Secure online services for private user data

保护私人用户数据的安全在线服务

• 批准号: RGPIN-2014-04180
• 负责人: Clark, Jeremy
• 金额: $ 1.82万
• 依托单位: Concordia University
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2020
• 资助国家: 加拿大
• 起止时间: 2020-01-01 至 2021-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=708135
• 关键词: Secure; online; services; private; user

When users are required to, or opt to, disclose private/sensitive data to an organization or government entity for processing, a balance must be struck between security and convenience. Online submission is often the most convenient but it also carries substantial risks. This research program proposes the development and deployment of innovative cryptographic protocols for providing secure online election systems and secure online genetic testing. Any security-critical online service must at least provide users with a process for determining they are connected to the intended party (server authentication) and then provide a confidential communication channel. These properties are intended when a user visits a website beginning with https:// (and the browser displays a lock), however, the trust assumptions and infrastructure this protocol (called SSL/TLS) relies on have been recently questioned. The research program will proceed in three thrusts: one toward improving the SSL/TLS infrastructure, one toward advancing beyond basic SSL/TLS protection for the specific application of online voting, and one that does the same for online genetic tests. When users visit a website over https://, the site provides a certificate of their identity, endorsed by a business or organization called a Certificate Authority (CA). Any CA can issue a certificate for any site. The number of CAs has proliferated, the baseline criteria for validation has declined, and high profile breeches of CAs have been publicly disclosed. This research program will design, implement, and test alternative mechanisms for certification. Online voting has been used municipally across Canada, is to be piloted federally by Elections Canada, and is being deliberated on by some provinces. Unlike online banking, where an incorrect, mistaken, or fraudulent transaction can be seen by the user, ballot secrecy mandates that individual votes cannot be displayed (which would enable vote selling). This research program will design, implement and test novel end-to-end verifiable (E2E) voting systems that provide a provably correct tally while maintaining the secrecy of each voter's ballot, even if the voter is complicit in demonstrating how they voted or uses a malware-infected personal computer to cast their ballot. The decreasing cost of whole genome sequencing has the potential to revolutionize healthcare, allowing genetic tests and personalized medicine. However, your genome is private information. Once it is disclosed or leaked, the privacy can never be recovered. This research program will design, implement and test novel cryptographic protocols for allowing these tests to be performed on an encrypted genome, while offering proof that the test was performed correctly (even if some aspects of the test remain confidential). The results of this research program should be informative and useful to government election agencies, privacy commissioners, standards institutes, internet working groups, other cryptography, security and privacy researchers, and to the elections and healthcare industry. It will further equip a set of security professionals with the skills required to work or consult in any of these areas, and to apply their knowledge and experience to novel domains.

当用户被要求或选择向组织或政府实体披露私人/敏感数据以供处理时，必须在安全性和便利性之间取得平衡。在线提交往往是最方便的，但它也带有很大的风险。这项研究计划建议开发和部署创新的密码协议，以提供安全的在线选举系统和安全的在线基因测试。任何安全关键型在线服务都必须至少为用户提供确定他们是否连接到目标方的流程(服务器身份验证)，然后提供保密的通信通道。这些属性适用于用户访问以https：//开头的网站(并且浏览器显示一个锁)，但是，此协议(称为SSL/TLS)所依赖的信任假设和基础结构最近受到了质疑。 该研究计划将分三个阶段进行：一个是改善SSL/TLS基础设施，一个是超越针对在线投票特定应用的基本SSL/TLS保护，还有一个是为在线基因测试做同样的事情。 当用户通过https://，访问网站时，该网站提供他们的身份证书，该证书由称为证书颁发机构(CA)的企业或组织认可。任何CA都可以为任何站点颁发证书。CA的数量激增，验证的基线标准下降，CA的高调马裤已公开披露。这项研究计划将设计、实施和测试认证的替代机制。 在线投票已经在加拿大各地的市政当局使用，加拿大选举公司将在联邦范围内进行试点，一些省份正在考虑这一做法。与网上银行不同，在网上银行，用户可能会看到不正确、错误或欺诈性的交易，而投票保密规定不能显示个人选票(这将允许出售选票)。这项研究计划将设计、实施和测试新颖的端到端可验证(E2E)投票系统，该系统在提供可证明正确的计票结果的同时，保持每个选民的选票的保密性，即使选民是同谋展示他们如何投票或使用感染恶意软件的个人计算机投票。 全基因组测序成本的下降有可能给医疗保健带来革命性的变化，使基因测试和个性化医疗成为可能。然而，你的基因组是私人信息。一旦被披露或泄露，隐私将永远无法恢复。这项研究计划将设计、实施和测试新的密码协议，允许在加密的基因组上进行这些测试，同时提供测试正确执行的证据(即使测试的某些方面是保密的)。 这一研究项目的结果应该对政府选举机构、隐私专员、标准研究所、互联网工作组、其他密码学、安全和隐私研究人员以及选举和医疗保健行业具有参考价值。它将进一步使一批安全专业人员具备在任何这些领域工作或咨询所需的技能，并将他们的知识和经验应用于新的领域。