Oblivious Computation in Public Cloud for Privacy-aware Access Control Policies and Data Search Ph.D. Dissertation Defense Zeeshan Pervez Department of Computer Engineering Kyung Hee University, Global Campus, Korea email: zeeshan@oslab.khu.ac.kr Advisor: Prof. Sungyoung Lee, Ph.D. October 08, 2012 Fall 2012
Introduction Thesis contributions Related work Conclusion and future directions Proposed methodologies Achievements Outline Introduction • Public cloud storage • Oblivious computation - background • Problem statement • Taxonomy Related work Proposed methodologies • Delegated private matching • Oblivious access control policy evaluation – O-ACE • Oblivious term matching – OTM Thesis contributions Conclusion and future directions Achievements PhD. Dissertation – Fall 2012 Oblivious computation in public cloud for privacy-aware access control policies and data search 2 /24
Introduction Thesis contributions Conclusion and future directions Related work Achievements Proposed methodologies Public cloud storage • An online storage facility which is owned , managed box.net and operated by a cloud service provider • Cloud storage services are becoming integral part of Dropbox our computing environment – Dropbox – Instragram Sky Drive Google Drive – GoogleDocs Bitcasa • Cloud based data sharing services are the most prevalent and adopted services – enabling data owner to share data with multiple authorized users Data Sharing Service • Enforcement of access control policies to ensure authorized data access Sharing Data Archiving Data Sync Collaborative • Data searching capabilities to access relevant data Service Service Service – avoid unnecessary bandwidth consumption: pay- as-you-use Synchronization Users Oblivious computation Data owner PhD. Dissertation – Fall 2012 Oblivious computation in public cloud for privacy-aware access control policies and data search 3 /24
Introduction Thesis contributions Conclusion and future directions Related work Achievements Proposed methodologies Oblivious computation – background • Private matching protocol: is an interactive value matching protocol between server and client over their private set of values Value matching request ~!@#$ @#$^* Oblivious matching Hyundai BMW Hyundai Common vehicles with server KIA Jaguar Ford Client Server both set of values are private ~!@#$ @#$^* Hyundai @#%^ &%^_ @#%^ &%^_ !@$#* #$+%^ @#%^ &%^_ !@$#* #$+%^ !@$#* #$+%^ Oblivious response Interactive protocol between two entities • Client learns nothing more than Server Client common values and server remains oblivious to client’s Non-Interactive protocol between multiple entities private set Subscriber n-1 • Nothing more than cardinality Cloud Service Subscriber 1 Provider of client’s private set is revealed Subscriber n PhD. Dissertation – Fall 2012 Oblivious computation in public cloud for privacy-aware access control policies and data search 4 /24
Introduction Thesis contributions Conclusion and future directions Related work Achievements Proposed methodologies Problem statement 1/2 • Public cloud is owned, managed and operated by an untrusted entity – cloud service provider • To ensure data confidentiality often encrypted data is outsourced to Data Sharing Service public cloud storage Encrypted Data Collaborative Data Archiving Data Sync Service Service Service • Conventional privacy enforcement and security frameworks – require some form of data computation to ensure authorized Encryption does not ensure fine-grained access data access control over outsourced data or – reliance on trusted party to govern Encrypted data cannot be processed – standard search queries do not work for encrypted data data access • Cloud service provider can exploit Utility of cloud public storage services is greatly data computation operations to affected – availability of data owner, reliance on trusted third party, deployment of private cloud compromise privacy of the outsourced data PhD. Dissertation – Fall 2012 Oblivious computation in public cloud for privacy-aware access control policies and data search 5 /24
Introduction Thesis contributions Conclusion and future directions Related work Achievements Proposed methodologies Problem statement 2/2 • Access control policies can reveal confidential information about the outsourced data and user’s personal information • Leveraging search on outsourced data can be exploited by public cloud service provider Access Control Policy User Type: Medical Doctor Role: Diabetes Mellitus Specialist Access Parameters Designation: Medical Doctor Index Public cloud storage Specialization: Diabetes Mellitus Type 1 diabetes • blood sugar • insulin • chronic conditions Encrypted Medical Report Potential loss of privacy Doctor Patient Patient is suffering with Outsourced data is diabetes mellitus about diabetes mellitus PhD. Dissertation – Fall 2012 Oblivious computation in public cloud for privacy-aware access control policies and data search 6 /24
Introduction Thesis contributions Conclusion and future directions Related work Achievements Proposed methodologies Taxonomy Cloud computing Cloud computing Public cloud Public cloud Private cloud Private cloud Hybrid cloud Hybrid cloud Community cloud Community cloud Infra structure Infra structure Platform structure Platform structure Software Software as a service - IaaS as a service - IaaS as a service - PaaS as a service - PaaS as a service - SaaS as a service - SaaS Cloud storage Cloud storage Data privacy Data privacy Data security Data security ---- ---- Access control Access control Key distribution Key distribution Oblivious computation Oblivious computation Data Encryption Data Encryption ---- ---- PhD. Dissertation – Fall 2012 Oblivious computation in public cloud for privacy-aware access control policies and data search 7 /24
Introduction Thesis contributions Conclusion and future directions Related work Achievements Proposed methodologies Access control policies 1/2 Related work Access control enforcement Limitations Cloud based data sharing system for Keys are managed by the data owner in a • Availability the data owner massively large data [1]. Large data files binary tree structure. Security tokens are • Reliance of untrusted cloud service are divided into multiple parts - each issued by data owner and validated by provider encrypted with different key. cloud storage provider. FADE [2] is a secure cloud storage system. It Data encryption key encrypts the • Delegation of data governance to key is designed to share outsourced data in an outsourced data. Control keys encrypts the manager untrusted domain and to assuredly delete it data encryption key. Control keys are • Poor utilization of cloud resources once the need of sharing is over. managed by key manager . TrustStore [3] is an Amazon S3 based Utilizes a KMSP to generate and distribute storage service. It manages data as data- decryption keys. KMSP and SSP are • Delegation of data governance to key fragments and meta-data. Data-fragments independent entities and do not know manager are persisted at Storage Service Provider each other . • Impracticable assumption (SSP), whereas meta-object is managed by Key Management Service Provider (KMSP). Cryptographic Cloud Storage to outsource Utilizes Attribute Based Encryption (ABE). enterprise data [4]. Data Processor Data owner generates and disseminates • Availability the data owner encrypts the outsourced data. Data Verifier ABE secret key to the authorized users. • ABE reveals information about access verifiers the data integrity at cloud storage. control policy Credential Generator generates manages credential of the users. SiRiUS [5], Plutus [6], and CRUST [7] are Utilizes asymmetric encryption to ensure • Poor utilization of cloud resources remote storage system authorized data access to the outsourced data. PhD. Dissertation – Fall 2012 Oblivious computation in public cloud for privacy-aware access control policies and data search 8 /24
Recommend
More recommend
