cs573 data privacy and security in the cloud in the cloud
play

CS573 Data privacy and security in the cloud in the cloud Slide - PowerPoint PPT Presentation

Nov 09, 2023 •310 likes •709 views

CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns Hopkins University What is Cloud Computing ? Lets hear from the experts 2 What is Cloud Computing ? The infinite wisdom of the crowds (via

  1. CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns Hopkins University

  2. What is Cloud Computing ? Let’s hear from the “experts” 2

  3. What is Cloud Computing ? The infinite wisdom of the crowds (via Google Suggest ) 3

  4. What is Cloud Computing ? We’ve redefined Cloud Computing to include everything that we already do. . . . I don’t understand what we would do differently in the light of Cloud Computing other than light of Cloud Computing other than change the wording of some of our ads. Larry Ellison , founder of Oracle 4

  5. What is Cloud Computing ? It’s stupidity . It’s worse than stupidity : it’s a marketing hype campaign Richard Stallman GNU 5

  6. What is Cloud Computing ? Cloud Computing will become a focal point of our work in security. I’m optimistic … optimistic … Ron Rivest The R of RSA 6

  7. So, What really is Cloud Computing ? Cloud computing is a new computing paradigm, involving data and/or computation outsourcing, with � Infinite and elastic resource scalability Infinite and elastic resource scalability � On demand “just-in-time” provisioning � No upfront cost … pay-as-you-go That is, use as much or as less you need, use only when you want, and pay only what you use, 7

  8. The real story “Computing Utility” – holy grail of computer science in the 1960s. Code name: MULTICS Why it failed? � Ahead of time … lack of communication tech. (In other words, there was NO (public) Internet) � And personal computer became cheaper and stronger 8

  9. The real story Mid to late ’90s, Grid computing was proposed to link and share link and share computing resources 9

  10. The real story … continued Post-dot-com bust, big companies ended up with large data centers, with low utilization Solution: Throw in virtualization technology, and sell the excess computing power And thus, Cloud Computing was born … 10

  11. Cloud computing means selling “X as a service” IaaS: Infrastructure as a Service � Selling virtualized hardware PaaS : Platform as a service PaaS : Platform as a service � Access to a configurable platform/API SaaS : Software as a service � Software that runs on top of a cloud 11

  12. Cloud computing architecture e.g., Web browser SaaS , e.g., Google Docs PaaS , e.g., Google AppEngine PaaS , e.g., Google AppEngine IaaS , e.g., Amazon EC2 12

  13. So, if cloud computing is so great, why aren’t everyone doing it? Clouds are still subject to traditional data confidentiality, integrity, availability, and privacy issues, plus some additional attacks additional attacks 13

  14. Companies are still afraid to use clouds [ Chow09ccsw ] 14

  15. Anatomy of fear … Confidentiality � Will the sensitive data stored on a cloud remain confidential? Will cloud compromises leak confidential client data (i.e., fear of loss of control confidential client data (i.e., fear of loss of control over data) � Will the cloud provider itself be honest and won’t peek into the data? 15

  16. Anatomy of fear … Integrity � How do I know that the cloud provider is doing the computations correctly? � How do I ensure that the cloud provider really � How do I ensure that the cloud provider really stored my data without tampering with it? 16

  17. Anatomy of fear … Availability � Will critical systems go down at the client, if the provider is attacked in a Denial of Service attack? � What happens if cloud provider goes out of � What happens if cloud provider goes out of business? 17

  18. Anatomy of fear … Privacy issues raised via massive data mining � Cloud now stores data from a lot of clients, and can run data mining algorithms to get large amounts of information on clients amounts of information on clients 18

  19. Anatomy of fear … Increased attack surface � Entity outside the organization now stores and computes data, and so � Attackers can now target the communication link � Attackers can now target the communication link between cloud provider and client � Cloud provider employees can be phished 19

  20. Anatomy of fear … Legal quagmire and transitive trust issues � Who is responsible for complying with regulations (e.g., SOX, HIPAA, GLBA)? � If cloud provider subcontracts to third party � If cloud provider subcontracts to third party clouds, will the data still be secure? 1/31/2011 en.600.412 Spring 2011 20

