structural cloud audits that protect private information
play

Structural Cloud Audits that Protect Private Information Hongda - PowerPoint PPT Presentation

May 15, 2023 •233 likes •655 views

Structural Cloud Audits that Protect Private Information Hongda Xiao, Bryan Ford, Joan Feigenbaum Department of Computer Science Yale University Cloud Computing Security Workshop November 8, 2013 Motivation Cloud computing and cloud

  1. Structural Cloud Audits that Protect Private Information Hongda Xiao, Bryan Ford, Joan Feigenbaum Department of Computer Science Yale University Cloud Computing Security Workshop – November 8, 2013

  2. Motivation ● Cloud computing and cloud storage now plays a central role in the daily lives of individuals and businesses. ● Over a billion people use Gmail and Facebook to create, share, and store personal data ● 20% of all organizations use the commercially available cloud- storage services provided both by established vendors and by cloud-storage start-ups ● Reliability of cloud-service providers grows in importance.

  3. Motivation ● Cloud-service providers use redundancy to achieve reliability Data Center 1 Data Center 2 ● But redundancy can fail due to Common Dependencies [Ford, Icebergs in the Clouds, HotCloud '12] Power Station 1

  4. Motivation ● This is a real problem ● e.g. a lightning storm in northern Virginia took out both the main power supply and the backup generator that powered all of Amazon EC2's data centers in the region ● We need a systematic way to discover and quantify vulnerabilities resulting from common dependencies

  5. Motivation ● Zhai et al. proposed Structural Reliability Auditing (SRA) ● collect comprehensive information from infrastructure providers ● construct a service-wide fault tree ● identify critical components, estimiate likelihood of service outage ● A potential barrier to adoption of SRA is the sensitive nature of both its input and its output. ● cloud service providers and infrastructure providers may not be willing to disclose the required information

  6. Objective ● Privacy-Preserving SRA (P-SRA): investigate the use of secure multi-party computation (SMPC) to perform SRA in a privacy preserving manner ● Perform SMPC on complex, linked data structures of cloud topology, which has not often been explored yet

  7. Basic Idea Step 1: Build a structural model of Step 2: Perform fault tree analysis cloud infrastructure of interest to detect hidden failure risks Cloud Service1 Cloud Service1 (Power1, Router1 Router2) Data Data Center 1 Center 2 Power 1 (Router1 Router2) Router 1 Router 2 Power 1 Power 2 Router 1 Router 2 [Zhai et al., Auditing the Structural Reliability of the Clouds, Yale TR-1479]

  8. Challenges ● Private Data Acquisition ● How to collect complex, linked data of cloud topology without compromising the privacy of the cloud and infrastructure providers? ● Privacy-Preserving Analysis ● How to identify common dependencies and correlated failure risk without requiring providers to disclose confidential information? ● Efficiency ● SMPC is NOT very efficient especially when the size of inputs are large

  9. Our Solutions ● Private Data Acquisition ● Leverage secret sharing techniques in SMPC ● Specify valid output protecting privacy ● Privacy-Preserving Analysis ● Specialized graph representation techniques to build fault tree in a privacy preserving manner ● Efficiency ● Novel data partitioning techniques to effectively reduce the input size of SMPC and leave most of the computations locally

  10. System Design Overview ● P-SRA Client P-SRA Client DAU ● Data Acquisition Unit (DAU) Cloud 1 SSU ● Local Execution Unit (LEU) LEU ● Secret Sharing Unit (SSU) Cloud Users DAU ● P-SRA Host SMPC Cloud 2 SSU Computation LEU ● Represents Cloud Users, SMPC Reliability Auditors Coordination DAU ● Does SMPC coordination P-SRA Host Cloud 3 SSU LEU

  11. Cloud Provider ● Install and control a P-SRA Client ● Input their private infrastructure information, which is considered private ● Semi-honest Threat Model ● The Cloud Providers are honest but curious

  12. P-SRA Client ● Fully controlled by Cloud Providers ● Data Acquisition Unit ● Collects component and dependency information ● Local Execution Unit ● Perform local stractural reliability analysis ● Secret Sharing Unit ● Perform SMPC with P-SRA Host

