skip to main content
10.1145/1103780.1103799acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

Pvault: a client server system providing mobile access to personal data

Published: 11 November 2005 Publication History

Abstract

In this paper we describe the design for the Pvault software, which is a personal data manager that stores and retrieves data from a remote untrusted data server securely. The major advantage of Pvault is that it allows users to access their personal data from any trusted remote computer. We will describe the issues and solutions for maintaining data confidentiality and integrity when the data is stored at the remote sever, since the server itself is untrusted. Pvault also prevents Phishing and Pharming attacks and we will describe the solutions for the same.

References

[1]
PV Password Vault. http://www.rit.edu/~smo5024/projects/pvault/
[2]
PS Password Safe. http://www.schneier.com/passsafe.html
[3]
Anti-Phishing Working Group. http://www.antiphishing.org
[4]
Blake Ross. Collin Jackson, Nicholas Miyake, Dan Boneh and John C. Mitchell Stronger Password Authentication Using Browser Extensions. To appear in Proceedings of the 14th Usenix Security Symposium, 2005.
[5]
Engin Kirda and Christopher Kruegel. Protecting Users Against Phishing Attacks with AntiPhish. In Proceedings of the 29th Annual International Computer Software and Applications Conference (COMPSAC), IEEE Computer Society Press. United Kingdom, July 2005.
[6]
J. Alex Halderman, Brent Waters, Edward W. Felten. A Convenient Method for Securely Managing Passwords. In Proceedings of the 14th International World Wide Web Conference (WWW 2005).
[7]
pVault Homepage. http://www.itr-rescue.org/pVault/
[8]
B. Schneier. Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish). Fast Software Encryption, Cambridge Security Workshop Proceedings (December 1993), Springer-Verlag, 1994, pp. 191--204
[9]
Jayavel Shanmugasundaram, Kristin Tufte, Chun Zhang, Gang He, David J. DeWitt, Jeffrey F. Naughton: Relational Databases for Querying XML Documents: Limitations and Opportunities. textitInternational Conference on Very Large Databases (VLDB 1999): 302--314
[10]
Hakan Hacigumus, Bala Iyer, Chen Li, and Sharad Mehrotra. Executing SQL over Encrypted Data in the Database-Service-Provider Model. 2002 ACM SIGMOD Conference on Management of Data, Jun, 2002.
[11]
Ravi Jammalamadaka, Sharad Mehrotra. Querying Encrypted XML Documents. textitUniversity of California, Irvine. Technical report TR-DB-04-03.
[12]
Bijit Hore, Sharad Mehrotra, Gene Tsudik. A Privacy-Preserving Index for Range Queries. textitInternational Conference on Very Large Databases (VLDB 2004), Toronto, Canada 2004.
[13]
H. Hacigumus, B. Iyer, and S. Mehrotra. Ensuring Integrity of Encrypted Databases in Database as a Service Model. textitIFIP Conference on Data and Applications Security, Estes Park Colorado, 2003.
[14]
Microsoft Passport Network. http://www.passport.net

Cited By

View all
  • (2018)AuthStore: Password-Based Authentication and Encrypted Data Storage in Untrusted Environments2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)10.1109/TrustCom/BigDataSE.2018.00140(996-1001)Online publication date: Aug-2018
  • (2014)Secure Computation on Outsourced Data: A 10-year RetrospectiveDatabase Systems for Advanced Applications10.1007/978-3-319-05810-8_2(16-27)Online publication date: 2014
  • (2012)Phishing counter measures and their effectiveness – literature reviewInformation Management & Computer Security10.1108/0968522121128654820:5(382-420)Online publication date: 23-Nov-2012
  • Show More Cited By

Index Terms

  1. Pvault: a client server system providing mobile access to personal data

        Recommendations

        Comments

        Information & Contributors

        Information

        Published In

        cover image ACM Conferences
        StorageSS '05: Proceedings of the 2005 ACM workshop on Storage security and survivability
        November 2005
        150 pages
        ISBN:159593233X
        DOI:10.1145/1103780
        Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

        Sponsors

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        Published: 11 November 2005

        Permissions

        Request permissions for this article.

        Check for updates

        Author Tags

        1. cryptography
        2. database
        3. encryption
        4. mobile access
        5. secure sharing
        6. secure storage
        7. security
        8. untrusted service provider model

        Qualifiers

        • Article

        Conference

        CCS05
        Sponsor:

        Upcoming Conference

        CCS '25

        Contributors

        Other Metrics

        Bibliometrics & Citations

        Bibliometrics

        Article Metrics

        • Downloads (Last 12 months)2
        • Downloads (Last 6 weeks)0
        Reflects downloads up to 14 Feb 2025

        Other Metrics

        Citations

        Cited By

        View all
        • (2018)AuthStore: Password-Based Authentication and Encrypted Data Storage in Untrusted Environments2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)10.1109/TrustCom/BigDataSE.2018.00140(996-1001)Online publication date: Aug-2018
        • (2014)Secure Computation on Outsourced Data: A 10-year RetrospectiveDatabase Systems for Advanced Applications10.1007/978-3-319-05810-8_2(16-27)Online publication date: 2014
        • (2012)Phishing counter measures and their effectiveness – literature reviewInformation Management & Computer Security10.1108/0968522121128654820:5(382-420)Online publication date: 23-Nov-2012
        • (2008)User-centric PKIProceedings of the 7th symposium on Identity and trust on the Internet10.1145/1373290.1373300(59-71)Online publication date: 4-Mar-2008
        • (2008)Managing and Querying Encrypted DataHandbook of Database Security10.1007/978-0-387-48533-1_7(163-190)Online publication date: 2008
        • (2007)Search on Encrypted DataSecure Data Management in Decentralized Systems10.1007/978-0-387-27696-0_12(383-425)Online publication date: 2007

        View Options

        Login options

        View options

        PDF

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        Figures

        Tables

        Media

        Share

        Share

        Share this Publication link

        Share on social media