Download as PDF, PPTX
![Data Encryption vs Data UtilizationSolutions
[Goldreich-Ostrovsky92]
[Song-Wagner-Perrig-S&P00][Goh-ePrint-03, Chang-Mitzenmacher-ACNS05] [Curtmola-Garay-Kamara-Ostrovsky-ccs06]
[Boneh et al. EUROCRYPT’04]](https://image.slidesharecdn.com/t1-141201202519-conversion-gate02/85/SOME-SECURITY-CHALLENGES-IN-CLOUD-COMPUTING-46-320.jpg)
![Data Encryption vs Data UtilizationSolutions
[Goldreich-Ostrovsky92]
[Song-Wagner-Perrig-S&P00][Goh-ePrint-03, Chang-Mitzenmacher-ACNS05] [Curtmola-Garay-Kamara-Ostrovsky-ccs06]
[Boneh et al. EUROCRYPT’04]](https://image.slidesharecdn.com/t1-141201202519-conversion-gate02/75/SOME-SECURITY-CHALLENGES-IN-CLOUD-COMPUTING-46-2048.jpg)
Uploaded byHoang Nguyen
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
There are several security challenges with cloud computing including issues of trust, broad attacking surfaces, and data breaches. Ensuring data integrity and privacy is difficult when data is outsourced to cloud storage. Techniques like encryption, secure auditing, and proofs of data redundancy can help address some of these challenges, but protecting access patterns and enabling secure computation outsourcing remain open problems.
More Related Content
Similar to SOME SECURITY CHALLENGES IN CLOUD COMPUTING
![5.[40 44]enhancing security in cloud computing](https://cdn.slidesharecdn.com/ss_thumbnails/5-40-44enhancingsecurityincloudcomputing-111118182103-phpapp01-thumbnail.jpg?width=600ounds&width=560&fit=bounds)
![5.[40 44]enhancing security in cloud computing](https://cdn.slidesharecdn.com/ss_thumbnails/5-40-44enhancingsecurityincloudcomputing-111203185114-phpapp01-thumbnail.jpg?width=600ounds&width=560&fit=bounds)
![UiPath Automation Suite Installation (Hands-On) [2/3]](https://cdn.slidesharecdn.com/ss_thumbnails/automationsuitecommunitysession2-251015095633-a6d862f1-thumbnail.jpg?width=600ounds&width=560&fit=bounds)
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
- 1. SOME SECURITY CHALLENGES IN CLOUD COMPUTING Hoang N.V.
- 2. What is cloudcomputing?
- 4.
- 5.
- 6. Cloud providers bringin $2B in first quarter --source: Synergy Research Group, May, 2013 The overall cloud market will hit $71 billion in 2015 Source: Gartner Company data, Macquarie Capital (USA), Jan. 2013 Future
- 7. Cloud computing isthe next big thing
- 8. Challenges for CloudComputing
- 10.
- 11. Trust me, please! Oh, no
- 12. BroadAttacking Surface Wehave everything in the cloud. Everything is virtual. Loss physical control
- 13. BroadAttacking Surface Databreach Malicious Insider Insecure Interface or APIs
- 14. BroadAttacking SurfaceManyothersyettobeidentified... 4 13 10 9 7 0 2 4 6 8 10 12 14 Before Year 2008 Year 2008 Year 2009 Year 2010 Year 2011 No. of Incidents with Unknown Causes by Year CSA report 2012 (Revised March 13, 2013)
- 15.
- 16. Security challenges withstorage outsourcing Data Integrity
- 17. Security challenges withstorage outsourcing Internal: Byzantine failure, management errors, software bugs, ... External: malware, economically motivated attacks, ... (Data Integrity)
- 18. Security challenges withstorage outsourcing(Data Integrity)
- 19.
- 20.
- 21.
- 22. Security challenges withstorage outsourcing(Data Integrity) Cloud currently offers no guarantee Shouldwetrustthecloud100percentforthestorageintegrity? Dataownersneedameanstoensurecontinuouscorrectnesssofoutsourcedclouddata.
- 23. Security challenges withstorage outsourcing(Data Integrity) Is my data correctly stored? Storage correctness proofs Secure Cloud Storage Auditing
- 24. Traditionalmethod for dataintegrity message m k k Generate tag: tag S(k, m) tag Verify tag: V(k, m’, tag’) = ‘yes’ Def:MACI = (S,V) defined over (K,M,T) is a pair of algs: •S(k,m) outputs t in T •V(k,m,t) outputs yes or no Message Authentication Code (MAC)
- 25. Secure Cloud StorageAuditing Is my data correctly stored(k1) DATA DATA’ MAC(k1, DATA’) MAC(k1,DATA) Before putting data in the cloud, must calculate and store MAC(k2,DATA) MAC(kn,DATA)
- 26. Secure Cloud StorageAuditing Security Convenience OverheadChallenges Havetoexploretradeoffstomaintainlowcommunicationandcomputionoverheadonbothownerandserverside.
