{"title":"IRRES:入侵弹性远程邮件存储","authors":"Di Ma, G. Tsudik","doi":"10.1109/ICDCSW.2010.38","DOIUrl":null,"url":null,"abstract":"Both individuals and corporations increasingly rely on email to exchange important and, often sensitive, information. With the advent of ubiquitous computing and miniaturization of end-devices, many users leave email on remote servers, thus facilitating anywhere/anytime access from any networked device. Since private and sensitive information is often contained in email, it is very important to prevent its unauthorized disclosure. In this paper, we consider the problem of repeated intrusions of third-party email servers. Specifically, we design IRRES: Intrusion-Resilient Remote Email Storage system that prevents email leakage despite the presence of a powerful mobile adversary. IRRES eliminates sender compliance requirements by shifting encryption from email sender to email server. Incoming email messages are encrypted by the server with one-time keys obtained from an intrusion-resilient cooperative randomness generation process. Thus, even if the server is compromised twice, all email encrypted in the interim remains secure.","PeriodicalId":133907,"journal":{"name":"2010 IEEE 30th International Conference on Distributed Computing Systems Workshops","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"IRRES: Intrusion-Resilient Remote Email Storage\",\"authors\":\"Di Ma, G. Tsudik\",\"doi\":\"10.1109/ICDCSW.2010.38\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Both individuals and corporations increasingly rely on email to exchange important and, often sensitive, information. With the advent of ubiquitous computing and miniaturization of end-devices, many users leave email on remote servers, thus facilitating anywhere/anytime access from any networked device. Since private and sensitive information is often contained in email, it is very important to prevent its unauthorized disclosure. In this paper, we consider the problem of repeated intrusions of third-party email servers. Specifically, we design IRRES: Intrusion-Resilient Remote Email Storage system that prevents email leakage despite the presence of a powerful mobile adversary. IRRES eliminates sender compliance requirements by shifting encryption from email sender to email server. Incoming email messages are encrypted by the server with one-time keys obtained from an intrusion-resilient cooperative randomness generation process. Thus, even if the server is compromised twice, all email encrypted in the interim remains secure.\",\"PeriodicalId\":133907,\"journal\":{\"name\":\"2010 IEEE 30th International Conference on Distributed Computing Systems Workshops\",\"volume\":\"5 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-06-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 IEEE 30th International Conference on Distributed Computing Systems Workshops\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICDCSW.2010.38\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 IEEE 30th International Conference on Distributed Computing Systems Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICDCSW.2010.38","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Both individuals and corporations increasingly rely on email to exchange important and, often sensitive, information. With the advent of ubiquitous computing and miniaturization of end-devices, many users leave email on remote servers, thus facilitating anywhere/anytime access from any networked device. Since private and sensitive information is often contained in email, it is very important to prevent its unauthorized disclosure. In this paper, we consider the problem of repeated intrusions of third-party email servers. Specifically, we design IRRES: Intrusion-Resilient Remote Email Storage system that prevents email leakage despite the presence of a powerful mobile adversary. IRRES eliminates sender compliance requirements by shifting encryption from email sender to email server. Incoming email messages are encrypted by the server with one-time keys obtained from an intrusion-resilient cooperative randomness generation process. Thus, even if the server is compromised twice, all email encrypted in the interim remains secure.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
