A Secure and Privacy-Friendly Logging Scheme
- URL: http://arxiv.org/abs/2405.11341v1
- Date: Sat, 18 May 2024 17:10:48 GMT
- Title: A Secure and Privacy-Friendly Logging Scheme
- Authors: Andreas Aßmuth, Robert Duncan, Simon Liebl, Matthias Söllner,
- Abstract summary: We seek to resolve this issue through the use of an encrypted audit trail process that saves encrypted records to a true immutable database.
This ensures compliance with the General Data Protection Regulation can be achieved.
- Score: 4.833749568903534
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Finding a robust security mechanism for audit trail logging has long been a poorly satisfied goal. There are many reasons for this. The most significant of these is that the audit trail is a highly sought after goal of attackers to ensure that they do not get caught. Thus they have an incredibly strong incentive to prevent companies from succeeding in this worthy aim. Regulation, such as the European Union General Data Protection Regulation, has brought a strong incentive for companies to achieve success in this area due to the punitive level of fines that can now be levied in the event of a successful breach by an attacker. We seek to resolve this issue through the use of an encrypted audit trail process that saves encrypted records to a true immutable database, which can ensure audit trail records are permanently retained in encrypted form, with no possibility of the records being compromised. This ensures compliance with the General Data Protection Regulation can be achieved.
Related papers
- Security Is Not Enough: Privacy in Encryption Regulation and Lawful-Surveillance Protocols [0.0]
This article argues that security is not enough to fully capture what is at stake in government exceptional access to encrypted data.<n>A richer understanding is needed both to assess policy and to guide research on lawful-surveillance protocols.
arXiv Detail & Related papers (2026-02-28T23:41:22Z) - It's a Feature, Not a Bug: Secure and Auditable State Rollback for Confidential Cloud Applications [3.903754621026016]
Rebound is a general-purpose security framework that preserves rollback protection while enabling policy-authorized legitimate rollbacks of application binaries, configuration, and data.<n>Key to Rebound is a reference monitor that mediates state transitions, enforces authorization policy, guarantees atomicity of state updates and rollbacks, and emits a tamper-evident log that provides transparency to applications and auditors.
arXiv Detail & Related papers (2025-11-17T17:53:47Z) - Towards Safe Reasoning in Large Reasoning Models via Corrective Intervention [53.25106308403173]
We show that existing methods overlook the unique significance of safe reasoning, undermining their trustworthiness and posing potential risks in applications if unsafe reasoning is accessible for and exploited by malicious users.<n>We propose Intervened Preference Optimization (IPO), an alignment method that enforces safe reasoning by substituting compliance steps with safety triggers and constructing pairs for preference learning with strong signals.
arXiv Detail & Related papers (2025-09-29T07:41:09Z) - ReliabilityRAG: Effective and Provably Robust Defense for RAG-based Web-Search [69.60882125603133]
We present ReliabilityRAG, a framework for adversarial robustness that explicitly leverages reliability information of retrieved documents.<n>Our work is a significant step towards more effective, provably robust defenses against retrieved corpus corruption in RAG.
arXiv Detail & Related papers (2025-09-27T22:36:42Z) - Beyond Algorithmic Proofs: Towards Implementation-Level Provable Security [1.338174941551702]
We present Implementation-Level Provable Security, a new paradigm that defines security in terms of structurally verifiable resilience against real-world attack surfaces during deployment.<n>We present SEER (Secure and Efficient Encryption-based Erasure via Ransomware), a file destruction system that repurposes and reinforces the encryption core of Babuk ransomware.
arXiv Detail & Related papers (2025-08-02T01:58:06Z) - Provably Secure Retrieval-Augmented Generation [7.412110686946628]
This paper proposes the first provably secure framework for Retrieval-Augmented Generation (RAG) systems.<n>Our framework employs a pre-storage full-encryption scheme to ensure dual protection of both retrieved content and vector embeddings.
