Providing secure Web based data services in untrusted environments

Web based data services are very popular with the average computer user. Examples of such services include: Gmail.com, Yahoo Photos, Yahoo Briefcase and Amazon S3 Service. In such services, the user outsources personal data to service providers who provide data management services on outsourced data. Such services have many advantages which include: (a) Mobile access: The data can be accessed from any computer connected to the internet; (b) Availability: the data is available 24/7; (c) Good service: Typically such services employ experts who provide a quality service. However, the outsourcing model for data management requires: (a) Trust in the service provider who manages the data outsourced; and (b) Trust in the client machine from which the data is accessed. The data is stored in plaintext at the service provider and is vulnerable to data theft from disgruntled employees and internet thieves. Also, data that is accessed from an untrusted machines is vulnerable to attack from malicious software entities present in such machines.;This thesis explores and addresses some of the challenges posed by the following two questions: can secure data services be provided by untrusted servers?; and can data be accessed securely via untrusted client machines?.;Data services via untrusted servers: We explore the untrusted server model and make the following contributions: (a) We propose security models that strike appropriate balance between performance and security; (b) We propose techniques/algorithms that enforce the security models without sacrificing the services that are provided by the service providers. Specifically, we are interested in service providers that provide query processing, search and data storage/retrieval services; and (c) We validate the efficacy of our techniques by designing and building computer systems that implement the proposed techniques. We analyze the performance of our techniques using our systems and draw appropriate conclusions.;Accessing data via untrusted client machines: We explore the untrusted client model and make the following contributions: (a) We analyze the set of attacks that a malicious software can launch; (b) We propose a rule based framework that contacts and validates potentially dangerous actions that originate from the untrusted machine; and (c) We validate the efficacy of our framework by building a prototype and analyzing the performance.