End of term

July 9, 2018 ~ Adrian Colyer ~ 5 Comments

It’s time to take my regular summer break from writing The Morning Paper - normal service will resume again on Monday 6th August. I’ll be topping up my paper backlog and scouting out interesting research during the break. If you’ve seen any great papers I haven’t already covered and that you think ‘The Morning Paper’ ... Continue Reading

Oblix: an efficient oblivious search index

July 6, 2018 ~ Adrian Colyer ~ 9 Comments

Oblix: an efficient oblivious search index Mishra et al., IEEE Security & Privacy 2018 Unfortunately, many known schemes that enable search queries on encrypted data achieve efficiency at the expense of security, as they reveal access patterns to the encrypted data. In this paper we present Oblix, a search index for encrypted data that is ... Continue Reading

EnclaveDB: a secure database using SGX

July 5, 2018 ~ Adrian Colyer ~ 8 Comments

EnclaveDB: A secure database using SGX Priebe et al., IEEE Security & Privacy 2018 This is a really interesting paper (if you’re into this kind of thing I guess!) bringing together the security properties of Intel’s SGX enclaves with the Hekaton SQL Server database engine. The result is a secure database environment with impressive runtime ... Continue Reading

Grand Pwning Unit: Accelerating microarchitectural attacks with the GPU

July 4, 2018 ~ Adrian Colyer ~ 7 Comments

Grand Pwning Unit: Accelerating microarchitectural attacks with the GPU Frigo et al., IEEE Security & Privacy The general awareness of microarchitectural attacks is greatly increased since meltdown and spectre earlier this year. A lot of time and energy has been spent in defending against such attacks, with a threat model that assumes attacks originate from ... Continue Reading

Privacy risks with Facebook’s PII-based targeting: auditing a data broker’s advertising interface

July 3, 2018 ~ Adrian Colyer ~ 6 Comments

Privacy risks with Facebook’s PII-based targeting: auditing a data broker’s advertising interface Venkatadri et al., IEEE Security and Privacy 2018 This is one of those jaw-hits-the-floor, can’t quite believe what I’m reading papers. The authors describe an attack exploiting Facebook’s custom audience feature, that can leak your PII. Specifically, we show how the adversary can ... Continue Reading

The rise of the citizen developer: assessing the security impact of online app generators

July 2, 2018 ~ Adrian Colyer ~ 6 Comments

The rise of the citizen developer: assessing the security impact of online app generators Oltrogge et al., IEEE Security & Privacy 2018 "Low code", "no code", "citizen developers", call it what you will, there’s been a big rise in platforms that seek to make it easy to develop applications for non-export developers. Today’s paper choice ... Continue Reading

the morning paper

a random walk through Computer Science research, by Adrian Colyer
Made delightfully fast by strattic

Month: July 2018