Enhancing the Privacy of Data Communications within Information-Sensitive Systems
AdvisorGunes, Mehmet H.
Computer Science and Engineering
AltmetricsView Usage Statistics
Information-sensitive systems such as power, healthcare and cloud infrastructures have diverse stakeholders that often require varying levels of access to critical information. Additionally, it is imperative that these systems carefully consider security and privacy concerns regarding the storage, processing, and migration of sensitive information in all areas of the system. The difficulty in ensuring privacy and security within these types of systems is largely due to the complexity in establishing trust among remote entities. Further, it is desirable to eliminate interference from third parties such as root processes, system administrators, and malicious users internal and external to the system at all stages of the communication process. This thesis presents an approach to enhancing the security and privacy of information-sensitive systems through blind processing. This novel communication and execution methodology applies trusted computing concepts to allow remote attestation and communication among entities within information-sensitive systems. The goal of this research is to utilize trusted computing as a foundation for developing a trusted healthcare system while having minimal adverse effects on scalability and performance. Results from our implementation show that information-critical applications can exist in isolated environments alongside other applications and remotely attest and establish connections with other nodes in the system with minimal overhead from the addition of blind processing. Our study presents strong potential for enhancing the security and privacy of real-world information-sensitive systems using blind processing.