SAC-PA: Cloud Security Balaji Palanisamy School of Information - - PowerPoint PPT Presentation

SAC-PA: Cloud Security Balaji Palanisamy

1

School of Information Sciences University of Pittsburgh bpalan@pitt.edu

Cloud computing Benefits

For clients:

• No upfront commitment in

buying/leasing hardware

• Can scale usage according to demand
• Barriers to entry lowered for startups

For providers:

• Increased utilization of datacenter

resources minimizes cost

2

So, if cloud computing is so great, why aren’t everyone doing it?

3

Clouds are still subject to traditional data confidentiality, integrity, availability, and privacy issues, plus some additional attacks

AWS Security Advice

4

7.2. Security. We strive to keep Your Content secure, but cannot guarantee that we will be successful at doing so, given the nature of the Internet. Accordingly, without limitation to Section 4.3 above and Section 11.5 below, you acknowledge that you bear sole responsibility for adequate security, protection and backup of Your Content. We strongly encourage you, where available and appropriate, to use encryption technology to protect Your Content from unauthorized access and to routinely archive Your Content. We will have no liability to you for any unauthorized access or use, corruption, deletion, destruction or loss of any of Your Content. Source: http://aws-portal.amazon.com/gp/aws/developer/terms-and-conditions.html

Example: Online Course Database

5 Student Id Nam e Addr GP A CreditCard … Stude nt Course Id Nam e InstrId … Cours e Course Id Student Id Grad e … StudentCo urse

Encryption and DbaaS: Functionality

6

Client App

SELECT * FROM courses WHERE StudentId = 1234

Encryption and DbaaS: Functionality

7

Client App

SELECT * FROM courses WHERE StudentId = 1234

Encrypted [HIL+02] SIGMOD Test of Time Award

Deterministic Encryption Scheme

Encr Decr

The quick brown fox jumps

• ver the lazy dog

000102030405060708090a0b0c0d0e0f a7be1a6997ad739bd8c9ca451f618b61 b6ff744ed2c2c9bf6c590cbf0469bf41 47f7f7bc95353e03f96c32bcfd8058df a7be1a6997ad739bd8c9ca451f618b61 b6ff744ed2c2c9bf6c590cbf0469bf41 47f7f7bc95353e03f96c32bcfd8058df 000102030405060708090a0b0c0d0e0f The quick brown fox jumps

• ver the lazy dog

Key:

8

Crypto Textbook: [KL 07]

Plaintext Plaintext Ciphertext Ciphertext

Key:

Nondeterministic Encryption Scheme

Encr

The quick brown fox jumps

• ver the lazy dog

000102030405060708090a0b0c0d0e0f a7be1a6997ad739bd8c9ca451f618b61 b6ff744ed2c2c9bf6c590cbf0469bf41 47f7f7bc95353e03f96c32bcfd8058df

Encr

The quick brown fox jumps

• ver the lazy dog

000102030405060708090a0b0c0d0e0f fa636a2825b339c940668a3157244d17 247240236966b3fa6ed2753288425b6c 69c4e0d86a7b0430d8cdb78070b4c55a

Key:

9

Example: AES + CBC + variable IV

Deterministic Encryption

10 St StudentId As AssignI d Sc Scor e 1 1 68 1 2 71 3 4 99 … … …

select * from assignment where studentid = 1

Deterministic Encryption

11 St StudentId_D _DET As AssignId Sc Score bd6e7c3df2b5779e0b61216e8b10b 689 1 68 bd6e7c3df2b5779e0b61216e8b10b 689 2 71 7ad5fda789ef4e272bca100b3d9ff 59f 4 99 … … …

select * from assignment where studentid_det = bd6e7c3df2b5779e0b61216e8b10b689

Homomorphic Encryption

7ad5fda789ef4e272bca100 b3d9ff59f bd6e7c3df2b5779e0b61216 e8b10b689 7a9f102789d5f50b2beffd9f3dca4ea7

Encryption key is not an input

12

Order Preserving Encryption

13

Value Enc (Value) 1 0x0001102789d5f50b2beffd9f3dca4 ea7 2 0x0065fda789ef4e272bcf102787a93 903 3 0x009b5708e13665a7de14d3d824ca9 f15 4 0x04e062ff507458f9be50497656ed6 54c 5 0x08db34fb1f807678d3f833c2194a7 59e [BCN11, PLZ13]

Order-Preserving Encryption

14 St Studen tI tId As Assig nI nId Sc Score 1 1 68 1 2 71 3 4 99 … … …

select * from assignment where score >= 90

Order-Preserving Encryption

15 St Studen tI tId As Assig nI nId Sc Score_O _OPE 1 1 0x0065fda789ef4e272bcf1027 87a93903 1 2 0x009b5708e13665a7de14d3d8 24ca9f15 3 4 0x08db34fb1f807678d3f833c2 194a759e … … …

select * from assignment where score_OPE >= 0x04e062ff507458f9be50497656ed654c

Homomorphic Encryption Schemes

Fully Homomorphic Encryption Order-Preserving Encryption Deterministic Encryption Non-Deterministic Encryption Paillier Cryptosystem ElGamal Cryptosystem (Any function)

