Distributed security enhancement from a data management perspective : theoretical foundations and practical applications

Abstract

This thesis explores the critical need for enhanced security measures in distributed systems, addressing vulnerabilities exposed by sophisticated cyber-attacks such as DDoS. It delves into advanced cryptographic techniques and data management strate­gies designed to secure data outsourcing, enable searchable encryption, and protect data integrity against online manipulations. Motivated by imperative security goals in the current landscape of distributed systems, this thesis develops three innovative privacy-preserving schemes designed to enhance security measures and ensure robust data protection. The first scheme addresses vulnerabilities in password authentication systems, employing a novel cryptographic approach that minimizes computational overhead and enhances resistance against brute-force attacks. This methodology se­cures password transactions and efficiently manages large volumes of authentication requests. The second scheme focuses on secure indexing, particularly for bi-attribute datasets common in advanced data analytics and AI applications. It introduces an op­timized searchable encryption technique that allows for secure and efficient querying of encrypted databases without compromising data privacy. This scheme leverages modified probabilistic data structures to enhance performance and reduce potential privacy leaks through advanced inference attacks. The third scheme tackles the chal­lenge of maintaining data integrity in the face of sophisticated online manipulation attacks. It integrates a game-theoretical model that dynamically adapts to evolving threats, effectively countering malicious attempts to alter data. This model uses a combination of real-time threat analysis and strategic response mechanisms to ensure that data remains accurate and reliable, thus preserving the integrity essential for critical decision-making processes.