Cloud Computing Security Monir Azraoui, Kaoutar Elkhiyaoui, Refik Molva, Melek Ӧ nen, Pasquale Puzio December 18, 2013 – Sophia-Antipolis, France

Cloud Computing – Outsourcing storage & computation  High availability  No IT maintenance cost  Decreased Costs  Elasticity & Flexibility Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 2

Data breaches  Unauthorized access to client data Data Loss  Accidental or malicious destruction Account hijacking  Stolen credentials Insecure APIs  Adversary steals data from cloud Denial of Service  Intolerable system slowdown Malicious insiders  More powerful attackers Abuse of cloud services  Adversary rents the cloud Insufficient due diligence  Mismatched expectations Shared technology issues  Adversary breaks out of the hypervisor CSA’s Notorious Nine – From 2010 to 2013 Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 3

 Security Models & Requirements  Honest but curious  Confidentiality & Privacy Data privacy Computation privacy  Malicious  Privacy + Integrity & Transparency Verifiability  Challenge Clouds as Adversaries To trust or how to trust? Do not cancel cloud advantages Lightweight operations at client side Cloud Security Big Data Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 4

 Honest-but-curious cloud  Privacy preserving word search  Privacy preserving de-duplication  Malicious cloud  Proof of Retrievability Cloud Security Research at EURECOM [PETS’12, Tclouds’13] [CloudCom’13] [Under submission] Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 5

 Challenge  No more physical possession of data  Lack of resources at the client side  Related work  Deterministic  Verification of the entire data  costly  Probabilistic  Tags for each block + random verification  Costly generation of tags  randomly located sentinels => limited verification  Our solution - StealthGuard  Randomly generated watchdogs  privacy preserving search of watchdogs Proof of Retrievability - Overview Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 6 [Under submission] [Ateniese et. al., Juels et. al., Shacham et.al...] [Deswarte et. al, Filho et. al,..]

 Honest but curious cloud  Privacy preserving word search  Privacy preserving de-duplication  Malicious cloud  Proof of Retrievability Cloud Security Research at EURECOM [PETS’12, Tclouds’13] [CloudCom’13] [Under submission] Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 7

 A concrete Scenario: Data retention  Internet Service Provider retains customers’ log/access data (for 6 years…!)  Example: DNS logs (time, IP, hostname)  Save money: Outsource to cloud  Challenge  Protect customer Privacy against prying clouds  Privacy: Encrypt log entries  Support queries: “Has x accessed y (at time z)?”  Word Search  Efficiency: Leverage clouds’ massive parallelism  MapReduce Privacy preserving word search Pri S M Logs 8Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 8

 Contribution  Data privacy: No (non trivial) data analysis  Computation privacy: query privacy, query unlinkability  Parallelism with MapReduce  Evaluation: privacy proofs and implementation (11% overhead)  Main idea  Word search transformed to PIR problems (single bit)  Map: Evaluate small PIR problem on each InputSplit  Reduce: combine mapper output with simple addition  User decodes output, decides existence PRIvacy preserving Search in MapReduce 9Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 9

PRISM - Overview Mapper InputSplit Reducer “PIR Matrix” E(1) E(0) E(1) ∑ User Result Cloud File Encrypt & Upload Q(word) Query for “word” Q(word) E( ) homomorphic Idea: Transform search for “word” into PIR query word? 10Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 10 [PETS’12]

 Scenario  Auditing  Additional privacy requirement  Authorized access with revocation  Initial solution based on  One-time key for search  Attribute based encryption for key retrieval Further work - Delegated word search Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 11 [Tclouds’13]

 Honest but curious cloud  Privacy preserving word search  Privacy preserving de-duplication  Malicious cloud  Proof of Retrievability Cloud Security Research at EURECOM [PETS’12, Tclouds’13] [CloudCom’13] [Under submission] Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 12

Privacy preserving deduplication  Deduplication  Duplicated data stored only once  90-95% space saving  Conflict with privacy  Encryption prevents detection  Initial solution  Convergent encryption  Key = hash(data)  Vulnerable to dictionary attacks Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 13

ClouDedup - Overview  Confidentiality & block-level deduplication  Countermeasure against CE vulnerability  Negligible performance impact  Transparent to the storage provider Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 14 [CloudCom’13]

 Privacy preserving storage & computation  Suitable data encryption  Privacy preserving primitives  Word search  statistics: sum, average, etc. ..  Privacy preserving deduplication  Verifiable storage & computation  Verifiable word search  Proof of retrievability  Data integrity Conclusion Do not cancel cloud advantages Lightweight operations at client side Big Data Cloud Computing Security – December 18, 2013 Sophia-Antipolis, France Slide 15

THANK YOU