arXiv Detail & Related papers (2025-08-01T21:37:16Z) - ARMOR: Aligning Secure and Safe Large Language Models via Meticulous Reasoning [49.47193675702453]
Large Language Models (LLMs) have demonstrated remarkable generative capabilities.<n>LLMs remain vulnerable to malicious instructions that can bypass safety constraints.<n>We propose a reasoning-based safety alignment framework, ARMOR, that replaces the ad-hoc chains of thought reasoning process with human-aligned, structured one.
arXiv Detail & Related papers (2025-07-14T09:05:54Z) - Confidential Guardian: Cryptographically Prohibiting the Abuse of Model Abstention [65.47632669243657]
A dishonest institution can exploit mechanisms to discriminate or unjustly deny services under the guise of uncertainty.<n>We demonstrate the practicality of this threat by introducing an uncertainty-inducing attack called Mirage.<n>We propose Confidential Guardian, a framework that analyzes calibration metrics on a reference dataset to detect artificially suppressed confidence.
arXiv Detail & Related papers (2025-05-29T19:47:50Z) - Encrypted Federated Search Using Homomorphic Encryption [0.0]
This paper introduces a privacy-preserving federated search system that allows law enforcement agencies to conduct queries on encrypted criminal databases.<n>The key innovation here is the ability to execute encrypted queries across distributed databases, without the decryption of the data.
arXiv Detail & Related papers (2025-05-05T07:03:30Z) - Privacy-Aware RAG: Secure and Isolated Knowledge Retrieval [7.412110686946628]
This paper proposes an advanced encryption methodology designed to protect RAG systems from unauthorized access and data leakage.
Our approach encrypts both textual content and its corresponding embeddings prior to storage, ensuring that all data remains securely encrypted.
Our findings suggest that integrating advanced encryption techniques into the design and deployment of RAG systems can effectively enhance privacy safeguards.
arXiv Detail & Related papers (2025-03-17T07:45:05Z) - Formal Verification of Permission Voucher [1.4732811715354452]
The Permission Voucher Protocol is a system designed for secure and authenticated access control in distributed environments.
The analysis employs the Tamarin Prover, a state-of-the-art tool for symbolic verification, to evaluate key security properties.
Results confirm the protocol's robustness against common attacks such as message tampering, impersonation, and replay.
arXiv Detail & Related papers (2024-12-18T14:11:50Z) - Leveraging Ensemble-Based Semi-Supervised Learning for Illicit Account Detection in Ethereum DeFi Transactions [0.0]
Decentralized Finance (DeFi) has introduced significant security risks, including the proliferation of illicit accounts.
Traditional detection methods are limited by the scarcity of labeled data and the evolving tactics of malicious actors.
We propose a novel Self-Learning Ensemble-based Illicit account Detection framework to address these challenges.
arXiv Detail & Related papers (2024-12-03T12:03:13Z) - Hide in Plain Sight: Clean-Label Backdoor for Auditing Membership Inference [16.893873979953593]
We propose a novel clean-label backdoor-based approach for stealthy data auditing.
Our approach employs an optimal trigger generated by a shadow model that mimics target model's behavior.
The proposed method enables robust data auditing through blackbox access, achieving high attack success rates across diverse datasets.
arXiv Detail & Related papers (2024-11-24T20:56:18Z) - AGORA: Open More and Trust Less in Binary Verification Service [16.429846973928512]
We introduce a novel binary verification service, AGORA, scrupulously designed to overcome the challenge.
Certain tasks can be delegated to untrusted entities, while the corresponding validators are securely housed within the trusted computing base.
Through a novel blockchain-based bounty task manager, it also utilizes crowdsourcing to remove trust in theorem provers.
arXiv Detail & Related papers (2024-07-21T05:29:22Z) - Jailbreaking as a Reward Misspecification Problem [80.52431374743998]
We propose a novel perspective that attributes this vulnerability to reward misspecification during the alignment process.
We introduce a metric ReGap to quantify the extent of reward misspecification and demonstrate its effectiveness.
