Biography:
Robert H. Deng has been a Professor at the School of Information Systems, Singapore Management University since 2004. Prior to this, he was Principal Scientist and Manager of Infocomm Security Department, Institute for Infocomm Research, Singapore. His research interests include data security and privacy, multimedia security, network and system security. He was Associate Editor of the IEEE Transactions on Information Forensics and Security from 2009 to 2012. He is currently Associate Editor of IEEE Transactions on Dependable and Secure Computing, and member of Editorial Board of the Journal of Computer Science and Technology (the Chinese Academy of Sciences) and the International Journal of Information Security (Springer), respectively. He is the chair of the Steering Committee of the ACM Symposium on Information, Computer and Communications Security (ASIACCS). He received the University Outstanding Researcher Award from the National University of Singapore in 1999 and the Lee Kuan Yew Fellow for Research Excellence from the Singapore Management University in 2006. He was named Community Service Star and Showcased Senior Information Security Professional by (ISC)^2 under its Asia-Pacific Information Security Leadership Achievements program in 2010.
Title:
Achieving Data Security & Privacy in Untrusted Servers
Abstract: Traditionally, access controls to data are enforced by employing trusted servers to store data and mediate access control. However, services are increasingly storing data across many servers shared with other data owners. An example of this is cloud computing which has the great potential of providing various services to the society at significantly reduced cost due to aggregated management of elastic resources. Since software systems are not guaranteed to be bug-free and hardware platforms are not under direct control of data owners in such distributed systems, security risks are abundant. To mitigate users’ security and privacy concerns about their data, a common solution is to outsource data in encrypted form so that it will remain private even if data servers are not trusted or compromised. The encrypted data, however, must be amenable to sharing and access control. In this talk, I will discuss various security issues related to outsourced data storage and provide an overview of emerging solutions for realizing secure access to encrypted data in untrusted servers.