  13. P-SRA Host ● SMPC module ● Perform SMPC with each P-SRA client installed by cloud providers ● Coordination module ● Coordinate the communication between P-SRA Clients and P- SRA Host ● Semi-honest Model ● The P-SRA Host is honest but curious

  14. Outline of How the System Works ● Step 1: Privacy-preserving dependency acquisition ● Step 2: Subgraph abstraction to reduce problem size ● Step 3: SMPC protocol execution and local computation ● Step 4: Privacy-preserving output delivery

  15. Privacy-preserving dependency acquisition ● The DAU of each cloud-service provider collects information about the components and dependencies of this provider ● network dependencies ● hardware dependencies ● software dependencies ● failure probability estimates for components ● Store the information in a local database for use by P-SRA's other modules.

  16. Subgraph Abstraction ● The Client's SSU abstracts the dependency information of private components as a set of macro-components, which are the actual inputs of the SMPC ● Key step to reduce the input size of SMPC ● The choice of abstraction policy is flexible as long as satisfying the proper criterions ● Can be generalized to other SMPC problem on complex and linked data structure

  17. Subgraph Abstraction Policy ● A subgraph H of the full dependency graph G of a cloud- service provider S should have two properties in order to be eligible for abstraction as a macro-component ● all components in H must be used only by S ● for any two components v and w in H, the dependency information of v with respect to components outside of H is identical to that of w ● SSU collapses H to a single node to transfer G to a smaller graph G'

  18. Subgraph Abstraction: Example Router 2 Router 1 Power 1 Power 2 ● Dependency Graph of a Simple Data Center ● A Storage Service Gateway1 Gateway2 ● Two Data Centers, one for service and the other for back-up Core1 Core2 Core3 Core4 ● Red Frame is the data center 1, which satisfies the two properties Agg1 Agg2 Agg3 Agg4 ToR1 ToR1 ToR1 ToR1 S1 S2 S3 S4 S5 S6 S7 S8 Storage Back-up Back-up

  19. Subgraph Abstraction: Example Red frame on the left is data center 1, which is abstracted as Data Center 1 on the right Router 2 Router 1 Power 1 Power 2 Gateway1 Gateway2 Cloud Service1 Core1 Core2 Core3 Core4 Data Data Center 1 Center 2 Agg1 Agg2 Agg3 Agg4 ToR1 ToR1 ToR1 ToR1 Router 1 Router 2 Power 1 Power 2 S1 S2 S3 S4 S5 S6 S7 S8 Storage Back-up Back-up

  20. SMPC and Local Computation ● SMPC ● Local Computation ● Perform SMPC to identify ● SSU passes the common dependency and dependency informaiton reliability analysis across within macro-components cloud providers to LEU ● SSUs of P-SRA Clients ● LEU performs structural work with SMPC of P- reliability analysis locally SRA Host

  21. SMPC Protocol ● Fault-tree construction ● Generate input for the SMPC ● Identify common dependencies ● Calculate failure sets

  22. Fault Tree Analysis ● FTA is a deductive reasoning technique ● Occurence of top event is a boolean combination of occurence of lower level events ● Fault Tree is a Directed Acyclic Graph (DAG) ● Node: gate or event ● Link: dependency information ● Failure Set is a set of components whose simultaneous failure results in cloud service outage

  23. SMPC Fault Tree Construction ● Challenge ● SMPC cannot readily handle conditionals, which are necessary in traditional ways of processing Fault Trees ● Solution ● Rewrite the fault tree as topology paths form with types ● Eliminates use of conditionals

  24. Topology Paths with Types ● Extract all paths through dependency DAG ● root node → intermediate nodes → leaf node ● Unpacks the DAG for "circuit" processing ● Can be exponentially larger than DAG in worst case :( ● Types of topology paths ● The SSU builds a disjunction of conjunctions of disjunctions data structure by assigning each path a type

  25. Topology Paths with Types: Example Data Cloud Service1 Power 1 Cloud Service1 Center 1 Data Cloud Service1 Power 2 Center 2 Data Data Data Router 1 Cloud Service1 Center 1 Center 2 Center 1 Data Data Cloud Service1 Router 2 Router 2 Center 1 Center 1 Data Cloud Service1 Power 1 Router 1 Power 2 Center 2 Data Data Cloud Service1 Cloud Service1 Router 2 Router 2 Center 1 Center 2 Router 1 Router 2

