security and privacy for cloud computing
play

Security and Privacy for Cloud Computing Refik Molva Cloud - PowerPoint PPT Presentation

Jun 06, 2023 •165 likes •529 views

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing Storage Computation High availability No maintenance Decreased Costs Elasticity & Flexibility Security and Privacy for Cloud

  1. Security and Privacy for Cloud Computing Refik Molva

  2. Cloud Computing � Outsourcing � Storage � Computation � High availability � No maintenance � Decreased Costs � Elasticity & Flexibility Security and Privacy for Cloud Computing - R. Molva Slide 2

  3. Security & Privacy Challenges Outsourcing - Potentially untrusted Service Provider - Data storage and computations ⇒ New requirements (PoR, verifiability, . . .) ⇒ Crypto schemes dealing with untrusted partners � PIR � Secure multi-party computation � Computing with encrypted functions � Verifiability: proof of data possession, proof of execution Security and Privacy for Cloud Computing - R. Molva Slide 3

  4. Security & Privacy Challenges Large scale - Data - Computations ⇒ Severely asymmetric scenarios � Customer (verifier) << Service Provider (prover) � “Quantum leap”: classical schemes don’t work, need for new approaches � Example: integrity – customer cannot even keep a hash value per data split ⇒ Joint Crypto & Cloud schemes Security and Privacy for Cloud Computing - R. Molva Slide 4

  5. Security & Privacy Solutions � Privacy � Privacy preserving word search � Multi-user searchable encryption � Integrity � Proof of Retrievability � Message-locked PoR � Verifiability � Verifiable computation � Proof composition Security and Privacy for Cloud Computing - R. Molva Slide 5

  6. Privacy preserving word search Outsourced Backup Service Find Blocks including W � several years’ corporate data � regularly stored in the Cloud � Privacy � Encryption by the customer � Query: only a small portion needs to be restored � How to find it without downloading the entire DB? Requirement for a new solution � to search words in an encrypted DB � with privacy Security and Privacy for Cloud Computing - R. Molva Slide 6

  7. Privacy preserving word search � Existing solutions not scalable � Encrypted keyword search algorithms � Private information retrieval (PIR) � PRISM: Privacy preserving search in MapReduce � Data and query privacy � Idea: PIR on intermediate data maps � Advantage: parallelism with MapReduce Security and Privacy for Cloud Computing - R. Molva Slide 7

  8. PRISM - Upload [PETS’12] File w 0 , w 1 , . . . . w n-1 WordEncrypt E(w 0 ) , E(w 1 ) , . . . . E(w n-1 ) User Upload Cloud E(w i ) , . . . E(w j ) E(w k ) , . . . E(w l ) E(w m ) , . . . E(w n ) E(w u ) , . . . E(w v ) Mapper hash(E(w i )) X,Y, b X Binary Map Y b Security and Privacy for Cloud Computing - R. Molva Slide 8

  9. PRISM – Word Search Query for word w hash(E(w)) X,Y, b PIR query for (X,Y) User Cloud Mapper Binary Map PIR(X,Y) x PIR(X,Y) x PIR(X,Y) x PIR(X,Y) x ∑ homomorphic Reducer User E(result) Security and Privacy for Cloud Computing - R. Molva Slide 9

  10. Multi-user Searchable Encryption (MUSE) Multiple Readers Multiple Writers Security and Privacy for Cloud Computing - R. Molva Slide 10 10

  11. SotA - Access pattern leakage [PETS’17] � Iterative Testing Each encrypted keyword is tested separately in all documents - Similarities between documents & position of the keyword revealed - Collusion (CSP, User) ⇒ Privacy Breach Security and Privacy for Cloud Computing - R. Molva Slide 11

  12. MUSE: Multi-User Searchable Encryption [ISC’15] No collusion between Proxy and CSP Security and Privacy for Cloud Computing - R. Molva Slide 12 12

  13. Cloud Security Research � Privacy � Privacy preserving word search � Multi-user searchable encryption � Integrity � Proof of Retrievability � Message-locked PoR � Verifiability � Verifiable computation � Proof composition Security and Privacy for Cloud Computing - R. Molva Slide 13

  14. Proof of Retrievability � Motivating scenario: outsourced storage Is my data still there? � Requirements � Integrity check by Client � No data stored at Client � No bulk data transfer � Proof of Retrievability (POR) Security and Privacy for Cloud Computing - R. Molva Slide 14

