secure outsourcing computation
play

Secure Outsourcing Computation Li Xiong Outline Cloud computing - PowerPoint PPT Presentation

Jan 31, 2023 •649 likes •1.29k views

CS573 Data Privacy and Security Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted data Homomorphic encryption What is Cloud Computing ? Cloud computing Type of computing that relies on sharing

  1. CS573 Data Privacy and Security Secure Outsourcing Computation Li Xiong

  2. Outline • Cloud computing • Computing on encrypted data • Homomorphic encryption

  3. What is Cloud Computing ? Cloud computing • Type of computing that relies on sharing computing resources rather than having local servers or personal devices to handle applications • New computing paradigm, involving data and/or computation outsourcing, with – Infinite and elastic resource scalability • Ability to quickly scale in/out service – On demand “just -in- time” provisioning – No upfront cost … pay-as-you-go • That is, use as much or as less you need, use only when you want, and pay only what you use, 3

  4. Cloud Service Models • Cloud computing means selling “X as a service” • Cloud Software as a Service (SaaS) – Use provider’s applications over a network – User doesn’t manage or control the network, servers, OS, storage or applications • Cloud Platform as a Service (PaaS) – Users deploy their consumer-created applications using programming language tools supported by the provider on a cloud – Users control their apps – Users don’t manage underlying cloud infrastructure, network, servers, OS, storage 4

  5. Cloud Service Models (Cont.) • Cloud Infrastructure as a Service (IaaS) – Rent processing, storage, network capacity, and other fundamental computing resources – Consumers gets access to the infrastructure to deploy their stuff – Don’t manage or control the infrastructure – Do manage or control the OS, storage, apps, selected network components 5

  6. Cloud computing architecture e.g., Web browser SaaS , e.g., Google Docs PaaS , e.g., Google AppEngine IaaS , e.g., Amazon EC2 Elastic Computing Cloud: web service that provides resizable compute capacity in the cloud 6

  7. Cloud Deployment Models • Private cloud – Operated solely for an organization (single org only) – managed by the org or a 3 rd party, – on or off premise • Community cloud – shared infrastructure for specific community that has shared concerns • (e.g., mission, security requirements, policy, and compliance considerations) – several orgs that have shared concerns, – managed by org or a 3 rd party 7

  8. Cloud Deployment Models (Cont.) • Public cloud – available to the general public or a large industry group – Sold to the public, mega-scale infrastructure • Hybrid cloud – composition of two or more clouds – bound by standard or proprietary technology that enables data and application portability 8

  9. So, if cloud computing is so great, why aren’t everyone doing it ? Clouds are still subject to traditional data confidentiality, integrity, availability, and privacy issues, plus some additional attacks 9

  10. Companies are still afraid to use clouds [ Chow09ccsw ] 10

  11. General Security Challenges • Trusting vendor’s security model • Customer inability to respond to audit findings • Obtaining support for investigations • Indirect administrator accountability • Proprietary implementations can’t be examined • Loss of physical control 11

  12. Anatomy of fear … Confidentiality – Will the sensitive data stored on a cloud remain confidential? Will cloud compromises leak confidential client data (i.e., fear of loss of control over data) – Will the cloud provider itself be honest and won’t peek into the data? 12

  13. Anatomy of fear … Integrity – How do I know that the cloud provider is doing the computations correctly? – How do I ensure that the cloud provider really stored my data without tampering with it? 13

  14. Anatomy of fear … Availability – Will critical systems go down at the client, if the provider is attacked in a Denial of Service attack? – What happens if cloud provider goes out of business? 14

  15. Anatomy of fear … Privacy issues raised via massive data mining – Cloud now stores data from a lot of clients, and can run data mining algorithms to get large amounts of information on clients 15

  16. Anatomy of fear … Increased attack surface – Entity outside the organization now stores and computes data, and so – Attackers can now target the communication link between cloud provider and client – Cloud provider employees can be phished 16

  17. Anatomy of fear … Legal quagmire and transitive trust issues – Who is responsible for complying with regulations (e.g., HIPAA)? – If cloud provider subcontracts to third party clouds, will the data still be secure?

