Results 1 - 10
of
23
H.: Knox: Privacy-Preserving Auditing for Shared Data with Large Groups in the Cloud
, 2012
"... Abstract. With cloud computing and storage services, data is not only stored in the cloud, but routinely shared among a large number of users in a group. It remains elusive, however, to design an efficient mechanism to audit the integrity of such shared data, while still preserving identity privacy. ..."
Abstract
-
Cited by 33 (5 self)
- Add to MetaCart
(Show Context)
Abstract. With cloud computing and storage services, data is not only stored in the cloud, but routinely shared among a large number of users in a group. It remains elusive, however, to design an efficient mechanism to audit the integrity of such shared data, while still preserving identity privacy. In this paper, we propose Knox, a privacy-preserving auditing mechanism for data stored in the cloud and shared among a large number of users in a group. In particular, we utilize group signatures to construct homomorphic authenticators, so that a third party auditor (TPA) is able to verify the integrity of shared data for users without retrieving the entire data. Meanwhile, the identity of the signer on each block in shared data is kept private from the TPA. With Knox, the amount of information used for verification, as well as the time it takes to audit with it, are not affected by the number of users in the group. In addition, Knox exploits homomorphic MACs to reduce the space used to store such verification information. Our experimental results show that Knox is able to efficiently audit the correctness of data, shared among a large number of users.
An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing
"... Abstract—In cloud computing, data owners host their data on cloud servers and users (data consumers) can access the data from cloud servers. Due to the data outsourcing, however, this new paradigm of data hosting service also introduces new security challenges, which requires an independent auditing ..."
Abstract
-
Cited by 13 (0 self)
- Add to MetaCart
(Show Context)
Abstract—In cloud computing, data owners host their data on cloud servers and users (data consumers) can access the data from cloud servers. Due to the data outsourcing, however, this new paradigm of data hosting service also introduces new security challenges, which requires an independent auditing service to check the data integrity in the cloud. Some existing remote integrity checking methods can only serve for static archive data and thus cannot be applied to the auditing service since the data in the cloud can be dynamically updated. Thus, an efficient and secure dynamic auditing protocol is desired to convince data owners that the data are correctly stored in the cloud. In this paper, we first design an auditing framework for cloud storage systems and propose an efficient and privacy-preserving auditing protocol. Then, we extend our auditing protocol to support the data dynamic operations, which is efficient and provably secure in the random oracle model. We further extend our auditing protocol to support batch auditing for both multiple owners and multiple clouds, without using any trusted organizer. The analysis and simulation results show that our proposed auditing protocols are secure and efficient, especially it reduce the computation cost of the auditor.
Auditing the Structural Reliability of the Clouds
, 2013
"... Large scale systems, common in cloud computing, rely on redundancy for reliability and availability. Modern clouds have become ever-increasingly complex and diverse creating large messes that experi-ence long outages when failures occur. While there exist significant effort in resolving faults after ..."
Abstract
-
Cited by 3 (2 self)
- Add to MetaCart
Large scale systems, common in cloud computing, rely on redundancy for reliability and availability. Modern clouds have become ever-increasingly complex and diverse creating large messes that experi-ence long outages when failures occur. While there exist significant effort in resolving faults after they occur, we propose a novel approach to untangling this mess before it occurs by auditing the underlying structure of a cloud, which we call the cloud Structural Reliability Auditor (SRA). SRA achieves our goal by auditing a cloud with the following steps: 1) collecting comprehensive component and its de-pendency information, 2) using this data to construct a system-wide fault tree, 3) and leveraging fault tree analysis algorithms to determine and rank sets of components based on the likelihood of causing a cloud service outage. SRA enables a cloud administrator to be able to evaluate risks within the cloud beforehand and improve the reliability of her service deployments before the occurrences of critical fail-ure events. We have built a prototype implementation that performs all three tasks. Using this prototype, our experimental evaluation shows that SRA is practical: auditing a cloud containing 13,824 servers and 3,000 switches spends about 6 hours. 1
Structural cloud audits that protect private information
- In ACM Cloud Computing Security Workshop (CCSW
, 2013
"... As organizations and individuals have begun to rely more and more heavily on cloud-service providers for critical tasks, cloud-service reliability has become a top priority. It is natural for cloud-service providers to use redundancy to achieve reliability. For example, a provider may replicate crit ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
As organizations and individuals have begun to rely more and more heavily on cloud-service providers for critical tasks, cloud-service reliability has become a top priority. It is natural for cloud-service providers to use redundancy to achieve reliability. For example, a provider may replicate critical state in two data centers. If the two data centers use the same power supply, however, then a power out-age will cause them to fail simultaneously; replication per se does not, therefore, enable the cloud-service provider to make strong reliability guarantees to its users. Zhai et al. [28] present a sys-tem, which they refer to as a structural-reliability auditor (SRA), that uncovers common dependencies in seemingly disjoint cloud-infrastructural components (such as the power supply in the exam-ple above) and quantifies the risks that they pose. In this paper, we focus on the need for structural-reliability auditing to be done in a privacy-preserving manner. We present a privacy-preserving structural-reliability auditor (P-SRA), discuss its privacy proper-ties, and evaluate a prototype implementation built on the Share-mind SecreC platform [6]. P-SRA is an interesting application of secure multi-party computation (SMPC), which has not often been used for graph problems. It can achieve acceptable running times even on large cloud structures by using a novel data-partitioning technique that may be useful in other applications of SMPC.
