CS573 Data Privacy and Security Secure Outsourcing Computation Li Xiong
Outline • Cloud computing • Computing on encrypted data • Homomorphic encryption
What is Cloud Computing ? Cloud computing • Type of computing that relies on sharing computing resources rather than having local servers or personal devices to handle applications • New computing paradigm, involving data and/or computation outsourcing, with – Infinite and elastic resource scalability • Ability to quickly scale in/out service – On demand “just -in- time” provisioning – No upfront cost … pay-as-you-go • That is, use as much or as less you need, use only when you want, and pay only what you use, 3
Cloud Service Models • Cloud computing means selling “X as a service” • Cloud Software as a Service (SaaS) – Use provider’s applications over a network – User doesn’t manage or control the network, servers, OS, storage or applications • Cloud Platform as a Service (PaaS) – Users deploy their consumer-created applications using programming language tools supported by the provider on a cloud – Users control their apps – Users don’t manage underlying cloud infrastructure, network, servers, OS, storage 4
Cloud Service Models (Cont.) • Cloud Infrastructure as a Service (IaaS) – Rent processing, storage, network capacity, and other fundamental computing resources – Consumers gets access to the infrastructure to deploy their stuff – Don’t manage or control the infrastructure – Do manage or control the OS, storage, apps, selected network components 5
Cloud computing architecture e.g., Web browser SaaS , e.g., Google Docs PaaS , e.g., Google AppEngine IaaS , e.g., Amazon EC2 Elastic Computing Cloud: web service that provides resizable compute capacity in the cloud 6
Cloud Deployment Models • Private cloud – Operated solely for an organization (single org only) – managed by the org or a 3 rd party, – on or off premise • Community cloud – shared infrastructure for specific community that has shared concerns • (e.g., mission, security requirements, policy, and compliance considerations) – several orgs that have shared concerns, – managed by org or a 3 rd party 7
Cloud Deployment Models (Cont.) • Public cloud – available to the general public or a large industry group – Sold to the public, mega-scale infrastructure • Hybrid cloud – composition of two or more clouds – bound by standard or proprietary technology that enables data and application portability 8
So, if cloud computing is so great, why aren’t everyone doing it ? Clouds are still subject to traditional data confidentiality, integrity, availability, and privacy issues, plus some additional attacks 9
Companies are still afraid to use clouds [ Chow09ccsw ] 10
General Security Challenges • Trusting vendor’s security model • Customer inability to respond to audit findings • Obtaining support for investigations • Indirect administrator accountability • Proprietary implementations can’t be examined • Loss of physical control 11
Anatomy of fear … Confidentiality – Will the sensitive data stored on a cloud remain confidential? Will cloud compromises leak confidential client data (i.e., fear of loss of control over data) – Will the cloud provider itself be honest and won’t peek into the data? 12
Anatomy of fear … Integrity – How do I know that the cloud provider is doing the computations correctly? – How do I ensure that the cloud provider really stored my data without tampering with it? 13
Anatomy of fear … Availability – Will critical systems go down at the client, if the provider is attacked in a Denial of Service attack? – What happens if cloud provider goes out of business? 14
Anatomy of fear … Privacy issues raised via massive data mining – Cloud now stores data from a lot of clients, and can run data mining algorithms to get large amounts of information on clients 15
Anatomy of fear … Increased attack surface – Entity outside the organization now stores and computes data, and so – Attackers can now target the communication link between cloud provider and client – Cloud provider employees can be phished 16
Anatomy of fear … Legal quagmire and transitive trust issues – Who is responsible for complying with regulations (e.g., HIPAA)? – If cloud provider subcontracts to third party clouds, will the data still be secure?
What we need is to … • Adapt well known techniques for resolving some cloud security issues • Perform new research and innovate to make clouds secure
Traditional systems security vs Cloud Computing Security Securing a cloud Securing a traditional system 19
Traditional systems security vs Cloud Computing Security Analogy Securing a motel Securing a house Owner and user are Owner and users are almost often the same entity invariably distinct entities 20
Traditional systems security vs Cloud Computing Security Securing a motel Securing a house Biggest user concerns Biggest user concern Securing perimeter Securing room against Checking for intruders (the bad guy in next Securing assets room | hotel owner) 21
Data Privacy and Security in Cloud: Overview • Novel attacks • Trustworthy cloud architectures • Data integrity and availability • Computation integrity • Data and computation privacy • Data forensics • Misbehavior detection • Malicious use of clouds 22
Co-tenancy in clouds creates new attack vectors A cloud is shared by multiple users Malicious users can now legally be in the same infrastructure Misusing co-tenancy, attackers can launch side channel attacks on victims Research question: How to prevent attackers from exploiting co-tenancy in attacking the infrastructure and/or other clients? Example : the Topology attack on Amazon EC2 (“Hey You! Get off of my Cloud …” CCS 2009) 23
Today’s cloud architectures act like big black boxes Clients have no idea of or control over what is happening inside the cloud Clients are forced to trust cloud providers completely Research Question: How do we design cloud computing architectures that are semi-transparent and provide clients with control over security? Existing Approaches : TCCP (uses TPM), CloudProof 24
Today’s clouds provide no guarantee about outsourced data Amazon’s Terms of services 25
Today’s clouds provide no guarantee about outsourced data Problem: Dishonest cloud providers can throw data away or lose data. Malicious intruders can delete or tamper with data. Clients need reassurance that the outsourced data is available, has not been tampered with, and remains confidential. Research Question : How can clients get assurance/proofs that the cloud provider is actually storing data, is not tampering with data, and can make the data available on-demand? Example Approaches: Provable Data Possession (PDP), Proof of Retrievability (PoR), HAIL 26
Ensuring confidentiality of data in outsourced computation is difficult Most type of computations require decrypting data before any computations If the cloud provider is not trusted, this may result in breach of confidentiality Research Question : How can we ensure confidentiality of data and computations in a cloud? Existing Approaches : Homomorphic encryption, TCCP 27
Clients have no way of verifying computations outsourced to a Cloud Scenario User sends her data processing job to the cloud. Clouds provide dataflow operation as a service (e.g., MapReduce, Hadoop etc.) Problem : Users have no way of evaluating the correctness of results Research question : How can we verify the accuracy of outsourced computation? Existing Approaches : Runtime Attestation, Majority voting, Redundant operations 28
Clouds can be used for malicious purposes Adversaries can rent clouds temporarily to create a large scale botnet very quickly Clouds can be used for spamming, Denial of service, brute force password breaking, and other attacks Example: WPACracker.com – a password cracking service that claims to test 300,000,000 words in 20 minutes for $17, using a cloud Research question: How can we rapidly detect misbehavior of clients in a cloud? 29 Botnets compromise computers whose security defenses have been breached and control ceded to a third party.
[Cloud Computing] is a security nightmare and it can't be handled in traditional ways. John Chambers CISCO CEO 30
Data Outsourcing • Data owner outsources its data and processing functionalities to a cloud in order to reduced management cost and less overhead of data storage etc … • Security implication – Cloud cannot be fully trusted – How to outsource (delegate) the computation? – What about privacy of the outsourced computation?
Standard solution • Data owners encrypt their data before outsourced to a cloud • Perfectly solves any privacy issues • Key challenge: – Cannot perform any computation on the encrypted data
Naïve approach • Disadvantages : • The cloud cannot perform any algebraic operations • Utilize cloud as just a storage medium • User involves in heavy computations, impractical especially for mobile users and large databases • Key management
Yet… The world was black and white
Yet… The world was black and white The only thing anyone did with encrypted data was … … decrypt it.
Recommend
More recommend