  21. What we need is to … � Adapt well known techniques for resolving some cloud security issues � Perform new research and innovate to make � Perform new research and innovate to make clouds secure 1/31/2011 en.600.412 Spring 2011 21

  22. Traditional systems security vs Cloud Computing Security Securing a cloud Securing a traditional system 22

  23. Traditional systems security vs Cloud Computing Security Analogy Securing a motel Securing a house Owner and user are Owner and users are almost often the same entity invariably distinct entities 23

  24. Traditional systems security vs Cloud Computing Security Securing a motel Securing a house Biggest user concerns Biggest user concern Securing perimeter Securing room against Checking for intruders (the bad guy in next Securing assets room | hotel owner) 24

  25. Data Privacy and Security in Cloud: Overview � Novel attacks � Trustworthy cloud architectures � Data integrity and availability � Computation integrity � Computation integrity � Data and computation privacy � Data forensics � Misbehavior detection � Malicious use of clouds 25

  26. Co-tenancy in clouds creates new attack vectors A cloud is shared by multiple users Malicious users can now legally be in the same infrastructure Misusing co-tenancy, attackers can launch side channel attacks on victims Research question: How to prevent attackers from exploiting co-tenancy in attacking the infrastructure and/or other clients? Example : the Topology attack on Amazon EC2 (“Hey You! Get off of my Cloud …” CCS 2009) 26

  27. Today’s cloud architectures act like big black boxes Clients have no idea of or control over what is happening inside the cloud Clients are forced to trust cloud providers completely Research Question: How do we design cloud computing architectures that are semi-transparent and provide clients with control over security? Existing Approaches : TCCP (uses TPM), CloudProof 27

  28. Today’s clouds provide no guarantee about outsourced data Amazon’s Terms of services 28

  29. Today’s clouds provide no guarantee about outsourced data Problem: Dishonest cloud providers can throw data away or lose data. Malicious intruders can delete or tamper with data. Clients need reassurance that the outsourced data is available, has not been tampered with, and remains confidential. has not been tampered with, and remains confidential. Research Question : How can clients get assurance/proofs that the cloud provider is actually storing data, is not tampering with data, and can make the data available on-demand? Example Approaches: Provable Data Possession (PDP), Proof of Retrievability (PoR), HAIL 29

  30. Ensuring confidentiality of data in outsourced computation is difficult Most type of computations require decrypting data before any computations If the cloud provider is not trusted, this may result in breach of confidentiality breach of confidentiality Research Question : How can we ensure confidentiality of data and computations in a cloud? Existing Approaches : Homomorphic encryption, TCCP 30

  31. Clients have no way of verifying computations outsourced to a Cloud Scenario User sends her data processing job to the cloud. Clouds provide dataflow operation as a service (e.g., MapReduce, Hadoop etc.) Problem : Users have no way of evaluating the correctness of results Research question : How can we verify the accuracy of outsourced computation? Existing Approaches : Runtime Attestation, Majority voting, Redundant operations 31

  32. Clouds can be used for malicious purposes Adversaries can rent clouds temporarily to create a large scale botnet very quickly Clouds can be used for spamming, Clouds can be used for spamming, Denial of service, brute force password breaking, and other attacks Example: WPACracker.com – a password cracking service that claims to test 300,000,000 words in 20 minutes for $17, using a cloud Research question: How can we rapidly detect misbehavior of clients in a cloud? 32

  33. Final quote [Cloud Computing] is a security nightmare and it can't be handled in traditional ways. traditional ways. John Chambers CISCO CEO 33

  34. Secure Data Outsourcing 34

  35. Homomorphic encryption � The ability to perform computations on the ciphertext without decrypting it first � A specific algebraic operation performed on the plaintext is equivalent to another (possibly the plaintext is equivalent to another (possibly different) algebraic operation performed on the ciphertext 35

