Abstract-Smartphones are sensor-rich and Internet-enabled.With their on-board sensors, web services, social media, and external biosensors, smartphones can provide contextual information about the device, user, and environment, thereby enabling the creation of rich, biologically driven applications.We introduce ContextProvider, a framework that offers a unified, query-able interface to contextual data on the device. Unlike other context-based frameworks, ContextProvider offers interactive user feedback, self-adaptive sensor polling, and minimal reliance on third-party infrastructure. ContextProvider also allows for rapid development of new context and bio-aware applications.Evaluation of ContextProvider shows the incorporation of an additional monitoring sensor into the framework with fewer than 100 lines of Java code. With adaptive sensor monitoring, power consumption per sensor can be reduced down to 1% overhead. Finally, through the use of context, accuracy of data interpretation can be improved by up to 80%.
The ability to securely delete sensitive data from electronic storage is becoming important. However, current per-file deletion solutions tend to be limited to a segment of the operating system's storage data path or specific to particular file systems or storage media.This paper introduces TrueErase, a holistic secure-deletion framework. Through its design, implementation, verification, and evaluation, TrueErase shows that it is possible to build a legacycompatible full-storage-data-path framework that performs perfile secure deletion and works with common file systems and solid-state storage, while handling common system failures. In addition, this framework can serve as a building block for encryption-and tainting-based secure-deletion systems.
Confidential data storage through encryption is becoming increasingly important.Designers and implementers of encryption methods of storage media must be aware that storage has different usage patterns and properties compared to securing other information media such as networks. In this paper, we empirically demonstrate two-time pad vulnerabilities in storage that are exposed via shifting file contents, in-place file updates, storage mechanisms hidden by layers of abstractions, inconsistencies between memory and disk content, and backups. We also demonstrate how a simple application of Bloom filters can automatically extract plaintexts from two-time pads. Further, our experience sheds light on system research directions to better support cryptographic assumptions and guarantees.
One important aspect of privacy is the ability to securely delete sensitive data from electronic storage in such a way that it cannot be recovered; we call this action secure deletion . Short of physically destroying the entire storage medium, existing software secure-deletion solutions tend to be piecemeal at best -- they may only work for one type of storage or file system, may force the user to delete all files instead of selected ones, may require the added complexities of encryption and key storage, may require extensive changes and additions to the computer's operating system or storage firmware, and may not handle system crashes gracefully. We present TrueErase, a holistic secure-deletion framework for individual systems that contain sensitive data. Through design, implementation, verification, and evaluation on both a hard drive and NAND flash, TrueErase shows that it is possible to construct a per-file, secure-deletion framework that can accommodate different storage media and legacy file systems, require limited changes to legacy systems, and handle common crash scenarios. TrueErase can serve as a building block by cryptographic systems that securely delete information by erasing encryption keys. The overhead is dependent on spatial locality, number of sensitive files, and workload (computational- or I/O-bound).
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.