学家的研究经常受到阻碍。此外,由于隐私和机密性方面的考虑,许多数据所有者将数据与强大、经济的云计算资源隔离开来。该项目使数据科学家能够计算受保护数据集的统计数据,同时使底层数据集的所有者能够保持对其数据在计算中的使用和其他人查看方式的控制。这项工作还为世界上最大的中小型研究数据集合之一带来了一个加密安全的计算引擎,运行在由多个不信任供应商运营的联合数据中心上。通过这样做,该项目增强了信息共享的流动,以提高数据共享和处理决策的透明度和问责制,同时减少租户对信任云行为的需求,这要归功于促进机密性和完整性的加密保护。该项目支持在涉及协作实验的工作流上进行科研计算,或者当底层数据因隐私问题而受到阻碍时复制和扩展现有结果。为了实现这一目标并增强云的经济潜力,该项目的研究人员和工程师集成并增强了他们之前开发的三项技术。首先,Dataverse数据管理基础设施存储、管理和索引社会、物理和生命科学数据。其次,马萨诸塞州开放云(MOC)是一种全新设计的计算环境,旨在促进用户控制和灵活性高于信任决策。第三,Conclave将遗留代码编译成加密安全的多方计算程序,可以在Hadoop和Spark等现有数据处理框架上执行。该项目开发并开放必要的网络基础设施,以整合这些技术,并提供一个组合的“安全计算元素”,其中可以插入数据和分析,并反馈其结果。该安全计算元件结合了几种设计:(I)与策略无关的编程,以确保遗留代码可以被接受;(Ii)MOC的隔离机制,以确保数据所有者可以准确地选择将其数据委托给哪个环境;(Iii)秘密会议,以向除预期接收者(甚至云本身)之外的所有人隐藏源数据;策略引擎,以确保数据所有者同意所请求的分析;(Iv)Datverse的数据分类引擎,以管理源和派生数据的访问控制;以及(V)新的审计和计费机制,以提高透明度,惩罚那些超越其特权的人,并为增长提供可持续的经济模式。

项目成果

期刊论文数量(11)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
Brief Announcement: Federated Code Auditing and Delivery for MPC
简短公告:MPC 的联合代码审计和交付
  • DOI:
    10.1007/978-3-319-69084-1_20
  • 发表时间:
    2017
  • 期刊:
  • 影响因子:
    0
  • 作者:
    Jansen, Frederick;Dak Albab, Kinan;Lapets, Andrei;Varia, Mayank
  • 通讯作者:
    Varia, Mayank
Hecate: Abuse Reporting in Secure Messengers with Sealed Sender
Hecate:使用密封发件人的安全信使中的滥用报告
  • DOI:
  • 发表时间:
    2022
  • 期刊:
  • 影响因子:
    0
  • 作者:
    Issa, Rawane;Alhaddad, Nicolas;Varia, Mayank
  • 通讯作者:
    Varia, Mayank
From Usability to Secure Computing and Back Again
从可用性到安全计算并再回来
  • DOI:
  • 发表时间:
    2019
  • 期刊:
  • 影响因子:
    0
  • 作者:
    Qin, Lucy;Lapets, Andrei;Jansen, Frederick;Flockhart, Peter;Bab, Kinan;Globus-Harris, Ira;Roberts, Shannon;Varia, Mayank
  • 通讯作者:
    Varia, Mayank
Arithmetic and Boolean Secret Sharing MPC on FPGAs in the Data Center
数据中心 FPGA 上的算术和布尔秘密共享 MPC
Secret Sharing MPC on FPGAs in the Datacenter
数据中心 FPGA 上的秘密共享 MPC
{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ monograph.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ sciAawards.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ conferencePapers.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ patent.updateTime }}