Susilo W.: ”On the security of auditing mechanisms for secure cloud storage”; Future Generation Comp
- Syst
"... h i g h l i g h t s • Identify a new kind of attack on secure cloud auditing protocols. • Show two identity privacy-preserving auditing mechanisms called Oruta and Knox are insecure against this new attack. • Discuss the security of a distributed storage integrity auditing mechanism in our attack. ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
h i g h l i g h t s • Identify a new kind of attack on secure cloud auditing protocols. • Show two identity privacy-preserving auditing mechanisms called Oruta and Knox are insecure against this new attack. • Discuss the security of a distributed storage integrity auditing mechanism in our attack. a r t i c l e i n f o a b s t r a c t Cloud computing is a novel computing model that enables convenient and on-demand access to a shared pool of configurable computing resources. Auditing services are highly essential to make sure that the data is correctly hosted in the cloud. In this paper, we investigate the active adversary attacks in three auditing mechanisms for shared data in the cloud, including two identity privacy-preserving auditing mechanisms called Oruta and Knox, and a distributed storage integrity auditing mechanism. We show that these schemes become insecure when active adversaries are involved in the cloud storage. Specifically, an active adversary can arbitrarily alter the cloud data without being detected by the auditor in the verification phase. We also propose a solution to remedy the weakness without sacrificing any desirable features of these mechanisms.
Enabling Cloud Storage Auditing With Key-Exposure Resistance
- IEEE Transactions on Information Forensics and Security
, 2015
"... Abstract-Cloud storage auditing is viewed as an important service to verify the integrity of the data in public cloud. Current auditing protocols are all based on the assumption that the client's secret key for auditing is absolutely secure. However, such assumption may not always be held, due ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
Abstract-Cloud storage auditing is viewed as an important service to verify the integrity of the data in public cloud. Current auditing protocols are all based on the assumption that the client's secret key for auditing is absolutely secure. However, such assumption may not always be held, due to the possibly weak sense of security and/or low security settings at the client. If such a secret key for auditing is exposed, most of the current auditing protocols would inevitably become unable to work. In this paper, we focus on this new aspect of cloud storage auditing. We investigate how to reduce the damage of the client's key exposure in cloud storage auditing, and give the first practical solution for this new problem setting. We formalize the definition and the security model of auditing protocol with key-exposure resilience and propose such a protocol. In our design, we employ the binary tree structure and the pre-order traversal technique to update the secret keys for the client. We also develop a novel authenticator construction to support the forward security and the property of blockless verifiability. The security proof and the performance analysis show that our proposed protocol is secure and efficient.
Security and privacy issues of fog computing: A survey
- in International Conference on Wireless Algorithms, Systems and Applications (WASA
, 2015
"... Abstract. Fog computing is a promising computing paradigm that ex-tends cloud computing to the edge of networks. Similar to cloud comput-ing but with distinct characteristics, fog computing faces new security and privacy challenges besides those inherited from cloud computing. In this paper, we have ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Abstract. Fog computing is a promising computing paradigm that ex-tends cloud computing to the edge of networks. Similar to cloud comput-ing but with distinct characteristics, fog computing faces new security and privacy challenges besides those inherited from cloud computing. In this paper, we have surveyed these challenges and corresponding solu-tions in a brief manner.
Cloud Computing Data Breaches A socio-technical review of literature
"... Abstract — As more and more personal, enterprise and government data, services and infrastructure moves to the cloud for storage and processing, the potential for data breaches increases. Already major corporations that have outsourced some of their IT requirements to the cloud have become victims o ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract — As more and more personal, enterprise and government data, services and infrastructure moves to the cloud for storage and processing, the potential for data breaches increases. Already major corporations that have outsourced some of their IT requirements to the cloud have become victims of cyber attacks. Who is responsible and how to respond to these data breaches are just two pertinent questions facing cloud computing stakeholders who have entered an agreement on cloud services. This paper reviews literature in the domain of cloud computing data breaches using a socio-technical approach. Socio-technical theory encapsulates three major dimensions- the social, the technical, and the environmental. The outcomes of the search are presented in a thematic analysis. The 7 key themes identified from the literature included: security, data availability, privacy, trust, data flow, service level agreements, and regulation. The paper considers complex issues, pre-empting the need for a better way to deal with breaches that not only affect the enterprise and cloud computing provider, but more importantly, end-users who rely on online services and have had their credentials compromised. Keywords—cloud computing; socio-technical; security; privacy; regulation; literature review I.
Recent Developments in Cloud Based Systems: State of Art
, 2015
"... All in-text references underlined in blue are linked to publications on ResearchGate, letting you access and read them immediately. ..."
Abstract
- Add to MetaCart
(Show Context)
All in-text references underlined in blue are linked to publications on ResearchGate, letting you access and read them immediately.
1 Survey on Privacy-Preserving Methods for Storage in Cloud Computing
"... At present the mankind are progressively relying more on a number of online storage stores to back up our data or for using it in real time which gives an anywhere, anytime access. All these services bring with it, concerns of security and privacy weaknesses for all the services provided by them sin ..."
Abstract
- Add to MetaCart
(Show Context)
At present the mankind are progressively relying more on a number of online storage stores to back up our data or for using it in real time which gives an anywhere, anytime access. All these services bring with it, concerns of security and privacy weaknesses for all the services provided by them since the user‟s data are stored and maintained out of user‟s premises. This paper portrays the various issues associated to privacy while storing the user‟s data on third party service providers, which is more commonly termed as cloud service. Cloud computing refers to the fundamental infrastructure for an up-coming model of service provision that has the benefit of dropping cost by sharing computing and storage resources, united with an on-demand provisioning mechanism depending on a pay-per-use business model. Without appropriate security and privacy solutions designed for clouds this computing paradigm could become a huge failure. There is a lot of research being made to spot out the issues with these cloud service providers and cloud security in general. This paper is on regard of one of the key issue-privacy that occur in the context of cloud computing and analyze the various works being done to solve the issues in privacy and thus to ensure privacy to outsourced data on cloud storage.
