A Folder Tree Structure for Cryptographic File Systems Dominik Grolimund, Luzius Meisser, Stefan Schmid, Roger Wattenhofer Computer Engineering and Networks.

Slides:

Advertisements

Similar presentations

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Advertisements

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang

A Robust and Efficient Reputation System for Active Peer-to-Peer Systems Dominik Grolimund, Luzius Meisser, Stefan Schmid, Roger Wattenhofer Computer Engineering.

Russell Martin August 9th, Contents Introduction to CPABE Bilinear Pairings Group Selection Key Management Key Insulated CPABE Conclusion & Future.

Access Control Chapter 3 Part 3 Pages 209 to 227.

Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.

CMSC 414 Computer (and Network) Security Lecture 13 Jonathan Katz.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

VM: Chapter 5 Guiding Principles for Software Security.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Group Management, Permissions, and Revocation in OceanStore Barbara Engelhardt George Porter Naveen Sastry UC Berkeley January 2002.

Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.

PRIAM: PRivate Information Access Management on Outsourced Storage Service Providers Mark Shaneck Karthikeyan Mahadevan Jeff Yongdae Kim.

Security Management.

Secure File Storage Nathanael Paul CRyptography Applications Bistro March 25, 2004.

Key Management in Cryptography

Sonia Jahid, Prateek Mittal, Nikita Borisov University of Illinois at Urbana-Champaign Presented by Nikita Borisov ASIACCS 2011.

Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.

Brian Padalino Sammy Lin Arnold Perez Helen Chen

Fine-Grained Access Control (FGAC) in the Cloud Robert Barton.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September

Lukas Ruf, TIK April 6th WP3 Presentation, ETH WP 3 -- Security Technology And Multimedia Delivery Computer Engineering and Networks Laboratory,

A Survey on Secure Cloud Data Storage ZENG, Xi CAI, Peng

COEN 351 E-Commerce Security Essentials of Cryptography.

Cryptography, Authentication and Digital Signatures

Trusted Platform Modules for Encrypted File System Access Control Steven Houston & Thomas Kho CS 252 May 9, 2007 Steven Houston & Thomas Kho CS 252 May.

Enabling Dynamic Data and Indirect Mutual Trust for Cloud Computing Storage Systems.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Network Security Lecture 10 Presented by: Dr. Munam Ali Shah.

Strong Security for Distributed File Systems Group A3 Ka Hou Wong Jahanzeb Faizan Jonathan Sippel.

Presented by: Suparita Parakarn Kinzang Wangdi Research Report Presentation Computer Network Security.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

CSCI 3140 Module 6 – Database Security Theodore Chiasson Dalhousie University.

Csci5233 computer security & integrity 1 Cryptography: an overview.

Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.

Software Security Seminar - 1 Chapter 10. Using Algorithms 조미성 Applied Cryptography.

Applied cryptography Project 2. 2CSE539 Applied Cryptography A demo Chat server registration Please enter a login name : > Alice Please enter the.

COEN 351 E-Commerce Security

Key Management. Authentication Using Public-Key Cryptography  K A +, K B + : public keys Alice Bob K B + (A, R A ) 1 2 K A + (R A, R B,K A,B ) 3 K A,B.

1 Introduction to NTFS Permissions Assign NTFS permissions to specify Which users and groups can gain access to folders and files What they can do with.

MM Clements Cryptography. Last Week Firewalls A firewall cannot protect against poor server, client or network configuration A firewall cannot.

SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.

Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud.

Security. Cryptography (1) Intruders and eavesdroppers in communication.

Growing Secure Distributed Systems from a Spore Yunus Basagalar, Vassilios Lekakis and Pete Keleher University of Maryland, College Park.

Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

1 Network Security. 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content.

Key management issues in PGP

Introduction to NTFS Permissions

Computer Communication & Networks

pVault Sharing Architecture

Certificates An increasingly popular form of authentication

Shielding applications from an untrusted cloud with Haven

Marco Casassa Mont Keith Harrison Martin Sadler

Content Distribution Network

Operating Systems Concepts

Introduction to Cryptography

Outline for today Oceanstore: An architecture for Global-Scale Persistent Storage – University of California, Berkeley. ASPLOS 2000 Feasibility of a Serverless.