  18. What we need is to … • Adapt well known techniques for resolving some cloud security issues • Perform new research and innovate to make clouds secure

  19. Traditional systems security vs Cloud Computing Security Securing a cloud Securing a traditional system 19

  20. Traditional systems security vs Cloud Computing Security Analogy Securing a motel Securing a house Owner and user are Owner and users are almost often the same entity invariably distinct entities 20

  21. Traditional systems security vs Cloud Computing Security Securing a motel Securing a house Biggest user concerns Biggest user concern Securing perimeter Securing room against Checking for intruders (the bad guy in next Securing assets room | hotel owner) 21

  22. Data Privacy and Security in Cloud: Overview • Novel attacks • Trustworthy cloud architectures • Data integrity and availability • Computation integrity • Data and computation privacy • Data forensics • Misbehavior detection • Malicious use of clouds 22

  23. Co-tenancy in clouds creates new attack vectors A cloud is shared by multiple users Malicious users can now legally be in the same infrastructure Misusing co-tenancy, attackers can launch side channel attacks on victims Research question: How to prevent attackers from exploiting co-tenancy in attacking the infrastructure and/or other clients? Example : the Topology attack on Amazon EC2 (“Hey You! Get off of my Cloud …” CCS 2009) 23

  24. Today’s cloud architectures act like big black boxes Clients have no idea of or control over what is happening inside the cloud Clients are forced to trust cloud providers completely Research Question: How do we design cloud computing architectures that are semi-transparent and provide clients with control over security? Existing Approaches : TCCP (uses TPM), CloudProof 24

  25. Today’s clouds provide no guarantee about outsourced data Amazon’s Terms of services 25

  26. Today’s clouds provide no guarantee about outsourced data Problem: Dishonest cloud providers can throw data away or lose data. Malicious intruders can delete or tamper with data. Clients need reassurance that the outsourced data is available, has not been tampered with, and remains confidential. Research Question : How can clients get assurance/proofs that the cloud provider is actually storing data, is not tampering with data, and can make the data available on-demand? Example Approaches: Provable Data Possession (PDP), Proof of Retrievability (PoR), HAIL 26

  27. Ensuring confidentiality of data in outsourced computation is difficult Most type of computations require decrypting data before any computations If the cloud provider is not trusted, this may result in breach of confidentiality Research Question : How can we ensure confidentiality of data and computations in a cloud? Existing Approaches : Homomorphic encryption, TCCP 27

  28. Clients have no way of verifying computations outsourced to a Cloud Scenario User sends her data processing job to the cloud. Clouds provide dataflow operation as a service (e.g., MapReduce, Hadoop etc.) Problem : Users have no way of evaluating the correctness of results Research question : How can we verify the accuracy of outsourced computation? Existing Approaches : Runtime Attestation, Majority voting, Redundant operations 28

  29. Clouds can be used for malicious purposes Adversaries can rent clouds temporarily to create a large scale botnet very quickly Clouds can be used for spamming, Denial of service, brute force password breaking, and other attacks Example: WPACracker.com – a password cracking service that claims to test 300,000,000 words in 20 minutes for $17, using a cloud Research question: How can we rapidly detect misbehavior of clients in a cloud? 29 Botnets compromise computers whose security defenses have been breached and control ceded to a third party.

  30. [Cloud Computing] is a security nightmare and it can't be handled in traditional ways. John Chambers CISCO CEO 30

  31. Data Outsourcing • Data owner outsources its data and processing functionalities to a cloud in order to reduced management cost and less overhead of data storage etc … • Security implication – Cloud cannot be fully trusted – How to outsource (delegate) the computation? – What about privacy of the outsourced computation?

  32. Standard solution • Data owners encrypt their data before outsourced to a cloud • Perfectly solves any privacy issues • Key challenge: – Cannot perform any computation on the encrypted data

  33. Naïve approach • Disadvantages : • The cloud cannot perform any algebraic operations • Utilize cloud as just a storage medium • User involves in heavy computations, impractical especially for mobile users and large databases • Key management

  34. Yet… The world was black and white

  35. Yet… The world was black and white The only thing anyone did with encrypted data was … … decrypt it.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Secure Outsourcing of Computation Ron Rothblum MIT Outsourcing Computation Motivation: allow a

Secure Outsourcing of Computation Ron Rothblum MIT Outsourcing Computation Motivation: allow a

Secure Outsourcing of Computation Ron Rothblum MIT Outsourcing Computation Motivation: allow a computationally weak client to outsource its computation to an untrusted server. = () Main security concerns: 1. Correctness:

377 views • 4 slides
Efficient Outsourcing GWAS using FHE Wenjie Lu*, Jun Sakuma * * Dept. of CS, University of

Efficient Outsourcing GWAS using FHE Wenjie Lu*, Jun Sakuma * * Dept. of CS, University of

Efficient Outsourcing GWAS using FHE Wenjie Lu*, Jun Sakuma * * Dept. of CS, University of Tsukuba, Japan JST CREST Secure Outsourcing GWAS Secure computation [Cloud] Outline of our solution [data holder] Secure

381 views • 19 slides
Doubly Efficient Interactive Proofs Ron Rothblum Outsourcing Computation Weak client outsources

Doubly Efficient Interactive Proofs Ron Rothblum Outsourcing Computation Weak client outsources

Doubly Efficient Interactive Proofs Ron Rothblum Outsourcing Computation Weak client outsources computation to the cloud. = () Outsourcing Computation We do not want to blindly trust the cloud. = () Key