  26. Local Execution Protocol ● Generate fault tree for components within macro-components ● Compute the failure sets of each macro-component

  27. Generate input for the SMPC ● SSUs pad the fault tree in order to avoid leaking structural informatoin such as the size of the cloud infrastructure ● Add dummy nodes with zero ID into each topology path ● Add zero paths into the fault tree with randomly assigned types ● Zero ID nodes do not affect the result

  28. Identify common dependencies ● SSUs and P-SRA Host cooperate to identify common dependency ● doing multiple (privacy-preserving) set intersections, followed by one (privacy-preserving) union ● Strict security requires doing it without conditional statements ● Transfer conditional statements into arithmetic computation

  29. Identify common dependencies

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON

Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON

Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON 2010 Building a Private Cloud with Ubuntu Server 10.04 Enterprise Cloud (Eucalyptus) OSCON 2010 (Note: Special thanks to Jim Beasley, my lead Cloud

604 views • 37 slides
The PROTECT project An Innovative Public-Private Partnership for New Methodologies in

The PROTECT project An Innovative Public-Private Partnership for New Methodologies in

The PROTECT project An Innovative Public-Private Partnership for New Methodologies in Pharmacovigilance and Pharmacoepidemiology Xavier Kurz, MD, MSc, PhD European Medicines Agency PROTECT Goal To strengthen the monitoring of benefit-risk of

404 views • 17 slides
Meet Your New Managed Private Cloud from Red Hat and IBM Joe Mann, Red Hat Senior Solutions

Meet Your New Managed Private Cloud from Red Hat and IBM Joe Mann, Red Hat Senior Solutions

Meet Your New Managed Private Cloud from Red Hat and IBM Joe Mann, Red Hat Senior Solutions Architect, CCSP Program Andr Bearfjeld, IBM Senior Product Owner, Private Cloud Platform Paul Czarkowski , IBM Technical Lead, Architecture and

453 views • 33 slides
9/30/2018 1 9/30/2018 Audits: How to Protect Your Bottom Line NCPA 2018 Annual Convention

9/30/2018 1 9/30/2018 Audits: How to Protect Your Bottom Line NCPA 2018 Annual Convention

9/30/2018 1 9/30/2018 Audits: How to Protect Your Bottom Line NCPA 2018 Annual Convention Amanda Gaddy, RPh Director of Clinical Services Georgia Pharmacy Association Disclosure Amanda Gaddy is a pharmacy consultant and is receiving an

334 views • 15 slides
Public-Private proposal for a European Cloud Security Certification Scheme C5 success story and

Public-Private proposal for a European Cloud Security Certification Scheme C5 success story and

Berlin 2 nd April 2019 Public-Private proposal for a European Cloud Security Certification Scheme C5 success story and the way forward to a European certification for cloud services Clemens Doubrava Head of Section of Information Security in

367 views • 36 slides
Private Cloud Ravi Mula Research Associate Dept. of CS Outline 1. Cloud Classifications -

Private Cloud Ravi Mula Research Associate Dept. of CS Outline 1. Cloud Classifications -

Private Cloud Ravi Mula Research Associate Dept. of CS Outline 1. Cloud Classifications - PaaS, SaaS, IaaS, FaaS 2. Terminology 3. Traditional vs Hyper-converged Architectures 4. Nutanix a. Architecture b. Data Management &

725 views • 39 slides
Noise Audits What they are and the training required to do them The Hearing Loss Prevention/

Noise Audits What they are and the training required to do them The Hearing Loss Prevention/

Noise Audits What they are and the training required to do them The Hearing Loss Prevention/ Noise Rule includes a section on noise audits. The following three modules provide information on noise audits: Module 1 is a general overview of

570 views • 18 slides
Moving Large Workloads from a Public Cloud to an OpenStack Private Cloud: Is It Really Worth It?

Moving Large Workloads from a Public Cloud to an OpenStack Private Cloud: Is It Really Worth It?

