| Existing cryptographic schemes can easily protect sensitive data in transit and while in storage. When it becomes necessary to compute over that data, there are a wide variety of cryptographic and language-based solutions that protect the data in different ways and from different adversaries. However, to date, there are few practical schemes that can fully guarantee the security of sensitive data when an untrusted machine performs operations over it.;This thesis presents the theoretical framework for a context-sensitive security type system for Java programs. The primary contribution is JSec, a two-stage protocol that prepares a program containing sensitive data to safely run on an untrusted machine. Given the program and a subset of its variables declared as sensitive, JSec first tracks information flow in order to infer what additional variables must be considered sensitive in order to ensure confidentiality of data. The use of a polymorphic type in this stage permits context-sensitivity, which allows us to type check a very broad class of Java programs. In the second stage, the sensitive variables determined in the first stage are encrypted using homomorphic encryption schemes that allow operations to be computed over ciphertexts. The final program can be safely executed by an untrusted host but must defer to a trusted host for key management, encryption, and decryption. |