462 views • 21 slides
Secure computation With material from Matthew Green, Elaine Shi, CS Unplugged, others Secure

Secure computation With material from Matthew Green, Elaine Shi, CS Unplugged, others Secure

https://2.bp.blogspot.com/-Q_39kDXs93c/UOecpSOTX5I/AAAAAAAAA2k/WaIfMiKzQOw/s1600/eniac1+%281%29.jpg Secure computation With material from Matthew Green, Elaine Shi, CS Unplugged, others Secure computation Zero-knowledge proofs

465 views • 33 slides
Outsourcing Private RAM Computation Craig Gentry Shai Halevi Mariana Raykova Daniel Wichs

Outsourcing Private RAM Computation Craig Gentry Shai Halevi Mariana Raykova Daniel Wichs

Outsourcing Private RAM Computation Craig Gentry Shai Halevi Mariana Raykova Daniel Wichs Private Outsourcing Client wants to leverage resources of a powerful server to compute () without revealing . Efficiency

141 views • 10 slides
Round-Optimal Secure Multiparty Computation with Honest Majority Prabhanjan Ananth Arka Rai

Round-Optimal Secure Multiparty Computation with Honest Majority Prabhanjan Ananth Arka Rai

Round-Optimal Secure Multiparty Computation with Honest Majority Prabhanjan Ananth Arka Rai Choudhuri Aarushi Goel Abhishek Jain CRYPTO 2018 Secure Multiparty Computation ! # ! $ ! " ! % Secure Multiparty Computation Securely compute

1.18k views • 102 slides
Secure Computation ORAM The Case of 3-Party Computation Stanislaw Jarecki, UC Irvine

Secure Computation ORAM The Case of 3-Party Computation Stanislaw Jarecki, UC Irvine

Secure Computation ORAM The Case of 3-Party Computation Stanislaw Jarecki, UC Irvine Cryptography in the RAM Model Workshop, Cambridge, MA, June 2016 AC15: Sky Faber, S.J. , Sotirios Kentros, Boyang Wei New Work: S.J. , Boyang Wei Secure

595 views • 23 slides
Secure Multi-Party Computation Gunnar Kreitz KTH Royal Institute of Technology

Secure Multi-Party Computation Gunnar Kreitz KTH Royal Institute of Technology

Background Secure Computation Security Model Generic Protocol Applications Secure Multi-Party Computation Gunnar Kreitz KTH Royal Institute of Technology gkreitz@kth.se October 4 2012 Gunnar Kreitz Secure Multi-Party Computation

1.28k views • 59 slides
Secure Data Outsourcing with Adversarial Data Dependency Constraints BigDataSecurity 2016

Secure Data Outsourcing with Adversarial Data Dependency Constraints BigDataSecurity 2016

Secure Data Outsourcing with Adversarial Data Dependency Constraints BigDataSecurity 2016 Boxiang Dong Wendy Hui Wang Jie Yang Department of Computer Science School of Software Engineering Stevens Institute of Technology South China

641 views • 22 slides
Secure Computation with Low Communication from Cross-checking Dov Gordon (George Mason U.)

Secure Computation with Low Communication from Cross-checking Dov Gordon (George Mason U.)

Secure Computation with Low Communication from Cross-checking Dov Gordon (George Mason U.) Samuel Ranellucci (Unbound Tech) Xiao Wang (MIT & Boston U.) Secure Computation 4 parties each hold private data. They wish to compute C(x 1

414 views • 24 slides
Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation Computation How to Run Sublinear Algorithms in a Distributed Algorithms in a Distributed Setting Elette Boyle Shafi Goldwasser Stefano Tessaro

1.01k views • 36 slides
The Exact Round Complexity of Secure Computation Antigoni Polychroniadou (Aarhus University)

The Exact Round Complexity of Secure Computation Antigoni Polychroniadou (Aarhus University)

The Exact Round Complexity of Secure Computation Antigoni Polychroniadou (Aarhus University) joint work with Sanjam Garg, Pratyay Mukherjee (UC Berkeley), Omkant Pandey (Drexel University) Background: Secure Multi-Party Computation x 1 f(x 1 ,

750 views • 54 slides
Non-Interactive Secure Computation from One-Way Functions Saikrishna Badrinarayanan Abhishek

Non-Interactive Secure Computation from One-Way Functions Saikrishna Badrinarayanan Abhishek

Non-Interactive Secure Computation from One-Way Functions Saikrishna Badrinarayanan Abhishek Jain (UCLA) (JHU) Rafail Ostrovsky Ivan Visconti (UCLA) (University of Salerno) Secure Two Party Computation Function f Input x Input y P 2 P 1

