security and privacy for cloud computing
play

Security and Privacy for Cloud Computing Refik Molva Cloud - PowerPoint PPT Presentation

Jun 06, 2023 •165 likes •529 views

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing Storage Computation High availability No maintenance Decreased Costs Elasticity & Flexibility Security and Privacy for Cloud

  1. Security and Privacy for Cloud Computing Refik Molva

  2. Cloud Computing � Outsourcing � Storage � Computation � High availability � No maintenance � Decreased Costs � Elasticity & Flexibility Security and Privacy for Cloud Computing - R. Molva Slide 2

  3. Security & Privacy Challenges Outsourcing - Potentially untrusted Service Provider - Data storage and computations ⇒ New requirements (PoR, verifiability, . . .) ⇒ Crypto schemes dealing with untrusted partners � PIR � Secure multi-party computation � Computing with encrypted functions � Verifiability: proof of data possession, proof of execution Security and Privacy for Cloud Computing - R. Molva Slide 3

  4. Security & Privacy Challenges Large scale - Data - Computations ⇒ Severely asymmetric scenarios � Customer (verifier) << Service Provider (prover) � “Quantum leap”: classical schemes don’t work, need for new approaches � Example: integrity – customer cannot even keep a hash value per data split ⇒ Joint Crypto & Cloud schemes Security and Privacy for Cloud Computing - R. Molva Slide 4

  5. Security & Privacy Solutions � Privacy � Privacy preserving word search � Multi-user searchable encryption � Integrity � Proof of Retrievability � Message-locked PoR � Verifiability � Verifiable computation � Proof composition Security and Privacy for Cloud Computing - R. Molva Slide 5

  6. Privacy preserving word search Outsourced Backup Service Find Blocks including W � several years’ corporate data � regularly stored in the Cloud � Privacy � Encryption by the customer � Query: only a small portion needs to be restored � How to find it without downloading the entire DB? Requirement for a new solution � to search words in an encrypted DB � with privacy Security and Privacy for Cloud Computing - R. Molva Slide 6

  7. Privacy preserving word search � Existing solutions not scalable � Encrypted keyword search algorithms � Private information retrieval (PIR) � PRISM: Privacy preserving search in MapReduce � Data and query privacy � Idea: PIR on intermediate data maps � Advantage: parallelism with MapReduce Security and Privacy for Cloud Computing - R. Molva Slide 7

  8. PRISM - Upload [PETS’12] File w 0 , w 1 , . . . . w n-1 WordEncrypt E(w 0 ) , E(w 1 ) , . . . . E(w n-1 ) User Upload Cloud E(w i ) , . . . E(w j ) E(w k ) , . . . E(w l ) E(w m ) , . . . E(w n ) E(w u ) , . . . E(w v ) Mapper hash(E(w i )) X,Y, b X Binary Map Y b Security and Privacy for Cloud Computing - R. Molva Slide 8

  9. PRISM – Word Search Query for word w hash(E(w)) X,Y, b PIR query for (X,Y) User Cloud Mapper Binary Map PIR(X,Y) x PIR(X,Y) x PIR(X,Y) x PIR(X,Y) x ∑ homomorphic Reducer User E(result) Security and Privacy for Cloud Computing - R. Molva Slide 9

  10. Multi-user Searchable Encryption (MUSE) Multiple Readers Multiple Writers Security and Privacy for Cloud Computing - R. Molva Slide 10 10

  11. SotA - Access pattern leakage [PETS’17] � Iterative Testing Each encrypted keyword is tested separately in all documents - Similarities between documents & position of the keyword revealed - Collusion (CSP, User) ⇒ Privacy Breach Security and Privacy for Cloud Computing - R. Molva Slide 11

  12. MUSE: Multi-User Searchable Encryption [ISC’15] No collusion between Proxy and CSP Security and Privacy for Cloud Computing - R. Molva Slide 12 12

  13. Cloud Security Research � Privacy � Privacy preserving word search � Multi-user searchable encryption � Integrity � Proof of Retrievability � Message-locked PoR � Verifiability � Verifiable computation � Proof composition Security and Privacy for Cloud Computing - R. Molva Slide 13

  14. Proof of Retrievability � Motivating scenario: outsourced storage Is my data still there? � Requirements � Integrity check by Client � No data stored at Client � No bulk data transfer � Proof of Retrievability (POR) Security and Privacy for Cloud Computing - R. Molva Slide 14