We present ReMiss, a system for automated red teaming that generates adversarial prompts in a reward-misspecified space.
arXiv Detail & Related papers (2024-06-20T15:12:27Z) - CodeChameleon: Personalized Encryption Framework for Jailbreaking Large
Language Models [49.60006012946767]
We propose CodeChameleon, a novel jailbreak framework based on personalized encryption tactics.
We conduct extensive experiments on 7 Large Language Models, achieving state-of-the-art average Attack Success Rate (ASR)
Remarkably, our method achieves an 86.6% ASR on GPT-4-1106.
arXiv Detail & Related papers (2024-02-26T16:35:59Z) - Mitigating Fine-tuning based Jailbreak Attack with Backdoor Enhanced Safety Alignment [56.2017039028998]
Fine-tuning of Language-Model-as-a-Service (LM) introduces new threats, particularly against the Fine-tuning based Jailbreak Attack (FJAttack)
We propose the Backdoor Enhanced Safety Alignment method inspired by an analogy with the concept of backdoor attacks.
Our comprehensive experiments demonstrate that through the Backdoor Enhanced Safety Alignment with adding as few as 11 safety examples, the maliciously finetuned LLMs will achieve similar safety performance as the original aligned models without harming the benign performance.
arXiv Detail & Related papers (2024-02-22T21:05:18Z) - The Decisive Power of Indecision: Low-Variance Risk-Limiting Audits and Election Contestation via Marginal Mark Recording [51.82772358241505]
Risk-limiting audits (RLAs) are techniques for verifying the outcomes of large elections.
We define new families of audits that improve efficiency and offer advances in statistical power.
New audits are enabled by revisiting the standard notion of a cast-vote record so that it can declare multiple possible mark interpretations.
arXiv Detail & Related papers (2024-02-09T16:23:54Z) - Blockchain-based Privacy-Preserving Public Key Searchable Encryption with Strong Traceability [8.866154405581012]
We propose a blockchain-based privacy-preserving PKSE with strong traceability (BP3KSEST) scheme.
Our scheme provides the following features: (1) authorized users can authenticate to trapdoor generation center and obtain trapdoors without releasing identities and keywords; (2) when data users misbehave in the system, the trusted third party (TTP) can trace both their identities and the keywords which they searched; (3) trapdoor query records are unforgeable; (4) trapdoor query records are immutable because records are stored in blockchain.
arXiv Detail & Related papers (2023-12-28T10:58:14Z) - Blockchain-Envisioned Post-Quantum Secure Sanitizable Signature for Audit Logs Management [21.2091561560957]
We first present the first post-quantum secure multivariate-based SSS, namely Mul-SAN.
Our proposed design provides unforgeability, privacy, immutability, signer accountability, and sanitizer accountability under the assumption that the MQ problem is NP-hard.
Mul-SAN presents itself as a practical method to partially delegate control of the authenticated data in avenues like the healthcare industry and government organizations.
arXiv Detail & Related papers (2023-12-26T20:06:58Z) - A fully decentralized auditing approach for edge computing: A Game-Theoretic Perspective [18.20120097647291]
Edge storage presents a viable data storage alternative for application vendors.
Data cached in edge computing systems is susceptible to intentional or accidental disturbances.
This paper proposes a decentralized integrity auditing scheme to safeguard data integrity.
arXiv Detail & Related papers (2023-12-26T11:26:44Z) - No Free Lunch in "Privacy for Free: How does Dataset Condensation Help
Privacy" [75.98836424725437]
New methods designed to preserve data privacy require careful scrutiny.
Failure to preserve privacy is hard to detect, and yet can lead to catastrophic results when a system implementing a privacy-preserving'' method is attacked.
arXiv Detail & Related papers (2022-09-29T17:50:23Z) - Having your Privacy Cake and Eating it Too: Platform-supported Auditing
of Social Media Algorithms for Public Interest [70.02478301291264]
Social media platforms curate access to information and opportunities, and so play a critical role in shaping public discourse.
Prior studies have used black-box methods to show that these algorithms can lead to biased or discriminatory outcomes.
We propose a new method for platform-supported auditing that can meet the goals of the proposed legislation.
arXiv Detail & Related papers (2022-07-18T17:32:35Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.