443 views • 21 slides
Fair Secure Computation (or how can I gain strategic advantage by breaking fairness) Alptekin

Fair Secure Computation (or how can I gain strategic advantage by breaking fairness) Alptekin

Rump Session 2016 Fair Secure Computation (or how can I gain strategic advantage by breaking fairness) Alptekin Kp Ko University Fair Secure Computation ALPTEKN KP Assistant Professor of Computer Science and Engineering

429 views • 27 slides
Adaptively Secure Multi-Party Computation with Dishonest Majority Sanjam Garg Amit

Adaptively Secure Multi-Party Computation with Dishonest Majority Sanjam Garg Amit

Adaptively Secure Multi-Party Computation with Dishonest Majority Sanjam Garg Amit Sahai UCLA Secure Multiparty Computation A set of mutually distrustful parties (n) wish to compute a joint function of their private inputs

309 views • 16 slides
Introduction to Secure Multi-Party Computation Many thanks to Vitaly Shmatikov of the

Introduction to Secure Multi-Party Computation Many thanks to Vitaly Shmatikov of the

Introduction to Secure Multi-Party Computation Many thanks to Vitaly Shmatikov of the University of Texas, Austin for providing these slides. slide 1 Motivation General framework for describing computation between parties who do not

1.03k views • 35 slides
A Brief History of the Cloud Dan Kohn, Executive Director A B r i e f H i s t o r y o f

A Brief History of the Cloud Dan Kohn, Executive Director A B r i e f H i s t o r y o f

A Brief History of the Cloud Dan Kohn, Executive Director A B r i e f H i s t o r y o f t h e C l o u d | Cloud Native Computing Foundation Founded December 2015 Non-profit, part of the Linux Foundation Initial projects

479 views • 28 slides
E-Commerce in the Cloud Featuring David S. Linthicum CTO, Founder Blue Mountain Labs

E-Commerce in the Cloud Featuring David S. Linthicum CTO, Founder Blue Mountain Labs

E-Commerce in the Cloud Featuring David S. Linthicum CTO, Founder Blue Mountain Labs David@bluemountainlabs.com Brought to you by: Sponsored by: THREE LAYERS OF CLOUD COMPUTING Software as a Service (SaaS) Finished applications that you

207 views • 19 slides
Related Activities (ISIC 6311) ROME 24 | 28 SEPTEMBER 2018 ITSIK TAL Israel Central Bureau of

Related Activities (ISIC 6311) ROME 24 | 28 SEPTEMBER 2018 ITSIK TAL Israel Central Bureau of

Data Processing, Hosting and Related Activities (ISIC 6311) ROME 24 | 28 SEPTEMBER 2018 ITSIK TAL Israel Central Bureau of Statistics Background ROME o Development of a price index for Data processing, hosting and 24 | 28 SEPTEMBER 2018

439 views • 9 slides
trs t r

trs t r

trs t r sr rs t P Prr

858 views • 48 slides
COMP 6611B: Topics on Cloud Computing and Data Analytics Systems Wei Wang Department of

COMP 6611B: Topics on Cloud Computing and Data Analytics Systems Wei Wang Department of

COMP 6611B: Topics on Cloud Computing and Data Analytics Systems Wei Wang Department of Computer Science & Engineering HKUST Fall 2015 Data, data, data! Large Hadron Collider generates 40 TB data Crawls 20B web per second pages a

1.05k views • 44 slides
Evidence for Accountable Cloud Computing Services Aryan Taherimonfared, Tomasz Thomas Rbsamen,

Evidence for Accountable Cloud Computing Services Aryan Taherimonfared, Tomasz Thomas Rbsamen,

Evidence for Accountable Cloud Computing Services Aryan Taherimonfared, Tomasz Thomas Rbsamen, Christoph Wiktor Wlodarczyk, Chunming Reich Rong Hochschule Furtwangen Center for IP-based Service University HFU Innovation, TN-IDE,

542 views • 11 slides
Cloud Computing for on-Demand Resource Provisioning Distributed Systems Architecture Research

Cloud Computing for on-Demand Resource Provisioning Distributed Systems Architecture Research

7th NRENs and Grids Workshop Trinity College, Dublin, September 2, 2008 Cloud Computing for on-Demand Resource Provisioning Distributed Systems Architecture Research Group Universidad Complutense de Madrid 1/23 Objectives Show the benefits

354 views • 23 slides
Cloud Computing for the Humanities Graham Wilcock University of Helsinki What is Cloud

Cloud Computing for the Humanities Graham Wilcock University of Helsinki What is Cloud

Cloud Computing for the Humanities Graham Wilcock University of Helsinki What is Cloud Computing? Run your app in the cloud Using somebody elses computers Computing resources on-demand Like electricity, or pizza delivery

508 views • 28 slides

More recommend