  15. Proof of Retrievability – Related Work � Related work [Deswarte et. al, Filho et. al, ...] � Deterministic � Verification of the entire data ⇒ costly � Probabilistic [Ateniese et. al, Shacham et.al, Juels et al, ...] � Tags for each block + random verification ⇒ cost of homomorphic ops � randomly located sentinels => limited # of verifications � StealthGuard [ESORICS’14] � privacy preserving search of watchdogs � Unbounded # of queries Security and Privacy for Cloud Computing - R. Molva Slide 15

  16. Proof of Retrievability - StealthGuard E n c r w w y p w t Security and Privacy for Cloud Computing - R. Molva Slide 16

  17. Proof of Retrievability – StealthGuard Word Search Query (PRISM) w 1 w 2 w 3 w 4 w n Yes/No Yes/No Yes/No Yes/No Yes/No Missing word Missing data split Security and Privacy for Cloud Computing - R. Molva Slide 17

  18. How many watchdogs to check? or how to detect lack of Setup by Client retrievability? Adversary Model: Error-correction Bernoulli processes � _ ��� ⇒ Error-correction � � � ���, � ��� , �� Retrievability: � ��� � � � Permutation File not retrievable: � ��� � � � � � ���, � � � Detection: Encryption Watchdog insertion W W W W Security and Privacy for Cloud Computing - R. Molva Slide 18

  19. The Integration Problem Cloud Operations Data reduction Availability Computation efficiency Multi-tenancy Low performance or Severe conflict Security & Privacy Data confidentiality Data Integrity Privacy preserving processing Verifiability Security and Privacy for Cloud Computing - R. Molva Slide 19

  20. Conflict between PoR & deduplication � PoR → User specific encoding � Deduplication → Keep a unique copy in storage PoR PoR No Deduplication Security and Privacy for Cloud Computing - R. Molva Slide 20

  21. Message-locked PoR - Idea � PoR setup (Tags and Watchdogs) � PoR can be represented by � �, � � Derive � from file content Convergent Encryption ( K= H(F) ) suffers from dictionary attacks ⇒ Secure Message-Locked Key Generation Security and Privacy for Cloud Computing - R. Molva Slide 21

  22. Message-locked PoR [CCSW’16] � Secure Message-Locked Key Generation � � � ' � � � '( ) � �' Key Server * KS � � ← % & � '( ∗ �, � ← " # � '() � ' Data F Key Server � � ') Owner KS + � Message-locked PoR = PoR using ,- � �, � � StealthGuard – watchdogs � Private Compact PoR - tags [Shacham et al 2008] Security and Privacy for Cloud Computing - R. Molva Slide 22

  23. Cloud Security Research � Privacy � Privacy preserving word search � De-duplication on encrypted data � Integrity � Proof of Retrievability � Verifiability � Verifiable computation � Proof composition Security and Privacy for Cloud Computing - R. Molva Slide 23

  24. Verifiable Computation Setup Problem Generation Computation Verification � ., � . � ? � Compute � . 1 � � . , 0 Compute Proof 0 Verify ., 1, 0 R1: Cost(Verify) ≪ Cost(Compute) R2: Public delegatability [Parno et al. 2012] Anyone can submit a computation request R3: Public verifiability [Parno et al. 2012] Anyone can verify a computation result Security and Privacy for Cloud Computing - R. Molva Slide 24

  25. Verifiability for 3 Operations � ., � . � ? � , 1 � � . , 0 Compute � . and 0 Verify ., 1, 0 High-Degree Large Matrix Conjunctive Polynomial Evaluation Multiplication Keyword Search � � 3 � 4 5 6 3 6 ∈ 8 9 :3; �B� � >. . with @ � > 6A ∈ 8 9 Search(.) 6<= . � . C , . D , … , . � ⟙ ∈ 8 9 � . . ∈ 8 9 Keywords G � HI C , I D , … , I � J 1 � 1 C , 1 D , … , 1 � ⟙ � >. ∈ 8 9 � 1 � � . ∈ 8 9 1 ID of files � 6 such that G ⊂ � 6 Security and Privacy for Cloud Computing - R. Molva Slide 25

  26. [AsiaCCS 2016] Verifiable Polynomial Evaluation – Idea Euclidean Division of Polynomials � � LM N O ��, L� �M, O� ., � . � ? ��, L� 1, 0 Compute 1 � � . 0 � L�.� Verify 1 � 0 M . N O . ? M, O small degree Security and Privacy for Cloud Computing - R. Molva Slide 26

