Search

Your search keyword '"Rishi Kumar Gandhi"' showing total 9 results
Start Over Author "Rishi Kumar Gandhi"
9 results on '"Rishi Kumar Gandhi"'

3. Mandatory Enforcement of Geofenced Security in Android

Author

Rishi Kumar Gandhi, S Srinivasachary, Prateek Pande, Kurra Mallaiah, and Amit Kumar Medatiya

Subjects
0209 industrial biotechnology, Computer science, business.industry, 02 engineering and technology, Information security, Computer security, computer.software_genre, Security policy, 020901 industrial engineering & automation, 0202 electrical engineering, electronic engineering, information engineering, Malware, 020201 artificial intelligence & image processing, The Internet, Confidentiality, Android (operating system), business, Enforcement, Host (network), computer
Abstract

Android applications are today driving most of the aspects of business. But corresponding threats of information breach through a malware or naive users are also increasing many folds. It becomes extremely difficult for any organisation to allow employees to seamlessly use android based smartphones within office premises while keeping the related threats at bay. Situation is even more difficult for an organisation related to finance, defence, medicine, reasearch etc., where employees handle sensitive and confidential data. Usually, these threats are ignored else employers try to impose various physical restrictions which incur huge costs and inconvenience. In this regard, this paper proposes a novel scheme to enforce constraints on android based smartphones to mitigate above threats. It provides kernel level restriction on existing Android applications from accessing various smartphone resources whenever host device enters a predefined geographical boundary of an enterprise. This is achieved by dynamic security policies in SEAndroid. It utilises Android source from AOSP ported on Google Pixel2 XL device to demonstrate nuances of practicality.

Published
2021
Full Text
View/download PDF

4. Fine Grained Confinement of Untrusted Third-Party Applications in Android

Author

S Srinivasachary, Amit Kumar Medatiya, Rishi Kumar Gandhi, Prateek Pande, and Kurra Mallaiah

Subjects
Scheme (programming language), Security analysis, Voice over IP, Computer science, business.industry, Intelligent decision support system, Access control, Computer security, computer.software_genre, Resource (project management), Financial transaction, Android (operating system), business, computer, computer.programming_language
Abstract

Third party mobile applications are dominating the business strategies of organisations and have become an integral part of personal life of individuals. These applications are used for financial transactions, sharing of sensitive data etc. The recent breaches in Android clearly indicate that use of third party applications have become a serious security threat. By design, Android framework keeps all these applications in untrusted domain. Due to this a common policy of resource control exists for all such applications. Further, user discretion in granting permissions to specific applications is not effective because users are not always aware of deep functionalities, mala fide intentions (in case of spywares) and bugs/flaws in these third-party applications. In this regard, we propose a security scheme to mitigate unauthorised access of resources by third party applications. Our proposed scheme is based on SEAndroid policies and achieves fine grained confinement with respect to access control for the third party applications. To the best of our knowledge, the proposed scheme is unique and first of its kind. The proposed scheme is integrated with Android Oreo 8.1.0 for performance and security analysis. It is compatible with any Android device with AOSP support.

Published
2021
Full Text
View/download PDF

5. Stateless Key Management Scheme for Proxy-Based Encrypted Databases

Author

Rishi Kumar Gandhi, S. Ramachandram, and Kurra Mallaiah

Subjects
Database, business.industry, Computer science, Relational database, Cloud computing, Cryptography, Encryption, computer.software_genre, Random oracle, Backup, Key (cryptography), Key management, business, computer
Abstract

To preserve the confidentiality of important data stored in third-party managed platforms like public cloud databases is continuously raising security concerns. Such databases need to be shielded from malicious administrators or malicious software attacks, so as to increase the trust of the potential customers of such security. Therefore, it is very important that the data must be protected at rest, in transition and also while in operation to achieve full confidentiality for the data stored in databases. Shielding the confidentiality of data at rest and in transition is adequately addressed but shielding the confidentiality of data while in operation is still a big challenge. CryptDB provides confidentiality for relational databases by supporting the computations on encrypted data. The keys which are used in CryptDB are stored in the proxy. This paper proposes a stateless key management scheme, inversely the state-full key management scheme of CryptDB. The security proof is presented along with cryptographic security definitions and that the security of our key management under the random oracle model security assumption. The proposed key management scheme is the first of its kind that is a stateless key management. The scheme eliminates the storing of user cryptographic keys in the proxy and, hence, avoids possible attacks and analysis on keys in the proxy and also various other problems such as key backup, key loss, and key audit. Our proposed solution also satisfies regulatory compliance by not storing the cryptographic keys anywhere.