Presentation transcript:

A Folder Tree Structure for Cryptographic File Systems Dominik Grolimund, Luzius Meisser, Stefan Schmid, Roger Wattenhofer Computer Engineering and Networks Laboratory (TIK), ETH Zurich SRDS 06 October 3, Leeds, UK Cryptree Distributed Computing Group

2 / 25 Cryptree -A key management scheme developed for Kangoo, our distributed file system -Manages encryption keys of files and folders -Leverages the file systems folder hierarchy to achieve intuitive semantics and efficiency

3 / 25 Outline  Motivation  Basics  Cryptree  Performance  Discussion

4 / 25 Motivation Kangoo: a large-scale distributed file system (comparable to OceanStore, Celeste, CFS…) Problem: Enforcement & management of access rights on untrusted (but reliable) storage  We cannot trust the storage device to keep our data secret  Everything needs to be encrypted  We need a clever key management scheme

5 / 25 Motivation Existing ideas: -Server enforces access rights  not feasible here -Classic Access Control List (CACL) Approach, found in systems like Plutus, SiRiUs, OceanStore (?) -Many papers about hierarchical key management in general, focus on crypographic aspects

6 / 25 Talk Outline  Motivation  Basics  Cryptree  Performance  Discussion

7 / 25 Basics: Access Control with Keys -Read Access Control: Items are encrypted such that only legitimate accessors can decrypt them -Write Access Control: A sign/verify key pair is used to prove the legitimacy of write operations

8 / 25 Basics: Lazy Revocation When someone loses access to an item, that item needs to be encrypted with a new key in order to prevent the former accessor to access the item in future. Lazy revocation allows to postpone this (expensive) reencryption until the next update of the item.  Better performance at the price of slightly lower security. An adversary and former accessor of an item could continue to access it if he has kept a copy of the encryption key. Without lazy revocation, he would have had to keep a copy of the item itself to do so.

9 / 25 Basics: CACL-Approach The classic, access-control-list based approach: Access control is managed for each item individually. To grant Bob access to an item, the access key is encrypted with Bobs public key and attached to that item. egypt images cancun projects alice sunset.jpg trip jeep.jpg maya.jpg audio Bob

10 / 25 Basics: CACL-Approach Problems with CACL: -When granting u users access to f files, n*f access control list entries need to be created -On structural changes, access rights need to be adjusted or they will get scattered -No confidentiality of access rights

11 / 25 Outline  Motivation  Basics  Cryptree  Performance  Discussion

12 / 25 Cryptree: Semantics Dynamic Inheritance of Access Rights Downwards: full, recursive Upwards: limited, ancestor names

13 / 25 Cryptree: Cryptographic Links Knowing K1 and the link allows to derive K2 Symmetric Link: symmetric cryptography, requires knowledge of K1 to update Asymmetric Link: asymmetric cryptography, K2 can be replaced without knowing K1  More flexible than symmetric link, but expensive

14 / 25 Cryptree: Read Access Clearance Key, revealed to grant access Subfolder Key  Subfolders Files Key  Files in folder Backlink Key Data Key  Folder name

15 / 25 Cryptree: Read Access Benefits: Grant recursive access by only revealing one key Anonymous access, even writers do not need to know other accessors Access rights are implicitely updated when structure changes

16 / 25 Cryptree: Read Access Whole read access structure

17 / 25 Write Access Cryptree Similar to read access tree

18 / 25 Cryptree: Operations When someone loses read access as a result of an operation, the involved items need to be reencrypted. We do this lazily on their next change (lazy revocation).

19 / 25 Outline  Motivation  Basics  Cryptree  Evaluation  Discussion

20 / 25 Performance Besides its semantical advantages, the Cryptree should also perform better than the CACL-Approach. We wrote sandbox implementations of different approaches and let them perform a given set of operations. Test set: 30‘000 files (avg. size 2.5 MB), 2‘500 folders, 1‘000‘000 operations (ordered by likelihood: read, create, delete, move, modify, grant access, revoke access, grant write access, revoke write access)

21 / 25 Performance Time spent for key management per operation

22 / 25 Performance Total processing time spent for cryptography per operation

23 / 25 Outline  Motivation  Basics  Cryptree  Performance  Discussion

24 / 25 Discussion: Conclusions We have leveraged the file systems folder hierarchy for key management and achieved -Intuitive Access Control Semantics -Efficiency -Simplicity, no elaborate cryptographic knowledge required

25 / 25 Discussion: Questions ?