  36. A Simple Example � Rot-13 is homomorphic with respect to concatenation 36

  37. Homomorphic encryption schemes � Multiplicative homomorphic – e.g. RSA � Additive homomorphic, e.g. Paillier � Fully homomorphic encryption (FHE) (Gentry, 2010) 37

  38. Alternative techniques � Search encrypted data � Fragmentation � Aggregation � … � … 38

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Motivation Two-Cloud Setting PP k NN Classification Conclusion and Future Research Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security Yousef M. Elmehdwi Department of Mathematics and Computer

919 views • 19 slides
Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security risks. Attacks in a cloud environment, top threats. Security, a major concern for cloud users. Privacy. Trust. Operating systems

661 views • 38 slides
Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing Storage Computation High availability No maintenance Decreased Costs Elasticity & Flexibility Security and Privacy for Cloud

529 views • 36 slides
Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted

Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted

CS573 Data Privacy and Security Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted data Homomorphic encryption What is Cloud Computing ? Cloud computing Type of computing that relies on sharing

1.29k views • 62 slides
CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security in Healthcare Li Xiong Healthcare security and privacy HIPAA overview Research survey on information security and privacy in healthcare

1.05k views • 57 slides
Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology

Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology

Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology Transactions Practice Groups November 14, 2017 Linda Rhodes Joe Pennell Brad Peterson Partner Partner Partner 202-263-3382 312-701-8354

313 views • 29 slides
Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud Computing Services for Educational Institutions Presented by: Cristina Blanton Erin Fonte Associate Systemwide Compliance and Member, Privacy

310 views • 28 slides
Data Security and Privacy in the Cloud Sara Foresti Dipartimento di Informatica Universit

Data Security and Privacy in the Cloud Sara Foresti Dipartimento di Informatica Universit

Data Security and Privacy in the Cloud Sara Foresti Dipartimento di Informatica Universit degli Studi di Milano sara.foresti@unimi.it Secure Cloud Services and Storage Workshop 2017 September 10, 2017 Oslo, Norway SPDP Lab c 1/32

761 views • 48 slides
CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local Differential Privacy in Practice (Module 1) Graham Cormode, Somesh Jha, Tejas Kulkarni, Ninghui Li, Divesh Srivastava, and Tianhao Wang Differential

819 views • 38 slides
Li Xiong CS573 Data Privacy and Security

Li Xiong CS573 Data Privacy and Security

Li Xiong CS573 Data Privacy and Security Security Engineering by Ross Anderson, 2001 Its function is to control which

422 views • 40 slides
Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned

Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned

Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned Did you know... 77 percent of all Americans feel their personal health information privacy is very important, and 84 percent said they

769 views • 50 slides
CS573 Data Privacy and Security Location Privacy Location Privacy Yonghui (Yohu) Xiao htt //

CS573 Data Privacy and Security Location Privacy Location Privacy Yonghui (Yohu) Xiao htt //

CS573 Data Privacy and Security Location Privacy Location Privacy Yonghui (Yohu) Xiao htt // http://yxiao.info i i f Outline Outline What is Location Privacy Basic Techniques Private Information Retrieval Probabilistic

415 views • 24 slides
#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy across hybrid IT Farshad Ghazi - Moderator Mat Spitz Lacy Gruen #MicroFocusCyberSummit Reiner Kappenberger Cloud-based Data Privacy and Protection:

453 views • 10 slides
Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference

Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference

Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference control Anonymization problem Anonymization notions and approaches (and how they fail to work!) k-anonymity l-diversity t-closeness

741 views • 51 slides
beyond the technology privacy, trust and security in the cloud disclaimers about me age of the

beyond the technology privacy, trust and security in the cloud disclaimers about me age of the

beyond the technology privacy, trust and security in the cloud disclaimers about me age of the cloud BLOOMBERG FORBES BAIN AND COMPANY the other side of the coin beyond the technology ZDNET FORTUNE beyond the technology WIRED MASHABLE

904 views • 45 slides
CS573 Data Privacy and Security Li Xiong Department of Mathematics and Computer Science Emory

CS573 Data Privacy and Security Li Xiong Department of Mathematics and Computer Science Emory