Published
2021
Full Text
View/download PDF

6. List of Contributors

Author

Khalild Abdel-Galil, Abdul Ahmed, Nabeela Ahmed, Thomas Aldridge, Kavin Andi, Bilal Al-Nawas, Eric Arnaud, Christopher M.E. Avery, Mark Bainbridge, Victoria Beale, William H. Bell, Natasha Louise Berridge, Adam Blancher, Michael S. Block, John N St. J Blythe, Jens Bodem, Paolo Boffano, Farzad Borumandi, Rudolf Robert Maria Bos, Major John Breeze, Peter A. Brennan, James Brown, Rudolf F. Buntic, Heinz Bürger, Brady Burton, Eric R. Carlson, Luke Cascarini, Siwan Cassidy, Alison Chalmers, David Chapireau, Alistair R.M. Cobb, Serryth Colbert, Margaret Jean Coyle, Angelo Cuzalina, Jason E. Dashow, Jag Dhanda, David Drake, Alex D. Ehrlich, Simon Ellis, T. William Evans, Helen Extence, Shahme Ahamed Farook, Jerry N. Farrier, Adekunmi Fasanmade, Rui P. Fernandes, Tim Forouzanfar, Tobias Fretwurst, David E. Frost, Alexander Johann Gaggl Sr., Rishi Kumar Gandhi, Nils-Claudius Bernhard Gellrich, Katherine George, G.E. Ghali, Michael Gilhooly, Daryl R. Godden, Marianela Gonzalez, Jonathan B. Gottlieb, Henry A. Alan Gremillion, Ben C. Green, Elizabeth Anne Gruber, Cesar A. Guerrero, Rishi Jay Gupta, Kevin J. Harrington, Christopher Harris, Andrea M. Hebert, Joseph Helman, Jürgen Hoffmann, Bodo Hoffmeister, Simon Holmes, Dominik Horn, Birgit Jaspers, Gernot Jundt, Julian Eamon Kabala, Leonard B. Kaban, Arshad Kaleem, Anastasios Kanatas, Charles Gerald Kelly, Gary D. Klasser, Beomjune B. Kim, David A. Koppel, Norbert R. Kübler, Ilya Likhterov, Timothy William Lloyd, Richard A. Loukota, Joshua E. Lubek, Andrew Lyons, Col. Neil Mackenzie, Gitta Madani, Michael R. Markiewicz, Nigel Shaun Matthews, Joe McQuillan, Mark McGurk, Divya Mehrotra, Nigel Stuart George Mercer, Louis Gerard Mercuri, Ashraf Messiha, Florencio Monje, Elena V. Mujica, Rachel Anne Mumford, Kenlchiro Murakami, Friedemann Nauck, Hendrik Naujokat, Friedrich-Wilhelm Neukam, Suzan Obagi, Robert A. Ord, Yirae Ort, Ravinder Pabla, Bonnie L. Padwa, Stavan Patel, Chris Neil Penfold, Jon D. Perenack, Michael P. Powers, Wolfgang Puelacher, Faisal A. Quereshy, Jan D. Raguse, Sujeev Rajapakse, Parkash L. Ramchandani, Cory M. Resnick, Janet Mary Risk, Stephen N. Robinson, Eduardo D. Rodriguez, Simon N. Rogers, J.L.N. Roodenburg, Nadeem Saeed, Andrew Graeme Schache, Stephen A. Schendel, Henning Schliephake, Rainer Schmelzeisen, Andrea Maria Schmidt-Westhausen, Riitta Seppänen-Kaijansinkko, Richard J. Shaw, Andrew J. Sidebottom, Mark K. Singh, Rabindra P. Singh, Douglas P. Sinn, Ludi E. Smeele, C. Blake Smith, Brian Sommerlad, Frank Peter Strietzel, Adrian Sugar, Anita Takwale, Clark O. Taylor, William Arthur Townley, Timothy A. Turvey, Mark L. Urken, Simon Van Eeden, Wilfried Wagner, Peter C. Whitfield, Michael J. Will, Jonathan Williams, Jörg Wiltfang, Helen Witherow, Jennifer E. Woerner, Jeffrey S. Wolf, Larry M. Wolford, Wai Lup Wong, Martin Woods, Peirong Yu, and Rüdiger M. Zimmerer

Published
2017
Full Text
View/download PDF

8. Multi user searchable encryption schemes using Trusted Proxy for cloud based Relational Databases

Author

Kurra Mallaiah, S. Ramachandram, and Rishi Kumar Gandhi

Subjects
Database server, Database, Computer science, business.industry, Relational database, Client-side encryption, computer.software_genre, Encryption, Column (database), Filesystem-level encryption, Cloud database, On-the-fly encryption, business, computer
Abstract

Use of cloud Database-as-a-Service (DaaS) is gradually increasing in private and government organizations. Organizations are now considering outsourcing of their local databases to cloud database servers to minimize their operational and maintenance expenses. At the same time, users are apprehensive about the confidentiality breach of their vital data in cloud database. To achieve complete confidentiality of such data in outsourced databases, it is required to keep data in always-encrypted form in its entire life cycle i.e. at rest, in transition and while in operation in premises of cloud database services. Searchable encryption is a scheme, which allows users to perform an encrypted keyword search on encrypted data stored in database server directly without decrypting it. In many applications, it requires to access the database by multiple users where data is written by different users using different encryption keys. In this paper, we propose schemes for Multi user multi-key Encryption Search for cloud Relational Databases (MES-RD). It supports search operation on data encrypted under different keys by multiple users using a Trusted Proxy. These data may be stored in a shared table under one or other column of database server. To the best of our knowledge, the proposed schemes MES-RD are practical and first time proposed for databases.

Published
2015
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results