Conference Papers

Secure Cloud Storage with Client-Side Encryption Using a Trusted Execution Environment

Marciano da Rocha, Dalton Cézane Gomes Valadares, Angelo Perkusich, Kyller Costa Gorgonio, Rodrigo Tomaz Pagno, Newton Carlos Will
10th International Conference on Cloud Computing and Services Science (CLOSER) – 2020
[Abstract]
With the evolution of computer systems, the amount of sensitive data to be stored as well as the number of threats on these data grow up, making the data confidentiality increasingly important to computer users. Currently, with devices always connected to the Internet, the use of cloud data storage services has become practical and common, allowing quick access to such data wherever the user is. Such practicality brings with it a concern, precisely the confidentiality of the data which is delivered to third parties for storage. In the home environment, disk encryption tools have gained special attention from users, being used on personal computers and also having native options in some smartphone operating systems. The present work uses the data sealing, feature provided by the Intel Software Guard Extensions (Intel SGX) technology, for file encryption. A virtual file system is created in which applications can store their data, keeping the security guarantees provided by the Intel SGX technology, before send the data to a storage provider. This way, even if the storage provider is compromised, the data are safe. To validate the proposal, the Cryptomator software, which is a free client-side encryption tool for cloud files, was integrated with an Intel SGX application (enclave) for data sealing. The results demonstrate that the solution is feasible, in terms of performance and security, and can be expanded and refined for practical use and integration with cloud synchronization services.
[BibTeX]
@inproceedings{rocha2020secure,
  title={Secure Cloud Storage with Client-Side Encryption Using a Trusted Execution Environment},
  author={Rocha, Marciano da and Valadares, Dalton Cézane Gomes and Perkusich, Angelo and Gorgonio, Kyller Costa and Pagno, Rodrigo Tomaz and Will, Newton Carlos},
  booktitle={Proceedings of the 10th International Conference on Cloud Computing and Services Science},
  year={2020},
  publisher={SCITEPRESS},
  address={Prague, Czech Republic},
  doi={10.5220/0009130600310043}
}

Desafios e Soluções em Sistemas de Votação Eletrônica: Um Mapeamento Sistemático (in portuguese)

Jéssica Iara Pegorini, Natália Tiemi Yada, Alinne Cristinne Corrêa Souza, Rodrigo Tomaz Pagno, Newton Carlos Will
IV Workshop de Tecnologia Eleitoral (WTE) – 2019
[Abstract]
It is obvious that a fully electronic voting process brings some advantages, such the quick counting of votes and the availability of results, but there are also technological problems to be addressed in order to avoid fraud and failures in the system, ensuring a straightaway process. This paper presents a systematic mapping in electoral security area, which searches for the main information about the protocols used in electronic voting systems, the security measures used and also the vulnerabilities and failures detected in these systems. The results show a convergence of the studies to certain protocols and security measures, besides the main problems to be faced in this area.
[BibTeX]
@inproceedings{pegorini2019desafios,
  title={Desafios e Soluções em Sistemas de Votação Eletrônica: Um Mapeamento Sistemático},
  author={Pegorini, Jéssica Iara and Yada, Natália Tiemi and Souza, Alinne Cristinne Corrêa and Pagno, Rodrigo Tomaz and Will, Newton Carlos},
  booktitle={Proceedings of the IV Workshop de Tecnologia Eleitoral},
  year={2019},
  publisher={SBC},
  address={São Paulo, SP, Brazil}
}

Undergraduate Theses

Autenticidade, Integridade e Anonimidade no Sistema de Votação Eletrônica do Brasil (in portuguese)

Student: Jéssica Iara Pegorini
Advisor: Rodrigo Tomaz Pagno
Co-advisor: Newton Carlos Will
Year/Semester: 2019/2
[Abstract]
Technology has been growing gradually in recent years and more and more processes become electronic. Thus, it is extremely important that some safety standards be applied to these processes. Democracy is one of the processes that has become electronic over the years, and Brazil, as one of the countries with the largest democracy in the world, has also started the informatization of the vote process. The advantages that an all-electronic voting process brings to an election are notorious. However it is important to note that, in addition to advantages, such as rapid vote counting and the availability of results, there are technological issues to be addressed to prevent fraud and system failures, ensuring a fair process. In this sense, this paper presents a systematic mapping carried out in the area of electoral security, which seeks the main information about electronic voting systems used in the world, and a case study that analyzes what are the problems faced in the Brazilian electronic process, for later comparison of both systems. The results show some similarities and differences between the systems used by Brazil and the world, how is the case such as the system used in some states of the United States of America. The system in question has a wide variety of security mechanisms and is capable of detecting fraud, just as the Brazilian electronic system, which also has several security mechanisms, is capable of detecting unauthorized modifications. On the other hand, the system used by India presents significant differences in the voter authentication process, since Brazil has adopted biometrics for this process, and India uses an indelible ink to mark voters who are released to vote. Most notable is the technological evolution of Brazil, given the prominence obtained in society with the insertion of technology in the electoral system.
[BibTeX]
@bachelorthesis{pegorini2019autenticidade,,
  title={Autenticidade, Integridade e Anonimidade no Sistema de Votação Eletrônica do Brasil},
  author={Pegorini, Jéssica Iara},
  school={Federal University of Technology - Paraná},
  year={2019},
  address={Dois Vizinhos, PR, Brazil}
}

Implementação de Criptografia de Disco com Ambiente de Execução Confiável Intel Software Guard Extensions (Intel SGX) (in portuguese)

Student: Marciano da Rocha
Advisor: Rodrigo Tomaz Pagno
Co-advisor: Newton Carlos Will
Year/Semester: 2019/1
[Abstract]
With the evolution of computer systems used by organizations and by users, the amount of confidential data to be stored and the number of threats on these data grow up too. In this scenario, Intel launched in late 2015, along with its line of 6th generation processors (Skylake), the Software Guard Extensions (Intel SGX) technology, which provides security mechanisms for code execution within a protected area in software, called enclave, allowing developers to integrate it with their systems. In the mechanisms provided, the technology has a resource for sealing the data that are in the enclave, allowing they to be stored in a secure way, using a unique encryption key, generated and maintained by the processor, with information from it and the enclave. However, ensuring data security across all computing systems is a complex process. The present work makes use of the data sealing feature, provided by the Intel SGX technology, for file encryption, creating a virtual file system where applications can store their data and have the security guarantees provided by the Intel SGX technology, so that, when the storage media is compromised, the data is safe. To validate the proposal, the Cryptomator software is integrated with an enclave for data sealing. The results demonstrate that the solution is feasible, in terms of performance and security, and can be expanded and refined for practical use.
[BibTeX]
@bachelorthesis{rocha2019implementação,
  title={Implementação de Criptografia de Disco com Ambiente de Execução Confiável Intel Software Guard Extensions (Intel SGX)},
  author={Rocha, Marciano da},
  school={Federal University of Technology - Paraná},
  year={2019},
  address={Dois Vizinhos, PR, Brazil}
}