- 27. Secure Cloud StorageAuditingChallenges Copewithfrequentclouddatachangingwhileensuringcontinuousdataauditing
- 28.
- 29. Batch auditing improvesefficiency and saves computation and communication overhead.
- 30. Secure Cloud StorageAuditingSolutions Cloud Server σ1 m1 σ2 m2 σ4 m4 σ1 m1 σ2 m2 σ3 m3 σ4 m4 … … σn mn σ1 m1 σ2 m2 σ μ + .
- 31. Redundantly stores datain multiple facilities and on multiple devices with each facility. Can we trust? Designed to substain the concurrent loss of data two facilities.
- 32. Security challenges withstorage outsourcing(Data Integrity) ? F file return F file Cloudstorageproviderclaimstostorethreedistinctcopiesofmyfileforresillience. Can we trust? No, if they can’t prove it (Redundancy)? F
- 33. Security challenges withstorage outsourcing File F can survive two disk crashes Disk 2 Disk 3 Disk 4 Disk 5 Disk 1 Virtual Virtual Virtual Virtual Virtual F F F F A single disk crash can destroy F file Virtualization is a complication. We need proofs of data redundancy on the physical layer.
- 34. Proof of redundancy Solutions Eeta Pizza Pi Cheapskate Pizza “Six pizzas!” The Pizza Oven Protocol (Juels A. 2011) Network latency Drive read time Slides credits to Ari Jules et al.
- 35. as well asencryption for both secure transit and secure storage at rest.
- 37.
- 38. Security challenges withstorage outsourcing(Data leakage) DATA DATA DATA leakage
- 39. Security challenges withstorage outsourcing(Data leakage) DATA E( ,DATA) leakage E( ,DATA)
- 40. Services Front End Storage Back End Security challenges with storage outsourcing(Data leakage) DATA leakage Challenge: Proofs of encrypting data at rest
- 41. 12/2013 9/2014 10/2014 09/2010 05/2013 Sensitive data must be encrypted before putting on the cloud server
- 42.
- 44.
- 45.
- 46. Data Encryption vsData UtilizationSolutions [Goldreich-Ostrovsky92] [Song-Wagner-Perrig-S&P00][Goh-ePrint-03, Chang-Mitzenmacher-ACNS05] [Curtmola-Garay-Kamara-Ostrovsky-ccs06] [Boneh et al. EUROCRYPT’04]
- 47. But, encryption isnot always enough. Access patternscan leak sensitive information. Challenge: How to hide access patterns
- 48. The client isable to read a document mifrom the remote database without revealing his/her choice ito the server. The same as PIR; in addition, it is required that the client can onlylearn miafter protocol execution. The client is able to read and write the remote database without revealing his/her access pattern to the server. Access Pattern Problems
- 49. Từ khoá đượccác chị em tìm kiếm nhiều nhất năm 2013 là từ đại gia. Vloger Toàn Shinoda
- 50. Từ khoá đượccác chị em tìm kiếm nhiều nhất năm 2013 là từ đại gia. Vloger Toàn Shinoda
- 51. Computation Outsourcing vsSecurity
- 52.
- 53. Computation Outsourcing DATA f(DATA) How to protect data How to protect result (f(DATA)) How to make sure the result is correct
- 54. Computation OutsourcingSolutions GentryC., Fully Homomorphic Encryption Using Ideal Lattices, STOC 2009LauterK., NaehrigM., VaikuntanathanV., Can Homomorphic Encryption be Practical? IACR Cryptology ePrint Archive 2011/405, 2011 BrakerskiZ., VaikuntanathanV., Efficient Fully Homomorphic Encryption from (Standard) LWE. In Proc. of FOCS, 2011, pp. 97-106 BrakerskiZ., GentryC., VaikuntanathanV., (Leveled) fully homomorphic encryption without bootstrapping. In Proc. of ITCS, 2012, pp. 309-325 BrakerskiZ., Fully Homomorphic Encryption without Modulus Switching from Classical GapSVP. IACR Cryptology ePrint Archive 2012/78, 2012 Seny Kamara and Lei Wei, Garbled Circuits via Structured Encryption, in Workshop on Applied Homomorphic Encryption (WAHC '13), April 2013 Seny Kamara and Mariana Raykova, Parallel Homomorphic Encryption, in Workshop on Applied Homomorphic Encryption (WAHC '13), April 2013
- 55. Computation OutsourcingSolutions Privacypreserving Datamining/Machine learning Verykios V. S. et.al, State-of-the-art in privacy preserving data mining, ACM SIGMOD Record Volume 33 Issue 1, March 2004 Pages 50 –57. Wang C. et.al, "Secure and Practical Outsourcing of Linear Programming in Cloud Computing,” in Proc. of IEEE INFOCOM, 2011. Wang C. et.al, OIRS: Outsourced Image Recovery Service from Compressive Sensing with Privacy Assurance, in NDSS Short Talk, 2013.
- 56. “Trusting trust” Whomdoyoutrust? Probability No Sometimes Yes