Mobile Data Security Management: Design Principles and Implementation
Date Issued
2014
Date
2014
Author(s)
Tung, Tsai-Yeh
Abstract
In this dissertation, we define and investigate the novel data presence problem as data aggregation, data spreading, and data long-term existence problems. To address the data presence problem, we propose three salient features including user-controllability, client-side encryption, and ephemerality as design principles. And to realize these three design principles, we propose Synchronous and Asynchronous Pandora Messaging protocols for designing and building a mobile data security management system. The Asynchronous Pandora Messaging is a forward secure asynchronous messaging integrated with a per-message rekeying mechanism. The ephemeral decryption key of the message is securely deleted when the expiration condition of the message is satisfied. As a result, it is in principle impossible to decrypt the encrypted message efficiently without possessing the ephemeral decryption key. In other words, the message is regarded as self-destructible. Making a message self-destructible is particularly important for those who want to protect sensitive data in case of data compromise. By setting up expiration constraints for ephemeral decryption key or decryption policy for secret message transmission, we make messages inaccessible to anyone when the constraint is satisfied, or make messages unreadable even when intercepted by a third party who has no means to fulfill the decryption policy. In doing so, we provide a second-layer protection of sensitive data during message transmission. We have implemented two messaging application prototypes on Android, and have evaluated their performances to prove our Pandora Messaging protocols are practical and feasible.
Subjects
行動資料安全管理
即時訊息
隱私與安全
密碼學
使用者端加密
臨時金鑰
自我銷毀資料
Type
thesis
File(s)![Thumbnail Image]()
Loading...
Name
ntu-103-D96922028-1.pdf
Size
23.32 KB
Format
Adobe PDF
Checksum
(MD5):1e1d91785f1fa87d70fbad04dc22d218