  27. [AsiaCCS 2016] Verifiable Matrix Multiplication – Idea Auxiliary Matrices P � Q> N O O pseudo-random �>, P� ., >. � ? O �>, P� 1, 0 Compute 1 � >. Verify 0 � P. 0 � Q1 N O. ? Projection R ∙ 0 � R ∙ Q1 N R ∙ O. Security and Privacy for Cloud Computing - R. Molva Slide 27

  28. Cloud Security Research � Privacy � Privacy preserving word search � De-duplication on encrypted data � Integrity � Proof of Retrievability � Verifiability � Verifiable computation � Proof composition Security and Privacy for Cloud Computing - R. Molva Slide 28

  29. Proof Composition Problem Verifiability of general program P(x) purpose programs 5 ≔ � . ] ≔ M 5 - Efficient methods for handling ⁞ sequence of operations Pinocchio [Parno et al] ^ ≔ _ 1 - Efficient schemes for a single very complex operation Example: - No technique achieving both program NN2(x) 5 ≔ > C . . x purposes ] ≔ bcde 5 c ≔ M 2 . b Security and Privacy for Cloud Computing - R. Molva Slide 29

Recommend

CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns

CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns

CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns Hopkins University What is Cloud Computing ? Lets hear from the experts 2 What is Cloud Computing ? The infinite wisdom of the crowds (via

709 views • 38 slides
Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted

Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted

CS573 Data Privacy and Security Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted data Homomorphic encryption What is Cloud Computing ? Cloud computing Type of computing that relies on sharing

1.29k views • 62 slides
Security &amp; Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik,

Security &amp; Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik,

Security &amp; Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik, Preeti Aggarwal and Shilpa Bahl Ansal University, Gurgaon- 122011, India 1 mmchaturvedi@ansaluniversity.edu.in Indian Context The potential uptake

1.27k views • 28 slides
1 1.2. Guidelines for Information Security of Cloud Computing Category Main contents of measure

1 1.2. Guidelines for Information Security of Cloud Computing Category Main contents of measure

Agenda Related Polices to Cloud Computing I. Guidelines for Information Security of Cloud II. Computing Cloud Security Certification Scheme in KOREA Cloud Security Certification Program in Korea III. April. 11, 2017 Jungduk (JD) KIM, Ph.

403 views • 5 slides
Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud Computing Services for Educational Institutions Presented by: Cristina Blanton Erin Fonte Associate Systemwide Compliance and Member, Privacy

310 views • 28 slides
Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security risks. Attacks in a cloud environment, top threats. Security, a major concern for cloud users. Privacy. Trust. Operating systems

661 views • 38 slides
PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian

PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian

PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH FOC2015 Vienna / 17.06.2015 Challenges for Future ICT Systems Cloud computing will be at the heart of future ICT

426 views • 17 slides
Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined) Administrative discussions Stephen McCamant University of Minnesota Multi-Cloud Oblivious Storage Old and new topics in security Cloud threats, old and new

645 views • 8 slides
Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia

Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia

Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia University of Applied Science Wolfenbttel, Germany IFIP Summerschool: Privacy and Identity Management for Life, Helsingborg, August 2nd, 2010 Cloud

775 views • 43 slides
Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud

Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud

Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud Computing model. Presented By: Marissa Hollingsworth Overview What is Cloud Computing? Unique Security Concerns in the Cloud

556 views • 34 slides
Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Motivation Two-Cloud Setting PP k NN Classification Conclusion and Future Research Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security Yousef M. Elmehdwi Department of Mathematics and Computer

919 views • 19 slides
Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc

Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc

Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc Langheinrich Institute for Pervasive Computing Institute for Pervasive Computing ETH Zurich, Switzerland Approaches to Security &amp; Privacy in

749 views • 39 slides
Security and Privacy at Scale Geetanjali Sampemane geta@google.com Cloud All your stuff is

Security and Privacy at Scale Geetanjali Sampemane geta@google.com Cloud All your stuff is

Security and Privacy at Scale Geetanjali Sampemane geta@google.com Cloud All your stuff is online All your stuff The cloud, aka &quot;online&quot; You Cloud v0? Shared multi-user computing: Multics, Unix, VMS, ... Online user