  15. Proof of Retrievability – Related Work � Related work [Deswarte et. al, Filho et. al, ...] � Deterministic � Verification of the entire data ⇒ costly � Probabilistic [Ateniese et. al, Shacham et.al, Juels et al, ...] � Tags for each block + random verification ⇒ cost of homomorphic ops � randomly located sentinels => limited # of verifications � StealthGuard [ESORICS’14] � privacy preserving search of watchdogs � Unbounded # of queries Security and Privacy for Cloud Computing - R. Molva Slide 15

  16. Proof of Retrievability - StealthGuard E n c r w w y p w t Security and Privacy for Cloud Computing - R. Molva Slide 16

  17. Proof of Retrievability – StealthGuard Word Search Query (PRISM) w 1 w 2 w 3 w 4 w n Yes/No Yes/No Yes/No Yes/No Yes/No Missing word Missing data split Security and Privacy for Cloud Computing - R. Molva Slide 17

  18. How many watchdogs to check? or how to detect lack of Setup by Client retrievability? Adversary Model: Error-correction Bernoulli processes � _ ��� ⇒ Error-correction � � � ���, � ��� , �� Retrievability: � ��� � � � Permutation File not retrievable: � ��� � � � � � ���, � � � Detection: Encryption Watchdog insertion W W W W Security and Privacy for Cloud Computing - R. Molva Slide 18

  19. The Integration Problem Cloud Operations Data reduction Availability Computation efficiency Multi-tenancy Low performance or Severe conflict Security & Privacy Data confidentiality Data Integrity Privacy preserving processing Verifiability Security and Privacy for Cloud Computing - R. Molva Slide 19

  20. Conflict between PoR & deduplication � PoR → User specific encoding � Deduplication → Keep a unique copy in storage PoR PoR No Deduplication Security and Privacy for Cloud Computing - R. Molva Slide 20

  21. Message-locked PoR - Idea � PoR setup (Tags and Watchdogs) � PoR can be represented by � �, � � Derive � from file content Convergent Encryption ( K= H(F) ) suffers from dictionary attacks ⇒ Secure Message-Locked Key Generation Security and Privacy for Cloud Computing - R. Molva Slide 21

  22. Message-locked PoR [CCSW’16] � Secure Message-Locked Key Generation � � � ' � � � '( ) � �' Key Server * KS � � ← % & � '( ∗ �, � ← " # � '() � ' Data F Key Server � � ') Owner KS + � Message-locked PoR = PoR using ,- � �, � � StealthGuard – watchdogs � Private Compact PoR - tags [Shacham et al 2008] Security and Privacy for Cloud Computing - R. Molva Slide 22

  23. Cloud Security Research � Privacy � Privacy preserving word search � De-duplication on encrypted data � Integrity � Proof of Retrievability � Verifiability � Verifiable computation � Proof composition Security and Privacy for Cloud Computing - R. Molva Slide 23

  24. Verifiable Computation Setup Problem Generation Computation Verification � ., � . � ? � Compute � . 1 � � . , 0 Compute Proof 0 Verify ., 1, 0 R1: Cost(Verify) ≪ Cost(Compute) R2: Public delegatability [Parno et al. 2012] Anyone can submit a computation request R3: Public verifiability [Parno et al. 2012] Anyone can verify a computation result Security and Privacy for Cloud Computing - R. Molva Slide 24

  25. Verifiability for 3 Operations � ., � . � ? � , 1 � � . , 0 Compute � . and 0 Verify ., 1, 0 High-Degree Large Matrix Conjunctive Polynomial Evaluation Multiplication Keyword Search � � 3 � 4 5 6 3 6 ∈ 8 9 :3; �B� � >. . with @ � > 6A ∈ 8 9 Search(.) 6<= . � . C , . D , … , . � ⟙ ∈ 8 9 � . . ∈ 8 9 Keywords G � HI C , I D , … , I � J 1 � 1 C , 1 D , … , 1 � ⟙ � >. ∈ 8 9 � 1 � � . ∈ 8 9 1 ID of files � 6 such that G ⊂ � 6 Security and Privacy for Cloud Computing - R. Molva Slide 25

  26. [AsiaCCS 2016] Verifiable Polynomial Evaluation – Idea Euclidean Division of Polynomials � � LM N O ��, L� �M, O� ., � . � ? ��, L� 1, 0 Compute 1 � � . 0 � L�.� Verify 1 � 0 M . N O . ? M, O small degree Security and Privacy for Cloud Computing - R. Molva Slide 26

  27. [AsiaCCS 2016] Verifiable Matrix Multiplication – Idea Auxiliary Matrices P � Q> N O O pseudo-random �>, P� ., >. � ? O �>, P� 1, 0 Compute 1 � >. Verify 0 � P. 0 � Q1 N O. ? Projection R ∙ 0 � R ∙ Q1 N R ∙ O. Security and Privacy for Cloud Computing - R. Molva Slide 27