Moving Large Workloads from a Public Cloud to an OpenStack Private Cloud: Is It Really Worth It? April 7th, 2016 Nicolas Brousse | Sr. Director Of Operations Engineering | nicolas@tubemogul.com Who are we? An enterprise software company for

372 views • 24 slides
Synology 2020 Sales Manager Devin Santamaria Hybrid Cloud & Beyond The private vs. public

Synology 2020 Sales Manager Devin Santamaria Hybrid Cloud & Beyond The private vs. public

Synology 2020 Sales Manager Devin Santamaria Hybrid Cloud & Beyond The private vs. public cloud debate is over 81 % IT organizations use public cloud 81% *Source: TechTarget , Public cloud workload success requires IT leadership 41 %

1.15k views • 47 slides
Bringing Private Cloud to Australia OpenStack on VMware OpenStack Summit 2013 Introduction

Bringing Private Cloud to Australia OpenStack on VMware OpenStack Summit 2013 Introduction

Bringing Private Cloud to Australia OpenStack on VMware OpenStack Summit 2013 Introduction Aptira Leading OpenStack provider in Australia and APAC Private and Hybrid IaaS Cloud Solutions Technology consultancy for large providers

224 views • 21 slides
Building and Delivering Next Generation Developer Services Using Private Cloud Infrastructure

Building and Delivering Next Generation Developer Services Using Private Cloud Infrastructure

Building and Delivering Next Generation Developer Services Using Private Cloud Infrastructure Chris Pinkham CEO, Nimbula 19 June 2012 Cloud Computing Grid Computing Grid-Cloud Computing Nimbula Vision: One Cloud

428 views • 18 slides
Cloud Ser Clo Service Prov Provider(CSP) for for the Government Priv Gov Private Cl Cloud

Cloud Ser Clo Service Prov Provider(CSP) for for the Government Priv Gov Private Cl Cloud

SITA SITA SUS SUSE CSP CSP for for GPC GPCE RFB 2088 RFB 2088/2019 for for the pro procurement of of SUS SUSE Cloud Ser Clo Service Prov Provider(CSP) for for the Government Priv Gov Private Cl Cloud Ecos Ecosyste tem (GP

312 views • 10 slides
Private ! Virtual ! Infrastructure for ! Cloud ! Computing John ! Krautheim UMBC ! Cyber ! Defense

Private ! Virtual ! Infrastructure for ! Cloud ! Computing John ! Krautheim UMBC ! Cyber ! Defense

Private ! Virtual ! Infrastructure for ! Cloud ! Computing John ! Krautheim UMBC ! Cyber ! Defense ! Lab Cloud ! Computing ! Security ! Someone ! else ! owns ! the ! cloud ! Data ! in ! cloud ! is ! out ! of ! control ! of ! data ! owner ! Does !

324 views • 10 slides
Energy Audits: From Clipboard to Cloud December 18, 2014 SERDP & ESTCP Webinar Series

Energy Audits: From Clipboard to Cloud December 18, 2014 SERDP & ESTCP Webinar Series

SERDP & ESTCP Webinar Series Energy Audits: From Clipboard to Cloud December 18, 2014 SERDP & ESTCP Webinar Series Welcome and Introductions Jennifer Nyman, Ph.D., P.E. Webinar Coordinator Webinar Agenda Webinar Overview and

903 views • 59 slides
Information Exchange: & Bar U.S. and Foreign Government Tactics and Tools for Audits, , d

Information Exchange: & Bar U.S. and Foreign Government Tactics and Tools for Audits, , d

TEI Annual Conference October 30, 2013 IRS Ad IRS Administrative Affairs i i t ti Aff i rker Information Exchange: & Bar U.S. and Foreign Government Tactics and Tools for Audits, , d llips Chartere Document Production and

619 views • 31 slides
SUSE OpenStack Cloud Accelerate delivery of modern applications Expert Days 2019 Private Cloud:

SUSE OpenStack Cloud Accelerate delivery of modern applications Expert Days 2019 Private Cloud:

SUSE OpenStack Cloud Accelerate delivery of modern applications Expert Days 2019 Private Cloud: Mixing Evolution with Revolution 221 221 Do I Even Need to Change? 222 222 223 If Youre Not Innovating, Youre Falling Behind Competitive

565 views • 39 slides
PROSPECT The P recision R eactor O scillation and SPECT rum Experiment James T. Matta Oak Ridge

PROSPECT The P recision R eactor O scillation and SPECT rum Experiment James T. Matta Oak Ridge

