Browsing by Author "Kamm, Liina, juhendaja"

Filter results by typing the first few letters
Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    An integrated approach for certification and re-certification based on the case study of an integrated circuit
    (Tartu Ülikool, 2021) Thirumalai, Jayavarshini; Kamm, Liina, juhendaja; Seeba, Mari, juhendaja; Tartu Ülikool. Loodus- ja täppisteaduste valdkond; Tartu Ülikool. Arvutiteaduse instituut
    A system is expected to undergo necessary security assessment to ensure that it is in compliance with the baseline security requirements. Otherwise it becomes hard to trust that the product is secure enough to use. For this purpose, certification can be used to ensure that a system is secure and safe to use. In this thesis, we define an integrated approach that aims to reduce time and cost in the product evaluation process by refining and integrating existing approaches. Hence, we consolidate solutions from the ARMOUR methodology, the ECSO meta-scheme and the NIST SP 800-137 to support certification and re-certification. We use a case study of the integrated circuit (or chip) as an example. In addition, we follow the Common Criteria based European Cybersecurity Candidate Scheme guidelines from ENISA to define a standardized process in certifying and re-certifying the product. Three different validators validated the thesis through face validity.
  • Thumbnail Image
    Item
    Privacy-Preserving Data Synthesis Using Trusted Execution Environments
    (Tartu Ülikool, 2022) Veskus, Karl Hannes; Kamm, Liina, juhendaja; Laur, Sven, juhendaja; Tartu Ülikool. Loodus- ja täppisteaduste valdkond; Tartu Ülikool. Arvutiteaduse instituut
    Data synthesis is the process of generating new synthetic data from existing data. Often companies do not have the the in-house competence to synthesize data themselves, and are willing to outsource the process. However, synthesis requires access to the original data. Sharing data with a third party can be complex, especially so if it contains sensitive information or is considered as personal data by regulations such as the GDPR. The goal of this thesis is to develop a proof-of-concept privacy-preserving data synthesis service showing that it is possible to use trusted execution environments to perform data synthesis in a privacy-preserving manner. Such a service would enable outsourcing the data synthesis process to an untrusted remote server by ensuring that both the original and synthesized data are fully hidden from the untrusted server host throughout the lifecycle of the service. A prototype of the service was developed in the scope of an ongoing proof-of-concept project. To achieve the required security goals the service prototype uses trusted execution environment technologies, specifically the Sharemind HI development platform, which is in turn based on the Intel SGX platform. The developed service shows that synthesizing data in a privacy-preserving manner is indeed feasible if trusted execution environments are used. However, future work is needed to optimize the service to allow larger input and output files, and to support additional data synthesis methods.