  28. Cloud Security Research � Privacy � Privacy preserving word search � De-duplication on encrypted data � Integrity � Proof of Retrievability � Verifiability � Verifiable computation � Proof composition Security and Privacy for Cloud Computing - R. Molva Slide 28

  29. Proof Composition Problem Verifiability of general program P(x) purpose programs 5 ≔ � . ] ≔ M 5 - Efficient methods for handling ⁞ sequence of operations Pinocchio [Parno et al] ^ ≔ _ 1 - Efficient schemes for a single very complex operation Example: - No technique achieving both program NN2(x) 5 ≔ > C . . x purposes ] ≔ bcde 5 c ≔ M 2 . b Security and Privacy for Cloud Computing - R. Molva Slide 29

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns

CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns

CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns Hopkins University What is Cloud Computing ? Lets hear from the experts 2 What is Cloud Computing ? The infinite wisdom of the crowds (via

709 views • 38 slides
Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted

Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted

CS573 Data Privacy and Security Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted data Homomorphic encryption What is Cloud Computing ? Cloud computing Type of computing that relies on sharing

1.29k views • 62 slides
Security &amp; Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik,

Security &amp; Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik,

Security &amp; Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik, Preeti Aggarwal and Shilpa Bahl Ansal University, Gurgaon- 122011, India 1 mmchaturvedi@ansaluniversity.edu.in Indian Context The potential uptake

1.27k views • 28 slides
1 1.2. Guidelines for Information Security of Cloud Computing Category Main contents of measure

1 1.2. Guidelines for Information Security of Cloud Computing Category Main contents of measure

Agenda Related Polices to Cloud Computing I. Guidelines for Information Security of Cloud II. Computing Cloud Security Certification Scheme in KOREA Cloud Security Certification Program in Korea III. April. 11, 2017 Jungduk (JD) KIM, Ph.

403 views • 5 slides
Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud Computing Services for Educational Institutions Presented by: Cristina Blanton Erin Fonte Associate Systemwide Compliance and Member, Privacy

310 views • 28 slides
Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security risks. Attacks in a cloud environment, top threats. Security, a major concern for cloud users. Privacy. Trust. Operating systems

661 views • 38 slides
PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian

PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian

PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH FOC2015 Vienna / 17.06.2015 Challenges for Future ICT Systems Cloud computing will be at the heart of future ICT

426 views • 17 slides
Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined) Administrative discussions Stephen McCamant University of Minnesota Multi-Cloud Oblivious Storage Old and new topics in security Cloud threats, old and new

645 views • 8 slides
Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia

Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia

Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia University of Applied Science Wolfenbttel, Germany IFIP Summerschool: Privacy and Identity Management for Life, Helsingborg, August 2nd, 2010 Cloud

775 views • 43 slides
Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud

Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud

Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud Computing model. Presented By: Marissa Hollingsworth Overview What is Cloud Computing? Unique Security Concerns in the Cloud

556 views • 34 slides
Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Motivation Two-Cloud Setting PP k NN Classification Conclusion and Future Research Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security Yousef M. Elmehdwi Department of Mathematics and Computer

919 views • 19 slides
Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc

Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc

Personal Security and Privacy in Personal Security and Privacy in Ubiquitous Computing Marc Langheinrich Institute for Pervasive Computing Institute for Pervasive Computing ETH Zurich, Switzerland Approaches to Security &amp; Privacy in

749 views • 39 slides
Security and Privacy at Scale Geetanjali Sampemane geta@google.com Cloud All your stuff is

Security and Privacy at Scale Geetanjali Sampemane geta@google.com Cloud All your stuff is

Security and Privacy at Scale Geetanjali Sampemane geta@google.com Cloud All your stuff is online All your stuff The cloud, aka &quot;online&quot; You Cloud v0? Shared multi-user computing: Multics, Unix, VMS, ... Online user

463 views • 22 slides
CS525: Who s Your Best Friend? Targeted Privacy Attacks In Location sharing Social Networks

CS525: Who s Your Best Friend? Targeted Privacy Attacks In Location sharing Social Networks

CS525: Who s Your Best Friend? Targeted Privacy Attacks In Location sharing Social Networks Wei Wang ECE Dept. Worcester Polytechnic Institute (WPI) Security and Privacy Problems in the mobile and cloud computing Security and Privacy

608 views • 19 slides
Privacy-supporting cloud-based conference systems: protocol and verification Myrto Arapinis,

Privacy-supporting cloud-based conference systems: protocol and verification Myrto Arapinis,

Privacy-supporting cloud-based conference systems: protocol and verification Myrto Arapinis, Sergiu Bursuc, Mark Ryan School of Computer Science, University of Birmingham Security of cloud computing Does user have to trust the service provider?