PROSPECT The P recision R eactor O scillation and SPECT rum Experiment James T. Matta Oak Ridge National Laboratory On behalf of the PROSPECT Collaboration The Reactor Flux Anomaly Evidence For A Sterile Neutrino? Reactor measurements

648 views • 28 slides
H 2 O-supressed 1 H NMR CGRP 8-37

H 2 O-supressed 1 H NMR CGRP 8-37

H 2 O-supressed 1 H NMR CGRP 8-37 H-Ala-Cys-Asp-Thr-Ala-Thr-Cys-Val-Thr-His-Arg-Leu-Ala-Gly-Leu-Leu- Ser-Arg-Ser-Gly-Gly-Val-Val-Lys-Asn-Phe-Val-Pro-Thr-Asn-Val-Gly-Ser-Lys-ALa-Phe-NH 2 13 C NMR CGRP 8-37 H-Ala-Cys-Asp-Thr-Ala-Thr-Cys-

371 views • 4 slides
The Individual Cookie Maker Yellow A 7 October 2010 Inspiration Love for cookies Lethargy

The Individual Cookie Maker Yellow A 7 October 2010 Inspiration Love for cookies Lethargy

The Individual Cookie Maker Yellow A 7 October 2010 Inspiration Love for cookies Lethargy Leftovers Love handles Other, 5% Too many leftovers, 6% Weight conscious Too much time 22% 53% Dont want to do the dishes 14% What is the

389 views • 10 slides
Subgroup 29 U-235 Capture Cross Section in the keV to MeV Energy Region O. Iwamoto (JAEA)

Subgroup 29 U-235 Capture Cross Section in the keV to MeV Energy Region O. Iwamoto (JAEA)

Progress report 2008 Subgroup 29 U-235 Capture Cross Section in the keV to MeV Energy Region O. Iwamoto (JAEA) Introduction Fast-neuron critical experiments using U fuels BFS (IPPE): underestimation of sodium voided reactivity

740 views • 60 slides
NEOS: Reactor neutrino experiment at short baseline 11 Sep @ TAUP 2019, Toyama Yoomin Oh

NEOS: Reactor neutrino experiment at short baseline 11 Sep @ TAUP 2019, Toyama Yoomin Oh

NEOS: Reactor neutrino experiment at short baseline 11 Sep @ TAUP 2019, Toyama Yoomin Oh Outline Reactor neutrino Anomalies Short baseline (SBL) oscillation Introduction/status of the NEOS experiment 2019.09.09 Yoomin Oh /

287 views • 17 slides
W C E T W e b c a s t w c e t .w i c h e . e d u Welcome to todays WCET Webcast September 15

W C E T W e b c a s t w c e t .w i c h e . e d u Welcome to todays WCET Webcast September 15

# W C E T W e b c a s t W C E T W e b c a s t w c e t .w i c h e . e d u Welcome to todays WCET Webcast September 15 # W C E T W e b c a s t The webcast will begin shortly. There is no audio being broadcast at this time. An archive of

624 views • 28 slides
Uranium encapsulation into glass W.C.M.H. MEYER JOINT ICTP-IAEA INTERNATIONAL SCHOOL ON NUCLEAR

Uranium encapsulation into glass W.C.M.H. MEYER JOINT ICTP-IAEA INTERNATIONAL SCHOOL ON NUCLEAR

Uranium encapsulation into glass W.C.M.H. MEYER JOINT ICTP-IAEA INTERNATIONAL SCHOOL ON NUCLEAR WASTE VITRIFICATION ICPT, TRIESTE 23 SEPTEMBER 2019 TO 27 SEPTEMBER 2019 1. Enriched Uranium problem MTR Reactor Old reactor spent fuel (MTR

347 views • 19 slides
Open-World Probabilistic Databases Guy Van den Broeck On joint work with Ismail Ilkan Ceylan,

Open-World Probabilistic Databases Guy Van den Broeck On joint work with Ismail Ilkan Ceylan,

Open-World Probabilistic Databases Guy Van den Broeck On joint work with Ismail Ilkan Ceylan, Adnan Darwiche Feb 3, 2016, SML Outline? or What we can do already > 570 million entities > 18 billion tuples What I want to do

642 views • 52 slides

More recommend