463 views • 22 slides
CS525: Who s Your Best Friend? Targeted Privacy Attacks In Location sharing Social Networks

CS525: Who s Your Best Friend? Targeted Privacy Attacks In Location sharing Social Networks

CS525: Who s Your Best Friend? Targeted Privacy Attacks In Location sharing Social Networks Wei Wang ECE Dept. Worcester Polytechnic Institute (WPI) Security and Privacy Problems in the mobile and cloud computing Security and Privacy

608 views • 19 slides
Privacy-supporting cloud-based conference systems: protocol and verification Myrto Arapinis,

Privacy-supporting cloud-based conference systems: protocol and verification Myrto Arapinis,

Privacy-supporting cloud-based conference systems: protocol and verification Myrto Arapinis, Sergiu Bursuc, Mark Ryan School of Computer Science, University of Birmingham Security of cloud computing Does user have to trust the service provider?

589 views • 16 slides
beyond the technology privacy, trust and security in the cloud disclaimers about me age of the

beyond the technology privacy, trust and security in the cloud disclaimers about me age of the

beyond the technology privacy, trust and security in the cloud disclaimers about me age of the cloud BLOOMBERG FORBES BAIN AND COMPANY the other side of the coin beyond the technology ZDNET FORTUNE beyond the technology WIRED MASHABLE

904 views • 45 slides
Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology

Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology

Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology Transactions Practice Groups November 14, 2017 Linda Rhodes Joe Pennell Brad Peterson Partner Partner Partner 202-263-3382 312-701-8354

313 views • 29 slides
PRISMACLOUD Cloud Security and Privacy by Design Horizon 2020 programme; duration 2/2015-7/2018

PRISMACLOUD Cloud Security and Privacy by Design Horizon 2020 programme; duration 2/2015-7/2018

PRISMACLOUD Cloud Security and Privacy by Design Horizon 2020 programme; duration 2/2015-7/2018 6th International Conference on eDemocracy Citizen rights in the world of the new computing paradigms Thomas L anger thomas.laenger@unil.ch

786 views • 17 slides
Privacy Issues in Cloud computing Zeeshan Ali Shah System administrator PhD researcher KTH PDC

Privacy Issues in Cloud computing Zeeshan Ali Shah System administrator PhD researcher KTH PDC

Privacy Issues in Cloud computing Zeeshan Ali Shah System administrator PhD researcher KTH PDC Center for High Performance Computing W-Sunday, October 28, 12 Agenda Zeeshan Ali Shah Introduc5on to Cloud compu5ng

355 views • 18 slides
Cloud Computing &amp; Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing &amp; Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing &amp; Cloud Models Cloud Models Topics Defining cloud computing Understanding: Distributed Application Design Resource Management Automation Virtualized Computing Environments High-performance Computing

1.02k views • 49 slides
Cloud Computing SENY KAMARA MICROSOFT RESEARCH Computing as a Service 2 Computing is a

Cloud Computing SENY KAMARA MICROSOFT RESEARCH Computing as a Service 2 Computing is a

Cloud Security &amp; Cryptography I Cloud Computing SENY KAMARA MICROSOFT RESEARCH Computing as a Service 2 Computing is a vital resource Enterprises, governments, scientists, consumers, Computing is manageable at small

955 views • 51 slides
Old Man Yells at Cloud Computing Presented by: Terry Labach Information Security Services, IST

Old Man Yells at Cloud Computing Presented by: Terry Labach Information Security Services, IST

Old Man Yells at Cloud Computing Presented by: Terry Labach Information Security Services, IST December 4, 2019 Old Man Yells at Cloud Computing Old Man Yells at Cloud Computing PAGE 2 The plan for today Whats all this cloud

920 views • 39 slides
Cloud Computing - the basics Rachel Dixon Privacy and Data Protection Deputy Commissioner Office

Cloud Computing - the basics Rachel Dixon Privacy and Data Protection Deputy Commissioner Office

Cloud Computing - the basics Rachel Dixon Privacy and Data Protection Deputy Commissioner Office of the Victorian Information Commission Victorian Privacy Network Meeting State Library of Victoria 9 October 2019 Freedom of Information | Privacy

398 views • 26 slides
Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste

Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste

Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste Orange Labs SEC2 ComPAS15 Workshop on Cloud Security Lille, June 30, 2015 Cloud Security Today Security = key concern in cloud adoption for the

2.73k views • 33 slides

More recommend