589 views • 16 slides
beyond the technology privacy, trust and security in the cloud disclaimers about me age of the

beyond the technology privacy, trust and security in the cloud disclaimers about me age of the

beyond the technology privacy, trust and security in the cloud disclaimers about me age of the cloud BLOOMBERG FORBES BAIN AND COMPANY the other side of the coin beyond the technology ZDNET FORTUNE beyond the technology WIRED MASHABLE

904 views • 45 slides
Euclid galaxy clustering simulation requirements: the basics Gigi Guzzo &amp; Will Percival (for

Euclid galaxy clustering simulation requirements: the basics Gigi Guzzo &amp; Will Percival (for

Euclid Consortium Euclid galaxy clustering simulation requirements: the basics Gigi Guzzo &amp; Will Percival (for the GC SWG) Euclid Simulation SWG meeting Barcelona 4-5 Dec 2014 1 Why redshift surveys need simulations Euclid

393 views • 12 slides
12 Principles of 3D CG Animation Amy Gooch CS395: Intro to Animation Summer 2004 12 Principles

12 Principles of 3D CG Animation Amy Gooch CS395: Intro to Animation Summer 2004 12 Principles

12 Principles of 3D CG Animation Amy Gooch CS395: Intro to Animation Summer 2004 12 Principles of Animation Created by Disney Studios in 1930s Snow White (1937) Pinocchio &amp; Fantastia (1940) Dumbo (1941) Bambi (1942)

479 views • 13 slides
Modelling and observing the Sunyaev-Zel'dovich effect in clusters of galaxies Mike Peel With

Modelling and observing the Sunyaev-Zel'dovich effect in clusters of galaxies Mike Peel With

Modelling and observing the Sunyaev-Zel'dovich effect in clusters of galaxies Mike Peel With Ian Browne, Richard Battye, Scott Kay, Peter Wilkinson, Stuart Lowe Jodrell Bank Centre for Astrophysics YERAC, 3 rd -7 th September 2007 Outline 1.

639 views • 18 slides
Wishes from a patients perspective ROBIN MILLMAN When you wish upon a star Your dreams

Wishes from a patients perspective ROBIN MILLMAN When you wish upon a star Your dreams

Wishes from a patients perspective ROBIN MILLMAN When you wish upon a star Your dreams come true (...well, that is what Jiminy Cricket told Pinocchio..!) APCCC 2019 Wish - General population screening Raise public awareness

304 views • 6 slides
Precision cosmology with 21cm intensity mapping in the

Precision cosmology with 21cm intensity mapping in the

Precision cosmology with 21cm intensity mapping in the post-reioniza7on era Francisco Villaescusa-Navarro --- INAF/INFN Trieste ICTP, Trieste,

410 views • 28 slides
Fast Zero-Knowledge Proofs and Post-Quantum Signatures Claudio Orlandi Aarhus University

Fast Zero-Knowledge Proofs and Post-Quantum Signatures Claudio Orlandi Aarhus University

Fast Zero-Knowledge Proofs and Post-Quantum Signatures Claudio Orlandi Aarhus University @claudiorlandi Based on joint work with: Meliisa Chase (Microsoft) David Derler (TU Graz) Tore Frederiksen (BIU) Irene Giacomelli

1.21k views • 77 slides
ZERO KNOWLEDGE PROOFS Satya Lokam 15 Dec 2019 IndoCrypt 2019 Akbar Birbal Games Akbar

ZERO KNOWLEDGE PROOFS Satya Lokam 15 Dec 2019 IndoCrypt 2019 Akbar Birbal Games Akbar

ZERO KNOWLEDGE PROOFS Satya Lokam 15 Dec 2019 IndoCrypt 2019 Akbar Birbal Games Akbar Verifier Prover Switch or not with prob. Claim: different colors Reject if wrong answer Answer yes or no to Else accept

512 views • 25 slides
Observational Constraints on Reionization History Tirthankar Roy Choudhury Cosmological

Observational Constraints on Reionization History Tirthankar Roy Choudhury Cosmological

Observational Constraints on Reionization History Tirthankar Roy Choudhury Cosmological Reionization 19 February 2010 Tirthankar Roy Choudhury HRI, Allahabad (19-02-10) Plan of the talk Evidence for extended reionization from semi-analytical

436 views • 32 slides

More recommend