CS573 Data Privacy and Security Li Xiong Department of Mathematics and Computer Science Emory University Today Meet everyone in class Course overview Why data privacy and security What is data privacy and security What we

810 views • 70 slides
MOBILE COMPUTING CSE 40814/60814 Fall 2015 Course Overview Instructor: Christian Poellabauer

MOBILE COMPUTING CSE 40814/60814 Fall 2015 Course Overview Instructor: Christian Poellabauer

8/24/15 MOBILE COMPUTING CSE 40814/60814 Fall 2015 Course Overview Instructor: Christian Poellabauer 323B Cushing Hall cpoellab@cse.nd.edu 574-631-9131 Office hours: Tue 10-11, Wed 11-12 and by appointment TA: Justin

522 views • 17 slides
Constraint Programming Connections with HPC Jean-Guillaume FAGES, PhD COSLING CEO Outline 1

Constraint Programming Connections with HPC Jean-Guillaume FAGES, PhD COSLING CEO Outline 1

Constraint Programming Connections with HPC Jean-Guillaume FAGES, PhD COSLING CEO Outline 1 What is Constraint-Programming? 2 How does it work? 3 How does HPC contributes to Constraint-Programming? CP Introduction - COSLING - Teratec17 2 /

663 views • 39 slides
IPv6 Potential Routing Table Size IPv6 Potential Routing Table Size IPv6 Potential Routing Table

IPv6 Potential Routing Table Size IPv6 Potential Routing Table Size IPv6 Potential Routing Table

IPv6 Potential Routing Table Size IPv6 Potential Routing Table Size IPv6 Potential Routing Table Size Jason Schiller Jason Schiller schiller@uu.net schiller@uu.net Sven Maduschke Sven Maduschke sven.maduschke@verizonbusiness.com

763 views • 22 slides
Today s class How to configure your browser to protect

Today s class How to configure your browser to protect

05. Protection from Web Tracking Nataliia Bielova @nataliabielova September 17 th -21 st , 2018 Web Privacy course University of Trento Today s class How to configure

374 views • 33 slides
Learning 3D object models from 2D images Cropped Input Image Predicted Mesh Generated Ground

Learning 3D object models from 2D images Cropped Input Image Predicted Mesh Generated Ground

Learning 3D object models from 2D images Cropped Input Image Predicted Mesh Generated Ground Truth Predicted Landmarks Mesh Loss Latent Spatial Mesh Convolutional ResNet-50 Vector Decoder Iterative Model Fitting Learning from Imperfect

964 views • 69 slides
Ana6: an IPv6 ad hoc addressing architecture Guillaume Chelius <guillaume.chelius@

Ana6: an IPv6 ad hoc addressing architecture Guillaume Chelius <guillaume.chelius@

Ana6: an IPv6 ad hoc addressing architecture Guillaume Chelius <guillaume.chelius@ insa-lyon.fr> Eric Fleury <Eric.Fleury@ inria.fr> My ad hoc Holy Grail Wireless link (if. A) Wire link Internet Wireless link (if. B) Access

469 views • 18 slides
Internet Lab (iLab1) Introduction to Cryptography Lars Wstrich ilab1@net.in.tum.de Chair of

Internet Lab (iLab1) Introduction to Cryptography Lars Wstrich ilab1@net.in.tum.de Chair of

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Internet Lab (iLab1) Introduction to Cryptography Lars Wstrich ilab1@net.in.tum.de Chair of Network Architectures and Services Department

694 views • 57 slides
Introduc)on to Cloud Compu)ng Dr. Zhenlin Wang Michigan Tech Very Short Bio BS, MS, Peking

Introduc)on to Cloud Compu)ng Dr. Zhenlin Wang Michigan Tech Very Short Bio BS, MS, Peking

Introduc)on to Cloud Compu)ng Dr. Zhenlin Wang Michigan Tech Very Short Bio BS, MS, Peking University How did I get there? Why CS? PhD, University of MassachuseAs, Amherst Professor at Tech 2 Hobbies? Teaching and

430 views • 29 slides

More recommend