Mayank Varia其他文献

A Universally Composable Treatment of Network Time
网络时间的通用可组合处理
QueryShield: Cryptographically Secure Analytics in the Cloud
QueryShield:云端加密安全分析
  • DOI:
  • 发表时间:
    2024
  • 期刊:
  • 影响因子:
    0
  • 作者:
    Ethan Seow;Yan Tong;Eli Baum;Sam Buxbaum;Muhammad Faisal;J. Liagouris;Vasiliki Kalavri;Mayank Varia
  • 通讯作者:
    Mayank Varia
Secure Account Recovery for a Privacy-Preserving Web Service
保护隐私的 Web 服务的安全帐户恢复
  • DOI:
  • 发表时间:
  • 期刊:
  • 影响因子:
    0
  • 作者:
    Ryan Little;Mayank Varia
  • 通讯作者:
    Mayank Varia
Cryptography for Big Data Security . . . . . . . . . . . . . . . . . . . . . . . . and Arkady Yerukhimovich
大数据安全密码学。
  • DOI:
    10.1201/b19694-16
  • 发表时间:
    2016
  • 期刊:
  • 影响因子:
    0
  • 作者:
    Ariel Hamlin;N. Schear;Emily Shen;Mayank Varia;Sophia Yakoubov
  • 通讯作者:
    Sophia Yakoubov
Revealing the Unseen: How to Expose Cloud Usage While Protecting User Privacy
揭示未见之事:如何在保护用户隐私的同时公开云使用情况

Mayank Varia的其他文献

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

{{ truncateString('Mayank Varia', 18)}}的其他基金

NSF Student Travel Grant for 2020 IEEE Computer Security Foundations Symposium (IEEE CSF), Boston, MA
NSF 学生旅费资助 2020 年 IEEE 计算机安全基金会研讨会 (IEEE CSF),马萨诸塞州波士顿
  • 批准号:
    1955579
  • 财政年份:
    2020
  • 资助金额:
    $ 99.5万
  • 项目类别:
    Standard Grant
EAGER: SaTC: Early-Stage Interdisciplinary Collaboration: Multi-regulation computation
EAGER:SaTC:早期跨学科合作:多规则计算
  • 批准号:
    1915763
  • 财政年份:
    2019
  • 资助金额:
    $ 99.5万
  • 项目类别:
    Standard Grant
InTrans: Modular Security on an Open Cloud
InTrans:开放云上的模块化安全性
  • 批准号:
    1931714
  • 财政年份:
    2019
  • 资助金额:
    $ 99.5万
  • 项目类别:
    Standard Grant

相似海外基金

CICI: RSARC: Secure Time for Cyberinfrastructure Security
CICI:RSARC:网络基础设施安全的安全时间
  • 批准号:
    1738902
  • 财政年份:
    2017
  • 资助金额:
    $ 99.5万
  • 项目类别:
    Standard Grant
CICI: RSARC: SECTOR: Building a Secure and Compliant Cyberinfrastructure for Translational Research
CICI:RSARC:部门:为转化研究构建安全且合规的网络基础设施
  • 批准号:
    1738965
  • 财政年份:
    2017
  • 资助金额:
    $ 99.5万
  • 项目类别:
    Standard Grant
CICI: RSARC: DICE - Data Insurance in the Cluster Environment
CICI:RSARC:DICE - 集群环境中的数据保险
  • 批准号:
    1738912
  • 财政年份:
    2017
  • 资助金额:
    $ 99.5万
  • 项目类别:
    Standard Grant
CICI: RSARC: Infrastructure Support for Securing Large-Scale Scientific Workflows
CICI:RSARC:确保大规模科学工作流程安全的基础设施支持
  • 批准号:
    1738929
  • 财政年份:
    2017
  • 资助金额:
    $ 99.5万
  • 项目类别:
    Standard Grant
CICI: RSARC: DDoS Defense In Depth for DNS
CICI:RSARC:DNS 深度 DDoS 防御
  • 批准号:
    1739034
  • 财政年份:
    2017
  • 资助金额:
    $ 99.5万
  • 项目类别:
    Standard Grant
{{ showInfoDetail.title }}

作者:{{ showInfoDetail.author }}

知道了