16

[G09, G10] [P99] [E84] [BCN11, PLZ13]

Homomorphic Encryption Schemes

Fully Homomorphic Encryption Order-Preserving Encryption Deterministic Encryption Non-Deterministic Encryption Paillier Cryptosystem ElGamal Cryptosystem (Any function)

17

[G09, G10] [P99] [E84] [BCN11, PLZ13]

Partial Homomorphic Encryption

Homomorphic Encryption Schemes

Fully Homomorphic Encryption Order-Preserving Encryption Deterministic Encryption Non-Deterministic Encryption Paillier Cryptosystem ElGamal Cryptosystem (Any function)

18

[G09, G10] [P99] [E84] [BCN11, PLZ13]

Partial Homomorphic Encryption

Homomorphic Encryption Schemes: Performance

Scheme Space for 1 integer (bits) Time for 1

• peration

Cosmic time scales ms s Deterministic Order- preserving Paillier ElGamal Fully Homomorphic Encryption

19

Trusted Client Architecture

— Distributed query processing

between untrusted DBMS and client-end DBMS shell

DBMS Shell

Client Query Fragment

Key

DBMS

Server Query Fragment Encrypted Data

Client App

Plaintext Query Plaintext Results

CryptDB Architecture

— Web proxy rewrites queries, decrypts

result

— Leverage P.H.E techniques

Web Proxy Client App

DBMS + UDFs

Rewritten Query Encrypted Data

Key

PlainText Query PlainText Results

[PRZ+11]

Secure In-Cloud Compute Architecture

— Distributed query processing

between untrusted DBMS and trusted cloud compute

— Solutions differ in granularity of

integration

DBMS

Untrusted Query Fragment Encrypted Data

Trusted Compute

Trusted Query Fragment

Key

Encrypted Data

Query Translation & Splitting

Client App

Plaintext Results Plaintext Query

Secure Processors

— TrustedDB

• Trusted compute is

a full DBMS

Client App Cloud DBMS

Query Results

IBM Secure Co-processor Key Embedded Linux & SQL Lite

Stora ge

[BS11]

TrustedDB Hybrid Example

24

[BS11]

Partioned Computing

— Hybrid Clouds

• Public cloud for non-sensitive data
• Private cloud for sensitive data
• Data and compute shipped between them

— Example Hybrid Cloud architectures

• SEDIC (CCS 2011)
• SEMROD (SIGMOD 2015)
• VNCACHE (CCGrid 2014)

25

How can Ann delete her sensitive email?

— She doesn’t know where all the copies are — Services may retain data for long after user

tries to delete

Loss of Control: Data Lives Forever

26

Ann Carla Sensitive email ISP

Archived Copies Can Resurface Years Later

27

ISP

Some time later…

Carla Ann

Retroactive attack

• n archived data

n A system composed of individually-owned computers that make

a portion of their resources available directly to their peers without intermediary managed hosts or servers. [~wikipedia]

Important P2P properties (for Vanish):

n Huge scale – millions of nodes n Geographic distribution – hundreds of countries n Decentralization – individually-owned, no single point of trust n Constant evolution – nodes constantly join and leave

Vanish Peer-T

• -Peer Protocol (OSDI’06)

28

Timed-release of Self-emerging Data (ICDCS’17, CLOUD’17)

generated timer released Securely protected Available for receivers

Use cases:

• non-releasable private data may become releasable due to the degradation of

time-varying data privacy.

• time-sensitive online events: secure voting mechanism, online examination.

Timed release of self emerging data:

• securely hide the protected data from being accessed prior to the release

time.

• automatic appearance of the stored data at the predetermined release

time.

S R

Self-emerging Data

Parameters:

• Total fragment

number – m (3)

• Threshold

fragment number – n (2)

• Length – l (3)

Package generation Package routing

The adjust one-hop scheme can

• nly support medium emerging

time period. We propose the multi-hop scheme to handle the very long requirements: Instead of deploying a single set of nodes to hold the packages during the entire T, we now arrange multiple sets of nodes to carry the packages in relay from the sender to the receiver. Also, the single usage of the erasure coding is now extended to a nested usage so that the old packages can be merged at each set of nodes to generate new packages and the reduced number

• f alive packages can be

replenished during each re- generation.

Chao Li and Balaji Palanisamy, "Timed-release of Self-emerging Data using Distributed Hash Tables", Proc. of 37th IEEE International Conference on Distributed Computing Systems, Atlanta, USA. (ICDCS 2017). Chao Li and Balaji Palanisamy, "Emerge: Self-emerging Data Release using Cloud Data Storage", Proc. of 10th IEEE International Conference on Cloud Computing, Honolulu, USA. (IEEE CLOUD 2017).

— Thank you & Questions

31